OpenBSD/src JS23pETetc/mtree special

   etc/mtree/special: drop resolv.conf.tail line

   i think we lost support for this file when we moved to dhcpleased.
VersionDeltaFile
1.130+1-2etc/mtree/special
+1-21 files

OpenBSD/src TRDqxU7etc moduli, usr.bin/ssh/moduli-gen moduli.2048 moduli.3072

   Import regenerate moduli.
VersionDeltaFile
1.30+1,180-57usr.bin/ssh/moduli-gen/moduli.2048
1.41+584-425etc/moduli
1.30+521-73usr.bin/ssh/moduli-gen/moduli.3072
1.30+309-70usr.bin/ssh/moduli-gen/moduli.4096
1.30+225-80usr.bin/ssh/moduli-gen/moduli.6144
1.29+106-68usr.bin/ssh/moduli-gen/moduli.7680
+2,925-7731 files not shown
+3,009-8507 files

OpenBSD/src S77WNxKsys/dev/pci if_ixl.c

   Revert rev 1.109:
   |    ixl/ice(4): use 128 segments for DMA maps of TSO packets
   |
   |    This avoids unnecessary m_defrag() calls and gain some performance.
   |
   |    with tweaks for kettenis and bluhm
   |
   |    ok kettenis, bluhm

   This seems to cause oactive stalls and ixl is too common to have it broken
   like this. I prefer unnecessary m_defrag() calls over hanging interfaces.
VersionDeltaFile
1.110+9-27sys/dev/pci/if_ixl.c
+9-271 files

OpenBSD/src gjk4EAyusr.bin/nc netcat.c

   use strtonum() instead of atoi(), and error out for bad numbers
   This generates a host-order number, so the ntohs() for getservbyport()
   was wrong, that should always have been htons().  The transform is
   the same, but misleading.
   ok tb
VersionDeltaFile
1.235+7-2usr.bin/nc/netcat.c
+7-21 files

OpenBSD/src aiM1kc2share/man/man4 dt.4

   mdoc fixes.  FA -> Fa, remove extra El.
VersionDeltaFile
1.9+3-4share/man/man4/dt.4
+3-41 files

OpenBSD/src V5DtObjlib/libcrypto/x509 x509_vpm.c, regress/lib/libssl/unit ssl_verify_param.c

   const correct X509_VERIFY_PARAM_get_hostflags()

   This is currently an internal helper only used by a regress test.
   We'll have to expose in the public API for Python 3.14:

   https://github.com/libressl/portable/issues/1202
VersionDeltaFile
1.57+2-2lib/libcrypto/x509/x509_vpm.c
1.2+2-2regress/lib/libssl/unit/ssl_verify_param.c
+4-42 files

OpenBSD/src uCcXsfssys/dev/acpi amdpmc.c

   Add SMU support to amdpmc(4).  The SMU is a microcontroller buried deep
   in the bowels of AMD SoCs and needs to be tickled in order to reach the
   lowest power states in suspend.  It also provides some information on
   whether we actually reached those lower states.

   On most machines we will need to tell the USB4 controllers to go to sleep
   to reach these states.  So it is likely that we won't reach S0i3 yet on
   those machines.

   ok mlarkin@, deraadt@
VersionDeltaFile
1.2+282-1sys/dev/acpi/amdpmc.c
+282-11 files

OpenBSD/src zKJgQAysys/dev/pci if_ice.c

   Disable ICE_DBG_TRACE in the default ice_debug value. It is way to noisy
   and adds little real value.
   OK stsp@
VersionDeltaFile
1.63+2-2sys/dev/pci/if_ice.c
+2-21 files

OpenBSD/src dpItdCFsys/dev/pci if_ice.c

   Fix various errors on big-endian systems. With this ice(4) works on sparc64.

   In ice_copy_rxq_ctx_to_hw() the buffer passed in is already in little
   endian and so one needs to call bus_space_write_raw_4(). Wrap that into
   ICE_WRITE_RAW() to be consistent.

   In ice_txeof() the calculation of dtype was all messed up. The 64bit
   descriptor word cmd_type_offset_bsz needs to be converted to host byte
   order and then all the masking and shifting can happen. Also there is
   no need to byte swap ICE_TX_DESC_DTYPE_DESC_DONE since dtype is already
   in host byte order.

   On code inspection another unneeded byte swap was found in
   ice_tx_setup_offload(). The vlan tag needs to be shifted into position
   unswapped and the full word is swapped at the end.

   OK stsp@
VersionDeltaFile
1.62+12-7sys/dev/pci/if_ice.c
+12-71 files

OpenBSD/src Zx6Ynpklib/libcrypto/x509 x509cset.c x509_local.h

   Remove unused sequence member from x509_revoked_st

   To allow binary search for looking up if a cert was revoked in a CRL,
   the list of revoked serial numbers is sorted in crl_lookup(). On the
   other hand, to be able to output the DER that was actually signed by
   the issuer, the original order needs to be remembered.

   Before the encoding was cached, there was a mechanism that would restore
   the original order on serialization using the .sequence member. This was
   done without a lock and was thus racy (hilarity would ensue if one thread
   performed a CRL lookup while another thread serialized the same CRL). When
   the racy mechanism was removed in 2004, the only reader of .sequence,
   X509_REVOKED_seq_cmp(), was also removed, and this piece of dead code was
   left behind. Garbage collect it.

   ok kenjiro
VersionDeltaFile
1.23+1-9lib/libcrypto/x509/x509cset.c
1.39+1-2lib/libcrypto/x509/x509_local.h
+2-112 files

OpenBSD/src 61T041Uregress/usr.bin/ssh sftp-cmds.sh

   clean up more thoroughly between tests
VersionDeltaFile
1.22+10-10regress/usr.bin/ssh/sftp-cmds.sh
+10-101 files

OpenBSD/src M2wCGlGregress/usr.bin/ssh sftp-cmds.sh

   simplify
VersionDeltaFile
1.21+59-63regress/usr.bin/ssh/sftp-cmds.sh
+59-631 files

OpenBSD/src Zmd3nLPusr.bin/ssh ssh-keygen.c

   don't abuse SSHKEY_FLAG_EXT to signal that a key is in the
   agent, as that triggers special handling on sshkey_free()
VersionDeltaFile
1.486+9-7usr.bin/ssh/ssh-keygen.c
+9-71 files

OpenBSD/src xpT2Rtnusr.bin/ssh ssh-pkcs11.c

   downgrade a useless error() -> debug()
VersionDeltaFile
1.74+3-3usr.bin/ssh/ssh-pkcs11.c
+3-31 files

OpenBSD/src FT7YzhLsys/arch/riscv64/dev stfclock.c

   Improve JH7110 support:
   - Round to the nearest achievable clock rate instead of rounding down.
   - Make sure we don't set a divider to zero.
   - Fully initialize PLL0 when setting its rate.
   - Bump PLL0 rate regardless of what the firmware configures it to.

   This avoids issues with firmware based on upstream U-Boot.

   ok jca@
VersionDeltaFile
1.15+37-23sys/arch/riscv64/dev/stfclock.c
+37-231 files

OpenBSD/src QPu6ZO8usr.sbin/rpki-client ccr.c rpki-asn1.h

   Clarify CCR file format: the payload is encapsulated inside an OCTET STRING

   Brought up by William McCall

   This is a mechanical change.

   discussed with / OK tb@
VersionDeltaFile
1.21+17-21usr.sbin/rpki-client/ccr.c
1.8+4-4usr.sbin/rpki-client/rpki-asn1.h
+21-252 files

OpenBSD/src qxRDOeGsys/dev/fdt rkrng.c

   Add RK3588 support.

   ok dlg@
VersionDeltaFile
1.8+86-2sys/dev/fdt/rkrng.c
+86-21 files

OpenBSD/src kTuPjnIsys/arch/sparc64/dev viommu.c

   Avoid segments greater than maxsegsz during map merging
   Apply the same fix as done in iommu.c rev 1.83

   OK jan@ kettenis@
VersionDeltaFile
1.23+3-2sys/arch/sparc64/dev/viommu.c
+3-21 files

OpenBSD/src axYHipwsys/dev/pci if_ice.c

   Implement SIOCGIFRXR in ice(4) so that systat mbuf shows the queues.
   OK stsp@
VersionDeltaFile
1.61+35-1sys/dev/pci/if_ice.c
+35-11 files

OpenBSD/src wKB6oRMsys/arch/arm64/conf GENERIC RAMDISK

   Enable ice(4) on arm64. Works out of the box.
   OK kettenis@ deraadt@ jca@
VersionDeltaFile
1.308+2-1sys/arch/arm64/conf/GENERIC
1.235+2-1sys/arch/arm64/conf/RAMDISK
+4-22 files

OpenBSD/src bdsiTVDusr.bin/ssh monitor_wrap.c

   silence "mm_log_handler: write: Broken pipe" logspam
VersionDeltaFile
1.143+7-2usr.bin/ssh/monitor_wrap.c
+7-21 files

OpenBSD/src PMgu2Eesys/conf GENERIC

   re-enable POOL_DEBUG
   ok deraadt@
VersionDeltaFile
1.304+2-2sys/conf/GENERIC
+2-21 files

OpenBSD/src leoGmLGsys/conf newvers.sh

   7.8-current
   ok deraadt@
VersionDeltaFile
1.213+3-3sys/conf/newvers.sh
+3-31 files

OpenBSD/src UxQ0TCGusr.bin/ssh sftp.c

   When tab-completing a filename, ensure that the completed string
   does not end up mid-way through a multibyte character, as this
   will cause a fatal() later on.

   based on GHPR#587 from @TaoistBrickscarrier; feedback tb@ kevlo@
   ok dtucker@
VersionDeltaFile
1.246+35-19usr.bin/ssh/sftp.c
+35-191 files

OpenBSD/src MlQwe7yusr.bin/ssh ssh-pkcs11.c

   fix crash at exit (visible via ssh-keygen -D) when multiple keys
   loaded. ok markus deraadt dtucker
VersionDeltaFile
1.73+4-2usr.bin/ssh/ssh-pkcs11.c
+4-21 files

OpenBSD/src SSUgn86sys/net80211 ieee80211_node.c

   Fix association to access points which have all 802.11b rates disabled.

   When I replaced ieee80211_iserp_sta() with a check for the extended
   rates information element I wrongly assumed that this information
   element would always be present if 11g is supported. However, the
   xrates IE only appears in 11b/g mixed mode. APs which have 802.11b
   rates completely disabled can announce all rates via the regular
   rates IE and never send the xrates IE.

   Ensure that we recognize such APs as 11g-capable regardless of the
   missing xrates IE. Otherwise assocation can fail due to a mismatch
   of basic rates.

   Problem reported by landry@

   ok phessler@ sthen@
VersionDeltaFile
1.204+28-4sys/net80211/ieee80211_node.c
+28-41 files

OpenBSD/src f1QBmRJusr.bin/ssh version.h

   openssh-10.2

   The only change since 10.1 is the channels.c fix
VersionDeltaFile
1.107+2-2usr.bin/ssh/version.h
+2-21 files

OpenBSD/src wg9cDdbsys/net if_rport.c

   use multiple txqs to spread traffic handling over softnet threads.
VersionDeltaFile
1.5+14-1sys/net/if_rport.c
+14-11 files

OpenBSD/src wt8efHhsys/net if_rport.c

   implement "checksum offload" between rport pairs.

   this allows the kernel to skip ip/tcp/udp checksum calculation for
   packets between rdomains.

   rport interfaces advertise checksum offload capabilities to the
   stack, so the stack will set CSUM_OUT mbuf flags rather than do the
   checksum calculation for packets being transmitted on an port
   interface. when these packets are sent back into the stack by the
   partner rport interface, the CSUM_OUT flags get mapped to equivalent
   CSUM_IN_OK flags. this is modelled on how lo(4) does the same thing.
VersionDeltaFile
1.4+17-1sys/net/if_rport.c
+17-11 files

OpenBSD/src l0b4kzqsys/dev/pci if_ice.c

   ice(4): print no. of queues during attach

   ok bluhm@, stsp@
VersionDeltaFile
1.60+5-4sys/dev/pci/if_ice.c
+5-41 files