ifa_ifwithnet(9) is not for AF_LINK
Here's a diff to stop dealing with AF_LINK addresses in ifa_ifwithnet(9). ^^^ The only place where such thing happens is when ifa_ifwithroute() do its magic to find an address for a route. So in this case, it does the check directly and get the corresponding ifa. ifa_ifwithnet(9) is mostly used by the routine code to find an appropriate address, hopefully with might get rid of it. But for the moment I'd like to remove the AF_LINK case because it is unintuitive and does not iterate on the global list of interfaces. While here, rename a rdomain - rtableid, this is what you want! As a bonus, this diff comes with a manual. ok? Index: share/man/man9/Makefile === RCS file: /cvs/src/share/man/man9/Makefile,v retrieving revision 1.208 diff -u -p -r1.208 Makefile --- share/man/man9/Makefile 10 Apr 2014 13:47:21 - 1.208 +++ share/man/man9/Makefile 10 Apr 2014 13:59:39 - @@ -16,7 +16,7 @@ MAN= altq.9 aml_evalnode.9 atomic_add_in hardclock.9 hook_establish.9 hz.9 hzto.9 idgen32.9 \ ieee80211.9 ieee80211_crypto.9 ieee80211_input.9 ieee80211_ioctl.9 \ ieee80211_node.9 ieee80211_output.9 ieee80211_proto.9 \ - ieee80211_radiotap.9 \ + ieee80211_radiotap.9 ifa_ifwithnet.9 \ iic.9 intro.9 inittodr.9 \ kern.9 km_alloc.9 knote.9 kthread.9 ktrace.9 \ loadfirmware.9 lock.9 log.9 \ Index: share/man/man9/ifa_ifwithnet.9 === RCS file: share/man/man9/ifa_ifwithnet.9 diff -N share/man/man9/ifa_ifwithnet.9 --- /dev/null 1 Jan 1970 00:00:00 - +++ share/man/man9/ifa_ifwithnet.9 10 Apr 2014 13:59:39 - @@ -0,0 +1,46 @@ +.\$OpenBSD$ +.\ +.\ Copyright (c) 2014 Martin Pieuchot +.\ +.\ Permission to use, copy, modify, and distribute this software for any +.\ purpose with or without fee is hereby granted, provided that the above +.\ copyright notice and this permission notice appear in all copies. +.\ +.\ THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\ +.Dd $Mdocdate$ +.Dt IFA_IFWITHNET 9 +.Os +.Sh NAME +.Nm ifa_ifwithnet +.Nd find an address on a specific network +.Sh SYNOPSIS +.In sys/socket.h +.In net/if.h +.Ft struct ifaddr * +.Fn ifa_ifwithnet struct sockaddr *sa u_int rtableid +.Sh DESCRIPTION +.Fn ifa_ifwithnet +iterates on all the address of all the interfaces in the routing domain of +routing table +.Fa rtableid +and returns the most specific address matching +.Fa sa . +.Sh CONTEXT +.Fn ifa_ifwithnet +can be called during autoconf, from process context, or from interrupt context. +.Sh RETURN VALUES +.Fn ifa_ifwithnet +will return the most specific configured address matching +.Fa sa +on success +.Dv NULL +otherwise. +.Sh SEE ALSO +.Xr rtable_l2 9 Index: sys/net/if.c === RCS file: /cvs/src/sys/net/if.c,v retrieving revision 1.283 diff -u -p -r1.283 if.c --- sys/net/if.c10 Apr 2014 13:47:21 - 1.283 +++ sys/net/if.c10 Apr 2014 13:59:48 - @@ -904,27 +904,21 @@ ifa_ifwithdstaddr(struct sockaddr *addr, * is most specific found. */ struct ifaddr * -ifa_ifwithnet(struct sockaddr *addr, u_int rdomain) +ifa_ifwithnet(struct sockaddr *sa, u_int rtableid) { struct ifnet *ifp; - struct ifaddr *ifa; - struct ifaddr *ifa_maybe = 0; - u_int af = addr-sa_family; - char *addr_data = addr-sa_data, *cplim; + struct ifaddr *ifa, *ifa_maybe = NULL; + char *cplim, *addr_data = sa-sa_data; + u_int rdomain; - rdomain = rtable_l2(rdomain); - if (af == AF_LINK) { - struct sockaddr_dl *sdl = (struct sockaddr_dl *)addr; - if (sdl-sdl_index (ifp = if_get(sdl-sdl_index)) != NULL) - return (ifp-if_lladdr); - } + rdomain = rtable_l2(rtableid); TAILQ_FOREACH(ifp, ifnet, if_list) { if (ifp-if_rdomain != rdomain) continue; TAILQ_FOREACH(ifa, ifp-if_addrlist, ifa_list) { char *cp, *cp2, *cp3; - if (ifa-ifa_addr-sa_family != af || + if (ifa-ifa_addr-sa_family != sa-sa_family || ifa-ifa_netmask == 0) next: continue; cp = addr_data; Index: sys/net/route.c
Re: snmpd: support for ipNetToMediaTable (ARP table exporting)
On Mon, Apr 07, 2014 at 17:03 +0200, Mike Belopuhov wrote: a bit of an update, mainly style changes. one functional change: don't rely on rtm_rmx.rmx_expire to set the F_STATIC flag as rt_getmetrics is not called consistenly (only with RTM_GETs) and besides RTF_STATIC flag is already present for static ARP entries. http://www.vantronix.net/~mike/snmpd-arp.diff I've ditched rdomain kludges to simplify the diff and because actual rdomain support doesn't need any of those. OK? diff --git usr.sbin/snmpd/kroute.c usr.sbin/snmpd/kroute.c index 1ed4d17..e157b25 100644 --- usr.sbin/snmpd/kroute.c +++ usr.sbin/snmpd/kroute.c @@ -69,10 +69,11 @@ struct kroute6_node { }; struct kif_node { RB_ENTRY(kif_node) entry; TAILQ_HEAD(, kif_addr) addrs; + TAILQ_HEAD(, kif_arp)arps; struct kif k; }; intkroute_compare(struct kroute_node *, struct kroute_node *); intkroute6_compare(struct kroute6_node *, struct kroute6_node *); @@ -91,10 +92,14 @@ struct kroute6_node *kroute6_matchgw(struct kroute6_node *, struct sockaddr_in6 *); int kroute6_insert(struct kroute6_node *); int kroute6_remove(struct kroute6_node *); voidkroute6_clear(void); +struct kif_arp *karp_find(struct sockaddr *, u_short); +int karp_insert(struct kif_node *, struct kif_arp *); +int karp_remove(struct kif_node *, struct kif_arp *); + struct kif_node*kif_find(u_short); struct kif_node*kif_insert(u_short); int kif_remove(struct kif_node *); voidkif_clear(void); struct kif *kif_update(u_short, int, struct if_data *, @@ -118,10 +123,11 @@ void if_deladdr(u_short, struct sockaddr *, struct sockaddr *, struct sockaddr *); void if_announce(void *); intfetchtable(void); intfetchifs(u_short); +intfetcharp(void); void dispatch_rtmsg(int, short, void *); intrtmsg_process(char *, int); intdispatch_rtmsg_addr(struct rt_msghdr *, struct sockaddr *[RTAX_MAX]); @@ -182,10 +188,12 @@ kr_init(void) if (fetchifs(0) == -1) fatalx(kr_init fetchifs); if (fetchtable() == -1) fatalx(kr_init fetchtable); + if (fetcharp() == -1) + fatalx(kr_init fetcharp); event_set(kr_state.ks_ev, kr_state.ks_fd, EV_READ | EV_PERSIST, dispatch_rtmsg, NULL); event_add(kr_state.ks_ev, NULL); } @@ -519,10 +527,123 @@ kroute6_clear(void) while ((kr = RB_MIN(kroute6_tree, krt6)) != NULL) kroute6_remove(kr); } +static inline int +karp_compare(struct kif_arp *a, struct kif_arp *b) +{ + /* Interface indices are assumed equal */ + if (ntohl(a-addr.sin.sin_addr.s_addr) + ntohl(b-addr.sin.sin_addr.s_addr)) + return (1); + if (ntohl(a-addr.sin.sin_addr.s_addr) + ntohl(b-addr.sin.sin_addr.s_addr)) + return (-1); + return (0); +} + +static inline struct kif_arp * +karp_search(struct kif_node *kn, struct kif_arp *ka) +{ + struct kif_arp *pivot; + + TAILQ_FOREACH(pivot, kn-arps, entry) { + switch (karp_compare(ka, pivot)) { + case 0: /* found */ + return (pivot); + case -1: /* ka pivot, end the search */ + return (NULL); + } + } + /* looped through the whole list and didn't find */ + return (NULL); +} + +struct kif_arp * +karp_find(struct sockaddr *sa, u_short ifindex) +{ + struct kif_node *kn; + struct kif_arp *ka = NULL, s; + + memcpy(s.addr.sa, sa, sa-sa_len); + + if (ifindex == 0) { + /* +* We iterate manually to handle zero ifindex special +* case differently from kif_find, in particular we +* want to look for the address on all available +* interfaces. +*/ + RB_FOREACH(kn, kif_tree, kit) { + if ((ka = karp_search(kn, s)) != NULL) + break; + } + } else { + if ((kn = kif_find(ifindex)) == NULL) + return (NULL); + ka = karp_search(kn, s); + } + return (ka); +} + +int +karp_insert(struct kif_node *kn, struct kif_arp *ka) +{ + struct kif_arp *pivot; + + if (ka-if_index == 0) + return (-1); + if (!kn (kn = kif_find(ka-if_index)) == NULL) + return (-1); + /* Put entry on the list in the ascending lexical order */ + TAILQ_FOREACH(pivot, kn-arps, entry) { + switch
snmpd: support for multiple routing tables...
...borrowed from the bgpd for the most part. Currently it's not doing anything (kroute_first/kroute_getaddr will always select the rtable 0) since it needs new MIBs and some more diffs from blambert@. OK? diff --git usr.sbin/snmpd/kroute.c usr.sbin/snmpd/kroute.c index e157b25..d1f8890 100644 --- usr.sbin/snmpd/kroute.c +++ usr.sbin/snmpd/kroute.c @@ -45,10 +45,13 @@ #include snmpd.h extern struct snmpd*env; +struct ktable **krt; +u_intkrt_size; + struct { struct event ks_ev; u_long ks_iflastchange; u_long ks_nroutes;/* 4 billions enough? */ int ks_fd; @@ -77,24 +80,32 @@ struct kif_node { intkroute_compare(struct kroute_node *, struct kroute_node *); intkroute6_compare(struct kroute6_node *, struct kroute6_node *); intkif_compare(struct kif_node *, struct kif_node *); -struct kroute_node *kroute_find(in_addr_t, u_int8_t, u_int8_t); +voidktable_init(void); +int ktable_new(u_int, u_int); +voidktable_free(u_int); +int ktable_exists(u_int, u_int *); +struct ktable *ktable_get(u_int); +int ktable_update(u_int); + +struct kroute_node *kroute_find(struct ktable *, in_addr_t, u_int8_t, + u_int8_t); struct kroute_node *kroute_matchgw(struct kroute_node *, struct sockaddr_in *); -int kroute_insert(struct kroute_node *); -int kroute_remove(struct kroute_node *); -voidkroute_clear(void); +int kroute_insert(struct ktable *, struct kroute_node *); +int kroute_remove(struct ktable *, struct kroute_node *); +voidkroute_clear(struct ktable *); -struct kroute6_node*kroute6_find(const struct in6_addr *, u_int8_t, -u_int8_t); +struct kroute6_node*kroute6_find(struct ktable *, const struct in6_addr *, + u_int8_t, u_int8_t); struct kroute6_node*kroute6_matchgw(struct kroute6_node *, struct sockaddr_in6 *); -int kroute6_insert(struct kroute6_node *); -int kroute6_remove(struct kroute6_node *); -voidkroute6_clear(void); +int kroute6_insert(struct ktable *, struct kroute6_node *); +int kroute6_remove(struct ktable *, struct kroute6_node *); +voidkroute6_clear(struct ktable *); struct kif_arp *karp_find(struct sockaddr *, u_short); int karp_insert(struct kif_node *, struct kif_arp *); int karp_remove(struct kif_node *, struct kif_arp *); @@ -121,23 +132,21 @@ void if_newaddr(u_short, struct sockaddr *, struct sockaddr *, struct sockaddr *); void if_deladdr(u_short, struct sockaddr *, struct sockaddr *, struct sockaddr *); void if_announce(void *); -intfetchtable(void); +intfetchtable(struct ktable *); intfetchifs(u_short); -intfetcharp(void); +intfetcharp(struct ktable *); void dispatch_rtmsg(int, short, void *); intrtmsg_process(char *, int); -intdispatch_rtmsg_addr(struct rt_msghdr *, +intdispatch_rtmsg_addr(struct ktable *, struct rt_msghdr *, struct sockaddr *[RTAX_MAX]); -RB_HEAD(kroute_tree, kroute_node) krt; RB_PROTOTYPE(kroute_tree, kroute_node, entry, kroute_compare) RB_GENERATE(kroute_tree, kroute_node, entry, kroute_compare) -RB_HEAD(kroute6_tree, kroute6_node)krt6; RB_PROTOTYPE(kroute6_tree, kroute6_node, entry, kroute6_compare) RB_GENERATE(kroute6_tree, kroute6_node, entry, kroute6_compare) RB_HEAD(kif_tree, kif_node)kit; RB_PROTOTYPE(kif_tree, kif_node, entry, kif_compare) @@ -149,10 +158,11 @@ RB_GENERATE(ka_tree, kif_addr, node, ka_compare) void kr_init(void) { int opt = 0, rcvbuf, default_rcvbuf; + unsigned inttid = RTABLE_ANY; socklen_t optlen; if ((kr_state.ks_ifd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) fatal(kr_init: ioctl socket); @@ -179,31 +189,166 @@ kr_init(void) setsockopt(kr_state.ks_fd, SOL_SOCKET, SO_RCVBUF, rcvbuf, sizeof(rcvbuf)) == -1 errno == ENOBUFS; rcvbuf /= 2) ; /* nothing */ - RB_INIT(krt); - RB_INIT(krt6); + if (setsockopt(kr_state.ks_fd, AF_ROUTE, ROUTE_TABLEFILTER, tid, + sizeof(tid)) == -1) + log_warn(kr_init: setsockopt AF_ROUTE ROUTE_TABLEFILTER); + RB_INIT(kit); RB_INIT(kat); if (fetchifs(0)
OpenBSD Foundation 2014 Fundraising Campaign.
The OpenBSD Foundation is happy to report that the $150,000 goal of the 2014 fundraising campaign has been reached. We wish to thank our contributors large and small. We will continue our fundraising efforts both in the current year and next year. The success of this year's effort has allowed the Foundation to reverse the recent decline in the support we were able to offer the OpenBSD project. The Foundation has been able to assume responsibility for funding more aspects of the project infrastructure, such as the server electricity bill. The Foundation is now able to support efforts underway to rebuild a significant part of the project server infrastructure. This included a few things that were, literally, rotting. 2014's slate of hackathons has been solidified, ensuring these critical events will continue to provide a stream of improvements to the OpenBSD and related projects. We would like to especially thank the contributors who have made commitments for continuing donations to the Foundation. Every recurring regular donation allows us to budget and plan more effectively. The Foundation will continue to strive to improve its financial resources, and hopes to be able to provide further support to the projects in the future. Please continue to contribute!
Re: OpenBSD Foundation 2014 Fundraising Campaign.
On Thu, Apr 10, 2014 at 8:23 PM, Bob Beck b...@openbsdfoundation.org wrote: The OpenBSD Foundation is happy to report that the $150,000 goal of the 2014 fundraising campaign has been reached. We wish to thank our contributors large and small. We will continue our fundraising efforts both in the current year and next year. The success of this year's effort has allowed the Foundation to reverse the recent decline in the support we were able to offer the OpenBSD project. The Foundation has been able to assume responsibility for funding more aspects of the project infrastructure, such as the server electricity bill. The Foundation is now able to support efforts underway to rebuild a significant part of the project server infrastructure. This included a few things that were, literally, rotting. 2014's slate of hackathons has been solidified, ensuring these critical events will continue to provide a stream of improvements to the OpenBSD and related projects. We would like to especially thank the contributors who have made commitments for continuing donations to the Foundation. Every recurring regular donation allows us to budget and plan more effectively. The Foundation will continue to strive to improve its financial resources, and hopes to be able to provide further support to the projects in the future. Please continue to contribute! Congratulations ! $200k as target next year :-) -- This message is strictly personal and the opinions expressed do not represent those of my employers, either past or present.
Re: Brightness and KBD light (Apple): ukbd.c/wskbd.c to asmc driver?
On Sun, Apr 06, 2014 at 09:45:11PM +0200, Sven-Volker Nowarra wrote: Hi, I am thinking about an approach to set the brightness on my MacBook via standard keyboard keys. I can already call from the commandline wsconsctl display.brightness=xx, and it will arrive in my asmc.c driver (thanx to Mark's hints). Now I want to use the standard fn-keys on the keyboard. Other laptops (Thinkpad, Toshiba?) have acpi usage, that does not work for the Mac. So I thought I need to go through ukbd/wskbd. The brightness keys are FN-F1 (down) and FN-F2 (up), and keyboard backlight FN-F5 (down) and FN-F6 (up). The MBPro has a USB type keyboard, and in ukbd.c there is void ukbd_apple_munge() prepared. Looking at the way audio is prepared, I seem to understand, that ukbd.c translates key codes to values defined in ukbdmap.c, and based on these values volume can be raised/lowered in wskbd.c. Can I simply add equivalents in ukbdmap.c for brightnes and backlight control? (is there a logic I'd violate, when using numbers behind audio section?) unlike audio, there's no standard brighness key scan-code code, so the implementation would probably be slightly different. In wskbd.c: I was trying to find out the link between wskbd_set_mixervolume and the function in audio.c. How would wskbd.c know, it is in audio.c defined? There's a prototype at the beginning of the file wskbd.c. If NAUDIO 0 then audio.c contents are compiled and wskbd_set_mixervolume() function is available. -- Alexandre
Re: OpenSSH hole, April 9
On 9 Apr 2014 15:46, Bob Beck b...@obtuse.com wrote: On Wed, Apr 09, 2014 at 02:49:21PM -0600, Devin Reade wrote: Quoting Theo de Raadt dera...@cvs.openbsd.org: If tomorrow Damien or I had to announce a major OpenSSH hole, how screwed would the Internet be? Would you mind clarifying this a bit? Was the post strictly a (justified) comment about the lack of funding, or should we be anticipating another announcement in addition to the existing OpenSSL mess? The former. While nothing's ever for sure, OpenSSH does not normally attempt to include exploit mitigation technique circumvention mechanisms. -Bob And just so we're clear on this. Since people on hacker news seem to be mildly challenged at understanding English, I'm saying heartbleed has nothing to do with OpenSSH. It doesn't even link the library. I also know that Devin is smart enough to be running OpenBSD where it matters since I know him personally. I am making no claims about whatever any other operating systems that value speed and complexity over safety. Heck there probably are holes in what they bring to the table..
Re: rs, jot: missing headers
On Thu, 14 Nov 2013 23:17:24 -0500, Eitan Adler wrote: Hey all, I was looking through some OpenBSD code and noticed that rs and jot are both missing #include unistd.h even though they use getopt. It seems that stdlib.h defines getopt on OpenBSD. However, this is not the correct header file, and it makes it not possible to compile OpenBSD's utilities on other platforms. I just looked on my linux box and found this in stdlib.h #ifndef _GETOPT_DEFINED_ #define _GETOPT_DEFINED_ int getopt(int, char * const *, const char *); extern char *optarg; /* getopt(3) external variables */ extern int opterr, optind, optopt, optreset; int getsubopt(char **, char * const *, char **); extern char *suboptarg; /* getsubopt(3) external variable */ #endif /* _GETOPT_DEFINED_ */ So I'm wondering about your assertion that this is not the correct header filelooking at links in your post, do you really mean FreeBSD doesn't define them there but everyone else on the planet might? (Notice: I just paid SCO $600 license as protection against any infringement my posting of part of a linux .h file might cause)
Re: rs, jot: missing headers
On Thu, Apr 10, 2014 at 7:14 PM, Ralph Siegler rsieg...@rsiegler.org wrote: On Thu, 14 Nov 2013 23:17:24 -0500, Eitan Adler wrote: I was looking through some OpenBSD code and noticed that rs and jot are both missing #include unistd.h even though they use getopt. It seems that stdlib.h defines getopt on OpenBSD. However, this is not the correct header file, and it makes it not possible to compile OpenBSD's utilities on other platforms. I just looked on my linux box and found this in stdlib.h ... So I'm wondering about your assertion that this is not the correct header filelooking at links in your post, do you really mean FreeBSD doesn't define them there but everyone else on the planet might? He's perhaps referring to the POSIX standard, which specifies that that *in a conforming compilation environment* unistd.h MUST declare getopt() and stdlib.h MUST NOT declare getopt(). (Ya'll know that the current POSIX standard can be downloaded after a free registration, don'cha?) Philip Guenther