OpenBSD/src CoaZu5Ashare/man/man9 malloc.9

   Add missing types, and fix incorrect names.
+9-51 files

OpenBSD/src DUZDyTAregress/usr.sbin/syslogd

   Adapt expected number of dropped messages after sendsyslog(2) kernel
   buffer size has changed.

OpenBSD/src AJortCEusr.sbin/syslogd syslogd.c

   Increase the socket buffer size for sendsyslog(2) to 1 MB.  During
   bursts it is possible that syslogd(8) cannot process messages fast
   enough.  The larger kernel buffer allows to work them off in more
   time.  Then fewer dropped messages are reported.
   problem found by millert@; OK claudio@ deraadt@
+22-81 files

OpenBSD/src lyUf2ACusr.bin/mandoc html.c mdoc_html.c

   The .UR and .MT blocks in man(7) are represented by <a> elements
   which establish phrasing context, but they can contain paragraph
   breaks (which is relevant for terminal formatting, so we can't just
   change the structure of the syntax tree), which are respresented
   by <p> elements and cannot occur inside <a>.

   Fix this by prematurely closing the <a> element in the HTML formatter.
   This menas that the clickable text in HTML output is shorter than
   what is represented as the link text in terminal output, but in
   HTML, it is frankly impossible to have the clickable area of a
   hyperlink extend across a paragraph break.  The difference in
   presentation is not a major problem, and besides, paragraph breaks
   inside .UR are rather poor style in the first place.

   The implementation is quite tricky.  Naively closing out the <a>
   prematurely would result in accessing a stale pointer when later
   reaching the physical end of the .UR block.  So this commit separates
   visual and structural closing of "struct tag" stack items.  Visual
   closing means that the HTML element is closed but the "struct tag"
   remains on the stack, to avoid later access to a stale pointer and
   to avoid closing the same HTML element a second time later.

   This also needs reference counting of pointers to "struct tag" stack
   items because often more than one child holds a pointer to the same
   parent item, and only the outermost child can safely do the physical

    [6 lines not shown]

OpenBSD/src kl5nXZ3sys/nfs nfsm_subs.h

   Check for negative length in NFS strings.  This affects both, the
   client and server.
   OK beck@
+2-21 files

OpenBSD/src jsf4db9sys/nfs nfs_serv.c

   Check for negative length integers in NFS server.  A malicious
   client could crash the server.
   OK tedu@
+11-101 files

OpenBSD/src yvjKZ4Qsys/nfs nfs_vnops.c

   Check for negative length integers in NFS client.  A malicious
   server could confuse the client file system code.
   OK beck@
+4-31 files

OpenBSD/src fDPTHafregress/lib/libssl/buffer buffertest.c

   initialize offset value so this passes
   ok jsing@

OpenBSD/src 4aYG6d2lib/libssl ssl_tlsext.h

+2-11 files

OpenBSD/src OXlL47klib/libssl ssl_tlsext.c

   bump copyright years appopriately
+3-31 files

OpenBSD/src 8bcjY8ulib/libssl ssl_tlsext.c ssl_locl.h, regress/lib/libssl/tlsext tlsexttest.c

   Add client side of supported versions and keyshare extensions with basic regress
   ok jsing@

OpenBSD/src sW7Z5Bglib/libc/sys getitimer.2, sys/sys time.h

   sys/time.h: new macros: timerisvalid() and timespecisvalid().

   Make it less likely you miss a zero when typing out 100000 or 100000000.
   Document them in getitimer.2 for the masses.  These may be of use in
   library code as well as the kernel.

   Comparable inline functions exist in Linux but are not available to
   userspace like these.

   "OK." deraadt@
+15-32 files

OpenBSD/src 5VdbIFdlib/libsndio sio_open.3

   Sayt that using capabilities to negociate audio parameters (ie using
   sio_getcap() function) is not recomended.

   From Paul Swanson <psw at>, ok jmc
+12-21 files

OpenBSD/src lo4X0Xisys/net bfd.c

   chase sounlock() api change, make bfd(4) build again

   "go ahead" deraadt@
+7-71 files

OpenBSD/src mwt6LeOsys/arch/amd64/amd64 vmm.c

   remove a debugging printf that has outlived its usefulness
+1-21 files

OpenBSD/src bqUBzIFsbin/dhclient dhclient.c

   Move link state change test & check for new lladdr into
   interface_state(). Simplifies code a bit.
+21-201 files

OpenBSD/src EA2B2LPlib/libc/locale wcscoll.3 wcsxfrm.3, lib/libc/string strcoll.3 strxfrm.3

   Improve the description of locale dependency:
   * mention LC_COLLATE;
   * clarify that all these functions are infested, including the *_l() versions;
   * avoid ENVIRONMENT, these functions don't inspect it;
   * and point to the C library functions that change the locale.
   OK millert@

OpenBSD/src g1OACWzsbin/dhclient dhclient.8 dhclient.c

   Ignore HUP signals. If you need to modify the running configuration
   just run dhclient again, which does the same thing. i.e. kills
   existing dhclient processes and exec's a new copy.

   One less knob. Improves documention by eliminating very non-standard
   SIGNALS section.

   Feedback from schwarze@. ok deraadt@
+4-212 files

OpenBSD/src SbX99d8lib/libc/stdlib labs.3 abs.3

   Replace the vague, incorrect, and confusing BUGS sections with CAVEATS
   clearly stating which arguments have to be avoided, and mention the
   header files defining the constants required for the checks.
   Feedback and OK guenther@, OK bluhm@.

OpenBSD/src fqsM88Lusr.bin/openssl openssl.1

   tweak previous;
+8-81 files

OpenBSD/src 54OHsG9lib/libssl tls13_handshake.c tls13_handshake.h

   Expose some symbols in a new tls13_handshake.h for regression testing.
   Update the handshake state tables and flag names according to the
   design decisions and naming conventions in the hackroom. Garbage collect
   some things that turn out not to belong here.

   ok jsing

OpenBSD/src duSPMrDregress/lib/libssl/buffer buffertest.c

   Removed unused struct members.

OpenBSD/src duvlH4vlib/libc/sys adjtime.2

   minor tweaks:
   * correctly mark up NULL
   * avoid gratuitous future tense
   * replace one wrong .Nm macro
+18-101 files

OpenBSD/src yP7yAoWlib/libc/sys clock_gettime.2

   Adjust EINVAL wording: tv_nsec cannot be 1 billion, either.
+3-21 files

OpenBSD/src 0hRFNSjlib/libc/sys futex.2, sys/kern sys_futex.c

   futex(2): validate relative timeout before sleeping.

   Linux does validation.

   Document this new failure case as an EINVAL, like Linux.

   "stop waiting" deraadt
+10-32 files

OpenBSD/src TUHc359lib/libc/sys adjtime.2 gettimeofday.2, sys/kern kern_time.c

   adjtime(2), settimeofday(2), clock_settime(2): validate input

   Add documentation for the new EINVAL cases for adjtime(2) and

   adjtime.2 docs ok schwarze@,
   settimeofday(2)/clock_settime(2) stuff ok tedu@,
   "stop waiting" deraadt@

OpenBSD/src AuIo0RSusr.bin/openssl openssl.1

   Add the -iter and -pbkdf2 argumenst to enc
+11-21 files

OpenBSD/src 2lWyV6fusr.bin/openssl enc.c

   Change the default digest type to sha256, and add support for
   pbkdf2 with OpenSSL compatible flags
   ok jsing@
+44-51 files

OpenBSD/src qhdTfkHlib/libssl Makefile tls13_tlsext.c

   Remove this copy, we have decided we can do this in place
   ok jsing@

OpenBSD/src bbGX1zalib/libssl ssl_tlsext.c

   Add support for RFC 8446 section 4.2 enforcing which extensions may
   appear with which messages.
   ok jsing@
+42-71 files

OpenBSD/src yzGd0TTshare/man/man9 tvtohz.9

   add missing .Vt markup
+8-41 files

OpenBSD/src bv7x78tsbin/dhclient clparse.c

   Oops. Nuke debug statement that snuck it.
+2-21 files

OpenBSD/src CbzB346sbin/dhclient clparse.c

   Shuffle lease file reading code to improve clarity and shorten some
   lines. No intentional functional change.
+28-291 files

OpenBSD/src BDe8Ndysys/netinet ip_output.c

   Revert Rev 1.351, the change is not quite right yet.
+35-481 files

OpenBSD/src tW0Db7ssbin/dhclient clparse.c

   Yet another long line broke cover.
+3-31 files

OpenBSD/src WMq307Ysbin/dhclient dhclient.c clparse.c

   Be consistent in explicitly testing memcmp() return values.

OpenBSD/src oZ2nEZCsys/arch/i386/i386 machdep.c pmapae.c, sys/arch/i386/include vmmvar.h specialreg.h

   delete vmm(4) in i386

   We will still be able to run i386 guests on amd64 vmm.

   Reasons to delete i386 vmm:

   - Been broken for a while, almost no one complained.
   - Had been falling out of sync from amd64 while it worked.
   - If your machine has vmx, you most probably can run amd64, so why not run that?

   ok deraadt@ mlarkin@

OpenBSD/src uFLnnStdistrib/sets/lists/base md.i386, usr.sbin/vmctl Makefile

   disable vmd/vmctl for i386

   Next commit will delete vmm(4) for i386.

   Reasons to delete i386 vmm:

   - Been broken for a while, almost no one complained.
   - Had been falling out of sync from amd64 while it worked.
   - If your machine has vmx, you most probably can run amd64, so why not run that?

   ok mlarkin@ deraadt@

OpenBSD/src LxYX0YEregress/lib/libssl/tlsext tlsexttest.c, regress/lib/libssl/unit tls_ext_alpn.c

   Update regress following TLS extension renaming.

OpenBSD/src 4gpyYF6lib/libssl ssl_tlsext.c ssl_tlsext.h

   Rename TLS extension handling to use less "hello".

   When the TLS extension code was rewritten, TLS extensions could only exist
   in ClientHello and ServerHello messages - as such, they were named in pairs
   of *_clienthello_{needs,build} which would be called by the client and
   *_clienthello_parse. Likewise for *_serverhello_{needs,build} which would
   be called by a server and *_serverhello_parse, which would be called by a

   Enter TLSv1.3 - TLS extensions can now exist in one of seven messages,
   with only certain types being allowed to appear in each, meaning the naming
   scheme no longer works. Instead, rename them to indicate the caller rather
   than the message type - this effectively means:

     clienthello_needs -> client_needs
     clienthello_build -> client_build
     clienthello_parse -> server_parse
     serverhello_needs -> server_needs
     serverhello_build -> server_build
     serverhello_parse -> client_parse

   ok beck@ tb@

OpenBSD/src ejBCA0dsbin/dhclient dhclient.c

   Split a long line that wandered into the
+3-31 files

OpenBSD/src D7pe4VWshare/man/man9 tvtohz.9

   clarify and docuement what happens when a tv or ts exceeps INT_MIN ticks.
   with some help from cheloha and schwarze
+7-61 files

OpenBSD/src BuDZphqgnu/llvm/lib/Target/Sparc SparcISelLowering.cpp

   Use a 64-bit register when required for inline asm on sparc64.
   Without this, values get truncated to 32-bit.  Makes a sparc64 kernel
   actually work when compiled with clang.

   ok pguenther@, visa@

OpenBSD/src lY3moo2sys/net if_bridge.c if_bridge.h

   Convert interface lists from TAILQ to SLIST in preparation for fine
   grained locking.

   ok visa@, florian@
+52-362 files

OpenBSD/src OVWSIGPsys/dev/fdt ssdfb.c

   No need to free the Command/Data GPIO in the I2C detach path since it is
   only allocated and used for the SPI backend.

   From Tobias Nygren
+1-21 files

OpenBSD/src GuQPQbssys/dev/fdt ssdfb.c

   Add support for the SSD1306 as seen on the NanoPi NEO2 with
   a NanoHat OLED.
+19-21 files

OpenBSD/src pIVHdZbregress/lib/libssl Makefile, regress/lib/libssl/buffer buffertest.c Makefile

   Add regress for extensible buffer code.

OpenBSD/src 4HgmWiblib/libssl tls13_tlsext.c

   Get rid of is_serverhello in preparation for other messages
   ok jsing@ tb@
+24-131 files

OpenBSD/src qehhoX3lib/libssl tls13_buffer.c tls13_internal.h

   Provide an extensible buffer implementation that uses a read callback.

   The read callback returns a TLS13_IO_* value on EOF, failure, want pollin
   or want pollout, or a positive value indicating the number of bytes read.

   This will be used by upcoming TLSv1.3 handshake message and record
   processing code, both of which need the ability to read a fixed size
   header, before extending the buffer to the number of bytes specified in the

   ok beck@ tb@

OpenBSD/src VwvVhNrregress/usr.bin/mandoc/roff/esc

   Test handling of escaped backslashes because the code related to
   copy mode is complicated and prone to regressions.