src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-04-13	Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it	Philip Guenther
	in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB macro can be unifdef'ed as always defined. ok kettenis@ visa@ jsing@
2017-04-12	Inspired by recent dhcrelay changes, bring in stricter CFLAGS!	Kenneth R Westerback

2017-04-12	One 'foo' per function is enough. Rename one to eliminate shadowing.	Kenneth R Westerback

2017-04-12	Add missing function prototypes. Mark kw_cmp() as static like all	Kenneth R Westerback
	its friends.
2017-04-12	The kernel has to slightly different version of SipHash_Final but with	Florian Obser
	the same bug as just fixed in userland: ---------- SipHash_Final() was assuming the digest was 64-bit aligned, resulting in misaligned memory accesses with armv7 ramdisk -Os bsd.rd ping ok florian millert ---------- OK deraadt@
2017-04-12	Use calloc(3) and recallocarray(3) instead of alloc + memset(0).	Theo Buehler
	ok deraadt
2017-04-12	SipHash_Final() was assuming the digest was 64-bit aligned, resulting in	Theo de Raadt
	misaligned memory accesses with armv7 ramdisk -Os bsd.rd ping ok florian millert
2017-04-12	New strstr() implementation from musl libc by Rich Felker. This	Todd C. Miller
	version uses the two-way string matching algorithm and is faster than the old implementation. With this change, ports that check for strstr having linear complexity time strstr will no longer replace the libc strstr with a private version. OK deraadt@ espie@
2017-04-12	Prevent inosused from wrapping when soft updates is enabled while	Todd C. Miller
	scanning the used inode map. The code as written assumes inosused is signed but this is no longer the case. OK deraadt@
2017-04-12	isblank() is ANSI C since C99, no need to provide a replacement.	Todd C. Miller
	OK deraadt@
2017-04-12	bluhm discovered "script < /dev/null" attempts tty operations in violation	Theo de Raadt
	of pledge. We can wrap isatty() around those codepaths. ok bluhm beck
2017-04-12	Add comment what the test does.	Alexander Bluhm

2017-04-12	RTM_PROTO3 messages should not trigger a resolv.conf check.	Kenneth R Westerback

2017-04-12	The pledge sigkill test is an outdated copy of sigabrt. Remove the	Alexander Bluhm
	former and activate the latter. OK semarie@
2017-04-12	Shuffle another function.	Kenneth R Westerback

2017-04-12	Add comment how the test works.	Alexander Bluhm

2017-04-12	explicitly set the ownership on installed include files as well	Jonathan Gray

2017-04-12	Invoke install -d for each directory in the /usr/lib/clang hierarchy	Jonathan Gray
	as they aren't in mtree. Problem with wrong ownership and permission of directories reported by sthen@. ok deraadt@ sthen@ tb@
2017-04-12	Correct a format string	Philip Guenther
	Problem noted by Michael W. Bombardieri (mb(at)ii.net) ok mlarkin@ deraadt@
2017-04-11	- Mention LIBCXX, prompted by espie@.	Stuart Henderson

2017-04-11	- Mention LIBCXX, prompted by espie@.	Stuart Henderson
	- Make it clear that CLANG_ARCHS, GCC3_ARCHS, GCC4_ARCHS refer to the base compiler. Change "Clang 3.9.1" to just "Clang".
2017-04-11	Ensure that the version part of $_url_base is correctly removed by	Robert Peichaer
	using $VNAME (x.y) instead of $VERSION (xy). This fixes the problem that the version part ended up in installurl which is wrong anyway and also confuses pkg_add. Thanks to florian@ and trondd at kagu-tsuchi dot com for reporting this. OK tb@
2017-04-11	sync	Theo de Raadt

2017-04-11	shorten introductory sentence and make deprecation clearer;	Ingo Schwarze
	disgussed with deraadt@
2017-04-11	Add SIOCATMARK to allow pledge("inet") programs to call sockatmark(3).	Alexander Bluhm
	from Matthias Pitzl; OK deraadt@
2017-04-11	Recognize break conditions and enter ddb if ddb.console is set.	Mark Kettenis
	ok visa@, deraadt@
2017-04-11	Partially revert previous mallocarray conversions that contain	David Hill
	constants. The consensus is that if both operands are constant, we don't need mallocarray. Reminded by tedu@ ok deraadt@
2017-04-11	Shuffle route/interface changing functions together into kroute.c. Try to	Kenneth R Westerback
	group related functions in kroute.c together and comment them a bit. No intentional functional change.
2017-04-11	Revert ssl_asn1.c r1.50 - CBB and freezero(3) do not play nicely together.	Joel Sing
	Back this out while we investigate and implement a solution. Found the hard way by sthen@
2017-04-11	document more thoroughly the special status of modules gnu, imake, perl5	Marc Espie
	(for historical reasons) okay aja@
2017-04-11	Fold priv_write_file() into its only remaining user	Kenneth R Westerback
	priv_write_resolv_conf() and move the latter into kroute.c with all its priv_ friends. No intentional functional change.
2017-04-11	Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3).	Reyk Floeter
	In our privsep model, imsg is often used to transport sensitive information between processes. But a process might free an imsg, and reuse the memory for a different thing. iked uses some explicit_bzero() to clean imsg-buffer but doing it in the library with the freezero() is less error-prone and also benefits other daemons. OK deraadt@ jsing@ claudio@
2017-04-11	Revise 'struct fpreg' and dump floating-point register in core dumps. Also	Mark Kettenis
	reset the floating-point register state upon exec. ok guenther@
2017-04-10	Rework -L logic to use the idiom used in handling the leases file.	Kenneth R Westerback
	i.e. open FILE during program set up and use the FILE created for the rest of the program lifetime after dropping privilege and pledge()'ing. No need for passing messages to the priv process. Tweak lease file handling a bit in passing. Monitoring the -L file with external programs like sysutils/entr still works. Looks good to sthen@.
2017-04-10	new X25519(3) manual page;	Ingo Schwarze
	from Dr. Stephen Henson <steve@openssl.org>, OpenSSL commit d218f3c3
2017-04-10	Use freezero() for the internal opaque structures, instead of the current	Joel Sing
	explicit_bzero()/free(). Less code and potentially less overhead.
2017-04-10	Use freezero() for X25519 keys - same result with more readable code.	Joel Sing

2017-04-10	document three additional functions;	Ingo Schwarze
	from Emilia Kasper <emilia at openssl dot org>, OpenSSL commit 4ac139b4
2017-04-10	Rework and significantly extend TLS name verification tests to match	Joel Sing
	changes in libtls.
2017-04-10	Rework name verification code so that a match is indicated via an argument,	Joel Sing
	rather than return codes. More strictly follow RFC 6125, in particular only check the CN if there are no SAN identifiers present in the certificate (per section 6.4.4). Previous behaviour questioned by Daniel Stenberg <daniel at haxx dot se>. ok beck@ jca@
2017-04-10	sync	Theo de Raadt

2017-04-10	freezero() the key block; simpler code and less of it.	Joel Sing

2017-04-10	Use freezero() for i2d_SSL_SESSION() - one line of code instead of three.	Joel Sing
	In this case the memory allocated can also be significant, in which case freezero() will have less overhead than explicit_bzero() (munmap instead of touching all of the memory to write zeros).
2017-04-10	Fix tabs in example code.	Jeremie Courreges-Anglas

2017-04-10	fix some .Xr errors that jmc@ found with mdoclint(1)	Ingo Schwarze

2017-04-10	new manual page SSL_get_server_tmp_key(3)	Ingo Schwarze
	from Matt Caswell <matt@openssl.org>, OpenSSL commit 508fafd8
2017-04-10	Additional SSL_SESSION documentation	Ingo Schwarze
	from Matt Caswell <matt at openssl dot org>, OpenSSL commit b31db505. Improve crosslinking while here.
2017-04-10	slaacdctl -> slaacctl;	Jason McIntyre

2017-04-10	Use __ASSEMBLER__ instead of __LANGUAGE_ASSEMBLY.	Visa Hankala
	The latter is not defined by clang. OK guenther@, kettenis@
2017-04-10	Found another len += snprintf...	Theo de Raadt
	ok mikeb