[odc] Daily src changes for 2004-06-11

ODC auto at squish.net
Sat Jun 12 08:00:30 BST 2004


OpenBSD src changes summary for 2004-06-11
==========================================

bin/pax                                 bin/ps
regress/lib                             sbin/isakmpd
sys/arch/hppa/dev                       sys/arch/i386/i386
sys/arch/i386/include                   sys/arch/i386/isa
sys/arch/i386/pci                       sys/kern
sys/net                                 sys/netinet6
sys/sys                                 sys/uvm
usr.bin/systat                          usr.bin/top
usr.bin/vmstat                          usr.sbin/afs
usr.sbin/httpd                          

== bin =============================================================== 01/06 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/bin

pax

  ~ pat_rep.c                             

  > Fix backref substitution in -s mode.  Problem found and fix verified
  > by Jared Yanovich. (millert@)

  ~ pat_rep.c                             

  > Correct the code that identifies bogus regexps; Jared Yanovich (millert@)

ps

  ~ ps.1                                  

  > doc cpuid (deraadt@)

== regress =========================================================== 02/06 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/regress

lib

  ~ libpthread/Makefile                   

  > remove test that sometimes fails until problem is understood (marc@)

== sbin ============================================================== 03/06 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/sbin

isakmpd

  ~ ike_phase_1.c                         ~ ike_quick_mode.c
  ~ ipsec.c                               ~ message.c
  ~ message.h                             

  TAGGED OPENBSD_3_5
  > MFC:
  > Fix by hshoexer@
  > Mark authenticated messages explicitly.  Better check for authentication
  > before
  > deleteing SAs.
  > This fix is needed to solve the problems reported by Thomas Walpuski,
  > previous
  > diff was not sufficient.  Pointed out by Thomas.  Thanks! (brad@)

  ~ ike_phase_1.c                         ~ ike_quick_mode.c
  ~ ipsec.c                               ~ message.c
  ~ message.h                             

  TAGGED OPENBSD_3_4
  > MFC:
  > Fix by hshoexer@
  > Mark authenticated messages explicitly.  Better check for authentication
  > before
  > deleteing SAs.
  > This fix is needed to solve the problems reported by Thomas Walpuski,
  > previous
  > diff was not sufficient.  Pointed out by Thomas.  Thanks! (brad@)

  ~ message.c                             

  TAGGED OPENBSD_3_4
  > typo in comment (brad@)

== sys =============================================================== 04/06 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/sys

arch/hppa/dev

  ~ power.c                               

  > better name for power thread (for power users only) (mickey@)

arch/i386/i386

  ~ cpu.c                                 

  TAGGED SMP
  > first cut at ncpus++ location; drahn ok (deraadt@)

  ~ apicvec.s                             

  TAGGED SMP
  > increment the uvmexp interrupt counter in the MP interrupt handler.
  > (drahn@)

  ~ apm.c                                 

  TAGGED SMP
  > if multiple cpus, disconnect apm (deraadt@)

arch/i386/include

  ~ mpbiosvar.h                           

  TAGGED SMP
  > Add mp_eisa_bus extern declaration. (grange@)

arch/i386/isa

  ~ isa_machdep.c                         

  TAGGED SMP
  > In isa_intr_establish() search for eisa mp mappings too; from netbsd.
  > Ok niklas@ deraadt at .range@)

arch/i386/pci

  ~ pci_machdep.c                         

  TAGGED SMP
  > In pci_intr_map() search for eisa mp mappings too; from netbsd.
  > Tested by pb@, ok deraadt at .range@)

kern

  ~ kern_sysctl.c                         

  TAGGED SMP
  > For MULTIPROCESSOR, sum the individual cpu's cp_time into the global
  > cpu_time. (drahn@)

  ~ kern_exec.c                           

  TAGGED SMP
  > vm->vm_minsaddr  was uninitialized (nothing realy uses it anyway) (mickey@)

net

  ~ pf_table.c                            

  > Eliminate a dereference after pool_put when an inactive/no-longer
  > referenced
  > table is destroyed in pfr_setflags_ktable.
  > Fix from Chris Pascoe (mcbride@)

netinet6

  ~ in6.h                                 ~ ip6_output.c
  ~ raw_ip6.c                             ~ udp6_output.c

  > support IPV6_USE_MIN_MTU, which is needed to run BIND9 well.  from kame
  > markus ok (itojun@)

  ~ in6.h                                 ~ ip6_output.c
  ~ raw_ip6.c                             ~ udp6_output.c

  > back out tree breakage.  Like, come on (deraadt@)

sys

  ~ sysctl.h                              

  > export cpuid via kproc2, and make ps & top aware
  > Modified files:
  >	    usr.bin/top    : machine.c 
  >	    bin/ps	   : keyword.c 
  > Log message:
  > export cpuid via kproc2, and make ps & top aware... from niklas (deraadt@)

uvm

  ~ uvm_meter.c                           

  TAGGED SMP
  > ONPROC processes count as runable in t_rq as well. (drahn@)

  ~ uvm_meter.c                           

  TAGGED SMP
  > Treat SONPROC as runnable for nrun (uptime) too. pointed out by millert@
  > (drahn@)

== usr.bin =========================================================== 05/06 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin

systat

  ~ vmstat.c                              

  > on i386 machines, attempt to peek inside apic_intrhand[] as well, so that
  > MP machines get interrupt counters.  will be replaced by a MI subsystem
  > one day.  most code from drahn, few final bugs fixed by me (deraadt@)

  ~ vmstat.c                              

  > oops (deraadt@)

  ~ vmstat.c                              

  > divide etime by ncpu (deraadt@)

top

  ~ machine.c                             

  > hide top breakage, until the next commit which will do it right (deraadt@)

  ~ machine.c                             

  > only print /# if > 1 cpu on a machine (deraadt@)

  ~ machine.c                             

  > handle the KI_NOCPU case, pointed out by markus (deraadt@)

vmstat

  ~ vmstat.c                              

  > on i386 machines, attempt to peek inside apic_intrhand[] as well, so that
  > MP machines get interrupt counters.  will be replaced by a MI subsystem
  > one day.  most code from drahn, few final bugs fixed by me (deraadt@)

  ~ vmstat.c                              

  > div etime by ncpu (deraadt@)

== usr.sbin ========================================================== 06/06 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin

afs

  ~ src/lwp/lwp_asm.c                     ~ src/lwp/lwp_asm.h

  > Better stack usage on m88k for lwp. (miod@)

httpd

  ~ src/modules/proxy/proxy_http.c        

  TAGGED OPENBSD_3_5
  > MFC:
  > Fix by henning@
  > SECURITY: CAN-2004-0492 (cve.mitre.org)
  > Reject responses from a remote server if sent an invalid (negative)
  > Content-Length.  [Mark Cox] (brad@)

  ~ src/modules/proxy/proxy_http.c        

  TAGGED OPENBSD_3_4
  > MFC:
  > Fix by henning@
  > SECURITY: CAN-2004-0492 (cve.mitre.org)
  > Reject responses from a remote server if sent an invalid (negative)
  > Content-Length.  [Mark Cox] (brad@)

  ~ src/modules/ssl/ssl_engine_rand.c     

  TAGGED OPENBSD_3_5
  > MFC:
  > Fix by otto@
  > Use arc4random(3) to compute random numbers, instead of using rand()
  > to produce a double, snprintf()ing that into a buffer and then
  > converting the string to an int with atoi(). (brad@)

  ~ src/modules/ssl/mod_ssl.h             ~ src/modules/ssl/ssl_engine_kernel.c
  ~ src/modules/ssl/ssl_util.c            

  TAGGED OPENBSD_3_5
  > MFC:
  > Fix by henning@
  > get changes from mod_ssl 2.8.18:
  > *) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
  > if the Subject-DN in the client certificate exceeds 6KB in length.
  > (CVE CAN-2004-0488).
  > *) Handle the case of OpenSSL retry requests after interrupted system
  > calls during the SSL handshake phase.
  > *) Remove some unused functions.
  > ok henning@ (brad@)

  ~ src/modules/ssl/ssl_engine_rand.c     

  TAGGED OPENBSD_3_4
  > MFC:
  > Fix by otto@
  > Use arc4random(3) to compute random numbers, instead of using rand()
  > to produce a double, snprintf()ing that into a buffer and then
  > converting the string to an int with atoi(). (brad@)

  ~ src/modules/ssl/mod_ssl.h             ~ src/modules/ssl/ssl_engine_kernel.c
  ~ src/modules/ssl/ssl_util.c            

  TAGGED OPENBSD_3_4
  > MFC:
  > Fix by henning@
  > get changes from mod_ssl 2.8.18:
  > *) Fix buffer overflow in "SSLOptions +FakeBasicAuth" implementation
  > if the Subject-DN in the client certificate exceeds 6KB in length.
  > (CVE CAN-2004-0488).
  > *) Handle the case of OpenSSL retry requests after interrupted system
  > calls during the SSL handshake phase.
  > *) Remove some unused functions.
  > ok henning@ (brad@)

===============================================================================



More information about the odc mailing list