Re: \c for printf(1)
On Tue, Oct 21, 2014 at 2:29 PM, Frank Brodbeck wrote: > today I stumbled upon a script (testssl.sh) which utilizes the \c escape > sequence for printf(1). As we are missing that escape sequence and - if > I am not mistaken - it is defined by POSIX (IEEE Std 1003.1) I thought I > give it a shot. Uh, no, that's just incorrect usage and the script doing that should be fixed. The \c escape is only defined for printf(1) when in the argument to the %b format. It doesn't make sense to use \c in the format string directly: just terminate the format string instead. Ergo you would only use \c in a variable expansion...so pass it as the argument to %b. (This is a Good Thing because then you can't accidentally get a %-format from the variable's value and go completely off the rails...) > Firstly, here's a comparison of printf(1) in base and the patched printf: > > $ /usr/bin/printf "%s\n\cbar\n" "foo" > foo > printf: unknown escape sequence `\c' > cbar > $ The correct way to obtain that effect in a real usage is with something like: var='\cbar' printf '%s\n%b\n' "foo" "$var" ... > Secondly, the diff against a freshly checked out -current, I also > changed the order of \e in the man page so it fits into the otherwise > alphabetical order of the escape sequences. This probably makes sense, though maybe \e is mis-sorted because it's an extension? Nah. Philip Guenther
Re: pppoe(4), add example for ipv6
* Chris Cappuccio [2014-10-22 01:11]:
> Stuart Henderson [st...@openbsd.org] wrote:
> > Any comments on the diff in this?
> >
> > > +#ifdef INET6
> > > + sc->sc_sppp.pp_if.if_xflags &= ~IFXF_NOINET6;
> > > +#endif
> Aside from what Stefan said, isn't this flag going to be removed
> in favor of a flag that explicitly enables INET6 for interfaces?
remove yes, no need for a new one.
Index: sbin/ifconfig/ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.287
diff -u -p -r1.287 ifconfig.c
--- sbin/ifconfig/ifconfig.c12 Jul 2014 19:58:17 - 1.287
+++ sbin/ifconfig/ifconfig.c3 Oct 2014 12:58:22 -
@@ -148,6 +148,7 @@ voidsetiflladdr(const char *, int);
void setifdstaddr(const char *, int);
void setifflags(const char *, int);
void setifxflags(const char *, int);
+void addaf(const char *, int);
void removeaf(const char *, int);
void setifbroadaddr(const char *, int);
void setifmtu(const char *, int);
@@ -682,7 +683,7 @@ main(int argc, char *argv[])
}
#ifdef INET6
if (argc != 0 && af == AF_INET6)
- setifxflags("inet6", -IFXF_NOINET6);
+ addaf(name, AF_INET6);
#endif
while (argc > 0) {
const struct cmd *p;
@@ -1258,18 +1259,25 @@ setifxflags(const char *vname, int value
}
void
+addaf(const char *vname, int value)
+{
+ struct if_afreq ifar;
+
+ strlcpy(ifar.ifar_name, name, sizeof(ifar.ifar_name));
+ ifar.ifar_af = value;
+ if (ioctl(s, SIOCIFAFATTACH, (caddr_t)&ifar) < 0)
+ warn("SIOCIFAFATTACH");
+}
+
+void
removeaf(const char *vname, int value)
{
- switch (value) {
-#ifdef INET6
- case AF_INET6:
- setifxflags(vname, IFXF_NOINET6);
- setifxflags(vname, -IFXF_AUTOCONF6);
- break;
-#endif
- default:
- errx(1, "removeaf not implemented for this AF");
- }
+ struct if_afreq ifar;
+
+ strlcpy(ifar.ifar_name, name, sizeof(ifar.ifar_name));
+ ifar.ifar_af = value;
+ if (ioctl(s, SIOCIFAFDETACH, (caddr_t)&ifar) < 0)
+ warn("SIOCIFAFDETACH");
}
#ifdef INET6
@@ -1331,7 +1339,9 @@ setia6eui64(const char *cmd, int val)
if (afp->af_af != AF_INET6)
errx(1, "%s not allowed for the AF", cmd);
- setifxflags("inet6", -IFXF_NOINET6);
+#ifdef INET6
+ addaf(name, AF_INET6);
+#endif
in6 = (struct in6_addr *)&in6_addreq.ifra_addr.sin6_addr;
if (memcmp(&in6addr_any.s6_addr[8], &in6->s6_addr[8], 8) != 0)
errx(1, "interface index is already filled");
Index: sys/net/if.c
===
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.301
diff -u -p -r1.301 if.c
--- sys/net/if.c30 Sep 2014 08:27:57 - 1.301
+++ sys/net/if.c3 Oct 2014 12:59:29 -
@@ -428,10 +428,6 @@ if_attach(struct ifnet *ifp)
#else
TAILQ_INSERT_TAIL(&ifnet, ifp, if_list);
#endif
-#ifdef INET6
- ifp->if_xflags |= IFXF_NOINET6;
-#endif
-
if_attachsetup(ifp);
}
@@ -1142,11 +1138,6 @@ if_up(struct ifnet *ifp)
bstp_ifstate(ifp);
#endif
rt_ifmsg(ifp);
-#ifdef INET6
- if (!(ifp->if_xflags & IFXF_NOINET6))
- in6_if_up(ifp);
-#endif
-
#ifndef SMALL_KERNEL
rt_if_track(ifp);
#endif
@@ -1246,6 +1237,7 @@ ifioctl(struct socket *so, u_long cmd, c
struct ifaddr *ifa;
struct sockaddr_dl *sdl;
struct ifgroupreq *ifgr;
+ struct if_afreq *ifar;
char ifdescrbuf[IFDESCRSIZE];
char ifrtlabelbuf[RTLABEL_LEN];
int s, error = 0;
@@ -1280,6 +1272,28 @@ ifioctl(struct socket *so, u_long cmd, c
if ((error = suser(p, 0)) != 0)
return (error);
return (if_setgroupattribs(data));
+ case SIOCIFAFATTACH:
+ case SIOCIFAFDETACH:
+ if ((error = suser(p, 0)) != 0)
+ return (error);
+ ifar = (struct if_afreq *)data;
+ if ((ifp = ifunit(ifar->ifar_name)) == NULL)
+ return (ENXIO);
+ switch (ifar->ifar_af) {
+#ifdef INET6
+ case AF_INET6:
+ s = splnet();
+ if (cmd == SIOCIFAFATTACH) {
+ if (in6ifa_ifpforlinklocal(ifp, 0) == NULL)
+ in6_if_up(ifp);
+ } else
+ in6_ifdetach(ifp);
+ splx(s);
+ return (0);
+#endif /* INET6 */
+ default:
+ return (EAFNOSUPPORT);
+ }
}
ifp = ifunit(ifr->ifr_name);
@@ -1335,25 +1349,26 @@ ifioctl(struct socket *so, u_long cmd, c
case SIOCSIFXFLAGS:
if ((e
\c for printf(1)
Hi,
today I stumbled upon a script (testssl.sh) which utilizes the \c escape
sequence for printf(1). As we are missing that escape sequence and - if
I am not mistaken - it is defined by POSIX (IEEE Std 1003.1) I thought I
give it a shot.
Please bare with me as I am not an experienced coder or POSIX reader but
I welcome feedback.
Firstly, here's a comparison of printf(1) in base and the patched printf:
$ /usr/bin/printf "%s\n\cbar\n" "foo"
foo
printf: unknown escape sequence `\c'
cbar
$
$ /usr/obj/usr.bin/printf/printf "%s\n\cbar\n" "foo"
foo
$
Secondly, the diff against a freshly checked out -current, I also
changed the order of \e in the man page so it fits into the otherwise
alphabetical order of the escape sequences.
Index: usr.bin/printf/printf.c
===
RCS file: /cvs/src/usr.bin/printf/printf.c,v
retrieving revision 1.22
diff -u -r1.22 printf.c
--- usr.bin/printf/printf.c 25 May 2014 07:36:36 - 1.22
+++ usr.bin/printf/printf.c 21 Oct 2014 21:27:47 -
@@ -214,7 +214,13 @@
break;
case '\\':
- fmt += print_escape(fmt);
+ nextch = *(fmt + 1);
+ switch (nextch) {
+ case 'c':
+ return (0);
+ default:
+ fmt += print_escape(fmt);
+ }
break;
default:
Index: usr.bin/printf/printf.1
===
RCS file: /cvs/src/usr.bin/printf/printf.1,v
retrieving revision 1.27
diff -u -r1.27 printf.1
--- usr.bin/printf/printf.1 25 May 2014 07:36:36 - 1.27
+++ usr.bin/printf/printf.1 21 Oct 2014 21:27:47 -
@@ -80,12 +80,14 @@
The characters and their meanings are as follows:
.Pp
.Bl -tag -width Ds -offset indent -compact
-.It Cm \ee
-Write an character.
.It Cm \ea
Write a character.
.It Cm \eb
Write a character.
+.It Cm \ec
+Ignore remaining characters in this string.
+.It Cm \ee
+Write an character.
.It Cm \ef
Write a character.
.It Cm \en
Frank.
Re: Reading 56.html
On Tue, Oct 21, 2014 at 9:52 PM, Rod Whitworth wrote: > Minor nit: > I have noticed some removals of SSLv3 mentioned on line but the LibreSSL > stanza of 56.html > only has SSLv2 noted as No support.. SSLv3 was only disabled by default in LibreSSL within the last week or so. OpenBSD 5.6 was "cut" as a release a ways before that. Philip Guenther
Reading 56.html
Minor nit: I have noticed some removals of SSLv3 mentioned on line but the LibreSSL stanza of 56.html only has SSLv2 noted as No support.. *** NOTE *** Please DO NOT CC me. I subscribed to the list. Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. Rod/ --- This life is not the real thing. It is not even in Beta. If it was, then OpenBSD would already have a man page for it.
Re: pppoe(4), add example for ipv6
Stuart Henderson [st...@openbsd.org] wrote: > Any comments on the diff in this? > > > +#ifdef INET6 > > + sc->sc_sppp.pp_if.if_xflags &= ~IFXF_NOINET6; > > +#endif Aside from what Stefan said, isn't this flag going to be removed in favor of a flag that explicitly enables INET6 for interfaces?
remove networks(5) support from netstat(1)
Hi,
i'm slowly working towards removing support for the networks(5)
database because networks(5) is broken by design. Nowadays, the
only meaningful way to translate names to numbers and vice versa
is via DNS. However, the networks(5) database isn't integrated
with DNS in any way, even less so than the hosts(5) database, which
at least maintains some relationship to the resolver(3) and
getaddrinfo(3) families of functions. Besides, even historically,
the networks(5) database was only used by a handful of programs and
never worked in the same comprehensive sense as DNS for host names.
While here, the gethostent(3) library interface should go away,
too, because enumerating hosts just isn't meaningful. There is no
reasonable way to implement this function, it has been broken since
the switch to libc/asr, and i remember only one complaint which
didn't sound very urgent. sethostent(3) and endhostent(3) can be
kept as stubs for now to prevent disruption to ports land.
As a first step, i propose to remove support from the relatively
few programs in the base system still using this. In the second
step, about a dozen ports would need looking into; i already have
a list. Some are likely to magically fix themselves when their
configure script doesn't find the functions. In the third step,
the interfaces would be removed as part of a libc major bump.
To show a specific example, here is the first part of the first
step: Remove networks(5) support from netstat(1).
OK?
Ingo
P.S.
I'm running a system with all this (except sethostent(3) and
endhostent(3)) removed right now, so some more patches are being
tested and can be sent out soon. The following programs require
minor tweaks: getent(1) systat(1) amd(8) ifconfig(8) mountd(8)
pppd(8) route(8) tcpdump(8) ypbind(8) ypinit(8) ypserv(8) ypxfr(8).
Index: inet.c
===
RCS file: /cvs/src/usr.bin/netstat/inet.c,v
retrieving revision 1.134
diff -u -p -r1.134 inet.c
--- inet.c 14 Aug 2014 12:55:50 - 1.134
+++ inet.c 21 Oct 2014 17:05:30 -
@@ -801,7 +801,6 @@ inetname(struct in_addr *inp)
char *cp;
static char line[50];
struct hostent *hp;
- struct netent *np;
static char domain[MAXHOSTNAMELEN];
static int first = 1;
@@ -818,12 +817,6 @@ inetname(struct in_addr *inp)
int net = inet_netof(*inp);
int lna = inet_lnaof(*inp);
- if (lna == INADDR_ANY) {
- np = getnetbyaddr(net, AF_INET);
- if (np)
- cp = np->n_name;
- }
- if (cp == NULL) {
hp = gethostbyaddr((char *)inp, sizeof (*inp), AF_INET);
if (hp) {
if ((cp = strchr(hp->h_name, '.')) &&
@@ -831,7 +824,6 @@ inetname(struct in_addr *inp)
*cp = '\0';
cp = hp->h_name;
}
- }
}
if (inp->s_addr == INADDR_ANY)
snprintf(line, sizeof line, "*");
Index: main.c
===
RCS file: /cvs/src/usr.bin/netstat/main.c,v
retrieving revision 1.101
diff -u -p -r1.101 main.c
--- main.c 23 Jun 2014 03:46:17 - 1.101
+++ main.c 21 Oct 2014 17:05:31 -
@@ -372,13 +372,6 @@ main(int argc, char *argv[])
printproto(tp, tp->pr_name, af, tableid, pcbaddr);
exit(0);
}
- /*
-* Keep file descriptors open to avoid overhead
-* of open/close on each call to get* routines.
-*/
- sethostent(1);
- setnetent(1);
-
if (iflag) {
intpr(interval, repeatcount);
exit(0);
Index: netstat.1
===
RCS file: /cvs/src/usr.bin/netstat/netstat.1,v
retrieving revision 1.71
diff -u -p -r1.71 netstat.1
--- netstat.1 10 May 2014 23:31:40 - 1.71
+++ netstat.1 21 Oct 2014 17:05:31 -
@@ -312,12 +312,10 @@ Address formats are of the form
or
.Dq network.port
if a socket's address specifies a network but no specific host address.
-When known, the host and network addresses are displayed symbolically
-according to the databases
-.Pa /etc/hosts
-and
-.Pa /etc/networks ,
-respectively.
+When known, the host addresses are displayed symbolically
+according to the
+.Xr hosts 5
+database.
If a symbolic name for an address is unknown, or if the
.Fl n
option is specified, the address is printed numerically, according
@@ -427,7 +425,6 @@ Subsequent lines of output show values a
.Xr netintro 4 ,
.Xr route 4 ,
.Xr hosts 5 ,
-.Xr networks 5 ,
.Xr protocols 5 ,
.Xr services 5 ,
.Xr iostat 8 ,
Index: show.c
===
RCS file: /cvs/src/usr.bin/netstat
errata patch to disble sslv3
This patch disables the SSLv3 protocol for the forthcoming 5.6 release. untrusted comment: signature from openbsd 5.6 base private key RWR0EANmo9nqhqNRnZqpfGyXZORy+gN++chhlgejO0bmLmp81bJL1+Dhl3iP0bL1NnRopcGECX4QoUbsCCcnMOxkXAYeMYkmMgw= OpenBSD 5.6 errata 5, Oct 20, 2014 This patch disables the SSLv3 protocol by default. Applications depending on SSLv3 may need to be recompiled with SSL_CTX_clear_option(ctx, SSL_OP_NO_SSLv3); but we recommend against the continued use of this obsolete protocol. Apply patch using: signify -Vep /etc/signify/openbsd-56-base.pub -x 005_nosslv3.patch.sig \ -m - | (cd /usr/src && patch -p0) Then build and install libssl cd /usr/src/lib/libssl/ssl make obj make make install Index: lib/libssl/src/ssl/ssl_lib.c === RCS file: /cvs/src/lib/libssl/src/ssl/ssl_lib.c,v retrieving revision 1.78 diff -u -p -r1.78 ssl_lib.c --- lib/libssl/src/ssl/ssl_lib.c12 Jul 2014 22:33:39 - 1.78 +++ lib/libssl/src/ssl/ssl_lib.c19 Oct 2014 23:09:46 - @@ -1823,6 +1823,9 @@ SSL_CTX_new(const SSL_METHOD *meth) */ ret->options |= SSL_OP_LEGACY_SERVER_CONNECT; + /* Disable SSLv3 by default. */ + ret->options |= SSL_OP_NO_SSLv3; + return (ret); err: SSLerr(SSL_F_SSL_CTX_NEW,
