OpenBSD/src aKkqMStlib/libssl t1_lib.c

   Start cleaning up tls_decrypt_ticket().

   Rather than returning from multiple places and trying to clean up as we go,
   move to a single exit point and clean/free in one place. Also invert the
   logic that handles NULL sessions - fail early, rather than having an
   indented if test for success.

   ok tb@
VersionDeltaFile
1.155+64-59lib/libssl/t1_lib.c
+64-591 files

OpenBSD/src JRyzEKMsys/net if_media.c

   Interpret ENETRESET from ifm_change() as success in ifmedia_ioctl().

   Drivers will return ENETREST if the hardware needs to be reinitialized
   after successfully switching to the new media mode; it's not an error.

   This change fixes unreliable 'ifconfig mode' with some wireless drivers.

   ok phessler@ jmatthew@
VersionDeltaFile
1.31+2-2sys/net/if_media.c
+2-21 files

OpenBSD/src pDSariKlib/libcrypto/x509v3 v3_akey.c

   fix some style nits to reduce noise in an upcoming diff
VersionDeltaFile
1.20+8-9lib/libcrypto/x509v3/v3_akey.c
+8-91 files

OpenBSD/src brIJ80slib check_sym

   Improve comment grammar
VersionDeltaFile
1.6+3-3lib/check_sym
+3-31 files

OpenBSD/src lWKAzR3libexec/ld.so resolve.c resolve.h

   Now that all Elf_foo types are correct, we don't need to use Elf32_Word
   anywhere and can use Elf_Word instead.
   ok guenther
VersionDeltaFile
1.89+9-9libexec/ld.so/resolve.c
1.90+6-6libexec/ld.so/resolve.h
+15-152 files

OpenBSD/src aFDCgB7libexec/ld.so resolve.h resolve.c

   On alpha, the buckets of DT_HASH are 8 bytes instead of 4 bytes.  This was
   previously 'implemented' by having the Elf_Word typedef in <sys/exec_elf.h>
   vary, but that doesn't match the spec and breaks libelf so it's gone away.
   Implement the variation here by defining our own type locally for this.

   ok deraadt@
VersionDeltaFile
1.89+10-3libexec/ld.so/resolve.h
1.88+3-3libexec/ld.so/resolve.c
+13-62 files

OpenBSD/src 5pNkYOmusr.bin/nl nl.c

   pledge "stdio" after opening file and before doing operations
   from Rafael Neves
VersionDeltaFile
1.7+4-1usr.bin/nl/nl.c
+4-11 files

OpenBSD/src cOMb9nnsys/arch/amd64/amd64 vmm.c

   Revert enabling VMM_DEBUG which slipped through the previous commit.

   Fixes panic on `vmctl start foo'.

   OK tedu deraadt
VersionDeltaFile
1.239+2-2sys/arch/amd64/amd64/vmm.c
+2-21 files

OpenBSD/src NqD6oPelib/libevent min_heap.h

   knf, ok bluhm
VersionDeltaFile
1.5+145-118lib/libevent/min_heap.h
+145-1181 files

OpenBSD/src ZBKftXysys/kern exec_elf.c

   #define        ELFROUNDSIZE    4       /* XXX Should it be sizeof(Elf_Word)? */
   Now that alpha is fixed, we can use sizeof().
VersionDeltaFile
1.148+2-2sys/kern/exec_elf.c
+2-21 files

OpenBSD/src 3M02DM3sys/sys exec_elf.h

   The conversion of rdsetroot to -lelf failed on alpha: -lelf thought ELF SHDR
   was 80 bytes in size, rather than 64 as listed in the ELF header.  In Sep 2001
   when ELF was being integrated into the tree, two of the ELF object types (and two
   more via #define) were given different (incorrect) sizes, and hid behind an
   #ifdef __alpha__ all this time.  -lelf constructs the SHDR object by accumulating
   sizes of types, so this was finally exposed.
   A review of the tree shows no other consequences, so we can fix this now.
VersionDeltaFile
1.84+1-6sys/sys/exec_elf.h
+1-61 files

OpenBSD/src eG17mQCsys/arch/amd64/stand/libsa exec_i386.c

   When copying the EFI-stored kernel to the correct operating location,
   use memmove.  We don't know whether EFI allocated overlapping memory.

OpenBSD/src kKtt764sys/arch/i386/stand/cdboot Makefile, sys/arch/i386/stand/pxeboot Makefile

   libsa's memcpy() is actually memmove().  make a proper memmove(), and give
   memcpy() correct behaviour.  This also brings the bcopy() macro into line.

OpenBSD/src ILxYmn3sys/dev/fdt acrtc.c

   armv7 RAMDISK is now compiled with -Oz (just to be like other ramdisks),
   so clang's rule about "static inline" comes into play.
   ok patrick
VersionDeltaFile
1.3+3-3sys/dev/fdt/acrtc.c
+3-31 files

OpenBSD/src evYfBjNsys/conf param.c

   as discussed with beck, crank dma-range bufcache to a high number
   (he suggested 90 but I prefer 80).  This is so we learn the downside
   from user reports.
VersionDeltaFile
1.39+2-2sys/conf/param.c
+2-21 files

OpenBSD/src GhsvnTgsys/kern vfs_lockf.c

   print locked range in decimal in debug routines
VersionDeltaFile
1.39+2-2sys/kern/vfs_lockf.c
+2-21 files

OpenBSD/src QAOLRcdusr.bin/netstat inet6.c

   The rip6 checksum errors are accounted per socket.  So the no socket
   errors include these, do not subtract both from delivered.  Avoids
   an underflow in the rip6 delivered counter.
   OK deraadt@ claudio@
VersionDeltaFile
1.53+1-2usr.bin/netstat/inet6.c
+1-21 files

OpenBSD/src k9FmJhGsys/netinet6 raw_ip6.c

   Statistics of "netstat -s -f inet6 -p rip6" did not work.  In
   rip6_sysctl_rip6stat() copy out rip6counters, not ip6counters.
   OK deraadt@ claudio@
VersionDeltaFile
1.135+2-2sys/netinet6/raw_ip6.c
+2-21 files

OpenBSD/src wi5lEJ0gnu/llvm/lib/Target/Mips MipsAsmPrinter.cpp

   Restore previous section after setting the MIPS ABI marker. This keeps
   the .text section in use after the file header, improving compatibility
   with gcc. Without this change, module-level inline assembly blocks could
   end up into wrong section.

   OK kettenis@ guenther@

OpenBSD/src pFiEtqFlib/libcrypto/asn1 x_long.c

   Avoid undefined behaviour that results from negating a signed long with
   minimum value.

   Fixes oss-fuzz #14354.

   ok beck@ bcook@ tb@
VersionDeltaFile
1.16+2-2lib/libcrypto/asn1/x_long.c
+2-21 files

OpenBSD/src pqNimAMsys/dev/pci/drm/ttm ttm_memory.c ttm_bo.c

   drm/ttm: Fix bo_global and mem_global kfree error

   From Trigger Huang
   b10cc08374728ea79555a1cd98f962b0f942e942 in linux 4.19.y/4.19.36
   30f33126feca0fe16df9e9302ffc28a953e2eb37 in mainline linux

OpenBSD/src Zdj7Mrdsys/kern vfs_lockf.c, sys/sys lockf.h

   Move lockf structures from header to implementation since external users
   only need a lockf_state pointer by now.

   ok mpi@ visa@
VersionDeltaFile
1.17+3-36sys/sys/lockf.h
1.38+32-2sys/kern/vfs_lockf.c
+35-382 files

OpenBSD/src pS6c17osys/dev/pci/drm/radeon radeon_kms.c

   Adapt radeondrm_detach_kms() to struct drm_device being split from
   drm softc.

   Avoids uvm_fault() when firmware is missing and radeondrm is forcibly
   detached.  Reported by Mihai Popescu on misc@
VersionDeltaFile
1.60+1-1sys/dev/pci/drm/radeon/radeon_kms.c
+1-11 files

OpenBSD/src Fma34tYgnu/usr.bin/clang Makefile.inc

   On powerpc, link with -Wl,-relax as clang is a monster and code exceeds the
   maximum reachability of the PowerPC branch instructions.

   Also override NOPIE_FLAGS to avoid building code with -fno-pie as doing so
   is incompatible with secure-plt when using clang as the compiler.

   ok visa@, guenther@
VersionDeltaFile
1.14+10-1gnu/usr.bin/clang/Makefile.inc
+10-11 files

OpenBSD/src vyAjyKWusr.sbin/pkg_add pkg_add.1

   strongly hint at pkg_info -z   to clone installations from machine to machine
VersionDeltaFile
1.158+4-8usr.sbin/pkg_add/pkg_add.1
+4-81 files

OpenBSD/src sPfVIFZregress/sys/kern/realpath realpath3.c realpathtest.c

   Start a realpath(2) regress test, currently not enabled.

   This will extend as I add more cases to it. It will come
   into use once an in-kernel version of realpath(2) becomes
   a real thing

OpenBSD/src FsxtAhclib/libcrypto/evp digest.c

   Allocate md_data with calloc to avoid use of uninitialised memory.

   Found by Guido Vranken when fuzzing and trying to use GOST with HMAC.

   Fix confirmed by Guido; ok tb@
VersionDeltaFile
1.31+6-6lib/libcrypto/evp/digest.c
+6-61 files

OpenBSD/src LB4AgXJlib/libcrypto/objects obj_mac.num

   Allocate fixed NIDs for SM3/SM4.
VersionDeltaFile
1.18+12-0lib/libcrypto/objects/obj_mac.num
+12-01 files

OpenBSD/src fTdGpdhsys/kern vfs_lockf.c vfs_subr.c, sys/sys lockf.h

   Add a subsystem lock for vfs_lockf.c. This enables calling lf_advlock()
   and lf_purgelocks() without the kernel lock.

   OK anton@ mpi@
VersionDeltaFile
1.37+76-34sys/kern/vfs_lockf.c
1.288+2-2sys/kern/vfs_subr.c
1.16+2-2sys/sys/lockf.h
+80-383 files

OpenBSD/src irYTP1Ilib/csu/mips64 md_init.h, sys/arch/mips64/include profile.h

   Work around a limitation of clang integrated assembler on mips64.
   The assembler does not handle undeclared local symbols properly
   and generates R_MIPS_CALL16 relocations where it should generate
   local GOT references. For now, get along with the problem by
   declaring local symbols where necessary.

   OK kettenis@ guenther@

OpenBSD/src FZU2m77lib/csu Makefile, libexec/ld.so/mips64 Makefile.inc

   Prevent clang from using builtins and jump tables in _dl_boot_bind()
   on mips64. They need relocation and consequently cannot be used
   in that function.

   OK kettenis@

OpenBSD/src 6UbTbBisys/net if_gre.c

   use the common code in if.c to check if txhprio is good.

   no functional change.
VersionDeltaFile
1.147+26-44sys/net/if_gre.c
+26-441 files

OpenBSD/src MfjEvtjsys/net if_mpe.c if_gif.c

   use the factored out txhprio and rxhprio checks

   reduces code duplication and chance for error.

OpenBSD/src Voji89wsys/net if.c if_var.h

   provide factored out txhprio and rxhprio checks

   l2 and l3 drivers do the same thing all the time, so reduce the
   chance of error by doing the checks once and making it available
   for drivers to call instead of rolling on their own again.
VersionDeltaFile
1.578+65-1sys/net/if.c
1.97+6-1sys/net/if_var.h
+71-22 files

OpenBSD/src b39Kh90sys/net if_bpe.c

   add rxprio support

   this is modelled on vlan(4) where the packet prio is put in the bpe
   header in tx, and the bpe header prio is put on the packet in rx.
VersionDeltaFile
1.3+33-1sys/net/if_bpe.c
+33-11 files

OpenBSD/src PXmqEtUsys/net if_etherip.c

   add rxprio support
VersionDeltaFile
1.43+41-5sys/net/if_etherip.c
+41-51 files

OpenBSD/src KSQLelwsys/net if_mpe.c if_mpip.c

   implement rxprio
VersionDeltaFile
1.92+64-4sys/net/if_mpe.c
1.6+63-5sys/net/if_mpip.c
1.52+35-1sys/net/if_mpw.c
+162-103 files

OpenBSD/src L6UqTakusr.bin/ssh ssh-keygen.1

   Document new default RSA key size.  From sebastiaanlokhorst at gmail.com
   via bz#2997.
VersionDeltaFile
1.158+4-4usr.bin/ssh/ssh-keygen.1
+4-41 files

OpenBSD/src CBN7iMysys/net if_gif.c

   allow configuration of rxprio

   ok claudio@
VersionDeltaFile
1.126+49-4sys/net/if_gif.c
+49-41 files

OpenBSD/src eujt1ubsys/net if_vlan.c if_vlan_var.h

   add support for configuring rxprio.

   vlan already used the 802.1p prio in packets to set the mbuf prio.
   this maintains that as the default.

   ok claudio@
VersionDeltaFile
1.184+32-6sys/net/if_vlan.c
1.40+2-1sys/net/if_vlan_var.h
+34-72 files

OpenBSD/src EwHs2xksbin/ifconfig ifconfig.8

   rxprio.
VersionDeltaFile
1.334+20-1sbin/ifconfig/ifconfig.8
+20-11 files

OpenBSD/src Xes3q4Tsbin/ifconfig ifconfig.c

   add support for getting and setting rxprio

   this complements txprio and should finish support for RFC 2983

   ok claudio@
VersionDeltaFile
1.401+69-4sbin/ifconfig/ifconfig.c
+69-41 files

OpenBSD/src cfagr2ssys/net if.c

   only root can change rxprio
VersionDeltaFile
1.577+2-1sys/net/if.c
+2-11 files

OpenBSD/src 44UdJrYsys/sys sockio.h

   add SIOCSRXHPRIO and SIOCGRXHPRIO for configuring rx prio handling

   this is the complement of txprio handling, and helps support RFC 2983.

   ok claudio@
VersionDeltaFile
1.82+4-1sys/sys/sockio.h
+4-11 files

OpenBSD/src qjLvoB8sys/net if.h

   add IF_HDRPRIO_OUTER for rxprio

   IF_HDRPRIO_OUTER says you want the priority from the outer encap header.

   ok claudio@
VersionDeltaFile
1.201+2-1sys/net/if.h
+2-11 files

OpenBSD/src iIX1wGLlib/libc/sys fsync.2

   describe EIO failure state. noted by Maximilian Lorlacks
VersionDeltaFile
1.15+12-2lib/libc/sys/fsync.2
+12-21 files

OpenBSD/src 7MQrYJalib/libevent min_heap.h

   unfold some compound operations to make this easier to follow
VersionDeltaFile
1.4+11-6lib/libevent/min_heap.h
+11-61 files

OpenBSD/src 01Kvb4ysbin/pfctl pfctl_table.c

   Always check for namespace collisions on table commands

   `-t table -T add|replace ...' would only check for duplicate tables in case
   addresses where actually to the table.

   Instead of using a positive number of added addresses as prove for
   successful table operations, rely on the fact that CREATE_TABLE() is
   guaranteed to be called only if pf(4) can be accessed, that is
   warn_duplicate_tables() will return.

   This improves duplicate detection rate as warnings are now also emitted
   even when table commands eventually leave tables unchanged.

   OK benno sashan
VersionDeltaFile
1.81+3-3sbin/pfctl/pfctl_table.c
+3-31 files

OpenBSD/src mMduOZasbin/pfctl parse.y

   Fix table definition parsing as unprivileged user

   revision 1.689 introduced warn_duplicate_tables() unconditionally, breaking
   the parser on tables withs insufficient permissions to open pf(4):

        $ echo 'table <t>' | pfctl -nf-
        pfctl: pfr_get_tables: Bad file descriptor

   So simply check whether pfctl is able to get the table list first.  If not,
   instead of silently avoiding namespace collision checks, print a brief
   notice iff `-v' is given to help finding duplicate definitions by hand:

        $ echo 'table <t>' | ./obj/pfctl -vnf-
        table <t>
        stdin:1: skipping duplicate table checks for <t>

   Reported by Rivo Nurges, thanks!
   OK benno sashan
VersionDeltaFile
1.695+7-2sbin/pfctl/parse.y
+7-21 files

OpenBSD/src QHJvHTmregress/usr.bin/ssh cfgmatch.sh

   Add tests for sshd -T -C with Match.
VersionDeltaFile
1.12+46-3regress/usr.bin/ssh/cfgmatch.sh
+46-31 files