[odc] Daily src changes for 2004-06-11
ODC
auto at squish.net
Sat Jun 12 08:00:30 BST 2004
OpenBSD src changes summary for 2004-06-11
==========================================
bin/pax bin/ps
regress/lib sbin/isakmpd
sys/arch/hppa/dev sys/arch/i386/i386
sys/arch/i386/include sys/arch/i386/isa
sys/arch/i386/pci sys/kern
sys/net sys/netinet6
sys/sys sys/uvm
usr.bin/systat usr.bin/top
usr.bin/vmstat usr.sbin/afs
usr.sbin/httpd
== bin =============================================================== 01/06 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/bin
pax
~ pat_rep.c
> Fix backref substitution in -s mode. Problem found and fix verified
> by Jared Yanovich. (millert@)
~ pat_rep.c
> Correct the code that identifies bogus regexps; Jared Yanovich (millert@)
ps
~ ps.1
> doc cpuid (deraadt@)
== regress =========================================================== 02/06 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/regress
lib
~ libpthread/Makefile
> remove test that sometimes fails until problem is understood (marc@)
== sbin ============================================================== 03/06 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/sbin
isakmpd
~ ike_phase_1.c ~ ike_quick_mode.c
~ ipsec.c ~ message.c
~ message.h
TAGGED OPENBSD_3_5
> MFC:
> Fix by hshoexer@
> Mark authenticated messages explicitly. Better check for authentication
> before
> deleteing SAs.
> This fix is needed to solve the problems reported by Thomas Walpuski,
> previous
> diff was not sufficient. Pointed out by Thomas. Thanks! (brad@)
~ ike_phase_1.c ~ ike_quick_mode.c
~ ipsec.c ~ message.c
~ message.h
TAGGED OPENBSD_3_4
> MFC:
> Fix by hshoexer@
> Mark authenticated messages explicitly. Better check for authentication
> before
> deleteing SAs.
> This fix is needed to solve the problems reported by Thomas Walpuski,
> previous
> diff was not sufficient. Pointed out by Thomas. Thanks! (brad@)
~ message.c
TAGGED OPENBSD_3_4
> typo in comment (brad@)
== sys =============================================================== 04/06 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/sys
arch/hppa/dev
~ power.c
> better name for power thread (for power users only) (mickey@)
arch/i386/i386
~ cpu.c
TAGGED SMP
> first cut at ncpus++ location; drahn ok (deraadt@)
~ apicvec.s
TAGGED SMP
> increment the uvmexp interrupt counter in the MP interrupt handler.
> (drahn@)
~ apm.c
TAGGED SMP
> if multiple cpus, disconnect apm (deraadt@)
arch/i386/include
~ mpbiosvar.h
TAGGED SMP
> Add mp_eisa_bus extern declaration. (grange@)
arch/i386/isa
~ isa_machdep.c
TAGGED SMP
> In isa_intr_establish() search for eisa mp mappings too; from netbsd.
> Ok niklas@ deraadt at .range@)
arch/i386/pci
~ pci_machdep.c
TAGGED SMP
> In pci_intr_map() search for eisa mp mappings too; from netbsd.
> Tested by pb@, ok deraadt at .range@)
kern
~ kern_sysctl.c
TAGGED SMP
> For MULTIPROCESSOR, sum the individual cpu's cp_time into the global
> cpu_time. (drahn@)
~ kern_exec.c
TAGGED SMP
> vm->vm_minsaddr was uninitialized (nothing realy uses it anyway) (mickey@)
net
~ pf_table.c
> Eliminate a dereference after pool_put when an inactive/no-longer
> referenced
> table is destroyed in pfr_setflags_ktable.
> Fix from Chris Pascoe (mcbride@)
netinet6
~ in6.h ~ ip6_output.c
~ raw_ip6.c ~ udp6_output.c
> support IPV6_USE_MIN_MTU, which is needed to run BIND9 well. from kame
> markus ok (itojun@)
~ in6.h ~ ip6_output.c
~ raw_ip6.c ~ udp6_output.c
> back out tree breakage. Like, come on (deraadt@)
sys
~ sysctl.h
> export cpuid via kproc2, and make ps & top aware
> Modified files:
> usr.bin/top : machine.c
> bin/ps : keyword.c
> Log message:
> export cpuid via kproc2, and make ps & top aware... from niklas (deraadt@)
uvm
~ uvm_meter.c
TAGGED SMP
> ONPROC processes count as runable in t_rq as well. (drahn@)
~ uvm_meter.c
TAGGED SMP
> Treat SONPROC as runnable for nrun (uptime) too. pointed out by millert@
> (drahn@)
== usr.bin =========================================================== 05/06 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin
systat
~ vmstat.c
> on i386 machines, attempt to peek inside apic_intrhand[] as well, so that
> MP machines get interrupt counters. will be replaced by a MI subsystem
> one day. most code from drahn, few final bugs fixed by me (deraadt@)
~ vmstat.c
> oops (deraadt@)
~ vmstat.c
> divide etime by ncpu (deraadt@)
top
~ machine.c
> hide top breakage, until the next commit which will do it right (deraadt@)
~ machine.c
> only print /# if > 1 cpu on a machine (deraadt@)
~ machine.c
> handle the KI_NOCPU case, pointed out by markus (deraadt@)
vmstat
~ vmstat.c
> on i386 machines, attempt to peek inside apic_intrhand[] as well, so that
> MP machines get interrupt counters. will be replaced by a MI subsystem
> one day. most code from drahn, few final bugs fixed by me (deraadt@)
~ vmstat.c
> div etime by ncpu (deraadt@)
== usr.sbin ========================================================== 06/06 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin
afs
~ src/lwp/lwp_asm.c ~ src/lwp/lwp_asm.h
> Better stack usage on m88k for lwp. (miod@)
httpd
~ src/modules/proxy/proxy_http.c
TAGGED OPENBSD_3_5
> MFC:
> Fix by henning@
> SECURITY: CAN-2004-0492 (cve.mitre.org)
> Reject responses from a remote server if sent an invalid (negative)
> Content-Length. [Mark Cox] (brad@)
~ src/modules/proxy/proxy_http.c
TAGGED OPENBSD_3_4
> MFC:
> Fix by henning@
> SECURITY: CAN-2004-0492 (cve.mitre.org)
> Reject responses from a remote server if sent an invalid (negative)
> Content-Length. [Mark Cox] (brad@)
~ src/modules/ssl/ssl_engine_rand.c
TAGGED OPENBSD_3_5
> MFC:
> Fix by otto@
> Use arc4random(3) to compute random numbers, instead of using rand()
> to produce a double, snprintf()ing that into a buffer and then
> converting the string to an int with atoi(). (brad@)
~ src/modules/ssl/mod_ssl.h ~ src/modules/ssl/ssl_engine_kernel.c
~ src/modules/ssl/ssl_util.c
TAGGED OPENBSD_3_5
> MFC:
> Fix by henning@
> get changes from mod_ssl 2.8.18:
> *) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
> if the Subject-DN in the client certificate exceeds 6KB in length.
> (CVE CAN-2004-0488).
> *) Handle the case of OpenSSL retry requests after interrupted system
> calls during the SSL handshake phase.
> *) Remove some unused functions.
> ok henning@ (brad@)
~ src/modules/ssl/ssl_engine_rand.c
TAGGED OPENBSD_3_4
> MFC:
> Fix by otto@
> Use arc4random(3) to compute random numbers, instead of using rand()
> to produce a double, snprintf()ing that into a buffer and then
> converting the string to an int with atoi(). (brad@)
~ src/modules/ssl/mod_ssl.h ~ src/modules/ssl/ssl_engine_kernel.c
~ src/modules/ssl/ssl_util.c
TAGGED OPENBSD_3_4
> MFC:
> Fix by henning@
> get changes from mod_ssl 2.8.18:
> *) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
> if the Subject-DN in the client certificate exceeds 6KB in length.
> (CVE CAN-2004-0488).
> *) Handle the case of OpenSSL retry requests after interrupted system
> calls during the SSL handshake phase.
> *) Remove some unused functions.
> ok henning@ (brad@)
===============================================================================
More information about the odc
mailing list