[odc] Daily src changes for 2010-03-04

ODC auto at squish.net
Fri Mar 5 07:00:01 GMT 2010


OpenBSD src changes summary for 2010-03-04
==========================================

distrib/miniroot                        distrib/notes
distrib/sets                            lib/libssl
regress/usr.bin                         sbin/isakmpd
sbin/wsconsctl                          share/man
sys/arch/i386/stand                     sys/arch/sgi/conf
sys/arch/sgi/xbow                       sys/dev/usb
sys/dev/wscons                          usr.bin/ssh
usr.bin/sudo                            usr.bin/tip
usr.bin/whois                           usr.sbin/route6d

== distrib =========================================================== 01/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/distrib

miniroot

  ~ install.sub                           

  > Gracefully handle trailing '/'s when asking for [sub]Timezones.
  > i.e. ignore them all. Problem pointed out by Sebastian Rother. More
  > script discipline and voodoo from halex at .
  > ok halex@ deraadt@ (krw@)

notes

  ~ armish/prep                           

  > - sync header to 4.7 (jasper@)

sets

  ~ lists/man/mi                          

  > sync (deraadt@)

== lib =============================================================== 02/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/lib

libssl

  ~ src/crypto/bn/bn_div.c                ~ src/crypto/bn/bn_gf2m.c
  ~ src/crypto/ec/ec2_smpl.c              ~ src/engines/e_ubsec.c

  > cherrypick patch from OpenSSL 0.9.8m:
  > *) Always check bn_wexpend() return values for failure.  (CVE-2009-3245)
  > [Martin Olsson, Neel Mehta] (djm@)

== regress =========================================================== 03/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/regress

usr.bin

  ~ ssh/cert-hostkey.sh                   ~ ssh/cert-userkey.sh

  > additional regression tests for revoked keys and TrustedUserCAKeys (djm@)

== sbin ============================================================== 04/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/sbin

isakmpd

  ~ ike_quick_mode.c                      ~ ipsec.c

  > don't crash on invalid phase 2 IDs; from hshoexer; ok sthen@ (markus@)

wsconsctl

  ~ util.c                                

  > Add wsdisplay type for SGI VPro (aka Odyssey)
  > ok miod@ (jsing@)

== share ============================================================= 05/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/share

man

  ~ man4/man4.sgi/Makefile                + man4/man4.sgi/odyssey.4

  > Introduce odyssey(4), a driver for the SGI VPro (aka Odyssey) graphics
  > card, which can be found in Octane, Octane2, Fuel, Tezro and Onyx systems.
  > ok miod@ (jsing@)

== sys =============================================================== 06/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/sys

arch/i386/stand

  ~ Makefile                              

  > has been no -r flag for a few years; J.C. Roberts (deraadt@)

arch/sgi/conf

  ~ GENERIC-IP27                          ~ GENERIC-IP30

  > Introduce odyssey(4), a driver for the SGI VPro (aka Odyssey) graphics
  > card, which can be found in Octane, Octane2, Fuel, Tezro and Onyx systems.
  > ok miod@ (jsing@)

arch/sgi/xbow

  ~ files.xbow                            + odyssey.c
  + odysseyreg.h                          

  > Introduce odyssey(4), a driver for the SGI VPro (aka Odyssey) graphics
  > card, which can be found in Octane, Octane2, Fuel, Tezro and Onyx systems.
  > ok miod@ (jsing@)

dev/usb

  ~ uyurex.c                              

  > utilize the fact that the softc is zero'd to simplify the initialization
  > sequences
  > ok yuo (deraadt@)

  ~ if_urndis.c                           ~ if_urndisreg.h

  > Add defines for header and data offset, offsetof() uses from mk at .
  > ok mk@ (armani@)

dev/wscons

  ~ wsconsio.h                            

  > Add wsdisplay type for SGI VPro (aka Odyssey)
  > ok miod@ (jsing@)

== usr.bin =========================================================== 07/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin

ssh

  ~ key.c                                 

  > use buffer_get_string_ptr_ret() where we are checking the return
  > value explicitly instead of the fatal()-causing buffer_get_string_ptr()
  > (djm@)

  ~ auth-rh-rsa.c                         ~ auth-rsa.c
  ~ auth.c                                ~ auth.h
  ~ auth2-hostbased.c                     ~ auth2-pubkey.c
  ~ authfile.c                            ~ authfile.h
  ~ hostfile.c                            ~ hostfile.h
  ~ servconf.c                            ~ servconf.h
  ~ ssh-keygen.c                          ~ ssh.1
  ~ sshconnect.c                          ~ sshd_config.5

  > Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
  > are trusted to authenticate users (in addition than doing it per-user
  > in authorized_keys).
  > Add a RevokedKeys option to sshd_config and a @revoked marker to
  > known_hosts to allow keys to me revoked and banned for user or host
  > authentication.
  > feedback and ok markus@ (djm@)

  ~ ssh.1                                 ~ sshd_config.5

  > tweak previous; (jmc@)

  ~ ssh-keygen.1                          ~ ssh-keygen.c

  > Add a -L flag to print the contents of a certificate; ok markus@ (djm@)

  ~ ssh-keygen.1                          

  > fix Bk/Ek; (jmc@)

  ~ sshd_config.5                         

  > missing word; spotted by jmc@ (djm@)

  ~ ssh.1                                 ~ sshd.8

  > move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
  > format section and rework it a bit; requested by jmc@ (djm@)

  ~ auth-options.c                        ~ ssh-keygen.c

  > "force-command" is not spelled "forced-command"; spotted by
  > imorgan AT nas.nasa.gov (djm@)

sudo

  ~ Makefile.in                           ~ alias.c
  ~ alloc.c                               ~ check.c
  ~ compat.h                              ~ configure
  ~ configure.in                          ~ defaults.c
  ~ defaults.h                            ~ env.c
  ~ error.c                               ~ error.h
  ~ fileops.c                             ~ find_path.c
  ~ getspwuid.c                           ~ gettime.c
  ~ goodpath.c                            ~ gram.y
  ~ ins_2001.h                            ~ ins_classic.h
  ~ ins_csops.h                           ~ ins_goons.h
  ~ install-sh                            ~ insults.h
  ~ interfaces.c                          ~ interfaces.h
  ~ lbuf.c                                ~ lbuf.h
  ~ ldap.c                                ~ list.c
  ~ list.h                                ~ logging.c
  ~ logging.h                             ~ match.c
  ~ mkinstalldirs                         ~ parse.c
  ~ parse.h                               ~ pathnames.h.in
  ~ pwutil.c                              ~ redblack.c
  ~ redblack.h                            ~ sample.sudoers
  ~ set_perms.c                           ~ sudo.c
  ~ sudo.h                                ~ sudo.pod
  ~ sudo_edit.c                           ~ sudo_noexec.c
  ~ sudo_nss.c                            ~ sudo_nss.h
  ~ sudo_usage.h.in                       ~ sudoers.ldap.pod
  ~ sudoers.pod                           ~ sudoers2ldif
  ~ term.c                                ~ testsudoers.c
  ~ tgetpass.c                            ~ visudo.c
  ~ visudo.pod                            ~ zero_bytes.c
  ~ auth/afs.c                            ~ auth/aix_auth.c
  ~ auth/bsdauth.c                        ~ auth/dce.c
  ~ auth/fwtk.c                           ~ auth/kerb4.c
  ~ auth/kerb5.c                          ~ auth/pam.c
  ~ auth/passwd.c                         ~ auth/rfc1938.c
  ~ auth/secureware.c                     ~ auth/securid.c
  ~ auth/securid5.c                       ~ auth/sia.c
  ~ auth/sudo_auth.c                      ~ auth/sudo_auth.h

  > Remove old $Sudo$ tags; the main sudo tree no longer lives in cvs.
  > (millert@)

tip

  ~ cu.1                                  

  > `speed' is an argument, not a flag.
  > ok jmc@ (sobrado@)

whois

  ~ whois.c                               ~ whois.1

  > 6Bone is dead and doesn't respond to whois requests. Remove man
  > page mentions and '-6' related code. Pointed out by Sebastian Rother.
  > ok deraadt@ henning@ (krw@)

  ~ whois.c                               

  > remove -6 from usage(); (jmc@)

== usr.sbin ========================================================== 08/08 ==

  http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin

route6d

  ~ route6d.8                             

  > 6Bone is dead. Use the literal '3ffe::/16' rather than '6bone test
  > address range' when explaining the -L example. (krw@)

===============================================================================


More information about the odc mailing list