Build date: 1775080803 - Wed Apr 1 22:00:03 UTC 2026 Build cvs date: 1775073806 - Wed Apr 1 20:03:26 UTC 2026 Build id: 2026-04-02.1 Build tags: amd64-regress ports sysupgrade Applied the following diff(s): /home/anton/tmp/robsd/src-sys-em.diff /home/anton/tmp/robsd/src-sys-uhidev-sispm.diff /home/anton/tmp/robsd/src-sysupgrade.diff P lib/libc/sys/open.2 P lib/libc/sys/pledge.2 P lib/libcrypto/x509/x509_verify.c P libexec/rpc.rusersd/rusersd.c P regress/lib/libcrypto/x509/verify.c P regress/sbin/iked/parser/common.c P sbin/iked/ikev2.c P sbin/iked/ikev2_pld.c P sys/dev/pci/if_iwx.c P sys/dev/pci/drm/amd/amdgpu/amdgpu_drv.c M sys/dev/usb/uhidev.c P usr.bin/deroff/deroff.c P usr.bin/diff/diffreg.c P usr.bin/gprof/elf.c P usr.bin/tmux/server-client.c M usr.sbin/bgpd/session.c P usr.sbin/smtpd/to.c P usr.sbin/smtpd/unpack_dns.c P usr.sbin/vmctl/Makefile P usr.sbin/vmctl/main.c P usr.sbin/vmctl/vmctl.c P usr.sbin/vmctl/vmctl.h commit zTBaiTNI7o652GWv Author: bluhm Date: 2026/04/01 20:03:26 Add SA state check for CREATE_CHILD_SA exchange, similar to what we do for INFORMATIONAL exchanges. iked currently assumes that IKE_AUTH always results in valid child SAs, so IKEV2_STATE_ESTABLISHED means we have successfully completed the IKE_AUTH exchange for the SA. Independently found by Dirk Loss and Daniel Polak (SYS.nl) from tobhe@; ok and discussed with markus@ stsp@ Add ikev2_validate_ef() to validate fragment payload header size field as we do for other IKEv2 payloads. Reported by Dirk Loss from tobhe@; ok markus@ iked only ever handles one exchange at a time so we can drop the entire fragment queue instead of doing a lookup based on the msgid Found by Dirk Loss from tobhe@; ok markus@ hshoexer@ If we receive a response it must have the exact same msgid as the last request we sent, so make sure they match exactly rather than allowing higher msgids. We can't handle out of order responses and if we don't receive a response in time we retransmit our request until we get one or run into a timeout. Found by Dirk Loss from tobhe@; ok markus@ hshoexer@ this is errata/7.7/033_iked.patch.sig regress/sbin/iked/parser/common.c sbin/iked/ikev2.c sbin/iked/ikev2_pld.c commit hrar06sibNtBvMG2 Author: bluhm Date: 2026/04/01 20:02:24 Add SA state check for CREATE_CHILD_SA exchange, similar to what we do for INFORMATIONAL exchanges. iked currently assumes that IKE_AUTH always results in valid child SAs, so IKEV2_STATE_ESTABLISHED means we have successfully completed the IKE_AUTH exchange for the SA. Independently found by Dirk Loss and Daniel Polak (SYS.nl) from tobhe@; ok and discussed with markus@ stsp@ Add ikev2_validate_ef() to validate fragment payload header size field as we do for other IKEv2 payloads. Reported by Dirk Loss from tobhe@; ok markus@ iked only ever handles one exchange at a time so we can drop the entire fragment queue instead of doing a lookup based on the msgid Found by Dirk Loss from tobhe@; ok markus@ hshoexer@ If we receive a response it must have the exact same msgid as the last request we sent, so make sure they match exactly rather than allowing higher msgids. We can't handle out of order responses and if we don't receive a response in time we retransmit our request until we get one or run into a timeout. Found by Dirk Loss from tobhe@; ok markus@ hshoexer@ this is errata/7.8/027_iked.patch.sig regress/sbin/iked/parser/common.c sbin/iked/ikev2.c sbin/iked/ikev2_pld.c commit UJqu9DeiznOy9bVn Author: tobhe Date: 2026/04/01 19:04:22 If we receive a response it must have the exact same msgid as the last request we sent, so make sure they match exactly rather than allowing higher msgids. We can't handle out of order responses and if we don't receive a response in time we retransmit our request until we get one or run into a timeout. Found by Dirk Loss ok markus@ hshoexer@ sbin/iked/ikev2.c commit Q2VkoCOdDMthD7sB Author: tobhe Date: 2026/04/01 18:58:15 iked only ever handles one exchange at a time so we can drop the entire fragment queue instead of doing a lookup based on the msgid Found by Dirk Loss ok markus@ hshoexer@ regress/sbin/iked/parser/common.c sbin/iked/ikev2_pld.c commit KivBzLLl2oxe7MBH Author: tobhe Date: 2026/04/01 18:43:20 Add ikev2_validate_ef() to validate fragment payload header size field as we do for other IKEv2 payloads. Reported by Dirk Loss ok markus@ sbin/iked/ikev2_pld.c commit ylTxbOT7X3IjaH2U Author: tobhe Date: 2026/04/01 18:36:49 Add SA state check for CREATE_CHILD_SA exchange, similar to what we do for INFORMATIONAL exchanges. iked currently assumes that IKE_AUTH always results in valid child SAs, so IKEV2_STATE_ESTABLISHED means we have successfully completed the IKE_AUTH exchange for the SA. Independently found by Dirk Loss and Daniel Polak (SYS.nl) ok and discussed with markus@ stsp@ sbin/iked/ikev2.c commit SGcoVBJDucmwzrXi Author: deraadt Date: 2026/04/01 17:49:40 chars[] array needs to be sized 256 because it is indexed at many places by (unsigned char) from input data. from Renaud Allard usr.bin/deroff/deroff.c commit sLBa7Ar5T1L4O1Oe Author: deraadt Date: 2026/04/01 17:47:46 Use an unsigned sum value to provide deterministic overflow behaviour, for input to the hash. from Renaud Allard usr.bin/diff/diffreg.c commit Gp01f0tQnFLtrjBb Author: deraadt Date: 2026/04/01 16:58:22 Range-check fields inside the file to ensure they don't exceed the size of the file and cause later crashes. from renaud allard usr.bin/gprof/elf.c commit 23RyaX21UAU9FhQ5 Author: deraadt Date: 2026/04/01 15:39:05 Do the unveil() after the daemon() call, because otherwise we wouldneed "/dev/null" "rw" and "/" "r", in particular the second is ugly. pointed out by bluhm, discussion also with dgl. libexec/rpc.rusersd/rusersd.c commit TKRDYSKziHcRQAaI Author: jsing Date: 2026/04/01 14:39:11 Adjust depth check to match change in verifier. regress/lib/libcrypto/x509/verify.c commit G2cDZ8SbnEphXNhY Author: jsing Date: 2026/04/01 14:38:26 Restore the previous behaviour with maximum verification depth. The maximum depth is not expected to include the leaf certificate - restore the decrement prior to checking, which means the previous behaviour is retained for the callback depth and the maximum depth. Reduce the maximum depth by one in order to avoid the overwrite that could previously occur. Thanks to anton@ for flagging the rust-openssl failure in regress. ok tb@ lib/libcrypto/x509/x509_verify.c commit Flxk00Gu0DTepJ0Q Author: op Date: 2026/04/01 11:20:58 fix possible out of bound in text_to_netaddr diff from Renaud Allard (renaud at allard.it), thanks! ok deraadt usr.sbin/smtpd/to.c commit fTVh8ob9jVrtd6oV Author: op Date: 2026/04/01 11:19:01 fix possible out of bound access in dname_expand() spotted by Renaud Allard (thanks!), diff tweaked by me. ok deraadt@ usr.sbin/smtpd/unpack_dns.c commit HR8vWKmo3YhAUPI3 Author: nicm Date: 2026/04/01 08:10:02 Fixed missing drag end detection and mouse button detection with modifiers. From Dane Jensen, reported by Joseph Tyson and Mark Kelly. usr.bin/tmux/server-client.c commit f0QqrjpM2MdLzEwq Author: jsg Date: 2026/04/01 02:34:37 mdoc fixes lib/libc/sys/pledge.2 commit ZARevXtXkt083Zqq Author: jsg Date: 2026/04/01 02:32:49 add .Nm for __pledge_open, makes 'man __pledge_open' work lib/libc/sys/open.2 commit CSfgMmDodoV8EFmV Author: kirill Date: 2026/04/01 02:29:37 sys/iwx: increase maximal VHT A-MPDU from 64K to 1024K OK: stsp@ sys/dev/pci/if_iwx.c commit H2bymU5rC9oSu4Uj Author: jsg Date: 2026/04/01 02:08:38 remove whitespace at eol lib/libc/sys/pledge.2 commit ObxxVcaFWabkNpt6 Author: jsg Date: 2026/04/01 02:05:06 spelling lib/libc/sys/pledge.2 commit anGTmpA8RwgIsbry Author: jsg Date: 2026/04/01 01:29:25 make ddb output visible when entering ddb from X on amdgpu add a call to drm_fb_helper_restore_fbdev_mode_unlocked() to amdgpu_enter_ddb() otherwise ddb output can't be seen not required on inteldrm or radeondrm sys/dev/pci/drm/amd/amdgpu/amdgpu_drv.c commit 46dUL7knDZzqIZFP Author: dv Date: 2026/04/01 00:51:50 Clean up vmctl, remove use of vmd's log.c. This reimplements simpler versions of logging functions needed for linking the qcow and raw disk image code from vmd. Also cleans up the Makefile a bit, removing atomicio.c which is unused. ok mlarkin@ usr.sbin/vmctl/Makefile usr.sbin/vmctl/main.c usr.sbin/vmctl/vmctl.c usr.sbin/vmctl/vmctl.h commit ADh4bjRzl0Jo9Xxj Author: matthieu Date: 2026/03/31 19:06:28 update MODULES