CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 22:41:37
Modified files:
usr.bin/file : file.c
Log message:
The file(1) magic-parsing process was using pledge "stdio getpw proc recvfd"
early on, then a set of getpwnam/setresuid/... before qui
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 22:36:10
Modified files:
usr.sbin/smtpd : smtpd.c
Log message:
smtpd starts rather robustly with a gigantic pledge request group (keep
in mind that a gigantic group is already < ~50% of POSIX). I
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 22:31:10
Modified files:
sys/sys: pledge.h
sys/kern : kern_pledge.c
Log message:
Add pledge "id" support. This request permits setuid/seteuid/setresuid,
setgid/setegid/setr
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2015/10/16 19:01:09
Modified files:
usr.sbin/route6d: route6d.c
Log message:
route6d pledges to use only "stdio rpath wpath cpath inet route mcast"
ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2015/10/16 18:58:50
Modified files:
sys/kern : kern_pledge.c
Log message:
Allow a few 'get' ioctls for pledge("route"). route6d will soon use this.
ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2015/10/16 18:38:57
Modified files:
usr.sbin/rebound: rebound.c
Log message:
don't need fcntl for non blocking socket, just ask for it upfront
CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2015/10/16 18:19:58
Modified files:
usr.bin/mandoc : libmdoc.h mdoc_argv.c mdoc_macro.c roff.h
regress/usr.bin/mandoc/mdoc/Bl: column.in column.out_ascii
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 17:18:59
Modified files:
bin/ksh: emacs.c
Log message:
Change x_do_ins()'s arg type from int to size_t for correctness's sake,
and to silence a compiler warning. Also remove its prototype,
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 17:13:35
Modified files:
bin/ksh: alloc.c
Log message:
Move the overflow check to alloc() so that the link struct overhead can
never bite us.
Suggested by Theo Buehler, inspired by Bitrig
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 17:09:53
Modified files:
usr.sbin/rarpd : rarpd.c
Log message:
use daemon(), jca had the same diff in his tree
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2015/10/16 17:00:01
Modified files:
sys/kern : kern_pledge.c
Log message:
Also allow 6 as a miblen for NET_RT_DUMP, not all users specify a rtable.
ok deraadt@
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 16:54:15
Modified files:
usr.sbin/vipw : vipw.c
Log message:
pledge "stdio rpath wpath cpath fattr proc exec"
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 16:54:35
Modified files:
usr.sbin/pwd_mkdb: pwd_mkdb.c
Log message:
pledge "stdio rpath wpath cpath getpw fattr flock"
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 16:53:32
Modified files:
usr.sbin/zic : zic.c
Log message:
pledge "stdio rpath wpath cpath proc exec".
CVSROOT:/cvs
Module name:src
Changes by: flor...@cvs.openbsd.org 2015/10/16 16:47:12
Modified files:
sbin/ping6 : ping6.c ping6.8
Log message:
Remove RFC 4620 support. The RFC is experimental and this code plain
needs killing before the installed user base excedes 6.
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2015/10/16 16:32:22
Modified files:
usr.bin/ssh: dh.h
Log message:
increase the minimum modulus that we will send or accept in
diffie-hellman-group-exchange to 2048 bits; ok markus@
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 16:25:50
Modified files:
libexec/getty : main.c
Log message:
Hoist clearing of FIOASYNC to much earlier, then getty can use
pledge "stdio rpath fattr proc exec tty".
CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2015/10/16 15:35:17
Modified files:
usr.bin/mandoc : main.c
Log message:
Once apropos(1) or man(1) are done with database access, or if the
program was called as mandoc(1) in the first place, remove
CVSROOT:/cvs
Module name:src
Changes by: st...@cvs.openbsd.org 2015/10/16 15:13:33
Modified files:
usr.sbin/smtpd : ioev.c smtp_session.c ssl.c
Log message:
Use SSL_get_version() not SSL_get_cipher_version(); the former gives the TLS
version used for the connection, the
CVSROOT:/cvs
Module name:src
Changes by: gil...@cvs.openbsd.org 2015/10/16 14:54:56
Modified files:
usr.sbin/smtpd : smtpd.c
Log message:
add flock to pledge request, needed by delivery_filename
ok millert@
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2015/10/16 14:43:27
Modified files:
usr.sbin/route6d: route6d.c
Log message:
Unbreak route6d.
Instead of breaking sendmsg(2) by adding unneeded space to its cmsg
item, add space to the cmsg used by recvmsg(
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2015/10/16 14:25:09
Modified files:
usr.sbin/rebound: rebound.c
Log message:
save some file descriptors. instead of a pipe, use kevent to watch parent
CVSROOT:/cvs
Module name:src
Changes by: flor...@cvs.openbsd.org 2015/10/16 14:11:59
Modified files:
sbin/ping6 : ping6.8
Log message:
No longer talk about -b flag, it's gone.
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2015/10/16 14:12:06
Modified files:
usr.sbin/rebound: rebound.c
Log message:
naddy would like the child to exit when the parent dies.
hook up a pipe between them and watch for eof in the child.
CVSROOT:/cvs
Module name:src
Changes by: ajacou...@cvs.openbsd.org 2015/10/16 14:12:00
Modified files:
etc/rc.d : rc.subr
Log message:
Missing local.
ok schwarze@
CVSROOT:/cvs
Module name:src
Changes by: ajacou...@cvs.openbsd.org 2015/10/16 13:55:39
Modified files:
usr.sbin/sysmerge: sysmerge.8 sysmerge.sh
Log message:
Drop usage of TMPDIR.
While here, stop refering to /tmp/sysmerge.XX, that's a script
internal we don
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 13:33:15
Modified files:
distrib/sets/lists/base: mi
Log message:
sync
CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2015/10/16 13:21:05
Modified files:
regress/usr.bin/mandoc/mdoc/Bl: column.in column.out_ascii
column.out_lint
Log message:
test mixing of tabs with Ta
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 13:07:24
Modified files:
sys/kern : kern_sched.c
Log message:
Make sched_barrier() use its own task queue to avoid deadlocks.
Prevent a deadlock from occuring when intr_barrier() is called
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2015/10/16 12:47:53
Modified files:
usr.sbin/rebound: rebound.c
Log message:
life is simpler if all requests go in the fifo, and then just remove them
in the error case instead of duplicating code.
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2015/10/16 12:40:49
Modified files:
usr.bin/ssh: ssh.c
Log message:
better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in hostname
canonicalisation - treat them as already canonical and remove the
tr
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2015/10/16 12:38:53
Modified files:
usr.sbin/rebound: rebound.c
Log message:
deraadt tells me i'm supposed to check if connect() actually worked.
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2015/10/16 12:29:05
Modified files:
usr.sbin/rebound: rebound.c
Log message:
two phase handling for tcp so that slow connects don't stall the process
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 12:21:43
Modified files:
usr.bin/mail : fio.c
Log message:
Cast isspace() argument to unsigned char.
ok jca@
CVSROOT:/cvs
Module name:src
Changes by: flor...@cvs.openbsd.org 2015/10/16 12:17:12
Modified files:
sbin/ping6 : ping6.8 ping6.c
Log message:
Move -t and -w functionality to -a. Both flags are in the way for a
merge with ping(8). Let's see if we can shove every weird
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 11:56:07
Modified files:
usr.bin/mail : aux.c cmd2.c cmd3.c fio.c lex.c list.c names.c
popen.c strings.c temp.c vars.c
Log message:
Modernize allocation by:
* removing
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 11:14:04
Modified files:
bin/ksh: emacs.c
Log message:
Cast iscntrl()'s arg to unsigned char.
ok nicm@
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 11:07:24
Modified files:
usr.bin/ssh: scp.c
Log message:
0 -> NULL when comparing with a char*.
ok dtucker@, djm@.
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 11:03:31
Modified files:
sys/kern : kern_pledge.c
Log message:
Repair the pty check for kernels without pty support.
CVSROOT:/cvs
Module name:src
Changes by: tob...@cvs.openbsd.org 2015/10/16 10:54:39
Modified files:
distrib/common : elfrd_size.c
lib/libc/gen : nlist.c
usr.sbin/installboot: i386_nlist.c
Log message:
Check file sizes only for regular files. The curre
CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org 2015/10/16 10:10:11
Modified files:
usr.sbin/syslogd: privsep.c
Log message:
Pledge the syslogd privsep process with "stdio rpath wpath cpath
inet dns getpw sendfd proc exec".
OK deraadt@
CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2015/10/16 09:54:56
Modified files:
etc: Makefile
Removed files:
etc/examples : hosts.lpd
Log message:
The hosts.lpd examples file does not contain a single example.
The file f
CVSROOT:/cvs
Module name:src
Changes by: t...@cvs.openbsd.org2015/10/16 09:35:05
Modified files:
usr.sbin/rebound: rebound.c
Log message:
save request length in cache. naddy noticed we weren't getting any hits.
CVSROOT:/cvs
Module name:src
Changes by: n...@cvs.openbsd.org2015/10/16 09:39:14
Modified files:
sys/kern : kern_pledge.c
Log message:
Allow PTMGET with "tty rpath wpath" but restrict only to /dev/ptm by
checking cdevsw. ok deraadt
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2015/10/16 09:15:39
Modified files:
lib/libssl/src/crypto/asn1: n_pkey.c
lib/libssl/src/crypto/ec: ec_asn1.c
lib/libssl/src/crypto/ecdsa: ecs_asn1.c
Log message:
Remove pointless externs -
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2015/10/16 09:12:30
Modified files:
lib/libssl/src/crypto/asn1: n_pkey.c
lib/libssl/src/crypto/ec: ec_asn1.c
lib/libssl/src/crypto/ecdsa: ecs_asn1.c
Log message:
Expand DECLARE_ASN1_ALLOC_F
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2015/10/16 09:09:28
Modified files:
lib/libssl/src/crypto/asn1: n_pkey.c
lib/libssl/src/crypto/ec: ec_asn1.c
lib/libssl/src/crypto/ecdsa: ecs_asn1.c
Log message:
Remove pointless uses of DE
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 08:45:16
Modified files:
bin/ksh: main.c
Log message:
wrap a long line
CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2015/10/16 08:23:22
Modified files:
lib/libssl/src/ssl: ssl_lib.c
Log message:
Fix use of pointer value after BIO_free, and remove senseless NULL checks.
ok bcook@
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 08:20:48
Modified files:
sys/kern : kern_pledge.c
Log message:
Always allow a r/w opening of /dev/null though the namei check. This
pattern is common, especially because of daemon(3) usage.
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 08:13:52
Modified files:
usr.sbin/rmt : rmt.c
Log message:
ugly white space
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 08:00:37
Modified files:
sys/kern : kern_pledge.c
Log message:
Place TIOCSTI reminder block better
CVSROOT:/cvs
Module name:src
Changes by: sema...@cvs.openbsd.org 2015/10/16 08:04:11
Modified files:
sys/kern : kern_pledge.c uipc_syscalls.c
sys/sys: pledge.h
Log message:
delete pledge_bind_check() function and remove pledge_bind_check() call from
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 07:59:58
Modified files:
sys/kern : kern_pledge.c
Log message:
For "tty" pledges, treat TIOCGPGRP and TIOCGWINSZ like TIOCGETA -
returning ENOTTY instead of killing the process.
On Thu, Oct 15, 2015 at 01:48:44PM -0600, Alexander Bluhm wrote:
> CVSROOT: /cvs
> Module name: src
> Changes by: bl...@cvs.openbsd.org 2015/10/15 13:48:44
>
> Modified files:
> sys/net: pf_lb.c
>
> Log message:
> When using a pf rule with both nat-to and rdr-to, it could
CVSROOT:/cvs
Module name:src
Changes by: tob...@cvs.openbsd.org 2015/10/16 07:54:45
Modified files:
distrib/common : elfrd_size.c
lib/libc/gen : nlist.c
usr.sbin/installboot: i386_nlist.c
Log message:
Merge nlist out of boundary access fix with other
CVSROOT:/cvs
Module name:www
Changes by: st...@cvs.openbsd.org 2015/10/16 07:45:39
Modified files:
build : mirrors.pl
Log message:
stop generating ftp:// URLs in the ftplist file, it's only for the installer
which now only does http
CVSROOT:/cvs
Module name:www
Changes by: st...@cvs.openbsd.org 2015/10/16 07:45:46
Modified files:
. : ftplist
Log message:
sync
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2015/10/16 07:49:53
Modified files:
lib/libtls : tls_init.3
Log message:
Put tls_config_verify_client_optional() in the right place.
CVSROOT:/cvs
Module name:src
Changes by: js...@cvs.openbsd.org 2015/10/16 07:48:44
Modified files:
lib/libtls : tls_init.3
Log message:
Fix tpyo.
CVSROOT:/cvs
Module name:src
Changes by: mill...@cvs.openbsd.org 2015/10/16 07:37:44
Modified files:
bin/ksh: main.c
libexec/login_skey: login_skey.c
sys/kern : kern_descrip.c kern_pledge.c vfs_syscalls.c
sys/sys: pledge.h
CVSROOT:/cvs
Module name:src
Changes by: b...@cvs.openbsd.org2015/10/16 06:41:29
Modified files:
lib/libssl/src/crypto/bn: bn.h
Log message:
actually include the prerequisite dependency for BIO instead of doing nastyness
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2015/10/16 06:36:03
Modified files:
sys/net: route.c
Log message:
If a DOWN route entry is passed to a L2 output function, be dumb and
simply use it.
In most of the cases doing a route lookup at thi
CVSROOT:/cvs
Module name:src
Changes by: s...@cvs.openbsd.org2015/10/16 06:17:38
Modified files:
sys/dev/pci: if_iwm.c
Log message:
Clean up iwm(4) scanning logic a bit: Reset sc_scanband in callers of
iwm_mvm_scan_request() and always call ieee80211_end_scan() wh
CVSROOT:/cvs
Module name:src
Changes by: s...@cvs.openbsd.org2015/10/16 06:17:58
Modified files:
sys/dev/pci: if_iwm.c
Log message:
Put some iwm(4) debug code into #ifdef IWM_DEBUG.
ok mpi@
CVSROOT:/cvs
Module name:src
Changes by: s...@cvs.openbsd.org2015/10/16 04:29:55
Modified files:
sys/dev/pci: if_iwm.c
Log message:
Oops, committed old version of previous diff with a typo in it: NLL -> NULL
CVSROOT:/cvs
Module name:src
Changes by: s...@cvs.openbsd.org2015/10/16 04:04:56
Modified files:
sys/dev/pci: if_iwm.c if_iwmreg.h
Log message:
In iwm(4), correctly size and map the mbuf used for large firmware commands.
Fixes occasional firmware errors while brin
Now someone should go in there and fix the ^Z support, because it is
broken.
ksh makes it seem to work right, but running it in csh shows the
tty is not being restored to the correct mode.
> Modified files:
> games/hack : config.h hh
>
> Log message:
> Disable !-command to escape to a
CVSROOT:/cvs
Module name:src
Changes by: n...@cvs.openbsd.org2015/10/16 01:43:29
Modified files:
usr.bin/tmux : cmd-capture-pane.c
Log message:
Don't free after calling paste_set but do after evbuffer_add, from Theo
Buehler.
CVSROOT:/cvs
Module name:src
Changes by: tob...@cvs.openbsd.org 2015/10/16 01:37:46
Modified files:
games/hack : config.h hh
Log message:
Disable !-command to escape to a shell. You are supposed to play, press
^Z, or open up another terminal if there is something els
CVSROOT:/cvs
Module name:src
Changes by: tob...@cvs.openbsd.org 2015/10/16 01:33:47
Modified files:
usr.bin/patch : Makefile patch.c pch.c pch.h
Added files:
usr.bin/patch : ed.c ed.h
Log message:
Add native support for ed-style diffs. No need to pledge "proc
CVSROOT:/cvs
Module name:src
Changes by: tob...@cvs.openbsd.org 2015/10/16 01:40:13
Modified files:
lib/libc/gen : nlist.c
Log message:
Validate parsed ELF values to prevent out of boundary accesses.
While at it, return proper return value when encountering a stripped
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2015/10/16 01:01:53
Modified files:
usr.bin/cu : cu.c
Log message:
doug and I think the kernel has enough features to support
pledge "stdio rpath wpath cpath getpw proc exec tty" now.
It will be hard to
73 matches
Mail list logo
