[odc] Daily src changes for 2010-03-04
ODC
auto at squish.net
Fri Mar 5 07:00:01 GMT 2010
OpenBSD src changes summary for 2010-03-04
==========================================
distrib/miniroot distrib/notes
distrib/sets lib/libssl
regress/usr.bin sbin/isakmpd
sbin/wsconsctl share/man
sys/arch/i386/stand sys/arch/sgi/conf
sys/arch/sgi/xbow sys/dev/usb
sys/dev/wscons usr.bin/ssh
usr.bin/sudo usr.bin/tip
usr.bin/whois usr.sbin/route6d
== distrib =========================================================== 01/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/distrib
miniroot
~ install.sub
> Gracefully handle trailing '/'s when asking for [sub]Timezones.
> i.e. ignore them all. Problem pointed out by Sebastian Rother. More
> script discipline and voodoo from halex at .
> ok halex@ deraadt@ (krw@)
notes
~ armish/prep
> - sync header to 4.7 (jasper@)
sets
~ lists/man/mi
> sync (deraadt@)
== lib =============================================================== 02/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/lib
libssl
~ src/crypto/bn/bn_div.c ~ src/crypto/bn/bn_gf2m.c
~ src/crypto/ec/ec2_smpl.c ~ src/engines/e_ubsec.c
> cherrypick patch from OpenSSL 0.9.8m:
> *) Always check bn_wexpend() return values for failure. (CVE-2009-3245)
> [Martin Olsson, Neel Mehta] (djm@)
== regress =========================================================== 03/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/regress
usr.bin
~ ssh/cert-hostkey.sh ~ ssh/cert-userkey.sh
> additional regression tests for revoked keys and TrustedUserCAKeys (djm@)
== sbin ============================================================== 04/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/sbin
isakmpd
~ ike_quick_mode.c ~ ipsec.c
> don't crash on invalid phase 2 IDs; from hshoexer; ok sthen@ (markus@)
wsconsctl
~ util.c
> Add wsdisplay type for SGI VPro (aka Odyssey)
> ok miod@ (jsing@)
== share ============================================================= 05/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/share
man
~ man4/man4.sgi/Makefile + man4/man4.sgi/odyssey.4
> Introduce odyssey(4), a driver for the SGI VPro (aka Odyssey) graphics
> card, which can be found in Octane, Octane2, Fuel, Tezro and Onyx systems.
> ok miod@ (jsing@)
== sys =============================================================== 06/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/sys
arch/i386/stand
~ Makefile
> has been no -r flag for a few years; J.C. Roberts (deraadt@)
arch/sgi/conf
~ GENERIC-IP27 ~ GENERIC-IP30
> Introduce odyssey(4), a driver for the SGI VPro (aka Odyssey) graphics
> card, which can be found in Octane, Octane2, Fuel, Tezro and Onyx systems.
> ok miod@ (jsing@)
arch/sgi/xbow
~ files.xbow + odyssey.c
+ odysseyreg.h
> Introduce odyssey(4), a driver for the SGI VPro (aka Odyssey) graphics
> card, which can be found in Octane, Octane2, Fuel, Tezro and Onyx systems.
> ok miod@ (jsing@)
dev/usb
~ uyurex.c
> utilize the fact that the softc is zero'd to simplify the initialization
> sequences
> ok yuo (deraadt@)
~ if_urndis.c ~ if_urndisreg.h
> Add defines for header and data offset, offsetof() uses from mk at .
> ok mk@ (armani@)
dev/wscons
~ wsconsio.h
> Add wsdisplay type for SGI VPro (aka Odyssey)
> ok miod@ (jsing@)
== usr.bin =========================================================== 07/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin
ssh
~ key.c
> use buffer_get_string_ptr_ret() where we are checking the return
> value explicitly instead of the fatal()-causing buffer_get_string_ptr()
> (djm@)
~ auth-rh-rsa.c ~ auth-rsa.c
~ auth.c ~ auth.h
~ auth2-hostbased.c ~ auth2-pubkey.c
~ authfile.c ~ authfile.h
~ hostfile.c ~ hostfile.h
~ servconf.c ~ servconf.h
~ ssh-keygen.c ~ ssh.1
~ sshconnect.c ~ sshd_config.5
> Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
> are trusted to authenticate users (in addition than doing it per-user
> in authorized_keys).
> Add a RevokedKeys option to sshd_config and a @revoked marker to
> known_hosts to allow keys to me revoked and banned for user or host
> authentication.
> feedback and ok markus@ (djm@)
~ ssh.1 ~ sshd_config.5
> tweak previous; (jmc@)
~ ssh-keygen.1 ~ ssh-keygen.c
> Add a -L flag to print the contents of a certificate; ok markus@ (djm@)
~ ssh-keygen.1
> fix Bk/Ek; (jmc@)
~ sshd_config.5
> missing word; spotted by jmc@ (djm@)
~ ssh.1 ~ sshd.8
> move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
> format section and rework it a bit; requested by jmc@ (djm@)
~ auth-options.c ~ ssh-keygen.c
> "force-command" is not spelled "forced-command"; spotted by
> imorgan AT nas.nasa.gov (djm@)
sudo
~ Makefile.in ~ alias.c
~ alloc.c ~ check.c
~ compat.h ~ configure
~ configure.in ~ defaults.c
~ defaults.h ~ env.c
~ error.c ~ error.h
~ fileops.c ~ find_path.c
~ getspwuid.c ~ gettime.c
~ goodpath.c ~ gram.y
~ ins_2001.h ~ ins_classic.h
~ ins_csops.h ~ ins_goons.h
~ install-sh ~ insults.h
~ interfaces.c ~ interfaces.h
~ lbuf.c ~ lbuf.h
~ ldap.c ~ list.c
~ list.h ~ logging.c
~ logging.h ~ match.c
~ mkinstalldirs ~ parse.c
~ parse.h ~ pathnames.h.in
~ pwutil.c ~ redblack.c
~ redblack.h ~ sample.sudoers
~ set_perms.c ~ sudo.c
~ sudo.h ~ sudo.pod
~ sudo_edit.c ~ sudo_noexec.c
~ sudo_nss.c ~ sudo_nss.h
~ sudo_usage.h.in ~ sudoers.ldap.pod
~ sudoers.pod ~ sudoers2ldif
~ term.c ~ testsudoers.c
~ tgetpass.c ~ visudo.c
~ visudo.pod ~ zero_bytes.c
~ auth/afs.c ~ auth/aix_auth.c
~ auth/bsdauth.c ~ auth/dce.c
~ auth/fwtk.c ~ auth/kerb4.c
~ auth/kerb5.c ~ auth/pam.c
~ auth/passwd.c ~ auth/rfc1938.c
~ auth/secureware.c ~ auth/securid.c
~ auth/securid5.c ~ auth/sia.c
~ auth/sudo_auth.c ~ auth/sudo_auth.h
> Remove old $Sudo$ tags; the main sudo tree no longer lives in cvs.
> (millert@)
tip
~ cu.1
> `speed' is an argument, not a flag.
> ok jmc@ (sobrado@)
whois
~ whois.c ~ whois.1
> 6Bone is dead and doesn't respond to whois requests. Remove man
> page mentions and '-6' related code. Pointed out by Sebastian Rother.
> ok deraadt@ henning@ (krw@)
~ whois.c
> remove -6 from usage(); (jmc@)
== usr.sbin ========================================================== 08/08 ==
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin
route6d
~ route6d.8
> 6Bone is dead. Use the literal '3ffe::/16' rather than '6bone test
> address range' when explaining the -L example. (krw@)
===============================================================================
More information about the odc
mailing list