[odc] Daily src changes for 2008-05-07

ODC auto at squish.net
Thu May 8 07:00:01 BST 2008


OpenBSD src changes summary for 2008-05-07
==========================================

distrib/sets                            etc/rc
etc/rc.conf                             etc/services
lib/libc                                lib/libssl
libexec/spamd                           regress/sbin
sbin                                    sbin/ifconfig
sbin/pfctl                              sbin/ping
sbin/route                              sbin/routed
share/man                               sys/arch/i386/conf
sys/arch/i386/i386                      sys/arch/i386/include
sys/arch/i386/isa                       sys/dev/pci
sys/kern                                sys/net
sys/netinet                             sys/netinet6
sys/netmpls                             sys/sys
sys/xfs                                 usr.bin/cdio
usr.bin/ssh                             usr.sbin/dhcpd
usr.sbin/ospfd                          usr.sbin/pppd
usr.sbin/relayd                         usr.sbin/route6d

== distrib =========================================================== 01/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/distrib

sets

  ~ lists/base/md.alpha                   ~ lists/base/md.amd64
  ~ lists/base/md.armish                  ~ lists/base/md.aviion
  ~ lists/base/md.hp300                   ~ lists/base/md.hppa
  ~ lists/base/md.hppa64                  ~ lists/base/md.i386
  ~ lists/base/md.landisk                 ~ lists/base/md.luna88k
  ~ lists/base/md.mac68k                  ~ lists/base/md.macppc
  ~ lists/base/md.mvme68k                 ~ lists/base/md.mvme88k
  ~ lists/base/md.mvmeppc                 ~ lists/base/md.sgi
  ~ lists/base/md.sparc                   ~ lists/base/md.sparc64
  ~ lists/base/md.vax                     ~ lists/base/md.zaurus
  ~ lists/comp/mi                         ~ lists/man/mi

  > sync (deraadt@)

  ~ lists/base/mi                         ~ lists/man/mi

  > sync (deraadt@)

  ~ lists/base/mi                         ~ lists/man/mi

  > sync (deraadt@)

  ~ lists/comp/mi                         ~ lists/man/mi

  > sync (deraadt@)

== etc =============================================================== 02/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/etc

rc

  ~ rc                                    

  > routed is no longer, use ripd instead. (claudio@)

rc.conf

  ~ rc.conf                               

  > routed is no longer, use ripd instead. (claudio@)

services

  ~ services                              

  > Add synchronisation support for dhcpd - this allows for two dhcpd's
  > with the same configuration to be run on the same net and they will
  > keep their lease files/state in synch, and therefore allowing you to
  > run redundant dhcpd's. Synchronization code stolen from spamd, uses
  > an hmac key in /var/db/dhcpd.key if it exists.
  > ok krw@ deraadt@ (beck@)

== lib =============================================================== 03/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/lib

libc

  ~ gen/syslog.3                          

  > routed is no more so use dhcpd in these examples instead. OK norby@
  > (claudio@)

libssl

  ~ man/Makefile                          

  > remove duplicates; remove des_random_key; remove unused; sort MLINKS; ok
  > jmc@ (markus@)

== libexec =========================================================== 04/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/libexec

spamd

  ~ sync.c                                

  > check if the received buffer of a sync element is even big enough to
  > hold the header with length field.
  > ok deraadt@ beck@ (reyk@)

== regress =========================================================== 05/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/regress

sbin

  ~ pfctl/pf15.in                         ~ pfctl/pf15.ok

  > allow setting TOS with scrub; ok mcbride, claudio (markus@)

  ~ pfctl/pf15.in                         ~ pfctl/pf15.ok

  > scrub packets based on tags; ok henning (markus@)

== sbin ============================================================== 06/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/sbin

sbin

  ~ Makefile                              

  > unlink routed. unbreaks the tree (it is obvious claudio has it removed in
  > his tree already) (henning@)

ifconfig

  ~ ifconfig.8                            

  > Document the new mpe interface and explain the appropriate commands
  > in ifconfig(8). The man pages reference mpls(8) which doesn't exist,
  > but claudio promises it will follow shortly.
  > a thumb up and ok from claudio@ (pyr@)

  ~ ifconfig.8                            

  > put the mpe bits in the right place; (jmc@)

  ~ ifconfig.8                            

  > Remove references to routed. (claudio@)

pfctl

  ~ parse.y                               ~ pfctl_optimize.c
  ~ pfctl_parser.c                        

  > allow setting TOS with scrub; ok mcbride, claudio (markus@)

  ~ parse.y                               

  > scrub packets based on tags; ok henning (markus@)

  ~ parse.y                               

  > do not assume PF_INOUT is 0 in the enum; ok mcbride (deraadt@)

ping

  ~ ping.8                                

  > Remove references to routed. (claudio@)

route

  ~ keywords.h                            ~ keywords.sh
  ~ route.c                               ~ show.c

  > Add support to show and modify rtm_priority. (claudio@)

  ~ route.8                               

  > Document -priority. looks good norby@ (claudio@)

routed

  - Makefile                              - defs.h
  - if.c                                  - input.c
  - main.c                                - output.c
  - parms.c                               - pathnames.h
  - radix.c                               - rdisc.c
  - routed.8                              - table.c
  - trace.c                               - rtquery/Makefile
  - rtquery/rtquery.8                     - rtquery/rtquery.c

  > RIP routed.
  > You were a nice thing in the 4.2BSD times but now it is time for you to go.
  > Superseded by the shiny privseped ripd that does not have the evil habit to
  > use kernel internals in userland.
  > OK everybody in the onsen 'cause it unbreaks the tree (claudio@)

== share ============================================================= 07/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/share

man

  ~ man4/Makefile                         

  > Rather than fixing ises(4), nuke it.
  > ok deraadt@ (krw@)

  + man4/mpe.4                            

  > Document the new mpe interface and explain the appropriate commands
  > in ifconfig(8). The man pages reference mpls(8) which doesn't exist,
  > but claudio promises it will follow shortly.
  > a thumb up and ok from claudio@ (pyr@)

  - man4/ises.4                           

  > Rather than fixing ises(4), nuke it.
  > ok deraadt@ (krw@)

  ~ man4/crypto.4                         ~ man4/pci.4

  > no Xr ises (deraadt@)

  ~ man5/pf.conf.5                        

  > allow setting TOS with scrub; ok mcbride, claudio (markus@)

  ~ man4/mpe.4                            

  > tweak previous; (jmc@)

  ~ man5/pf.conf.5                        

  > scrub allows tagged, too (markus@)

  ~ man4/netintro.4                       ~ man4/route.4

  > More .Xr routed removes. Add the other routing daemons to netintro instead.
  > (claudio@)

  ~ man8/rc.conf.8                        

  > routed is no more so use dhcpd in these examples instead. OK norby@
  > (claudio@)

== sys =============================================================== 08/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/sys

arch/i386/conf

  ~ GENERIC                               

  > Rather than fixing ises(4), nuke it.
  > ok deraadt@ (krw@)

  ~ files.i386                            

  > Move i386 to __HAVE_GENERIC_SOFT_INTERRUPTS
  > ok dlg@, tested by dlg@, oga@, jsg@, deraadt@ (kettenis@)

arch/i386/i386

  ~ apicvec.s                             ~ machdep.c
  + softintr.c                            

  > Move i386 to __HAVE_GENERIC_SOFT_INTERRUPTS
  > ok dlg@, tested by dlg@, oga@, jsg@, deraadt@ (kettenis@)

arch/i386/include

  ~ _types.h                              ~ intr.h

  > Move i386 to __HAVE_GENERIC_SOFT_INTERRUPTS
  > ok dlg@, tested by dlg@, oga@, jsg@, deraadt@ (kettenis@)

arch/i386/isa

  ~ icu.s                                 

  > Move i386 to __HAVE_GENERIC_SOFT_INTERRUPTS
  > ok dlg@, tested by dlg@, oga@, jsg@, deraadt@ (kettenis@)

dev/pci

  ~ files.pci                             

  > Rather than fixing ises(4), nuke it.
  > ok deraadt@ (krw@)

  - ises.c                                - isesreg.h

  > Rather than fixing ises(4), nuke it.
  > ok deraadt@ (krw@)

  - isesvar.h                             

  > Rather than fixing ises(4), nuke it.
  > ok deraadt@ (krw@)

kern

  ~ vfs_subr.c                            

  > Implement routing priorities. Every route inserted has a priority assigned
  > and the one route with the lowest number wins. This will be used by the
  > routing daemons to resolve the synchronisations issue in case of conflicts.
  > The nasty bits of this are in the multipath code. If no priority is
  > specified
  > the kernel will choose an appropriate priority.
  > Looked at by a few people at n2k8 code is much older (claudio@)

  ~ tty_pty.c                             

  > check TIOCSIG for 0 and do not send that to psignal() and pgsignal()
  > ok fgsch (deraadt@)

  ~ vfs_conf.c                            ~ vfs_subr.c

  > remove the vfc_mountroot member from vfsconf and
  > do appropriate cleanup;
  > OK deraadt@ (thib@)

net

  ~ if_faith.c                            

  > There is no reason to have a faithrtrequest() function that sets the MTU to
  > route MTU to the interface MTU. By default if no route MTU is set it will
  > fall back to the interface MTU anyway. OK henning@ (claudio@)

  ~ radix_mpath.c                         ~ route.c

  > Redo rev 1.8 but this time with an additional fix to solve the dhclient
  > crashes
  > seen by krw. This is a prerequisite for upcomming routing priorities:
  > Always compare the nexthop if one is specified even if it is a
  > non-multipath
  > route. This mostly affects "route delete" and it will not remove the last
  > route if previous delete is redone. OK henning@ (claudio@)

  ~ pf_table.c                            ~ radix.c
  ~ radix.h                               ~ radix_mpath.c
  ~ radix_mpath.h                         ~ route.c
  ~ route.h                               ~ rtsock.c

  > Implement routing priorities. Every route inserted has a priority assigned
  > and the one route with the lowest number wins. This will be used by the
  > routing daemons to resolve the synchronisations issue in case of conflicts.
  > The nasty bits of this are in the multipath code. If no priority is
  > specified
  > the kernel will choose an appropriate priority.
  > Looked at by a few people at n2k8 code is much older (claudio@)

  ~ if.c                                  ~ if_ethersubr.c
  ~ if_tun.c                              ~ netisr.h
  ~ netisr_dispatch.h                     

  > Prevent virtual interfaces from adding to the random pool.
  > Also move the sampling into ether_input() where it can happen
  > at the interrupt and not within splnet() processing, which might
  > be less random. Discussed with mickey.
  > OK markus@, mcbride@ (mpf@)

  ~ pf.c                                  

  > backout last change, it's already there.... (markus@)

  ~ pf_norm.c                             ~ pfvar.h

  > allow setting TOS with scrub; ok mcbride, claudio (markus@)

  ~ if_mpe.c                              

  > Correctly initialize labels by byte-swapping and inserting BoS and TTL.
  > While there bump MTU to 1500 and set the receiving interface before
  > calling mpls_input. mpestart will eventually call mpls_output when it
  > exists.
  > ``yaaaaayyy'' and ok claudio@ and norby@ (pyr@)

  ~ pf.c                                  ~ pf_norm.c
  ~ pfvar.h                               

  > scrub packets based on tags; ok henning (markus@)

  ~ if_mpe.c                              

  > Make mpe a point-to-point interface.
  > Make the mtu user definable.
  > ok claudio@ (pyr@)

  ~ if_mpe.c                              

  > add mpe_input() to be able to be fed packets that will reenter ip.
  > no consumers yet, they should come soon.
  > ok norby@ (pyr@)

  ~ if_mpe.c                              

  > Missing return and correctly indent a debug printf. (claudio@)

  ~ if_loop.c                             

  > Add MPLS support to loopback.
  > Makes it possible to do evil tricks locally.
  > ok claudio@ (norby@)

  ~ bridgestp.c                           ~ if_atmsubr.c
  ~ if_bridge.c                           ~ if_fddisubr.c
  ~ if_gif.c                              ~ if_trunk.c
  ~ if_vlan.c                             

  > enable tx mitigation when putting packets on the wire by switching from
  > calls to ifp->if_start to if_start(). these are the obviously right cases
  > where we can do that, the less obvious ones may follow as theyre figured
  > out.
  > deraadt@ said to go for it (dlg@)

netinet

  ~ in_pcb.c                              ~ ip_carp.c

  > Implement routing priorities. Every route inserted has a priority assigned
  > and the one route with the lowest number wins. This will be used by the
  > routing daemons to resolve the synchronisations issue in case of conflicts.
  > The nasty bits of this are in the multipath code. If no priority is
  > specified
  > the kernel will choose an appropriate priority.
  > Looked at by a few people at n2k8 code is much older (claudio@)

netinet6

  ~ in6.c                                 

  > Implement routing priorities. Every route inserted has a priority assigned
  > and the one route with the lowest number wins. This will be used by the
  > routing daemons to resolve the synchronisations issue in case of conflicts.
  > The nasty bits of this are in the multipath code. If no priority is
  > specified
  > the kernel will choose an appropriate priority.
  > Looked at by a few people at n2k8 code is much older (claudio@)

netmpls

  ~ mpls.h                                

  > Correctly initialize labels by byte-swapping and inserting BoS and TTL.
  > While there bump MTU to 1500 and set the receiving interface before
  > calling mpls_input. mpestart will eventually call mpls_output when it
  > exists.
  > ``yaaaaayyy'' and ok claudio@ and norby@ (pyr@)

  ~ mpls.h                                

  > Make mpe a point-to-point interface.
  > Make the mtu user definable.
  > ok claudio@ (pyr@)

  ~ mpls.h                                

  > add mpe_input() to be able to be fed packets that will reenter ip.
  > no consumers yet, they should come soon.
  > ok norby@ (pyr@)

sys

  ~ mount.h                               

  > oops, forgot to remove vfc_mountroot from vfsconf for real. (thib@)

xfs

  ~ xfs_vfsops-openbsd.c                  

  > remove the vfc_mountroot member from vfsconf and
  > do appropriate cleanup;
  > OK deraadt@ (thib@)

== usr.bin =========================================================== 09/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin

cdio

  ~ cdio.c                                

  > correct duration by taking the pre-gap into account; ok by many. (fgsch@)

ssh

  ~ servconf.c                            ~ servconf.h
  ~ session.c                             ~ sshd_config.5

  > Enable the AllowAgentForwarding option in sshd_config (global and match
  > context), to specify if agents should be permitted on the server.
  > As the man page states:
  > ``Note that disabling Agent forwarding does not improve security
  > unless users are also denied shell access, as they can always install
  > their own forwarders.''
  > ok djm@, ok and a mild frown markus@ (pyr@)

  ~ sshd_config                           

  > push the sshd_config bits in, spotted by ajacoutot@ (pyr@)

  ~ sshd_config.5                         

  > sort; (jmc@)

== usr.sbin ========================================================== 10/10 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin

dhcpd

  ~ Makefile                              ~ dhcp.c
  ~ dhcpd.8                               ~ dhcpd.c
  ~ dhcpd.h                               ~ dispatch.c
  ~ errwarn.c                             ~ memory.c
  + sync.c                                + sync.h

  > Add synchronisation support for dhcpd - this allows for two dhcpd's
  > with the same configuration to be run on the same net and they will
  > keep their lease files/state in synch, and therefore allowing you to
  > run redundant dhcpd's. Synchronization code stolen from spamd, uses
  > an hmac key in /var/db/dhcpd.key if it exists.
  > ok krw@ deraadt@ (beck@)

ospfd

  ~ ospfd.conf.5                          

  > OSPF uses the highest IP address, not the lowest.
  > hai norby@ (jsing@)

pppd

  ~ pppd.8                                

  > Remove .Xr to routed and reword the sentence a bit to make more sense.
  > pppd can filter on network protocols not network daemons.
  > OK norby@ (claudio@)

relayd

  ~ parse.y                               ~ pfe_filter.c
  ~ relayd.8                              ~ relayd.conf.5
  ~ relayd.h                              

  > add an alternative "route to" mode to relayd redirections which maps
  > to pf route-to instead of the default rdr. it is a first steps towards
  > support for "direct server return" (dsr), an asynchronous mode where
  > the load balanced servers send the replies to a different gateway like
  > a l3 switch/router to handle higher amounts of return traffic.
  > because the state handling in pf isn't optimal for this case yet, it
  > just sees half of the TCP connection, the sessions are forced to time
  > out after fixed number of seconds.
  > discussed with many, thought about in the onsen (reyk@)

route6d

  ~ route6d.8                             

  > Ref to ripd instead of routed. (claudio@)

===============================================================================


More information about the odc mailing list