OpenBSD/src ISAhF4wbin/pax options.c

   In cpio mode, when processing the -o switch, only set the archive format
   if not already set.  This makes "cpio -Hustar -o" behave the same as
   "cpio -o -Hustar".  ok guenther@
VersionDeltaFile
1.103+3-2bin/pax/options.c
+3-21 files

OpenBSD/src VumKz7wusr.sbin/pkg_add/OpenBSD AddDelete.pm

   nicer order of multi-choice packages (by version if everything else is
   equal, alphabetically otherwise)

   prompted by claudio@, okay claudio@ kmos@
VersionDeltaFile
1.92+14-2usr.sbin/pkg_add/OpenBSD/AddDelete.pm
+14-21 files

OpenBSD/src gPVQAy9sys/kern subr_witness.c

   Remove gratuitous #ifdef.
VersionDeltaFile
1.35+1-3sys/kern/subr_witness.c
+1-31 files

OpenBSD/src N7NJSoNusr.bin/ssh sk-usbhid.c

   fix typos in sk_enroll
VersionDeltaFile
1.6+5-5usr.bin/ssh/sk-usbhid.c
+5-51 files

OpenBSD/src ZfE2WzJlib/libssl ssl_tlsext.c

   Deduplicate some extension processing code.

   ok tb@ inoguchi@
VersionDeltaFile
1.50+47-58lib/libssl/ssl_tlsext.c
+47-581 files

OpenBSD/src trSj1QLlib/libcurses/base lib_redrawln.c

   Fix a segmentation fault in ncurses.

   This is a backported patch [1] from ncurses-5.7-20100501. It takes begx
   and begy values into account when calculating lengths, in order to avoid
   writing data past the end of the buffer when calling memset in wredrawln().

   From upstream NEWS file:

   20100501
           + correct limit-check in wredrawln, accounting for begy/begx values
             (patch by David Benjamin).

   [1] https://lists.gnu.org/archive/html/bug-ncurses/2010-04/msg00017.html

   OK nicm@
VersionDeltaFile
1.4+6-6lib/libcurses/base/lib_redrawln.c
+6-61 files

OpenBSD/src Dx8GVGEsbin/iked ikev2.c

   IKEv2 message fragments of the same message have the same msg_id. When
   fragmentation was added every incoming message increased the internal
   msg_id count. Fragments were handled with an explicit exception.
   Now that we have msg_valid we can increase the SA's msg_id counter
   only with the reconstructed message and remove the exception.

   ok bluhm@
VersionDeltaFile
1.179+5-6sbin/iked/ikev2.c
+5-61 files

OpenBSD/src 7GANAcQsbin/iked ikev2_msg.c

   Fix error handling in ikev2_msg_send.

   Check sa is not NULL before using it. Use sa consistently instead of
   mixing sa and msg->msg_sa. In the error case, if sa is not NULL, save
   the message for retransmission and return 0 instead of -1.

   ok mikeb@
VersionDeltaFile
1.59+12-11sbin/iked/ikev2_msg.c
+12-111 files

OpenBSD/src 0KCKOjjetc master.passwd

   fix the spelling of rpki, as noted by jmc@
VersionDeltaFile
1.102+1-1etc/master.passwd
+1-11 files

OpenBSD/src 6Y3qZfDusr.bin/tmux format.c input.c

   Do not add path if it is NULL, duh.
VersionDeltaFile
1.215+3-2usr.bin/tmux/format.c
1.166+1-2usr.bin/tmux/input.c
+4-42 files

OpenBSD/src 7OPeuSAusr.bin/tmux tmux.1 screen.c

   Handle OSC 7 (a VTE extension) and put the result in a new format (pane_path).

OpenBSD/src heWa5icusr.bin/ssh ssh-add.1

   double word;
VersionDeltaFile
1.74+3-3usr.bin/ssh/ssh-add.1
+3-31 files

OpenBSD/src Lc9HGgHsys/net80211 ieee80211.c

   Whitespace removal, no code change.
VersionDeltaFile
1.81+4-4sys/net80211/ieee80211.c
+4-41 files

OpenBSD/src IQi9JoKsys/kern vfs_bio.c

   Fix a spelling error in a comment and remove some extra whitespace
   in a few places. No code change.
VersionDeltaFile
1.192+4-4sys/kern/vfs_bio.c
+4-41 files

OpenBSD/src wCIJALksbin/unwind resolver.c

   Improve readability by using a typedef for the callback type; ok florian@
VersionDeltaFile
1.66+7-7sbin/unwind/resolver.c
+7-71 files

OpenBSD/src w0ipSuUusr.bin/ssh sshkey.c sk-usbhid.c

   remove most uses of BN_CTX

   We weren't following the rules re BN_CTX_start/BN_CTX_end and the places
   we were using it didn't benefit from its use anyway. ok dtucker@

OpenBSD/src fkuvOMfusr.bin/ssh ssh-agent.c

   unshield security key privkey before attempting signature in
   agent. spotted by dtucker@
VersionDeltaFile
1.246+16-4usr.bin/ssh/ssh-agent.c
+16-41 files

OpenBSD/src uOwUPIVusr.bin/ssh sk-usbhid.c

   rewrite c99-ism
VersionDeltaFile
1.4+2-2usr.bin/ssh/sk-usbhid.c
+2-21 files

OpenBSD/src vSvUPHmusr.bin/ssh Makefile.inc

   only clang understands those new -W options
VersionDeltaFile
1.78+4-2usr.bin/ssh/Makefile.inc
+4-21 files

OpenBSD/src hjUwLkxshare/man/man3 intro.3

   add libcbor and libfido2
   ok djm@
VersionDeltaFile
1.92+10-2share/man/man3/intro.3
+10-21 files

OpenBSD/src ZqrRvTKusr.bin/ssh ssh-agent.c

   don't consult dlopen whitelist for internal security key provider;
   spotted by dtucker@
VersionDeltaFile
1.245+4-2usr.bin/ssh/ssh-agent.c
+4-21 files

OpenBSD/src RUliVlousr.bin/ssh sk-usbhid.c

   U2F tokens may return FIDO_ERR_USER_PRESENCE_REQUIRED when probed to
   see if they own a key handle. Handle this case so the find_device()
   look can work for them. Reported by Michael Forney
VersionDeltaFile
1.3+4-0usr.bin/ssh/sk-usbhid.c
+4-01 files

OpenBSD/src m3dkwcklib/libcbor Makefile, lib/libfido2 Makefile

   our older gcc requires forced -std=c99
VersionDeltaFile
1.2+2-2lib/libcbor/Makefile
1.3+2-2lib/libfido2/Makefile
+4-42 files

OpenBSD/src I3WjehXdistrib/sets/lists/comp mi

   sync
VersionDeltaFile
1.1479+9-0distrib/sets/lists/comp/mi
+9-01 files

OpenBSD/src gVnGYx1distrib/amd64/iso Makefile, etc/etc.amd64 disktab

   grow an install media
VersionDeltaFile
1.23+4-4etc/etc.amd64/disktab
1.34+2-2distrib/amd64/iso/Makefile
+6-62 files

OpenBSD/src I5QOeggusr.bin/ssh ssh-agent.c

   show the "please touch your security key" notifier when using the
   (default) build-in security key support.
VersionDeltaFile
1.244+15-9usr.bin/ssh/ssh-agent.c
+15-91 files

OpenBSD/src O3Nu9VIusr.bin/ssh sshconnect2.c

   close the "touch your security key" notifier on the error path too
VersionDeltaFile
1.314+2-2usr.bin/ssh/sshconnect2.c
+2-21 files

OpenBSD/src Y7bT9nyusr.bin/ssh sk-usbhid.c

   correct function name in debug message
VersionDeltaFile
1.2+1-1usr.bin/ssh/sk-usbhid.c
+1-11 files

OpenBSD/src 0eMTEJYusr.bin/ssh readpass.c

   follow existing askpass logic for security key notifier: fall back
   to _PATH_SSH_ASKPASS_DEFAULT if no $SSH_ASKPASS environment variable
   is set.
VersionDeltaFile
1.57+4-3usr.bin/ssh/readpass.c
+4-31 files

OpenBSD/src 8ERgdM3share/mk bsd.README bsd.prog.mk, usr.bin/usbhidctl Makefile

   libusb was renamed to libusbhid in 2001 but the old DPADD var name was
   kept.  Rename LIBUSB to LIBUSBHID as there is only one LIBUSB use and
   many more attempts to refer to LIBUSBHID.

OpenBSD/src UhHyptZusr.bin/ftp fetch.c

   HTTP/1.1 for ftp(1)

   Some sites in ports start to reject HTTP/1.0 requests.  Let's move on
   and implement HTTP/1.1.  Should fit in ramdisks.

   ok sthen@ tb@
VersionDeltaFile
1.178+125-39usr.bin/ftp/fetch.c
+125-391 files

OpenBSD/src 8CHk4Q8share/mk bsd.README bsd.prog.mk

   add LIBCBOR and LIBFIDO2
VersionDeltaFile
1.83+3-1share/mk/bsd.README
1.80+3-1share/mk/bsd.prog.mk
+6-22 files

OpenBSD/src Gax7amZlib/libfido2 Makefile

   LDADD for libcbor and libusbhid
VersionDeltaFile
1.2+4-1lib/libfido2/Makefile
+4-11 files

OpenBSD/src 384QBfeetc group master.passwd

   uid/gid 70 is _rpki-client for privdrop; ok benno
VersionDeltaFile
1.92+1-0etc/group
1.101+1-0etc/master.passwd
+2-02 files

OpenBSD/src 2rG0WBHusr.bin/ssh Makefile.inc

   remove debugging goop that snuck in to last commit
VersionDeltaFile
1.77+5-5usr.bin/ssh/Makefile.inc
+5-51 files

OpenBSD/src 49pYt5Qlib/libcbor shlib_version, lib/libfido2 shlib_version

   extra whitespace

OpenBSD/src UetpjFVdistrib/sets/lists/base mi, distrib/sets/lists/comp mi

   sync
VersionDeltaFile
1.1478+20-0distrib/sets/lists/comp/mi
1.969+2-0distrib/sets/lists/base/mi
+22-02 files

OpenBSD/src QdiUwHNusr.bin/ssh sk-usbhid.c ssh-sk.c

   directly support U2F/FIDO2 security keys in OpenSSH by linking
   against the (previously external) USB HID middleware. The dlopen()
   capability still exists for alternate middlewares, e.g. for
   Bluetooth, NFC and test/debugging.

OpenBSD/src InpoAFeregress/sys/kern/pipe test-run-down.c test-thundering-herd.c

   increase pipe size in order to exercise big pipe allocations

OpenBSD/src 8bJ1Kvsinclude Makefile

   RDIRS for libcbor and libfido2
VersionDeltaFile
1.226+3-3include/Makefile
+3-31 files

OpenBSD/src MeRek7plib Makefile

   add libcbor and libfido2
VersionDeltaFile
1.76+3-3lib/Makefile
+3-31 files

OpenBSD/src 2JRrnZKlib/libfido2/src cbor.c assert.c

   import libfido2 (git HEAD). This library allows communication with
   U2F/FIDO2 devices over USB.

   feedback and "start the churn" deraadt@

OpenBSD/src jhU1z9Wsys/dev/ic mpi.c

   Unleash all the available openings and let the midlayer sort things
   out like other "modern" devices.

   ok dlg@
VersionDeltaFile
1.207+2-2sys/dev/ic/mpi.c
+2-21 files

OpenBSD/src yt5cGdjlib/libcbor/src cbor.c, lib/libcbor/src/cbor streaming.c serialization.c

   Add libcbor; an implementation of the Concise Binary Object
   Representation (CBOR) encoding format defined in RFC7049.

   This is a dependency of libfido2, that we'll use for U2F/FIDO
   support in OpenSSH.

   feedback and "Looks good enough to me" deraadt@

OpenBSD/src JZO5RKolib/libssl/man SSL_CTX_use_certificate.3

   Add missing cross-reference to NOTES section.
   OK kn@ tb@

OpenBSD/src nPEgsoTsbin/isakmpd monitor.c

   Do not print misleading error message about permission error for
   non existing isakmpd.conf(5) file.  This was a result of the changed
   realpath(3) behavior.  Now isakmpd(8) uses the errno from the system.
   reported by igor kos; OK deraadt@
VersionDeltaFile
1.78+6-13sbin/isakmpd/monitor.c
+6-131 files

OpenBSD/src gdTchWwregress/sbin/iked/parser common.c

   Fix undefined symbol for ikev2_ike_sa_setreason.
VersionDeltaFile
1.4+6-1regress/sbin/iked/parser/common.c
+6-11 files

OpenBSD/src bKi1kYKsys/net80211 ieee80211_ioctl.c

   Prevent a NULL deref in ieee80211_node2req() which could be triggered
   by an ioctl if the driver had not yet initialized the channel map.
   Crash reported by nayden@
   ok sthen@

   OpenBSD 6.6 errata 004
VersionDeltaFile
1.75.4.1+3-2sys/net80211/ieee80211_ioctl.c
+3-21 files

OpenBSD/src AuGph0Ysys/net80211 ieee80211_ioctl.c

   Prevent a NULL deref in ieee80211_node2req() which could be triggered
   by an ioctl if the driver had not yet initialized the channel map.
   Crash reported by nayden@
   ok sthen@

   OpenBSD 6.5 errata 015
VersionDeltaFile
1.73.2.1+3-2sys/net80211/ieee80211_ioctl.c
+3-21 files

OpenBSD/src V4TNJvwusr.sbin/sysupgrade sysupgrade.sh

   Opportunisticly run fw_update before rebooting to run the upgrade.
   Warn if it fails, but allow the upgrade to continue for now.
   discussed with many, refinements by naddy@ sthen@
   from beck@ benno@; OK deraadt@

   OpenBSD 6.5 errata 016
VersionDeltaFile
1.25.2.2+4-1usr.sbin/sysupgrade/sysupgrade.sh
+4-11 files