Displaying 1 50 of 380,133 commits (0.020s)

OpenBSD — usr.bin/rdistd server.c

Use password/group cache functions and avoid stashing a pointer to
the return value of getgrgid(3) or getgrnam(3) which relies on
undefined behavior.  The rdist server will now use getgroups(2) to
determine group membership of the invoking user.  In addition, there
is now one implementation of tilde expansion instead of two.
OK tb@ tim@
Delta File
+20 -32 usr.bin/rdistd/server.c
+20 -32 1 file

OpenBSD — usr.bin/rdist common.c expand.c

Use password/group cache functions and avoid stashing a pointer to
the return value of getgrgid(3) or getgrnam(3) which relies on
undefined behavior.  The rdist server will now use getgroups(2) to
determine group membership of the invoking user.  In addition, there
is now one implementation of tilde expansion instead of two.
OK tb@ tim@

OpenBSD — sbin/sysctl sysctl.c

Stop displaying vfsconf reference counts so that the vfc_refcount field
can be removed from struct mount.

As a result of this diff, arrays vfsname[] and vfsvars[] are indexed
by filesystem typenum. This makes the vfs_typenums[] array redundant.

OK bluhm@ mpi@
Delta File
+8 -65 sbin/sysctl/sysctl.c
+8 -65 1 file

OpenBSD — sbin/disklabel disklabel.8 editor.c

Increase /usr/local max size to 20 GB in default template
ok krw@ deraadt@ jca@

OpenBSD — usr.sbin/vmctl vmctl.8

Add explanations about vmctl send command

ok jmc@ jca@ mlarkin@
mdoc tip from bentley@
Delta File
+9 -2 usr.sbin/vmctl/vmctl.8
+9 -2 1 file

OpenBSD — usr.bin/ssh clientloop.c ssh_config.5

Allow ssh_config ForwardX11Timeout=0 to disable the timeout and allow
X11 connections in untrusted mode indefinitely. ok dtucker@
Delta File
+28 -15 usr.bin/ssh/clientloop.c
+5 -1 usr.bin/ssh/ssh_config.5
+33 -16 2 files

OpenBSD — sys/arch/macppc/conf GENERIC

Enable bwfm(4) in GENERIC on macppc.
Tested by Christian Hammerschmidt.
Delta File
+2 -1 sys/arch/macppc/conf/GENERIC
+2 -1 1 file

OpenBSD — usr.bin/ssh sshd.c

when compiled with GSSAPI support, cache supported method OIDs by
calling ssh_gssapi_prepare_supported_oids() regardless of whether
GSSAPI authentication is enabled in the main config.

This avoids sandbox violations for configurations that enable GSSAPI
auth later, e.g.

Match user djm
        GSSAPIAuthentication yes

bz#2107; ok dtucker@
Delta File
+2 -3 usr.bin/ssh/sshd.c
+2 -3 1 file

OpenBSD — usr.bin/ssh authfile.c

In sshkey_in_file(), ignore keys that are considered for being too
short (i.e. SSH_ERR_KEY_LENGTH). These keys will not be considered to
be "in the file". This allows key revocation lists to contain short
keys without the entire revocation list being considered invalid.

bz#2897; ok dtucker
Delta File
+10 -4 usr.bin/ssh/authfile.c
+10 -4 1 file

OpenBSD — usr.sbin/bgpd parse.y

Both AS 23456 and AS 0 are reserved and can nor be used. Extend check for
AS 0 and adjust yyerror message to print the right number.
With input and OK denis@
Delta File
+5 -5 usr.sbin/bgpd/parse.y
+5 -5 1 file

OpenBSD — etc/signify openbsd-65-fw.pub

6.5 firmware key
Delta File
+2 -0 etc/signify/openbsd-65-fw.pub
+2 -0 1 file

OpenBSD — usr.sbin/bgpd parse.y

better yyerror messages. "syntax error" is generally not very helpful.
OK denis@
Delta File
+4 -4 usr.sbin/bgpd/parse.y
+4 -4 1 file

OpenBSD — share/man/man4 pci.4

update rtwn;
Delta File
+3 -3 share/man/man4/pci.4
+3 -3 1 file

OpenBSD — regress/usr.sbin/bgpd/config bgpd.conf.9.ok bgpd.conf.9.in

Basic testing of roa-sets.

OpenBSD — usr.sbin/bgpd parse.y

Move setting of the PREFIXSET_FLAG_OPS higher up since prefixset_item rule
is now also used by roa-set. Also set the prefix operation for roa-set
items to OP_NONE since that what it actually needs to be.
Delta File
+7 -4 usr.sbin/bgpd/parse.y
+7 -4 1 file

OpenBSD — regress/usr.sbin/bgpd/config bgpd.conf.7.in bgpd.conf.7.ok

Add some more prefix-set test cases. Mainly to test edge cases in the RB
tree implementation now used.

OpenBSD — usr.sbin/bgpd parse.y rde.c

Implement code to parse, print and reload roa-set tables.
This is sharing a lot of code with prefixset which makes all a bit easier.
A roa-set is defined like this:
roa-set "test2" {
  1.2.3.0/24 source-as 1,
  1.2.8.0/22 maxlen 24 source-as 3
}
No support for acting on this data yet.
Put it in deraadt@, OK benno@, input and OK denis@

OpenBSD — usr.bin/ssh ssh_config.5 ssh.c

Treat connections with ProxyJump specified the same as ones with a
ProxyCommand set with regards to hostname canonicalisation (i.e.
don't try to canonicalise the hostname unless CanonicalizeHostname
is set to 'always').

Patch from Sven Wegener via bz#2896
Delta File
+5 -3 usr.bin/ssh/ssh_config.5
+3 -4 usr.bin/ssh/ssh.c
+8 -7 2 files

OpenBSD — distrib/armv7/miniroot/am335x Makefile, distrib/armv7/ramdisk list

U-Boot 2018.05 and later will attempt to load a dtb for PocketBeagle if
the hardware is detected.  Add this to the miniroot/ramdisk.
requires dtb 4.18

U-Boot 2018.09 and later will load a dtb for 'SanCloud BeagleBone
Enhanced' if required which will be in dtb 4.19 after linux 4.19 is
released and can be added then.

OpenBSD — share/man/man4 rtwn.4

mention RTL8188EE support
Delta File
+8 -6 share/man/man4/rtwn.4
+8 -6 1 file

OpenBSD — sys/dev/ic r92creg.h rtwn.c, sys/dev/pci if_rtwn.c

Add support for RTL8188EE.

This needs a new firmware image, which should be added to the rtwn
firmware package shortly.

testing and lots of help from kevlo@
ok kevlo@ stsp@
Delta File
+419 -43 sys/dev/pci/if_rtwn.c
+51 -3 sys/dev/ic/r92creg.h
+43 -11 sys/dev/ic/rtwn.c
+16 -4 sys/dev/ic/rtwnvar.h
+529 -61 4 files

OpenBSD — usr.sbin/dvmrpd rde_srt.c

add missing braces implied by indentation
ok millert@ claudio@
Delta File
+3 -2 usr.sbin/dvmrpd/rde_srt.c
+3 -2 1 file

OpenBSD — usr.bin/ssh servconf.c

actually make CASignatureAlgorithms available as a config option
Delta File
+2 -1 usr.bin/ssh/servconf.c
+2 -1 1 file

OpenBSD — usr.sbin/unbound configure Makefile.in, usr.sbin/unbound/cachedb cachedb.c

merge unbound 1.8.0

OpenBSD — usr.sbin/unbound/ipsecmod ipsecmod.c, usr.sbin/unbound/respip respip.c

import unbound 1.8.0, tested by myself and benno@

OpenBSD — sys/kern kern_sysctl.c, sys/netinet in_pcb.c in_pcb.h

As a step towards per inpcb or socket locks, remove the net lock
for netstat -a.  Introduce a global mutex that protects the tables
and hashes for the internet PCBs.  To detect detached PCB, set its
inp_socket field to NULL.  This has to be protected by a per PCB
mutex.  The protocol pointer has to be protected by the mutex as
netstat uses it.
Always take the kernel lock in in_pcbnotifyall() and in6_pcbnotify()
before the table mutex to avoid lock ordering problems in the notify
functions.
OK visa@
Delta File
+50 -5 sys/netinet/in_pcb.c
+26 -11 sys/kern/kern_sysctl.c
+22 -13 sys/netinet/in_pcb.h
+17 -2 sys/netinet6/in6_pcb.c
+7 -2 sys/netinet6/raw_ip6.c
+4 -1 sys/netinet/raw_ip.c
+12 -4 4 files not shown
+138 -38 10 files

OpenBSD — share/man/man5 disktab.5

missing space after comma
Delta File
+3 -3 share/man/man5/disktab.5
+3 -3 1 file

OpenBSD — etc/etc.alpha disktab, etc/etc.hppa disktab

grow alpha and hppa media to accomodate some recent growth

OpenBSD — sys/arch/amd64/amd64 vmm.c, sys/arch/amd64/include vmmvar.h

vmm(4): Clear the guest MWAITX/MONITORX extended CPUID feature bit,
like we already do for MWAIT/MONITOR. Also match Intel here by not
exposing the SVM capability to AMD guests.

Allows Linux guests to boot in vmd(8) on Ryzen CPUs.

ok mlarkin@

OpenBSD — usr.sbin/rcctl rcctl.8

add missing explanation about daemon_variables removed when disabling a pkg
script

ok aja@ jca@
Delta File
+4 -3 usr.sbin/rcctl/rcctl.8
+4 -3 1 file

OpenBSD — usr.sbin/tcpdump print-snmp.c

add missing braces implied by indentation
ok millert@
Delta File
+3 -2 usr.sbin/tcpdump/print-snmp.c
+3 -2 1 file

OpenBSD — sbin/isakmpd ike_phase_1.c

add missing braces implied by indentation
ok millert@ mpi@
Delta File
+3 -2 sbin/isakmpd/ike_phase_1.c
+3 -2 1 file

OpenBSD — regress/usr.sbin/bgpd/unittests rde_sets_test.c rde_trie_test.c

Adjust unittests to the adjustments done to the as_set code.
OK benno@

OpenBSD — usr.sbin/bgpctl bgpctl.c

as_set_match() changed again, so adjust it here too.
OK benno@
Delta File
+3 -3 usr.sbin/bgpctl/bgpctl.c
+3 -3 1 file

OpenBSD — usr.sbin/bgpd rde_sets.c bgpd.c

Split up as_set into a set_table and an as_set. The first is what does
the lookup and will now also be used in roa-set tries. The as_set is glue
to add the name and dirty flag. Add an accessor to get the set data so
that the imsg sending and printing can be moved into the right places.
This is done mainly because roa-sets need similar but slightly different
versions and making the code more generic is the best way fixing this.
OK benno@
Delta File
+76 -108 usr.sbin/bgpd/rde_sets.c
+32 -5 usr.sbin/bgpd/bgpd.c
+21 -15 usr.sbin/bgpd/rde_trie.c
+21 -12 usr.sbin/bgpd/bgpd.h
+25 -2 usr.sbin/bgpd/printconf.c
+7 -8 usr.sbin/bgpd/parse.y
+10 -11 4 files not shown
+192 -161 10 files

OpenBSD — usr.bin/tftp main.c

fix indentation
ok krw@ millert@
Delta File
+2 -2 usr.bin/tftp/main.c
+2 -2 1 file

OpenBSD — usr.sbin/smtpd smtp_client.c smtpc.c

properly handle credentials and fix auth in smtp(1)

ok gilles@

OpenBSD — usr.bin/make parse.c

fix indentation
ok krw@ millert@
Delta File
+2 -2 usr.bin/make/parse.c
+2 -2 1 file

OpenBSD — usr.sbin/bgpd rde_filter.c session.c

whitespace cleanup, ok claudio@

OpenBSD — usr.sbin/smtpd mta_session.c

fix indentation
Delta File
+17 -17 usr.sbin/smtpd/mta_session.c
+17 -17 1 file

OpenBSD — etc moduli, usr.bin/ssh/moduli-gen moduli.3072 moduli.2048

Import updated moduli.

OpenBSD — regress/usr.sbin/bgpd/config bgpd.conf.7.ok

Sort order changed because an RB tree is now used for prefixsets.

OpenBSD — usr.sbin/bgpd config.c parse.y

Switch prefixset to an RB_TREE instead of a SIMPLEQ. This allows to trigger
on duplicates (which are only reported) but is needed as a preparation step
for roa-sets.
OK benno@ denis@

OpenBSD — usr.sbin/bgpd util.c

Fix the empty aspath segments check. seg_size is never 0, this needs to use
seg_len instead. Since seg_len is known early move the check up.
Found while hunting for the other bug in aspath_verify.
Delta File
+5 -5 usr.sbin/bgpd/util.c
+5 -5 1 file

OpenBSD — usr.sbin/bgpd util.c

Fix an out of bound read that could crash the RDE because it touched
unallocated memory while looking for AS 0.
Found by and debugged with Aaron A. Glenn. Thanks a lot.
Delta File
+4 -4 usr.sbin/bgpd/util.c
+4 -4 1 file

OpenBSD — usr.bin/ssh ssh_config.5 scp.1

reorder CASignatureAlgorithms, and add them to the various -o lists;
ok djm

OpenBSD — usr.bin/ssh ssh.c

fix "ssh -Q sig" to show correct signature algorithm list (it was
erroneously showing certificate algorithms); prompted by markus@
Delta File
+2 -2 usr.bin/ssh/ssh.c
+2 -2 1 file

OpenBSD — usr.bin/ssh sshconnect.c readconf.c

add CASignatureAlgorithms option for the client, allowing it to specify
which signature algorithms may be used by CAs when signing certificates.
Useful if you want to ban RSA/SHA1; ok markus@

OpenBSD — usr.bin/ssh servconf.c sshd_config.5

Add sshd_config CASignatureAlgorithms option to allow control over
which signature algorithms a CA may use when signing certificates.
In particular, this allows a sshd to ban certificates signed with
RSA/SHA1.

ok markus@

OpenBSD — sys/dev/i2c ihidev.c

fix a memory leak in ihidev_hid_command()
ok claudio@
Delta File
+2 -1 sys/dev/i2c/ihidev.c
+2 -1 1 file