Displaying 1 50 of 513,964 commits (0.017s)

OpenBSD — distrib/sets/lists/comp mi

Delta File
+8 -0 distrib/sets/lists/comp/mi
+8 -0 1 file

OpenBSD — share/man/man9 bufq_init.9

tweak previous: use .Er for ENXIO
Delta File
+4 -4 share/man/man9/bufq_init.9
+4 -4 1 file

OpenBSD — share/man/man9 bufq_init.9 Makefile

this is start on documenting bufqs. it covers the bits disk drivers need
to know. the grubby bits the midlayer touches on them will get written up

ok deraadt@

OpenBSD — usr.sbin/apmd apmd.8

Steven Roberts sent me a patch updating the various setperf thresholds.
But instead of continuing to overdocument internal behavior, provide a
high level description of the modes and their purpose.
Delta File
+7 -23 usr.sbin/apmd/apmd.8
+7 -23 1 file

OpenBSD — usr.sbin/httpd httpd.c

When canonicalizing the path, it is better to fail on truncation.

Pointed out by Doug Hogan.
Delta File
+6 -2 usr.sbin/httpd/httpd.c
+6 -2 1 file

OpenBSD — usr.sbin/httpd httpd.c

I wanted to know if people pay attention.

Doug Hogan found an off-by-one.  More improvements will follow.
Delta File
+2 -5 usr.sbin/httpd/httpd.c
+2 -5 1 file

OpenBSD — usr.sbin/httpd server_file.c

The default index page shouldn't be a directory.  It's a 500.
Delta File
+2 -2 usr.sbin/httpd/server_file.c
+2 -2 1 file

OpenBSD — usr.sbin/httpd server_file.c

Don't expose the docroot on error.
Delta File
+5 -1 usr.sbin/httpd/server_file.c
+5 -1 1 file

OpenBSD — usr.sbin/httpd httpd.c parse.y

The media_encoding is not used in parse.y but stack garbage could lead
to a double free; set it to NULL.

This should fix a problem that was found by deraadt@

OpenBSD — usr.sbin/httpd server_file.c server_http.c

First attempt at verifying the request path and the access
permissions.  We also have to redirect with 301 if a directory name
was requested without the trailing slash.

OpenBSD — lib/libc/asr gethostnamadr_async.c getnetnamadr_async.c

Make queries using the search list for hostname lookups fail with
NO_DATA/EAI_NODATA when the hostname param is an empty string.
So far, they were using the entries in the search list with no
additional component, which is not really expected.

reported by jsing@ and a few others

ok deraadt@, "makes sense" jsing@

OpenBSD — sys/kern subr_userconf.c

Set the console input in polling mode before entering ukc.

ok miod@, deraadt@, shadchin@
Delta File
+4 -1 sys/kern/subr_userconf.c
+4 -1 1 file

OpenBSD — lib/libssl/src/crypto/x509v3 pcy_node.c

level_add_node(): if a memory allocation failure causes us to attempt to clean
up and return failure, be sure the cleanup work does NOT free objects which
are still being referenced by other objects.

ok guenther@

OpenBSD — lib/libssl/src/crypto/pem pem_lib.c

Make sure PEM_def_callback() correctly handles negative buffer sizes; all uses
within libcrypto are safe, but until we can change this function prototype to
use size_t instead of int, better be safe than sorry.

tweaks and ok guenther@
Delta File
+17 -10 lib/libssl/src/crypto/pem/pem_lib.c
+17 -10 1 file

OpenBSD — gnu/usr.bin/lynx configure CHANGES, gnu/usr.bin/lynx/WWW FreeofCharge.html

delinked from tree, now it goes to the bit bucket
Delta File
+0 -44,181 gnu/usr.bin/lynx/configure
+0 -14,836 gnu/usr.bin/lynx/src/GridText.c
+0 -9,461 gnu/usr.bin/lynx/CHANGES
+0 -8,323 gnu/usr.bin/lynx/src/HTML.c
+0 -8,184 gnu/usr.bin/lynx/src/LYMainLoop.c
+0 -8,114 gnu/usr.bin/lynx/src/LYUtils.c
+0 -363,480 446 files not shown
+0 -456,579 452 files

OpenBSD — usr.sbin/httpd httpd.c server_file.c

Add canonicalize_path() to canonicalize the requested URL path.

OpenBSD — share/man/man7 hier.7

typo; patch from Timo dot Myyra at wickedbsd dot net
Delta File
+3 -3 share/man/man7/hier.7
+3 -3 1 file

OpenBSD — usr.bin/mandoc html.c chars.c

Security fix:
After decoding numeric (\N) and one-character (\<, \> etc.)
character escape sequences, do not forget to HTML-encode the
resulting ASCII character.  Malicious manuals were able to smuggle
XSS content by roff-escaping the HTML-special characters they need.
That's a classic bug type in many web applications, actually...  :-(

Found myself while auditing the HTML formatter for safe output handling.
Delta File
+38 -27 usr.bin/mandoc/html.c
+13 -2 usr.bin/mandoc/chars.c
+51 -29 2 files

OpenBSD — usr.sbin/pkg_add package.5

document format changes, including the new @ts annotation that pkg_create
will generate after 5.6.
Delta File
+39 -13 usr.sbin/pkg_add/package.5
+39 -13 1 file

OpenBSD — usr.sbin/pkg_add/OpenBSD Ustar.pm

move misleading comment
Delta File
+2 -2 usr.sbin/pkg_add/OpenBSD/Ustar.pm
+2 -2 1 file

OpenBSD — usr.sbin/httpd server.c config.c

Correctly shutdown the servers when the process is terminating;
prevents a crash on exit.  With debugging help from blambert@.

OpenBSD — usr.sbin/httpd httpd.h

always enable DPRINTF with compiled with DEBUG
Delta File
+2 -2 usr.sbin/httpd/httpd.h
+2 -2 1 file

OpenBSD — etc Makefile

httpd.conf can be installed 0644 instead of 0600 like relayd.conf.

ok ajacoutot@ benno@
Delta File
+8 -8 etc/Makefile
+8 -8 1 file

OpenBSD — etc/mtree special

Add httpd.conf.
Delta File
+2 -1 etc/mtree/special
+2 -1 1 file

OpenBSD — share/man/man5 bsd.port.mk.5

rephrase multi-packaged LIB_DEPENDS description to match fixed semantics.
Delta File
+4 -4 share/man/man5/bsd.port.mk.5
+4 -4 1 file

OpenBSD — sys/arch/octeon/dev octcf.c

correctly drain and destroy the bufq upon detach

ok dlg@
Delta File
+4 -1 sys/arch/octeon/dev/octcf.c
+4 -1 1 file

OpenBSD — share/man/man9 atomic_sub_int.9

Subtraction usually decrements the value

ok dlg@
Delta File
+2 -2 share/man/man9/atomic_sub_int.9
+2 -2 1 file

OpenBSD — etc Makefile

Trailing whitespace.
Delta File
+2 -2 etc/Makefile
+2 -2 1 file

OpenBSD — share/man/man9 malloc.9

tweak previous;
Delta File
+4 -4 share/man/man9/malloc.9
+4 -4 1 file

OpenBSD — usr.sbin/syslogd syslogd.8

document that sendsyslog saves the day
Delta File
+5 -3 usr.sbin/syslogd/syslogd.8
+5 -3 1 file

OpenBSD — lib/libssl/src/crypto/evp evp_key.c

Check the return value of the UI functions (including UI_new() which return
value is happily dereferenced without checking it for being non-NULL).

ok beck@
Delta File
+11 -6 lib/libssl/src/crypto/evp/evp_key.c
+11 -6 1 file

OpenBSD — share/man/man9 malloc.9

document mallocarray like malloc throughout the page. better describe
what M_CANFAIL means for each.

motivation and initial diff from doug hogan
Delta File
+43 -29 share/man/man9/malloc.9
+43 -29 1 file

OpenBSD — distrib/sets/lists/base mi, distrib/sets/lists/man mi


OpenBSD — regress/usr.bin/ssh/unittests/sshkey mktestdata.sh

Add $OpenBSD tag to make syncs easier

OpenBSD — regress/usr.bin/ssh/unittests/sshkey/testdata rsa_2 dsa_n_pw

Regenerate test keys with certs signed with ed25519 instead of ecdsa.
These can be used in -portable on platforms that don't support ECDSA.

OpenBSD — regress/usr.bin/ssh/unittests/sshkey mktestdata.sh

Sign test certs with ed25519 instead of ecdsa so that they'll work in
-portable on platforms that don't have ECDSA in their OpenSSL.  ok djm

OpenBSD — usr.bin/mandoc html.c

Security fix:
The function print_encode() is used both for plain text
and for quoted attribute values.
Escape the '"' character such that malicious manuals cannot pull off
XSS attacks using malformed .Lk, .Mt, .%U, and .UR macros (and maybe
others) to trigger the latter case.
In the former case, escaping does no harm.
Issue found by Sebastien Marie <semarie-openbsd at latrappe dot fr>.
Delta File
+5 -2 usr.bin/mandoc/html.c
+5 -2 1 file

OpenBSD — usr.sbin/apmd apmd.c

adjust -C algorithm to be more aggressive in scaling up.
works better for me, and others as well.
Delta File
+7 -8 usr.sbin/apmd/apmd.c
+7 -8 1 file

OpenBSD — etc/signify openbsd-57-fw.pub

add 5.7 firmware key
Delta File
+2 -0 etc/signify/openbsd-57-fw.pub
+2 -0 1 file

OpenBSD — share/man/man4/man4.luna88k Makefile

Add a link to pcexio(4) man page.  Now 'man 4 pcexio' works fine on

ok miod@

OpenBSD — sys/kern subr_poison.c

The last poison change is awesome, it is triggering use after free bugs.
Some of them aren't too difficult to find and fix, but others are turning
out to be deeply hidden.  The timing is poor -- disable this for now.
We need to revisit this right after tree unlock.
Delta File
+2 -12 sys/kern/subr_poison.c
+2 -12 1 file

OpenBSD — etc changelist

Revert revisions 1.88-1.94 but keep recent relevant changes.
The `+' sign was added by mistake thinking it was doing something else.

ok schwarze@
Delta File
+31 -31 etc/changelist
+31 -31 1 file

OpenBSD — usr.sbin/httpd httpd.conf.5 httpd.8

some minor fixes;

OpenBSD — usr.sbin/httpd httpd.conf.5


no ok needed miod@ guenther@
Delta File
+3 -3 usr.sbin/httpd/httpd.conf.5
+3 -3 1 file

OpenBSD — sbin/quotacheck quotacheck.c

FSTAB -> _PATH_FSTAB, the latter is deprecated.
From natano at bitrig, ok deraadt@
Delta File
+3 -3 sbin/quotacheck/quotacheck.c
+3 -3 1 file

OpenBSD — usr.bin/mandoc cgi.c man.cgi.8

Security fix to prevent XSS attacks:
Restrict the character set of strings passed into html_alloc(),
in particular architecture names that come from the QUERY_STRING,
but also SCRIPT_NAME and manpath.conf content for additional safety,
and bail out safely on violations.
Issue reported by Sebastien Marie <semarie-openbsd at latrappe dot fr>.
Delta File
+42 -2 usr.bin/mandoc/cgi.c
+40 -2 usr.bin/mandoc/man.cgi.8
+82 -4 2 files

OpenBSD — lib/libssl/src/crypto/evp e_des3.c e_des.c

Now that DES_random_key() can be trusted, use it to generate DES keys in the
EVP_CTRL_RAND_KEY method handlers, rather than generating a random odd key and
not even checking it against the weak keys list.

ok beck@

OpenBSD — lib/libssl/src/crypto/des rand_key.c

In DES_random_key(), force the generated key to the odd parity before checking
it is not one of the weak and semi-weak keys.

Even though the probability of generating a weak key with incorrect parity is
abysmally small, there is no reason to be correct (although, if you're in a
need for fresh DES keys nowadays, you should seriously consider switching to
a stronger symmetric cipher algorithm).

ok beck@

OpenBSD — sys/lib/libsa ufs.c ufs2.c

use NULL instead of (foo *)0; Kent R. Spillner
Delta File
+5 -5 sys/lib/libsa/ufs.c
+4 -4 sys/lib/libsa/ufs2.c
+9 -9 2 files

OpenBSD — distrib/sets/lists/base mi

Delta File
+4 -1 distrib/sets/lists/base/mi
+4 -1 1 file