CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2017/11/27 23:55:49 Modified files: lib/libc/arch/i386/string: strcat.S strcpy.S lib/libc/compat-43: getwd.c lib/libc/stdio : mktemp.c sprintf.c tempnam.c tmpnam.c vsprintf.c lib/libc/stdlib: rand.c random.c lib/libc/string: stpcpy.c strcat.c strcpy.c wcscat.c wcscpy.c lib/libcrypto/evp: evp_enc.c Log message: GNU ld has prefixed the contents of .gnu.warning.SYMBOL sections with "warning: " since 2003, so the messages themselves need not contain the prefix anymore. >From Scott Cheloha ok jca, deraadt
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2017/11/27 23:51:19 Modified files: usr.bin/dc : dc.1 Log message: document that the 'e' command is non-portable; from kshe; ok jmc@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: guent...@cvs.openbsd.org2017/11/27 23:09:44 Modified files: sys/kern : kern_exit.c Log message: deadproc_mutex is only taken _before_ kernel_lock; exclude it from WITNESS checking as (our) witness code isn't smart enough to let that by. ok visa@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2017/11/27 23:09:38 Modified files: usr.bin/ssh: umac.c Log message: more whitespace errors
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: guent...@cvs.openbsd.org2017/11/27 23:05:16 Modified files: sys/sys: syscall.h syscallargs.h sys/kern : init_sysent.c syscalls.c Log message: sync
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2017/11/27 23:04:51 Modified files: usr.bin/ssh: umac.c Log message: whitespace at EOL
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: guent...@cvs.openbsd.org2017/11/27 23:03:41 Modified files: sys/kern : syscalls.master kern_ktrace.c lib/libc/sys : Makefile.inc ktrace.2 Log message: Delete fktrace(2). The consequences of it were not thought through sufficiently and at least one horrific security hole was the result. ok deraadt@ beck@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: bent...@cvs.openbsd.org 2017/11/27 22:25:14 Modified files: faq/ports : specialtopics.html Log message: Update mandoc links. >From Jan Stary; thanks!
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2017/11/27 21:35:39 Modified files: sys/dev/ic : ar5008.c athnreg.h Log message: The athn(4) PCI driver forgot about adding the default noisefloor to measured RSSI values. The same is already done for USB devices. RSSI values shown in ifconfig make sense now. ok kevlo@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2017/11/27 21:33:03 Modified files: sys/dev/ic : ar5008reg.h Log message: In athn(4), fix a comment which misidentifies the field where RSSI values occur. Add macros to access RSSI info in ds_status4 as well. ok kevlo@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: be...@cvs.openbsd.org 2017/11/27 18:54:25 Modified files: sbin/disklabel : editor.c Log message: in auto-allocation, increase size of /usr/src to 1.3G. Our tree is now 1.1G big. ok florian@, sure deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 18:51:47 Modified files: usr.sbin/relayd: relay.c relayd.h Log message: Introduce relay_reset_event() which closes and resets a relay connection. Currently this is only used by relay_close() but will be needed in near future. OK benno@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 18:39:49 Modified files: regress/sys/kern/pledge/pledgepath: syscalls.c Log message: copyright
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 18:24:23 Modified files: usr.sbin/relayd: relay.c relayd.h Log message: In TLS inspection mode we also need to keep the server tls object around. For this we need to add an additional pointer to the ctl_relay_event. Diff from Petri Mikkila (pmikkila at gmail) OK benno@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 18:21:30 Modified files: usr.sbin/httpd : httpd.conf.5 server.c Log message: Disable oscp stapling on invalid staple, rather than failing to start. ok claudio@ florian@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 17:20:23 Modified files: usr.sbin/relayd: ca.c Log message: relay_load_fd() is no longer clobering errno in the error case so use fatal() instead of fatalx()
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 17:17:56 Modified files: usr.sbin/relayd: relay.c Log message: Add space between to and read like in other DPRINTFs.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2017/11/27 16:39:03 Modified files: usr.bin/less : linenum.c Log message: Use CLOCK_MONOTONIC for the delay before printing "Calculating line numbers" from Scott Cheloha who's pushing this upstream. ok tb@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2017/11/27 16:21:50 Modified files: sys/net: pfvar.h sbin/pfctl : parse.y Log message: The divert structure was using the port number to indicate that divert-to or divert-reply was active. If the address was also set, it meant divert-to. Divert packet used a separate structure. This is confusing and makes it hard to add new features. It is better to have a divert type that explicitly says what is configured. Convert the pfctl(8) rule parser to divert types, kernel cleanup will be the next step. OK sashan@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 16:21:16 Modified files: usr.sbin/relayd: config.c parse.y relay.c relayd.conf.5 relayd.h Log message: Change the ecdhe curve configuration to the same way httpd is doing it. This removes 'no ecdh' and renames 'ecdh curve auto' to ecdhe default. The code uses now tls_config_set_ecdhecurves(3) so it is possible to specify multiple curves now. If people specified curves in their config they need to adjust their config now. OK beck@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2017/11/27 16:05:50 Modified files: usr.sbin/relayd: ca.c Log message: Make ca_launch error messages unique. OK claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 16:04:26 Modified files: usr.sbin/relayd: relay.c Log message: lseek/read is racy when there is multiple consumers. Use pread instead. Solves the startup issues seen by bluhm@. pread idea from guenther@. While there save the errno in the error case. OK bluhm@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: h...@cvs.openbsd.org2017/11/27 15:55:17 Modified files: sys/miscfs/fuse: fuse_vnops.c Log message: Change fusefs_link to return EPERM if the source file is a directory. Now aligns with link(2) man page and ffs regress tests. ok phessler@, jca@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2017/11/27 14:32:33 Modified files: usr.bin/dc : bcode.c Log message: Safer handling of the jump_table[] in dc's bcode.c Based on a diff sent to tech@ by kshe59 (at)zoho (dot) eu - thanks ok otto@, who also remembered to check the regression tests
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 14:09:55 Modified files: usr.sbin/relayd: relay.c Log message: Add a DPRINTF() in relay_error() that helped me out way too many times.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 14:06:26 Modified files: usr.sbin/relayd: ca.c config.c parse.y relay.c relayd.c relayd.h Log message: Use file descriptor passing to load certificates into the relays. Especially the ca file (having all the trusted certs in them) can be so big that loading via imsg fails. OK beck@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: s...@cvs.openbsd.org2017/11/27 13:54:38 Modified files: sys/net80211 : ieee80211_ioctl.c Log message: Stop reporting WPA and WEP keys back to userland. The kernel is not a password database; look your wifi keys up elsewhere. Discussed with several. ok phessler@ jca@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 13:16:12 Modified files: regress/sys/kern/pledge/pledgepath: syscalls.c Log message: decriptor relative openat() and chmod
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 12:44:40 Modified files: regress/sys/kern/pledge/pledgepath: syscalls.c Log message: readlink and friends
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 11:59:10 Modified files: regress/sys/kern/pledge/pledgepath: syscalls.c Log message: symlink and a couple more...
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2017/11/27 11:39:35 Modified files: sbin/iked : config.c iked.c iked.conf.5 iked.h ikev2.c ikev2_msg.c ikev2_pld.c parse.y pfkey.c policy.c types.h Log message: Implement MOBIKE (RFC 4555) support in iked(8), with us acting as responder. In practice this support means that clients like iPhones can roam in different networks (LTE, WiFi) and change their external addresses without having to re-do the whole handshake. It allows the client to choose how and when to change the external tunnel endpoint addresses on demand, depending on which network is better or even is connected at all. ok sthen@ tweaks from jmc@ tested by a handful
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 11:27:33 Modified files: regress/sys/kern/pledge/pledgepath: syscalls.c Log message: access and chflags
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 11:10:30 Added files: regress/sys/kern/pledge/pledgepath: Makefile syscalls.c Log message: Add the start of regression tests for upcoming pledgepath stuff. still some more to add, and we won't link into regress until later ok deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2017/11/27 11:09:12 src/regress/sys/kern/pledge/pledgepath Update of /cvs/src/regress/sys/kern/pledge/pledgepath In directory cvs.openbsd.org:/tmp/cvs-serv99928/pledgepath Log Message: Directory /cvs/src/regress/sys/kern/pledge/pledgepath added to the repository
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2017/11/27 10:35:49 Modified files: usr.sbin/relayd: relay.c Log message: Do not rip out the output buffer of the bufferevent. Instead just use an initial bufferevent_write_buffer() to write out the queued up HTTP request. OK benno@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: st...@cvs.openbsd.org 2017/11/27 09:53:04 Modified files: usr.sbin/bgpctl: bgpctl.c usr.sbin/acme-client: util.c parse.h sys/net: fq_codel.c sys/dev/pci: if_oce.c regress/usr.sbin/syslogd: funcs.pl regress/sys/kern/sosplice/tcp: args-reverse-long.pl Log message: lenght->length, mostly in comments
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: be...@cvs.openbsd.org 2017/11/27 09:25:50 Modified files: usr.sbin/relayd: relay_http.c Log message: rfc 7230 mandates that a "204 No Content" http status must not come with a Content-Lenght Header. Of course some servers still so it and send Content-Lenght: 0. Adjust accordingly. ok claudio@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2017/11/27 09:20:42 Modified files: sys/dev/pci/drm: drm_linux.h sys/dev/pci/drm/i915: intel_sprite.c Log message: Revise the linux sleeping compat code to avoid lock ordering problems. Based on a diff from mpi@. ok guenther@, mpi@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2017/11/27 08:41:30 Modified files: sys/netinet6 : nd6.c nd6.h Log message: Use a single timer for all ND6 entries. This prevents a use-after-free reported by Hrvoje Popovski where the timeout function was already sleeping on the NET_LOCK() when ifconfig(8) removed the enry from the table. By iterating on a global list in the timeout routine we ensure that the items are still valid when we process them. This also reduce differences with ARP. ok bluhm@, visa@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: h...@cvs.openbsd.org2017/11/27 06:15:56 Modified files: sys/miscfs/fuse: fuse_lookup.c Log message: Check access before creating a file or directory. input and ok mpi@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2017/11/27 06:13:19 Modified files: sbin/dhclient : dhclient.c Log message: Simplify lease_as_string() logic to use a single time_t variable and lease_[expiry|rebind|renewal]() functions.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: k...@cvs.openbsd.org2017/11/27 06:09:20 Modified files: sbin/dhclient : dhclient.c Log message: Fix pasto so lease_rebind() returns rebind value and not renewal value.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: h...@cvs.openbsd.org2017/11/27 05:54:13 Modified files: sys/miscfs/fuse: fuse_vnops.c Log message: When renaming a file, unlock the target vnode if the target file exists. ok mpi@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2017/11/27 02:23:44 Modified files: share/man/man9 : malloc.9 sys/ddb: db_command.c sys/sys: malloc.h Log message: Remove MALLOC_DEBUG left overs. >From Klemens Nanni.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2017/11/27 02:03:37 Modified files: sys/arch/macppc/conf: GENERIC RAMDISK Log message: Enable ne(4) at pcmcia. Tested by & diff from Donovan Watteau.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: su...@cvs.openbsd.org 2017/11/27 01:35:59 Modified files: usr.sbin/smtpd : control.c lka.c Log message: Show correct command execution status by checking against update operation return value. Issue reported by 'Zelest' (Jesper Wallin). Suggestions and ok eric@ gilles@.