src - OpenBSD base system

Age	Commit message (Collapse)	Author
2020-01-07	We are not windows. Minus 500 lines.	Florian Obser
	OK millert
2020-01-07	Remove thread support. Minus 4k lines.	Florian Obser
	OK millert
2020-01-07	We are never going to use GeoIP support. Minus 1.8k lines.	Florian Obser
	OK millert
2020-01-07	If the client provides a TLS certificate and the user specifies a	Alexander Bluhm
	hash value on the nc(1) server command line, the netcat server must use the TLS context of the accepted socket for verification. As the listening socket was used instead, the verification was always successful. If the peer provides a certificate, there must be a hash. Make the hash verification fail safe. OK tb@
2020-01-07	Add netcat tests with TLS client certificate.	Alexander Bluhm

2020-01-07	Link ESP-SA and IPcomp-SA using GRPSPIS instead of using a self-built	tobhe
	solution for multi-SA flows. As a result we only need a single outgoing IPCOMP flow and can get rid of the two extra transport mode flows for ESP. ok bluhm@
2020-01-07	zap trailing whitespace;	Jason McIntyre

2020-01-07	Clarify that zero matches are not an error.	Vadim Zhukov
	input & okay schwarze@
2020-01-06	Add regression tests for netcat. Currently netcat server and client	Alexander Bluhm
	get started and connect with each other. The protocols TCP, TLS, UDP, and UNIX domain stream and datagram sockets are covered.
2020-01-07	Improve the description of -m/-M/MANPATH/man.conf in multiple respects	Ingo Schwarze
	after kn@ reported that the descriptions were incomplete and somewhat inaccurate. OK jmc@ kn@
2020-01-07	ZYD_INTR_TIMEOUT is expressed in msecs not in ticks, fixes that by calling	Martin Pieuchot
	tsleep_nsec(9). Tested by and ok stsp@
2020-01-06	Link nc regress to build.	Alexander Bluhm

2020-01-06	Add regression tests for netcat. Currently netcat server and client	Alexander Bluhm
	get started and connect with each other. The protocols TCP, TLS, UDP, and UNIX domain stream and datagram sockets are covered.
2020-01-06	Implement scrolling in top(1) using 9 and 0 keys.	Vadim Zhukov
	Planned improvements: scroll position displaying, using arrow/pgup/pgdown keys. okay tedu@
2020-01-06	Add "-n" to EXAMPLES in crontab(5)'s man page	job
	OK Ingo Schwarze
2020-01-06	The unveil(2) for nc -U -u -l was wrong. The server cannot unveil	Alexander Bluhm
	the file system as it has to connect to the UNIX domain client socket. The path of the latter is determined dynamically. Instead add a restrictive pledge(2) after connect(2). OK tb@
2020-01-06	Remove redundant BPIALL instructions (since ICIALLU already invalidates the	Mark Kettenis
	BP cache if necessary). ok patrick@
2020-01-06	delete ridiculous DIAGNOSTICS section that goes without saying	Ingo Schwarze

2020-01-06	configure args fixes;	Stuart Henderson
	--disable-idn should be --without-idn --disable-openssl-version-check was a for some old versions of OpenSSL with security bugs and was removed some time ago fixes "Unrecognized options" that florian@ noticed was displayed by configure.
2020-01-06	We don't need libbind9 if we remove a thick wrapper around getaddrinfo	Florian Obser
	and move the remaining bits to dighost.c. Minus 4k lines. OK sthen
2020-01-06	we are not using libisccc	Florian Obser
	OK sthen
2020-01-06	We only need the config parser from liblwres.	Florian Obser
	This pulls out the config object (lwres_conf_t) from the context (lwres_context_t), switches to libc functions (lwres_net_ntop vs inet_ntop etc ) and removes a lwres_ prefix from number types (lwres_uint8_t vs uint8_t etc). With that we can nearly empty out lib/lwres and lose about 20k lines in the process. OK sthen
2020-01-06	We are not using libirs.	Florian Obser
	OK sthen
2020-01-06	Rewrite the armv7 context switch code. The new code is much closer to the	Mark Kettenis
	arm64 version and fixes some (but not all) remaining issues with SMP support on armv7. ok visa@, patrick@
2020-01-06	Missed one s -> S in locking comment. Noticed by visa@	Claudio Jeker

2020-01-06	Use a capital S for refer to the sigio_lock since it is a global lock.	Claudio Jeker
	OK visa@
2020-01-06	When using UNIX domain sockets, always call report_sock() with the	Alexander Bluhm
	path name of the socket. This avoids bad errors from getnameinfo(3). Use the same error check for both calls to getnameinfo(3). OK millert@ tb@
2020-01-06	document the defaults for several query options;	Ingo Schwarze
	OK jmc@
2020-01-06	make it more explicit that filters are unique processes	Gilles Chehade

2020-01-06	Print a few more registers when we hit a uvm_fault in the kernel.	Mark Kettenis

2020-01-06	Allow ipmi(4) to attach using mmio. Use the IPMI revision provided by the	Mark Kettenis
	_SRV method if present. tested by sthen@ ok jmatthew@
2020-01-06	do not allow passing options to smtpctl encrypt	Gilles Chehade

2020-01-06	provide a better error message for invalid smtpctl commands	Gilles Chehade

2020-01-06	Use type M_KEVENT instead of M_TEMP when allocating kqueue-related	Visa Hankala
	data buffers. OK bluhm@, mpi@, anton@
2020-01-06	Make kqlist part of filedesc and serialize access to it using fdplock.	Visa Hankala
	This choice of locking is guided by knote_fdclose(). OK mpi@, anton@
2020-01-06	put the fido options in a list, and tidy up the text a little;	Jason McIntyre
	ok djm
2020-01-06	missing else in check_enroll_options()	Damien Miller

2020-01-06	fix error message	Damien Miller

2020-01-06	adapt sk-dummy to SK API changes	Damien Miller
	also, make it pull prototypes directly from sk-api.c and #error if the expected version changes. This will make any future regress test breakage because of SK API changes much more apparent
2020-01-06	Extends the SK API to accept a set of key/value options for all	Damien Miller
	operations. These are intended to future-proof the API a little by making it easier to specify additional fields for without having to change the API version for each. At present, only two options are defined: one to explicitly specify the device for an operation (rather than accepting the middleware's autoselection) and another to specify the FIDO2 username that may be used when generating a resident key. These new options may be invoked at key generation time via ssh-keygen -O This also implements a suggestion from Markus to avoid "int" in favour of uint32_t for the algorithm argument in the API, to make implementation of ssh-sk-client/helper a little easier. feedback, fixes and ok markus@
2020-01-05	Common function to free key bindings.	Nicholas Marriott

2020-01-05	Zero initialize cpus and memory variables up front	kn

2020-01-05	Convert to tsleep_nsec(9).	Martin Pieuchot
	ok mglocker@
2020-01-05	fix CanonicalizeHostname, broken by rev 1.507	Bob Beck
	Issue noticed and reported by Pierre-Olivier Martel <pom@apple.com> ok dtucker@ markus@ djm@
2020-01-05	In his original writeup, espie@ had the terse parenthetical remark	Ingo Schwarze
	"(yes/no answer instead of full list)" regarding how to use wantarray(). Flesh this out with an example and a bit of explanation to reduce the risk of misunderstandings and misuse. Discussed with espie@.
2020-01-05	Constify instances of struct fileops.	Visa Hankala
	OK anton@, mpi@, bluhm@
2020-01-05	regen	Jonathan Gray

2020-01-05	remove incorrectly formatted IBM entries	Jonathan Gray
	they were added alongside a bunch of other devices in NetBSD rev 1.25
2020-01-05	Send errors to stdout in control mode so they don't get reordered with	Nicholas Marriott
	other output, reported by George Nachman in GitHub issue 2048.
2020-01-05	regen	Jonathan Gray