WWW: missing link to plus75.html on plus74.html

2024-04-09 Thread Ryan Freeman 
Quickly reviewed other plusXX.html pages, only plus74.html seems to omit it.

Index: plus74.html
===
RCS file: /cvs/www/plus74.html,v
diff -u -p -r1.3 plus74.html
--- plus74.html 4 Oct 2023 15:06:06 -   1.3
+++ plus74.html 10 Apr 2024 04:31:28 -
@@ -91,6 +91,7 @@ For changes in other releases, click bel
 7.1,
 7.2,
 7.3,
+7.5,
 current.

fix closing tag in plus75.html

2024-04-09 Thread Ryan Freeman 
Hi, this fixes the closing  tag on the -current line.

-ryan

18:14 ryan@build-amd64:/usr/src/www$ cvs diff -uNp plus75.html
Index: plus75.html
===
RCS file: /cvs/www/plus75.html,v
diff -u -p -u -p -r1.1 plus75.html
--- plus75.html 5 Apr 2024 12:16:50 -   1.1
+++ plus75.html 10 Apr 2024 01:14:38 -
@@ -92,7 +92,7 @@ For changes in other releases, click bel
 7.2,
 7.3,
 7.4,
--current/a>.
+-current.

Re: 7.5 regression - relayd - websockets - WS session setup ok, but no payload from server

2024-04-09 Thread Ollie Strickland 
Thanks for the suggestion Stuart. Relayd verbose logs and adding "log 
connection" to relay.conf results below:

-
 Apr 09 14:24:17 VAULT-7.5 relayd startup
Apr 09 14:24:17 VAULT-7.5 relayd adding 1 hosts from table 
vaultwarden-default-host:8000 (no check)
Apr 09 14:24:17 VAULT-7.5 relayd adding 1 hosts from table 
vaultwarden-default-host:8000 (no check)
Apr 09 14:24:17 VAULT-7.5 relayd adding 1 hosts from table 
vaultwarden-default-host:8000 (no check)
Apr 09 14:25:02 VAULT-7.5 relayd relay vaultwarden-https-relay, session 1 (1 
active), 0, 172.71.22.13 -> 127.0.0.1:8000, done, GET -> 127.0.0.1:8000;
Apr 09 14:29:26 VAULT-7.5 relayd relay vaultwarden-https-relay, session 1 (1 
active), 0, 108.162.237.130 -> 127.0.0.1:8000, done, GET -> 127.0.0.1:8000;
Apr 09 14:34:29 VAULT-7.5 relayd relay vaultwarden-https-relay, session 2 (1 
active), 0, 172.69.70.71 -> 127.0.0.1:8000, done, GET -> 127.0.0.1:8000;
Apr 09 14:34:32 VAULT-7.5 relayd relay vaultwarden-https-relay, session 1 (2 
active), 0, 172.71.30.111 -> :8000, buffer event timeout, GET -> 
127.0.0.1:8000; GET; POST; GET; GET;: Invalid argument
Apr 09 14:36:21 VAULT-7.5 relayd relay vaultwarden-https-relay, session 2 (2 
active), 0, 172.71.30.170 -> 127.0.0.1:8000, buffer event timeout, POST -> 
127.0.0.1:8000;: Undefined error: 0
Apr 09 14:37:56 VAULT-7.5 relayd relay vaultwarden-https-relay, session 4 (2 
active), 0, 108.162.238.117 -> 127.0.0.1:8000, done, GET -> 127.0.0.1:8000;
Apr 09 14:39:04 VAULT-7.5 relayd relay vaultwarden-https-relay, session 2 (3 
active), 0, 172.69.71.69 -> :8000, buffer event timeout, POST -> 
127.0.0.1:8000; GET; GET; POST; GET; GET; POST;: Invalid argument
Apr 09 14:39:06 VAULT-7.5 relayd relay vaultwarden-https-relay, session 3 (2 
active), 0, 172.71.30.126 -> 127.0.0.1:8000, buffer event timeout, POST -> 
127.0.0.1:8000;: Undefined error: 0
Apr 09 14:41:10 VAULT-7.5 relayd relay vaultwarden-https-relay, session 4 (2 
active), 0, 172.71.31.98 -> 127.0.0.1:8000, buffer event timeout, POST -> 
127.0.0.1:8000;: Resource temporarily unavailable
Apr 09 14:45:38 VAULT-7.5 relayd relay vaultwarden-https-relay, session 3 (2 
active), 0, 172.71.30.123 -> 127.0.0.1:8000, buffer event timeout, POST -> 
127.0.0.1:8000;: Resource temporarily unavailable
Apr 09 14:49:11 VAULT-7.5 relayd relay vaultwarden-https-relay, session 5 (2 
active), 0, 172.69.70.74 -> 127.0.0.1:8000, buffer event timeout, POST -> 
127.0.0.1:8000;: Undefined error: 0
Apr 09 14:51:08 VAULT-7.5 relayd relay vaultwarden-https-relay, session 5 (1 
active), 0, 108.162.238.71 -> 127.0.0.1:8000, buffer event timeout, GET -> 
127.0.0.1:8000;: Undefined error: 0
Apr 09 14:51:53 VAULT-7.5 relayd relay vaultwarden-https-relay, session 6 (1 
active), 0, 172.69.71.69 -> 127.0.0.1:8000, buffer event timeout, POST -> 
127.0.0.1:8000;: Undefined error: 0
-

Ollie Strickland

Re: Can't install amd64 `install.iso` since 7.0

2024-04-09 Thread Bruno Haible 
> When attempting to Install OpenBSD (at least) 7.3, 7.4, 7.5 on amd64 virtual
> machine in VirtualBox 6.1 on Windows 8.1 (64-bit)

OpenBSD amd64 guests in VirtualBox 6.1 need the configuration
System > Motherboard: Disable "Enable I/O APIC", otherwise a kernel panic
occurs later. At least on Linux. Worth trying on Windows as well.

Ref: 
https://dev.to/nabbisen/openbsd-73-on-virtualbox-7-installation-as-guest-os-failed-due-to-io-apic-enabled-4ake

Re: 7.5 regression - relayd - websockets - WS session setup ok, but no payload from server

2024-04-09 Thread Stuart Henderson 
This is most likely a result of increased sanity checks for headers
done last autumn.

Does anything show in debug logs? (relayd -dv)

On 2024/04/09 01:02, Ollie Strickland wrote:
> bugs@ - post upgrade to 7.5, I have lost websockets functionality via relayd 
> for app Vaultwarden. Websockets is used in package - vaultwarden-1.30.5 - in 
> an advanced feature that pushes data to client browsers and mobile apps in 
> real time.
> 
> Note - the application has basic functionality without websockets via polling 
> of the server, so at a cursory glance the app appears to work fine. So, use 
> step (6) to test websockets.
> 
> Steps to reproduce:
> 1 - pkg_add vaultwarden-1.30.5
> 2 - rcctl enable vaultwarden && rcctl start vaultwarden
> 3 - configure relayd with below config
> 4 - point web browser to the host and register for a new vaultwarden user 
> account
> 5 - open a second browser session incognito / private
> 6 - in the first browser, create a new secure note - when websockets is 
> working the data should show up in near real time in the other browser
> 7 - watch WS activity in the dev console, and note that although the WS 
> session is established successfully, no payload data is ever received from 
> the server - this set of screenshots shows proper operation without relayd in 
> the first screenshot, and then failure of WS with relayd in the second 
> screenshot - https://imgur.com/a/msvyXbX
> 8 - note that if you turn relayd off and use pf to send inbound web traffic 
> to Vaultwarden's Rocket server on port 8000, then websockets works
> 
> Ollie Strickland
> -
> 
> relayd.conf:
> -
> table  { 127.0.0.1 }
> 
> # protocol definition for vaultwarden with tls
> http protocol vaultwarden-https {
> 
> # forward connections to vaultwarden rocket
> match request path "/*" forward to 
> 
> # add headers vaultwarden may need
> match request header append "Host" value "$HOST"
> match request header append "X-Real-IP" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
> match request header append "X-Forwarded-By" value 
> "$SERVER_ADDR:$SERVER_PORT"
> match request header append "CF-Connecting-IP" value "$REMOTE_ADDR"
> 
> # various TCP options
> tcp { nodelay, sack, backlog 128 }
> 
> # tls config
> tls keypair vault.example.com
> tls { no tlsv1.0, ciphers HIGH }
> 
> # allow websockets
> http websockets
> }
> 
> # relay definition for vaultwarden - forward inbound 443 tls on the egress 
> interface to rocket on default port 8000
> relay vaultwarden-https-relay {
> listen on egress port 443 tls
> protocol vaultwarden-https
> forward to  port 8000
> }
> -
> 
> dmesg:
> -
> OpenBSD 7.4 (GENERIC.MP) #3: Wed Feb 28 06:23:33 MST 2024
> 
> r...@syspatch-74-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 4278042624 (4079MB)
> avail mem = 4128661504 (3937MB)
> random: good seed from bootblocks
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0
> acpi0 at bios0: ACPI 3.0
> acpi0: sleep states S3 S4 S5
> acpi0: tables DSDT FACP APIC HPET MCFG WAET
> acpi0: wakeup devices
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: AMD EPYC-Milan Processor, 3250.37 MHz, 19-01-01
> cpu0: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,SSSE3,FMA3,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,AMCR8,ABM,SSE4A,MASSE,OSVW,TOPEXT,CPCTR,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,CLFLUSHOPT,CLWB,SHA,UMIP,PKU,IBRS,IBPB,SSBD,IBPB,IBRS,STIBP,SSBD,XSAVEOPT,XSAVES
> cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 512KB 
> 64b/line 8-way L2 cache, 32MB 64b/line 16-way L3 cache
> cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
> cpu0: apic clock running at 1000MHz
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: AMD EPYC-Milan Processor, 3250.49 MHz, 19-01-01
> cpu1: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,HTT,SSE3,PCLMUL,SSSE3,FMA3,CX16,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,AMCR8,ABM,SSE4A,MASSE,OSVW,TOPEXT,CPCTR,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,CLFLUSHOPT,CLWB,SHA,UMIP,PKU,IBRS,IBPB,SSBD,IBPB,IBRS,STIBP,SSBD,XSAVEOPT,XSAVES
> cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 512KB 
> 64b/line 8-way L2 cache, 32MB 64b/line 16-way L3 cache
> cpu1: smt 1, core 0, package 0
> ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins
>