CVS: cvs.openbsd.org: src

[Jonathan Gray]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2019/06/07 20:52:20

Modified files:
sys/arch/i386/stand/boot: conf.c 
sys/arch/i386/stand/libsa: exec_i386.c 
sys/arch/amd64/stand/boot: conf.c 
sys/arch/amd64/stand/libsa: exec_i386.c 

Log message:
When loading intel microcode in the non-efi case, error if the file is
larger than 256KB not 128KB to cope with the 06-8e-09 microcode which is
currently 193KB.

Reported and tested by Paul de Weerd.  Matches a diff from claudio@

CVS: cvs.openbsd.org: src

[Lawrence Teo]

CVSROOT:/cvs
Module name:src
Changes by: l...@cvs.openbsd.org2019/06/07 20:22:07

Modified files:
share/man/man5 : bsd.port.mk.5 

Log message:
Fix two minor errors in the recent PERMIT_* commit:

* Add a missing comma
* "cdrom" should be "CD-ROMs"

ok espie@ jmc@

CVS: cvs.openbsd.org: src

[Darren Tucker]

CVSROOT:/cvs
Module name:src
Changes by: dtuc...@cvs.openbsd.org 2019/06/07 16:56:37

Modified files:
lib/libc/hash  : sha1.c sha2.c 

Log message:
Cast bitcount to u_in64_t before bit shifting to prevent integer overflow
on 32bit platforms which cause incorrect results when adding a block
>=512M in size.  sha1 patch from ante84 at gmail.com via openssh github,
sha2 with djm@, ok tedu@

CVS: cvs.openbsd.org: src

[Jason McIntyre]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2019/06/07 14:52:13

Modified files:
share/man/man4 : ukspan.4 usb.4 

Log message:
ukspan.4: add OpenBSD id
usb.4: sort ukspan entry and sync with Nd

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2019/06/07 14:46:25

Modified files:
lib/libcrypto/man: BN_generate_prime.3 BN_rand.3 
   DH_generate_key.3 DH_generate_parameters.3 
   DSA_do_sign.3 DSA_generate_key.3 
   DSA_generate_parameters.3 DSA_sign.3 
   EVP_BytesToKey.3 EVP_OpenInit.3 
   EVP_SealInit.3 PKCS5_PBKDF2_HMAC.3 

Log message:
Remove the last references to the RAND_*(3) functions.
These references were misleading because these functions are no
longer used internally and applications should not call them either.
Issue brought up by tb@.

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2019/06/07 14:09:16

Modified files:
lib/libcrypto/man: evp.3 

Log message:
link to EVP_EncodeInit(3), which was the only missing child page

CVS: cvs.openbsd.org: src

[Nicholas Marriott]

CVSROOT:/cvs
Module name:src
Changes by: n...@cvs.openbsd.org2019/06/07 14:09:17

Modified files:
usr.bin/tmux   : server-client.c server.c tmux.h 

Log message:
Do not load the config file if the server is exiting because it failed
to start, otherwise commands like lsk which start the server again can
end up looping infinitely. Also make the first client exit
correctly. Problem reported by Wael M Nasreddine.

CVS: cvs.openbsd.org: www

[Stuart Henderson]

CVSROOT:/cvs
Module name:www
Changes by: st...@cvs.openbsd.org   2019/06/07 14:07:48

Modified files:
faq: current.html 

Log message:
I had to rollback to an older MariaDB and then roll forward again when
updating because the old version hadn't shutdown cleanly first; add some
upgrade notes in the hope it stops others from having to do the same.

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2019/06/07 13:59:11

Modified files:
lib/libcrypto/man: EVP_PKEY_new.3 

Log message:
link back to evp(3), just like for the other group entry pages

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2019/06/07 13:40:35

Modified files:
lib/libcrypto/man: HMAC.3 PKCS5_PBKDF2_HMAC.3 

Log message:
Remove pointless direct backlinks from the leaf pages HMAC(3) and
PKCS5_PBKDF2_HMAC(3) to the top level page evp(3).  The leaf pages
still have backlinks to the group entry page EVP_DigestInit(3),
which is enough.
Redundancy and asymmetry pointed out by tb@.

CVS: cvs.openbsd.org: src

[Ingo Schwarze]

CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2019/06/07 13:28:52

Modified files:
lib/libcrypto/man: d2i_PKCS8PrivateKey_bio.3 evp.3 
   PKCS7_decrypt.3 

Log message:
remove cross-references to the obsolete function OpenSSL_add_all_algorithms(3)

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2019/06/07 11:45:53

Modified files:
distrib/sets/lists/man: mi 

Log message:
sync

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2019/06/07 10:27:47

Modified files:
libexec/ld.so  : loader.c 

Log message:
make gc workaround compile on non-clang

CVS: cvs.openbsd.org: src

[joshua stein]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2019/06/07 10:07:00

Modified files:
sys/arch/amd64/conf: GENERIC 
sys/dev/usb: files.usb 
share/man/man4 : Makefile ucom.4 usb.4 
Added files:
sys/dev/usb: ukspan.c 
share/man/man4 : ukspan.4 

Log message:
add ukspan(4), a driver for the Keyspan USA19HS USB serial adapter

written by Cody Cutler 

CVS: cvs.openbsd.org: src

[joshua stein]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2019/06/07 10:06:08

Modified files:
sys/dev/usb: usbdevs.h usbdevs_data.h 

Log message:
regen

CVS: cvs.openbsd.org: src

[joshua stein]

CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2019/06/07 10:05:55

Modified files:
sys/dev/usb: usbdevs 

Log message:
add Keyspan USA-19HS

CVS: cvs.openbsd.org: src

[Mark Kettenis]

CVSROOT:/cvs
Module name:src
Changes by: kette...@cvs.openbsd.org2019/06/07 09:40:42

Modified files:
sys/dev/acpi   : acpi.c acpivar.h 

Log message:
Introduce acpi_getsta() and use it to eliminate some duplicated code.

ok patrick@

CVS: cvs.openbsd.org: src

[Stuart Henderson]

CVSROOT:/cvs
Module name:src
Changes by: st...@cvs.openbsd.org   2019/06/07 09:09:44

Modified files:
lib/libssl : Tag: OPENBSD_6_5 ssl_tlsext.c 

Log message:
MFC libssl fix - rev 1.49 (commitid: DLpHk0vyoFEK0Baa)
---
Relax parsing of TLS key share extensions on the server.

The RFC does not require X25519 and it also allows clients to send an empty
key share when the want the server to select a group. The current behaviour
results in handshake failures where the client supports TLS 1.3 and sends a
TLS key share extension that does not contain X25519.
---

(this fixes server side in some cases with TLS 1.3 clients with what
would normally be unusual config - however triggered by recent Firefox
packages on Fedora, https://bugzilla.redhat.com/show_bug.cgi?id=1713777)

CVS: cvs.openbsd.org: src

[Stuart Henderson]

CVSROOT:/cvs
Module name:src
Changes by: st...@cvs.openbsd.org   2019/06/07 09:04:06

Modified files:
usr.sbin/bgpd  : Tag: OPENBSD_6_5 kroute.c 

Log message:
MFC bgpd fix - rev 1.236 (commitid: cMekh4Uss55PgVUe)

Fix reloading of network statements that have no fixed prefix specification.
The return value of kr_net_redist_add() was not as intended and so
kr_redistribute() removed those networks on config reloads.

CVS: cvs.openbsd.org: src

[Stuart Henderson]

CVSROOT:/cvs
Module name:src
Changes by: st...@cvs.openbsd.org   2019/06/07 09:03:17

Modified files:
usr.sbin/bgpd  : Tag: OPENBSD_6_5 parse.y 

Log message:
MFC bgpd fix - rev 1.389 (commitid: sS30LBpY2rPoMUFf)

Also check the type of a network statement when looking for duplicates.
Fixes adding network 0.0.0.0/0 after network inet static.

CVS: cvs.openbsd.org: src

[Stuart Henderson]

CVSROOT:/cvs
Module name:src
Changes by: st...@cvs.openbsd.org   2019/06/07 09:02:29

Modified files:
usr.sbin/bgpd  : Tag: OPENBSD_6_5 rde_update.c 

Log message:
MFC bgpd fix - rev 1.110 (commitid: caT0IdwFlZr7OxNo)

fix export default-route.

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2019/06/07 08:39:57

Modified files:
distrib/alpha/miniroot: list 
distrib/amd64/ramdiskA: Makefile 
distrib/amd64/ramdisk_cd: Makefile 
distrib/arm64/ramdisk: list 
distrib/armv7/ramdisk: list 
distrib/hppa/ramdisk: list 
distrib/i386/ramdisk: Makefile 
distrib/i386/ramdisk_cd: Makefile 
distrib/landisk/ramdisk: list 
distrib/loongson/ramdisk: list 
distrib/luna88k/ramdisk: list 
distrib/macppc/ramdisk: list 
distrib/octeon/ramdisk: list 
distrib/sgi/ramdisk: list 
distrib/sparc64/miniroot: list 
distrib/sparc64/ramdisk: list 
distrib/sparc64/ramdiskB: list 
Added files:
distrib/amd64/ramdiskA: list 
distrib/amd64/ramdisk_cd: list 
distrib/i386/ramdisk: list 
distrib/i386/ramdisk_cd: list 
Removed files:
distrib/amd64/common: list 
distrib/amd64/ramdiskA: list.local 
distrib/amd64/ramdisk_cd: list.local 
distrib/i386/common: list 
distrib/i386/ramdisk: list.local 
distrib/i386/ramdisk_cd: list.local 
distrib/miniroot: list 

Log message:
eliminate differences between all the list files as much as
possible, and remove the failed previous attempts at sharing
in ./miniroot and ./ramdisk.  maybe now that differences are
eliminated we can start a new sharing effort?  i dunno..

CVS: cvs.openbsd.org: src

[Theo de Raadt]

CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2019/06/07 08:38:42

Modified files:
distrib/miniroot: makeconf.awk 

Log message:
Add -lz to the library list, since one architecture (armv7) needs it and
there is no downside for others.

CVS: cvs.openbsd.org: src

[Darren Tucker]

CVSROOT:/cvs
Module name:src
Changes by: dtuc...@cvs.openbsd.org 2019/06/07 08:18:48

Modified files:
usr.bin/ssh: channels.c packet.c readconf.c umac.h 

Log message:
Typo and spelling fixes in comments and error messages.  Patch from
knweiss at gmail.com via -portable.

CVS: cvs.openbsd.org: src

[Florian Obser]

CVSROOT:/cvs
Module name:src
Changes by: flor...@cvs.openbsd.org 2019/06/07 05:46:33

Modified files:
sbin/slaacd: engine.c 

Log message:
Reyk's ISP sends him router advertisements from non-link local
addresses about every 10 - 30 seconds. Reduce log level to debug to
stop the syslog spam.
OK reyk

CVS: cvs.openbsd.org: src

[ASOU Masato]

CVSROOT:/cvs
Module name:src
Changes by: a...@cvs.openbsd.org2019/06/07 04:55:41

Modified files:
lib/libkvm : kvm_proc2.c 

Log message:
fix print not specified process.

ok guenther@ yasuoka@

CVS: cvs.openbsd.org: src

[Claudio Jeker]

CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2019/06/07 03:45:48

Modified files:
usr.sbin/bgpd  : rde_update.c bgpd.conf.5 

Log message:
Refactor up_get_nexthop() to work for all AFI/SAFI cases. Additionally
clean up the possible nexthop overrides to better match the RFC.
- set nexthop self is still overriding all other decisions
- set nexthop no-modify has only relevance for ebgp multihop links
Instead of using the router locall address the nexthop is passed unmodified
- set nexthop  depends on BGP session type
* for IBGP sessions the address will be used unless it is the same as the
remote peers address
* for directly connected EBGP sessions the address is only used if the IP
is part of the connected network (no matter what other flags are used).
* for multihop EBGP sessions it depends if no-modify was also set
Adjust manual page to explain this properly.
"probably OK" job@

CVS: cvs.openbsd.org: www

[Florian Obser]

CVSROOT:/cvs
Module name:www
Changes by: flor...@cvs.openbsd.org 2019/06/07 02:16:17

Modified files:
faq: current.html 

Log message:
Mention acme-client api url change

CVS: cvs.openbsd.org: src

[Florian Obser]

CVSROOT:/cvs
Module name:src
Changes by: flor...@cvs.openbsd.org 2019/06/07 02:08:30

Modified files:
etc/examples   : acme-client.conf 

Log message:
Switch to v02 api url.

CVS: cvs.openbsd.org: src

[Florian Obser]

CVSROOT:/cvs
Module name:src
Changes by: flor...@cvs.openbsd.org 2019/06/07 02:07:52

Modified files:
usr.sbin/acme-client: acctproc.c acme-client.1 certproc.c 
  extern.h http.c http.h json.c main.c 
  netproc.c 

Log message:
Implement RFC 8555 "Automatic Certificate Management Environment
(ACME)" to be able to talk to the v02 Let's Encrypt API.

With this acme-client(1) will no longer be able to talk to the v01
API. Users must change the api url in /etc/acme-client.conf to
https://acme-v02.api.letsencrypt.org/directory
Existing accounts (and certs of course) stay valid and after the url
change acme-client will be able to renew certs.

Tested by Renaud Allard and benno
Input & OK benno

CVS: cvs.openbsd.org: src

[Mark Lumsden]

CVSROOT:/cvs
Module name:src
Changes by: l...@cvs.openbsd.org2019/06/07 01:54:05

Modified files:
usr.bin/mg : util.c 

Log message:
Amend showcpos() to show more information about how mg is operating.
The additions help while developing mg by not having to go into gdb to
see somethings mg believes about itself. The extra data shown could be
removed in future, but it is benign so perhaps it could stay.

Also, do not fake a '\n' on the end of buffer. It is confusing.
However do not change the lie about '\n' being on the end of every
line within the buffer. Hopefully, one day, that will no longer be a
lie.

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2019/06/07 00:53:15

Modified files:
sys/dev/pci: if_mcx.c 

Log message:
make struct mcx_cq_entry a bit closer to reality

this puts the timestamp, rx drops, and hash fields in the right place.

ok jmatthew@

CVS: cvs.openbsd.org: src

[David Gwynne]

CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2019/06/07 00:47:41

Modified files:
sys/dev/pci: if_mcx.c 

Log message:
have mcx_process_rx return the number of slots it made free

this is instead of passing a pointer to the counter.

while here use byte swapping loads and stores, which is mostly a
nop cos i dont think we have an LE arch with swapping memory
operations.

ok jmatthew@