From owner-svn-src-stable-10@freebsd.org Mon Aug 28 19:17:30 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EFF15E121E5; Mon, 28 Aug 2017 19:17:30 +0000 (UTC) (envelope-from davidcs@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 823C684CA4; Mon, 28 Aug 2017 19:17:30 +0000 (UTC) (envelope-from davidcs@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v7SJHT4W097487; Mon, 28 Aug 2017 19:17:29 GMT (envelope-from davidcs@FreeBSD.org) Received: (from davidcs@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v7SJHSOd097482; Mon, 28 Aug 2017 19:17:28 GMT (envelope-from davidcs@FreeBSD.org) Message-Id: <201708281917.v7SJHSOd097482@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: davidcs set sender to davidcs@FreeBSD.org using -f From: David C Somayajulu Date: Mon, 28 Aug 2017 19:17:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r322975 - in stable/10/sys: dev/qlxgbe modules/qlxgbe X-SVN-Group: stable-10 X-SVN-Commit-Author: davidcs X-SVN-Commit-Paths: in stable/10/sys: dev/qlxgbe modules/qlxgbe X-SVN-Commit-Revision: 322975 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Aug 2017 19:17:31 -0000 Author: davidcs Date: Mon Aug 28 19:17:28 2017 New Revision: 322975 URL: https://svnweb.freebsd.org/changeset/base/322975 Log: MFC 322771 Upgrade FW to 5.4.66 sysctls to display stats, stats polled every 2 seconds Modify QLA_LOCK()/QLA_UNLOCK() to not sleep after acquiring mtx_lock Add support to turn OFF/ON error recovery following heartbeat failure for debug purposes. Set default max values to 32 Tx/Rx/SDS rings Approved by: re(gjb) Modified: stable/10/sys/dev/qlxgbe/README.txt stable/10/sys/dev/qlxgbe/ql_boot.c stable/10/sys/dev/qlxgbe/ql_def.h stable/10/sys/dev/qlxgbe/ql_fw.c stable/10/sys/dev/qlxgbe/ql_glbl.h stable/10/sys/dev/qlxgbe/ql_hw.c stable/10/sys/dev/qlxgbe/ql_hw.h stable/10/sys/dev/qlxgbe/ql_inline.h stable/10/sys/dev/qlxgbe/ql_ioctl.c stable/10/sys/dev/qlxgbe/ql_isr.c stable/10/sys/dev/qlxgbe/ql_minidump.c stable/10/sys/dev/qlxgbe/ql_os.c stable/10/sys/dev/qlxgbe/ql_os.h stable/10/sys/dev/qlxgbe/ql_reset.c stable/10/sys/dev/qlxgbe/ql_ver.h stable/10/sys/modules/qlxgbe/Makefile Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/qlxgbe/README.txt ============================================================================== --- stable/10/sys/dev/qlxgbe/README.txt Mon Aug 28 18:40:26 2017 (r322974) +++ stable/10/sys/dev/qlxgbe/README.txt Mon Aug 28 19:17:28 2017 (r322975) @@ -61,14 +61,17 @@ following OS platforms: - kldunload if_qlxgbe 5. Parameters to set prior to installing the driver + Please run "sysctl kern.ipc" and "sysctl net.inet.tcp" and see if these + values are already greater than shown below. Change only those which + are less than shown below. - Add the following lines to /etc/sysctl.conf and reboot the machine prior to installing the driver - kern.ipc.nmbjumbo9=262144 + kern.ipc.nmbjumbo9=2000000 + kern.ipc.nmbclusters=1000000 net.inet.tcp.recvbuf_max=262144 net.inet.tcp.recvbuf_inc=16384 - kern.ipc.nmbclusters=1000000 kern.ipc.maxsockbuf=2097152 net.inet.tcp.recvspace=131072 net.inet.tcp.sendbuf_max=262144 @@ -78,10 +81,10 @@ following OS platforms: login or su to root - sysctl kern.ipc.nmbjumbo9=262144 + sysctl kern.ipc.nmbjumbo9=2000000 + sysctl kern.ipc.nmbclusters=1000000 sysctl net.inet.tcp.recvbuf_max=262144 sysctl net.inet.tcp.recvbuf_inc=16384 - sysctl kern.ipc.nmbclusters=1000000 sysctl kern.ipc.maxsockbuf=2097152 sysctl net.inet.tcp.recvspace=131072 sysctl net.inet.tcp.sendbuf_max=262144 Modified: stable/10/sys/dev/qlxgbe/ql_boot.c ============================================================================== --- stable/10/sys/dev/qlxgbe/ql_boot.c Mon Aug 28 18:40:26 2017 (r322974) +++ stable/10/sys/dev/qlxgbe/ql_boot.c Mon Aug 28 19:17:28 2017 (r322975) @@ -35,7 +35,7 @@ __FBSDID("$FreeBSD$"); unsigned int ql83xx_bootloader_version_major = 5; unsigned int ql83xx_bootloader_version_minor = 4; -unsigned int ql83xx_bootloader_version_sub = 64; +unsigned int ql83xx_bootloader_version_sub = 66; unsigned char ql83xx_bootloader[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -10957,9 +10957,8 @@ unsigned char ql83xx_bootloader[] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0x02, 0x00, 0x40, 0x40, 0x05, 0x04, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x02, 0x00, 0x40, 0x40, 0x05, 0x04, 0x42, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe0, 0xff, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x9b, 0x64, 0x95, 0x0e + 0x00, 0x00, 0x00, 0x00, 0x9b, 0x64, 0x93, 0x0e }; unsigned int ql83xx_bootloader_len = 131072; - Modified: stable/10/sys/dev/qlxgbe/ql_def.h ============================================================================== --- stable/10/sys/dev/qlxgbe/ql_def.h Mon Aug 28 18:40:26 2017 (r322974) +++ stable/10/sys/dev/qlxgbe/ql_def.h Mon Aug 28 19:17:28 2017 (r322975) @@ -110,6 +110,7 @@ typedef struct qla_ivec qla_ivec_t; typedef struct _qla_tx_ring { qla_tx_buf_t tx_buf[NUM_TX_DESCRIPTORS]; uint64_t count; + uint64_t iscsi_pkt_count; } qla_tx_ring_t; typedef struct _qla_tx_fp { @@ -129,19 +130,20 @@ typedef struct _qla_tx_fp { struct qla_host { volatile struct { volatile uint32_t - qla_interface_up :1, qla_callout_init :1, qla_watchdog_active :1, - qla_watchdog_exit :1, - qla_watchdog_pause :1, - stop_rcv :1, parent_tag :1, lock_init :1; } flags; + volatile uint32_t qla_interface_up; + volatile uint32_t stop_rcv; + volatile uint32_t qla_watchdog_exit; volatile uint32_t qla_watchdog_exited; + volatile uint32_t qla_watchdog_pause; volatile uint32_t qla_watchdog_paused; volatile uint32_t qla_initiate_recovery; + volatile uint32_t qla_detach_active; device_t pci_dev; @@ -182,6 +184,7 @@ struct qla_host { struct mtx hw_lock; volatile uint32_t hw_lock_held; + uint64_t hw_lock_failed; /* transmit and receive buffers */ uint32_t txr_idx; /* index of the current tx ring */ @@ -221,6 +224,9 @@ struct qla_host { uint64_t tx_tso_frames; uint64_t hw_vlan_tx_frames; + struct task stats_task; + struct taskqueue *stats_tq; + uint32_t fw_ver_major; uint32_t fw_ver_minor; uint32_t fw_ver_sub; @@ -260,9 +266,7 @@ typedef struct qla_host qla_host_t; #define QL_ALIGN(size, align) (size + (align - 1)) & ~(align - 1); #define QL_MIN(x, y) ((x < y) ? x : y) -#define QL_RUNNING(ifp) \ - ((ifp->if_drv_flags & (IFF_DRV_RUNNING | IFF_DRV_OACTIVE)) == \ - IFF_DRV_RUNNING) +#define QL_RUNNING(ifp) (ifp->if_drv_flags & IFF_DRV_RUNNING) /* Return 0, if identical, else 1 */ #define QL_MAC_CMP(mac1, mac2) \ Modified: stable/10/sys/dev/qlxgbe/ql_fw.c ============================================================================== --- stable/10/sys/dev/qlxgbe/ql_fw.c Mon Aug 28 18:40:26 2017 (r322974) +++ stable/10/sys/dev/qlxgbe/ql_fw.c Mon Aug 28 19:17:28 2017 (r322975) @@ -35,32 +35,32 @@ __FBSDID("$FreeBSD$"); unsigned int ql83xx_firmware_version_major = 5; unsigned int ql83xx_firmware_version_minor = 4; -unsigned int ql83xx_firmware_version_sub = 64; +unsigned int ql83xx_firmware_version_sub = 66; unsigned char ql83xx_firmware[] = { - 0x03, 0x00, 0x40, 0x40, 0x05, 0x04, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xe4, 0x42, 0x1b, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x5f, 0x7e, 0x74, 0x37, 0x27, 0xc9, 0xab, 0x39, + 0x03, 0x00, 0x40, 0x40, 0x05, 0x04, 0x42, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xe8, 0x46, 0x1b, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x64, 0x27, 0xbc, 0x1f, 0xfc, 0x30, 0xf6, 0x92, 0x00, 0x00, 0x00, 0x00, 0x3e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xe0, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7d, 0xef, 0x03, 0x00, + 0xe0, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd4, 0xf2, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x20, 0x44, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x20, 0x52, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x5d, 0xf9, 0x03, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x9f, 0x90, 0x13, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x46, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd0, 0x9f, 0x4e, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb4, 0xfc, 0x03, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xf7, 0x90, 0x13, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x54, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0xa1, 0x4e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xfc, 0x89, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x73, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7c, 0x65, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xab, 0x8d, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x74, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x8c, 0x65, 0x00, 0x00, 0x00, 0x00, 0x00, 0x90, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -69,118 +69,118 @@ unsigned char ql83xx_firmware[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x6f, 0x94, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x7d, 0x15, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa0, 0x65, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x1f, 0x98, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x7c, 0x15, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb0, 0x65, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd0, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xec, 0xa9, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd0, 0x04, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0xe4, 0x65, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x40, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x9b, 0xad, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe2, 0x04, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0xf4, 0x65, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xd0, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xbc, 0xae, 0x17, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xde, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0xf8, 0x65, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x22, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7d, 0xb2, 0x17, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xdd, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x08, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x22, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x9a, 0xb9, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x05, 0x1f, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x1a, 0x66, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x5a, 0xbd, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x03, 0x1f, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x2a, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb0, 0x60, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x9f, 0xd8, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, 0xea, 0x0b, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x7c, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x5d, 0xdc, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe8, 0x0b, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x8c, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x89, 0xe4, 0x17, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xbe, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0xa0, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x17, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x45, 0xe8, 0x17, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xbd, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0xb0, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x47, 0xeb, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x73, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xb8, 0x66, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x02, 0xef, 0x17, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x71, 0x23, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc8, 0x66, 0x00, 0x00, 0x00, 0x00, 0x00, 0x90, 0x6a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xba, 0x0e, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x0b, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x24, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x73, 0x12, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x08, 0x0b, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x34, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x19, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc1, 0x19, 0x18, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x84, 0x1c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x40, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x55, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7b, 0x1d, 0x18, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x81, 0x1c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x50, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x55, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x45, 0x36, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x29, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x98, 0x67, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xfc, 0x39, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x2a, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa8, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0x20, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x6e, 0x3f, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x13, 0x08, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0xb4, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x26, 0x43, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0x17, 0x08, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0xc4, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0xa0, 0x16, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x81, 0x47, 0x18, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x52, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0xcc, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc0, 0x07, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3d, 0x4b, 0x18, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x51, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0xdc, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc0, 0x07, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xd3, 0x4a, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x25, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd4, 0x67, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x8e, 0x4e, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x26, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe4, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf0, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xf8, 0x4c, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0xca, 0x0a, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0xdc, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xb4, 0x50, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc9, 0x0a, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0xec, 0x67, 0x00, 0x00, 0x00, 0x00, 0x00, 0x30, 0x29, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc2, 0x57, 0x18, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xb7, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x08, 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x6d, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7d, 0x5b, 0x18, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xbb, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x18, 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x6d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x79, 0x78, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x44, 0xa1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xca, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0xb4, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x38, 0x7c, 0x18, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x7c, 0xa1, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xca, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0xb2, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0xbd, 0x19, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0xba, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0xb4, 0xd0, 0x00, 0x00, 0x00, 0x00, 0x00, + 0xb4, 0x1d, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0xba, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0xb2, 0xd0, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x44, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x77, 0x1a, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x3e, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf8, 0xd1, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x6e, 0x1e, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x48, 0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf6, 0xd1, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc1, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -189,7 +189,7 @@ unsigned char ql83xx_firmware[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x8c, 0x8c, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xd8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x8c, 0x8c, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xb5, 0x3f, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xb6, 0x43, 0x1a, 0x00, 0x00, 0x00, 0x00, 0x00, 0x6d, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x03, 0x00, 0x00, 0x00, 0x00, 0x58, 0xe0, 0x16, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -232,9 +232,9 @@ unsigned char ql83xx_firmware[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x22, 0x49, 0x1a, 0x00, - 0x00, 0x00, 0x00, 0x00, 0xcb, 0xf8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0xe8, 0x5f, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x92, 0x05, 0x00, + 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x23, 0x4d, 0x1a, 0x00, + 0x00, 0x00, 0x00, 0x00, 0xcc, 0xf8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0xf8, 0x5f, 0x00, 0x00, 0x00, 0x00, 0x00, 0x80, 0x92, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, @@ -249,143325 +249,143383 @@ unsigned char ql83xx_firmware[] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x78, 0xda, 0xec, 0x3d, - 0x0b, 0x70, 0x5c, 0xd5, 0x75, 0xf7, 0x7d, 0x76, 0xf7, 0x69, 0x3f, 0xd2, - 0x1a, 0x64, 0x22, 0x84, 0x1c, 0x3f, 0xd9, 0xc6, 0x16, 0xdf, 0xac, 0x8d, - 0x6d, 0x8c, 0x31, 0xf5, 0x93, 0x2c, 0x3b, 0xb6, 0x23, 0x11, 0x01, 0x29, - 0xff, 0x8f, 0x48, 0x5a, 0x2a, 0x13, 0x82, 0xc5, 0x94, 0xa4, 0x32, 0x50, - 0xfc, 0x24, 0x4b, 0xb2, 0x09, 0x72, 0x22, 0x63, 0xc7, 0x38, 0x84, 0x86, - 0x95, 0x8c, 0x29, 0x6d, 0x99, 0x74, 0x99, 0x64, 0x02, 0xd3, 0x76, 0x86, - 0xc5, 0xce, 0x04, 0x93, 0xe2, 0xd4, 0x9d, 0x0e, 0x6d, 0x08, 0x43, 0xb3, - 0x9d, 0x94, 0x19, 0x95, 0x10, 0xb2, 0xed, 0x74, 0x88, 0x9c, 0xd4, 0xd0, - 0x7b, 0xee, 0xe7, 0x7d, 0xee, 0xbe, 0xf7, 0x76, 0xaf, 0x2c, 0x3b, 0xd3, - 0x8e, 0x95, 0x99, 0xa0, 0xe3, 0x7b, 0xef, 0x79, 0xe7, 0x9e, 0x7b, 0xee, - 0xf9, 0xbf, 0x27, 0xa4, 0x20, 0xfa, 0xa3, 0x23, 0x0d, 0xa9, 0xe8, 0x6e, - 0x74, 0x16, 0xfe, 0xbf, 0x09, 0xd3, 0x9f, 0x5e, 0x06, 0x1f, 0x7f, 0xef, - 0x1d, 0xf2, 0xbf, 0x2f, 0x55, 0xc0, 0xfe, 0x9f, 0x82, 0x00, 0xe7, 0x25, - 0x61, 0x5b, 0x45, 0x26, 0xf9, 0x65, 0x6f, 0x82, 0xfc, 0xa7, 0xbf, 0x62, - 0xbe, 0x82, 0x6c, 0x2b, 0xeb, 0x81, 0xd9, 0xef, 0x66, 0x3e, 0x4d, 0xe9, - 0x45, 0x45, 0x8d, 0x93, 0x8e, 0x50, 0x5d, 0x5e, 0xa7, 0x40, 0xcf, 0xad, - 0xf4, 0xe7, 0xde, 0xb0, 0xe7, 0x6d, 0x44, 0x21, 0xcf, 0x93, 0x84, 0x39, - 0xbe, 0x63, 0xb3, 0x8c, 0x6f, 0x91, 0x32, 0xbb, 0xf8, 0x96, 0xcd, 0x32, - 0xbe, 0xad, 0xea, 0xcc, 0xf0, 0xf1, 0xf5, 0xb7, 0xe9, 0x33, 0x5a, 0x1f, - 0x20, 0x6f, 0x39, 0x1b, 0x50, 0x5d, 0xb4, 0xec, 0xce, 0x4d, 0x73, 0xd0, - 0xf0, 0x37, 0x30, 0x4a, 0x80, 0x8f, 0xb7, 0x0d, 0xbf, 0xf9, 0xa3, 0x2e, - 0x25, 0xbb, 0x07, 0x2f, 0x01, 0x38, 0x7f, 0xdf, 0xbc, 0x35, 0xab, 0x11, - 0x19, 0x2f, 0xf3, 0xf1, 0xf7, 0xef, 0x57, 0xf2, 0x78, 0x3c, 0x37, 0x08, - 0xeb, 0xef, 0xbd, 0xe1, 0xb5, 0xcb, 0x17, 0xd2, 0xf5, 0x83, 0x6c, 0xbc, - 0x7e, 0x8f, 0x92, 0x7b, 0x02, 0xaf, 0x1f, 0xe4, 0xf8, 0xff, 0x91, 0xae, - 0x1f, 0xf4, 0xe3, 0xcf, 0x0d, 0x61, 0xb8, 0x67, 0xd3, 0xe5, 0xb1, 0x8b, - 0x2e, 0xa3, 0xeb, 0x87, 0xd8, 0xf8, 0xf5, 0x6f, 0x2a, 0x3d, 0x7b, 0xf1, - 0x7a, 0x80, 0x7b, 0x57, 0xdf, 0xfa, 0xdc, 0x7d, 0x71, 0xba, 0x9e, 0x8f, - 0x3f, 0xf8, 0x6b, 0xa5, 0x77, 0x1c, 0xaf, 0xdf, 0xe1, 0xe0, 0x57, 0xc8, - 0xfa, 0x1d, 0x02, 0xfd, 0x00, 0xe7, 0x5f, 0xf9, 0xcf, 0x45, 0x2b, 0x0d, - 0xba, 0x9e, 0x8f, 0xbf, 0x7c, 0x35, 0xea, 0x81, 0xe7, 0x0f, 0x63, 0xb8, - 0x3f, 0xfb, 0x9a, 0xd5, 0x48, 0xf7, 0xd7, 0x3f, 0xcc, 0xc6, 0x7f, 0x7a, - 0xc7, 0xa3, 0x06, 0xc6, 0x5f, 0x00, 0xb8, 0x37, 0x3d, 0x9a, 0xcb, 0x36, - 0xd3, 0xf5, 0x7c, 0x7c, 0xcd, 0xe7, 0x1f, 0xdd, 0x05, 0xcf, 0x1f, 0x01, - 0xfa, 0x8d, 0xf5, 0x66, 0x9a, 0xed, 0x7f, 0x84, 0x8d, 0x77, 0x0c, 0x3f, - 0x6a, 0xc0, 0xf3, 0x01, 0xb6, 0x74, 0x3d, 0x6b, 0xa4, 0xe9, 0x7a, 0x3e, - 0xfe, 0x07, 0xcf, 0x3d, 0xba, 0x0b, 0x9e, 0x3f, 0xaa, 0xbb, 0xe7, 0x81, - 0xf1, 0xf5, 0x0b, 0x70, 0x41, 0x80, 0xcb, 0x02, 0x9c, 0xdb, 0x29, 0xac, - 0x17, 0xe0, 0x82, 0x00, 0x97, 0x05, 0x38, 0xb7, 0x0b, 0xe8, 0x6b, 0xdc, - 0x70, 0x77, 0x8b, 0x99, 0x5d, 0xf1, 0x14, 0x5e, 0x0f, 0x70, 0x3e, 0xf7, - 0x79, 0xfd, 0x92, 0xad, 0xdb, 0x61, 0x7f, 0x05, 0x80, 0x7b, 0x9a, 0x76, - 0x3e, 0xd0, 0x78, 0x11, 0x19, 0x2f, 0xf3, 0xf1, 0xee, 0x3d, 0xdb, 0x61, - 0x7f, 0xb9, 0xc7, 0x80, 0x3f, 0x2d, 0x87, 0x15, 0x7d, 0x19, 0x5d, 0xff, - 0x18, 0x1b, 0xdf, 0xfa, 0xdd, 0xed, 0xb0, 0xbf, 0x02, 0xc0, 0xfd, 0x2d, - 0x4a, 0xd6, 0xb8, 0x9a, 0xae, 0xe7, 0xe3, 0x7b, 0xde, 0xdc, 0x6e, 0x60, - 0xf9, 0xc8, 0x7d, 0x95, 0xd2, 0xb3, 0xb8, 0xc5, 0xa4, 0xf4, 0x13, 0x38, - 0x95, 0x46, 0x46, 0xf7, 0xdd, 0x84, 0x7e, 0x36, 0xbe, 0x9c, 0x8d, 0x97, - 0x09, 0xfc, 0xb8, 0xc2, 0xc7, 0x73, 0x8f, 0x0b, 0xfb, 0x17, 0xe0, 0x82, - 0x00, 0x97, 0x05, 0x38, 0x37, 0x26, 0xac, 0x17, 0xe0, 0x82, 0x00, 0x97, - 0x05, 0x38, 0xb7, 0x5b, 0x58, 0x2f, 0xc0, 0x05, 0x01, 0x2e, 0x0b, 0x70, - 0xee, 0x6b, 0xc2, 0x7a, 0x01, 0x2e, 0x08, 0x70, 0x59, 0x80, 0x73, 0x5f, - 0x17, 0xd6, 0x0b, 0x70, 0x41, 0x80, 0xcb, 0x02, 0x9c, 0xb3, 0x30, 0x6c, - 0xf7, 0xbd, 0x1f, 0xe7, 0xeb, 0x01, 0x2e, 0x2d, 0xfc, 0xe9, 0x57, 0xf8, - 0x7a, 0x80, 0x8b, 0xbf, 0x39, 0x3a, 0xaa, 0xb1, 0xf5, 0x00, 0xe7, 0x5f, - 0xfc, 0xe8, 0x43, 0x06, 0xe7, 0xda, 0x31, 0x9c, 0xdd, 0xbd, 0xa2, 0xce, - 0x62, 0xeb, 0x01, 0xee, 0xef, 0x5c, 0xb8, 0x8d, 0xc1, 0x05, 0x80, 0x7b, - 0xe6, 0xef, 0xd9, 0xbd, 0x8e, 0xad, 0x07, 0x38, 0xf7, 0xcf, 0x3b, 0x4f, - 0x32, 0x38, 0xd7, 0x21, 0xd0, 0x2f, 0xc0, 0x05, 0x01, 0x2e, 0x0b, 0x70, - 0x6e, 0x9d, 0xb0, 0x5e, 0x80, 0x0b, 0x02, 0x5c, 0x16, 0xe0, 0x5c, 0xa7, - 0xb0, 0x5e, 0x80, 0x0b, 0x02, 0x5c, 0x16, 0xe0, 0xdc, 0x7a, 0x61, 0xbd, - 0x00, 0x17, 0x04, 0xb8, 0x2c, 0xc0, 0xb9, 0x0d, 0xc2, 0x7a, 0x01, 0x2e, - 0x08, 0x70, 0x59, 0x80, 0x73, 0x9f, 0x16, 0xd6, 0x0b, 0x70, 0x41, 0x80, - 0xcb, 0x02, 0x9c, 0xdb, 0x08, 0xe7, 0xf3, 0xfb, 0x6f, 0xf2, 0xf3, 0xec, - 0x07, 0xf8, 0xf8, 0x97, 0xdf, 0xe1, 0x70, 0x81, 0x8c, 0xef, 0x7f, 0x97, - 0xc3, 0x65, 0x32, 0xfe, 0xfd, 0x5f, 0x3a, 0xe7, 0xbf, 0x09, 0xee, 0xff, - 0xd5, 0x7f, 0x75, 0x92, 0xaf, 0x27, 0xf0, 0x6d, 0xdf, 0xe3, 0x70, 0x81, - 0xc0, 0x0f, 0x8f, 0x70, 0xb8, 0x0c, 0x70, 0xf9, 0x99, 0xaf, 0x71, 0x38, - 0xb7, 0x19, 0xe0, 0x57, 0xc6, 0x9d, 0xf5, 0x04, 0xfe, 0xd9, 0x37, 0x9d, - 0xf5, 0x00, 0xa3, 0x39, 0x0b, 0x4e, 0xf0, 0xf5, 0x00, 0x8f, 0xaf, 0xb8, - 0x84, 0xc3, 0xb9, 0xcf, 0x60, 0xd8, 0xec, 0xd0, 0x39, 0xdc, 0x0f, 0x70, - 0xe1, 0x9e, 0x0c, 0x87, 0x0b, 0x00, 0x5b, 0xbb, 0xb2, 0xce, 0x7a, 0x80, - 0x8f, 0xbf, 0x70, 0xbe, 0xb3, 0xbe, 0x0b, 0xf0, 0x17, 0x5f, 0x73, 0xf6, - 0xdf, 0x45, 0xf9, 0x53, 0xe6, 0xeb, 0x05, 0xb8, 0x2c, 0xc0, 0xb9, 0x6e, - 0x3f, 0xdc, 0x2f, 0xc0, 0x05, 0x01, 0x2e, 0x0b, 0x70, 0xee, 0x5a, 0x61, - 0xbd, 0x00, 0x17, 0x04, 0xb8, 0x2c, 0xc0, 0xb9, 0xcf, 0x0a, 0xeb, 0x05, - 0xb8, 0x20, 0xc0, 0x65, 0x01, 0xf6, 0xfb, 0x77, 0x95, 0xfe, 0xc1, 0x1c, - 0x2f, 0x5c, 0xd5, 0xdf, 0x30, 0xf9, 0x6f, 0x0a, 0x73, 0x2a, 0xd9, 0xc3, - 0x1a, 0x14, 0xc7, 0xc9, 0xac, 0xe2, 0xaf, 0xf4, 0x2b, 0x96, 0x47, 0x3e, - 0x29, 0xbe, 0x58, 0x0c, 0xeb, 0x7f, 0xf0, 0xb9, 0xf1, 0xf8, 0xad, 0x31, - 0x36, 0xf6, 0xd1, 0x7c, 0x64, 0xf6, 0x54, 0xc7, 0x27, 0x47, 0x3f, 0xbb, - 0x1b, 0xa5, 0x8f, 0xe9, 0xcf, 0x56, 0x79, 0x7f, 0x6a, 0x56, 0xe1, 0x42, - 0xf5, 0xf3, 0x91, 0x83, 0xd9, 0xfe, 0xca, 0x21, 0xfb, 0xab, 0xfa, 0xbc, - 0x2a, 0xeb, 0xab, 0xc6, 0x2b, 0x92, 0xcf, 0xb3, 0x1d, 0x5d, 0x65, 0x71, - 0xf9, 0xc9, 0xb0, 0x78, 0xa5, 0x0f, 0x8f, 0x2a, 0x4e, 0x3c, 0x83, 0x90, - 0x41, 0xc6, 0x5d, 0xe5, 0x6c, 0xa2, 0x03, 0x47, 0x94, 0x41, 0x94, 0x2d, - 0x22, 0xa3, 0x89, 0xce, 0x37, 0x87, 0xf0, 0x7c, 0x74, 0xa9, 0xca, 0x50, - 0x7f, 0x1c, 0x2c, 0x3f, 0x69, 0x3f, 0x7e, 0xf4, 0x06, 0x1b, 0x9a, 0x62, - 0xf0, 0xef, 0xf6, 0xfc, 0xaa, 0xf1, 0xeb, 0x2c, 0x7c, 0x6a, 0xf7, 0xff, - 0xf4, 0xc3, 0xb3, 0x4b, 0x8f, 0x89, 0x84, 0xfc, 0x03, 0xfe, 0x87, 0xdf, - 0x6b, 0xf6, 0xcc, 0x67, 0xfa, 0xd7, 0x19, 0x47, 0x3f, 0x40, 0x7e, 0xf9, - 0xce, 0xa6, 0xfd, 0x30, 0xdc, 0xa8, 0x38, 0x72, 0xef, 0x15, 0x5e, 0x94, - 0xcc, 0x0d, 0x77, 0xb4, 0xb7, 0x51, 0xfe, 0x62, 0xfc, 0xc9, 0x66, 0x7a, - 0xbf, 0x4c, 0xd5, 0xab, 0x8f, 0xed, 0x93, 0xa7, 0x43, 0x1f, 0x57, 0x87, - 0x1b, 0x3c, 0x60, 0x2d, 0xcf, 0xe7, 0xf3, 0xed, 0x7a, 0xb9, 0xf9, 0x68, - 0x9e, 0x24, 0xfe, 0x4b, 0x24, 0xf1, 0xaf, 0x96, 0xc4, 0xbf, 0x51, 0x12, - 0xff, 0x4d, 0x92, 0xf8, 0xff, 0x50, 0x12, 0xff, 0x83, 0x92, 0xf8, 0x87, - 0x24, 0xf1, 0xef, 0x91, 0xc4, 0xff, 0x8c, 0x24, 0xfe, 0xef, 0x48, 0xe2, - 0xff, 0x3b, 0x49, 0xfc, 0x7f, 0x2f, 0x89, 0xff, 0x2d, 0x49, 0xfc, 0x53, - 0x92, 0xf8, 0x3f, 0x94, 0xc4, 0x1f, 0x53, 0xe4, 0xf0, 0x9f, 0x2b, 0x37, - 0x1f, 0x2d, 0x90, 0xc4, 0x9f, 0x93, 0xc4, 0xbf, 0x56, 0x12, 0x7f, 0xb7, - 0x24, 0xfe, 0xdb, 0x25, 0xf1, 0xdf, 0x2b, 0x89, 0x7f, 0x9b, 0x24, 0xfe, - 0x9d, 0x92, 0xf8, 0xf7, 0x4b, 0xe2, 0x7f, 0x56, 0x12, 0xff, 0x77, 0x25, - 0xf1, 0xbf, 0x2a, 0x89, 0xff, 0xb8, 0x24, 0xfe, 0x7f, 0x95, 0xc4, 0xff, - 0x4b, 0x49, 0xfc, 0xbf, 0x95, 0xc4, 0x9f, 0x54, 0xe5, 0xf0, 0x37, 0xc9, - 0xcd, 0x47, 0x4b, 0x24, 0xf1, 0xaf, 0x90, 0xc4, 0xdf, 0x29, 0x89, 0xff, - 0x7a, 0x49, 0xfc, 0x77, 0x4b, 0xe2, 0xdf, 0x2a, 0x89, 0xff, 0x51, 0x49, - 0xfc, 0x63, 0x92, 0xf8, 0xbf, 0x25, 0x89, 0xff, 0x2f, 0x24, 0xf1, 0xbf, - 0x2c, 0x89, 0xff, 0x87, 0x92, 0xf8, 0xdf, 0x94, 0xc4, 0xff, 0x73, 0x49, - 0xfc, 0xff, 0x25, 0x89, 0x1f, 0x69, 0x72, 0xf8, 0x1b, 0xe4, 0xe6, 0xdb, - 0xf3, 0x24, 0xf1, 0x5f, 0x2a, 0x89, 0x7f, 0xb5, 0x24, 0xfe, 0x4d, 0x92, - 0xf8, 0x6f, 0x92, 0xc4, 0x7f, 0x8f, 0x24, 0xfe, 0x07, 0x25, 0xf1, 0xef, - 0x90, 0xc4, 0xbf, 0x47, 0x12, 0x7f, 0x5e, 0x3b, 0x13, 0xf1, 0x87, 0xdd, - 0x8d, 0x2e, 0xff, 0x24, 0xfc, 0xfa, 0x8b, 0xb5, 0x88, 0xe4, 0x13, 0x8e, - 0xb1, 0x0a, 0x70, 0x5f, 0x8c, 0xc6, 0x4f, 0x19, 0x96, 0x5f, 0x98, 0xd2, - 0x01, 0xe6, 0xf5, 0xba, 0x97, 0xae, 0xe3, 0xcf, 0xdb, 0xcd, 0xf3, 0x0b, - 0x3a, 0x9b, 0xcf, 0xe3, 0x31, 0x05, 0x0d, 0x2a, 0x79, 0x1a, 0x76, 0x3d, - 0x85, 0xa3, 0xb6, 0xc5, 0xa8, 0xa4, 0xbb, 0xf5, 0xda, 0xbc, 0x75, 0x15, - 0x09, 0xc5, 0xf0, 0x3f, 0x35, 0xb6, 0x69, 0xa8, 0x05, 0x48, 0xc9, 0x1f, - 0x51, 0x06, 0x39, 0xfe, 0xb7, 0x27, 0x29, 0x7e, 0x03, 0x29, 0xc8, 0x82, - 0x54, 0xfe, 0xcd, 0x03, 0x88, 0xd2, 0xe7, 0xa7, 0x9f, 0xcf, 0x6f, 0xff, - 0x4a, 0xf0, 0xfe, 0x4d, 0x03, 0x21, 0x2b, 0x69, 0xa6, 0xd0, 0xf4, 0x95, - 0xa8, 0x94, 0x40, 0x07, 0x91, 0xca, 0xf2, 0x3d, 0x57, 0x92, 0x04, 0x4c, - 0xaf, 0x13, 0x60, 0xb7, 0x59, 0x8c, 0x1e, 0x6b, 0x2e, 0xa6, 0xe7, 0xe9, - 0x1f, 0x2e, 0x6a, 0x8a, 0x2f, 0x6d, 0x1c, 0xb5, 0x0d, 0xb4, 0x7b, 0x70, - 0x2f, 0x29, 0x25, 0x4c, 0x69, 0xde, 0xfd, 0x73, 0xfa, 0x90, 0xd2, 0x7d, - 0x84, 0xd6, 0xa3, 0xfb, 0x54, 0xb2, 0x7f, 0x96, 0xec, 0xb3, 0x52, 0x84, - 0x0f, 0xbd, 0x90, 0xc5, 0x21, 0xf4, 0x1b, 0x39, 0x84, 0x9f, 0xcd, 0xf3, - 0x4d, 0xe8, 0x46, 0x56, 0xaf, 0x36, 0x76, 0x4c, 0xa4, 0x40, 0x38, 0x5a, - 0x99, 0x90, 0x54, 0xe2, 0xaf, 0x3b, 0xcc, 0xf0, 0xfb, 0xf2, 0x43, 0xed, - 0x0c, 0x3f, 0x6c, 0xc7, 0x52, 0x2b, 0xf1, 0xdf, 0xc4, 0xf0, 0x27, 0x07, - 0x27, 0x80, 0x04, 0xfb, 0xa2, 0x50, 0xfc, 0x8a, 0x1f, 0xbf, 0x95, 0x39, - 0xdc, 0xda, 0xc2, 0xce, 0x0f, 0xc3, 0x46, 0x05, 0x7f, 0xe8, 0xcf, 0xcd, - 0x0c, 0x7f, 0x05, 0x3e, 0x47, 0x1e, 0xa6, 0xd8, 0xfa, 0xdd, 0x1a, 0xd9, - 0x3f, 0xc3, 0xc7, 0xe7, 0x7f, 0xea, 0x20, 0x9d, 0xaf, 0x0b, 0xf8, 0x11, - 0x1a, 0xe3, 0xee, 0x3f, 0xe1, 0xb7, 0x85, 0xde, 0x50, 0x2c, 0x78, 0x54, - 0xd3, 0x7d, 0x2a, 0xe4, 0xbb, 0x18, 0x3d, 0xf6, 0x2d, 0xbc, 0xde, 0x4f, - 0xce, 0x73, 0xb4, 0x0e, 0xf2, 0xa9, 0x76, 0x0c, 0x0b, 0x51, 0x7b, 0xf7, - 0x61, 0xa5, 0x05, 0x9f, 0xfa, 0xf4, 0x56, 0xad, 0x34, 0xa2, 0x4c, 0xdc, - 0x7e, 0xad, 0xad, 0x97, 0xd0, 0x2a, 0x55, 0x41, 0xcf, 0xc7, 0x7e, 0x84, - 0xd0, 0x4e, 0x7c, 0x5e, 0x87, 0x33, 0x59, 0x97, 0xbe, 0x4a, 0xfa, 0xb9, - 0xbc, 0xf3, 0xfd, 0x1f, 0x53, 0xd6, 0x04, 0xd0, 0xcf, 0xe7, 0x33, 0xfa, - 0xed, 0x3b, 0x38, 0x3d, 0x20, 0x6f, 0xe7, 0x01, 0xbd, 0xf4, 0x3c, 0x80, - 0xde, 0x38, 0xf4, 0x32, 0x1c, 0xa5, 0x30, 0x42, 0xab, 0x12, 0x6c, 0x49, - 0x3c, 0x38, 0x5e, 0x71, 0xee, 0x9f, 0x42, 0xef, 0x53, 0x17, 0xbf, 0x5f, - 0x84, 0x1f, 0x9c, 0x5f, 0x77, 0x85, 0xf0, 0xdf, 0x40, 0xdd, 0x1a, 0xa5, - 0x97, 0xee, 0x8f, 0xd3, 0xb7, 0x3e, 0x74, 0xbe, 0x9f, 0x9f, 0x8e, 0xbc, - 0x0a, 0xf7, 0xeb, 0x9c, 0x98, 0x6f, 0xbf, 0x3d, 0x0a, 0x4d, 0xc4, 0xf4, - 0xba, 0xf9, 0xc5, 0x29, 0x35, 0x28, 0x9f, 0x08, 0xac, 0xb6, 0x00, 0xe9, - 0x81, 0x05, 0x6c, 0xff, 0x5d, 0x9c, 0xa4, 0x58, 0x2d, 0xf1, 0x5a, 0x08, - 0xbf, 0xd1, 0x17, 0x18, 0xbd, 0xa7, 0x7b, 0x7f, 0x06, 0xd6, 0x67, 0x84, - 0x9f, 0xd3, 0xdb, 0xa2, 0xce, 0x1f, 0xdd, 0xe3, 0xf4, 0x9f, 0x04, 0xd3, - 0x7f, 0xb0, 0x9e, 0xce, 0x87, 0x59, 0x6b, 0x74, 0x53, 0x03, 0x79, 0x2d, - 0xc5, 0xd0, 0x04, 0xd5, 0x17, 0x93, 0xf5, 0x8e, 0x7e, 0x44, 0xf5, 0xc8, - 0xb9, 0xaa, 0x12, 0xfc, 0x79, 0x07, 0xb9, 0xf4, 0x40, 0x41, 0x13, 0xb5, - 0x71, 0x79, 0x73, 0xee, 0x93, 0xea, 0xa5, 0x7f, 0x5b, 0xb2, 0x36, 0x7b, - 0xc1, 0xe7, 0xdf, 0x95, 0x92, 0x9b, 0x2f, 0xde, 0x8f, 0xbe, 0x2a, 0xfc, - 0x59, 0x74, 0x8a, 0xf8, 0xb7, 0x38, 0xf8, 0xbb, 0xf8, 0x7e, 0x63, 0xc1, - 0xf9, 0xed, 0x31, 0xc1, 0x5e, 0xd9, 0x3a, 0xf6, 0xa4, 0xa0, 0xa4, 0xa6, - 0xbc, 0x7c, 0x04, 0x0d, 0x56, 0xd8, 0x53, 0x6c, 0x20, 0xea, 0x89, 0x7d, - 0x5c, 0xc8, 0xf8, 0x29, 0xe2, 0xd3, 0x3d, 0xe5, 0xc7, 0x8a, 0xfa, 0x93, - 0xc7, 0xbe, 0x9e, 0x20, 0xf6, 0xd5, 0xc4, 0xa7, 0x6a, 0x9d, 0xb3, 0x2f, - 0x86, 0xcc, 0x1c, 0x2a, 0x26, 0xf0, 0xf9, 0xa3, 0x5b, 0x98, 0x34, 0xda, - 0x8d, 0x70, 0xde, 0x36, 0x3a, 0xd6, 0x6e, 0xd5, 0x7b, 0xee, 0x3f, 0x13, - 0xe0, 0x5f, 0xfd, 0x39, 0xdb, 0x1f, 0x79, 0xda, 0x48, 0x12, 0xe4, 0xc7, - 0xf4, 0xd8, 0x53, 0x74, 0x00, 0xd4, 0x37, 0xa5, 0x0f, 0x0b, 0xad, 0x5e, - 0x7b, 0x3e, 0xf9, 0xdc, 0x48, 0xff, 0xc1, 0xb9, 0x2f, 0x3f, 0x59, 0x1c, - 0xb8, 0x7f, 0x7e, 0x1e, 0xf6, 0x5d, 0x71, 0xdf, 0x7d, 0xb0, 0x91, 0xa5, - 0x79, 0xed, 0x85, 0x6a, 0x6f, 0xd0, 0xbc, 0xf7, 0x93, 0xcf, 0x67, 0xdb, - 0x2b, 0x7c, 0xe9, 0x02, 0x14, 0x28, 0x1f, 0xfc, 0x97, 0xa7, 0xd5, 0xda, - 0xe8, 0x0b, 0xa7, 0xa7, 0x5d, 0x3b, 0xbd, 0xf8, 0x3b, 0x4e, 0x33, 0xfe, - 0x75, 0xa7, 0x19, 0xff, 0x67, 0xd8, 0xf9, 0xa0, 0x62, 0xbb, 0x1a, 0xe5, - 0x3f, 0xbe, 0x21, 0xd8, 0xa7, 0xb0, 0xfb, 0xb2, 0x34, 0xf8, 0xbe, 0xf0, - 0xfb, 0x60, 0xbd, 0x2f, 0xf8, 0x9b, 0x53, 0x09, 0xc0, 0x97, 0xc5, 0xf6, - 0x97, 0xd8, 0x8b, 0xa6, 0xad, 0x89, 0xe2, 0x90, 0xab, 0xaf, 0xfe, 0xed, - 0x73, 0x5c, 0x7f, 0xee, 0xd6, 0xea, 0xe3, 0xc3, 0x58, 0x97, 0x9d, 0x8c, - 0xe7, 0x47, 0xf1, 0x7a, 0x42, 0xeb, 0x64, 0x9d, 0xab, 0x3f, 0xeb, 0x14, - 0xaf, 0x7d, 0x81, 0xd5, 0xcb, 0x92, 0xbe, 0xfb, 0xcf, 0xed, 0x7b, 0x1c, - 0x95, 0xe8, 0xfd, 0x22, 0xf6, 0x7a, 0xfa, 0x0a, 0x4a, 0x2f, 0xd6, 0xc7, - 0x8b, 0xe7, 0xc1, 0x72, 0x46, 0x3f, 0xef, 0x87, 0x1c, 0xd7, 0xa0, 0x06, - 0x8c, 0xef, 0xeb, 0xcd, 0xd1, 0xfa, 0x99, 0xfb, 0x7f, 0xeb, 0xae, 0xf2, - 0xc9, 0xf3, 0xf7, 0x9d, 0xf3, 0x79, 0x8c, 0xfb, 0xd3, 0x19, 0x9f, 0xbf, - 0xc8, 0xe6, 0xb3, 0xfb, 0xd0, 0x9f, 0x98, 0x58, 0xc4, 0xd6, 0xbf, 0x8e, - 0x7c, 0xf3, 0xd1, 0x51, 0xc5, 0x0b, 0x73, 0xfd, 0x67, 0x3f, 0xa0, 0xf9, - 0xec, 0x1f, 0xe7, 0x97, 0x81, 0x5e, 0x57, 0xea, 0xe1, 0xa8, 0xed, 0x13, - 0xd4, 0x7f, 0x26, 0xfa, 0x62, 0x32, 0xed, 0xf2, 0x2b, 0xed, 0xe3, 0x17, - 0x10, 0xb7, 0xca, 0x77, 0xfe, 0x8e, 0xff, 0x41, 0xf9, 0x45, 0xf4, 0x97, - 0xcb, 0x2f, 0x20, 0x7f, 0x41, 0xc6, 0xc3, 0x2f, 0xd8, 0x40, 0xfe, 0xda, - 0x94, 0xbb, 0xfe, 0x02, 0x29, 0x7b, 0xc6, 0x7f, 0x39, 0xea, 0xf0, 0x6b, - 0x13, 0xf7, 0x2f, 0xea, 0xc9, 0xfe, 0x59, 0xdf, 0x62, 0xe2, 0x55, 0xce, - 0x9f, 0x3a, 0xd5, 0x3b, 0x0e, 0x8f, 0xa7, 0xfb, 0x5d, 0xea, 0x93, 0x77, - 0xce, 0x0f, 0xc6, 0x2f, 0x8b, 0xf3, 0x8b, 0x6a, 0xca, 0xc9, 0xa4, 0xcb, - 0x8f, 0x64, 0x85, 0xfc, 0x2c, 0x4f, 0x06, 0xca, 0x3f, 0xe5, 0x07, 0xe6, - 0xa7, 0xd5, 0xe4, 0xf2, 0x03, 0xd8, 0xdb, 0x56, 0xe7, 0xe1, 0x07, 0xdb, - 0xc7, 0x73, 0x3a, 0x5f, 0x7f, 0xcb, 0x8c, 0xf8, 0xf1, 0x96, 0xc3, 0x8f, - 0xd7, 0xf9, 0xf3, 0xeb, 0xa9, 0x7f, 0xcc, 0xf8, 0xf1, 0x22, 0xe7, 0xc7, - 0x63, 0xbe, 0xf1, 0x1a, 0xf9, 0x81, 0x86, 0x39, 0x3f, 0x88, 0x00, 0x4e, - 0xa6, 0x5c, 0x7e, 0xa4, 0x2a, 0xe4, 0x63, 0x65, 0x94, 0x7c, 0xe0, 0xd9, - 0x24, 0x9e, 0xe0, 0xf7, 0x09, 0x9a, 0x59, 0xe6, 0x7a, 0xf8, 0xc1, 0xed, - 0xd5, 0xf3, 0xe0, 0x8e, 0xc0, 0x7d, 0x6a, 0x99, 0x11, 0x3f, 0x7e, 0x51, - 0x21, 0x1f, 0x7d, 0x0d, 0x54, 0x7f, 0x30, 0x7f, 0xb3, 0x09, 0xef, 0x53, - 0xe3, 0xfc, 0x1f, 0xc6, 0x27, 0x92, 0x03, 0xbf, 0x08, 0xaf, 0xdf, 0xa4, - 0x7a, 0xe7, 0xd7, 0x2a, 0x2f, 0xb5, 0xf2, 0x07, 0x56, 0xaf, 0xf4, 0xeb, - 0x1b, 0x9f, 0xbc, 0x38, 0xfa, 0x98, 0xf3, 0x87, 0x8c, 0xee, 0x35, 0x80, - 0x3e, 0x04, 0xfe, 0x20, 0xf6, 0x4a, 0xf6, 0x34, 0x7a, 0xd7, 0xdf, 0x3a, - 0x23, 0xfe, 0xfc, 0x8f, 0xab, 0x6f, 0xf8, 0xf3, 0xb3, 0x9e, 0xf8, 0xd1, - 0xd4, 0x0c, 0x6e, 0x6f, 0xeb, 0x34, 0xef, 0x78, 0x8d, 0xfc, 0xb0, 0x1d, - 0x7e, 0x90, 0xe1, 0xc9, 0x8c, 0xcb, 0x8f, 0x4c, 0x85, 0xbc, 0xac, 0xf6, - 0xcb, 0x4b, 0xa4, 0xfe, 0x05, 0x07, 0x65, 0x71, 0x83, 0xa0, 0x7f, 0xcd, - 0xcf, 0x1a, 0xee, 0xfa, 0xa6, 0x19, 0xf1, 0x83, 0x75, 0x59, 0xf4, 0xbb, - 0xe7, 0x3f, 0xd5, 0xe0, 0x89, 0x6f, 0xb3, 0x2e, 0x3f, 0x1c, 0x7d, 0xdb, - 0x10, 0xe4, 0x3f, 0x72, 0x7e, 0xfc, 0xf8, 0xc6, 0x90, 0x7c, 0x03, 0xf9, - 0xcf, 0x64, 0x8c, 0xf3, 0x83, 0xf1, 0xab, 0x38, 0x18, 0xaa, 0x9f, 0x37, - 0x51, 0xfd, 0x5c, 0xdc, 0xc6, 0xf2, 0x1b, 0x5c, 0x5e, 0xa6, 0xbc, 0xf1, - 0x9e, 0x1d, 0xba, 0x5e, 0x81, 0xf3, 0x1a, 0x35, 0x50, 0x71, 0x29, 0x94, - 0xb9, 0x27, 0x3c, 0xf1, 0x18, 0x59, 0x0f, 0xd3, 0xad, 0x66, 0xbf, 0x7e, - 0xba, 0xb8, 0xce, 0xb5, 0xcf, 0xfb, 0x99, 0xbb, 0x1c, 0x47, 0xab, 0x96, - 0xef, 0xd3, 0xd0, 0xce, 0x7e, 0x4b, 0x73, 0x36, 0x63, 0xa9, 0x0a, 0xf6, - 0x87, 0x51, 0x8b, 0x99, 0xd9, 0x11, 0xe6, 0x4f, 0xe6, 0x87, 0xb0, 0x25, - 0xb1, 0x56, 0x9a, 0x89, 0x6c, 0x06, 0x2a, 0xe8, 0xe8, 0x59, 0xf5, 0xd5, - 0x89, 0xed, 0xf8, 0xdf, 0x1b, 0x5f, 0x7d, 0x80, 0x30, 0x74, 0xa4, 0xd1, - 0x7c, 0x9e, 0x0a, 0x83, 0x71, 0x29, 0x5d, 0x6f, 0x72, 0x7f, 0x15, 0x3f, - 0x9c, 0xf8, 0xab, 0x3c, 0x5f, 0x84, 0x6f, 0x6b, 0xe0, 0x79, 0xb2, 0x71, - 0x6b, 0xc0, 0x17, 0xcf, 0xae, 0x63, 0xf6, 0x92, 0xf3, 0xa3, 0xf1, 0xa0, - 0x3f, 0xde, 0x53, 0x3d, 0xf1, 0x9e, 0x57, 0x9e, 0xb9, 0xfe, 0xe9, 0x5c, - 0x77, 0x95, 0x37, 0x7e, 0xb4, 0x38, 0x7f, 0x91, 0x63, 0xf0, 0x07, 0x90, - 0x37, 0x5e, 0xe2, 0xfc, 0xc6, 0xf7, 0x85, 0x49, 0xcc, 0xc0, 0x1c, 0xd7, - 0x1e, 0x4d, 0x1a, 0xae, 0xfc, 0x1b, 0x15, 0xfa, 0x20, 0x17, 0xa1, 0x0f, - 0x1c, 0x7d, 0xc5, 0xf5, 0x01, 0x91, 0xce, 0x7d, 0x75, 0x5e, 0x7d, 0xb0, - 0x77, 0x16, 0xf4, 0xc1, 0x1a, 0x4d, 0xd4, 0x07, 0x53, 0x94, 0x7e, 0xbe, - 0x9f, 0x03, 0x27, 0xe6, 0x48, 0xdc, 0xff, 0xe2, 0xce, 0xea, 0xfa, 0x30, - 0x5e, 0x93, 0xbd, 0xa8, 0x4a, 0xff, 0x3c, 0xfe, 0xbb, 0x1e, 0xb4, 0x5f, - 0x1b, 0xec, 0x4d, 0xc1, 0x4c, 0x40, 0x3c, 0x45, 0xfd, 0xcd, 0x81, 0xf8, - 0x4c, 0xf8, 0x73, 0xad, 0x56, 0x61, 0x4f, 0x14, 0x1f, 0x7f, 0xb2, 0x03, - 0x0c, 0x36, 0x04, 0xff, 0x57, 0xc0, 0x47, 0xf7, 0x6a, 0x6b, 0x3c, 0x3f, - 0x41, 0xfc, 0x03, 0xec, 0xaf, 0x1a, 0x39, 0x64, 0xc6, 0xc1, 0x1e, 0x66, - 0x6c, 0x03, 0xec, 0xa1, 0xf9, 0x4b, 0x26, 0xcf, 0x96, 0x02, 0xf9, 0xcf, - 0x51, 0x34, 0xbd, 0xf6, 0x62, 0x1c, 0x7f, 0x5a, 0xa8, 0x5b, 0x5d, 0x45, - 0x44, 0xfe, 0x7e, 0xa5, 0x84, 0xf5, 0x01, 0xd6, 0x76, 0x07, 0xba, 0x74, - 0xf4, 0xf4, 0x97, 0xf7, 0xd2, 0xfc, 0x28, 0xac, 0xec, 0x35, 0x0e, 0xc6, - 0x00, 0xf5, 0xcd, 0x01, 0xf9, 0x52, 0xec, 0x4f, 0x73, 0xfd, 0xaa, 0x7a, - 0xef, 0xcb, 0xe3, 0xa1, 0xfa, 0x47, 0xb8, 0x1f, 0xd2, 0xfa, 0x3c, 0x1d, - 0x69, 0xff, 0xe1, 0x57, 0x53, 0xf4, 0x87, 0xec, 0xae, 0x3a, 0x77, 0xfd, - 0xf9, 0x33, 0x92, 0xe7, 0x2d, 0xce, 0x79, 0x39, 0xf6, 0xab, 0xd1, 0x77, - 0x5e, 0x03, 0x03, 0x8d, 0x32, 0xf2, 0xfc, 0x78, 0x55, 0x7f, 0x30, 0x4c, - 0x3f, 0xf9, 0xef, 0x73, 0x18, 0xbd, 0x0f, 0x56, 0xde, 0x3f, 0x3f, 0xbd, - 0x68, 0x5a, 0x86, 0x5e, 0x34, 0x56, 0xf5, 0xfe, 0x85, 0xd1, 0x5b, 0xdb, - 0xfd, 0xdb, 0x5e, 0x79, 0x1f, 0xe6, 0xfa, 0xe9, 0x1d, 0x98, 0x1b, 0x65, - 0x1f, 0xdd, 0xfa, 0x40, 0x88, 0x3e, 0x47, 0x1f, 0x10, 0xf9, 0xa7, 0x06, - 0x65, 0x32, 0xc1, 0xe9, 0xe7, 0xfa, 0x9b, 0xdf, 0x9f, 0x66, 0x2a, 0xff, - 0x2d, 0x0a, 0xd6, 0xc7, 0x24, 0x7f, 0x8b, 0x15, 0x74, 0x6f, 0x7d, 0x02, - 0x5a, 0xfc, 0x63, 0xab, 0xe8, 0x7d, 0x38, 0x4e, 0xfb, 0xbb, 0x0c, 0x13, - 0xc5, 0x4d, 0x14, 0x70, 0x1f, 0x14, 0xef, 0x7d, 0x00, 0xf1, 0xab, 0x87, - 0xff, 0xcb, 0x2f, 0x75, 0xfc, 0x0d, 0x50, 0xc1, 0x9c, 0x9f, 0x59, 0xd4, - 0x8d, 0xd6, 0x18, 0x9e, 0xfc, 0x91, 0x92, 0x51, 0x58, 0x7e, 0x3c, 0x2e, - 0xf4, 0x4f, 0xc6, 0x82, 0xec, 0x03, 0x3d, 0x9f, 0x67, 0x54, 0xf7, 0x3c, - 0x3c, 0xfc, 0xb6, 0xa3, 0xe2, 0x2f, 0x7e, 0x5e, 0xbc, 0x1d, 0x78, 0xfa, - 0x3c, 0xfa, 0x3c, 0xc7, 0x1f, 0xa8, 0x51, 0x5f, 0x8e, 0xf0, 0xf9, 0xe7, - 0xf1, 0xfc, 0x51, 0x12, 0xfc, 0x2b, 0x8b, 0xea, 0xc7, 0x2c, 0x8c, 0x66, - 0x4d, 0x1d, 0x19, 0xcb, 0xa9, 0x3e, 0x42, 0x1b, 0x79, 0x3e, 0xfa, 0xc4, - 0x7c, 0x9a, 0x7f, 0xc2, 0xb4, 0x27, 0x12, 0xa0, 0x47, 0xad, 0x61, 0x90, - 0x47, 0x96, 0xff, 0xb4, 0xee, 0x53, 0xcc, 0x88, 0xf3, 0x6e, 0x14, 0xf2, - 0xf9, 0x47, 0x9c, 0xf8, 0x77, 0x17, 0xaf, 0x07, 0x21, 0xa0, 0x9f, 0xcf, - 0xef, 0xb8, 0xc9, 0x6f, 0xaf, 0xdf, 0x76, 0xe6, 0xf3, 0xfc, 0x5d, 0x9f, - 0x41, 0xf7, 0xef, 0x59, 0x4f, 0xf9, 0xa1, 0x39, 0xfc, 0xa0, 0xf4, 0x24, - 0x68, 0xfe, 0xae, 0x14, 0x9d, 0xbf, 0xb3, 0x16, 0x51, 0xfd, 0xc3, 0xf3, - 0x0f, 0xc5, 0x13, 0x2c, 0xff, 0x90, 0xf1, 0xe9, 0x4b, 0x37, 0xff, 0xe6, - 0xcf, 0x97, 0x7e, 0xe7, 0xba, 0xe0, 0xfa, 0x86, 0x68, 0xff, 0xf9, 0x7e, - 0x92, 0x21, 0xf9, 0x68, 0xce, 0x9f, 0x94, 0x90, 0xbf, 0x4e, 0x57, 0xc9, - 0x5f, 0x67, 0xd8, 0x78, 0x96, 0x27, 0x0b, 0x85, 0xf5, 0x73, 0x3d, 0xfe, - 0x0e, 0xfc, 0x7c, 0x22, 0xb4, 0x3e, 0x93, 0x51, 0xfc, 0xf5, 0x8d, 0xe0, - 0x7c, 0xf8, 0xdb, 0xd7, 0xf9, 0xfd, 0xfd, 0xa4, 0x7a, 0x9e, 0x1e, 0x95, - 0x3f, 0x17, 0xe6, 0x17, 0x25, 0xe7, 0xa3, 0x14, 0x9b, 0xcf, 0x9f, 0x77, - 0x0e, 0x83, 0xc5, 0xf9, 0x6c, 0x7f, 0xa5, 0x87, 0x26, 0x3e, 0x88, 0x45, - 0xe5, 0x93, 0xaf, 0xbc, 0x43, 0x2e, 0x9f, 0xfc, 0xee, 0x1f, 0xd7, 0x5a, - 0x3f, 0x75, 0xfc, 0x3b, 0xa9, 0xfc, 0xfc, 0xd5, 0xad, 0x72, 0xf4, 0x4c, - 0xaa, 0x72, 0xf3, 0x8f, 0x5d, 0x23, 0x4b, 0x7f, 0xb0, 0x3f, 0xe5, 0xd4, - 0x0f, 0x04, 0xfc, 0x47, 0x6f, 0xf7, 0xf1, 0x1f, 0xe5, 0x5b, 0x33, 0x91, - 0xf9, 0xda, 0x77, 0xb5, 0x60, 0x7a, 0x6a, 0xc5, 0x6f, 0x9b, 0x99, 0xc8, - 0x7a, 0xc1, 0xb9, 0x7f, 0x22, 0xbd, 0xdf, 0x84, 0x54, 0xbd, 0xe9, 0x36, - 0xa1, 0x3e, 0x59, 0x85, 0x9e, 0xdf, 0x2a, 0x72, 0xe7, 0x75, 0xf7, 0x53, - 0x7e, 0xfc, 0xd5, 0xf8, 0x99, 0xd4, 0xe5, 0xf0, 0xaf, 0x0d, 0xad, 0xef, - 0xa4, 0x84, 0x7a, 0x05, 0xb7, 0xc7, 0xb4, 0xbe, 0xc5, 0xe3, 0xa3, 0xd2, - 0x47, 0xe7, 0x53, 0xfb, 0xbb, 0xd7, 0x24, 0xd9, 0xdc, 0x4f, 0xb7, 0xf6, - 0x29, 0x41, 0xf1, 0x9f, 0x58, 0xcf, 0x4d, 0xf3, 0xfb, 0x8e, 0x83, 0x3b, - 0x4b, 0x62, 0xff, 0xd5, 0xce, 0xfb, 0xc6, 0xeb, 0xe5, 0xf6, 0xff, 0x0f, - 0x4f, 0x56, 0xc9, 0x87, 0xa3, 0xa5, 0x51, 0xf9, 0x70, 0x1c, 0x56, 0xd0, - 0xfa, 0x45, 0xed, 0xf3, 0xdb, 0xfd, 0xf3, 0xcb, 0xb9, 0xc8, 0xf9, 0x08, - 0xb5, 0x4a, 0xe9, 0x47, 0x85, 0xe9, 0xc3, 0xb0, 0xfd, 0xa6, 0x57, 0xc8, - 0xf1, 0x67, 0x49, 0x83, 0x1f, 0xff, 0x7f, 0xdf, 0xa1, 0x44, 0xf2, 0xff, - 0xaf, 0x97, 0x55, 0xb9, 0xcf, 0x79, 0xff, 0x7e, 0xb7, 0xa7, 0xfc, 0xf7, - 0xf9, 0x5f, 0xfe, 0x14, 0x39, 0xf6, 0x8a, 0xcc, 0xef, 0xf5, 0xcf, 0x1f, - 0x17, 0xe6, 0xff, 0xf8, 0xa8, 0x16, 0x49, 0xcf, 0xbd, 0xcb, 0xe5, 0xf6, - 0x7b, 0x63, 0x9d, 0xdc, 0xfc, 0x0f, 0xcf, 0x95, 0x9b, 0xff, 0x85, 0x6b, - 0xe4, 0xe6, 0xff, 0xad, 0x64, 0xbd, 0xf3, 0x44, 0x46, 0x6e, 0xfe, 0xd0, - 0x06, 0xc9, 0xfa, 0x6e, 0xcf, 0xcc, 0xfa, 0x87, 0xf8, 0xfa, 0x72, 0x97, - 0xa4, 0xfc, 0x1d, 0xd3, 0xa4, 0xe6, 0x37, 0xfc, 0x93, 0xdc, 0xfc, 0x9d, - 0x6f, 0xc8, 0xcd, 0xff, 0xc6, 0x5a, 0x39, 0xfa, 0xb7, 0xe4, 0xe5, 0xf0, - 0x0f, 0x49, 0xea, 0xef, 0xc9, 0x78, 0xf0, 0x7c, 0x15, 0x8d, 0x1d, 0xa1, - 0xf5, 0x39, 0xe6, 0x7f, 0xa2, 0xb4, 0xcf, 0x7f, 0x75, 0xeb, 0x13, 0xbc, - 0x1f, 0x23, 0xc4, 0x1f, 0x2e, 0x2e, 0xf5, 0xfb, 0xc3, 0x16, 0xf7, 0x87, - 0xfd, 0xf5, 0x6c, 0x8f, 0x3f, 0xac, 0x44, 0xc5, 0x7b, 0xbf, 0x32, 0x18, - 0x7e, 0x0b, 0xfc, 0xe3, 0x7d, 0x78, 0xc5, 0x80, 0x52, 0x1c, 0x51, 0x26, - 0x42, 0xcf, 0x53, 0xf2, 0x3e, 0xfe, 0x7b, 0x5c, 0xe8, 0x6f, 0x90, 0x9d, - 0x6f, 0xe4, 0x22, 0xeb, 0xd7, 0xaf, 0xd6, 0xfc, 0xfd, 0x89, 0xfa, 0x19, - 0xf9, 0x7f, 0x7f, 0x19, 0xe2, 0x0f, 0x39, 0x95, 0x7a, 0xe6, 0xaf, 0x43, - 0x3d, 0x27, 0x0d, 0x77, 0x9d, 0xf5, 0x0f, 0x11, 0x7b, 0x6c, 0xc5, 0xd3, - 0x5e, 0xfc, 0x32, 0xf5, 0x7d, 0x15, 0x5d, 0x11, 0x59, 0xdf, 0xaf, 0xac, - 0xf7, 0x8e, 0x09, 0xf9, 0x2f, 0x47, 0x9e, 0x82, 0xf3, 0x5d, 0x82, 0x7c, - 0xe9, 0x4c, 0xbe, 0xb2, 0xed, 0xd5, 0xea, 0xbf, 0x4c, 0xde, 0xb2, 0xbc, - 0x20, 0xc7, 0xed, 0xff, 0x6e, 0xdf, 0xf3, 0xed, 0x8e, 0x63, 0x8a, 0xd5, - 0x72, 0x7e, 0x62, 0x5c, 0xa7, 0xcf, 0xb7, 0x90, 0x45, 0xfb, 0xc1, 0xa6, - 0xb7, 0xa2, 0xd2, 0x41, 0x5a, 0x8f, 0x54, 0xcf, 0x21, 0x0e, 0x1a, 0x7b, - 0x7f, 0x6b, 0x0b, 0x4f, 0x60, 0xd3, 0xf7, 0x21, 0x7b, 0xb0, 0x44, 0x92, - 0x12, 0x93, 0x62, 0xdb, 0x73, 0x4c, 0xb7, 0xde, 0x00, 0xe7, 0xa2, 0xa2, - 0x09, 0x9e, 0x8f, 0xb6, 0x06, 0x79, 0x3f, 0x5d, 0xd6, 0x20, 0xfd, 0x74, - 0x80, 0x7f, 0x47, 0xeb, 0x04, 0xcc, 0x8f, 0x9f, 0xe7, 0xc5, 0x7f, 0x81, - 0x1f, 0x7f, 0x2f, 0xb2, 0xc7, 0x00, 0xbf, 0xa5, 0xd8, 0x79, 0xc0, 0x5f, - 0xad, 0x1f, 0x24, 0x30, 0x5f, 0xd8, 0x45, 0xf2, 0xbd, 0x26, 0xad, 0x5f, - 0xf3, 0xa3, 0x4c, 0x05, 0xc9, 0x17, 0xab, 0xf7, 0x95, 0x3f, 0x56, 0x79, - 0xbd, 0xe2, 0x8b, 0xdc, 0xa5, 0x08, 0xc9, 0xf7, 0x00, 0x87, 0xe1, 0x8b, - 0x06, 0x06, 0x22, 0xcf, 0x12, 0xf6, 0xa3, 0x56, 0xe0, 0xe3, 0xfb, 0xb3, - 0x3f, 0x0a, 0xda, 0x9f, 0x98, 0xaf, 0x86, 0x7e, 0x96, 0x95, 0xd0, 0xcf, - 0x02, 0xf4, 0xc7, 0x48, 0x3f, 0x0b, 0xa7, 0xc7, 0x08, 0xa3, 0x9f, 0x9e, - 0xdf, 0x15, 0x4e, 0x7f, 0x1c, 0x42, 0xfb, 0x35, 0x77, 0x3d, 0x64, 0xe0, - 0x2d, 0x85, 0xd0, 0x6b, 0x54, 0xd2, 0x8b, 0x23, 0x29, 0x91, 0xff, 0xf4, - 0xfd, 0xbd, 0x71, 0xcd, 0x2e, 0x6a, 0x66, 0xa8, 0xbd, 0x7a, 0x51, 0x0f, - 0xf7, 0x5f, 0xe0, 0xe7, 0x67, 0x93, 0xd1, 0xf1, 0xf7, 0xcf, 0x27, 0x67, - 0xd6, 0x3f, 0x56, 0xed, 0x7e, 0xe9, 0xf8, 0x7e, 0xad, 0xd1, 0xbd, 0xf7, - 0x2b, 0x2c, 0x7f, 0x11, 0x7c, 0x9f, 0x9c, 0xf3, 0x30, 0x5a, 0x89, 0x3c, - 0xc3, 0x03, 0xad, 0xa4, 0x59, 0xd7, 0x91, 0x5a, 0x8e, 0x4a, 0x0d, 0xe8, - 0xa0, 0x99, 0x4e, 0x6b, 0x6a, 0x6a, 0xe4, 0x8b, 0xca, 0xc8, 0x80, 0x62, - 0x8e, 0x2a, 0x13, 0xcd, 0x4f, 0x99, 0xa5, 0x1d, 0x7f, 0xb3, 0xc8, 0xee, - 0xc0, 0xd1, 0xd0, 0x81, 0x39, 0x31, 0x3b, 0x09, 0x79, 0x46, 0xd8, 0x87, - 0xd1, 0x96, 0x25, 0x79, 0x88, 0x91, 0x56, 0xa0, 0xcf, 0xfe, 0x1e, 0xd5, - 0x24, 0xb6, 0xfe, 0x4d, 0xb3, 0xa4, 0x41, 0x3c, 0x6e, 0x70, 0xfd, 0x72, - 0x83, 0xef, 0x7d, 0xf6, 0xaa, 0xfd, 0xc7, 0x4e, 0xff, 0xd3, 0x7b, 0xe4, - 0xbe, 0xbb, 0xaf, 0x61, 0xae, 0xa2, 0xf2, 0xc6, 0xf2, 0xe5, 0xb1, 0xfb, - 0x9d, 0x7e, 0x09, 0xad, 0x44, 0xf2, 0x7b, 0x79, 0x54, 0xa4, 0xf9, 0x3d, - 0xb5, 0xd8, 0x90, 0x18, 0xd6, 0xa8, 0x84, 0xef, 0x44, 0x68, 0x13, 0xbf, - 0x1f, 0x59, 0x22, 0x5f, 0x8a, 0x7f, 0x3d, 0x9c, 0x86, 0x95, 0xf4, 0xf7, - 0x27, 0x60, 0xeb, 0x1e, 0x87, 0x7e, 0x29, 0xcc, 0xec, 0x09, 0xa6, 0x39, - 0x4b, 0x4b, 0x62, 0xfc, 0x3c, 0x92, 0x68, 0x26, 0xfa, 0x5c, 0xcc, 0xe7, - 0xc4, 0x0f, 0x09, 0xfd, 0x9f, 0xbc, 0x1f, 0x57, 0x41, 0xc5, 0x56, 0xd8, - 0x74, 0x71, 0x38, 0x69, 0x65, 0x41, 0x3e, 0xdb, 0x12, 0xde, 0x7c, 0x3a, - 0x0e, 0x92, 0x6c, 0xab, 0x45, 0xfa, 0x79, 0x76, 0xf2, 0x90, 0x2f, 0xff, - 0x83, 0xe6, 0x1c, 0x8a, 0x96, 0xdf, 0x73, 0x0f, 0xcd, 0xb0, 0xbf, 0x53, - 0xa8, 0x1f, 0x1a, 0x01, 0xe7, 0x97, 0x04, 0x5f, 0xf9, 0x79, 0xbf, 0x3f, - 0xff, 0x92, 0xce, 0xf1, 0x75, 0xab, 0xd4, 0x5e, 0x73, 0x7b, 0xb2, 0x5b, - 0xb0, 0x2f, 0x4e, 0x7f, 0xb9, 0xaf, 0xbe, 0x37, 0x37, 0x7a, 0x3f, 0xce, - 0xf3, 0x5d, 0x83, 0xb7, 0x9a, 0xdf, 0x37, 0x1f, 0xec, 0x7e, 0xcf, 0x8c, - 0xc1, 0x6e, 0xfd, 0x38, 0xcb, 0xf8, 0xef, 0x1b, 0xaf, 0xd0, 0x6f, 0x64, - 0x8c, 0xea, 0x37, 0x56, 0x8f, 0x83, 0x9f, 0xe3, 0xb3, 0x2d, 0x3f, 0xcd, - 0xe2, 0xf9, 0x70, 0xf9, 0xb1, 0x50, 0xf1, 0xb2, 0x96, 0x1d, 0x2a, 0x7b, - 0x3e, 0xc6, 0x77, 0xb9, 0x5f, 0x7e, 0xc4, 0xef, 0xa1, 0xd5, 0x28, 0x3f, - 0x9f, 0x3c, 0x53, 0xf2, 0x23, 0xf4, 0xc7, 0x18, 0xe2, 0xf9, 0xe0, 0xe5, - 0x06, 0xb4, 0x08, 0xd9, 0xa1, 0xf2, 0xa3, 0x51, 0xff, 0x6d, 0x40, 0x11, - 0xf2, 0xb5, 0x82, 0x3c, 0xf9, 0xe4, 0x07, 0x5d, 0x58, 0x55, 0x7e, 0x56, - 0x0b, 0xf9, 0x66, 0x56, 0x2f, 0xaf, 0xac, 0xef, 0x68, 0x7e, 0xff, 0x1a, - 0x9f, 0x33, 0xc9, 0x37, 0x17, 0x51, 0x74, 0xbf, 0xe8, 0x82, 0x68, 0xff, - 0xc7, 0x7e, 0x2f, 0xcc, 0xdf, 0x56, 0x88, 0xbf, 0x3d, 0xfd, 0xb0, 0x0e, - 0xe3, 0xc9, 0x27, 0x5b, 0x41, 0x9b, 0xd8, 0x2f, 0x3c, 0x51, 0x44, 0x65, - 0xa2, 0x0f, 0x9d, 0xfe, 0x36, 0x85, 0xf4, 0x8b, 0xb6, 0x67, 0x86, 0xac, - 0xfa, 0x7d, 0xab, 0xb2, 0x89, 0x69, 0x0d, 0xfc, 0x6d, 0x7a, 0x1f, 0x40, - 0xbb, 0x2f, 0x47, 0x56, 0xcc, 0x5b, 0x6f, 0x19, 0xf0, 0xf5, 0x2f, 0xef, - 0x5a, 0xe8, 0xc9, 0xd7, 0x40, 0x3f, 0xf2, 0xf4, 0x12, 0x28, 0xa3, 0xb8, - 0xf3, 0x8d, 0x1a, 0xe7, 0xeb, 0x30, 0xdf, 0xc4, 0x97, 0xe0, 0x11, 0x05, - 0x0d, 0x07, 0xcf, 0xd7, 0xb1, 0x6c, 0x8c, 0x6f, 0x63, 0xfe, 0xac, 0x91, - 0x61, 0xfa, 0x91, 0x9e, 0x67, 0xd0, 0xfc, 0xb8, 0x77, 0x7e, 0x98, 0xbf, - 0x1e, 0x92, 0x9f, 0xae, 0xe8, 0x9f, 0xcf, 0x82, 0x7c, 0x80, 0xf1, 0xfe, - 0x40, 0x29, 0x0d, 0xbb, 0xf2, 0x71, 0x71, 0xa8, 0x7c, 0x64, 0xb4, 0x5c, - 0xdc, 0x1b, 0x3f, 0x75, 0x45, 0xf6, 0xb7, 0x07, 0xd4, 0xb7, 0xb8, 0xc6, - 0xc9, 0x04, 0xd6, 0xab, 0x69, 0x74, 0x9a, 0x80, 0xfb, 0x6c, 0xbb, 0xfd, - 0x21, 0x0e, 0xfd, 0xf4, 0x2a, 0x3b, 0x9f, 0x34, 0xca, 0x07, 0xf7, 0xcb, - 0x3e, 0xab, 0x79, 0xea, 0x4b, 0x8a, 0x1c, 0x7d, 0x77, 0x72, 0xfa, 0x62, - 0x61, 0xfd, 0x8b, 0xf5, 0xc4, 0xdf, 0xe3, 0xf2, 0xbb, 0x4b, 0xf1, 0xd6, - 0x5f, 0xc4, 0xfc, 0x7e, 0x70, 0x7e, 0xfe, 0x39, 0x0f, 0x7d, 0xc1, 0xf4, - 0x74, 0xc7, 0xc2, 0xf3, 0x73, 0x5d, 0x44, 0xc3, 0xe1, 0xf5, 0x6a, 0xf5, - 0xfa, 0x82, 0x2c, 0xfe, 0xd0, 0x78, 0x11, 0xd5, 0x9c, 0x4f, 0x8e, 0xd4, - 0xf7, 0xa2, 0xfe, 0x0e, 0xc9, 0xff, 0x15, 0x35, 0x4f, 0x7f, 0xb4, 0x3f, - 0x3e, 0x6d, 0x9b, 0x25, 0xfc, 0xed, 0xbc, 0x9f, 0x97, 0xbe, 0x1f, 0x94, - 0xe5, 0xf8, 0x9b, 0x66, 0x09, 0x3f, 0xed, 0x77, 0x06, 0x79, 0x26, 0xfa, - 0xaa, 0xc9, 0xe9, 0xbf, 0x98, 0x25, 0xfc, 0xb4, 0xdf, 0xd9, 0xb1, 0xc7, - 0x4e, 0x7f, 0xc7, 0xc6, 0x59, 0xc2, 0x4f, 0xfb, 0x9d, 0xb9, 0xfd, 0x2f, - 0x3a, 0xf5, 0xc7, 0x8d, 0xdc, 0xbe, 0xe8, 0x11, 0xf7, 0xc9, 0x5e, 0xb7, - 0xd8, 0x98, 0xee, 0xe9, 0x85, 0x68, 0xf7, 0x21, 0xfe, 0xbd, 0x10, 0x9d, - 0xfb, 0xa3, 0xb5, 0xd8, 0x63, 0xe3, 0x25, 0x4f, 0x7e, 0x22, 0xe6, 0xca, - 0x3b, 0x21, 0x27, 0xed, 0x91, 0x07, 0x72, 0xfb, 0xbe, 0xed, 0xe9, 0x2f, - 0x1a, 0xe0, 0xdf, 0xfb, 0xa9, 0xe9, 0xfb, 0x24, 0xd5, 0xe5, 0xdb, 0xb1, - 0x7f, 0x7a, 0x15, 0xfb, 0xc7, 0xec, 0x23, 0xf6, 0xc2, 0x89, 0xfd, 0x43, - 0xd1, 0xf5, 0x56, 0x9b, 0xea, 0x8f, 0x2c, 0xb1, 0x77, 0x38, 0xb2, 0x2d, - 0x9e, 0x5c, 0x8b, 0xe3, 0x8f, 0xbc, 0xe3, 0x9f, 0x1b, 0x34, 0x9e, 0xb3, - 0x74, 0xb0, 0xe7, 0xc3, 0x5f, 0x6d, 0x5f, 0xf7, 0x88, 0x6a, 0x8f, 0x29, - 0x13, 0x28, 0x89, 0xf5, 0xb5, 0xd5, 0xf1, 0xf8, 0xe1, 0x4b, 0xa7, 0x15, - 0xac, 0x7a, 0xf2, 0x97, 0x6f, 0x18, 0x54, 0x21, 0x1e, 0xf8, 0x41, 0xfb, - 0x46, 0xf4, 0x13, 0x1a, 0x0f, 0x04, 0xee, 0xef, 0x99, 0x84, 0xcb, 0xcf, - 0x9c, 0x37, 0x3f, 0x44, 0xce, 0x62, 0x73, 0xda, 0xfd, 0xde, 0x96, 0x53, - 0x6f, 0x0f, 0xf9, 0xde, 0x16, 0xaf, 0xef, 0xfb, 0xdf, 0xf7, 0x3a, 0xe4, - 0xe2, 0x2f, 0xb6, 0xd7, 0x90, 0x7f, 0xe2, 0xf3, 0x69, 0x3d, 0x24, 0xa1, - 0x42, 0xbd, 0x9d, 0xda, 0x57, 0xa7, 0xbe, 0x5d, 0xc5, 0xdf, 0x70, 0xf2, - 0x2d, 0xcc, 0xdf, 0xc8, 0x47, 0xfb, 0x1b, 0x2c, 0x9f, 0x47, 0x9f, 0xbe, - 0x23, 0xc6, 0xed, 0x8b, 0x45, 0xf9, 0x1f, 0x07, 0xfe, 0x5b, 0xa3, 0x9e, - 0xfe, 0x7a, 0xa3, 0x8f, 0xbc, 0x4f, 0x67, 0xab, 0x60, 0x2f, 0x87, 0x13, - 0x47, 0x3a, 0x4f, 0xaa, 0xd6, 0x18, 0x86, 0x75, 0xcc, 0x7f, 0xb3, 0xe3, - 0x37, 0x93, 0x1a, 0xaf, 0x6f, 0xef, 0x86, 0x7e, 0x00, 0x03, 0xfc, 0x07, - 0x73, 0x38, 0x3c, 0xff, 0x17, 0xca, 0x7f, 0xa2, 0x2e, 0x37, 0xa7, 0x5c, - 0xfe, 0xa7, 0xfe, 0x5f, 0xf3, 0x5f, 0xec, 0x2f, 0xd0, 0x1d, 0x65, 0xb5, - 0x5e, 0xf3, 0xfb, 0x27, 0xdc, 0x5e, 0xfb, 0xfb, 0x0f, 0x2a, 0xed, 0x3d, - 0x7b, 0x7f, 0x32, 0x3b, 0x4d, 0xfc, 0x25, 0x47, 0xbf, 0x65, 0xa3, 0xf5, - 0x1b, 0x7f, 0x9e, 0xee, 0x34, 0x97, 0xac, 0x8f, 0x7a, 0xff, 0xc6, 0x24, - 0xf1, 0x85, 0x57, 0xdf, 0x72, 0xfd, 0xe3, 0xf0, 0x9a, 0x7e, 0x8f, 0xcc, - 0xc4, 0x0a, 0xca, 0x6a, 0x19, 0x8e, 0x81, 0xbe, 0xb7, 0x13, 0xbe, 0x7e, - 0xc4, 0x39, 0x44, 0xff, 0xa9, 0xfe, 0xf9, 0x8e, 0xb9, 0xe4, 0x30, 0xff, - 0xd2, 0x6f, 0x58, 0x3d, 0x96, 0xc7, 0x0b, 0xfc, 0xf9, 0xa6, 0x7f, 0x3d, - 0x21, 0x0d, 0xce, 0xb6, 0xc0, 0xed, 0xc1, 0x35, 0xfc, 0xf9, 0x19, 0x1e, - 0xcf, 0x91, 0x78, 0xda, 0xf3, 0x3e, 0xac, 0xd7, 0xbe, 0x52, 0xf2, 0x86, - 0x14, 0x90, 0xc7, 0xde, 0x98, 0xaf, 0xff, 0x2c, 0xe5, 0x5b, 0x9f, 0xcd, - 0x85, 0xbc, 0xef, 0x45, 0x7f, 0xde, 0x0a, 0xf1, 0x2f, 0x1c, 0x7b, 0xe8, - 0xd3, 0xdf, 0x2e, 0xfd, 0xd4, 0x34, 0xc0, 0x27, 0x6b, 0xd9, 0xfb, 0xaa, - 0xae, 0x3d, 0x4b, 0xf8, 0x9e, 0xcf, 0xed, 0x9d, 0xb0, 0x1f, 0x27, 0x3f, - 0x7c, 0x9c, 0xd3, 0xb7, 0x05, 0x09, 0xf9, 0x04, 0x3a, 0xbf, 0x4d, 0x58, - 0x5f, 0x25, 0xfe, 0xbc, 0x4c, 0x88, 0x07, 0x3f, 0x55, 0x25, 0x1e, 0x5c, - 0x3a, 0xd3, 0x78, 0x90, 0xfd, 0xc3, 0x3d, 0x0f, 0x2b, 0xbe, 0xfe, 0x95, - 0x2a, 0xf2, 0x49, 0xde, 0xbf, 0xe9, 0xf5, 0xe4, 0xeb, 0x1a, 0xa2, 0xe7, - 0xe7, 0xd1, 0x2e, 0xc3, 0x4f, 0x5f, 0x71, 0x09, 0xcb, 0x77, 0x06, 0xdf, - 0x17, 0x9d, 0xdf, 0x4f, 0xbe, 0xc1, 0x87, 0x33, 0x3e, 0xfa, 0x12, 0x6c, - 0x1c, 0x86, 0x37, 0x80, 0xfc, 0xb5, 0xf9, 0xfd, 0x53, 0x8e, 0x0f, 0x9f, - 0x77, 0xd1, 0x6b, 0xff, 0x61, 0x7e, 0x2e, 0x80, 0x3f, 0xe2, 0xf3, 0x39, - 0x7e, 0xc7, 0x3e, 0xb6, 0x2d, 0x80, 0xcd, 0x55, 0xcc, 0xa7, 0xfa, 0x6c, - 0x84, 0xe4, 0x03, 0x20, 0xbe, 0x0b, 0xe3, 0xbf, 0x80, 0x1f, 0x4b, 0xc1, - 0x7a, 0x2d, 0xea, 0xbc, 0x2a, 0xeb, 0xd9, 0xc1, 0xf3, 0xc3, 0xf4, 0xad, - 0xb8, 0x1f, 0xbe, 0x5e, 0xf4, 0x87, 0x08, 0x3e, 0x8f, 0x7f, 0xef, 0xd6, - 0xc3, 0x83, 0xcf, 0x13, 0x53, 0x5e, 0xf4, 0xca, 0x2f, 0xac, 0x5f, 0x53, - 0x9d, 0x7e, 0xa4, 0x8a, 0xf4, 0x47, 0xfb, 0x83, 0x96, 0xab, 0x9f, 0x83, - 0xf7, 0xb7, 0x3f, 0x6c, 0xbe, 0x89, 0x6c, 0xab, 0x39, 0x30, 0xfe, 0x0b, - 0xb4, 0x6f, 0x8e, 0x3f, 0x8e, 0xe3, 0xe7, 0x5e, 0xae, 0x1f, 0xb2, 0x5e, - 0xff, 0xbf, 0x89, 0xe7, 0xb7, 0x7f, 0x3d, 0x3f, 0xa4, 0x3f, 0x87, 0xfa, - 0xaf, 0xd1, 0xf7, 0xa5, 0xf4, 0xca, 0xbd, 0xfe, 0xfd, 0xdb, 0xb5, 0xc9, - 0xbf, 0xa3, 0xbf, 0x58, 0xbe, 0x86, 0xef, 0x37, 0x5e, 0x85, 0x3f, 0xfe, - 0xe7, 0x3f, 0x49, 0xf2, 0xf9, 0x48, 0x47, 0x13, 0x35, 0xf2, 0x13, 0xbb, - 0xbc, 0xeb, 0x35, 0x57, 0x3f, 0xc2, 0x27, 0x91, 0x69, 0xbe, 0x4b, 0x1c, - 0xaf, 0x21, 0x1e, 0xfe, 0x1d, 0xd9, 0xf7, 0xce, 0x59, 0xb1, 0xef, 0xae, - 0xbd, 0xee, 0x3c, 0x6b, 0xaf, 0x67, 0xd1, 0x5e, 0x7f, 0x2e, 0xa4, 0x9e, - 0xee, 0xe8, 0xa7, 0x10, 0xfe, 0xd9, 0xd4, 0xd8, 0x78, 0xbe, 0xdf, 0xf0, - 0x90, 0x94, 0xbd, 0x06, 0xd4, 0xe9, 0x3a, 0xaf, 0xbd, 0xde, 0x34, 0x1b, - 0xf6, 0xda, 0x5e, 0x26, 0x69, 0xaf, 0x97, 0xcf, 0xd0, 0x5e, 0x3b, 0xf5, - 0xba, 0x5d, 0xbe, 0xef, 0x8b, 0xd8, 0x5c, 0x3e, 0x29, 0x9b, 0x46, 0x53, - 0xfc, 0xbe, 0x86, 0xda, 0xef, 0x03, 0xd4, 0x7e, 0x3b, 0xcf, 0xb7, 0x16, - 0x56, 0xd1, 0x47, 0x9d, 0x32, 0xf6, 0x0a, 0xdb, 0xcf, 0x4e, 0xbf, 0xfd, - 0xdc, 0x15, 0xfc, 0xbe, 0xb3, 0xd7, 0x7e, 0xf6, 0x4a, 0xd9, 0xcf, 0x4e, - 0x49, 0xfb, 0x29, 0x47, 0x3f, 0x9f, 0x5f, 0xbb, 0xbd, 0xec, 0x9c, 0x65, - 0x7b, 0xd9, 0x29, 0x69, 0x2f, 0x3b, 0x25, 0xed, 0x65, 0xe7, 0x29, 0xdb, - 0x4b, 0xf3, 0x94, 0xec, 0x65, 0x67, 0xb4, 0xbd, 0x7c, 0x46, 0xb0, 0x97, - 0xa8, 0x36, 0xf9, 0x14, 0xdf, 0x77, 0x71, 0xed, 0x65, 0xf8, 0xf3, 0x4c, - 0x72, 0x9e, 0xbc, 0x9e, 0x7b, 0x86, 0xec, 0x15, 0xfb, 0xfe, 0x84, 0xf8, - 0x7d, 0x89, 0xb0, 0xf3, 0x42, 0x4e, 0x7e, 0xf7, 0xd4, 0xbe, 0x07, 0x40, - 0xfb, 0x41, 0x36, 0x63, 0x0c, 0x2b, 0xe0, 0xfb, 0x4b, 0x9e, 0xfa, 0x47, - 0x70, 0xbf, 0x91, 0x03, 0xb8, 0xf9, 0x5d, 0x05, 0xea, 0xbf, 0x29, 0xc3, - 0xc6, 0xfb, 0x75, 0xdf, 0x77, 0xe2, 0xf4, 0xa2, 0xf6, 0x8c, 0x6a, 0xb5, - 0xec, 0xc3, 0x6c, 0x9d, 0x0e, 0xec, 0x37, 0xc2, 0x8a, 0x55, 0xf1, 0xe9, - 0xeb, 0x1a, 0xf3, 0x65, 0x61, 0xfc, 0x30, 0xe3, 0x58, 0x7e, 0xcf, 0xd9, - 0x9c, 0x1c, 0xbf, 0x78, 0x39, 0x2a, 0x65, 0x50, 0xde, 0xc4, 0x67, 0xbf, - 0xaf, 0x29, 0x16, 0x83, 0xfc, 0x02, 0xf9, 0xbe, 0x14, 0x22, 0x1f, 0xc9, - 0xb6, 0x15, 0xda, 0xb1, 0x60, 0xa2, 0x36, 0x64, 0xb5, 0x63, 0x79, 0x1f, - 0x8f, 0xb9, 0xf9, 0x10, 0x56, 0x5a, 0x47, 0xbd, 0x83, 0x25, 0xa5, 0x42, - 0xfe, 0x3b, 0x11, 0x6a, 0x84, 0xf7, 0xc3, 0x0e, 0x0c, 0x22, 0xe8, 0x67, - 0x00, 0x79, 0x59, 0x56, 0x83, 0xbe, 0xe1, 0xfd, 0xa4, 0x6e, 0x7f, 0x58, - 0x9f, 0xd0, 0x1f, 0x36, 0x25, 0xf4, 0x1b, 0xf4, 0x45, 0xf7, 0x87, 0xd9, - 0x4b, 0x23, 0xed, 0x69, 0x65, 0x7d, 0x9f, 0x7d, 0xdf, 0x84, 0x1e, 0x5e, - 0x0c, 0xea, 0x5f, 0xf0, 0x71, 0xaf, 0xac, 0x7e, 0x4c, 0xb1, 0x8c, 0xe6, - 0x24, 0x79, 0x7f, 0x8e, 0x9c, 0xf7, 0x66, 0xcd, 0x51, 0x39, 0x50, 0xbf, - 0x4a, 0x8e, 0x61, 0x79, 0x1c, 0xb9, 0x7a, 0x5c, 0x1f, 0xd0, 0xac, 0x11, - 0xde, 0x0f, 0xa4, 0xa6, 0x51, 0xe9, 0x42, 0xb2, 0x1e, 0xf8, 0x65, 0x7c, - 0x02, 0x39, 0xfd, 0xa5, 0x95, 0xf4, 0xf8, 0xeb, 0x61, 0xc0, 0x9e, 0x51, - 0xd0, 0x2f, 0xa6, 0xfb, 0x3e, 0x1b, 0x81, 0x43, 0xbe, 0x47, 0x11, 0x64, - 0x1f, 0x56, 0xeb, 0x6e, 0xfd, 0x62, 0xb6, 0xbf, 0x87, 0x51, 0xc1, 0x9f, - 0x21, 0x92, 0x9f, 0x5b, 0x34, 0xae, 0x9f, 0x20, 0xf9, 0x51, 0xf7, 0x7d, - 0x2b, 0xca, 0x9f, 0xa2, 0x0e, 0xf7, 0x75, 0x64, 0x65, 0x36, 0x36, 0xa0, - 0x10, 0xfe, 0x10, 0x85, 0xa5, 0xa6, 0x38, 0x7f, 0xc0, 0x3e, 0xc7, 0x33, - 0x51, 0xfc, 0x49, 0xfa, 0xf9, 0x43, 0xf8, 0xbb, 0x21, 0x0d, 0xf6, 0xaf, - 0x08, 0xfe, 0xb9, 0x07, 0xb6, 0x6b, 0xf4, 0xd7, 0x57, 0xe9, 0x51, 0xfd, - 0x63, 0xa7, 0xc6, 0x9f, 0x4a, 0xfd, 0xe0, 0xef, 0x0f, 0xf0, 0xe8, 0x2f, - 0x9f, 0x3f, 0xed, 0xe4, 0x1f, 0xdb, 0xb1, 0x3f, 0xdd, 0x62, 0xaa, 0x17, - 0xa6, 0x1f, 0x51, 0x8a, 0x5f, 0xf7, 0xf4, 0x9b, 0x60, 0x77, 0xcb, 0x76, - 0xde, 0xcf, 0x7e, 0x3a, 0xe6, 0x9e, 0x6f, 0x40, 0xbe, 0x50, 0x47, 0x3d, - 0x13, 0xff, 0xc1, 0xed, 0x5f, 0xf4, 0x7d, 0xf2, 0xec, 0xaf, 0xb6, 0xfb, - 0x74, 0x46, 0xf6, 0x87, 0xac, 0x17, 0x54, 0x6f, 0xbf, 0xd8, 0x9f, 0xc5, - 0xab, 0xec, 0xb7, 0xf7, 0xd0, 0xe9, 0xde, 0x2f, 0xeb, 0xf7, 0x1b, 0x27, - 0xfb, 0x6b, 0xd6, 0xc5, 0xef, 0xaf, 0x39, 0xfb, 0xb3, 0xf0, 0xfe, 0xf4, - 0xae, 0x7a, 0x34, 0xf5, 0x88, 0x82, 0xbc, 0xf5, 0x02, 0xd3, 0xcd, 0x7f, - 0xa1, 0xe2, 0x48, 0xdc, 0xdf, 0x3f, 0xf7, 0xed, 0xba, 0xc8, 0xfd, 0x2d, - 0xea, 0xd0, 0xd0, 0x94, 0x13, 0x4f, 0x48, 0xf6, 0x3b, 0x56, 0xe9, 0xc7, - 0x22, 0xf7, 0xb7, 0xb9, 0x8e, 0xeb, 0x3f, 0x4f, 0xff, 0x1e, 0xb9, 0x6f, - 0x79, 0xb2, 0x5f, 0x33, 0xc6, 0xfa, 0x61, 0xdd, 0xfd, 0x94, 0xa3, 0xeb, - 0xdb, 0x9e, 0x7c, 0xba, 0xd5, 0x7e, 0x3a, 0xef, 0x1b, 0x1a, 0x4e, 0xf8, - 0xfb, 0x15, 0x47, 0x13, 0x32, 0xfd, 0x8b, 0x71, 0x33, 0xff, 0x9a, 0xb9, - 0xa5, 0x15, 0xad, 0x6f, 0x33, 0xa6, 0xa9, 0x1d, 0x5a, 0x9d, 0x88, 0xce, - 0xef, 0x47, 0xf7, 0x8f, 0x86, 0xf7, 0x4b, 0x9c, 0x10, 0xbf, 0x4f, 0x49, - 0xe5, 0x4f, 0xcd, 0x0c, 0x91, 0xef, 0xd1, 0x38, 0xe7, 0x55, 0xc7, 0x9f, - 0xaf, 0xd3, 0xfe, 0x08, 0xb8, 0x2f, 0xcd, 0x4d, 0xe3, 0x5a, 0x5f, 0x64, - 0xff, 0xf2, 0x05, 0x21, 0x7f, 0x6f, 0x10, 0xe2, 0xe7, 0x74, 0x0b, 0x3e, - 0x3f, 0xc7, 0xdf, 0xbc, 0x33, 0x1e, 0xed, 0xaf, 0x9e, 0xa6, 0xfb, 0x13, - 0xf2, 0xbe, 0x62, 0x65, 0xbe, 0xc1, 0xdf, 0x0f, 0x53, 0xf1, 0xfe, 0xa2, - 0xb2, 0x9b, 0xc5, 0x17, 0x8c, 0x3e, 0x15, 0xfc, 0x99, 0x20, 0x7b, 0x0a, - 0x85, 0x68, 0xfa, 0xfd, 0x02, 0x2b, 0x59, 0xbd, 0x3e, 0x23, 0xc6, 0xa7, - 0x2b, 0x0e, 0x45, 0x7f, 0xef, 0x6d, 0x7f, 0x88, 0xff, 0xe2, 0xc4, 0x9b, - 0xbe, 0x78, 0x7c, 0x34, 0x09, 0xf6, 0xa9, 0x14, 0x63, 0xf5, 0x24, 0x6b, - 0xb3, 0xe7, 0xfb, 0x42, 0x29, 0x7f, 0x3c, 0x3d, 0xc3, 0xfe, 0xab, 0x95, - 0x92, 0xf1, 0xf4, 0xaa, 0x43, 0xa7, 0xfa, 0xbd, 0x44, 0xc6, 0x7f, 0xaa, - 0xa0, 0xad, 0xf9, 0xec, 0x7d, 0x17, 0xdd, 0x11, 0xde, 0x38, 0xe1, 0x47, - 0x73, 0x57, 0x9e, 0xbc, 0x77, 0xd5, 0xd9, 0x4a, 0x26, 0xd8, 0x47, 0x49, - 0x59, 0x1f, 0xaf, 0xfc, 0x23, 0x7a, 0xdf, 0xaa, 0xc5, 0x7f, 0x6e, 0xbd, - 0xd5, 0xff, 0x7d, 0x50, 0x8e, 0x9f, 0xee, 0x67, 0x84, 0xe4, 0xeb, 0x8a, - 0xc1, 0xf1, 0x7b, 0x71, 0x2c, 0x1e, 0x10, 0x8f, 0x31, 0x7c, 0xd4, 0x97, - 0x1d, 0xa4, 0xfd, 0x2c, 0xb1, 0x9a, 0xfd, 0x69, 0xe7, 0xf9, 0x74, 0xfb, - 0x93, 0x8e, 0x7d, 0x62, 0xf9, 0x97, 0x7e, 0x4f, 0x7f, 0x1d, 0x97, 0xc7, - 0x94, 0xcc, 0xf9, 0x5e, 0xe8, 0xa9, 0x47, 0x92, 0x7c, 0x52, 0x4f, 0xce, - 0xf1, 0xbf, 0x08, 0x3f, 0xf2, 0x21, 0xf1, 0x24, 0x86, 0x73, 0x73, 0xdc, - 0x78, 0x1b, 0xa1, 0x9b, 0x79, 0x3f, 0xf4, 0x89, 0xf9, 0x33, 0x97, 0x2f, - 0xfb, 0xaa, 0x33, 0x26, 0x5f, 0xc1, 0xf4, 0xf5, 0x86, 0xfd, 0x3d, 0x55, - 0x51, 0x1e, 0xc3, 0xea, 0x59, 0xa1, 0xf9, 0xb5, 0x47, 0xfc, 0xfd, 0x44, - 0xbc, 0x5f, 0x54, 0xcc, 0xaf, 0x49, 0xc6, 0x5b, 0x8e, 0x7c, 0x82, 0x80, - 0xb4, 0x98, 0x1a, 0xc4, 0x57, 0xbd, 0x71, 0x8a, 0xaf, 0xcb, 0x77, 0x3e, - 0xce, 0xf7, 0x54, 0x69, 0x3f, 0x04, 0x41, 0xe7, 0x7e, 0xbf, 0xc2, 0x91, - 0xd7, 0x55, 0x1e, 0xff, 0x01, 0x0d, 0xc6, 0xb9, 0xbc, 0xe3, 0xe9, 0xf6, - 0xb7, 0x92, 0x41, 0xfd, 0x10, 0xb3, 0x13, 0x8f, 0xd3, 0xf8, 0x77, 0x9e, - 0xea, 0xc4, 0xe3, 0x95, 0xf1, 0x4b, 0x95, 0xf7, 0x05, 0x04, 0x7c, 0x90, - 0x1d, 0x87, 0xb3, 0x2f, 0x2d, 0x99, 0x35, 0x7c, 0x4f, 0x44, 0xbc, 0x1f, - 0x53, 0x0d, 0x06, 0xfe, 0xf9, 0xed, 0x83, 0x38, 0xbf, 0x43, 0xae, 0x5f, - 0x5c, 0x1a, 0xff, 0x0d, 0xa7, 0x84, 0x1f, 0x5e, 0x36, 0x88, 0x96, 0xcf, - 0x65, 0x91, 0xf8, 0x40, 0xb4, 0x72, 0x6a, 0xed, 0xfc, 0x9a, 0xe1, 0xdf, - 0x6f, 0x73, 0xfe, 0x7e, 0xb1, 0x21, 0xc0, 0x59, 0x01, 0x36, 0x05, 0xd8, - 0x12, 0x60, 0x96, 0xef, 0x77, 0x61, 0x5d, 0x80, 0x0d, 0x01, 0xce, 0x0a, - 0xb0, 0x29, 0xc0, 0x67, 0xf6, 0xef, 0x51, 0xd9, 0x02, 0x5c, 0xf5, 0xef, - 0xad, 0xcd, 0x32, 0x7d, 0x67, 0x7f, 0xce, 0xfe, 0x9c, 0xfd, 0x89, 0xf8, - 0xf9, 0x5f, 0x00, 0x00, 0x00, 0xff, 0xff, 0xec, 0x5d, 0x7b, 0x90, 0x1c, - 0x47, 0x79, 0xef, 0xee, 0x79, 0xec, 0xec, 0xde, 0xde, 0x6a, 0x75, 0x3e, - 0x89, 0xf5, 0x59, 0xb2, 0xe6, 0x24, 0x59, 0x3a, 0x52, 0x46, 0x75, 0x16, - 0xb2, 0x39, 0x9b, 0x8b, 0x99, 0x93, 0x4e, 0x46, 0x32, 0x12, 0x11, 0x06, - 0x82, 0x4c, 0x01, 0xd9, 0xc3, 0x45, 0x95, 0x6c, 0x1c, 0xd9, 0x24, 0x0e, - 0x39, 0x63, 0xa7, 0xdc, 0x7b, 0xb7, 0xf7, 0x30, 0xe8, 0x5c, 0x67, 0x61, - 0x8c, 0x30, 0xc6, 0xec, 0x49, 0x32, 0x56, 0x61, 0x2a, 0x50, 0xe5, 0xa4, - 0xca, 0xf0, 0x47, 0xb2, 0xd6, 0x83, 0x08, 0x4a, 0xaa, 0x3a, 0x70, 0xe2, - 0x22, 0x29, 0x2a, 0x59, 0x3b, 0x29, 0x47, 0x3c, 0xa2, 0x28, 0x01, 0x93, - 0x33, 0x18, 0x94, 0x7e, 0xcf, 0x74, 0xef, 0xcc, 0xec, 0x9e, 0x24, 0x53, - 0x24, 0x70, 0x7f, 0xd8, 0x1e, 0xcf, 0x6c, 0x4f, 0x4f, 0xf7, 0xd7, 0xdf, - 0xfb, 0xfb, 0x7d, 0xfd, 0x4c, 0xbf, 0xe2, 0xf8, 0x32, 0x34, 0xdf, 0xca, - 0x43, 0x79, 0x8b, 0xd8, 0x17, 0xf3, 0x0f, 0xc2, 0x3d, 0xb0, 0x3e, 0x0e, - 0x0f, 0xbd, 0x07, 0x9c, 0xc2, 0xfb, 0xed, 0xea, 0x26, 0x68, 0x71, 0x7f, - 0x6d, 0x0e, 0x3c, 0x42, 0xcf, 0xec, 0x0a, 0xb7, 0xd7, 0x83, 0x5f, 0x1b, - 0x70, 0x30, 0xe7, 0x57, 0x37, 0xb9, 0xcc, 0x7b, 0x4a, 0xe4, 0x77, 0xb9, - 0x08, 0x82, 0x07, 0x73, 0xe3, 0x57, 0x77, 0x58, 0xdc, 0x3f, 0x95, 0x7f, - 0x74, 0xce, 0x2e, 0x23, 0x04, 0x96, 0x2e, 0x05, 0x6e, 0xb9, 0x34, 0xa9, - 0xf4, 0xdf, 0xa2, 0xa8, 0x3f, 0x1d, 0xa6, 0xf6, 0x72, 0x75, 0xb3, 0xf2, - 0x0f, 0xac, 0x23, 0xfa, 0x6b, 0x80, 0x96, 0x6d, 0x5d, 0x03, 0x65, 0xfe, - 0xd9, 0x2d, 0xa9, 0xfd, 0x38, 0x73, 0x98, 0xa9, 0x13, 0xb5, 0xcd, 0xef, - 0xed, 0xa3, 0xb7, 0x70, 0x0e, 0x67, 0xf9, 0xb5, 0xe8, 0x17, 0x27, 0xef, - 0x7b, 0x75, 0xc6, 0x48, 0xa7, 0x0f, 0xfb, 0x3a, 0xbf, 0xf1, 0xfb, 0xa8, - 0xbc, 0xf2, 0x3b, 0x66, 0x0b, 0x9b, 0x68, 0xd0, 0x9a, 0xfa, 0xf3, 0x62, - 0xde, 0xf7, 0x5e, 0x47, 0x7e, 0x1f, 0x00, 0xef, 0x30, 0xe4, 0x97, 0xc2, - 0xdb, 0x62, 0xf6, 0xa5, 0xef, 0x8b, 0xe7, 0x77, 0x23, 0x5c, 0x73, 0xfc, - 0x8b, 0x95, 0x27, 0xaf, 0xfb, 0x5f, 0x51, 0xbf, 0x1c, 0x91, 0xff, 0xb1, - 0x56, 0xec, 0x8f, 0xcf, 0x9a, 0x73, 0xfb, 0x8e, 0xa4, 0x0f, 0x9a, 0x2b, - 0x18, 0x78, 0xbe, 0x53, 0x74, 0xf8, 0xfa, 0x47, 0xe9, 0xa5, 0x41, 0xe8, - 0x65, 0x98, 0xda, 0x9b, 0xfe, 0xcd, 0x1b, 0xa1, 0xc8, 0x47, 0x94, 0xf2, - 0x0d, 0x89, 0x7a, 0x45, 0x2a, 0xbb, 0xbd, 0xeb, 0xdf, 0xe9, 0x4a, 0x7c, - 0x23, 0x93, 0x5e, 0xec, 0x2e, 0x80, 0xa7, 0xed, 0xc9, 0xfc, 0x6c, 0x9e, - 0x5c, 0xe7, 0xa9, 0x7f, 0x73, 0xbb, 0xb1, 0xde, 0xca, 0x7f, 0xcc, 0xea, - 0x09, 0x99, 0x38, 0xc4, 0x9b, 0xa5, 0x44, 0xaf, 0x31, 0x54, 0x55, 0xb0, - 0x6c, 0x6b, 0x6f, 0x9b, 0xf4, 0x13, 0xa9, 0x07, 0x12, 0xf8, 0x2a, 0xac, - 0xff, 0x6b, 0x31, 0x7c, 0x1f, 0x53, 0xb9, 0xfc, 0x48, 0xbc, 0x23, 0x48, - 0xcb, 0x67, 0xf4, 0x11, 0xa3, 0xa7, 0x6c, 0x38, 0x7e, 0xfa, 0xfc, 0x2f, - 0xb1, 0xfe, 0x71, 0x11, 0xe7, 0xbf, 0xff, 0xd7, 0x7a, 0xfe, 0xff, 0xe0, - 0x12, 0x9d, 0xff, 0xe6, 0xfd, 0x4a, 0x5f, 0xaf, 0xff, 0x6b, 0xfb, 0xf3, - 0xff, 0x95, 0xff, 0xef, 0xf5, 0x22, 0xf6, 0x70, 0xe4, 0xfc, 0xca, 0xfd, - 0xef, 0x5d, 0x24, 0xff, 0x97, 0xfc, 0xbd, 0x49, 0x9f, 0x94, 0xf8, 0xd7, - 0xca, 0x5e, 0xfa, 0xed, 0xde, 0xef, 0xe6, 0xbf, 0x53, 0x46, 0x7d, 0x5e, - 0x5e, 0xb3, 0x97, 0x4d, 0x7b, 0x2e, 0x87, 0xdf, 0xc4, 0xfe, 0xdd, 0x23, - 0xea, 0x8b, 0x65, 0x3d, 0xf2, 0x58, 0xa0, 0xcb, 0xdb, 0xa3, 0xfa, 0xb5, - 0xe4, 0x9f, 0x78, 0x35, 0xf7, 0xff, 0xf9, 0x49, 0xfa, 0x7f, 0x18, 0x6f, - 0x93, 0xf5, 0xf5, 0x71, 0xf2, 0xd8, 0x52, 0xf7, 0x73, 0xb8, 0x2f, 0x6e, - 0x3c, 0xfc, 0x9e, 0xf9, 0x70, 0xff, 0xf7, 0x6b, 0xfb, 0xaf, 0xfc, 0xa5, - 0xbf, 0xfc, 0xed, 0xdc, 0x6f, 0xfd, 0xaf, 0xd9, 0x5e, 0x7f, 0x77, 0xcc, - 0x7a, 0x23, 0xf3, 0xbc, 0x5d, 0xb2, 0xfd, 0x6c, 0xb9, 0xfe, 0xc9, 0xfb, - 0xf7, 0xab, 0xdf, 0xed, 0xdf, 0xaf, 0xe5, 0xfc, 0x0b, 0xef, 0xa5, 0xdc, - 0x7f, 0x7e, 0xfe, 0x8f, 0x0e, 0xf7, 0x69, 0xe7, 0xbf, 0x4b, 0xf1, 0x83, - 0x8c, 0xc1, 0x1f, 0x16, 0x4d, 0x2f, 0x06, 0x3d, 0x36, 0x9d, 0xff, 0xba, - 0xce, 0x8f, 0x7e, 0x77, 0xfe, 0x2f, 0xf2, 0xfc, 0x6b, 0xfb, 0x1b, 0x73, - 0xfe, 0x0d, 0xfe, 0xbf, 0xb8, 0xfd, 0xfc, 0xcd, 0x3b, 0xef, 0x06, 0xde, - 0x8b, 0x8a, 0xd7, 0xfd, 0xd0, 0xec, 0x6f, 0x62, 0x8b, 0x78, 0x25, 0xe2, - 0xf8, 0xde, 0xa3, 0x36, 0xcf, 0x57, 0xca, 0x1a, 0xf1, 0x8d, 0x19, 0x0d, - 0xbf, 0x5d, 0x7d, 0xab, 0xc0, 0x07, 0x0a, 0x17, 0x44, 0x8f, 0x1f, 0x3c, - 0xad, 0xe3, 0xef, 0xdd, 0xdd, 0xf1, 0x46, 0x89, 0x1f, 0x34, 0x03, 0x78, - 0xfd, 0xf3, 0x5e, 0x8b, 0xd6, 0x3f, 0x03, 0xd8, 0x69, 0x05, 0x91, 0xfe, - 0x67, 0x32, 0xff, 0xcd, 0x92, 0xf9, 0x56, 0xf4, 0x85, 0x14, 0x72, 0xdb, - 0x57, 0xf9, 0xab, 0xf5, 0xbc, 0xd7, 0x46, 0xbc, 0xe3, 0x5d, 0xe1, 0xfb, - 0x01, 0x38, 0x3c, 0xf6, 0x3c, 0x5c, 0x07, 0x1a, 0x79, 0x85, 0x87, 0x1d, - 0xc8, 0xf1, 0x7d, 0x19, 0x3f, 0x9c, 0x7e, 0x0e, 0xd6, 0xa2, 0xf1, 0x43, - 0xad, 0xbe, 0xf7, 0x49, 0x85, 0x9f, 0xbb, 0x99, 0xf6, 0xaf, 0x42, 0xbe, - 0x0b, 0xbc, 0x51, 0x8b, 0xd6, 0xaf, 0xf1, 0x7a, 0x9a, 0xcf, 0x45, 0xea, - 0x21, 0xf7, 0xc8, 0x7c, 0x99, 0x9f, 0x73, 0xfc, 0x5a, 0x3e, 0xaf, 0x71, - 0xab, 0xc9, 0x9f, 0xdf, 0xa2, 0x1f, 0x94, 0xaa, 0xff, 0x17, 0xfd, 0xa0, - 0xfc, 0xf4, 0xfa, 0xc6, 0xfa, 0xea, 0x84, 0x7c, 0x0e, 0x23, 0x3e, 0x0d, - 0x32, 0x46, 0x7e, 0x5b, 0x1d, 0x63, 0x07, 0xae, 0x20, 0x1f, 0xb8, 0xe1, - 0x1f, 0x00, 0x98, 0xca, 0x7d, 0xb6, 0x97, 0xfd, 0x7a, 0xcb, 0x08, 0x53, - 0x35, 0xf1, 0x30, 0xdb, 0xff, 0x89, 0x2f, 0x59, 0xf0, 0x7e, 0x88, 0x23, - 0xf5, 0xf4, 0xb2, 0xde, 0x1d, 0x04, 0x2c, 0xfe, 0x1b, 0x58, 0x99, 0x28, - 0xfe, 0x2c, 0xa8, 0xab, 0xfd, 0x63, 0x5f, 0x93, 0xf1, 0xbe, 0x63, 0x93, - 0xf5, 0xf1, 0xe2, 0xea, 0xe5, 0xb7, 0x23, 0x5e, 0x9f, 0x27, 0xf0, 0x74, - 0x4d, 0xfc, 0x68, 0x5b, 0xdf, 0xaf, 0xe6, 0xdf, 0x7f, 0x0b, 0x81, 0x20, - 0x83, 0xc2, 0xfa, 0x7a, 0x7e, 0x2e, 0xd5, 0xfb, 0xfd, 0x93, 0x22, 0xfe, - 0xb2, 0x17, 0x30, 0x7a, 0x0b, 0xfb, 0xb7, 0x68, 0x78, 0xfa, 0x21, 0xbd, - 0x7c, 0x8b, 0xa6, 0xe6, 0x8d, 0x7d, 0x07, 0x9e, 0x85, 0x8d, 0x69, 0x9e, - 0xff, 0xde, 0x6f, 0x27, 0xd3, 0x97, 0xc4, 0x7f, 0x7d, 0xfa, 0x47, 0x5f, - 0xcd, 0x03, 0x1d, 0xbf, 0x01, 0xb5, 0xa8, 0x5f, 0x15, 0xf2, 0x08, 0x43, - 0xbe, 0xbf, 0x38, 0x3d, 0x7f, 0x52, 0xe5, 0xbf, 0x25, 0x9c, 0x6f, 0x81, - 0x67, 0x23, 0xcf, 0x67, 0xe3, 0x16, 0x5e, 0x2f, 0x54, 0x78, 0x64, 0xe4, - 0x89, 0x17, 0x0b, 0x99, 0xea, 0xd1, 0x11, 0x96, 0x77, 0x88, 0xbf, 0xef, - 0x20, 0x8a, 0x5f, 0x63, 0xd3, 0xa9, 0x96, 0xd9, 0xfb, 0x54, 0xbe, 0x0f, - 0xd2, 0xfb, 0x65, 0x8e, 0xaa, 0xf8, 0x5b, 0xe0, 0x55, 0xd9, 0xf3, 0x45, - 0xf2, 0xbc, 0xfc, 0xfe, 0x40, 0xd8, 0x37, 0x1e, 0xec, 0xc4, 0x41, 0xd1, - 0xb7, 0xc0, 0xc0, 0x6b, 0x0c, 0x6f, 0x21, 0xe9, 0x3c, 0x5e, 0x1b, 0xb5, - 0x87, 0x22, 0xfe, 0x12, 0x00, 0x4e, 0x82, 0xe8, 0x7e, 0x84, 0xf5, 0xce, - 0x82, 0x9e, 0xec, 0x69, 0x10, 0xd0, 0x7e, 0x03, 0x0b, 0xf7, 0xb1, 0x7e, - 0x14, 0x3d, 0xfb, 0x59, 0x8a, 0x11, 0xde, 0xca, 0xeb, 0xd2, 0x31, 0x2a, - 0x02, 0xbc, 0xee, 0xd9, 0x77, 0xc0, 0x70, 0x7d, 0x57, 0x48, 0xbc, 0x7d, - 0x11, 0x7f, 0xff, 0x96, 0x36, 0x9e, 0x84, 0xf7, 0x0a, 0xcf, 0xbf, 0x1e, - 0x8f, 0xe6, 0xeb, 0x37, 0xe1, 0x8a, 0x7e, 0x78, 0x35, 0x8c, 0x1e, 0x24, - 0xd7, 0x53, 0xff, 0x3e, 0x67, 0x2f, 0xc0, 0xa0, 0x1a, 0x47, 0x2f, 0xdb, - 0xd1, 0xe6, 0x0c, 0xa1, 0x77, 0x78, 0x16, 0x34, 0xc6, 0x92, 0xf1, 0x0e, - 0xde, 0x91, 0x80, 0x2f, 0xc7, 0xf9, 0x03, 0xc7, 0x5f, 0xe0, 0xfd, 0x60, - 0xe4, 0x7a, 0x10, 0x3e, 0xd2, 0x50, 0xf1, 0x78, 0x6c, 0x25, 0xe0, 0x1b, - 0xb0, 0xf5, 0xac, 0x67, 0x50, 0xf8, 0xbe, 0x0b, 0xc3, 0x0f, 0x81, 0xee, - 0xa5, 0xc2, 0x0f, 0x99, 0xd1, 0xea, 0xb3, 0xc3, 0xfa, 0xde, 0x05, 0x8b, - 0xdd, 0x1f, 0xa2, 0xf8, 0x69, 0x55, 0x5a, 0xbf, 0x6b, 0xfb, 0x13, 0x12, - 0x6f, 0x9d, 0xfe, 0x09, 0xfc, 0x1e, 0x49, 0x7f, 0xe5, 0x05, 0x13, 0x9f, - 0x87, 0xcf, 0xd7, 0xa7, 0xfc, 0x2c, 0xd3, 0x29, 0xe9, 0x35, 0x07, 0x82, - 0x2c, 0xed, 0x57, 0x40, 0x03, 0xf6, 0x97, 0x41, 0x56, 0xc8, 0xc8, 0xfe, - 0xd6, 0xa9, 0xfe, 0x7b, 0x12, 0xbf, 0x7c, 0x54, 0xd0, 0x17, 0xa8, 0xa7, - 0xe3, 0xb3, 0xef, 0xd4, 0xf3, 0x95, 0x94, 0x7d, 0xed, 0xd3, 0xb8, 0x2d, - 0xdb, 0x8f, 0x7c, 0xb4, 0xfe, 0x91, 0xbc, 0x10, 0x2d, 0x23, 0xf2, 0x60, - 0x5b, 0x3f, 0x95, 0x73, 0x64, 0xfc, 0xbd, 0x99, 0x26, 0xfe, 0x1f, 0x64, - 0x32, 0x46, 0xfc, 0x0c, 0x5f, 0x65, 0xec, 0x67, 0x53, 0x7d, 0x82, 0x58, - 0x8f, 0x30, 0xde, 0xee, 0x33, 0x3c, 0xad, 0xa4, 0xfc, 0xef, 0xab, 0x54, - 0x7e, 0xf2, 0xeb, 0x5b, 0x3f, 0xdf, 0x8c, 0xcf, 0xd8, 0xa9, 0xf3, 0x23, *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable-10@freebsd.org Thu Aug 31 00:56:11 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 94FE2E0E393; Thu, 31 Aug 2017 00:56:11 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 63ACC22BE; Thu, 31 Aug 2017 00:56:11 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v7V0uASB025796; Thu, 31 Aug 2017 00:56:10 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v7V0uA3r025795; Thu, 31 Aug 2017 00:56:10 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201708310056.v7V0uA3r025795@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Thu, 31 Aug 2017 00:56:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323043 - stable/10/lib/libtelnet X-SVN-Group: stable-10 X-SVN-Commit-Author: cy X-SVN-Commit-Paths: stable/10/lib/libtelnet X-SVN-Commit-Revision: 323043 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Aug 2017 00:56:11 -0000 Author: cy Date: Thu Aug 31 00:56:10 2017 New Revision: 323043 URL: https://svnweb.freebsd.org/changeset/base/323043 Log: MFC r321806: Remove redundant include directories which expand to a noop, "-I/lib/krb5 -I -I". Reviewed by: ngie@, markm@ Approved by: re@ (marius@) Differential Revision: D11769 Modified: stable/10/lib/libtelnet/Makefile Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libtelnet/Makefile ============================================================================== --- stable/10/lib/libtelnet/Makefile Wed Aug 30 23:49:14 2017 (r323042) +++ stable/10/lib/libtelnet/Makefile Thu Aug 31 00:56:10 2017 (r323043) @@ -23,8 +23,7 @@ CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DSRA .if ${MK_KERBEROS_SUPPORT} != "no" SRCS+= kerberos5.c -CFLAGS+= -DKRB5 -I${KRB5DIR}/lib/krb5 -I${KRB5OBJDIR} -I${ASN1OBJDIR} -CFLAGS+= -DFORWARD -Dnet_write=telnet_net_write +CFLAGS+= -DKRB5 -DFORWARD -Dnet_write=telnet_net_write .endif .endif From owner-svn-src-stable-10@freebsd.org Thu Aug 31 13:32:02 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EAD45E1EBD7; Thu, 31 Aug 2017 13:32:02 +0000 (UTC) (envelope-from oleg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B78887C2EB; Thu, 31 Aug 2017 13:32:02 +0000 (UTC) (envelope-from oleg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v7VDW1vi037478; Thu, 31 Aug 2017 13:32:01 GMT (envelope-from oleg@FreeBSD.org) Received: (from oleg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v7VDW1k7037477; Thu, 31 Aug 2017 13:32:01 GMT (envelope-from oleg@FreeBSD.org) Message-Id: <201708311332.v7VDW1k7037477@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: oleg set sender to oleg@FreeBSD.org using -f From: Oleg Bulyzhin Date: Thu, 31 Aug 2017 13:32:01 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323052 - stable/10/sys/boot/common X-SVN-Group: stable-10 X-SVN-Commit-Author: oleg X-SVN-Commit-Paths: stable/10/sys/boot/common X-SVN-Commit-Revision: 323052 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Aug 2017 13:32:03 -0000 Author: oleg Date: Thu Aug 31 13:32:01 2017 New Revision: 323052 URL: https://svnweb.freebsd.org/changeset/base/323052 Log: MFC r322628: Fix BSD label partition end sector calculation. Approved by: re (marius) Differential Revision: https://reviews.freebsd.org/D12066 Modified: stable/10/sys/boot/common/part.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/boot/common/part.c ============================================================================== --- stable/10/sys/boot/common/part.c Thu Aug 31 13:02:17 2017 (r323051) +++ stable/10/sys/boot/common/part.c Thu Aug 31 13:32:01 2017 (r323052) @@ -483,7 +483,7 @@ ptable_bsdread(struct ptable *table, void *dev, diskre break; entry->part.start = le32toh(part->p_offset) - raw_offset; entry->part.end = entry->part.start + - le32toh(part->p_size) + 1; + le32toh(part->p_size) - 1; entry->part.type = bsd_parttype(part->p_fstype); entry->part.index = i; /* starts from zero */ entry->type.bsd = part->p_fstype; From owner-svn-src-stable-10@freebsd.org Thu Aug 31 21:56:19 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1D307E06878; Thu, 31 Aug 2017 21:56:19 +0000 (UTC) (envelope-from davidcs@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D41FA6963F; Thu, 31 Aug 2017 21:56:18 +0000 (UTC) (envelope-from davidcs@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v7VLuII3043222; Thu, 31 Aug 2017 21:56:18 GMT (envelope-from davidcs@FreeBSD.org) Received: (from davidcs@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v7VLuIAu043221; Thu, 31 Aug 2017 21:56:18 GMT (envelope-from davidcs@FreeBSD.org) Message-Id: <201708312156.v7VLuIAu043221@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: davidcs set sender to davidcs@FreeBSD.org using -f From: David C Somayajulu Date: Thu, 31 Aug 2017 21:56:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323075 - stable/10/sys/dev/qlnx/qlnxe X-SVN-Group: stable-10 X-SVN-Commit-Author: davidcs X-SVN-Commit-Paths: stable/10/sys/dev/qlnx/qlnxe X-SVN-Commit-Revision: 323075 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Aug 2017 21:56:19 -0000 Author: davidcs Date: Thu Aug 31 21:56:17 2017 New Revision: 323075 URL: https://svnweb.freebsd.org/changeset/base/323075 Log: MFC r322852 Fix qlnx_tso_check() so that every window of (ETH_TX_LSO_WINDOW_BDS_NUM - nbds_in_hdr) has atleast ETH_TX_LSO_WINDOW_MIN_LEN bytes Approved by:re(marius) Modified: stable/10/sys/dev/qlnx/qlnxe/qlnx_os.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/qlnx/qlnxe/qlnx_os.c ============================================================================== --- stable/10/sys/dev/qlnx/qlnxe/qlnx_os.c Thu Aug 31 21:37:22 2017 (r323074) +++ stable/10/sys/dev/qlnx/qlnxe/qlnx_os.c Thu Aug 31 21:56:17 2017 (r323075) @@ -2921,25 +2921,35 @@ qlnx_tso_check(struct qlnx_fastpath *fp, bus_dma_segme { int i; uint32_t sum, nbds_in_hdr = 1; - bus_dma_segment_t *t_segs = segs; + uint32_t window; + bus_dma_segment_t *s_seg; - /* count the number of segments spanned by TCP header */ + /* If the header spans mulitple segments, skip those segments */ + if (nsegs < ETH_TX_LSO_WINDOW_BDS_NUM) + return (0); + i = 0; - while ((i < nsegs) && (offset > t_segs->ds_len)) { - nbds_in_hdr++; - offset = offset - t_segs->ds_len; - t_segs++; + + while ((i < nsegs) && (offset >= segs->ds_len)) { + offset = offset - segs->ds_len; + segs++; i++; + nbds_in_hdr++; } - while (nsegs >= QLNX_MAX_SEGMENTS_NON_TSO) { + window = ETH_TX_LSO_WINDOW_BDS_NUM - nbds_in_hdr; + nsegs = nsegs - i; + + while (nsegs >= window) { + sum = 0; + s_seg = segs; - for (i = 0; i < (ETH_TX_LSO_WINDOW_BDS_NUM - nbds_in_hdr); i++){ - sum += segs->ds_len; - segs++; + for (i = 0; i < window; i++){ + sum += s_seg->ds_len; + s_seg++; } if (sum < ETH_TX_LSO_WINDOW_MIN_LEN) { @@ -2947,7 +2957,8 @@ qlnx_tso_check(struct qlnx_fastpath *fp, bus_dma_segme return (-1); } - nsegs -= QLNX_MAX_SEGMENTS_NON_TSO; + nsegs = nsegs - 1; + segs++; } return (0); From owner-svn-src-stable-10@freebsd.org Thu Aug 31 23:59:48 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A1898E0C608; Thu, 31 Aug 2017 23:59:48 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6CE886D9CC; Thu, 31 Aug 2017 23:59:48 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v7VNxlQh091831; Thu, 31 Aug 2017 23:59:47 GMT (envelope-from marius@FreeBSD.org) Received: (from marius@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v7VNxljk091825; Thu, 31 Aug 2017 23:59:47 GMT (envelope-from marius@FreeBSD.org) Message-Id: <201708312359.v7VNxljk091825@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: marius set sender to marius@FreeBSD.org using -f From: Marius Strobl Date: Thu, 31 Aug 2017 23:59:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323080 - stable/10/sys/dev/e1000 X-SVN-Group: stable-10 X-SVN-Commit-Author: marius X-SVN-Commit-Paths: stable/10/sys/dev/e1000 X-SVN-Commit-Revision: 323080 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Aug 2017 23:59:48 -0000 Author: marius Date: Thu Aug 31 23:59:46 2017 New Revision: 323080 URL: https://svnweb.freebsd.org/changeset/base/323080 Log: MFC: r308643, r312427, r312641, r322986 - Update WOL support for newer em(4) devices. [1] - Add support for Kaby Lake generation i219 (4) and i219 (5) devices. - Enable WOL features also for the igb(4) class of devices. [1] - Don't set any WOL enabling hardware bits if WOL isn't requested according to the enabled interface capability bits. PR: 208343 [1] Submitted by: Kaho Tashikazu [1] Approved by: re (kib) Modified: stable/10/sys/dev/e1000/e1000_82575.c stable/10/sys/dev/e1000/e1000_82575.h stable/10/sys/dev/e1000/e1000_defines.h stable/10/sys/dev/e1000/e1000_ich8lan.c stable/10/sys/dev/e1000/if_em.c stable/10/sys/dev/e1000/if_igb.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/e1000/e1000_82575.c ============================================================================== --- stable/10/sys/dev/e1000/e1000_82575.c Thu Aug 31 23:57:34 2017 (r323079) +++ stable/10/sys/dev/e1000/e1000_82575.c Thu Aug 31 23:59:46 2017 (r323080) @@ -101,7 +101,6 @@ static s32 e1000_validate_nvm_checksum_with_offset(str u16 offset); static s32 e1000_validate_nvm_checksum_i350(struct e1000_hw *hw); static s32 e1000_update_nvm_checksum_i350(struct e1000_hw *hw); -static void e1000_write_vfta_i350(struct e1000_hw *hw, u32 offset, u32 value); static void e1000_clear_vfta_i350(struct e1000_hw *hw); static void e1000_i2c_start(struct e1000_hw *hw); Modified: stable/10/sys/dev/e1000/e1000_82575.h ============================================================================== --- stable/10/sys/dev/e1000/e1000_82575.h Thu Aug 31 23:57:34 2017 (r323079) +++ stable/10/sys/dev/e1000/e1000_82575.h Thu Aug 31 23:59:46 2017 (r323080) @@ -493,6 +493,7 @@ enum e1000_promisc_type { void e1000_vfta_set_vf(struct e1000_hw *, u16, bool); void e1000_rlpml_set_vf(struct e1000_hw *, u16); s32 e1000_promisc_set_vf(struct e1000_hw *, enum e1000_promisc_type type); +void e1000_write_vfta_i350(struct e1000_hw *hw, u32 offset, u32 value); u16 e1000_rxpbs_adjust_82580(u32 data); s32 e1000_read_emi_reg(struct e1000_hw *hw, u16 addr, u16 *data); s32 e1000_set_eee_i350(struct e1000_hw *hw, bool adv1G, bool adv100M); Modified: stable/10/sys/dev/e1000/e1000_defines.h ============================================================================== --- stable/10/sys/dev/e1000/e1000_defines.h Thu Aug 31 23:57:34 2017 (r323079) +++ stable/10/sys/dev/e1000/e1000_defines.h Thu Aug 31 23:59:46 2017 (r323080) @@ -469,6 +469,8 @@ #define ETHERNET_FCS_SIZE 4 #define MAX_JUMBO_FRAME_SIZE 0x3F00 +/* The datasheet maximum supported RX size is 9.5KB (9728 bytes) */ +#define MAX_RX_JUMBO_FRAME_SIZE 0x2600 #define E1000_TX_PTR_GAP 0x1F /* Extended Configuration Control and Size */ Modified: stable/10/sys/dev/e1000/e1000_ich8lan.c ============================================================================== --- stable/10/sys/dev/e1000/e1000_ich8lan.c Thu Aug 31 23:57:34 2017 (r323079) +++ stable/10/sys/dev/e1000/e1000_ich8lan.c Thu Aug 31 23:59:46 2017 (r323080) @@ -243,8 +243,7 @@ static bool e1000_phy_is_accessible_pchlan(struct e100 if (ret_val) return FALSE; out: - if ((hw->mac.type == e1000_pch_lpt) || - (hw->mac.type == e1000_pch_spt)) { + if (hw->mac.type >= e1000_pch_lpt) { /* Only unforce SMBus if ME is not active */ if (!(E1000_READ_REG(hw, E1000_FWSM) & E1000_ICH_FWSM_FW_VALID)) { @@ -641,7 +640,7 @@ static s32 e1000_init_nvm_params_ich8lan(struct e1000_ nvm->type = e1000_nvm_flash_sw; - if (hw->mac.type == e1000_pch_spt) { + if (hw->mac.type >= e1000_pch_spt) { /* in SPT, gfpreg doesn't exist. NVM size is taken from the * STRAP register. This is because in SPT the GbE Flash region * is no longer accessed through the flash registers. Instead, @@ -701,7 +700,7 @@ static s32 e1000_init_nvm_params_ich8lan(struct e1000_ /* Function Pointers */ nvm->ops.acquire = e1000_acquire_nvm_ich8lan; nvm->ops.release = e1000_release_nvm_ich8lan; - if (hw->mac.type == e1000_pch_spt) { + if (hw->mac.type >= e1000_pch_spt) { nvm->ops.read = e1000_read_nvm_spt; nvm->ops.update = e1000_update_nvm_checksum_spt; } else { @@ -815,8 +814,7 @@ static s32 e1000_init_mac_params_ich8lan(struct e1000_ break; } - if ((mac->type == e1000_pch_lpt) || - (mac->type == e1000_pch_spt)) { + if (mac->type >= e1000_pch_lpt) { mac->rar_entry_count = E1000_PCH_LPT_RAR_ENTRIES; mac->ops.rar_set = e1000_rar_set_pch_lpt; mac->ops.setup_physical_interface = e1000_setup_copper_link_pch_lpt; @@ -1576,9 +1574,7 @@ static s32 e1000_check_for_copper_link_ich8lan(struct * aggressive resulting in many collisions. To avoid this, increase * the IPG and reduce Rx latency in the PHY. */ - if (((hw->mac.type == e1000_pch2lan) || - (hw->mac.type == e1000_pch_lpt) || - (hw->mac.type == e1000_pch_spt)) && link) { + if ((hw->mac.type >= e1000_pch2lan) && link) { u16 speed, duplex; e1000_get_speed_and_duplex_copper_generic(hw, &speed, &duplex); @@ -1589,7 +1585,7 @@ static s32 e1000_check_for_copper_link_ich8lan(struct tipg_reg |= 0xFF; /* Reduce Rx latency in analog PHY */ emi_val = 0; - } else if (hw->mac.type == e1000_pch_spt && + } else if (hw->mac.type >= e1000_pch_spt && duplex == FULL_DUPLEX && speed != SPEED_1000) { tipg_reg |= 0xC; emi_val = 1; @@ -1611,8 +1607,8 @@ static s32 e1000_check_for_copper_link_ich8lan(struct emi_addr = I217_RX_CONFIG; ret_val = e1000_write_emi_reg_locked(hw, emi_addr, emi_val); - if (hw->mac.type == e1000_pch_lpt || - hw->mac.type == e1000_pch_spt) { + + if (hw->mac.type >= e1000_pch_lpt) { u16 phy_reg; hw->phy.ops.read_reg_locked(hw, I217_PLL_CLOCK_GATE_REG, @@ -1641,7 +1637,7 @@ static s32 e1000_check_for_copper_link_ich8lan(struct if (ret_val) return ret_val; - if (hw->mac.type == e1000_pch_spt) { + if (hw->mac.type >= e1000_pch_spt) { u16 data; u16 ptr_gap; @@ -1690,8 +1686,7 @@ static s32 e1000_check_for_copper_link_ich8lan(struct * on power up. * Set the Beacon Duration for I217 to 8 usec */ - if ((hw->mac.type == e1000_pch_lpt) || - (hw->mac.type == e1000_pch_spt)) { + if (hw->mac.type >= e1000_pch_lpt) { u32 mac_reg; mac_reg = E1000_READ_REG(hw, E1000_FEXTNVM4); @@ -1709,8 +1704,7 @@ static s32 e1000_check_for_copper_link_ich8lan(struct if (ret_val) return ret_val; } - if ((hw->mac.type == e1000_pch_lpt) || - (hw->mac.type == e1000_pch_spt)) { + if (hw->mac.type >= e1000_pch_lpt) { /* Set platform power management values for * Latency Tolerance Reporting (LTR) * Optimized Buffer Flush/Fill (OBFF) @@ -1723,15 +1717,20 @@ static s32 e1000_check_for_copper_link_ich8lan(struct /* Clear link partner's EEE ability */ hw->dev_spec.ich8lan.eee_lp_ability = 0; - /* FEXTNVM6 K1-off workaround */ - if (hw->mac.type == e1000_pch_spt) { - u32 pcieanacfg = E1000_READ_REG(hw, E1000_PCIEANACFG); + if (hw->mac.type >= e1000_pch_lpt) { u32 fextnvm6 = E1000_READ_REG(hw, E1000_FEXTNVM6); - if ((pcieanacfg & E1000_FEXTNVM6_K1_OFF_ENABLE) && - (hw->dev_spec.ich8lan.disable_k1_off == FALSE)) - fextnvm6 |= E1000_FEXTNVM6_K1_OFF_ENABLE; - else + if (hw->mac.type == e1000_pch_spt) { + /* FEXTNVM6 K1-off workaround - for SPT only */ + u32 pcieanacfg = E1000_READ_REG(hw, E1000_PCIEANACFG); + + if (pcieanacfg & E1000_FEXTNVM6_K1_OFF_ENABLE) + fextnvm6 |= E1000_FEXTNVM6_K1_OFF_ENABLE; + else + fextnvm6 &= ~E1000_FEXTNVM6_K1_OFF_ENABLE; + } + + if (hw->dev_spec.ich8lan.disable_k1_off == TRUE) fextnvm6 &= ~E1000_FEXTNVM6_K1_OFF_ENABLE; E1000_WRITE_REG(hw, E1000_FEXTNVM6, fextnvm6); @@ -3671,7 +3670,7 @@ static s32 e1000_flash_cycle_init_ich8lan(struct e1000 /* Clear FCERR and DAEL in hw status by writing 1 */ hsfsts.hsf_status.flcerr = 1; hsfsts.hsf_status.dael = 1; - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) E1000_WRITE_FLASH_REG(hw, ICH_FLASH_HSFSTS, hsfsts.regval & 0xFFFF); else @@ -3691,7 +3690,7 @@ static s32 e1000_flash_cycle_init_ich8lan(struct e1000 * Begin by setting Flash Cycle Done. */ hsfsts.hsf_status.flcdone = 1; - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) E1000_WRITE_FLASH_REG(hw, ICH_FLASH_HSFSTS, hsfsts.regval & 0xFFFF); else @@ -3718,7 +3717,7 @@ static s32 e1000_flash_cycle_init_ich8lan(struct e1000 * now set the Flash Cycle Done. */ hsfsts.hsf_status.flcdone = 1; - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) E1000_WRITE_FLASH_REG(hw, ICH_FLASH_HSFSTS, hsfsts.regval & 0xFFFF); else @@ -3748,13 +3747,13 @@ static s32 e1000_flash_cycle_ich8lan(struct e1000_hw * DEBUGFUNC("e1000_flash_cycle_ich8lan"); /* Start a cycle by writing 1 in Flash Cycle Go in Hw Flash Control */ - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) hsflctl.regval = E1000_READ_FLASH_REG(hw, ICH_FLASH_HSFSTS)>>16; else hsflctl.regval = E1000_READ_FLASH_REG16(hw, ICH_FLASH_HSFCTL); hsflctl.hsf_ctrl.flcgo = 1; - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) E1000_WRITE_FLASH_REG(hw, ICH_FLASH_HSFSTS, hsflctl.regval << 16); else @@ -3837,7 +3836,7 @@ static s32 e1000_read_flash_byte_ich8lan(struct e1000_ /* In SPT, only 32 bits access is supported, * so this function should not be called. */ - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) return -E1000_ERR_NVM; else ret_val = e1000_read_flash_data_ich8lan(hw, offset, 1, &word); @@ -3946,7 +3945,7 @@ static s32 e1000_read_flash_data32_ich8lan(struct e100 DEBUGFUNC("e1000_read_flash_data_ich8lan"); if (offset > ICH_FLASH_LINEAR_ADDR_MASK || - hw->mac.type != e1000_pch_spt) + hw->mac.type < e1000_pch_spt) return -E1000_ERR_NVM; flash_linear_addr = ((ICH_FLASH_LINEAR_ADDR_MASK & offset) + hw->nvm.flash_base_addr); @@ -4434,7 +4433,7 @@ static s32 e1000_write_flash_data_ich8lan(struct e1000 DEBUGFUNC("e1000_write_ich8_data"); - if (hw->mac.type == e1000_pch_spt) { + if (hw->mac.type >= e1000_pch_spt) { if (size != 4 || offset > ICH_FLASH_LINEAR_ADDR_MASK) return -E1000_ERR_NVM; } else { @@ -4454,7 +4453,7 @@ static s32 e1000_write_flash_data_ich8lan(struct e1000 /* In SPT, This register is in Lan memory space, not * flash. Therefore, only 32 bit access is supported */ - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) hsflctl.regval = E1000_READ_FLASH_REG(hw, ICH_FLASH_HSFSTS)>>16; else @@ -4468,7 +4467,7 @@ static s32 e1000_write_flash_data_ich8lan(struct e1000 * not flash. Therefore, only 32 bit access is * supported */ - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) E1000_WRITE_FLASH_REG(hw, ICH_FLASH_HSFSTS, hsflctl.regval << 16); else @@ -4530,7 +4529,7 @@ static s32 e1000_write_flash_data32_ich8lan(struct e10 DEBUGFUNC("e1000_write_flash_data32_ich8lan"); - if (hw->mac.type == e1000_pch_spt) { + if (hw->mac.type >= e1000_pch_spt) { if (offset > ICH_FLASH_LINEAR_ADDR_MASK) return -E1000_ERR_NVM; } @@ -4546,7 +4545,7 @@ static s32 e1000_write_flash_data32_ich8lan(struct e10 /* In SPT, This register is in Lan memory space, not * flash. Therefore, only 32 bit access is supported */ - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) hsflctl.regval = E1000_READ_FLASH_REG(hw, ICH_FLASH_HSFSTS) >> 16; @@ -4561,7 +4560,7 @@ static s32 e1000_write_flash_data32_ich8lan(struct e10 * not flash. Therefore, only 32 bit access is * supported */ - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) E1000_WRITE_FLASH_REG(hw, ICH_FLASH_HSFSTS, hsflctl.regval << 16); else @@ -4763,7 +4762,7 @@ static s32 e1000_erase_flash_bank_ich8lan(struct e1000 /* Write a value 11 (block Erase) in Flash * Cycle field in hw flash control */ - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) hsflctl.regval = E1000_READ_FLASH_REG(hw, ICH_FLASH_HSFSTS)>>16; @@ -4773,7 +4772,7 @@ static s32 e1000_erase_flash_bank_ich8lan(struct e1000 ICH_FLASH_HSFCTL); hsflctl.hsf_ctrl.flcycle = ICH_CYCLE_ERASE; - if (hw->mac.type == e1000_pch_spt) + if (hw->mac.type >= e1000_pch_spt) E1000_WRITE_FLASH_REG(hw, ICH_FLASH_HSFSTS, hsflctl.regval << 16); else @@ -5211,8 +5210,7 @@ static void e1000_initialize_hw_bits_ich8lan(struct e1 E1000_WRITE_REG(hw, E1000_RFCTL, reg); /* Enable ECC on Lynxpoint */ - if ((hw->mac.type == e1000_pch_lpt) || - (hw->mac.type == e1000_pch_spt)) { + if (hw->mac.type >= e1000_pch_lpt) { reg = E1000_READ_REG(hw, E1000_PBECCSTS); reg |= E1000_PBECCSTS_ECC_ENABLE; E1000_WRITE_REG(hw, E1000_PBECCSTS, reg); @@ -5645,7 +5643,7 @@ void e1000_suspend_workarounds_ich8lan(struct e1000_hw (device_id == E1000_DEV_ID_PCH_LPTLP_I218_V) || (device_id == E1000_DEV_ID_PCH_I218_LM3) || (device_id == E1000_DEV_ID_PCH_I218_V3) || - (hw->mac.type == e1000_pch_spt)) { + (hw->mac.type >= e1000_pch_spt)) { u32 fextnvm6 = E1000_READ_REG(hw, E1000_FEXTNVM6); E1000_WRITE_REG(hw, E1000_FEXTNVM6, Modified: stable/10/sys/dev/e1000/if_em.c ============================================================================== --- stable/10/sys/dev/e1000/if_em.c Thu Aug 31 23:57:34 2017 (r323079) +++ stable/10/sys/dev/e1000/if_em.c Thu Aug 31 23:59:46 2017 (r323080) @@ -198,6 +198,12 @@ static em_vendor_info_t em_vendor_info_array[] = { 0x8086, E1000_DEV_ID_PCH_SPT_I219_LM5, PCI_ANY_ID, PCI_ANY_ID, 0}, { 0x8086, E1000_DEV_ID_PCH_SPT_I219_V5, PCI_ANY_ID, PCI_ANY_ID, 0}, + { 0x8086, E1000_DEV_ID_PCH_SPT_I219_LM4, + PCI_ANY_ID, PCI_ANY_ID, 0}, + { 0x8086, E1000_DEV_ID_PCH_SPT_I219_V4, PCI_ANY_ID, PCI_ANY_ID, 0}, + { 0x8086, E1000_DEV_ID_PCH_SPT_I219_LM5, + PCI_ANY_ID, PCI_ANY_ID, 0}, + { 0x8086, E1000_DEV_ID_PCH_SPT_I219_V5, PCI_ANY_ID, PCI_ANY_ID, 0}, /* required last entry */ { 0, 0, 0, 0, 0} }; @@ -5317,6 +5323,8 @@ em_get_wakeup(device_t dev) case e1000_ich10lan: case e1000_pchlan: case e1000_pch2lan: + case e1000_pch_lpt: + case e1000_pch_spt: apme_mask = E1000_WUC_APME; adapter->has_amt = TRUE; eeprom_data = E1000_READ_REG(&adapter->hw, E1000_WUC); @@ -5365,32 +5373,13 @@ em_enable_wakeup(device_t dev) { struct adapter *adapter = device_get_softc(dev); struct ifnet *ifp = adapter->ifp; + int error = 0; u32 pmc, ctrl, ctrl_ext, rctl; u16 status; - if ((pci_find_cap(dev, PCIY_PMG, &pmc) != 0)) + if (pci_find_cap(dev, PCIY_PMG, &pmc) != 0) return; - /* Advertise the wakeup capability */ - ctrl = E1000_READ_REG(&adapter->hw, E1000_CTRL); - ctrl |= (E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN3); - E1000_WRITE_REG(&adapter->hw, E1000_CTRL, ctrl); - E1000_WRITE_REG(&adapter->hw, E1000_WUC, E1000_WUC_PME_EN); - - if ((adapter->hw.mac.type == e1000_ich8lan) || - (adapter->hw.mac.type == e1000_pchlan) || - (adapter->hw.mac.type == e1000_ich9lan) || - (adapter->hw.mac.type == e1000_ich10lan)) - e1000_suspend_workarounds_ich8lan(&adapter->hw); - - /* Keep the laser running on Fiber adapters */ - if (adapter->hw.phy.media_type == e1000_media_type_fiber || - adapter->hw.phy.media_type == e1000_media_type_internal_serdes) { - ctrl_ext = E1000_READ_REG(&adapter->hw, E1000_CTRL_EXT); - ctrl_ext |= E1000_CTRL_EXT_SDP3_DATA; - E1000_WRITE_REG(&adapter->hw, E1000_CTRL_EXT, ctrl_ext); - } - /* ** Determine type of Wakeup: note that wol ** is set with all bits on by default. @@ -5406,11 +5395,37 @@ em_enable_wakeup(device_t dev) E1000_WRITE_REG(&adapter->hw, E1000_RCTL, rctl); } - if ((adapter->hw.mac.type == e1000_pchlan) || - (adapter->hw.mac.type == e1000_pch2lan)) { - if (em_enable_phy_wakeup(adapter)) - return; + if (!(adapter->wol & (E1000_WUFC_EX | E1000_WUFC_MAG | E1000_WUFC_MC))) + goto pme; + + /* Advertise the wakeup capability */ + ctrl = E1000_READ_REG(&adapter->hw, E1000_CTRL); + ctrl |= (E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN3); + E1000_WRITE_REG(&adapter->hw, E1000_CTRL, ctrl); + + /* Keep the laser running on Fiber adapters */ + if (adapter->hw.phy.media_type == e1000_media_type_fiber || + adapter->hw.phy.media_type == e1000_media_type_internal_serdes) { + ctrl_ext = E1000_READ_REG(&adapter->hw, E1000_CTRL_EXT); + ctrl_ext |= E1000_CTRL_EXT_SDP3_DATA; + E1000_WRITE_REG(&adapter->hw, E1000_CTRL_EXT, ctrl_ext); + } + + if ((adapter->hw.mac.type == e1000_ich8lan) || + (adapter->hw.mac.type == e1000_pchlan) || + (adapter->hw.mac.type == e1000_ich9lan) || + (adapter->hw.mac.type == e1000_ich10lan)) + e1000_suspend_workarounds_ich8lan(&adapter->hw); + + if ((adapter->hw.mac.type == e1000_pchlan) || + (adapter->hw.mac.type == e1000_pch2lan) || + (adapter->hw.mac.type == e1000_pch_lpt) || + (adapter->hw.mac.type == e1000_pch_spt)) { + error = em_enable_phy_wakeup(adapter); + if (error) + goto pme; } else { + /* Enable wakeup by the MAC */ E1000_WRITE_REG(&adapter->hw, E1000_WUC, E1000_WUC_PME_EN); E1000_WRITE_REG(&adapter->hw, E1000_WUFC, adapter->wol); } @@ -5418,10 +5433,10 @@ em_enable_wakeup(device_t dev) if (adapter->hw.phy.type == e1000_phy_igp_3) e1000_igp3_phy_powerdown_workaround_ich8lan(&adapter->hw); - /* Request PME */ +pme: status = pci_read_config(dev, pmc + PCIR_POWER_STATUS, 2); status &= ~(PCIM_PSTAT_PME | PCIM_PSTAT_PMEENABLE); - if (ifp->if_capenable & IFCAP_WOL) + if (!error && (ifp->if_capenable & IFCAP_WOL)) status |= PCIM_PSTAT_PME | PCIM_PSTAT_PMEENABLE; pci_write_config(dev, pmc + PCIR_POWER_STATUS, status, 2); Modified: stable/10/sys/dev/e1000/if_igb.c ============================================================================== --- stable/10/sys/dev/e1000/if_igb.c Thu Aug 31 23:57:34 2017 (r323079) +++ stable/10/sys/dev/e1000/if_igb.c Thu Aug 31 23:59:46 2017 (r323080) @@ -724,12 +724,6 @@ igb_detach(device_t dev) igb_release_manageability(adapter); igb_release_hw_control(adapter); - if (adapter->wol) { - E1000_WRITE_REG(&adapter->hw, E1000_WUC, E1000_WUC_PME_EN); - E1000_WRITE_REG(&adapter->hw, E1000_WUFC, adapter->wol); - igb_enable_wakeup(dev); - } - /* Unregister VLAN events */ if (adapter->vlan_attach != NULL) EVENTHANDLER_DEREGISTER(vlan_config, adapter->vlan_attach); @@ -781,13 +775,8 @@ igb_suspend(device_t dev) igb_release_manageability(adapter); igb_release_hw_control(adapter); + igb_enable_wakeup(dev); - if (adapter->wol) { - E1000_WRITE_REG(&adapter->hw, E1000_WUC, E1000_WUC_PME_EN); - E1000_WRITE_REG(&adapter->hw, E1000_WUFC, adapter->wol); - igb_enable_wakeup(dev); - } - IGB_CORE_UNLOCK(adapter); return bus_generic_suspend(dev); @@ -1216,6 +1205,14 @@ igb_ioctl(struct ifnet *ifp, u_long command, caddr_t d ifp->if_capenable ^= IFCAP_LRO; reinit = 1; } + if (mask & IFCAP_WOL) { + if (mask & IFCAP_WOL_MAGIC) + ifp->if_capenable ^= IFCAP_WOL_MAGIC; + if (mask & IFCAP_WOL_MCAST) + ifp->if_capenable ^= IFCAP_WOL_MCAST; + if (mask & IFCAP_WOL_UCAST) + ifp->if_capenable ^= IFCAP_WOL_UCAST; + } if (reinit && (ifp->if_drv_flags & IFF_DRV_RUNNING)) igb_init(adapter); VLAN_CAPABILITIES(ifp); @@ -2275,7 +2272,7 @@ igb_stop(void *arg) } e1000_reset_hw(&adapter->hw); - E1000_WRITE_REG(&adapter->hw, E1000_WUC, 0); + E1000_WRITE_REG(&adapter->hw, E1000_WUFC, 0); e1000_led_off(&adapter->hw); e1000_cleanup_led(&adapter->hw); @@ -3031,7 +3028,7 @@ igb_reset(struct adapter *adapter) /* Issue a global reset */ e1000_reset_hw(hw); - E1000_WRITE_REG(hw, E1000_WUC, 0); + E1000_WRITE_REG(hw, E1000_WUFC, 0); /* Reset for AutoMediaDetect */ if (adapter->flags & IGB_MEDIA_RESET) { @@ -3122,6 +3119,13 @@ igb_setup_interface(device_t dev, struct adapter *adap | IFCAP_VLAN_MTU; /* + * Enable only WOL MAGIC by default if WOL is enabled in EEPROM. + */ + ifp->if_capabilities |= IFCAP_WOL; + if (adapter->wol) + ifp->if_capenable |= IFCAP_WOL_MAGIC; + + /* ** Don't turn this on by default, if vlans are ** created on another pseudo device (eg. lagg) ** then vlan events are not passed thru, breaking @@ -5311,22 +5315,61 @@ igb_is_valid_ether_addr(uint8_t *addr) static void igb_enable_wakeup(device_t dev) { - u16 cap, status; - u8 id; + struct adapter *adapter = device_get_softc(dev); + struct ifnet *ifp = adapter->ifp; + u32 pmc, ctrl, ctrl_ext, rctl, wuc; + u16 status; - /* First find the capabilities pointer*/ - cap = pci_read_config(dev, PCIR_CAP_PTR, 2); - /* Read the PM Capabilities */ - id = pci_read_config(dev, cap, 1); - if (id != PCIY_PMG) /* Something wrong */ + if (pci_find_cap(dev, PCIY_PMG, &pmc) != 0) return; - /* OK, we have the power capabilities, so - now get the status register */ - cap += PCIR_POWER_STATUS; - status = pci_read_config(dev, cap, 2); - status |= PCIM_PSTAT_PME | PCIM_PSTAT_PMEENABLE; - pci_write_config(dev, cap, status, 2); - return; + + adapter->wol = E1000_READ_REG(&adapter->hw, E1000_WUFC); + if (ifp->if_capenable & IFCAP_WOL_MAGIC) + adapter->wol |= E1000_WUFC_MAG; + else + adapter->wol &= ~E1000_WUFC_MAG; + + if (ifp->if_capenable & IFCAP_WOL_MCAST) { + adapter->wol |= E1000_WUFC_MC; + rctl = E1000_READ_REG(&adapter->hw, E1000_RCTL); + rctl |= E1000_RCTL_MPE; + E1000_WRITE_REG(&adapter->hw, E1000_RCTL, rctl); + } else + adapter->wol &= ~E1000_WUFC_MC; + + if (ifp->if_capenable & IFCAP_WOL_UCAST) + adapter->wol |= E1000_WUFC_EX; + else + adapter->wol &= ~E1000_WUFC_EX; + + if (!(adapter->wol & (E1000_WUFC_EX | E1000_WUFC_MAG | E1000_WUFC_MC))) + goto pme; + + /* Advertise the wakeup capability */ + ctrl = E1000_READ_REG(&adapter->hw, E1000_CTRL); + ctrl |= (E1000_CTRL_SWDPIN2 | E1000_CTRL_SWDPIN3); + E1000_WRITE_REG(&adapter->hw, E1000_CTRL, ctrl); + + /* Keep the laser running on Fiber adapters */ + if (adapter->hw.phy.media_type == e1000_media_type_fiber || + adapter->hw.phy.media_type == e1000_media_type_internal_serdes) { + ctrl_ext = E1000_READ_REG(&adapter->hw, E1000_CTRL_EXT); + ctrl_ext |= E1000_CTRL_EXT_SDP3_DATA; + E1000_WRITE_REG(&adapter->hw, E1000_CTRL_EXT, ctrl_ext); + } + + /* Enable wakeup by the MAC */ + wuc = E1000_READ_REG(&adapter->hw, E1000_WUC); + wuc |= E1000_WUC_PME_EN | E1000_WUC_APME; + E1000_WRITE_REG(&adapter->hw, E1000_WUC, wuc); + E1000_WRITE_REG(&adapter->hw, E1000_WUFC, adapter->wol); + +pme: + status = pci_read_config(dev, pmc + PCIR_POWER_STATUS, 2); + status &= ~(PCIM_PSTAT_PME | PCIM_PSTAT_PMEENABLE); + if (ifp->if_capenable & IFCAP_WOL) + status |= PCIM_PSTAT_PME | PCIM_PSTAT_PMEENABLE; + pci_write_config(dev, pmc + PCIR_POWER_STATUS, status, 2); } static void From owner-svn-src-stable-10@freebsd.org Fri Sep 1 00:16:04 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3E64CE0D580; Fri, 1 Sep 2017 00:16:04 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0CDDD6E493; Fri, 1 Sep 2017 00:16:03 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v810G3mk099687; Fri, 1 Sep 2017 00:16:03 GMT (envelope-from marius@FreeBSD.org) Received: (from marius@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v810G3YB099686; Fri, 1 Sep 2017 00:16:03 GMT (envelope-from marius@FreeBSD.org) Message-Id: <201709010016.v810G3YB099686@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: marius set sender to marius@FreeBSD.org using -f From: Marius Strobl Date: Fri, 1 Sep 2017 00:16:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323081 - stable/10/sys/conf X-SVN-Group: stable-10 X-SVN-Commit-Author: marius X-SVN-Commit-Paths: stable/10/sys/conf X-SVN-Commit-Revision: 323081 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2017 00:16:04 -0000 Author: marius Date: Fri Sep 1 00:16:03 2017 New Revision: 323081 URL: https://svnweb.freebsd.org/changeset/base/323081 Log: Update stable/10 to BETA3 in preparation for 10.4-BETA3 builds. Approved by: re (implicit) Modified: stable/10/sys/conf/newvers.sh Modified: stable/10/sys/conf/newvers.sh ============================================================================== --- stable/10/sys/conf/newvers.sh Thu Aug 31 23:59:46 2017 (r323080) +++ stable/10/sys/conf/newvers.sh Fri Sep 1 00:16:03 2017 (r323081) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.4" -BRANCH="BETA2" +BRANCH="BETA3" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-svn-src-stable-10@freebsd.org Fri Sep 1 19:11:48 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F07E8E011F7; Fri, 1 Sep 2017 19:11:48 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BC69562B; Fri, 1 Sep 2017 19:11:48 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v81JBlUo065824; Fri, 1 Sep 2017 19:11:47 GMT (envelope-from marius@FreeBSD.org) Received: (from marius@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v81JBlkM065823; Fri, 1 Sep 2017 19:11:47 GMT (envelope-from marius@FreeBSD.org) Message-Id: <201709011911.v81JBlkM065823@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: marius set sender to marius@FreeBSD.org using -f From: Marius Strobl Date: Fri, 1 Sep 2017 19:11:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323113 - stable/10/release/arm X-SVN-Group: stable-10 X-SVN-Commit-Author: marius X-SVN-Commit-Paths: stable/10/release/arm X-SVN-Commit-Revision: 323113 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2017 19:11:49 -0000 Author: marius Date: Fri Sep 1 19:11:47 2017 New Revision: 323113 URL: https://svnweb.freebsd.org/changeset/base/323113 Log: Fix a typo in the hard link creation for a WANDBOARD DTB file. Just like r322666 which introduced this bug, this is a direct commit to stable/10. Approved by: re (kib) Modified: stable/10/release/arm/WANDBOARD.conf Modified: stable/10/release/arm/WANDBOARD.conf ============================================================================== --- stable/10/release/arm/WANDBOARD.conf Fri Sep 1 18:53:36 2017 (r323112) +++ stable/10/release/arm/WANDBOARD.conf Fri Sep 1 19:11:47 2017 (r323113) @@ -33,7 +33,7 @@ arm_install_uboot() { ${FATMOUNT}/ubldr.bin chroot ${CHROOTDIR} ln ${UFSMOUNT}/boot/dtb/imx6dl-wandboard.dtb \ ${UFSMOUNT}/boot/dtb/imx6dl-wandboard-revb1.dtb - chroot ${CHROOTDIR} ln ${UFSMOUNT}/boot/dtb/imx6q-wandboard.dtb + chroot ${CHROOTDIR} ln ${UFSMOUNT}/boot/dtb/imx6q-wandboard.dtb \ ${UFSMOUNT}/boot/dtb/imx6q-wandboard-revb1.dtb chroot ${CHROOTDIR} touch ${UFSMOUNT}/firstboot sync From owner-svn-src-stable-10@freebsd.org Fri Sep 1 21:24:34 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 22B8BE07E25; Fri, 1 Sep 2017 21:24:34 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BFF596440D; Fri, 1 Sep 2017 21:24:33 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v81LOWr0021000; Fri, 1 Sep 2017 21:24:32 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v81LOW1a020997; Fri, 1 Sep 2017 21:24:32 GMT (envelope-from des@FreeBSD.org) Message-Id: <201709012124.v81LOW1a020997@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Fri, 1 Sep 2017 21:24:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323120 - in stable/10: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypt... X-SVN-Group: stable-10 X-SVN-Commit-Author: des X-SVN-Commit-Paths: in stable/10: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/openbsd-compat/... X-SVN-Commit-Revision: 323120 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2017 21:24:34 -0000 Author: des Date: Fri Sep 1 21:24:32 2017 New Revision: 323120 URL: https://svnweb.freebsd.org/changeset/base/323120 Log: Upgrade OpenSSH to 7.3p1. This is the last version of OpenSSH which does not break compatibility more than we can live with in a stable branch. Further commits will follow to backport some bug fixes from newer versions. Approved by: re@ Added: stable/10/crypto/openssh/.skipped-commit-ids - copied unchanged from r313010, vendor-crypto/openssh/dist/.skipped-commit-ids stable/10/crypto/openssh/openbsd-compat/bsd-err.c - copied unchanged from r313010, vendor-crypto/openssh/dist/openbsd-compat/bsd-err.c stable/10/crypto/openssh/platform-tracing.c - copied unchanged from r313010, vendor-crypto/openssh/dist/platform-tracing.c stable/10/crypto/openssh/regress/cfginclude.sh - copied unchanged from r313010, vendor-crypto/openssh/dist/regress/cfginclude.sh stable/10/crypto/openssh/regress/misc/ - copied from r313010, vendor-crypto/openssh/dist/regress/misc/ stable/10/crypto/openssh/regress/sshcfgparse.sh - copied unchanged from r313010, vendor-crypto/openssh/dist/regress/sshcfgparse.sh stable/10/crypto/openssh/regress/unittests/utf8/ - copied from r313010, vendor-crypto/openssh/dist/regress/unittests/utf8/ stable/10/crypto/openssh/utf8.c - copied unchanged from r313010, vendor-crypto/openssh/dist/utf8.c stable/10/crypto/openssh/utf8.h - copied unchanged from r313010, vendor-crypto/openssh/dist/utf8.h Deleted: stable/10/crypto/openssh/.cvsignore stable/10/crypto/openssh/openbsd-compat/.cvsignore stable/10/crypto/openssh/openbsd-compat/regress/.cvsignore stable/10/crypto/openssh/regress/.cvsignore stable/10/crypto/openssh/roaming.h stable/10/crypto/openssh/scard/ Modified: stable/10/crypto/openssh/ChangeLog stable/10/crypto/openssh/INSTALL stable/10/crypto/openssh/Makefile.in stable/10/crypto/openssh/PROTOCOL stable/10/crypto/openssh/PROTOCOL.agent stable/10/crypto/openssh/PROTOCOL.certkeys stable/10/crypto/openssh/PROTOCOL.chacha20poly1305 stable/10/crypto/openssh/README stable/10/crypto/openssh/audit-linux.c stable/10/crypto/openssh/auth-krb5.c stable/10/crypto/openssh/auth-options.c stable/10/crypto/openssh/auth-pam.c stable/10/crypto/openssh/auth-pam.h stable/10/crypto/openssh/auth-passwd.c stable/10/crypto/openssh/auth-rh-rsa.c stable/10/crypto/openssh/auth-rhosts.c stable/10/crypto/openssh/auth.c stable/10/crypto/openssh/auth.h stable/10/crypto/openssh/auth2-chall.c stable/10/crypto/openssh/auth2-hostbased.c stable/10/crypto/openssh/auth2.c stable/10/crypto/openssh/authfile.c stable/10/crypto/openssh/canohost.c stable/10/crypto/openssh/canohost.h stable/10/crypto/openssh/channels.c stable/10/crypto/openssh/cipher-bf1.c stable/10/crypto/openssh/cipher.c stable/10/crypto/openssh/clientloop.c stable/10/crypto/openssh/compat.c stable/10/crypto/openssh/config.h stable/10/crypto/openssh/configure.ac stable/10/crypto/openssh/contrib/cygwin/README stable/10/crypto/openssh/contrib/redhat/openssh.spec stable/10/crypto/openssh/contrib/ssh-copy-id stable/10/crypto/openssh/contrib/suse/openssh.spec stable/10/crypto/openssh/defines.h stable/10/crypto/openssh/dh.c stable/10/crypto/openssh/dh.h stable/10/crypto/openssh/freebsd-configure.sh stable/10/crypto/openssh/kex.c stable/10/crypto/openssh/kex.h stable/10/crypto/openssh/kexc25519.c stable/10/crypto/openssh/kexdh.c stable/10/crypto/openssh/kexdhc.c stable/10/crypto/openssh/kexdhs.c stable/10/crypto/openssh/kexgexs.c stable/10/crypto/openssh/key.c stable/10/crypto/openssh/log.c stable/10/crypto/openssh/log.h stable/10/crypto/openssh/mac.c stable/10/crypto/openssh/mac.h stable/10/crypto/openssh/misc.c stable/10/crypto/openssh/misc.h stable/10/crypto/openssh/moduli stable/10/crypto/openssh/monitor.c stable/10/crypto/openssh/monitor_fdpass.c stable/10/crypto/openssh/monitor_wrap.c stable/10/crypto/openssh/monitor_wrap.h stable/10/crypto/openssh/mux.c stable/10/crypto/openssh/myproposal.h stable/10/crypto/openssh/opacket.h stable/10/crypto/openssh/openbsd-compat/Makefile.in stable/10/crypto/openssh/openbsd-compat/arc4random.c stable/10/crypto/openssh/openbsd-compat/bindresvport.c stable/10/crypto/openssh/openbsd-compat/bsd-asprintf.c stable/10/crypto/openssh/openbsd-compat/bsd-misc.c stable/10/crypto/openssh/openbsd-compat/bsd-misc.h stable/10/crypto/openssh/openbsd-compat/bsd-snprintf.c stable/10/crypto/openssh/openbsd-compat/inet_aton.c stable/10/crypto/openssh/openbsd-compat/openbsd-compat.h stable/10/crypto/openssh/openbsd-compat/port-solaris.h stable/10/crypto/openssh/openbsd-compat/vis.c stable/10/crypto/openssh/openbsd-compat/vis.h stable/10/crypto/openssh/openbsd-compat/xcrypt.c stable/10/crypto/openssh/packet.c stable/10/crypto/openssh/packet.h stable/10/crypto/openssh/pathnames.h stable/10/crypto/openssh/platform.c stable/10/crypto/openssh/platform.h stable/10/crypto/openssh/progressmeter.c stable/10/crypto/openssh/readconf.c stable/10/crypto/openssh/readconf.h stable/10/crypto/openssh/regress/Makefile stable/10/crypto/openssh/regress/agent-getpeereid.sh stable/10/crypto/openssh/regress/cert-hostkey.sh stable/10/crypto/openssh/regress/cert-userkey.sh stable/10/crypto/openssh/regress/cfgparse.sh stable/10/crypto/openssh/regress/connect-privsep.sh stable/10/crypto/openssh/regress/forwarding.sh stable/10/crypto/openssh/regress/integrity.sh stable/10/crypto/openssh/regress/modpipe.c stable/10/crypto/openssh/regress/netcat.c stable/10/crypto/openssh/regress/test-exec.sh stable/10/crypto/openssh/regress/unittests/Makefile stable/10/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_misc.c stable/10/crypto/openssh/regress/unittests/sshkey/test_sshkey.c stable/10/crypto/openssh/regress/unittests/test_helper/Makefile stable/10/crypto/openssh/sandbox-seccomp-filter.c stable/10/crypto/openssh/scp.1 stable/10/crypto/openssh/scp.c stable/10/crypto/openssh/servconf.c stable/10/crypto/openssh/serverloop.c stable/10/crypto/openssh/session.c stable/10/crypto/openssh/session.h stable/10/crypto/openssh/sftp-client.c stable/10/crypto/openssh/sftp-server.c stable/10/crypto/openssh/sftp.1 stable/10/crypto/openssh/sftp.c stable/10/crypto/openssh/ssh-agent.1 stable/10/crypto/openssh/ssh-agent.c stable/10/crypto/openssh/ssh-dss.c stable/10/crypto/openssh/ssh-ecdsa.c stable/10/crypto/openssh/ssh-ed25519.c stable/10/crypto/openssh/ssh-keygen.1 stable/10/crypto/openssh/ssh-keygen.c stable/10/crypto/openssh/ssh-keyscan.c stable/10/crypto/openssh/ssh-rsa.c stable/10/crypto/openssh/ssh.1 stable/10/crypto/openssh/ssh.c stable/10/crypto/openssh/ssh1.h stable/10/crypto/openssh/ssh2.h stable/10/crypto/openssh/ssh_api.c stable/10/crypto/openssh/ssh_config stable/10/crypto/openssh/ssh_config.5 stable/10/crypto/openssh/ssh_namespace.h stable/10/crypto/openssh/sshbuf-getput-basic.c stable/10/crypto/openssh/sshbuf-misc.c stable/10/crypto/openssh/sshbuf.h stable/10/crypto/openssh/sshconnect2.c stable/10/crypto/openssh/sshd.c stable/10/crypto/openssh/sshd_config stable/10/crypto/openssh/sshd_config.5 stable/10/crypto/openssh/sshkey.c stable/10/crypto/openssh/sshkey.h stable/10/crypto/openssh/ttymodes.c stable/10/crypto/openssh/ttymodes.h stable/10/crypto/openssh/version.h stable/10/secure/lib/libssh/Makefile Copied: stable/10/crypto/openssh/.skipped-commit-ids (from r313010, vendor-crypto/openssh/dist/.skipped-commit-ids) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/crypto/openssh/.skipped-commit-ids Fri Sep 1 21:24:32 2017 (r323120, copy of r313010, vendor-crypto/openssh/dist/.skipped-commit-ids) @@ -0,0 +1,11 @@ +321065a95a7ccebdd5fd08482a1e19afbf524e35 Update DH groups +d4f699a421504df35254cf1c6f1a7c304fb907ca Remove 1k bit groups +aafe246655b53b52bc32c8a24002bc262f4230f7 Remove intermediate moduli +8fa9cd1dee3c3339ae329cf20fb591db6d605120 put back SSH1 for 6.9 +f31327a48dd4103333cc53315ec53fe65ed8a17a Generate new moduli +edbfde98c40007b7752a4ac106095e060c25c1ef Regen moduli +052fd565e3ff2d8cec3bc957d1788f50c827f8e2 Switch to tame-based sandbox +7cf73737f357492776223da1c09179fa6ba74660 Remove moduli <2k +180d84674be1344e45a63990d60349988187c1ae Update moduli +f6ae971186ba68d066cd102e57d5b0b2c211a5ee systrace is dead. +96c5054e3e1f170c6276902d5bc65bb3b87a2603 remove DEBUGLIBS from Makefile Modified: stable/10/crypto/openssh/ChangeLog ============================================================================== --- stable/10/crypto/openssh/ChangeLog Fri Sep 1 21:06:31 2017 (r323119) +++ stable/10/crypto/openssh/ChangeLog Fri Sep 1 21:24:32 2017 (r323120) @@ -1,17 +1,1848 @@ -commit 5c35450a0c901d9375fb23343a8dc82397da5f75 +commit 99522ba7ec6963a05c04a156bf20e3ba3605987c Author: Damien Miller -Date: Thu Mar 10 05:04:48 2016 +1100 +Date: Thu Jul 28 08:54:27 2016 +1000 - update versions for release + define _OPENBSD_SOURCE for reallocarray on NetBSD + + Report by and debugged with Hisashi T Fujinaka, dtucker nailed + the problem (lack of prototype causing return type confusion). -commit 9d47b8d3f50c3a6282896df8274147e3b9a38c56 +commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 Author: Damien Miller -Date: Thu Mar 10 05:03:39 2016 +1100 +Date: Wed Jul 27 08:25:42 2016 +1000 - sanitise characters destined for xauth(1) + KNF + +commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331 +Author: Damien Miller +Date: Wed Jul 27 08:25:23 2016 +1000 + + Linux auditing also needs packet.h + +commit 393bd381a45884b589baa9aed4394f1d250255ca +Author: Damien Miller +Date: Wed Jul 27 08:18:05 2016 +1000 + + fix auditing on Linux - reported by github.com/tintinweb + get_remote_ipaddr() was replaced with ssh_remote_ipaddr() +commit 80e766fb089de4f3c92b1600eb99e9495e37c992 +Author: Damien Miller +Date: Sun Jul 24 21:50:13 2016 +1000 + + crank version numbers + +commit b1a478792d458f2e938a302e64bab2b520edc1b3 +Author: djm@openbsd.org +Date: Sun Jul 24 11:45:36 2016 +0000 + + upstream commit + + openssh-7.3 + + Upstream-ID: af106a7eb665f642648cf1993e162c899f358718 + +commit 353766e0881f069aeca30275ab706cd60a1a8fdd +Author: Darren Tucker +Date: Sat Jul 23 16:14:42 2016 +1000 + + Move Cygwin IPPORT_RESERVED overrride to defines.h + + Patch from vinschen at redhat.com. + +commit 368dd977ae07afb93f4ecea23615128c95ab2b32 +Author: djm@openbsd.org +Date: Sat Jul 23 02:54:08 2016 +0000 + + upstream commit + + fix pledge violation with ssh -f; reported by Valentin + Kozamernik ok dtucker@ + + Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa + +commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e +Author: djm@openbsd.org +Date: Fri Jul 22 07:00:46 2016 +0000 + + upstream commit + + improve wording; suggested by jmc@ + + Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8 + +commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8 +Author: dtucker@openbsd.org +Date: Fri Jul 22 05:46:11 2016 +0000 + + upstream commit + + Lower loglevel for "Authenticated with partial success" + message similar to other similar level. bz#2599, patch from cgallek at + gmail.com, ok markus@ + + Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd + +commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6 +Author: Damien Miller +Date: Fri Jul 22 14:06:36 2016 +1000 + + retry waitpid on EINTR failure + + patch from Jakub Jelen on bz#2581; ok dtucker@ + +commit da88a70a89c800e74ea8e5661ffa127a3cc79a92 +Author: djm@openbsd.org +Date: Fri Jul 22 03:47:36 2016 +0000 + + upstream commit + + constify a few functions' arguments; patch from Jakub + Jelen bz#2581 + + Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d + +commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf +Author: djm@openbsd.org +Date: Fri Jul 22 03:39:13 2016 +0000 + + upstream commit + + move debug("%p", key) to before key is free'd; probable + undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 + + Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a + +commit 286f5a77c3bfec1e8892ca268087ac885ac871bf +Author: djm@openbsd.org +Date: Fri Jul 22 03:35:11 2016 +0000 + + upstream commit + + reverse the order in which -J/JumpHost proxies are visited to + be more intuitive and document + + reported by and manpage bits naddy@ + + Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a + +commit fcd135c9df440bcd2d5870405ad3311743d78d97 +Author: dtucker@openbsd.org +Date: Thu Jul 21 01:39:35 2016 +0000 + + upstream commit + + Skip passwords longer than 1k in length so clients can't + easily DoS sshd by sending very long passwords, causing it to spend CPU + hashing them. feedback djm@, ok markus@. + + Brought to our attention by tomas.kuthan at oracle.com, shilei-c at + 360.cn and coredump at autistici.org + + Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 + +commit 324583e8fb3935690be58790425793df619c6d4d +Author: naddy@openbsd.org +Date: Wed Jul 20 10:45:27 2016 +0000 + + upstream commit + + Do not clobber the global jump_host variables when + parsing an inactive configuration. ok djm@ + + Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31 + +commit 32d921c323b989d28405e78d0a8923d12913d737 +Author: jmc@openbsd.org +Date: Tue Jul 19 12:59:16 2016 +0000 + + upstream commit + + tweak previous; + + Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534 + +commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025 +Author: dtucker@openbsd.org +Date: Tue Jul 19 11:38:53 2016 +0000 + + upstream commit + + Allow wildcard for PermitOpen hosts as well as ports. + bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok + markus@ + + Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2 + +commit b98a2a8348e907b3d71caafd80f0be8fdd075943 +Author: markus@openbsd.org +Date: Mon Jul 18 11:35:33 2016 +0000 + + upstream commit + + Reduce timing attack against obsolete CBC modes by always + computing the MAC over a fixed size of data. Reported by Jean Paul + Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@ + + Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912 + +commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc +Author: Darren Tucker +Date: Thu Jul 21 14:17:31 2016 +1000 + + Search users for one with a valid salt. + + If the root account is locked (eg password "!!" or "*LK*") keep looking + until we find a user with a valid salt to use for crypting passwords of + invalid users. ok djm@ + +commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782 +Author: Darren Tucker +Date: Mon Jul 18 17:22:49 2016 +1000 + + Explicitly specify source files for regress tools. + + Since adding $(REGRESSLIBS), $? is wrong because it includes only the + changed source files. $< seems like it'd be right however it doesn't + seem to work on some non-GNU makes, so do what works everywhere. + +commit eac1bbd06872c273f16ac0f9976b0aef026b701b +Author: Darren Tucker +Date: Mon Jul 18 17:12:22 2016 +1000 + + Conditionally include err.h. + +commit 0a454147568746c503f669e1ba861f76a2e7a585 +Author: Darren Tucker +Date: Mon Jul 18 16:26:26 2016 +1000 + + Remove local implementation of err, errx. + + We now have a shared implementation in libopenbsd-compat. + +commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1 +Author: djm@openbsd.org +Date: Mon Jul 18 06:08:01 2016 +0000 + + upstream commit + + Add some unsigned overflow checks for extra_pad. None of + these are reachable with the amount of padding that we use internally. + bz#2566, pointed out by Torben Hansen. ok markus@ + + Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76 + +commit c71ba790c304545464bb494de974cdf0f4b5cf1e +Author: Darren Tucker +Date: Mon Jul 18 15:43:25 2016 +1000 + + Add dependency on libs for unit tests. + + Makes "./configure && make tests" work again. ok djm@ + +commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8 +Author: Darren Tucker +Date: Mon Jul 18 13:47:39 2016 +1000 + + Correct location for kexfuzz in clean target. + +commit 01558b7b07af43da774d3a11a5c51fa9c310849d +Author: Darren Tucker +Date: Mon Jul 18 09:33:25 2016 +1000 + + Handle PAM_MAXTRIES from modules. + + bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer + password and keyboard-interative authentication methods. Should prevent + "sshd ignoring max retries" warnings in the log. ok djm@ + + It probably won't trigger with keyboard-interactive in the default + configuration because the retry counter is stored in module-private + storage which goes away with the sshd PAM process (see bz#688). On the + other hand, those cases probably won't log a warning either. + +commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc +Author: djm@openbsd.org +Date: Sun Jul 17 04:20:16 2016 +0000 + + upstream commit + + support UTF-8 characters in ssh(1) banners using + schwarze@'s safe fmprintf printer; bz#2058 + + feedback schwarze@ ok dtucker@ + + Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7 + +commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7 +Author: jmc@openbsd.org +Date: Sat Jul 16 06:57:55 2016 +0000 + + upstream commit + + - add proxyjump to the options list - formatting fixes - + update usage() + + ok djm + + Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457 + +commit af1f084857621f14bd9391aba8033d35886c2455 +Author: dtucker@openbsd.org +Date: Fri Jul 15 05:01:58 2016 +0000 + + upstream commit + + Reduce the syslog level of some relatively common protocol + events from LOG_CRIT by replacing fatal() calls with logdie(). Part of + bz#2585, ok djm@ + + Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5 + +commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f +Author: Damien Miller +Date: Fri Jul 15 19:14:48 2016 +1000 + + missing openssl/dh.h + +commit 4a984fd342effe5f0aad874a0d538c4322d973c0 +Author: Damien Miller +Date: Fri Jul 15 18:47:07 2016 +1000 + + cast to avoid type warning in error message + +commit 5abfb15ced985c340359ae7fb65a625ed3692b3e +Author: Darren Tucker +Date: Fri Jul 15 14:48:30 2016 +1000 + + Move VA_COPY macro into compat header. + + Some AIX compilers unconditionally undefine va_copy but don't set it back + to an internal function, causing link errors. In some compat code we + already use VA_COPY instead so move the two existing instances into the + shared header and use for sshbuf-getput-basic.c too. Should fix building + with at lease some versions of AIX's compiler. bz#2589, ok djm@ + +commit 832b7443b7a8e181c95898bc5d73497b7190decd +Author: Damien Miller +Date: Fri Jul 15 14:45:34 2016 +1000 + + disable ciphers not supported by OpenSSL + + bz#2466 ok dtucker@ + +commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8 +Author: Damien Miller +Date: Fri Jul 15 13:54:31 2016 +1000 + + add a --disable-pkcs11 knob + +commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9 +Author: Damien Miller +Date: Fri Jul 15 13:44:38 2016 +1000 + + fix newline escaping for unsupported_algorithms + + The hmac-ripemd160 was incorrect and could lead to broken + Makefiles on systems that lacked support for it, but I made + all the others consistent too. + +commit ed877ef653847d056bb433975d731b7a1132a979 +Author: djm@openbsd.org +Date: Fri Jul 15 00:24:30 2016 +0000 + + upstream commit + + Add a ProxyJump ssh_config(5) option and corresponding -J + ssh(1) command-line flag to allow simplified indirection through a SSH + bastion or "jump host". + + These options construct a proxy command that connects to the + specified jump host(s) (more than one may be specified) and uses + port-forwarding to establish a connection to the next destination. + + This codifies the safest way of indirecting connections through SSH + servers and makes it easy to use. + + ok markus@ + + Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397 + +commit 5c02dd126206a26785379e80f2d3848e4470b711 +Author: Darren Tucker +Date: Fri Jul 15 12:56:39 2016 +1000 + + Map umac_ctx struct name too. + + Prevents size mismatch linker warnings on Solaris 11. + +commit 283b97ff33ea2c641161950849931bd578de6946 +Author: Darren Tucker +Date: Fri Jul 15 13:49:44 2016 +1000 + + Mitigate timing of disallowed users PAM logins. + + When sshd decides to not allow a login (eg PermitRootLogin=no) and + it's using PAM, it sends a fake password to PAM so that the timing for + the failure is not noticeably different whether or not the password + is correct. This behaviour can be detected by sending a very long + password string which is slower to hash than the fake password. + + Mitigate by constructing an invalid password that is the same length + as the one from the client and thus takes the same time to hash. + Diff from djm@ + +commit 9286875a73b2de7736b5e50692739d314cd8d9dc +Author: Darren Tucker +Date: Fri Jul 15 13:32:45 2016 +1000 + + Determine appropriate salt for invalid users. + + When sshd is processing a non-PAM login for a non-existent user it uses + the string from the fakepw structure as the salt for crypt(3)ing the + password supplied by the client. That string has a Blowfish prefix, so on + systems that don't understand that crypt will fail fast due to an invalid + salt, and even on those that do it may have significantly different timing + from the hash methods used for real accounts (eg sha512). This allows + user enumeration by, eg, sending large password strings. This was noted + by EddieEzra.Harari at verint.com (CVE-2016-6210). + + To mitigate, use the same hash algorithm that root uses for hashing + passwords for users that do not exist on the system. ok djm@ + +commit a162dd5e58ca5b224d7500abe35e1ef32b5de071 +Author: Darren Tucker +Date: Thu Jul 14 21:19:59 2016 +1000 + + OpenSSL 1.1.x not currently supported. + +commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb +Author: Darren Tucker +Date: Thu Jul 14 12:25:24 2016 +1000 + + Check for VIS_ALL. + + If we don't have it, set BROKEN_STRNVIS to activate the compat replacement. + +commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0 +Author: dtucker@openbsd.org +Date: Thu Jul 14 01:24:21 2016 +0000 + + upstream commit + + Correct equal in test. + + Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a + +commit 372807c2065c8572fdc6478b25cc5ac363743073 +Author: tb@openbsd.org +Date: Mon Jul 11 21:38:13 2016 +0000 + + upstream commit + + Add missing "recvfd" pledge promise: Raf Czlonka reported + ssh coredumps when Control* keywords were set in ssh_config. This patch also + fixes similar problems with scp and sftp. + + ok deraadt, looks good to millert + + Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b + +commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd +Author: tedu@openbsd.org +Date: Mon Jul 11 03:19:44 2016 +0000 + + upstream commit + + obsolete note about fascistloggin is obsolete. ok djm + dtucker + + Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a + +commit a2333584170a565adf4f209586772ef8053b10b8 +Author: Darren Tucker +Date: Thu Jul 14 10:59:09 2016 +1000 + + Add compat code for missing wcwidth. + + If we don't have wcwidth force fallback implementations of nl_langinfo + and mbtowc. Based on advice from Ingo Schwarze. + +commit 8aaec7050614494014c47510b7e94daf6e644c62 +Author: Damien Miller +Date: Thu Jul 14 09:48:48 2016 +1000 + + fix missing include for systems with err.h + +commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243 +Author: Darren Tucker +Date: Wed Jul 13 14:42:35 2016 +1000 + + Move err.h replacements into compat lib. + + Move implementations of err.h replacement functions into their own file + in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@ + +commit f3f2cc8386868f51440c45210098f65f9787449a +Author: Darren Tucker +Date: Mon Jul 11 17:23:38 2016 +1000 + + Check for wchar.h and langinfo.h + + Wrap includes in the appropriate #ifdefs. + +commit b9c50614eba9d90939b2b119b6e1b7e03b462278 +Author: Damien Miller +Date: Fri Jul 8 13:59:13 2016 +1000 + + whitelist more architectures for seccomp-bpf + + bz#2590 - testing and patch from Jakub Jelen + +commit 18813a32b6fd964037e0f5e1893cb4468ac6a758 +Author: guenther@openbsd.org +Date: Mon Jul 4 18:01:44 2016 +0000 + + upstream commit + + DEBUGLIBS has been broken since the gcc4 switch, so delete + it. CFLAGS contains -g by default anyway + + problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) + ok millert@ kettenis@ deraadt@ + + Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542 + +commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7 +Author: djm@openbsd.org +Date: Fri Jul 8 03:44:42 2016 +0000 + + upstream commit + + Improve crypto ordering for Encrypt-then-MAC (EtM) mode + MAC algorithms. + + Previously we were computing the MAC, decrypting the packet and then + checking the MAC. This gave rise to the possibility of creating a + side-channel oracle in the decryption step, though no such oracle has + been identified. + + This adds a mac_check() function that computes and checks the MAC in + one pass, and uses it to advance MAC checking for EtM algorithms to + before payload decryption. + + Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and + Martin Albrecht. feedback and ok markus@ + + Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b + +commit 71f5598f06941f645a451948c4a5125c83828e1c +Author: guenther@openbsd.org +Date: Mon Jul 4 18:01:44 2016 +0000 + + upstream commit + + DEBUGLIBS has been broken since the gcc4 switch, so + delete it. CFLAGS contains -g by default anyway + + problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) + ok millert@ kettenis@ deraadt@ + + Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603 + +commit e683fc6f1c8c7295648dbda679df8307786ec1ce +Author: dtucker@openbsd.org +Date: Thu Jun 30 05:17:05 2016 +0000 + + upstream commit + + Explicitly check for 100% completion to avoid potential + floating point rounding error, which could cause progressmeter to report 99% + on completion. While there invert the test so the 100% case is clearer. with + & ok djm@ + + Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d + +commit 772e6cec0ed740fc7db618dc30b4134f5a358b43 +Author: jmc@openbsd.org +Date: Wed Jun 29 17:14:28 2016 +0000 + + upstream commit + + sort the -o list; + + Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac + +commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af +Author: djm@openbsd.org +Date: Thu Jun 23 05:17:51 2016 +0000 + + upstream commit + + fix AuthenticationMethods during configuration re-parse; + reported by Juan Francisco Cantero Hurtado + + Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4 + +commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e +Author: djm@openbsd.org +Date: Sun Jun 19 07:48:02 2016 +0000 + + upstream commit + + revert 1.34; causes problems loading public keys + + reported by semarie@ + + Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179 + +commit ad23a75509f4320d43f628c50f0817e3ad12bfa7 +Author: jmc@openbsd.org +Date: Fri Jun 17 06:33:30 2016 +0000 + + upstream commit + + grammar fix; + + Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463 + +commit 5e28b1a2a3757548b40018cc2493540a17c82e27 +Author: djm@openbsd.org +Date: Fri Jun 17 05:06:23 2016 +0000 + + upstream commit + + translate OpenSSL error codes to something more + meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ + + Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5 + +commit b64faeb5eda7eff8210c754d00464f9fe9d23de5 +Author: djm@openbsd.org +Date: Fri Jun 17 05:03:40 2016 +0000 + + upstream commit + + ban AuthenticationMethods="" and accept + AuthenticationMethods=any for the default behaviour of not requiring multiple + authentication + + bz#2398 from Jakub Jelen; ok dtucker@ + + Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27 + +commit 9816fc5daee5ca924dd5c4781825afbaab728877 +Author: dtucker@openbsd.org +Date: Thu Jun 16 11:00:17 2016 +0000 + + upstream commit + + Include stdarg.h for va_copy as per man page. + + Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd + +commit b6cf84b51bc0f5889db48bf29a0c771954ade283 +Author: jmc@openbsd.org +Date: Thu Jun 16 06:10:45 2016 +0000 + + upstream commit + + keys stored in openssh format can have comments too; diff + from yonas yanfa, tweaked a bit; + + ok djm + + Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27 + +commit aa37768f17d01974b6bfa481e5e83841b6c76f86 +Author: Darren Tucker +Date: Mon Jun 20 15:55:34 2016 +1000 + + get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX + + Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip + change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX. + Fixes build on AIX. + +commit 009891afc8df37bc2101e15d1e0b6433cfb90549 +Author: Darren Tucker +Date: Fri Jun 17 14:34:09 2016 +1000 + + Remove duplicate code from PAM. ok djm@ + +commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba +Author: dtucker@openbsd.org +Date: Wed Jun 15 00:40:40 2016 +0000 + + upstream commit + + Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message + about forward and reverse DNS not matching. We haven't supported IP-based + auth methods for a very long time so it's now misleading. part of bz#2585, + ok markus@ + + Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29 + +commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd +Author: Darren Tucker +Date: Wed Jun 15 11:22:38 2016 +1000 + + Move platform_disable_tracing into its own file. + + Prevents link errors resolving the extern "options" when platform.o + gets linked into ssh-agent when building --with-pam. + +commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070 +Author: Darren Tucker +Date: Tue Jun 14 13:55:12 2016 +1000 + + Track skipped upstream commit IDs. + + There are a small number of "upstream" commits that do not correspond to + a file in -portable. This file tracks those so that we can reconcile + OpenBSD and Portable to ensure that no commits are accidentally missed. + + If you add something to .skipped-commit-ids please also add an upstream + ID line in the following format when you commit it. + + Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 + Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca + Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 + Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 + Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a + Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef + Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 + Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 + Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae + Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee + +commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f +Author: Darren Tucker +Date: Tue Jun 14 13:51:01 2016 +1000 + + Remove now-defunct .cvsignore files. ok djm + +commit 68777faf271efb2713960605c748f6c8a4b26d55 +Author: dtucker@openbsd.org +Date: Wed Jun 8 02:13:01 2016 +0000 + + upstream commit + + Back out rev 1.28 "Check min and max sizes sent by the + client" change. It caused "key_verify failed for server_host_key" in clients + that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. + ok djm@ + + Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65 + +commit a86ec4d0737ac5879223e7cd9d68c448df46e169 +Author: Darren Tucker +Date: Tue Jun 14 10:48:27 2016 +1000 + + Use Solaris setpflags(__PROC_PROTECT, ...). + + Where possible, use Solaris setpflags to disable process tracing on + ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee + at oracle.com, ok djm. + +commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573 +Author: Darren Tucker +Date: Tue Jun 14 10:43:53 2016 +1000 + + Shorten prctl code a tiny bit. + +commit 0fb7f5985351fbbcd2613d8485482c538e5123be +Author: Darren Tucker +Date: Thu Jun 9 16:23:07 2016 +1000 + + Move prctl PR_SET_DUMPABLE into platform.c. + + This should make it easier to add additional platform support such as + Solaris (bz#2584). + +commit e6508898c3cd838324ecfe1abd0eb8cf802e7106 +Author: dtucker@openbsd.org +Date: Fri Jun 3 04:10:41 2016 +0000 + + upstream commit + + Add a test for ssh(1)'s config file parsing. + + Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601 + +commit ab0a536066dfa32def0bd7272c096ebb5eb25b11 +Author: dtucker@openbsd.org +Date: Fri Jun 3 03:47:59 2016 +0000 + + upstream commit + + Add 'sshd' to the test ID as I'm about to add a similar + set for ssh. + + Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a + +commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb +Author: schwarze@openbsd.org +Date: Mon May 30 12:14:08 2016 +0000 + + upstream commit + + stricter malloc.conf(5) options for utf8 tests + + Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6 + +commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc +Author: schwarze@openbsd.org +Date: Mon May 30 12:05:56 2016 +0000 + + upstream commit + + Fix two rare edge cases: 1. If vasprintf() returns < 0, + do not access a NULL pointer in snmprintf(), and do not free() the pointer + returned from vasprintf() because on some systems other than OpenBSD, it + might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" + rather than -1 and NULL. + + Besides, free(dst) is pointless after failure (not a bug). + + One half OK martijn@, the other half OK deraadt@; + committing quickly before people get hurt. + + Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4 + +commit 016881eb33a7948028848c90f4c7ac42e3af0e87 +Author: schwarze@openbsd.org +Date: Thu May 26 19:14:25 2016 +0000 + + upstream commit + + test the new utf8 module + + Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3 + +commit d4219028bdef448e089376f3afe81ef6079da264 +Author: dtucker@openbsd.org +Date: Tue May 3 15:30:46 2016 +0000 + + upstream commit + + Set umask to prevent "Bad owner or permissions" errors. + + Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417 + +commit 07d5608bb237e9b3fe86a2aeaa429392230faebf +Author: djm@openbsd.org +Date: Tue May 3 14:41:04 2016 +0000 + + upstream commit + + support doas + + Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38 + +commit 01cabf10adc7676cba5f40536a34d3b246edb73f +Author: djm@openbsd.org +Date: Tue May 3 13:48:33 2016 +0000 + + upstream commit + + unit tests for sshbuf_dup_string() + + Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d + +commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372 +Author: jmc@openbsd.org +Date: Fri Jun 3 06:44:12 2016 +0000 + + upstream commit + + tweak previous; + + Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698 + +commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4 +Author: dtucker@openbsd.org +Date: Fri Jun 3 04:09:38 2016 +0000 + + upstream commit + + Allow ExitOnForwardFailure and ClearAllForwardings to be + overridden when using ssh -W (but still default to yes in that case). + bz#2577, ok djm@. + + Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4 + +commit 8543ff3f5020fe659839b15f05b8c522bde6cee5 +Author: dtucker@openbsd.org +Date: Fri Jun 3 03:14:41 2016 +0000 + + upstream commit + + Move the host and port used by ssh -W into the Options + struct. This will make future changes a bit easier. ok djm@ + + Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382 + +commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368 +Author: dtucker@openbsd.org +Date: Wed Jun 1 04:19:49 2016 +0000 + + upstream commit + + Check min and max sizes sent by the client against what + we support before passing them to the monitor. ok djm@ + + Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece + +commit 564cd2a8926ccb1dca43a535073540935b5e0373 +Author: dtucker@openbsd.org +Date: Tue May 31 23:46:14 2016 +0000 + + upstream commit + + Ensure that the client's proposed DH-GEX max value is at + least as big as the minimum the server will accept. ok djm@ + + Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775 + +commit df820722e40309c9b3f360ea4ed47a584ed74333 +Author: Darren Tucker +Date: Mon Jun 6 11:36:13 2016 +1000 + + Add compat bits to utf8.c. + +commit 05c6574652571becfe9d924226c967a3f4b3f879 +Author: Darren Tucker +Date: Mon Jun 6 11:33:43 2016 +1000 + + Fix utf->utf8 typo. + +commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce +Author: schwarze@openbsd.org +Date: Mon May 30 18:34:41 2016 +0000 + + upstream commit + + Backout rev. 1.43 for now. + + The function update_progress_meter() calls refresh_progress_meter() + which calls snmprintf() which calls malloc(); but update_progress_meter() + acts as the SIGALRM signal handler. + + "malloc(): error: recursive call" reported by sobrado@. + + Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e + +commit cd9e1eabeb4137182200035ab6fa4522f8d24044 +Author: schwarze@openbsd.org +Date: Mon May 30 12:57:21 2016 +0000 + + upstream commit + + Even when only writing an unescaped character, the dst + buffer may need to grow, or it would be overrun; issue found by tb@ with + malloc.conf(5) 'C'. + + While here, reserve an additional byte for the terminating NUL + up front such that we don't have to realloc() later just for that. + + OK tb@ + + Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff + +commit ac284a355f8065eaef2a16f446f3c44cdd17371d +Author: schwarze@openbsd.org +Date: Mon May 30 12:05:56 2016 +0000 + + upstream commit + + Fix two rare edge cases: 1. If vasprintf() returns < 0, + do not access a NULL pointer in snmprintf(), and do not free() the pointer + returned from vasprintf() because on some systems other than OpenBSD, it + might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" + rather than -1 and NULL. + + Besides, free(dst) is pointless after failure (not a bug). + + One half OK martijn@, the other half OK deraadt@; + committing quickly before people get hurt. + + Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0 + +commit 0e059cdf5fd86297546c63fa8607c24059118832 +Author: schwarze@openbsd.org +Date: Wed May 25 23:48:45 2016 +0000 + *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable-10@freebsd.org Fri Sep 1 21:48:37 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F0B44E090A1; Fri, 1 Sep 2017 21:48:37 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A0F1C65199; Fri, 1 Sep 2017 21:48:37 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v81LmapC029247; Fri, 1 Sep 2017 21:48:36 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v81Lma84029244; Fri, 1 Sep 2017 21:48:36 GMT (envelope-from des@FreeBSD.org) Message-Id: <201709012148.v81Lma84029244@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Fri, 1 Sep 2017 21:48:36 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323121 - in stable/10: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypt... X-SVN-Group: stable-10 X-SVN-Commit-Author: des X-SVN-Commit-Paths: in stable/10: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/openbsd-compat/... X-SVN-Commit-Revision: 323121 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2017 21:48:38 -0000 Author: des Date: Fri Sep 1 21:48:36 2017 New Revision: 323121 URL: https://svnweb.freebsd.org/changeset/base/323121 Log: Revert OpenSSH 7.3p1; something went wrong between testing and committing. Approved by: re@ Added: stable/10/crypto/openssh/.cvsignore - copied unchanged from r323119, stable/10/crypto/openssh/.cvsignore stable/10/crypto/openssh/openbsd-compat/.cvsignore - copied unchanged from r323119, stable/10/crypto/openssh/openbsd-compat/.cvsignore stable/10/crypto/openssh/openbsd-compat/regress/.cvsignore - copied unchanged from r323119, stable/10/crypto/openssh/openbsd-compat/regress/.cvsignore stable/10/crypto/openssh/regress/.cvsignore - copied unchanged from r323119, stable/10/crypto/openssh/regress/.cvsignore stable/10/crypto/openssh/roaming.h - copied unchanged from r323119, stable/10/crypto/openssh/roaming.h stable/10/crypto/openssh/scard/ - copied from r323119, stable/10/crypto/openssh/scard/ Deleted: stable/10/crypto/openssh/.skipped-commit-ids stable/10/crypto/openssh/openbsd-compat/bsd-err.c stable/10/crypto/openssh/platform-tracing.c stable/10/crypto/openssh/regress/cfginclude.sh stable/10/crypto/openssh/regress/misc/ stable/10/crypto/openssh/regress/sshcfgparse.sh stable/10/crypto/openssh/regress/unittests/utf8/ stable/10/crypto/openssh/utf8.c stable/10/crypto/openssh/utf8.h Modified: stable/10/crypto/openssh/ChangeLog stable/10/crypto/openssh/INSTALL stable/10/crypto/openssh/Makefile.in stable/10/crypto/openssh/PROTOCOL stable/10/crypto/openssh/PROTOCOL.agent stable/10/crypto/openssh/PROTOCOL.certkeys stable/10/crypto/openssh/PROTOCOL.chacha20poly1305 stable/10/crypto/openssh/README stable/10/crypto/openssh/audit-linux.c stable/10/crypto/openssh/auth-krb5.c stable/10/crypto/openssh/auth-options.c stable/10/crypto/openssh/auth-pam.c stable/10/crypto/openssh/auth-pam.h stable/10/crypto/openssh/auth-passwd.c stable/10/crypto/openssh/auth-rh-rsa.c stable/10/crypto/openssh/auth-rhosts.c stable/10/crypto/openssh/auth.c stable/10/crypto/openssh/auth.h stable/10/crypto/openssh/auth2-chall.c stable/10/crypto/openssh/auth2-hostbased.c stable/10/crypto/openssh/auth2.c stable/10/crypto/openssh/authfile.c stable/10/crypto/openssh/canohost.c stable/10/crypto/openssh/canohost.h stable/10/crypto/openssh/channels.c stable/10/crypto/openssh/cipher-bf1.c stable/10/crypto/openssh/cipher.c stable/10/crypto/openssh/clientloop.c stable/10/crypto/openssh/compat.c stable/10/crypto/openssh/config.h stable/10/crypto/openssh/configure.ac stable/10/crypto/openssh/contrib/cygwin/README stable/10/crypto/openssh/contrib/redhat/openssh.spec stable/10/crypto/openssh/contrib/ssh-copy-id stable/10/crypto/openssh/contrib/suse/openssh.spec stable/10/crypto/openssh/defines.h stable/10/crypto/openssh/dh.c stable/10/crypto/openssh/dh.h stable/10/crypto/openssh/freebsd-configure.sh stable/10/crypto/openssh/kex.c stable/10/crypto/openssh/kex.h stable/10/crypto/openssh/kexc25519.c stable/10/crypto/openssh/kexdh.c stable/10/crypto/openssh/kexdhc.c stable/10/crypto/openssh/kexdhs.c stable/10/crypto/openssh/kexgexs.c stable/10/crypto/openssh/key.c stable/10/crypto/openssh/log.c stable/10/crypto/openssh/log.h stable/10/crypto/openssh/mac.c stable/10/crypto/openssh/mac.h stable/10/crypto/openssh/misc.c stable/10/crypto/openssh/misc.h stable/10/crypto/openssh/moduli stable/10/crypto/openssh/monitor.c stable/10/crypto/openssh/monitor_fdpass.c stable/10/crypto/openssh/monitor_wrap.c stable/10/crypto/openssh/monitor_wrap.h stable/10/crypto/openssh/mux.c stable/10/crypto/openssh/myproposal.h stable/10/crypto/openssh/opacket.h stable/10/crypto/openssh/openbsd-compat/Makefile.in stable/10/crypto/openssh/openbsd-compat/arc4random.c stable/10/crypto/openssh/openbsd-compat/bindresvport.c stable/10/crypto/openssh/openbsd-compat/bsd-asprintf.c stable/10/crypto/openssh/openbsd-compat/bsd-misc.c stable/10/crypto/openssh/openbsd-compat/bsd-misc.h stable/10/crypto/openssh/openbsd-compat/bsd-snprintf.c stable/10/crypto/openssh/openbsd-compat/inet_aton.c stable/10/crypto/openssh/openbsd-compat/openbsd-compat.h stable/10/crypto/openssh/openbsd-compat/port-solaris.h stable/10/crypto/openssh/openbsd-compat/vis.c stable/10/crypto/openssh/openbsd-compat/vis.h stable/10/crypto/openssh/openbsd-compat/xcrypt.c stable/10/crypto/openssh/packet.c stable/10/crypto/openssh/packet.h stable/10/crypto/openssh/pathnames.h stable/10/crypto/openssh/platform.c stable/10/crypto/openssh/platform.h stable/10/crypto/openssh/progressmeter.c stable/10/crypto/openssh/readconf.c stable/10/crypto/openssh/readconf.h stable/10/crypto/openssh/regress/Makefile stable/10/crypto/openssh/regress/agent-getpeereid.sh stable/10/crypto/openssh/regress/cert-hostkey.sh stable/10/crypto/openssh/regress/cert-userkey.sh stable/10/crypto/openssh/regress/cfgparse.sh stable/10/crypto/openssh/regress/connect-privsep.sh stable/10/crypto/openssh/regress/forwarding.sh stable/10/crypto/openssh/regress/integrity.sh stable/10/crypto/openssh/regress/modpipe.c stable/10/crypto/openssh/regress/netcat.c stable/10/crypto/openssh/regress/test-exec.sh stable/10/crypto/openssh/regress/unittests/Makefile stable/10/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_misc.c stable/10/crypto/openssh/regress/unittests/sshkey/test_sshkey.c stable/10/crypto/openssh/regress/unittests/test_helper/Makefile stable/10/crypto/openssh/sandbox-seccomp-filter.c stable/10/crypto/openssh/scp.1 stable/10/crypto/openssh/scp.c stable/10/crypto/openssh/servconf.c stable/10/crypto/openssh/serverloop.c stable/10/crypto/openssh/session.c stable/10/crypto/openssh/session.h stable/10/crypto/openssh/sftp-client.c stable/10/crypto/openssh/sftp-server.c stable/10/crypto/openssh/sftp.1 stable/10/crypto/openssh/sftp.c stable/10/crypto/openssh/ssh-agent.1 stable/10/crypto/openssh/ssh-agent.c stable/10/crypto/openssh/ssh-dss.c stable/10/crypto/openssh/ssh-ecdsa.c stable/10/crypto/openssh/ssh-ed25519.c stable/10/crypto/openssh/ssh-keygen.1 stable/10/crypto/openssh/ssh-keygen.c stable/10/crypto/openssh/ssh-keyscan.c stable/10/crypto/openssh/ssh-rsa.c stable/10/crypto/openssh/ssh.1 stable/10/crypto/openssh/ssh.c stable/10/crypto/openssh/ssh1.h stable/10/crypto/openssh/ssh2.h stable/10/crypto/openssh/ssh_api.c stable/10/crypto/openssh/ssh_config stable/10/crypto/openssh/ssh_config.5 stable/10/crypto/openssh/ssh_namespace.h stable/10/crypto/openssh/sshbuf-getput-basic.c stable/10/crypto/openssh/sshbuf-misc.c stable/10/crypto/openssh/sshbuf.h stable/10/crypto/openssh/sshconnect2.c stable/10/crypto/openssh/sshd.c stable/10/crypto/openssh/sshd_config stable/10/crypto/openssh/sshd_config.5 stable/10/crypto/openssh/sshkey.c stable/10/crypto/openssh/sshkey.h stable/10/crypto/openssh/ttymodes.c stable/10/crypto/openssh/ttymodes.h stable/10/crypto/openssh/version.h stable/10/secure/lib/libssh/Makefile Copied: stable/10/crypto/openssh/.cvsignore (from r323119, stable/10/crypto/openssh/.cvsignore) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/crypto/openssh/.cvsignore Fri Sep 1 21:48:36 2017 (r323121, copy of r323119, stable/10/crypto/openssh/.cvsignore) @@ -0,0 +1,28 @@ +*.0 +*.out +Makefile +autom4te.cache +buildit.sh +buildpkg.sh +config.cache +config.h +config.h.in +config.log +config.status +configure +openssh.xml +opensshd.init +scp +sftp +sftp-server +ssh +ssh-add +ssh-agent +ssh-keygen +ssh-keyscan +ssh-keysign +ssh-pkcs11-helper +sshd +stamp-h.in +survey +survey.sh Modified: stable/10/crypto/openssh/ChangeLog ============================================================================== --- stable/10/crypto/openssh/ChangeLog Fri Sep 1 21:24:32 2017 (r323120) +++ stable/10/crypto/openssh/ChangeLog Fri Sep 1 21:48:36 2017 (r323121) @@ -1,1848 +1,17 @@ -commit 99522ba7ec6963a05c04a156bf20e3ba3605987c +commit 5c35450a0c901d9375fb23343a8dc82397da5f75 Author: Damien Miller -Date: Thu Jul 28 08:54:27 2016 +1000 +Date: Thu Mar 10 05:04:48 2016 +1100 - define _OPENBSD_SOURCE for reallocarray on NetBSD - - Report by and debugged with Hisashi T Fujinaka, dtucker nailed - the problem (lack of prototype causing return type confusion). + update versions for release -commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 +commit 9d47b8d3f50c3a6282896df8274147e3b9a38c56 Author: Damien Miller -Date: Wed Jul 27 08:25:42 2016 +1000 +Date: Thu Mar 10 05:03:39 2016 +1100 - KNF - -commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331 -Author: Damien Miller -Date: Wed Jul 27 08:25:23 2016 +1000 - - Linux auditing also needs packet.h - -commit 393bd381a45884b589baa9aed4394f1d250255ca -Author: Damien Miller -Date: Wed Jul 27 08:18:05 2016 +1000 - - fix auditing on Linux + sanitise characters destined for xauth(1) - get_remote_ipaddr() was replaced with ssh_remote_ipaddr() + reported by github.com/tintinweb -commit 80e766fb089de4f3c92b1600eb99e9495e37c992 -Author: Damien Miller -Date: Sun Jul 24 21:50:13 2016 +1000 - - crank version numbers - -commit b1a478792d458f2e938a302e64bab2b520edc1b3 -Author: djm@openbsd.org -Date: Sun Jul 24 11:45:36 2016 +0000 - - upstream commit - - openssh-7.3 - - Upstream-ID: af106a7eb665f642648cf1993e162c899f358718 - -commit 353766e0881f069aeca30275ab706cd60a1a8fdd -Author: Darren Tucker -Date: Sat Jul 23 16:14:42 2016 +1000 - - Move Cygwin IPPORT_RESERVED overrride to defines.h - - Patch from vinschen at redhat.com. - -commit 368dd977ae07afb93f4ecea23615128c95ab2b32 -Author: djm@openbsd.org -Date: Sat Jul 23 02:54:08 2016 +0000 - - upstream commit - - fix pledge violation with ssh -f; reported by Valentin - Kozamernik ok dtucker@ - - Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa - -commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e -Author: djm@openbsd.org -Date: Fri Jul 22 07:00:46 2016 +0000 - - upstream commit - - improve wording; suggested by jmc@ - - Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8 - -commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8 -Author: dtucker@openbsd.org -Date: Fri Jul 22 05:46:11 2016 +0000 - - upstream commit - - Lower loglevel for "Authenticated with partial success" - message similar to other similar level. bz#2599, patch from cgallek at - gmail.com, ok markus@ - - Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd - -commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6 -Author: Damien Miller -Date: Fri Jul 22 14:06:36 2016 +1000 - - retry waitpid on EINTR failure - - patch from Jakub Jelen on bz#2581; ok dtucker@ - -commit da88a70a89c800e74ea8e5661ffa127a3cc79a92 -Author: djm@openbsd.org -Date: Fri Jul 22 03:47:36 2016 +0000 - - upstream commit - - constify a few functions' arguments; patch from Jakub - Jelen bz#2581 - - Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d - -commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf -Author: djm@openbsd.org -Date: Fri Jul 22 03:39:13 2016 +0000 - - upstream commit - - move debug("%p", key) to before key is free'd; probable - undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 - - Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a - -commit 286f5a77c3bfec1e8892ca268087ac885ac871bf -Author: djm@openbsd.org -Date: Fri Jul 22 03:35:11 2016 +0000 - - upstream commit - - reverse the order in which -J/JumpHost proxies are visited to - be more intuitive and document - - reported by and manpage bits naddy@ - - Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a - -commit fcd135c9df440bcd2d5870405ad3311743d78d97 -Author: dtucker@openbsd.org -Date: Thu Jul 21 01:39:35 2016 +0000 - - upstream commit - - Skip passwords longer than 1k in length so clients can't - easily DoS sshd by sending very long passwords, causing it to spend CPU - hashing them. feedback djm@, ok markus@. - - Brought to our attention by tomas.kuthan at oracle.com, shilei-c at - 360.cn and coredump at autistici.org - - Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 - -commit 324583e8fb3935690be58790425793df619c6d4d -Author: naddy@openbsd.org -Date: Wed Jul 20 10:45:27 2016 +0000 - - upstream commit - - Do not clobber the global jump_host variables when - parsing an inactive configuration. ok djm@ - - Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31 - -commit 32d921c323b989d28405e78d0a8923d12913d737 -Author: jmc@openbsd.org -Date: Tue Jul 19 12:59:16 2016 +0000 - - upstream commit - - tweak previous; - - Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534 - -commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025 -Author: dtucker@openbsd.org -Date: Tue Jul 19 11:38:53 2016 +0000 - - upstream commit - - Allow wildcard for PermitOpen hosts as well as ports. - bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok - markus@ - - Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2 - -commit b98a2a8348e907b3d71caafd80f0be8fdd075943 -Author: markus@openbsd.org -Date: Mon Jul 18 11:35:33 2016 +0000 - - upstream commit - - Reduce timing attack against obsolete CBC modes by always - computing the MAC over a fixed size of data. Reported by Jean Paul - Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@ - - Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912 - -commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc -Author: Darren Tucker -Date: Thu Jul 21 14:17:31 2016 +1000 - - Search users for one with a valid salt. - - If the root account is locked (eg password "!!" or "*LK*") keep looking - until we find a user with a valid salt to use for crypting passwords of - invalid users. ok djm@ - -commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782 -Author: Darren Tucker -Date: Mon Jul 18 17:22:49 2016 +1000 - - Explicitly specify source files for regress tools. - - Since adding $(REGRESSLIBS), $? is wrong because it includes only the - changed source files. $< seems like it'd be right however it doesn't - seem to work on some non-GNU makes, so do what works everywhere. - -commit eac1bbd06872c273f16ac0f9976b0aef026b701b -Author: Darren Tucker -Date: Mon Jul 18 17:12:22 2016 +1000 - - Conditionally include err.h. - -commit 0a454147568746c503f669e1ba861f76a2e7a585 -Author: Darren Tucker -Date: Mon Jul 18 16:26:26 2016 +1000 - - Remove local implementation of err, errx. - - We now have a shared implementation in libopenbsd-compat. - -commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1 -Author: djm@openbsd.org -Date: Mon Jul 18 06:08:01 2016 +0000 - - upstream commit - - Add some unsigned overflow checks for extra_pad. None of - these are reachable with the amount of padding that we use internally. - bz#2566, pointed out by Torben Hansen. ok markus@ - - Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76 - -commit c71ba790c304545464bb494de974cdf0f4b5cf1e -Author: Darren Tucker -Date: Mon Jul 18 15:43:25 2016 +1000 - - Add dependency on libs for unit tests. - - Makes "./configure && make tests" work again. ok djm@ - -commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8 -Author: Darren Tucker -Date: Mon Jul 18 13:47:39 2016 +1000 - - Correct location for kexfuzz in clean target. - -commit 01558b7b07af43da774d3a11a5c51fa9c310849d -Author: Darren Tucker -Date: Mon Jul 18 09:33:25 2016 +1000 - - Handle PAM_MAXTRIES from modules. - - bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer - password and keyboard-interative authentication methods. Should prevent - "sshd ignoring max retries" warnings in the log. ok djm@ - - It probably won't trigger with keyboard-interactive in the default - configuration because the retry counter is stored in module-private - storage which goes away with the sshd PAM process (see bz#688). On the - other hand, those cases probably won't log a warning either. - -commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc -Author: djm@openbsd.org -Date: Sun Jul 17 04:20:16 2016 +0000 - - upstream commit - - support UTF-8 characters in ssh(1) banners using - schwarze@'s safe fmprintf printer; bz#2058 - - feedback schwarze@ ok dtucker@ - - Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7 - -commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7 -Author: jmc@openbsd.org -Date: Sat Jul 16 06:57:55 2016 +0000 - - upstream commit - - - add proxyjump to the options list - formatting fixes - - update usage() - - ok djm - - Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457 - -commit af1f084857621f14bd9391aba8033d35886c2455 -Author: dtucker@openbsd.org -Date: Fri Jul 15 05:01:58 2016 +0000 - - upstream commit - - Reduce the syslog level of some relatively common protocol - events from LOG_CRIT by replacing fatal() calls with logdie(). Part of - bz#2585, ok djm@ - - Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5 - -commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f -Author: Damien Miller -Date: Fri Jul 15 19:14:48 2016 +1000 - - missing openssl/dh.h - -commit 4a984fd342effe5f0aad874a0d538c4322d973c0 -Author: Damien Miller -Date: Fri Jul 15 18:47:07 2016 +1000 - - cast to avoid type warning in error message - -commit 5abfb15ced985c340359ae7fb65a625ed3692b3e -Author: Darren Tucker -Date: Fri Jul 15 14:48:30 2016 +1000 - - Move VA_COPY macro into compat header. - - Some AIX compilers unconditionally undefine va_copy but don't set it back - to an internal function, causing link errors. In some compat code we - already use VA_COPY instead so move the two existing instances into the - shared header and use for sshbuf-getput-basic.c too. Should fix building - with at lease some versions of AIX's compiler. bz#2589, ok djm@ - -commit 832b7443b7a8e181c95898bc5d73497b7190decd -Author: Damien Miller -Date: Fri Jul 15 14:45:34 2016 +1000 - - disable ciphers not supported by OpenSSL - - bz#2466 ok dtucker@ - -commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8 -Author: Damien Miller -Date: Fri Jul 15 13:54:31 2016 +1000 - - add a --disable-pkcs11 knob - -commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9 -Author: Damien Miller -Date: Fri Jul 15 13:44:38 2016 +1000 - - fix newline escaping for unsupported_algorithms - - The hmac-ripemd160 was incorrect and could lead to broken - Makefiles on systems that lacked support for it, but I made - all the others consistent too. - -commit ed877ef653847d056bb433975d731b7a1132a979 -Author: djm@openbsd.org -Date: Fri Jul 15 00:24:30 2016 +0000 - - upstream commit - - Add a ProxyJump ssh_config(5) option and corresponding -J - ssh(1) command-line flag to allow simplified indirection through a SSH - bastion or "jump host". - - These options construct a proxy command that connects to the - specified jump host(s) (more than one may be specified) and uses - port-forwarding to establish a connection to the next destination. - - This codifies the safest way of indirecting connections through SSH - servers and makes it easy to use. - - ok markus@ - - Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397 - -commit 5c02dd126206a26785379e80f2d3848e4470b711 -Author: Darren Tucker -Date: Fri Jul 15 12:56:39 2016 +1000 - - Map umac_ctx struct name too. - - Prevents size mismatch linker warnings on Solaris 11. - -commit 283b97ff33ea2c641161950849931bd578de6946 -Author: Darren Tucker -Date: Fri Jul 15 13:49:44 2016 +1000 - - Mitigate timing of disallowed users PAM logins. - - When sshd decides to not allow a login (eg PermitRootLogin=no) and - it's using PAM, it sends a fake password to PAM so that the timing for - the failure is not noticeably different whether or not the password - is correct. This behaviour can be detected by sending a very long - password string which is slower to hash than the fake password. - - Mitigate by constructing an invalid password that is the same length - as the one from the client and thus takes the same time to hash. - Diff from djm@ - -commit 9286875a73b2de7736b5e50692739d314cd8d9dc -Author: Darren Tucker -Date: Fri Jul 15 13:32:45 2016 +1000 - - Determine appropriate salt for invalid users. - - When sshd is processing a non-PAM login for a non-existent user it uses - the string from the fakepw structure as the salt for crypt(3)ing the - password supplied by the client. That string has a Blowfish prefix, so on - systems that don't understand that crypt will fail fast due to an invalid - salt, and even on those that do it may have significantly different timing - from the hash methods used for real accounts (eg sha512). This allows - user enumeration by, eg, sending large password strings. This was noted - by EddieEzra.Harari at verint.com (CVE-2016-6210). - - To mitigate, use the same hash algorithm that root uses for hashing - passwords for users that do not exist on the system. ok djm@ - -commit a162dd5e58ca5b224d7500abe35e1ef32b5de071 -Author: Darren Tucker -Date: Thu Jul 14 21:19:59 2016 +1000 - - OpenSSL 1.1.x not currently supported. - -commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb -Author: Darren Tucker -Date: Thu Jul 14 12:25:24 2016 +1000 - - Check for VIS_ALL. - - If we don't have it, set BROKEN_STRNVIS to activate the compat replacement. - -commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0 -Author: dtucker@openbsd.org -Date: Thu Jul 14 01:24:21 2016 +0000 - - upstream commit - - Correct equal in test. - - Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a - -commit 372807c2065c8572fdc6478b25cc5ac363743073 -Author: tb@openbsd.org -Date: Mon Jul 11 21:38:13 2016 +0000 - - upstream commit - - Add missing "recvfd" pledge promise: Raf Czlonka reported - ssh coredumps when Control* keywords were set in ssh_config. This patch also - fixes similar problems with scp and sftp. - - ok deraadt, looks good to millert - - Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b - -commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd -Author: tedu@openbsd.org -Date: Mon Jul 11 03:19:44 2016 +0000 - - upstream commit - - obsolete note about fascistloggin is obsolete. ok djm - dtucker - - Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a - -commit a2333584170a565adf4f209586772ef8053b10b8 -Author: Darren Tucker -Date: Thu Jul 14 10:59:09 2016 +1000 - - Add compat code for missing wcwidth. - - If we don't have wcwidth force fallback implementations of nl_langinfo - and mbtowc. Based on advice from Ingo Schwarze. - -commit 8aaec7050614494014c47510b7e94daf6e644c62 -Author: Damien Miller -Date: Thu Jul 14 09:48:48 2016 +1000 - - fix missing include for systems with err.h - -commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243 -Author: Darren Tucker -Date: Wed Jul 13 14:42:35 2016 +1000 - - Move err.h replacements into compat lib. - - Move implementations of err.h replacement functions into their own file - in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@ - -commit f3f2cc8386868f51440c45210098f65f9787449a -Author: Darren Tucker -Date: Mon Jul 11 17:23:38 2016 +1000 - - Check for wchar.h and langinfo.h - - Wrap includes in the appropriate #ifdefs. - -commit b9c50614eba9d90939b2b119b6e1b7e03b462278 -Author: Damien Miller -Date: Fri Jul 8 13:59:13 2016 +1000 - - whitelist more architectures for seccomp-bpf - - bz#2590 - testing and patch from Jakub Jelen - -commit 18813a32b6fd964037e0f5e1893cb4468ac6a758 -Author: guenther@openbsd.org -Date: Mon Jul 4 18:01:44 2016 +0000 - - upstream commit - - DEBUGLIBS has been broken since the gcc4 switch, so delete - it. CFLAGS contains -g by default anyway - - problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) - ok millert@ kettenis@ deraadt@ - - Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542 - -commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7 -Author: djm@openbsd.org -Date: Fri Jul 8 03:44:42 2016 +0000 - - upstream commit - - Improve crypto ordering for Encrypt-then-MAC (EtM) mode - MAC algorithms. - - Previously we were computing the MAC, decrypting the packet and then - checking the MAC. This gave rise to the possibility of creating a - side-channel oracle in the decryption step, though no such oracle has - been identified. - - This adds a mac_check() function that computes and checks the MAC in - one pass, and uses it to advance MAC checking for EtM algorithms to - before payload decryption. - - Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and - Martin Albrecht. feedback and ok markus@ - - Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b - -commit 71f5598f06941f645a451948c4a5125c83828e1c -Author: guenther@openbsd.org -Date: Mon Jul 4 18:01:44 2016 +0000 - - upstream commit - - DEBUGLIBS has been broken since the gcc4 switch, so - delete it. CFLAGS contains -g by default anyway - - problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) - ok millert@ kettenis@ deraadt@ - - Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603 - -commit e683fc6f1c8c7295648dbda679df8307786ec1ce -Author: dtucker@openbsd.org -Date: Thu Jun 30 05:17:05 2016 +0000 - - upstream commit - - Explicitly check for 100% completion to avoid potential - floating point rounding error, which could cause progressmeter to report 99% - on completion. While there invert the test so the 100% case is clearer. with - & ok djm@ - - Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d - -commit 772e6cec0ed740fc7db618dc30b4134f5a358b43 -Author: jmc@openbsd.org -Date: Wed Jun 29 17:14:28 2016 +0000 - - upstream commit - - sort the -o list; - - Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac - -commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af -Author: djm@openbsd.org -Date: Thu Jun 23 05:17:51 2016 +0000 - - upstream commit - - fix AuthenticationMethods during configuration re-parse; - reported by Juan Francisco Cantero Hurtado - - Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4 - -commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e -Author: djm@openbsd.org -Date: Sun Jun 19 07:48:02 2016 +0000 - - upstream commit - - revert 1.34; causes problems loading public keys - - reported by semarie@ - - Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179 - -commit ad23a75509f4320d43f628c50f0817e3ad12bfa7 -Author: jmc@openbsd.org -Date: Fri Jun 17 06:33:30 2016 +0000 - - upstream commit - - grammar fix; - - Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463 - -commit 5e28b1a2a3757548b40018cc2493540a17c82e27 -Author: djm@openbsd.org -Date: Fri Jun 17 05:06:23 2016 +0000 - - upstream commit - - translate OpenSSL error codes to something more - meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ - - Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5 - -commit b64faeb5eda7eff8210c754d00464f9fe9d23de5 -Author: djm@openbsd.org -Date: Fri Jun 17 05:03:40 2016 +0000 - - upstream commit - - ban AuthenticationMethods="" and accept - AuthenticationMethods=any for the default behaviour of not requiring multiple - authentication - - bz#2398 from Jakub Jelen; ok dtucker@ - - Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27 - -commit 9816fc5daee5ca924dd5c4781825afbaab728877 -Author: dtucker@openbsd.org -Date: Thu Jun 16 11:00:17 2016 +0000 - - upstream commit - - Include stdarg.h for va_copy as per man page. - - Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd - -commit b6cf84b51bc0f5889db48bf29a0c771954ade283 -Author: jmc@openbsd.org -Date: Thu Jun 16 06:10:45 2016 +0000 - - upstream commit - - keys stored in openssh format can have comments too; diff - from yonas yanfa, tweaked a bit; - - ok djm - - Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27 - -commit aa37768f17d01974b6bfa481e5e83841b6c76f86 -Author: Darren Tucker -Date: Mon Jun 20 15:55:34 2016 +1000 - - get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX - - Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip - change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX. - Fixes build on AIX. - -commit 009891afc8df37bc2101e15d1e0b6433cfb90549 -Author: Darren Tucker -Date: Fri Jun 17 14:34:09 2016 +1000 - - Remove duplicate code from PAM. ok djm@ - -commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba -Author: dtucker@openbsd.org -Date: Wed Jun 15 00:40:40 2016 +0000 - - upstream commit - - Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message - about forward and reverse DNS not matching. We haven't supported IP-based - auth methods for a very long time so it's now misleading. part of bz#2585, - ok markus@ - - Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29 - -commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd -Author: Darren Tucker -Date: Wed Jun 15 11:22:38 2016 +1000 - - Move platform_disable_tracing into its own file. - - Prevents link errors resolving the extern "options" when platform.o - gets linked into ssh-agent when building --with-pam. - -commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070 -Author: Darren Tucker -Date: Tue Jun 14 13:55:12 2016 +1000 - - Track skipped upstream commit IDs. - - There are a small number of "upstream" commits that do not correspond to - a file in -portable. This file tracks those so that we can reconcile - OpenBSD and Portable to ensure that no commits are accidentally missed. - - If you add something to .skipped-commit-ids please also add an upstream - ID line in the following format when you commit it. - - Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 - Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca - Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 - Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 - Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a - Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef - Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 - Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 - Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae - Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee - -commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f -Author: Darren Tucker -Date: Tue Jun 14 13:51:01 2016 +1000 - - Remove now-defunct .cvsignore files. ok djm - -commit 68777faf271efb2713960605c748f6c8a4b26d55 -Author: dtucker@openbsd.org -Date: Wed Jun 8 02:13:01 2016 +0000 - - upstream commit - - Back out rev 1.28 "Check min and max sizes sent by the - client" change. It caused "key_verify failed for server_host_key" in clients - that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. - ok djm@ - - Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65 - -commit a86ec4d0737ac5879223e7cd9d68c448df46e169 -Author: Darren Tucker -Date: Tue Jun 14 10:48:27 2016 +1000 - - Use Solaris setpflags(__PROC_PROTECT, ...). - - Where possible, use Solaris setpflags to disable process tracing on - ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee - at oracle.com, ok djm. - -commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573 -Author: Darren Tucker -Date: Tue Jun 14 10:43:53 2016 +1000 - - Shorten prctl code a tiny bit. - -commit 0fb7f5985351fbbcd2613d8485482c538e5123be -Author: Darren Tucker -Date: Thu Jun 9 16:23:07 2016 +1000 - - Move prctl PR_SET_DUMPABLE into platform.c. - - This should make it easier to add additional platform support such as - Solaris (bz#2584). - -commit e6508898c3cd838324ecfe1abd0eb8cf802e7106 -Author: dtucker@openbsd.org -Date: Fri Jun 3 04:10:41 2016 +0000 - - upstream commit - - Add a test for ssh(1)'s config file parsing. - - Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601 - -commit ab0a536066dfa32def0bd7272c096ebb5eb25b11 -Author: dtucker@openbsd.org -Date: Fri Jun 3 03:47:59 2016 +0000 - - upstream commit - - Add 'sshd' to the test ID as I'm about to add a similar - set for ssh. - - Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a - -commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb -Author: schwarze@openbsd.org -Date: Mon May 30 12:14:08 2016 +0000 - - upstream commit - - stricter malloc.conf(5) options for utf8 tests - - Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6 - -commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc -Author: schwarze@openbsd.org -Date: Mon May 30 12:05:56 2016 +0000 - - upstream commit - - Fix two rare edge cases: 1. If vasprintf() returns < 0, - do not access a NULL pointer in snmprintf(), and do not free() the pointer - returned from vasprintf() because on some systems other than OpenBSD, it - might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" - rather than -1 and NULL. - - Besides, free(dst) is pointless after failure (not a bug). - - One half OK martijn@, the other half OK deraadt@; - committing quickly before people get hurt. - - Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4 - -commit 016881eb33a7948028848c90f4c7ac42e3af0e87 -Author: schwarze@openbsd.org -Date: Thu May 26 19:14:25 2016 +0000 - - upstream commit - - test the new utf8 module - - Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3 - -commit d4219028bdef448e089376f3afe81ef6079da264 -Author: dtucker@openbsd.org -Date: Tue May 3 15:30:46 2016 +0000 - - upstream commit - - Set umask to prevent "Bad owner or permissions" errors. - - Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417 - -commit 07d5608bb237e9b3fe86a2aeaa429392230faebf -Author: djm@openbsd.org -Date: Tue May 3 14:41:04 2016 +0000 - - upstream commit - - support doas - - Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38 - -commit 01cabf10adc7676cba5f40536a34d3b246edb73f -Author: djm@openbsd.org -Date: Tue May 3 13:48:33 2016 +0000 - - upstream commit - - unit tests for sshbuf_dup_string() - - Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d - -commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372 -Author: jmc@openbsd.org -Date: Fri Jun 3 06:44:12 2016 +0000 - - upstream commit - - tweak previous; - - Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698 - -commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4 -Author: dtucker@openbsd.org -Date: Fri Jun 3 04:09:38 2016 +0000 - - upstream commit - - Allow ExitOnForwardFailure and ClearAllForwardings to be - overridden when using ssh -W (but still default to yes in that case). - bz#2577, ok djm@. - - Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4 - -commit 8543ff3f5020fe659839b15f05b8c522bde6cee5 -Author: dtucker@openbsd.org -Date: Fri Jun 3 03:14:41 2016 +0000 - - upstream commit - - Move the host and port used by ssh -W into the Options - struct. This will make future changes a bit easier. ok djm@ - - Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382 - -commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368 -Author: dtucker@openbsd.org -Date: Wed Jun 1 04:19:49 2016 +0000 - - upstream commit - - Check min and max sizes sent by the client against what - we support before passing them to the monitor. ok djm@ - - Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece - -commit 564cd2a8926ccb1dca43a535073540935b5e0373 -Author: dtucker@openbsd.org -Date: Tue May 31 23:46:14 2016 +0000 - - upstream commit - - Ensure that the client's proposed DH-GEX max value is at - least as big as the minimum the server will accept. ok djm@ - - Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775 - -commit df820722e40309c9b3f360ea4ed47a584ed74333 -Author: Darren Tucker -Date: Mon Jun 6 11:36:13 2016 +1000 - - Add compat bits to utf8.c. - -commit 05c6574652571becfe9d924226c967a3f4b3f879 -Author: Darren Tucker -Date: Mon Jun 6 11:33:43 2016 +1000 - - Fix utf->utf8 typo. - -commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce -Author: schwarze@openbsd.org -Date: Mon May 30 18:34:41 2016 +0000 - - upstream commit - - Backout rev. 1.43 for now. - - The function update_progress_meter() calls refresh_progress_meter() - which calls snmprintf() which calls malloc(); but update_progress_meter() - acts as the SIGALRM signal handler. - - "malloc(): error: recursive call" reported by sobrado@. - - Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e - -commit cd9e1eabeb4137182200035ab6fa4522f8d24044 -Author: schwarze@openbsd.org -Date: Mon May 30 12:57:21 2016 +0000 - - upstream commit - - Even when only writing an unescaped character, the dst - buffer may need to grow, or it would be overrun; issue found by tb@ with - malloc.conf(5) 'C'. - - While here, reserve an additional byte for the terminating NUL - up front such that we don't have to realloc() later just for that. - - OK tb@ - - Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff - -commit ac284a355f8065eaef2a16f446f3c44cdd17371d -Author: schwarze@openbsd.org -Date: Mon May 30 12:05:56 2016 +0000 - - upstream commit - *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable-10@freebsd.org Fri Sep 1 22:52:20 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3DF87E0C5F3; Fri, 1 Sep 2017 22:52:20 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id DB15067695; Fri, 1 Sep 2017 22:52:19 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id v81MqJXr057445; Fri, 1 Sep 2017 22:52:19 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id v81MqIDH057442; Fri, 1 Sep 2017 22:52:18 GMT (envelope-from des@FreeBSD.org) Message-Id: <201709012252.v81MqIDH057442@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Fri, 1 Sep 2017 22:52:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r323124 - in stable/10: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypt... X-SVN-Group: stable-10 X-SVN-Commit-Author: des X-SVN-Commit-Paths: in stable/10: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypto/openssh/openbsd-compat/... X-SVN-Commit-Revision: 323124 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2017 22:52:20 -0000 Author: des Date: Fri Sep 1 22:52:18 2017 New Revision: 323124 URL: https://svnweb.freebsd.org/changeset/base/323124 Log: Upgrade OpenSSH to 7.3p1. This is the last version of OpenSSH which does not break compatibility more than we can live with in a stable branch. Further commits will follow to backport some bug fixes from newer versions. The sshd breakage in the previous attempt was due to an upstream bug (a 0 was changed to a 1 while refactoring send_rexec_state() in sshd.c) which only manifested itself when sshd was built with SSH 1 support. Approved by: re@ Added: stable/10/crypto/openssh/.skipped-commit-ids - copied unchanged from r323120, stable/10/crypto/openssh/.skipped-commit-ids stable/10/crypto/openssh/openbsd-compat/bsd-err.c - copied unchanged from r323120, stable/10/crypto/openssh/openbsd-compat/bsd-err.c stable/10/crypto/openssh/platform-tracing.c - copied unchanged from r323120, stable/10/crypto/openssh/platform-tracing.c stable/10/crypto/openssh/regress/cfginclude.sh - copied unchanged from r323120, stable/10/crypto/openssh/regress/cfginclude.sh stable/10/crypto/openssh/regress/misc/ - copied from r323120, stable/10/crypto/openssh/regress/misc/ stable/10/crypto/openssh/regress/sshcfgparse.sh - copied unchanged from r323120, stable/10/crypto/openssh/regress/sshcfgparse.sh stable/10/crypto/openssh/regress/unittests/utf8/ - copied from r323120, stable/10/crypto/openssh/regress/unittests/utf8/ stable/10/crypto/openssh/utf8.c - copied unchanged from r323120, stable/10/crypto/openssh/utf8.c stable/10/crypto/openssh/utf8.h - copied unchanged from r323120, stable/10/crypto/openssh/utf8.h Deleted: stable/10/crypto/openssh/.cvsignore stable/10/crypto/openssh/openbsd-compat/.cvsignore stable/10/crypto/openssh/openbsd-compat/regress/.cvsignore stable/10/crypto/openssh/regress/.cvsignore stable/10/crypto/openssh/roaming.h stable/10/crypto/openssh/scard/ Modified: stable/10/crypto/openssh/ChangeLog stable/10/crypto/openssh/INSTALL stable/10/crypto/openssh/Makefile.in stable/10/crypto/openssh/PROTOCOL stable/10/crypto/openssh/PROTOCOL.agent stable/10/crypto/openssh/PROTOCOL.certkeys stable/10/crypto/openssh/PROTOCOL.chacha20poly1305 stable/10/crypto/openssh/README stable/10/crypto/openssh/audit-linux.c stable/10/crypto/openssh/auth-krb5.c stable/10/crypto/openssh/auth-options.c stable/10/crypto/openssh/auth-pam.c stable/10/crypto/openssh/auth-pam.h stable/10/crypto/openssh/auth-passwd.c stable/10/crypto/openssh/auth-rh-rsa.c stable/10/crypto/openssh/auth-rhosts.c stable/10/crypto/openssh/auth.c stable/10/crypto/openssh/auth.h stable/10/crypto/openssh/auth2-chall.c stable/10/crypto/openssh/auth2-hostbased.c stable/10/crypto/openssh/auth2.c stable/10/crypto/openssh/authfile.c stable/10/crypto/openssh/canohost.c stable/10/crypto/openssh/canohost.h stable/10/crypto/openssh/channels.c stable/10/crypto/openssh/cipher-bf1.c stable/10/crypto/openssh/cipher.c stable/10/crypto/openssh/clientloop.c stable/10/crypto/openssh/compat.c stable/10/crypto/openssh/config.h stable/10/crypto/openssh/configure.ac stable/10/crypto/openssh/contrib/cygwin/README stable/10/crypto/openssh/contrib/redhat/openssh.spec stable/10/crypto/openssh/contrib/ssh-copy-id stable/10/crypto/openssh/contrib/suse/openssh.spec stable/10/crypto/openssh/defines.h stable/10/crypto/openssh/dh.c stable/10/crypto/openssh/dh.h stable/10/crypto/openssh/freebsd-configure.sh stable/10/crypto/openssh/kex.c stable/10/crypto/openssh/kex.h stable/10/crypto/openssh/kexc25519.c stable/10/crypto/openssh/kexdh.c stable/10/crypto/openssh/kexdhc.c stable/10/crypto/openssh/kexdhs.c stable/10/crypto/openssh/kexgexs.c stable/10/crypto/openssh/key.c stable/10/crypto/openssh/log.c stable/10/crypto/openssh/log.h stable/10/crypto/openssh/mac.c stable/10/crypto/openssh/mac.h stable/10/crypto/openssh/misc.c stable/10/crypto/openssh/misc.h stable/10/crypto/openssh/moduli stable/10/crypto/openssh/monitor.c stable/10/crypto/openssh/monitor_fdpass.c stable/10/crypto/openssh/monitor_wrap.c stable/10/crypto/openssh/monitor_wrap.h stable/10/crypto/openssh/mux.c stable/10/crypto/openssh/myproposal.h stable/10/crypto/openssh/opacket.h stable/10/crypto/openssh/openbsd-compat/Makefile.in stable/10/crypto/openssh/openbsd-compat/arc4random.c stable/10/crypto/openssh/openbsd-compat/bindresvport.c stable/10/crypto/openssh/openbsd-compat/bsd-asprintf.c stable/10/crypto/openssh/openbsd-compat/bsd-misc.c stable/10/crypto/openssh/openbsd-compat/bsd-misc.h stable/10/crypto/openssh/openbsd-compat/bsd-snprintf.c stable/10/crypto/openssh/openbsd-compat/inet_aton.c stable/10/crypto/openssh/openbsd-compat/openbsd-compat.h stable/10/crypto/openssh/openbsd-compat/port-solaris.h stable/10/crypto/openssh/openbsd-compat/vis.c stable/10/crypto/openssh/openbsd-compat/vis.h stable/10/crypto/openssh/openbsd-compat/xcrypt.c stable/10/crypto/openssh/packet.c stable/10/crypto/openssh/packet.h stable/10/crypto/openssh/pathnames.h stable/10/crypto/openssh/platform.c stable/10/crypto/openssh/platform.h stable/10/crypto/openssh/progressmeter.c stable/10/crypto/openssh/readconf.c stable/10/crypto/openssh/readconf.h stable/10/crypto/openssh/regress/Makefile stable/10/crypto/openssh/regress/agent-getpeereid.sh stable/10/crypto/openssh/regress/cert-hostkey.sh stable/10/crypto/openssh/regress/cert-userkey.sh stable/10/crypto/openssh/regress/cfgparse.sh stable/10/crypto/openssh/regress/connect-privsep.sh stable/10/crypto/openssh/regress/forwarding.sh stable/10/crypto/openssh/regress/integrity.sh stable/10/crypto/openssh/regress/modpipe.c stable/10/crypto/openssh/regress/netcat.c stable/10/crypto/openssh/regress/test-exec.sh stable/10/crypto/openssh/regress/unittests/Makefile stable/10/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_misc.c stable/10/crypto/openssh/regress/unittests/sshkey/test_sshkey.c stable/10/crypto/openssh/regress/unittests/test_helper/Makefile stable/10/crypto/openssh/sandbox-seccomp-filter.c stable/10/crypto/openssh/scp.1 stable/10/crypto/openssh/scp.c stable/10/crypto/openssh/servconf.c stable/10/crypto/openssh/serverloop.c stable/10/crypto/openssh/session.c stable/10/crypto/openssh/session.h stable/10/crypto/openssh/sftp-client.c stable/10/crypto/openssh/sftp-server.c stable/10/crypto/openssh/sftp.1 stable/10/crypto/openssh/sftp.c stable/10/crypto/openssh/ssh-agent.1 stable/10/crypto/openssh/ssh-agent.c stable/10/crypto/openssh/ssh-dss.c stable/10/crypto/openssh/ssh-ecdsa.c stable/10/crypto/openssh/ssh-ed25519.c stable/10/crypto/openssh/ssh-keygen.1 stable/10/crypto/openssh/ssh-keygen.c stable/10/crypto/openssh/ssh-keyscan.c stable/10/crypto/openssh/ssh-rsa.c stable/10/crypto/openssh/ssh.1 stable/10/crypto/openssh/ssh.c stable/10/crypto/openssh/ssh1.h stable/10/crypto/openssh/ssh2.h stable/10/crypto/openssh/ssh_api.c stable/10/crypto/openssh/ssh_config stable/10/crypto/openssh/ssh_config.5 stable/10/crypto/openssh/ssh_namespace.h stable/10/crypto/openssh/sshbuf-getput-basic.c stable/10/crypto/openssh/sshbuf-misc.c stable/10/crypto/openssh/sshbuf.h stable/10/crypto/openssh/sshconnect2.c stable/10/crypto/openssh/sshd.c stable/10/crypto/openssh/sshd_config stable/10/crypto/openssh/sshd_config.5 stable/10/crypto/openssh/sshkey.c stable/10/crypto/openssh/sshkey.h stable/10/crypto/openssh/ttymodes.c stable/10/crypto/openssh/ttymodes.h stable/10/crypto/openssh/version.h stable/10/secure/lib/libssh/Makefile Copied: stable/10/crypto/openssh/.skipped-commit-ids (from r323120, stable/10/crypto/openssh/.skipped-commit-ids) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/crypto/openssh/.skipped-commit-ids Fri Sep 1 22:52:18 2017 (r323124, copy of r323120, stable/10/crypto/openssh/.skipped-commit-ids) @@ -0,0 +1,11 @@ +321065a95a7ccebdd5fd08482a1e19afbf524e35 Update DH groups +d4f699a421504df35254cf1c6f1a7c304fb907ca Remove 1k bit groups +aafe246655b53b52bc32c8a24002bc262f4230f7 Remove intermediate moduli +8fa9cd1dee3c3339ae329cf20fb591db6d605120 put back SSH1 for 6.9 +f31327a48dd4103333cc53315ec53fe65ed8a17a Generate new moduli +edbfde98c40007b7752a4ac106095e060c25c1ef Regen moduli +052fd565e3ff2d8cec3bc957d1788f50c827f8e2 Switch to tame-based sandbox +7cf73737f357492776223da1c09179fa6ba74660 Remove moduli <2k +180d84674be1344e45a63990d60349988187c1ae Update moduli +f6ae971186ba68d066cd102e57d5b0b2c211a5ee systrace is dead. +96c5054e3e1f170c6276902d5bc65bb3b87a2603 remove DEBUGLIBS from Makefile Modified: stable/10/crypto/openssh/ChangeLog ============================================================================== --- stable/10/crypto/openssh/ChangeLog Fri Sep 1 22:37:49 2017 (r323123) +++ stable/10/crypto/openssh/ChangeLog Fri Sep 1 22:52:18 2017 (r323124) @@ -1,17 +1,1848 @@ -commit 5c35450a0c901d9375fb23343a8dc82397da5f75 +commit 99522ba7ec6963a05c04a156bf20e3ba3605987c Author: Damien Miller -Date: Thu Mar 10 05:04:48 2016 +1100 +Date: Thu Jul 28 08:54:27 2016 +1000 - update versions for release + define _OPENBSD_SOURCE for reallocarray on NetBSD + + Report by and debugged with Hisashi T Fujinaka, dtucker nailed + the problem (lack of prototype causing return type confusion). -commit 9d47b8d3f50c3a6282896df8274147e3b9a38c56 +commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 Author: Damien Miller -Date: Thu Mar 10 05:03:39 2016 +1100 +Date: Wed Jul 27 08:25:42 2016 +1000 - sanitise characters destined for xauth(1) + KNF + +commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331 +Author: Damien Miller +Date: Wed Jul 27 08:25:23 2016 +1000 + + Linux auditing also needs packet.h + +commit 393bd381a45884b589baa9aed4394f1d250255ca +Author: Damien Miller +Date: Wed Jul 27 08:18:05 2016 +1000 + + fix auditing on Linux - reported by github.com/tintinweb + get_remote_ipaddr() was replaced with ssh_remote_ipaddr() +commit 80e766fb089de4f3c92b1600eb99e9495e37c992 +Author: Damien Miller +Date: Sun Jul 24 21:50:13 2016 +1000 + + crank version numbers + +commit b1a478792d458f2e938a302e64bab2b520edc1b3 +Author: djm@openbsd.org +Date: Sun Jul 24 11:45:36 2016 +0000 + + upstream commit + + openssh-7.3 + + Upstream-ID: af106a7eb665f642648cf1993e162c899f358718 + +commit 353766e0881f069aeca30275ab706cd60a1a8fdd +Author: Darren Tucker +Date: Sat Jul 23 16:14:42 2016 +1000 + + Move Cygwin IPPORT_RESERVED overrride to defines.h + + Patch from vinschen at redhat.com. + +commit 368dd977ae07afb93f4ecea23615128c95ab2b32 +Author: djm@openbsd.org +Date: Sat Jul 23 02:54:08 2016 +0000 + + upstream commit + + fix pledge violation with ssh -f; reported by Valentin + Kozamernik ok dtucker@ + + Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa + +commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e +Author: djm@openbsd.org +Date: Fri Jul 22 07:00:46 2016 +0000 + + upstream commit + + improve wording; suggested by jmc@ + + Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8 + +commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8 +Author: dtucker@openbsd.org +Date: Fri Jul 22 05:46:11 2016 +0000 + + upstream commit + + Lower loglevel for "Authenticated with partial success" + message similar to other similar level. bz#2599, patch from cgallek at + gmail.com, ok markus@ + + Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd + +commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6 +Author: Damien Miller +Date: Fri Jul 22 14:06:36 2016 +1000 + + retry waitpid on EINTR failure + + patch from Jakub Jelen on bz#2581; ok dtucker@ + +commit da88a70a89c800e74ea8e5661ffa127a3cc79a92 +Author: djm@openbsd.org +Date: Fri Jul 22 03:47:36 2016 +0000 + + upstream commit + + constify a few functions' arguments; patch from Jakub + Jelen bz#2581 + + Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d + +commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf +Author: djm@openbsd.org +Date: Fri Jul 22 03:39:13 2016 +0000 + + upstream commit + + move debug("%p", key) to before key is free'd; probable + undefined behaviour on strict compilers; reported by Jakub Jelen bz#2581 + + Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a + +commit 286f5a77c3bfec1e8892ca268087ac885ac871bf +Author: djm@openbsd.org +Date: Fri Jul 22 03:35:11 2016 +0000 + + upstream commit + + reverse the order in which -J/JumpHost proxies are visited to + be more intuitive and document + + reported by and manpage bits naddy@ + + Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a + +commit fcd135c9df440bcd2d5870405ad3311743d78d97 +Author: dtucker@openbsd.org +Date: Thu Jul 21 01:39:35 2016 +0000 + + upstream commit + + Skip passwords longer than 1k in length so clients can't + easily DoS sshd by sending very long passwords, causing it to spend CPU + hashing them. feedback djm@, ok markus@. + + Brought to our attention by tomas.kuthan at oracle.com, shilei-c at + 360.cn and coredump at autistici.org + + Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 + +commit 324583e8fb3935690be58790425793df619c6d4d +Author: naddy@openbsd.org +Date: Wed Jul 20 10:45:27 2016 +0000 + + upstream commit + + Do not clobber the global jump_host variables when + parsing an inactive configuration. ok djm@ + + Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31 + +commit 32d921c323b989d28405e78d0a8923d12913d737 +Author: jmc@openbsd.org +Date: Tue Jul 19 12:59:16 2016 +0000 + + upstream commit + + tweak previous; + + Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534 + +commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025 +Author: dtucker@openbsd.org +Date: Tue Jul 19 11:38:53 2016 +0000 + + upstream commit + + Allow wildcard for PermitOpen hosts as well as ports. + bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com. ok + markus@ + + Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2 + +commit b98a2a8348e907b3d71caafd80f0be8fdd075943 +Author: markus@openbsd.org +Date: Mon Jul 18 11:35:33 2016 +0000 + + upstream commit + + Reduce timing attack against obsolete CBC modes by always + computing the MAC over a fixed size of data. Reported by Jean Paul + Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@ + + Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912 + +commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc +Author: Darren Tucker +Date: Thu Jul 21 14:17:31 2016 +1000 + + Search users for one with a valid salt. + + If the root account is locked (eg password "!!" or "*LK*") keep looking + until we find a user with a valid salt to use for crypting passwords of + invalid users. ok djm@ + +commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782 +Author: Darren Tucker +Date: Mon Jul 18 17:22:49 2016 +1000 + + Explicitly specify source files for regress tools. + + Since adding $(REGRESSLIBS), $? is wrong because it includes only the + changed source files. $< seems like it'd be right however it doesn't + seem to work on some non-GNU makes, so do what works everywhere. + +commit eac1bbd06872c273f16ac0f9976b0aef026b701b +Author: Darren Tucker +Date: Mon Jul 18 17:12:22 2016 +1000 + + Conditionally include err.h. + +commit 0a454147568746c503f669e1ba861f76a2e7a585 +Author: Darren Tucker +Date: Mon Jul 18 16:26:26 2016 +1000 + + Remove local implementation of err, errx. + + We now have a shared implementation in libopenbsd-compat. + +commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1 +Author: djm@openbsd.org +Date: Mon Jul 18 06:08:01 2016 +0000 + + upstream commit + + Add some unsigned overflow checks for extra_pad. None of + these are reachable with the amount of padding that we use internally. + bz#2566, pointed out by Torben Hansen. ok markus@ + + Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76 + +commit c71ba790c304545464bb494de974cdf0f4b5cf1e +Author: Darren Tucker +Date: Mon Jul 18 15:43:25 2016 +1000 + + Add dependency on libs for unit tests. + + Makes "./configure && make tests" work again. ok djm@ + +commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8 +Author: Darren Tucker +Date: Mon Jul 18 13:47:39 2016 +1000 + + Correct location for kexfuzz in clean target. + +commit 01558b7b07af43da774d3a11a5c51fa9c310849d +Author: Darren Tucker +Date: Mon Jul 18 09:33:25 2016 +1000 + + Handle PAM_MAXTRIES from modules. + + bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing to offer + password and keyboard-interative authentication methods. Should prevent + "sshd ignoring max retries" warnings in the log. ok djm@ + + It probably won't trigger with keyboard-interactive in the default + configuration because the retry counter is stored in module-private + storage which goes away with the sshd PAM process (see bz#688). On the + other hand, those cases probably won't log a warning either. + +commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc +Author: djm@openbsd.org +Date: Sun Jul 17 04:20:16 2016 +0000 + + upstream commit + + support UTF-8 characters in ssh(1) banners using + schwarze@'s safe fmprintf printer; bz#2058 + + feedback schwarze@ ok dtucker@ + + Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7 + +commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7 +Author: jmc@openbsd.org +Date: Sat Jul 16 06:57:55 2016 +0000 + + upstream commit + + - add proxyjump to the options list - formatting fixes - + update usage() + + ok djm + + Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457 + +commit af1f084857621f14bd9391aba8033d35886c2455 +Author: dtucker@openbsd.org +Date: Fri Jul 15 05:01:58 2016 +0000 + + upstream commit + + Reduce the syslog level of some relatively common protocol + events from LOG_CRIT by replacing fatal() calls with logdie(). Part of + bz#2585, ok djm@ + + Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5 + +commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f +Author: Damien Miller +Date: Fri Jul 15 19:14:48 2016 +1000 + + missing openssl/dh.h + +commit 4a984fd342effe5f0aad874a0d538c4322d973c0 +Author: Damien Miller +Date: Fri Jul 15 18:47:07 2016 +1000 + + cast to avoid type warning in error message + +commit 5abfb15ced985c340359ae7fb65a625ed3692b3e +Author: Darren Tucker +Date: Fri Jul 15 14:48:30 2016 +1000 + + Move VA_COPY macro into compat header. + + Some AIX compilers unconditionally undefine va_copy but don't set it back + to an internal function, causing link errors. In some compat code we + already use VA_COPY instead so move the two existing instances into the + shared header and use for sshbuf-getput-basic.c too. Should fix building + with at lease some versions of AIX's compiler. bz#2589, ok djm@ + +commit 832b7443b7a8e181c95898bc5d73497b7190decd +Author: Damien Miller +Date: Fri Jul 15 14:45:34 2016 +1000 + + disable ciphers not supported by OpenSSL + + bz#2466 ok dtucker@ + +commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8 +Author: Damien Miller +Date: Fri Jul 15 13:54:31 2016 +1000 + + add a --disable-pkcs11 knob + +commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9 +Author: Damien Miller +Date: Fri Jul 15 13:44:38 2016 +1000 + + fix newline escaping for unsupported_algorithms + + The hmac-ripemd160 was incorrect and could lead to broken + Makefiles on systems that lacked support for it, but I made + all the others consistent too. + +commit ed877ef653847d056bb433975d731b7a1132a979 +Author: djm@openbsd.org +Date: Fri Jul 15 00:24:30 2016 +0000 + + upstream commit + + Add a ProxyJump ssh_config(5) option and corresponding -J + ssh(1) command-line flag to allow simplified indirection through a SSH + bastion or "jump host". + + These options construct a proxy command that connects to the + specified jump host(s) (more than one may be specified) and uses + port-forwarding to establish a connection to the next destination. + + This codifies the safest way of indirecting connections through SSH + servers and makes it easy to use. + + ok markus@ + + Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397 + +commit 5c02dd126206a26785379e80f2d3848e4470b711 +Author: Darren Tucker +Date: Fri Jul 15 12:56:39 2016 +1000 + + Map umac_ctx struct name too. + + Prevents size mismatch linker warnings on Solaris 11. + +commit 283b97ff33ea2c641161950849931bd578de6946 +Author: Darren Tucker +Date: Fri Jul 15 13:49:44 2016 +1000 + + Mitigate timing of disallowed users PAM logins. + + When sshd decides to not allow a login (eg PermitRootLogin=no) and + it's using PAM, it sends a fake password to PAM so that the timing for + the failure is not noticeably different whether or not the password + is correct. This behaviour can be detected by sending a very long + password string which is slower to hash than the fake password. + + Mitigate by constructing an invalid password that is the same length + as the one from the client and thus takes the same time to hash. + Diff from djm@ + +commit 9286875a73b2de7736b5e50692739d314cd8d9dc +Author: Darren Tucker +Date: Fri Jul 15 13:32:45 2016 +1000 + + Determine appropriate salt for invalid users. + + When sshd is processing a non-PAM login for a non-existent user it uses + the string from the fakepw structure as the salt for crypt(3)ing the + password supplied by the client. That string has a Blowfish prefix, so on + systems that don't understand that crypt will fail fast due to an invalid + salt, and even on those that do it may have significantly different timing + from the hash methods used for real accounts (eg sha512). This allows + user enumeration by, eg, sending large password strings. This was noted + by EddieEzra.Harari at verint.com (CVE-2016-6210). + + To mitigate, use the same hash algorithm that root uses for hashing + passwords for users that do not exist on the system. ok djm@ + +commit a162dd5e58ca5b224d7500abe35e1ef32b5de071 +Author: Darren Tucker +Date: Thu Jul 14 21:19:59 2016 +1000 + + OpenSSL 1.1.x not currently supported. + +commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb +Author: Darren Tucker +Date: Thu Jul 14 12:25:24 2016 +1000 + + Check for VIS_ALL. + + If we don't have it, set BROKEN_STRNVIS to activate the compat replacement. + +commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0 +Author: dtucker@openbsd.org +Date: Thu Jul 14 01:24:21 2016 +0000 + + upstream commit + + Correct equal in test. + + Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a + +commit 372807c2065c8572fdc6478b25cc5ac363743073 +Author: tb@openbsd.org +Date: Mon Jul 11 21:38:13 2016 +0000 + + upstream commit + + Add missing "recvfd" pledge promise: Raf Czlonka reported + ssh coredumps when Control* keywords were set in ssh_config. This patch also + fixes similar problems with scp and sftp. + + ok deraadt, looks good to millert + + Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b + +commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd +Author: tedu@openbsd.org +Date: Mon Jul 11 03:19:44 2016 +0000 + + upstream commit + + obsolete note about fascistloggin is obsolete. ok djm + dtucker + + Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a + +commit a2333584170a565adf4f209586772ef8053b10b8 +Author: Darren Tucker +Date: Thu Jul 14 10:59:09 2016 +1000 + + Add compat code for missing wcwidth. + + If we don't have wcwidth force fallback implementations of nl_langinfo + and mbtowc. Based on advice from Ingo Schwarze. + +commit 8aaec7050614494014c47510b7e94daf6e644c62 +Author: Damien Miller +Date: Thu Jul 14 09:48:48 2016 +1000 + + fix missing include for systems with err.h + +commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243 +Author: Darren Tucker +Date: Wed Jul 13 14:42:35 2016 +1000 + + Move err.h replacements into compat lib. + + Move implementations of err.h replacement functions into their own file + in the libopenbsd-compat so we can use them in kexfuzz.c too. ok djm@ + +commit f3f2cc8386868f51440c45210098f65f9787449a +Author: Darren Tucker +Date: Mon Jul 11 17:23:38 2016 +1000 + + Check for wchar.h and langinfo.h + + Wrap includes in the appropriate #ifdefs. + +commit b9c50614eba9d90939b2b119b6e1b7e03b462278 +Author: Damien Miller +Date: Fri Jul 8 13:59:13 2016 +1000 + + whitelist more architectures for seccomp-bpf + + bz#2590 - testing and patch from Jakub Jelen + +commit 18813a32b6fd964037e0f5e1893cb4468ac6a758 +Author: guenther@openbsd.org +Date: Mon Jul 4 18:01:44 2016 +0000 + + upstream commit + + DEBUGLIBS has been broken since the gcc4 switch, so delete + it. CFLAGS contains -g by default anyway + + problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) + ok millert@ kettenis@ deraadt@ + + Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542 + +commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7 +Author: djm@openbsd.org +Date: Fri Jul 8 03:44:42 2016 +0000 + + upstream commit + + Improve crypto ordering for Encrypt-then-MAC (EtM) mode + MAC algorithms. + + Previously we were computing the MAC, decrypting the packet and then + checking the MAC. This gave rise to the possibility of creating a + side-channel oracle in the decryption step, though no such oracle has + been identified. + + This adds a mac_check() function that computes and checks the MAC in + one pass, and uses it to advance MAC checking for EtM algorithms to + before payload decryption. + + Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and + Martin Albrecht. feedback and ok markus@ + + Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b + +commit 71f5598f06941f645a451948c4a5125c83828e1c +Author: guenther@openbsd.org +Date: Mon Jul 4 18:01:44 2016 +0000 + + upstream commit + + DEBUGLIBS has been broken since the gcc4 switch, so + delete it. CFLAGS contains -g by default anyway + + problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) + ok millert@ kettenis@ deraadt@ + + Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603 + +commit e683fc6f1c8c7295648dbda679df8307786ec1ce +Author: dtucker@openbsd.org +Date: Thu Jun 30 05:17:05 2016 +0000 + + upstream commit + + Explicitly check for 100% completion to avoid potential + floating point rounding error, which could cause progressmeter to report 99% + on completion. While there invert the test so the 100% case is clearer. with + & ok djm@ + + Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d + +commit 772e6cec0ed740fc7db618dc30b4134f5a358b43 +Author: jmc@openbsd.org +Date: Wed Jun 29 17:14:28 2016 +0000 + + upstream commit + + sort the -o list; + + Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac + +commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af +Author: djm@openbsd.org +Date: Thu Jun 23 05:17:51 2016 +0000 + + upstream commit + + fix AuthenticationMethods during configuration re-parse; + reported by Juan Francisco Cantero Hurtado + + Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4 + +commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e +Author: djm@openbsd.org +Date: Sun Jun 19 07:48:02 2016 +0000 + + upstream commit + + revert 1.34; causes problems loading public keys + + reported by semarie@ + + Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179 + +commit ad23a75509f4320d43f628c50f0817e3ad12bfa7 +Author: jmc@openbsd.org +Date: Fri Jun 17 06:33:30 2016 +0000 + + upstream commit + + grammar fix; + + Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463 + +commit 5e28b1a2a3757548b40018cc2493540a17c82e27 +Author: djm@openbsd.org +Date: Fri Jun 17 05:06:23 2016 +0000 + + upstream commit + + translate OpenSSL error codes to something more + meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ + + Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5 + +commit b64faeb5eda7eff8210c754d00464f9fe9d23de5 +Author: djm@openbsd.org +Date: Fri Jun 17 05:03:40 2016 +0000 + + upstream commit + + ban AuthenticationMethods="" and accept + AuthenticationMethods=any for the default behaviour of not requiring multiple + authentication + + bz#2398 from Jakub Jelen; ok dtucker@ + + Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27 + +commit 9816fc5daee5ca924dd5c4781825afbaab728877 +Author: dtucker@openbsd.org +Date: Thu Jun 16 11:00:17 2016 +0000 + + upstream commit + + Include stdarg.h for va_copy as per man page. + + Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd + +commit b6cf84b51bc0f5889db48bf29a0c771954ade283 +Author: jmc@openbsd.org +Date: Thu Jun 16 06:10:45 2016 +0000 + + upstream commit + + keys stored in openssh format can have comments too; diff + from yonas yanfa, tweaked a bit; + + ok djm + + Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27 + +commit aa37768f17d01974b6bfa481e5e83841b6c76f86 +Author: Darren Tucker +Date: Mon Jun 20 15:55:34 2016 +1000 + + get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX + + Apply the same get_remote_name_or_ip -> session_get_remote_name_or_ip + change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMPX. + Fixes build on AIX. + +commit 009891afc8df37bc2101e15d1e0b6433cfb90549 +Author: Darren Tucker +Date: Fri Jun 17 14:34:09 2016 +1000 + + Remove duplicate code from PAM. ok djm@ + +commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba +Author: dtucker@openbsd.org +Date: Wed Jun 15 00:40:40 2016 +0000 + + upstream commit + + Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message + about forward and reverse DNS not matching. We haven't supported IP-based + auth methods for a very long time so it's now misleading. part of bz#2585, + ok markus@ + + Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29 + +commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd +Author: Darren Tucker +Date: Wed Jun 15 11:22:38 2016 +1000 + + Move platform_disable_tracing into its own file. + + Prevents link errors resolving the extern "options" when platform.o + gets linked into ssh-agent when building --with-pam. + +commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070 +Author: Darren Tucker +Date: Tue Jun 14 13:55:12 2016 +1000 + + Track skipped upstream commit IDs. + + There are a small number of "upstream" commits that do not correspond to + a file in -portable. This file tracks those so that we can reconcile + OpenBSD and Portable to ensure that no commits are accidentally missed. + + If you add something to .skipped-commit-ids please also add an upstream + ID line in the following format when you commit it. + + Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 + Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca + Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 + Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 + Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a + Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef + Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 + Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 + Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae + Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee + +commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f +Author: Darren Tucker +Date: Tue Jun 14 13:51:01 2016 +1000 + + Remove now-defunct .cvsignore files. ok djm + +commit 68777faf271efb2713960605c748f6c8a4b26d55 +Author: dtucker@openbsd.org +Date: Wed Jun 8 02:13:01 2016 +0000 + + upstream commit + + Back out rev 1.28 "Check min and max sizes sent by the + client" change. It caused "key_verify failed for server_host_key" in clients + that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. + ok djm@ + + Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65 + +commit a86ec4d0737ac5879223e7cd9d68c448df46e169 +Author: Darren Tucker +Date: Tue Jun 14 10:48:27 2016 +1000 + + Use Solaris setpflags(__PROC_PROTECT, ...). + + Where possible, use Solaris setpflags to disable process tracing on + ssh-agent and sftp-server. bz#2584, based on a patch from huieying.lee + at oracle.com, ok djm. + +commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573 +Author: Darren Tucker +Date: Tue Jun 14 10:43:53 2016 +1000 + + Shorten prctl code a tiny bit. + +commit 0fb7f5985351fbbcd2613d8485482c538e5123be +Author: Darren Tucker +Date: Thu Jun 9 16:23:07 2016 +1000 + + Move prctl PR_SET_DUMPABLE into platform.c. + + This should make it easier to add additional platform support such as + Solaris (bz#2584). + +commit e6508898c3cd838324ecfe1abd0eb8cf802e7106 +Author: dtucker@openbsd.org +Date: Fri Jun 3 04:10:41 2016 +0000 + + upstream commit + + Add a test for ssh(1)'s config file parsing. + + Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601 + +commit ab0a536066dfa32def0bd7272c096ebb5eb25b11 +Author: dtucker@openbsd.org +Date: Fri Jun 3 03:47:59 2016 +0000 + + upstream commit + + Add 'sshd' to the test ID as I'm about to add a similar + set for ssh. + + Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a + +commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb +Author: schwarze@openbsd.org +Date: Mon May 30 12:14:08 2016 +0000 + + upstream commit + + stricter malloc.conf(5) options for utf8 tests + + Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6 + +commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc +Author: schwarze@openbsd.org +Date: Mon May 30 12:05:56 2016 +0000 + + upstream commit + + Fix two rare edge cases: 1. If vasprintf() returns < 0, + do not access a NULL pointer in snmprintf(), and do not free() the pointer + returned from vasprintf() because on some systems other than OpenBSD, it + might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" + rather than -1 and NULL. + + Besides, free(dst) is pointless after failure (not a bug). + + One half OK martijn@, the other half OK deraadt@; + committing quickly before people get hurt. + + Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4 + +commit 016881eb33a7948028848c90f4c7ac42e3af0e87 +Author: schwarze@openbsd.org +Date: Thu May 26 19:14:25 2016 +0000 + + upstream commit + + test the new utf8 module + + Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3 + +commit d4219028bdef448e089376f3afe81ef6079da264 +Author: dtucker@openbsd.org +Date: Tue May 3 15:30:46 2016 +0000 + + upstream commit + + Set umask to prevent "Bad owner or permissions" errors. + + Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417 + +commit 07d5608bb237e9b3fe86a2aeaa429392230faebf +Author: djm@openbsd.org +Date: Tue May 3 14:41:04 2016 +0000 + + upstream commit + + support doas + + Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38 + +commit 01cabf10adc7676cba5f40536a34d3b246edb73f +Author: djm@openbsd.org +Date: Tue May 3 13:48:33 2016 +0000 + + upstream commit + + unit tests for sshbuf_dup_string() + + Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d + +commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372 +Author: jmc@openbsd.org +Date: Fri Jun 3 06:44:12 2016 +0000 + + upstream commit + + tweak previous; + + Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698 + +commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4 +Author: dtucker@openbsd.org +Date: Fri Jun 3 04:09:38 2016 +0000 + + upstream commit + + Allow ExitOnForwardFailure and ClearAllForwardings to be + overridden when using ssh -W (but still default to yes in that case). + bz#2577, ok djm@. + + Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4 + +commit 8543ff3f5020fe659839b15f05b8c522bde6cee5 +Author: dtucker@openbsd.org +Date: Fri Jun 3 03:14:41 2016 +0000 + + upstream commit + + Move the host and port used by ssh -W into the Options + struct. This will make future changes a bit easier. ok djm@ + + Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382 + +commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368 +Author: dtucker@openbsd.org +Date: Wed Jun 1 04:19:49 2016 +0000 + + upstream commit + + Check min and max sizes sent by the client against what + we support before passing them to the monitor. ok djm@ + + Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece + +commit 564cd2a8926ccb1dca43a535073540935b5e0373 +Author: dtucker@openbsd.org +Date: Tue May 31 23:46:14 2016 +0000 + + upstream commit + + Ensure that the client's proposed DH-GEX max value is at + least as big as the minimum the server will accept. ok djm@ + + Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775 + +commit df820722e40309c9b3f360ea4ed47a584ed74333 +Author: Darren Tucker +Date: Mon Jun 6 11:36:13 2016 +1000 + + Add compat bits to utf8.c. + +commit 05c6574652571becfe9d924226c967a3f4b3f879 +Author: Darren Tucker +Date: Mon Jun 6 11:33:43 2016 +1000 + + Fix utf->utf8 typo. + +commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce +Author: schwarze@openbsd.org +Date: Mon May 30 18:34:41 2016 +0000 + + upstream commit + + Backout rev. 1.43 for now. + + The function update_progress_meter() calls refresh_progress_meter() + which calls snmprintf() which calls malloc(); but update_progress_meter() + acts as the SIGALRM signal handler. + + "malloc(): error: recursive call" reported by sobrado@. + + Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e + +commit cd9e1eabeb4137182200035ab6fa4522f8d24044 +Author: schwarze@openbsd.org +Date: Mon May 30 12:57:21 2016 +0000 + + upstream commit + + Even when only writing an unescaped character, the dst + buffer may need to grow, or it would be overrun; issue found by tb@ with + malloc.conf(5) 'C'. + + While here, reserve an additional byte for the terminating NUL + up front such that we don't have to realloc() later just for that. + + OK tb@ + + Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff + +commit ac284a355f8065eaef2a16f446f3c44cdd17371d +Author: schwarze@openbsd.org +Date: Mon May 30 12:05:56 2016 +0000 + + upstream commit + + Fix two rare edge cases: 1. If vasprintf() returns < 0, + do not access a NULL pointer in snmprintf(), and do not free() the pointer + returned from vasprintf() because on some systems other than OpenBSD, it + might be a bogus pointer. 2. If vasprintf() returns == 0, return 0 and "" + rather than -1 and NULL. + + Besides, free(dst) is pointless after failure (not a bug). + + One half OK martijn@, the other half OK deraadt@; + committing quickly before people get hurt. + + Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0 + +commit 0e059cdf5fd86297546c63fa8607c24059118832 +Author: schwarze@openbsd.org +Date: Wed May 25 23:48:45 2016 +0000 + *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable-10@freebsd.org Fri Sep 1 23:01:56 2017 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0C6BFE0CD19; Fri, 1 Sep 2017 23:01:56 +0000 (UTC) (envelope-from delphij@gmail.com) Received: from mail-it0-x235.google.com (mail-it0-x235.google.com [IPv6:2607:f8b0:4001:c0b::235]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C420167A6C; Fri, 1 Sep 2017 23:01:55 +0000 (UTC) (envelope-from delphij@gmail.com) Received: by mail-it0-x235.google.com with SMTP id p2so3160192ite.0; Fri, 01 Sep 2017 16:01:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=rYzAhcrGOMPt8aknXgvNnvHOzOM5dXIunf1oryZ1OJY=; b=f0aEbaCzbHmsCsLUBi7JINmeuxdFgV2DE43mQyEed9wrebE7PvzA/9WcgtfI5EICF5 oCbHm1inKWhVOVBfvl354Fg4bSus9M6+hIMlm1SjpMUR8WWrV4NE9wPzEPolpjYpha38 21VtNOBkdecwtd2gv+Dbp2rfKHJkvxt0lmUJIlJG37yBRTmxAMPsySQ7A1Q1TWhq5s2n /sAnuyaxagAvxbl4MqnhHT3Lrh9WtNEP752svKrF2I97Z/DARUC/x2Vp+GNzKQ7q2oxF YVwTMCsMaOtYQvj7Xjd/UUBTToPPsl5EnV3uwejWO/04RPeGnH+WEhppRtQ+O+Uw9CX4 5kug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=rYzAhcrGOMPt8aknXgvNnvHOzOM5dXIunf1oryZ1OJY=; b=nBGLLQyUzd2a7bAvXzdA2P6ETd0wd0ceIVdhxRSJcWfykSm+i6zrKFIxrjcKKvnT7v bY91bUK8gOXe80+3iumn3IUAfn0RgyMxWI6gW9OchjDFHowUe31Fg30FtQO35TbQ+Nii 4Hk0oNDnNhkD8efQk70iuNONwZkw6CC/I8D0DO0ss4xjODAkBvWOjUuE9E78dXY/x5Gb Bj1eojQzBZxIteyhmYPlaKRte6kFiOMlc5zPZiGtpOkzEVmT6JKBCvsIuj/92PerFQkH URvi9ElUgBnjxgZRfWKI35ROc69dfJ47l81SJ+ajvnXniyoD2aMtNzLg6lV5ScD9PBN0 hdng== X-Gm-Message-State: AHPjjUiCh5cZHN33CP1RyiCYUBy3moZvvMfnFfDdGdho2wwK0tgahR/O w32sN6M4uhpuzz0tPjDKlKxapq0fHNOa X-Google-Smtp-Source: ADKCNb4icQ562brL/0/6bnVMbF/+qaNJPqWwbsqck+OzarvDMESLfeIiHqF8Z0FljK4BJxSYq6If6Kd6rBDKgjPf/Uk= X-Received: by 10.36.26.200 with SMTP id 191mr909995iti.139.1504306913651; Fri, 01 Sep 2017 16:01:53 -0700 (PDT) MIME-Version: 1.0 Received: by 10.79.15.80 with HTTP; Fri, 1 Sep 2017 16:01:52 -0700 (PDT) In-Reply-To: <201709012252.v81MqIDH057442@repo.freebsd.org> References: <201709012252.v81MqIDH057442@repo.freebsd.org> From: Xin LI Date: Fri, 1 Sep 2017 16:01:52 -0700 Message-ID: Subject: Re: svn commit: r323124 - in stable/10: crypto/openssh crypto/openssh/contrib crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-compat crypt... To: =?UTF-8?Q?Dag=2DErling_Sm=C3=B8rgrav?= Cc: "src-committers@freebsd.org" , "svn-src-all@freebsd.org" , svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Sep 2017 23:01:56 -0000 Thanks! On Fri, Sep 1, 2017 at 3:52 PM, Dag-Erling Sm=C3=B8rgrav = wrote: > Author: des > Date: Fri Sep 1 22:52:18 2017 > New Revision: 323124 > URL: https://svnweb.freebsd.org/changeset/base/323124 > > Log: > Upgrade OpenSSH to 7.3p1. > > This is the last version of OpenSSH which does not break compatibility > more than we can live with in a stable branch. Further commits will > follow to backport some bug fixes from newer versions. > > The sshd breakage in the previous attempt was due to an upstream bug > (a 0 was changed to a 1 while refactoring send_rexec_state() in sshd.c) > which only manifested itself when sshd was built with SSH 1 support. > > Approved by: re@ > > Added: > stable/10/crypto/openssh/.skipped-commit-ids > - copied unchanged from r323120, stable/10/crypto/openssh/.skipped-c= ommit-ids > stable/10/crypto/openssh/openbsd-compat/bsd-err.c > - copied unchanged from r323120, stable/10/crypto/openssh/openbsd-co= mpat/bsd-err.c > stable/10/crypto/openssh/platform-tracing.c > - copied unchanged from r323120, stable/10/crypto/openssh/platform-t= racing.c > stable/10/crypto/openssh/regress/cfginclude.sh > - copied unchanged from r323120, stable/10/crypto/openssh/regress/cf= ginclude.sh > stable/10/crypto/openssh/regress/misc/ > - copied from r323120, stable/10/crypto/openssh/regress/misc/ > stable/10/crypto/openssh/regress/sshcfgparse.sh > - copied unchanged from r323120, stable/10/crypto/openssh/regress/ss= hcfgparse.sh > stable/10/crypto/openssh/regress/unittests/utf8/ > - copied from r323120, stable/10/crypto/openssh/regress/unittests/ut= f8/ > stable/10/crypto/openssh/utf8.c > - copied unchanged from r323120, stable/10/crypto/openssh/utf8.c > stable/10/crypto/openssh/utf8.h > - copied unchanged from r323120, stable/10/crypto/openssh/utf8.h > Deleted: > stable/10/crypto/openssh/.cvsignore > stable/10/crypto/openssh/openbsd-compat/.cvsignore > stable/10/crypto/openssh/openbsd-compat/regress/.cvsignore > stable/10/crypto/openssh/regress/.cvsignore > stable/10/crypto/openssh/roaming.h > stable/10/crypto/openssh/scard/ > Modified: > stable/10/crypto/openssh/ChangeLog > stable/10/crypto/openssh/INSTALL > stable/10/crypto/openssh/Makefile.in > stable/10/crypto/openssh/PROTOCOL > stable/10/crypto/openssh/PROTOCOL.agent > stable/10/crypto/openssh/PROTOCOL.certkeys > stable/10/crypto/openssh/PROTOCOL.chacha20poly1305 > stable/10/crypto/openssh/README > stable/10/crypto/openssh/audit-linux.c > stable/10/crypto/openssh/auth-krb5.c > stable/10/crypto/openssh/auth-options.c > stable/10/crypto/openssh/auth-pam.c > stable/10/crypto/openssh/auth-pam.h > stable/10/crypto/openssh/auth-passwd.c > stable/10/crypto/openssh/auth-rh-rsa.c > stable/10/crypto/openssh/auth-rhosts.c > stable/10/crypto/openssh/auth.c > stable/10/crypto/openssh/auth.h > stable/10/crypto/openssh/auth2-chall.c > stable/10/crypto/openssh/auth2-hostbased.c > stable/10/crypto/openssh/auth2.c > stable/10/crypto/openssh/authfile.c > stable/10/crypto/openssh/canohost.c > stable/10/crypto/openssh/canohost.h > stable/10/crypto/openssh/channels.c > stable/10/crypto/openssh/cipher-bf1.c > stable/10/crypto/openssh/cipher.c > stable/10/crypto/openssh/clientloop.c > stable/10/crypto/openssh/compat.c > stable/10/crypto/openssh/config.h > stable/10/crypto/openssh/configure.ac > stable/10/crypto/openssh/contrib/cygwin/README > stable/10/crypto/openssh/contrib/redhat/openssh.spec > stable/10/crypto/openssh/contrib/ssh-copy-id > stable/10/crypto/openssh/contrib/suse/openssh.spec > stable/10/crypto/openssh/defines.h > stable/10/crypto/openssh/dh.c > stable/10/crypto/openssh/dh.h > stable/10/crypto/openssh/freebsd-configure.sh > stable/10/crypto/openssh/kex.c > stable/10/crypto/openssh/kex.h > stable/10/crypto/openssh/kexc25519.c > stable/10/crypto/openssh/kexdh.c > stable/10/crypto/openssh/kexdhc.c > stable/10/crypto/openssh/kexdhs.c > stable/10/crypto/openssh/kexgexs.c > stable/10/crypto/openssh/key.c > stable/10/crypto/openssh/log.c > stable/10/crypto/openssh/log.h > stable/10/crypto/openssh/mac.c > stable/10/crypto/openssh/mac.h > stable/10/crypto/openssh/misc.c > stable/10/crypto/openssh/misc.h > stable/10/crypto/openssh/moduli > stable/10/crypto/openssh/monitor.c > stable/10/crypto/openssh/monitor_fdpass.c > stable/10/crypto/openssh/monitor_wrap.c > stable/10/crypto/openssh/monitor_wrap.h > stable/10/crypto/openssh/mux.c > stable/10/crypto/openssh/myproposal.h > stable/10/crypto/openssh/opacket.h > stable/10/crypto/openssh/openbsd-compat/Makefile.in > stable/10/crypto/openssh/openbsd-compat/arc4random.c > stable/10/crypto/openssh/openbsd-compat/bindresvport.c > stable/10/crypto/openssh/openbsd-compat/bsd-asprintf.c > stable/10/crypto/openssh/openbsd-compat/bsd-misc.c > stable/10/crypto/openssh/openbsd-compat/bsd-misc.h > stable/10/crypto/openssh/openbsd-compat/bsd-snprintf.c > stable/10/crypto/openssh/openbsd-compat/inet_aton.c > stable/10/crypto/openssh/openbsd-compat/openbsd-compat.h > stable/10/crypto/openssh/openbsd-compat/port-solaris.h > stable/10/crypto/openssh/openbsd-compat/vis.c > stable/10/crypto/openssh/openbsd-compat/vis.h > stable/10/crypto/openssh/openbsd-compat/xcrypt.c > stable/10/crypto/openssh/packet.c > stable/10/crypto/openssh/packet.h > stable/10/crypto/openssh/pathnames.h > stable/10/crypto/openssh/platform.c > stable/10/crypto/openssh/platform.h > stable/10/crypto/openssh/progressmeter.c > stable/10/crypto/openssh/readconf.c > stable/10/crypto/openssh/readconf.h > stable/10/crypto/openssh/regress/Makefile > stable/10/crypto/openssh/regress/agent-getpeereid.sh > stable/10/crypto/openssh/regress/cert-hostkey.sh > stable/10/crypto/openssh/regress/cert-userkey.sh > stable/10/crypto/openssh/regress/cfgparse.sh > stable/10/crypto/openssh/regress/connect-privsep.sh > stable/10/crypto/openssh/regress/forwarding.sh > stable/10/crypto/openssh/regress/integrity.sh > stable/10/crypto/openssh/regress/modpipe.c > stable/10/crypto/openssh/regress/netcat.c > stable/10/crypto/openssh/regress/test-exec.sh > stable/10/crypto/openssh/regress/unittests/Makefile > stable/10/crypto/openssh/regress/unittests/sshbuf/test_sshbuf_misc.c > stable/10/crypto/openssh/regress/unittests/sshkey/test_sshkey.c > stable/10/crypto/openssh/regress/unittests/test_helper/Makefile > stable/10/crypto/openssh/sandbox-seccomp-filter.c > stable/10/crypto/openssh/scp.1 > stable/10/crypto/openssh/scp.c > stable/10/crypto/openssh/servconf.c > stable/10/crypto/openssh/serverloop.c > stable/10/crypto/openssh/session.c > stable/10/crypto/openssh/session.h > stable/10/crypto/openssh/sftp-client.c > stable/10/crypto/openssh/sftp-server.c > stable/10/crypto/openssh/sftp.1 > stable/10/crypto/openssh/sftp.c > stable/10/crypto/openssh/ssh-agent.1 > stable/10/crypto/openssh/ssh-agent.c > stable/10/crypto/openssh/ssh-dss.c > stable/10/crypto/openssh/ssh-ecdsa.c > stable/10/crypto/openssh/ssh-ed25519.c > stable/10/crypto/openssh/ssh-keygen.1 > stable/10/crypto/openssh/ssh-keygen.c > stable/10/crypto/openssh/ssh-keyscan.c > stable/10/crypto/openssh/ssh-rsa.c > stable/10/crypto/openssh/ssh.1 > stable/10/crypto/openssh/ssh.c > stable/10/crypto/openssh/ssh1.h > stable/10/crypto/openssh/ssh2.h > stable/10/crypto/openssh/ssh_api.c > stable/10/crypto/openssh/ssh_config > stable/10/crypto/openssh/ssh_config.5 > stable/10/crypto/openssh/ssh_namespace.h > stable/10/crypto/openssh/sshbuf-getput-basic.c > stable/10/crypto/openssh/sshbuf-misc.c > stable/10/crypto/openssh/sshbuf.h > stable/10/crypto/openssh/sshconnect2.c > stable/10/crypto/openssh/sshd.c > stable/10/crypto/openssh/sshd_config > stable/10/crypto/openssh/sshd_config.5 > stable/10/crypto/openssh/sshkey.c > stable/10/crypto/openssh/sshkey.h > stable/10/crypto/openssh/ttymodes.c > stable/10/crypto/openssh/ttymodes.h > stable/10/crypto/openssh/version.h > stable/10/secure/lib/libssh/Makefile > > Copied: stable/10/crypto/openssh/.skipped-commit-ids (from r323120, stabl= e/10/crypto/openssh/.skipped-commit-ids) > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > +++ stable/10/crypto/openssh/.skipped-commit-ids Fri Sep 1 22:52:= 18 2017 (r323124, copy of r323120, stable/10/crypto/openssh/.skipped= -commit-ids) > @@ -0,0 +1,11 @@ > +321065a95a7ccebdd5fd08482a1e19afbf524e35 Update DH groups > +d4f699a421504df35254cf1c6f1a7c304fb907ca Remove 1k bit groups > +aafe246655b53b52bc32c8a24002bc262f4230f7 Remove intermediate modul= i > +8fa9cd1dee3c3339ae329cf20fb591db6d605120 put back SSH1 for 6.9 > +f31327a48dd4103333cc53315ec53fe65ed8a17a Generate new moduli > +edbfde98c40007b7752a4ac106095e060c25c1ef Regen moduli > +052fd565e3ff2d8cec3bc957d1788f50c827f8e2 Switch to tame-based sand= box > +7cf73737f357492776223da1c09179fa6ba74660 Remove moduli <2k > +180d84674be1344e45a63990d60349988187c1ae Update moduli > +f6ae971186ba68d066cd102e57d5b0b2c211a5ee systrace is dead. > +96c5054e3e1f170c6276902d5bc65bb3b87a2603 remove DEBUGLIBS from Mak= efile > > Modified: stable/10/crypto/openssh/ChangeLog > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- stable/10/crypto/openssh/ChangeLog Fri Sep 1 22:37:49 2017 (= r323123) > +++ stable/10/crypto/openssh/ChangeLog Fri Sep 1 22:52:18 2017 (= r323124) > @@ -1,17 +1,1848 @@ > -commit 5c35450a0c901d9375fb23343a8dc82397da5f75 > +commit 99522ba7ec6963a05c04a156bf20e3ba3605987c > Author: Damien Miller > -Date: Thu Mar 10 05:04:48 2016 +1100 > +Date: Thu Jul 28 08:54:27 2016 +1000 > > - update versions for release > + define _OPENBSD_SOURCE for reallocarray on NetBSD > + > + Report by and debugged with Hisashi T Fujinaka, dtucker nailed > + the problem (lack of prototype causing return type confusion). > > -commit 9d47b8d3f50c3a6282896df8274147e3b9a38c56 > +commit 3e1e076550c27c6bbdddf36d8f42bd79fbaaa187 > Author: Damien Miller > -Date: Thu Mar 10 05:03:39 2016 +1100 > +Date: Wed Jul 27 08:25:42 2016 +1000 > > - sanitise characters destined for xauth(1) > + KNF > + > +commit d99ee9c4e5e217e7d05eeec84e9ce641f4675331 > +Author: Damien Miller > +Date: Wed Jul 27 08:25:23 2016 +1000 > + > + Linux auditing also needs packet.h > + > +commit 393bd381a45884b589baa9aed4394f1d250255ca > +Author: Damien Miller > +Date: Wed Jul 27 08:18:05 2016 +1000 > + > + fix auditing on Linux > > - reported by github.com/tintinweb > + get_remote_ipaddr() was replaced with ssh_remote_ipaddr() > > +commit 80e766fb089de4f3c92b1600eb99e9495e37c992 > +Author: Damien Miller > +Date: Sun Jul 24 21:50:13 2016 +1000 > + > + crank version numbers > + > +commit b1a478792d458f2e938a302e64bab2b520edc1b3 > +Author: djm@openbsd.org > +Date: Sun Jul 24 11:45:36 2016 +0000 > + > + upstream commit > + > + openssh-7.3 > + > + Upstream-ID: af106a7eb665f642648cf1993e162c899f358718 > + > +commit 353766e0881f069aeca30275ab706cd60a1a8fdd > +Author: Darren Tucker > +Date: Sat Jul 23 16:14:42 2016 +1000 > + > + Move Cygwin IPPORT_RESERVED overrride to defines.h > + > + Patch from vinschen at redhat.com. > + > +commit 368dd977ae07afb93f4ecea23615128c95ab2b32 > +Author: djm@openbsd.org > +Date: Sat Jul 23 02:54:08 2016 +0000 > + > + upstream commit > + > + fix pledge violation with ssh -f; reported by Valentin > + Kozamernik ok dtucker@ > + > + Upstream-ID: a61db7988db88d9dac3c4dd70e18876a8edf84aa > + > +commit f00211e3c6d24d6ea2b64b4b1209f671f6c1d42e > +Author: djm@openbsd.org > +Date: Fri Jul 22 07:00:46 2016 +0000 > + > + upstream commit > + > + improve wording; suggested by jmc@ > + > + Upstream-ID: 55cb0a24c8e0618b3ceec80998dc82c85db2d2f8 > + > +commit 83cbca693c3b0719270e6a0f2efe3f9ee93a65b8 > +Author: dtucker@openbsd.org > +Date: Fri Jul 22 05:46:11 2016 +0000 > + > + upstream commit > + > + Lower loglevel for "Authenticated with partial success" > + message similar to other similar level. bz#2599, patch from cgallek= at > + gmail.com, ok markus@ > + > + Upstream-ID: 3faab814e947dc7b2e292edede23e94c608cb4dd > + > +commit 10358abd087ab228b7ce2048efc4f3854a9ab9a6 > +Author: Damien Miller > +Date: Fri Jul 22 14:06:36 2016 +1000 > + > + retry waitpid on EINTR failure > + > + patch from Jakub Jelen on bz#2581; ok dtucker@ > + > +commit da88a70a89c800e74ea8e5661ffa127a3cc79a92 > +Author: djm@openbsd.org > +Date: Fri Jul 22 03:47:36 2016 +0000 > + > + upstream commit > + > + constify a few functions' arguments; patch from Jakub > + Jelen bz#2581 > + > + Upstream-ID: f2043f51454ea37830ff6ad60c8b32b4220f448d > + > +commit c36d91bd4ebf767f310f7cea88d61d1c15f53ddf > +Author: djm@openbsd.org > +Date: Fri Jul 22 03:39:13 2016 +0000 > + > + upstream commit > + > + move debug("%p", key) to before key is free'd; probable > + undefined behaviour on strict compilers; reported by Jakub Jelen bz#= 2581 > + > + Upstream-ID: 767f323e1f5819508a0e35e388ec241bac2f953a > + > +commit 286f5a77c3bfec1e8892ca268087ac885ac871bf > +Author: djm@openbsd.org > +Date: Fri Jul 22 03:35:11 2016 +0000 > + > + upstream commit > + > + reverse the order in which -J/JumpHost proxies are visited to > + be more intuitive and document > + > + reported by and manpage bits naddy@ > + > + Upstream-ID: 3a68fd6a841fd6cf8cedf6552a9607ba99df179a > + > +commit fcd135c9df440bcd2d5870405ad3311743d78d97 > +Author: dtucker@openbsd.org > +Date: Thu Jul 21 01:39:35 2016 +0000 > + > + upstream commit > + > + Skip passwords longer than 1k in length so clients can't > + easily DoS sshd by sending very long passwords, causing it to spend = CPU > + hashing them. feedback djm@, ok markus@. > + > + Brought to our attention by tomas.kuthan at oracle.com, shilei-c at > + 360.cn and coredump at autistici.org > + > + Upstream-ID: d0af7d4a2190b63ba1d38eec502bc4be0be9e333 > + > +commit 324583e8fb3935690be58790425793df619c6d4d > +Author: naddy@openbsd.org > +Date: Wed Jul 20 10:45:27 2016 +0000 > + > + upstream commit > + > + Do not clobber the global jump_host variables when > + parsing an inactive configuration. ok djm@ > + > + Upstream-ID: 5362210944d91417d5976346d41ac0b244350d31 > + > +commit 32d921c323b989d28405e78d0a8923d12913d737 > +Author: jmc@openbsd.org > +Date: Tue Jul 19 12:59:16 2016 +0000 > + > + upstream commit > + > + tweak previous; > + > + Upstream-ID: f3c1a5b3f05dff366f60c028728a2b43f15ff534 > + > +commit d7eabc86fa049a12ba2c3fb198bd1d51b37f7025 > +Author: dtucker@openbsd.org > +Date: Tue Jul 19 11:38:53 2016 +0000 > + > + upstream commit > + > + Allow wildcard for PermitOpen hosts as well as ports. > + bz#2582, patch from openssh at mzpqnxow.com and jjelen at redhat.com= . ok > + markus@ > + > + Upstream-ID: af0294e9b9394c4e16e991424ca0a47a7cc605f2 > + > +commit b98a2a8348e907b3d71caafd80f0be8fdd075943 > +Author: markus@openbsd.org > +Date: Mon Jul 18 11:35:33 2016 +0000 > + > + upstream commit > + > + Reduce timing attack against obsolete CBC modes by always > + computing the MAC over a fixed size of data. Reported by Jean Paul > + Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok dj= m@ > + > + Upstream-ID: f20a13279b00ba0afbacbcc1f04e62e9d41c2912 > + > +commit dbf788b4d9d9490a5fff08a7b09888272bb10fcc > +Author: Darren Tucker > +Date: Thu Jul 21 14:17:31 2016 +1000 > + > + Search users for one with a valid salt. > + > + If the root account is locked (eg password "!!" or "*LK*") keep look= ing > + until we find a user with a valid salt to use for crypting passwords= of > + invalid users. ok djm@ > + > +commit e8b58f48fbb1b524fb4f0d4865fa0005d6a4b782 > +Author: Darren Tucker > +Date: Mon Jul 18 17:22:49 2016 +1000 > + > + Explicitly specify source files for regress tools. > + > + Since adding $(REGRESSLIBS), $? is wrong because it includes only th= e > + changed source files. $< seems like it'd be right however it doesn'= t > + seem to work on some non-GNU makes, so do what works everywhere. > + > +commit eac1bbd06872c273f16ac0f9976b0aef026b701b > +Author: Darren Tucker > +Date: Mon Jul 18 17:12:22 2016 +1000 > + > + Conditionally include err.h. > + > +commit 0a454147568746c503f669e1ba861f76a2e7a585 > +Author: Darren Tucker > +Date: Mon Jul 18 16:26:26 2016 +1000 > + > + Remove local implementation of err, errx. > + > + We now have a shared implementation in libopenbsd-compat. > + > +commit eb999a4590846ba4d56ddc90bd07c23abfbab7b1 > +Author: djm@openbsd.org > +Date: Mon Jul 18 06:08:01 2016 +0000 > + > + upstream commit > + > + Add some unsigned overflow checks for extra_pad. None of > + these are reachable with the amount of padding that we use internall= y. > + bz#2566, pointed out by Torben Hansen. ok markus@ > + > + Upstream-ID: 4d4be8450ab2fc1b852d5884339f8e8c31c3fd76 > + > +commit c71ba790c304545464bb494de974cdf0f4b5cf1e > +Author: Darren Tucker > +Date: Mon Jul 18 15:43:25 2016 +1000 > + > + Add dependency on libs for unit tests. > + > + Makes "./configure && make tests" work again. ok djm@ > + > +commit 8199d0311aea3e6fd0284c9025e7a83f4ece79e8 > +Author: Darren Tucker > +Date: Mon Jul 18 13:47:39 2016 +1000 > + > + Correct location for kexfuzz in clean target. > + > +commit 01558b7b07af43da774d3a11a5c51fa9c310849d > +Author: Darren Tucker > +Date: Mon Jul 18 09:33:25 2016 +1000 > + > + Handle PAM_MAXTRIES from modules. > + > + bz#2249: handle the case where PAM returns PAM_MAXTRIES by ceasing t= o offer > + password and keyboard-interative authentication methods. Should pre= vent > + "sshd ignoring max retries" warnings in the log. ok djm@ > + > + It probably won't trigger with keyboard-interactive in the default > + configuration because the retry counter is stored in module-private > + storage which goes away with the sshd PAM process (see bz#688). On = the > + other hand, those cases probably won't log a warning either. > + > +commit 65c6c6b567ab5ab12945a5ad8e0ab3a8c26119cc > +Author: djm@openbsd.org > +Date: Sun Jul 17 04:20:16 2016 +0000 > + > + upstream commit > + > + support UTF-8 characters in ssh(1) banners using > + schwarze@'s safe fmprintf printer; bz#2058 > + > + feedback schwarze@ ok dtucker@ > + > + Upstream-ID: a72ce4e3644c957643c9524eea2959e41b91eea7 > + > +commit e4eb7d910976fbfc7ce3e90c95c11b07b483d0d7 > +Author: jmc@openbsd.org > +Date: Sat Jul 16 06:57:55 2016 +0000 > + > + upstream commit > + > + - add proxyjump to the options list - formatting fixes - > + update usage() > + > + ok djm > + > + Upstream-ID: 43d318e14ce677a2eec8f21ef5ba2f9f68a59457 > + > +commit af1f084857621f14bd9391aba8033d35886c2455 > +Author: dtucker@openbsd.org > +Date: Fri Jul 15 05:01:58 2016 +0000 > + > + upstream commit > + > + Reduce the syslog level of some relatively common protocol > + events from LOG_CRIT by replacing fatal() calls with logdie(). Part= of > + bz#2585, ok djm@ > + > + Upstream-ID: 9005805227c94edf6ac02a160f0e199638d288e5 > + > +commit bd5f2b78b69cf38d6049a0de445a79c8595e4a1f > +Author: Damien Miller > +Date: Fri Jul 15 19:14:48 2016 +1000 > + > + missing openssl/dh.h > + > +commit 4a984fd342effe5f0aad874a0d538c4322d973c0 > +Author: Damien Miller > +Date: Fri Jul 15 18:47:07 2016 +1000 > + > + cast to avoid type warning in error message > + > +commit 5abfb15ced985c340359ae7fb65a625ed3692b3e > +Author: Darren Tucker > +Date: Fri Jul 15 14:48:30 2016 +1000 > + > + Move VA_COPY macro into compat header. > + > + Some AIX compilers unconditionally undefine va_copy but don't set it= back > + to an internal function, causing link errors. In some compat code w= e > + already use VA_COPY instead so move the two existing instances into = the > + shared header and use for sshbuf-getput-basic.c too. Should fix bui= lding > + with at lease some versions of AIX's compiler. bz#2589, ok djm@ > + > +commit 832b7443b7a8e181c95898bc5d73497b7190decd > +Author: Damien Miller > +Date: Fri Jul 15 14:45:34 2016 +1000 > + > + disable ciphers not supported by OpenSSL > + > + bz#2466 ok dtucker@ > + > +commit 5fbe93fc6fbb2fe211e035703dec759d095e3dd8 > +Author: Damien Miller > +Date: Fri Jul 15 13:54:31 2016 +1000 > + > + add a --disable-pkcs11 knob > + > +commit 679ce88ec2a8e2fe6515261c489e8c1449bb9da9 > +Author: Damien Miller > +Date: Fri Jul 15 13:44:38 2016 +1000 > + > + fix newline escaping for unsupported_algorithms > + > + The hmac-ripemd160 was incorrect and could lead to broken > + Makefiles on systems that lacked support for it, but I made > + all the others consistent too. > + > +commit ed877ef653847d056bb433975d731b7a1132a979 > +Author: djm@openbsd.org > +Date: Fri Jul 15 00:24:30 2016 +0000 > + > + upstream commit > + > + Add a ProxyJump ssh_config(5) option and corresponding -J > + ssh(1) command-line flag to allow simplified indirection through a S= SH > + bastion or "jump host". > + > + These options construct a proxy command that connects to the > + specified jump host(s) (more than one may be specified) and uses > + port-forwarding to establish a connection to the next destination. > + > + This codifies the safest way of indirecting connections through SSH > + servers and makes it easy to use. > + > + ok markus@ > + > + Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397 > + > +commit 5c02dd126206a26785379e80f2d3848e4470b711 > +Author: Darren Tucker > +Date: Fri Jul 15 12:56:39 2016 +1000 > + > + Map umac_ctx struct name too. > + > + Prevents size mismatch linker warnings on Solaris 11. > + > +commit 283b97ff33ea2c641161950849931bd578de6946 > +Author: Darren Tucker > +Date: Fri Jul 15 13:49:44 2016 +1000 > + > + Mitigate timing of disallowed users PAM logins. > + > + When sshd decides to not allow a login (eg PermitRootLogin=3Dno) and > + it's using PAM, it sends a fake password to PAM so that the timing f= or > + the failure is not noticeably different whether or not the password > + is correct. This behaviour can be detected by sending a very long > + password string which is slower to hash than the fake password. > + > + Mitigate by constructing an invalid password that is the same length > + as the one from the client and thus takes the same time to hash. > + Diff from djm@ > + > +commit 9286875a73b2de7736b5e50692739d314cd8d9dc > +Author: Darren Tucker > +Date: Fri Jul 15 13:32:45 2016 +1000 > + > + Determine appropriate salt for invalid users. > + > + When sshd is processing a non-PAM login for a non-existent user it u= ses > + the string from the fakepw structure as the salt for crypt(3)ing the > + password supplied by the client. That string has a Blowfish prefix,= so on > + systems that don't understand that crypt will fail fast due to an in= valid > + salt, and even on those that do it may have significantly different = timing > + from the hash methods used for real accounts (eg sha512). This allo= ws > + user enumeration by, eg, sending large password strings. This was n= oted > + by EddieEzra.Harari at verint.com (CVE-2016-6210). > + > + To mitigate, use the same hash algorithm that root uses for hashing > + passwords for users that do not exist on the system. ok djm@ > + > +commit a162dd5e58ca5b224d7500abe35e1ef32b5de071 > +Author: Darren Tucker > +Date: Thu Jul 14 21:19:59 2016 +1000 > + > + OpenSSL 1.1.x not currently supported. > + > +commit 7df91b01fc558a33941c5c5f31abbcdc53a729fb > +Author: Darren Tucker > +Date: Thu Jul 14 12:25:24 2016 +1000 > + > + Check for VIS_ALL. > + > + If we don't have it, set BROKEN_STRNVIS to activate the compat repla= cement. > + > +commit ee67716f61f1042d5e67f91c23707cca5dcdd7d0 > +Author: dtucker@openbsd.org > +Date: Thu Jul 14 01:24:21 2016 +0000 > + > + upstream commit > + > + Correct equal in test. > + > + Upstream-Regress-ID: 4e32f7a5c57a619c4e8766cb193be2a1327ec37a > + > +commit 372807c2065c8572fdc6478b25cc5ac363743073 > +Author: tb@openbsd.org > +Date: Mon Jul 11 21:38:13 2016 +0000 > + > + upstream commit > + > + Add missing "recvfd" pledge promise: Raf Czlonka reported > + ssh coredumps when Control* keywords were set in ssh_config. This pa= tch also > + fixes similar problems with scp and sftp. > + > + ok deraadt, looks good to millert > + > + Upstream-ID: ca2099eade1ef3e87a79614fefa26a0297ad8a3b > + > +commit e0453f3df64bf485c61c7eb6bd12893eee9fe2cd > +Author: tedu@openbsd.org > +Date: Mon Jul 11 03:19:44 2016 +0000 > + > + upstream commit > + > + obsolete note about fascistloggin is obsolete. ok djm > + dtucker > + > + Upstream-ID: dae60df23b2bb0e89f42661ddd96a7b0d1b7215a > + > +commit a2333584170a565adf4f209586772ef8053b10b8 > +Author: Darren Tucker > +Date: Thu Jul 14 10:59:09 2016 +1000 > + > + Add compat code for missing wcwidth. > + > + If we don't have wcwidth force fallback implementations of nl_langin= fo > + and mbtowc. Based on advice from Ingo Schwarze. > + > +commit 8aaec7050614494014c47510b7e94daf6e644c62 > +Author: Damien Miller > +Date: Thu Jul 14 09:48:48 2016 +1000 > + > + fix missing include for systems with err.h > + > +commit 6310ef27a2567cda66d6cf0c1ad290ee1167f243 > +Author: Darren Tucker > +Date: Wed Jul 13 14:42:35 2016 +1000 > + > + Move err.h replacements into compat lib. > + > + Move implementations of err.h replacement functions into their own f= ile > + in the libopenbsd-compat so we can use them in kexfuzz.c too. ok dj= m@ > + > +commit f3f2cc8386868f51440c45210098f65f9787449a > +Author: Darren Tucker > +Date: Mon Jul 11 17:23:38 2016 +1000 > + > + Check for wchar.h and langinfo.h > + > + Wrap includes in the appropriate #ifdefs. > + > +commit b9c50614eba9d90939b2b119b6e1b7e03b462278 > +Author: Damien Miller > +Date: Fri Jul 8 13:59:13 2016 +1000 > + > + whitelist more architectures for seccomp-bpf > + > + bz#2590 - testing and patch from Jakub Jelen > + > +commit 18813a32b6fd964037e0f5e1893cb4468ac6a758 > +Author: guenther@openbsd.org > +Date: Mon Jul 4 18:01:44 2016 +0000 > + > + upstream commit > + > + DEBUGLIBS has been broken since the gcc4 switch, so delete > + it. CFLAGS contains -g by default anyway > + > + problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) > + ok millert@ kettenis@ deraadt@ > + > + Upstream-Regress-ID: 4a0bb72f95c63f2ae9daa8a040ac23914bddb542 > + > +commit 6d31193d0baa3da339c196ac49625b7ba1c2ecc7 > +Author: djm@openbsd.org > +Date: Fri Jul 8 03:44:42 2016 +0000 > + > + upstream commit > + > + Improve crypto ordering for Encrypt-then-MAC (EtM) mode > + MAC algorithms. > + > + Previously we were computing the MAC, decrypting the packet and then > + checking the MAC. This gave rise to the possibility of creating a > + side-channel oracle in the decryption step, though no such oracle ha= s > + been identified. > + > + This adds a mac_check() function that computes and checks the MAC in > + one pass, and uses it to advance MAC checking for EtM algorithms to > + before payload decryption. > + > + Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and > + Martin Albrecht. feedback and ok markus@ > + > + Upstream-ID: 1999bb67cab47dda5b10b80d8155fe83d4a1867b > + > +commit 71f5598f06941f645a451948c4a5125c83828e1c > +Author: guenther@openbsd.org > +Date: Mon Jul 4 18:01:44 2016 +0000 > + > + upstream commit > + > + DEBUGLIBS has been broken since the gcc4 switch, so > + delete it. CFLAGS contains -g by default anyway > + > + problem noted by Edgar Pettijohn (edgar (at) pettijohn-web.com) > + ok millert@ kettenis@ deraadt@ > + > + Upstream-ID: 96c5054e3e1f170c6276902d5bc65bb3b87a2603 > + > +commit e683fc6f1c8c7295648dbda679df8307786ec1ce > +Author: dtucker@openbsd.org > +Date: Thu Jun 30 05:17:05 2016 +0000 > + > + upstream commit > + > + Explicitly check for 100% completion to avoid potential > + floating point rounding error, which could cause progressmeter to re= port 99% > + on completion. While there invert the test so the 100% case is clear= er. with > + & ok djm@ > + > + Upstream-ID: a166870c5878e422f3c71ff802e2ccd7032f715d > + > +commit 772e6cec0ed740fc7db618dc30b4134f5a358b43 > +Author: jmc@openbsd.org > +Date: Wed Jun 29 17:14:28 2016 +0000 > + > + upstream commit > + > + sort the -o list; > + > + Upstream-ID: 1a97465ede8790b4d47cb618269978e07f41f8ac > + > +commit 46ecd19e554ccca15a7309cd1b6b44bc8e6b84af > +Author: djm@openbsd.org > +Date: Thu Jun 23 05:17:51 2016 +0000 > + > + upstream commit > + > + fix AuthenticationMethods during configuration re-parse; > + reported by Juan Francisco Cantero Hurtado > + > + Upstream-ID: 8ffa1dac25c7577eca8238e825317ab20848f9b4 > + > +commit 3147e7595d0f2f842a666c844ac53e6c7a253d7e > +Author: djm@openbsd.org > +Date: Sun Jun 19 07:48:02 2016 +0000 > + > + upstream commit > + > + revert 1.34; causes problems loading public keys > + > + reported by semarie@ > + > + Upstream-ID: b393794f8935c8b15d98a407fe7721c62d2ed179 > + > +commit ad23a75509f4320d43f628c50f0817e3ad12bfa7 > +Author: jmc@openbsd.org > +Date: Fri Jun 17 06:33:30 2016 +0000 > + > + upstream commit > + > + grammar fix; > + > + Upstream-ID: 5d5b21c80f1e81db367333ce0bb3e5874fb3e463 > + > +commit 5e28b1a2a3757548b40018cc2493540a17c82e27 > +Author: djm@openbsd.org > +Date: Fri Jun 17 05:06:23 2016 +0000 > + > + upstream commit > + > + translate OpenSSL error codes to something more > + meaninful; bz#2522 reported by Jakub Jelen, ok dtucker@ > + > + Upstream-ID: 4cb0795a366381724314e6515d57790c5930ffe5 > + > +commit b64faeb5eda7eff8210c754d00464f9fe9d23de5 > +Author: djm@openbsd.org > +Date: Fri Jun 17 05:03:40 2016 +0000 > + > + upstream commit > + > + ban AuthenticationMethods=3D"" and accept > + AuthenticationMethods=3Dany for the default behaviour of not requiri= ng multiple > + authentication > + > + bz#2398 from Jakub Jelen; ok dtucker@ > + > + Upstream-ID: fabd7f44d59e4518d241d0d01e226435cc23cf27 > + > +commit 9816fc5daee5ca924dd5c4781825afbaab728877 > +Author: dtucker@openbsd.org > +Date: Thu Jun 16 11:00:17 2016 +0000 > + > + upstream commit > + > + Include stdarg.h for va_copy as per man page. > + > + Upstream-ID: 105d6b2f1af2fbd9d91c893c436ab121434470bd > + > +commit b6cf84b51bc0f5889db48bf29a0c771954ade283 > +Author: jmc@openbsd.org > +Date: Thu Jun 16 06:10:45 2016 +0000 > + > + upstream commit > + > + keys stored in openssh format can have comments too; diff > + from yonas yanfa, tweaked a bit; > + > + ok djm > + > + Upstream-ID: 03d48536da6e51510d73ade6fcd44ace731ceb27 > + > +commit aa37768f17d01974b6bfa481e5e83841b6c76f86 > +Author: Darren Tucker > +Date: Mon Jun 20 15:55:34 2016 +1000 > + > + get_remote_name_or_ip inside LOGIN_NEEDS_UTMPX > + > + Apply the same get_remote_name_or_ip -> session_get_remote_name_or_i= p > + change as commit 95767262 to the code inside #ifdef LOGIN_NEEDS_UTMP= X. > + Fixes build on AIX. > + > +commit 009891afc8df37bc2101e15d1e0b6433cfb90549 > +Author: Darren Tucker > +Date: Fri Jun 17 14:34:09 2016 +1000 > + > + Remove duplicate code from PAM. ok djm@ > + > +commit e690fe85750e93fca1fb7c7c8587d4130a4f7aba > +Author: dtucker@openbsd.org > +Date: Wed Jun 15 00:40:40 2016 +0000 > + > + upstream commit > + > + Remove "POSSIBLE BREAK-IN ATTEMPT!" from log message > + about forward and reverse DNS not matching. We haven't supported IP= -based > + auth methods for a very long time so it's now misleading. part of b= z#2585, > + ok markus@ > + > + Upstream-ID: 5565ef0ee0599b27f0bd1d3bb1f8a323d8274e29 > + > +commit 57b4ee04cad0d3e0fec1194753b0c4d31e39a1cd > +Author: Darren Tucker > +Date: Wed Jun 15 11:22:38 2016 +1000 > + > + Move platform_disable_tracing into its own file. > + > + Prevents link errors resolving the extern "options" when platform.o > + gets linked into ssh-agent when building --with-pam. > + > +commit 78dc8e3724e30ee3e1983ce013e80277dc6ca070 > +Author: Darren Tucker > +Date: Tue Jun 14 13:55:12 2016 +1000 > + > + Track skipped upstream commit IDs. > + > + There are a small number of "upstream" commits that do not correspon= d to > + a file in -portable. This file tracks those so that we can reconcil= e > + OpenBSD and Portable to ensure that no commits are accidentally miss= ed. > + > + If you add something to .skipped-commit-ids please also add an upstr= eam > + ID line in the following format when you commit it. > + > + Upstream-ID: 321065a95a7ccebdd5fd08482a1e19afbf524e35 > + Upstream-ID: d4f699a421504df35254cf1c6f1a7c304fb907ca > + Upstream-ID: aafe246655b53b52bc32c8a24002bc262f4230f7 > + Upstream-ID: 8fa9cd1dee3c3339ae329cf20fb591db6d605120 > + Upstream-ID: f31327a48dd4103333cc53315ec53fe65ed8a17a > + Upstream-ID: edbfde98c40007b7752a4ac106095e060c25c1ef > + Upstream-ID: 052fd565e3ff2d8cec3bc957d1788f50c827f8e2 > + Upstream-ID: 7cf73737f357492776223da1c09179fa6ba74660 > + Upstream-ID: 180d84674be1344e45a63990d60349988187c1ae > + Upstream-ID: f6ae971186ba68d066cd102e57d5b0b2c211a5ee > + > +commit 9f919d1a3219d476d6a662d18df058e1c4f36a6f > +Author: Darren Tucker > +Date: Tue Jun 14 13:51:01 2016 +1000 > + > + Remove now-defunct .cvsignore files. ok djm > + > +commit 68777faf271efb2713960605c748f6c8a4b26d55 > +Author: dtucker@openbsd.org > +Date: Wed Jun 8 02:13:01 2016 +0000 > + > + upstream commit > + > + Back out rev 1.28 "Check min and max sizes sent by the > + client" change. It caused "key_verify failed for server_host_key" in= clients > + that send a DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH an= d PuTTY. > + ok djm@ > + > + Upstream-ID: 452979d3ca5c1e9dff063287ea0a5314dd091f65 > + > +commit a86ec4d0737ac5879223e7cd9d68c448df46e169 > +Author: Darren Tucker > +Date: Tue Jun 14 10:48:27 2016 +1000 > + > + Use Solaris setpflags(__PROC_PROTECT, ...). > + > + Where possible, use Solaris setpflags to disable process tracing on > + ssh-agent and sftp-server. bz#2584, based on a patch from huieying.= lee > + at oracle.com, ok djm. > + > +commit 0f916d39b039fdc0b5baf9b5ab0754c0f11ec573 > +Author: Darren Tucker > +Date: Tue Jun 14 10:43:53 2016 +1000 > + > + Shorten prctl code a tiny bit. > + > +commit 0fb7f5985351fbbcd2613d8485482c538e5123be > +Author: Darren Tucker > +Date: Thu Jun 9 16:23:07 2016 +1000 > + > + Move prctl PR_SET_DUMPABLE into platform.c. > + > + This should make it easier to add additional platform support such a= s > + Solaris (bz#2584). > + > +commit e6508898c3cd838324ecfe1abd0eb8cf802e7106 > +Author: dtucker@openbsd.org > +Date: Fri Jun 3 04:10:41 2016 +0000 > + > + upstream commit > + > + Add a test for ssh(1)'s config file parsing. > + > + Upstream-Regress-ID: 558b7f4dc45cc3761cc3d3e889b9f3c5bc91e601 > + > +commit ab0a536066dfa32def0bd7272c096ebb5eb25b11 > +Author: dtucker@openbsd.org > +Date: Fri Jun 3 03:47:59 2016 +0000 > + > + upstream commit > + > + Add 'sshd' to the test ID as I'm about to add a similar > + set for ssh. > + > + Upstream-Regress-ID: aea7a9c3bac638530165c801ce836875b228ae7a > + > +commit a5577c1ed3ecdfe4b7b1107c526cae886fc91afb > +Author: schwarze@openbsd.org > +Date: Mon May 30 12:14:08 2016 +0000 > + > + upstream commit > + > + stricter malloc.conf(5) options for utf8 tests > + > + Upstream-Regress-ID: 111efe20a0fb692fa1a987f6e823310f9b25abf6 > + > +commit 75f0844b4f29d62ec3a5e166d2ee94b02df819fc > +Author: schwarze@openbsd.org > +Date: Mon May 30 12:05:56 2016 +0000 > + > + upstream commit > + > + Fix two rare edge cases: 1. If vasprintf() returns < 0, > + do not access a NULL pointer in snmprintf(), and do not free() the = pointer > + returned from vasprintf() because on some systems other than OpenBS= D, it > + might be a bogus pointer. 2. If vasprintf() returns =3D=3D 0, retur= n 0 and "" > + rather than -1 and NULL. > + > + Besides, free(dst) is pointless after failure (not a bug). > + > + One half OK martijn@, the other half OK deraadt@; > + committing quickly before people get hurt. > + > + Upstream-Regress-ID: b164f20923812c9bac69856dbc1385eb1522cba4 > + > +commit 016881eb33a7948028848c90f4c7ac42e3af0e87 > +Author: schwarze@openbsd.org > +Date: Thu May 26 19:14:25 2016 +0000 > + > + upstream commit > + > + test the new utf8 module > + > + Upstream-Regress-ID: c923d05a20e84e4ef152cbec947fdc4ce6eabbe3 > + > +commit d4219028bdef448e089376f3afe81ef6079da264 > +Author: dtucker@openbsd.org > +Date: Tue May 3 15:30:46 2016 +0000 > + > + upstream commit > + > + Set umask to prevent "Bad owner or permissions" errors. > + > + Upstream-Regress-ID: 8fdf2fc4eb595ccd80c443f474d639f851145417 > + > +commit 07d5608bb237e9b3fe86a2aeaa429392230faebf > +Author: djm@openbsd.org > +Date: Tue May 3 14:41:04 2016 +0000 > + > + upstream commit > + > + support doas > + > + Upstream-Regress-ID: 8d5572b27ea810394eeda432d8b4e9e1064a7c38 > + > +commit 01cabf10adc7676cba5f40536a34d3b246edb73f > +Author: djm@openbsd.org > +Date: Tue May 3 13:48:33 2016 +0000 > + > + upstream commit > + > + unit tests for sshbuf_dup_string() > + > + Upstream-Regress-ID: 7521ff150dc7f20511d1c2c48fd3318e5850a96d > + > +commit 6915f1698e3d1dd4e22eac20f435e1dfc1d46372 > +Author: jmc@openbsd.org > +Date: Fri Jun 3 06:44:12 2016 +0000 > + > + upstream commit > + > + tweak previous; > + > + Upstream-ID: 92979f1a0b63e041a0e5b08c9ed0ba9b683a3698 > + > +commit 0cb2f4c2494b115d0f346ed2d8b603ab3ba643f4 > +Author: dtucker@openbsd.org > +Date: Fri Jun 3 04:09:38 2016 +0000 > + > + upstream commit > + > + Allow ExitOnForwardFailure and ClearAllForwardings to be > + overridden when using ssh -W (but still default to yes in that case= ). > + bz#2577, ok djm@. > + > + Upstream-ID: 4b20c419e93ca11a861c81c284090cfabc8c54d4 > + > +commit 8543ff3f5020fe659839b15f05b8c522bde6cee5 > +Author: dtucker@openbsd.org > +Date: Fri Jun 3 03:14:41 2016 +0000 > + > + upstream commit > + > + Move the host and port used by ssh -W into the Options > + struct. This will make future changes a bit easier. ok djm@ > + > + Upstream-ID: 151bce5ecab2fbedf0d836250a27968d30389382 > + > +commit 6b87311d3acdc460f926b2c40f4c4f3fd345f368 > +Author: dtucker@openbsd.org > +Date: Wed Jun 1 04:19:49 2016 +0000 > + > + upstream commit > + > + Check min and max sizes sent by the client against what > + we support before passing them to the monitor. ok djm@ > + > + Upstream-ID: 750627e8117084215412bff00a25b1586ab17ece > + > +commit 564cd2a8926ccb1dca43a535073540935b5e0373 > +Author: dtucker@openbsd.org > +Date: Tue May 31 23:46:14 2016 +0000 > + > + upstream commit > + > + Ensure that the client's proposed DH-GEX max value is at > + least as big as the minimum the server will accept. ok djm@ > + > + Upstream-ID: b4b84fa04aab2de7e79a6fee4a6e1c189c0fe775 > + > +commit df820722e40309c9b3f360ea4ed47a584ed74333 > +Author: Darren Tucker > +Date: Mon Jun 6 11:36:13 2016 +1000 > + > + Add compat bits to utf8.c. > + > +commit 05c6574652571becfe9d924226c967a3f4b3f879 > +Author: Darren Tucker > +Date: Mon Jun 6 11:33:43 2016 +1000 > + > + Fix utf->utf8 typo. > + > +commit 6c1717190b4d5ddd729cd9e24e8ed71ed4f087ce > +Author: schwarze@openbsd.org > +Date: Mon May 30 18:34:41 2016 +0000 > + > + upstream commit > + > + Backout rev. 1.43 for now. > + > + The function update_progress_meter() calls refresh_progress_meter() > + which calls snmprintf() which calls malloc(); but update_progress_me= ter() > + acts as the SIGALRM signal handler. > + > + "malloc(): error: recursive call" reported by sobrado@. > + > + Upstream-ID: aaae57989431e5239c101f8310f74ccc83aeb93e > + > +commit cd9e1eabeb4137182200035ab6fa4522f8d24044 > +Author: schwarze@openbsd.org > +Date: Mon May 30 12:57:21 2016 +0000 > + > + upstream commit > + > + Even when only writing an unescaped character, the dst > + buffer may need to grow, or it would be overrun; issue found by tb@= with > + malloc.conf(5) 'C'. > + > + While here, reserve an additional byte for the terminating NUL > + up front such that we don't have to realloc() later just for that. > + > + OK tb@ > + > + Upstream-ID: 30ebcc0c097c4571b16f0a78b44969f170db0cff > + > +commit ac284a355f8065eaef2a16f446f3c44cdd17371d > +Author: schwarze@openbsd.org > +Date: Mon May 30 12:05:56 2016 +0000 > + > + upstream commit > + > + Fix two rare edge cases: 1. If vasprintf() returns < 0, > + do not access a NULL pointer in snmprintf(), and do not free() the = pointer > + returned from vasprintf() because on some systems other than OpenBS= D, it > + might be a bogus pointer. 2. If vasprintf() returns =3D=3D 0, retur= n 0 and "" > + rather than -1 and NULL. > + > + Besides, free(dst) is pointless after failure (not a bug). > + > + One half OK martijn@, the other half OK deraadt@; > + committing quickly before people get hurt. > + > + Upstream-ID: b7bcd2e82fc168a8eff94e41f5db336ed986fed0 > + > +commit 0e059cdf5fd86297546c63fa8607c24059118832 > +Author: schwarze@openbsd.org > +Date: Wed May 25 23:48:45 2016 +0000 > + > > *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** >