OpenBSD/src lRwehJpusr.bin/mandoc mandoc.1

   Explain the ASCII rendering of single quotes because that repeatedly
   caused confusion in the past.  People plainly do not expect that
   there are limits to the compatibility between Unicode and ASCII,
   but there are.

   The information belongs here and not into mandoc_char(7) because
   it explains how the specific output device (-T ascii) works and
   because it has nothing to do with the question of how characters
   are represented on the input side.
VersionDeltaFile
1.161+13-2usr.bin/mandoc/mandoc.1
+13-21 files

OpenBSD/src QpM0pQYlib/libssl tls13_record_layer.c

   Remove temporary gotos.

   In the case of a dummy CCS or post-handshake handshake message, return
   TLS13_WANT_POLLIN rather than using a goto internally. This allows the
   caller to retry at an appropriate time and reduces the complexity within
   the record layer.

   ok beck@ tb@
VersionDeltaFile
1.6+3-7lib/libssl/tls13_record_layer.c
+3-71 files

OpenBSD/src 7rziXfilib/libssl tls13_lib.c

   Set BIO retry on TLS13_IO_WANT_POLLIN/TLS13_IO_WANT_POLLOUT.

   In most cases a TLS13_IO_WANT_POLLIN or TLS13_IO_WANT_POLLOUT will have
   bubbled up from the wire callbacks, in which case the BIO retry flag will
   already be set. However, if we return TLS13_IO_WANT_POLLIN or
   TLS13_IO_WANT_POLLOUT from a higher layer the BIO retry flag will not be
   set and that will cause SSL_get_error() to return SSL_ERROR_SYSCALL rather
   than the intended SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE.

   ok beck@ tb@
VersionDeltaFile
1.5+3-1lib/libssl/tls13_lib.c
+3-11 files

OpenBSD/src QAEHEMKsbin/dhclient kroute.c

   Correct comment on delete_addresses() return value.
VersionDeltaFile
1.161+2-2sbin/dhclient/kroute.c
+2-21 files

OpenBSD/src ip2rXo5sbin/dhclient kroute.c

   Restore pre-a2k19 behaviour of clearing out all existing addresses
   when setting new address.

   That change needs specific consideration rather than inadvertant
   inclusion, especially after claiming no functional change was
   being made.

   Change and related problems noted and reversion tested by Kurt
   Mosiejczuk.
VersionDeltaFile
1.160+14-10sbin/dhclient/kroute.c
+14-101 files

OpenBSD/src J0M9TEausr.bin/ssh myproposal.h readconf.c

   openssh-7.9 accidentally reused the server's algorithm lists in the
   client for KEX, ciphers and MACs. The ciphers and MACs were
   identical between the client and server, but the error accidentially
   disabled the diffie-hellman-group-exchange-sha1 KEX method.

   This fixes the client code to use the correct method list, but
   because nobody complained, it also disables the
   diffie-hellman-group-exchange-sha1 KEX method.

   Reported by nuxi AT vault24.org via bz#2697; ok dtucker

OpenBSD/src 8G9guE5share/man/man9 pci_mapreg_map.9 Makefile

   document pci_mapreg_map and some related functions.

   i couldn't figure out which argument becomes the flags for the
   wrapped call to bus_space_map(9), so i wrote this page so i wouldnt
   have to read the code for this one again.

   ok jmc@ schwarze@ mpi@ deraadt@

OpenBSD/src 3DswvKssys/arch/arm64/arm64 cpu.c

   recognise more arm cpus
   ok patrick@
VersionDeltaFile
1.27+13-1sys/arch/arm64/arm64/cpu.c
+13-11 files

OpenBSD/src PWEwDVCshare/locale/ctype en_US.UTF-8.src

   Update to Unicode 10

   Committing the diff in my tree that matched the version sent by
   Lauri Tirkkonen <lotheac AT iki.fi>

   OK schwarze@
VersionDeltaFile
1.9+464-149share/locale/ctype/en_US.UTF-8.src
+464-1491 files

OpenBSD/src UZcSaOugnu/llvm/lib/Target/X86 X86FixupGadgets.cpp X86MCInstLower.cpp, gnu/llvm/tools/clang/include/clang/Driver Options.td

   Improve the X86FixupGadgets pass:
   - Target all four kinds of return bytes (c2, c3, ca, cb)
   - Fix up instructions using both ModR/M and SIB bytes
   - Force alignment before instructions with return bytes in immediates
   - Force alignment before instructions that have return bytes in their encoding
   - Add a command line switch to toggle the functionality.

   ok deraadt@

OpenBSD/src ie5JSo5regress/lib/libm/msun fenv_test.c

   For ia32 use a volatile double to force 64 bit rounding.  Otherwise
   the i387 would use its internal 80 bit stack.  This fixes getround()
   on i386.
VersionDeltaFile
1.3+8-4regress/lib/libm/msun/fenv_test.c
+8-41 files

OpenBSD/src 2jtFIMrusr.bin/rsync extern.h

   remove __BEGIN_DECLS/__END_DECLS, this .h file wont be
   read by a C++ compiler, and __* are no lonmger recommended.
   https://www.gnu.org/software/libtool/manual/html_node/C-header-files.html
   ok deraadt@
VersionDeltaFile
1.23+1-5usr.bin/rsync/extern.h
+1-51 files

OpenBSD/src rFVO6Xfsys/dev/fdt ssdfb.c

   Allow ssdfb(4) to be mmap(2)-able so that we can use its framebuffer
   from the userland.  Also allow changing the brightness levels so that
   it can even be turned off to save power and to prevent burn in.
VersionDeltaFile
1.10+81-6sys/dev/fdt/ssdfb.c
+81-61 files

OpenBSD/src PABSsDNsys/uvm uvm_km.c

   at some point the uvm_km_thread learned to free memory, but the comment
   was never updated.
   from Amit Kulkarni
VersionDeltaFile
1.131+2-4sys/uvm/uvm_km.c
+2-41 files

OpenBSD/src n0s4zbqusr.sbin/npppd/l2tp l2tpd.c, usr.sbin/npppd/pppoe pppoed.c

   errror -> error in log messages; from alessandro gallo

OpenBSD/src GQuUexNusr.bin/ssh session.c

   perform removal of agent-forwarding directory in forward setup error
   path with user's privileged. This is a no-op as this code always runs
   with user privilege now that we no longer support running sshd with
   privilege separation disabled, but as long as the privsep skeleton is
   there we should follow the rules.

   bz#2969 with patch from Erik Sjölund
VersionDeltaFile
1.315+3-1usr.bin/ssh/session.c
+3-11 files

OpenBSD/src PzmuhZbregress/lib/libssl/interop server.c client.c, regress/lib/libssl/interop/cert Makefile

   Test that all supported TLS ciphers actually work.  Establish
   connections between client and server implemented with LibreSSL or
   OpenSSL with a fixed cipher on each side.  Check the used cipher
   in the session print out.

OpenBSD/src lcRTvzBsys/dev/usb xhci.c

   Transfers that span multiple TRBs which wrap around the ring and
   thus have the Link TRB inbetween must have the Chain Bit set in the
   Link TRB.  Otherwise xHCI controllers might think that the transfer
   ends at that point.

   Fixes an issue that was most prominently seen as Invalid CSW error
   when using umass0 on octeon and i.MX8M.

   Tested by visa@
   ok mpi@
VersionDeltaFile
1.91+9-5sys/dev/usb/xhci.c
+9-51 files

OpenBSD/src YE9RTGcusr.bin/rsync rsync.5

   kristaps f18392f58d1f0bc72917e3ac3a46be74c194688d
   Document that the gid/uid list may be empty. Fixes
   https://github.com/kristapsdz/openrsync/issues/10
VersionDeltaFile
1.12+4-2usr.bin/rsync/rsync.5
+4-21 files

OpenBSD/src CErRDTUusr.bin/rsync ids.c

   kristaps cbe83cd64f40e634dbc22d3f2918c41977a6514d
   If we don't get a uid/gid map, such as with an rsync:// address, we
   might not be able to map.  So fall back on numeric ids.
VersionDeltaFile
1.8+7-5usr.bin/rsync/ids.c
+7-51 files

OpenBSD/src jkLQHf3usr.bin/rsync flist.c rsync.5

   kristaps 7721288a1d170f4d789bf7a7b822f14f91f7bcb9

   In order for GPL rsync(1) to work with --delete when openrsync is a
   remote sender, we need to set the FLIST_TOP_LEVEL bit for all
   top-level directories. This is because the GPL rsync(1) uses this bit
   to determine which directories to scan for files for deletion.
VersionDeltaFile
1.19+7-1usr.bin/rsync/flist.c
1.11+5-1usr.bin/rsync/rsync.5
+12-22 files

OpenBSD/src 1w6gkWGusr.bin/rsync sender.c

   kristaps 156cf3b7d459efe133d603158fc33c243dc07ba0
   Use style(9) for bit
VersionDeltaFile
1.19+2-2usr.bin/rsync/sender.c
+2-21 files

OpenBSD/src zs02dc8usr.bin/rsync sender.c

   kristaps 97df28257f3cc5faae8072fbadbc334a57a4e8a7
   Remove another potential deadlock when in sender mode with
   multiplexing enabled.
VersionDeltaFile
1.18+38-18usr.bin/rsync/sender.c
+38-181 files

OpenBSD/src dFa2eD9usr.bin/rsync sender.c

   kristaps b1c688cad9f544a59b871c9984888cb1a3ae11e4
   Avoid crash when -n is specified.
VersionDeltaFile
1.17+7-6usr.bin/rsync/sender.c
+7-61 files

OpenBSD/src LQxA8Lausr.bin/rsync ids.c flist.c

   kristaps acb8f263717f27691f0318d4b7154f854b7206b3

   As found by benno@, if --numeric-ids is passed in, rsync does not send
   or receive the uid/gid lists at all.  This also means that we need not
   process the lists, as we're simply going to copy around the same
   value.
VersionDeltaFile
1.7+6-9usr.bin/rsync/ids.c
1.18+7-7usr.bin/rsync/flist.c
+13-162 files

OpenBSD/src nWlMrCVusr.bin/rsync ids.c fargs.c

   implement --numeric-ids, tweaked by kristaps

OpenBSD/src SxEHmLoregress/bin/ksh arith.t

   a handful of new tests related to expr.c rev. 1.34
VersionDeltaFile
1.3+63-0regress/bin/ksh/arith.t
+63-01 files

OpenBSD/src mvBauEjlib/libc/time strptime.c strptime.3

   Consume one leading space with %e iff given

   Since strftime(3)'s %e conversion specification preceeds single digits by a
   blank, do the converse here to allow safe data round trips through these
   functions with the same format string.

   Positive feedback tedu deraadt,
   OK millert jca
VersionDeltaFile
1.25+6-3lib/libc/time/strptime.c
1.27+4-4lib/libc/time/strptime.3
+10-72 files

OpenBSD/src ZddWTCoregress/lib/libm/msun lrint_test.c

   Remove the #ifdef i386 special test, it does not compile there.

OpenBSD/src vMkJ7RMregress/lib/libm/msun conj_test.c fenv_test.c

   Replace the print "not ok" with an assert macro.  This is consistent
   to the other tests and causes a regress fail.  Fix RCS Id.
   from Moritz Buhl

OpenBSD/src oVMd9CBlib/libssl tls13_record_layer.c tls13_lib.c

   Wire up alert handling for TLSv1.3.

   In TLSv1.3 there are two types of alerts "closure alerts" and
   "error alerts". This makes the record layer more strict and handles closure
   of the read and write channels. The callback then handles the record layer to
   SSL mapping/behaviour.

   ok tb@

OpenBSD/src WzMKRSqlib/libssl tls13_record_layer.c tls13_internal.h

   Change the alert callback return type from int to void.

   There is nothing for the handler to really signal, since it cannot change
   the fact that we received an alert. While here use TLS13_IO_FAILURE instead
   of hardcoding -1.

   ok tb@

OpenBSD/src z1sszxzlib/libssl tls13_record_layer.c

   Fix a few cases where int was used instead of ssize_t.
VersionDeltaFile
1.3+3-3lib/libssl/tls13_record_layer.c
+3-31 files

OpenBSD/src 5R9XqwMsbin/sysctl sysctl.c

   If sysctl(8) was compiled with an obsolete struct sensordev size,
   it could get stuck in an endless loop.  After sensors sysctl(2)
   fails, do not continue using uninitialized memory.  Catch the error,
   print a warning, and skip the sensors.
   OK benno@ visa@ deraadt@
VersionDeltaFile
1.241+5-1sbin/sysctl/sysctl.c
+5-11 files

OpenBSD/src 6tkoaJpregress/lib/libm Makefile

   Link msun regress to build.
VersionDeltaFile
1.15+2-2regress/lib/libm/Makefile
+2-21 files

OpenBSD/src wn9rJJRregress/lib/libm/msun fenv_test.c test-utils.h

   Copy tests for our libm implementation from FreeBSD.  Only passing
   tests are included, the others need some fixes in the library first.
   Hopefully these tests will help us to find compiler bugs earlier.
   from Moritz Buhl

OpenBSD/src PN1gBxTsbin/disklabel editor.c

   Compute params of shrunk partition and not of resized one; ok krw@
VersionDeltaFile
1.354+5-5sbin/disklabel/editor.c
+5-51 files

OpenBSD/src KnUqKrVusr.sbin/bgpctl bgpctl.c

   type is not used here. Still keep a comment around to keep the code
   similar to all other attr parsers.
VersionDeltaFile
1.232+3-3usr.sbin/bgpctl/bgpctl.c
+3-31 files

OpenBSD/src hyf28o7usr.sbin/bgpctl bgpctl.c

   Adjust bgpctl to the new ctl_show_interface struct that is sent instead of
   the system specific struct kif. Makes this code a lot more portable but
   still prints the same info in the same way.
   OK sthen@
VersionDeltaFile
1.231+19-31usr.sbin/bgpctl/bgpctl.c
+19-311 files

OpenBSD/src 7HsoG94usr.sbin/bgpd kroute.c util.c

   Media and link states are highly OS dependent, to make porting easier
   export the interface info in a way that does not need OS specific functions
   to print it. Link state and media are now strings that are set by bgpd.
   bgpctl can just print them. Move get_linkstate and get_media_descr to
   kroute.c where all other system specific stuff is.
   OK sthen@
VersionDeltaFile
1.233+82-4usr.sbin/bgpd/kroute.c
1.46+10-58usr.sbin/bgpd/util.c
1.374+15-8usr.sbin/bgpd/bgpd.h
+107-703 files

OpenBSD/src u2Rmb1lusr.bin/aucat aucat.c

   Use reallocarray in place of malloc(a * b) to handle possible
   overflow in multiplication of malloc argument.
VersionDeltaFile
1.174+5-1usr.bin/aucat/aucat.c
+5-11 files

OpenBSD/src O1SksaMsys/arch/arm64/arm64 cpu.c

   Cortex A76 is not affected by spectre variant 2 branch target injection
   attacks described in CVE-2017-5715 and ATF does not implement a
   workaround for Cortex A76.
VersionDeltaFile
1.26+2-1sys/arch/arm64/arm64/cpu.c
+2-11 files

OpenBSD/src USQOkGSsys/dev/pci if_ix.c if_ix.h

   get rid of atomic_foo ops in the tx start and completion paths.

   atomics were used to coordinate updates to the number of available
   slots on the tx ring. start would use what was available, and txeof
   (completion) would add back freed slots. start and completion
   update a producer and consumer index respectively, so we can use
   those with the size of the ring to calculate space instead.

   while here i simplified what txeof does a fair bit, which combined
   with the removal of the atomics gives us a bit of a speed improvement.
   hrvoje popovski reports up to a 20% improvement in one environment,
   but 5 to 10 is probably more realistic.

   ive had this in a tree since 2017, but mpi's "Faster vlan(4)
   forwarding?" post made me dig it out and clean it up.

   ok jmatthew@
VersionDeltaFile
1.153+71-126sys/dev/pci/if_ix.c
1.33+1-2sys/dev/pci/if_ix.h
+72-1282 files

OpenBSD/src 5YFurUjbin/ksh expr.c eval.c

   When evaluating an arithmetical expression, for example inside $(()),
   never do substitution (neither parameter, nor command, nor arithmetic,
   nor tilde substitution) on the values of any variables encountered
   inside the expression, but do recursively perform arithmetical
   evaluation of subexpressions as required.  This makes behaviour
   more consistent, without hindering any behaviour promised in the
   manual page.

   A quirk originally reported by Andy Chu <andychup at gmail dot com>
   was that in the past, when encountering an array index, the shell
   would not only do evaluation, but also substitution on the array
   index, even though substitution would not be done on the expression
   in general.

   tobias@ contributed to initial efforts of understanding the quirk.
   patch tested in a bulk build by naddy@
   "please commit" deraadt@
VersionDeltaFile
1.34+6-1bin/ksh/expr.c
1.64+4-1bin/ksh/eval.c
1.97+2-1bin/ksh/main.c
1.75+2-1bin/ksh/sh.h
+14-44 files

OpenBSD/src PaRPLXIregress/usr.sbin/bgpd/integrationtests md5.sh bgpd.md5.rdomain2.conf

   Add a test that catches problems of tcp md5 signatures, like the one
   fixed in bgpd/pfkey.c rev 1.54 by claudio.

OpenBSD/src mlop7ZTsbin/ifconfig ifconfig.c

   Tweak previous, use the same wording everywhere

   ok deraadt@
VersionDeltaFile
1.394+3-3sbin/ifconfig/ifconfig.c
+3-31 files

OpenBSD/src sBri5hTsys/dev/wscons wsmux.c

   When adding a wsmux device to an existing wsmux device using
   ioctl(WSMUXIO_ADD_DEVICE), two distinct locks of the same type are
   acquired. Thus, witness will emit warning. Since acquiring two different
   locks of the same type is harmless in this context, relax the witness
   check by flagging the locks as RWL_DUPOK.

   ok visa@

   Reported-by: syzbot+249e483406a1f7843915 at syzkaller.appspotmail.com
VersionDeltaFile
1.42+2-2sys/dev/wscons/wsmux.c
+2-21 files

OpenBSD/src Epnpwseusr.sbin/npppd/npppd npppd-users.5

   fix attribute name

OpenBSD/src bog3ELIsys/net bridgectl.c if_bridge.h

   Protect the hash table with a mutex.

   inputs & ok visa@
VersionDeltaFile
1.16+32-10sys/net/bridgectl.c
1.62+14-5sys/net/if_bridge.h
1.322+2-1sys/net/if_bridge.c
+48-163 files

OpenBSD/src dqV8PlVusr.sbin/bgpd pfkey.c

   Forgot to set the sockaddr length field which is mandatory on the pfkey socket.
   Fixes tcp-md5 issues noticed by benno@, OK benno@
VersionDeltaFile
1.54+7-3usr.sbin/bgpd/pfkey.c
+7-31 files