Re: New lpd server

[Eric Faurot]

On Thu, May 10, 2018 at 10:35:01AM -0400, Predrag Punosevac wrote:
> Where can I learn more about the work on the new lpd server aside of
> reading the code? I learnt about it from the OpenBSD Journal
>
> https://undeadly.org/cgi?action=article;sid=20180509184829
> 
> 
> Thank you!
> Predrag
> 

There is really nothing more than the code currently.

Eric.

Re: libasr/libevent question

[Eric Faurot]

On Thu, Feb 15, 2018 at 07:41:55PM -0600, Edgar Pettijohn wrote:
> I have this trivial program that I keep getting a segfault trying to use
> event_asr_run(). I have #if 0'd working code to show my progression from
> getaddrinfo() to event_asr_run(). It is hopefully something trivial that I'm
> overlooking.  Anyway I compiled like so:

You need to call event_init() before using other libevent functions.

Eric.

Re: multiple relays in smtpd.conf

[Eric Faurot]

On Wed, Aug 02, 2017 at 11:44:47AM +0200, Christian Gut wrote:
> Hi List,
> 
> is it possible to have multiple relays (you might want to say smart hosts) in 
> smtpd?
> 
> I currently use the following line:
> 
> accept from local for any relay via smarthost.example.org 
> 
> 
> Now I would like to have multiple smart hosts in there for backup reasons, if 
> one of the smart hosts is in maintainance. Is something like this possible?
> 
> accept from local for any relay via { smarthost1.example.org 
> , smarthost2.example.org 
>  }
>
> Kind Regards,
> Christian
> 

It's not possible at the moment.  There is ongoing work to support this feature,
along with other improvements. But it's quite a big change, and we can't give an
ETA right now.

Eric.

Re: sshd segfaults with incomplete /etc/hosts

[Eric Faurot]

On Mon, May 12, 2014 at 09:47:19PM +, Florian Obser wrote:

> > > Eric?
> > 
> > I think the bug is in hostent_file_match. The following diff has the
> > advantage that this works in /etc/hosts:
> > 
> > 192.0.2.1
> > 192.0.2.1 foo
> > 
> > $ getent hosts 192.0.2.1
> > 192.0.2.1 foo
> > 
> 
> hm, maybe this is better:
> 
> diff --git gethostnamadr_async.c gethostnamadr_async.c
> index 674bcb4..1c77bd9 100644
> --- gethostnamadr_async.c
> +++ gethostnamadr_async.c
> @@ -440,6 +440,8 @@ hostent_file_match(FILE *f, int reqtype, int family, 
> const char *data,
>   goto found;
>   }
>   } else {
> + if (n < 2)
> + continue;

Yes, but the check must be done for all cases.
The following diff also fixes getnetnamadr.
getaddrinfo is already fine. 

Eric.

Index: gethostnamadr_async.c
===
RCS file: /cvs/src/lib/libc/asr/gethostnamadr_async.c,v
retrieving revision 1.28
diff -u -p -r1.28 gethostnamadr_async.c
--- gethostnamadr_async.c   26 Mar 2014 18:13:15 -  1.28
+++ gethostnamadr_async.c   13 May 2014 06:47:41 -
@@ -432,6 +432,10 @@ hostent_file_match(FILE *f, int reqtype,
return (NULL);
}
 
+   /* there must be an address and at least one name */
+   if (n < 2)
+   continue;
+
if (reqtype == ASR_GETHOSTBYNAME) {
for (i = 1; i < n; i++) {
if (strcasecmp(data, tokens[i]))
Index: getnetnamadr_async.c
===
RCS file: /cvs/src/lib/libc/asr/getnetnamadr_async.c,v
retrieving revision 1.14
diff -u -p -r1.14 getnetnamadr_async.c
--- getnetnamadr_async.c26 Mar 2014 18:13:15 -  1.14
+++ getnetnamadr_async.c13 May 2014 06:47:41 -
@@ -287,6 +287,10 @@ netent_file_match(FILE *f, int reqtype, 
return (NULL);
}
 
+   /* there must be an address and at least one name */
+   if (n < 2)
+   continue;
+
if (reqtype == ASR_GETNETBYADDR) {
net = inet_network(tokens[1]);
if (memcmp(&net, data, sizeof net) == 0)

Re: OpenSMTPD exits with value 1 when clients attempd to authenticate

[Eric Faurot]

On Fri, Apr 11, 2014 at 12:44:47PM +0200, Gregor Best wrote:
> Hi people,

Hi,

> I'm running OpenSMTPD 5.4.3 from -current on my private mail server. After a
> recent update, using authentication for sending mail cause smtpd to exit with
> exit value 1. A (stripped down) configuration that exhibits the issue is the
> following:

 [...]

>   smtpd: session_imsg: unexpected IMSG_LKA_AUTHENTICATE imsg

  [...]

Hi,

This is a fallout due to the merging of multiple processes. It's been
fixed in cvs two days agos.  Rebuild smtpd from src and you'll be
fine.

Eric.

Re: libbind - server list

[Eric Faurot]

On Mon, Jan 13, 2014 at 09:36:03AM +, Stuart Henderson wrote:
> On 2014-01-12, Riccardo Mottola  wrote:

> You must use libbind's headers, too: -I/usr/local/include/libbind
> 
> It would probably make sense to apply the diff suggested in that thread
> though, as it fixes this case and I don't see a downside (it isn't enough
> for some programs which grovel deeper in struct _res, e.g. mtr, but it
> seems it fixes enough common cases to be useful).
> 
> Here's a complete diff including tedu's suggestion.
> Eric, what do you think?

I can't test right now, but it looks ok. However, note that the entries
will not be updated on resolv.conf change, unless the caller resets the
RES_INIT flag.

If it fixes the issue it can go in.

Eric.

> 
> Index: asr/res_init.c
> ===
> RCS file: /cvs/src/lib/libc/asr/res_init.c,v
> retrieving revision 1.2
> diff -u -p -r1.2 res_init.c
> --- asr/res_init.c27 May 2013 17:31:01 -  1.2
> +++ asr/res_init.c13 Jan 2014 09:18:57 -
> @@ -37,6 +37,7 @@ res_init(void)
>  {
>   _THREAD_PRIVATE_MUTEX(init);
>   struct asr_ctx  *ac;
> + int i;
>  
>   ac = asr_use_resolver(NULL);
>  
> @@ -55,6 +56,10 @@ res_init(void)
>   strlcpy(_res.lookups, ac->ac_db, sizeof(_res.lookups));
>  
>   _res.nscount = ac->ac_nscount;
> + for (i = 0; i < ac->ac_nscount; i++) {
> + memcpy(&_res.nsaddr_list[i], ac->ac_ns[i],
> + ac->ac_ns[i]->sa_len);
> + }
>   _res.options |= RES_INIT;
>   }
>   _THREAD_PRIVATE_MUTEX_UNLOCK(init);

Re: Announce: OpenSMTPD 5.4.1 released

[Eric Faurot]

With built-in redundancy! :)

Too much excitement! Sorry about that. 

Eric.

Announce: OpenSMTPD 5.4.1 released

[Eric Faurot]

OpenSMTPD 5.4.1 has just been released.

OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.

It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, OSX and Linux.

The archives are now available from the main site at www.OpenSMTPD.org

We would like to thank the OpenSMTPD community for their help in testing
the snapshots, reporting bugs, contributing code and packaging for other
systems.

This is a major release with many new features, many minor bugfixes, and
a lot of internal changes.

New features since last stable release (5.3.3):
===

  * Improved configuration file:
- removed last known ambiguity in grammar
- much simpler configuration for TLS-enabled hosts
- most parameters are now swappable in listen and accept rules
- conditions may be negated (ie: accept from !  ...)
- forward-only rules can be declared to impose ~/.forward files
- new "recipient" keyword allows accept rule to provide a whitelist
- sender and recipient tables accept wildcard in their domains

  /!\ configuration file must be edited with this new release !  /!\
  /!\ please refer to smtpd.conf(5) and use smtpd -nf smtpd.conf /!\
  /!\ to validate.   /!\


  * TLS generic improvements:
- support for TLS Perfect Forward Secrecy
- support for providing custom CA certificate


  * MTA improvements:
- mta may now require remote hosts to present valid certificates
- always attempt TLS before falling back to plaintext
- always present certificate if one is available
- AUTH LOGIN now supported
- mta can now specify a EHLO-hostname when relaying


  * SMTP server improvements:
- inet4-only and inet6-only listeners are now possible
- listeners may now hide the From part in a Received-line
- listeners may require clients to provide a valid certificate
- banner hostname can now be dynamically fetched from a table


  * Queue improvements:
- Introduce an envelope cache in the queue to improve disk-IO pattern


  * smtpctl(8) improvements:
- show relays: displays list of currently active relays
- show routes: displays status of routes currently known by smtpd
- show hosts: displays list of known remote MX
- show hoststats: display status of last delivery for active domains
- resume route: resumes route temporarily disable by the MTA
- pause/resume envelope: allows pausing individual envelopes
- pause/resume message: allows pausing individual messages
- encrypt: allows generating credentials suitable for authentication
- show message/envelope is now compression/encryption aware


  * documentation:
- table(5) describes format for static, file and db backends
- sendmail(8) describes our "sendmail" interface

  * Reduced memory-usage in both general and stressed cases
  * OpenSMTPD now automagically upgrades queue if format changes !
  * Support Qmail-like "sticky home"
  * Support for authenticating users from a credentials table
  * Introduce passwd(5) table backend for user and credentials lookup
  * Expansion variables in ~/.forward now supports modifiers
  * much more efficient scheduler !
  * And a lot of minor bug-fixes and internal cleanup !


  Experimental:

  * SQLite table backend
  * LDAP table backend
  * MySQL table backend
  * Postgres table backend


  Portable:

  * Completely reworked autotools layout


  Limitations:

  * No filters support yet (we're almost there)
  * No masquerading or address rewrite yet (we're almost there)


Contributors:
=

The following people have contributed features to this release:

Colin Didier, Ryan Kavanagh, Sunil Nimmagadda


Checksums:
==

  SHA256 (opensmtpd-5.4.1.tar.gz) =
  e70816ebc3b4aa9200d46cd0ced0f16c6ce6591fdcd91a2283183e22da2fb0ad

  SHA256 (opensmtpd-5.4.1p1.tar.gz) =
  7debbf7e55ff3687617ae2c3b38e1cf30574b96f56b869e597c0e98478e5b5d9


Support:


You are encouraged to register to our general purpose mailing-list:
http://www.opensmtpd.org/list.html

The "Official" IRC channel for the project is at:
#OpenSMTPD @ irc.freenode.net


Reporting Bugs:
===

Please read http://www.opensmtpd.org/report.html
Security bugs should be reported directly to secur...@opensmtpd.org
Other bugs may be reported to b...@opensmtpd.org

OpenSMTPD is brought to you by Gilles Chehade, Eric Faurot and Charles Longeau.
Subject: Announce: OpenSMTPD 5.4.1 released

OpenSMTPD 5.4.1 has just been released.

OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly l

Re: Unable to configure smtpd as backup server

[Eric Faurot]

On Mon, Jun 24, 2013 at 09:54:55AM -0700, Scott Vanderbilt wrote:
> I'm having difficulties configuring smtpd as a backup mail server.
> smtpd is running on my main mail server and works a treat. (Good
> riddance, sendmail.)
> 
> I've read the man pages and understood them the best I can, and
> tried various configuration options, all to no avail. Mails to known
> valid users on the backup server continue to be rejected with 550
> responses. The goal, of course, is for this backup server to accept
> these mails and relay them to the main mail server host.
> 
> This is on 5.3-current with smtpd 5.3.3.
> 
> Here is my smtp.conf (in its entirety):
> 
>listen on all
> 
>table aliases db:/etc/mail/aliases.db
>table domains file:/etc/mail/domains
>table secrets db:/etc/mail/secrets.db
> 
># Relay to main mail server via TLS
>accept for domain  relay via \
> tls+auth://f...@smtp.datagenic.com auth 
> 
>accept for local alias  deliver to mbox
>   debug: smtpd: offline scanning done
>   debug: smtp: new client on listener: 0x81a09170
>   smtp-in: New session 4aa75c26 from host
> mail-la0-f48.google.com [209.85.215.48]
>   smtp-in: Failed command on session 4aa75c26: "RCPT
> TO:" => 550 Invalid recipient
>   smtp-in: Closing session 4aa75c26
>   debug: smtp: 0x85d02000: deleting session: done
> 
> In this case, the recipient 'george' is a local user on the backup
> server host. I cannot understand why the mail has been rejected in
> this case.

It is rejected because your accept rules match local mails only.
You need to specify 'accept from any' to receive mail from the outside.

> I've also tried various options using 'relay backup' without
> success. The man page does not give an example for backup servers.
> So, I'm not sure how to proceed.

"relay backup" is used to setup secondary mail servers for a domain,
that is a server that accept mails for a domain and relay to MXs with
higher priority (i.e. lower preference in DNS).

> Many thanks in advance for any guidance you can offer.

You're welcome.

Eric.

Announce: OpenSMTPD 5.3.3 released

[Eric Faurot]

OpenSMTPD 5.3.3 has just been released and the archives are available at
our main site: www.OpenSMTPD.org

OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.

It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, OSX and Linux.

We would like to thank the OpenSMTPD community for their help in testing
the snapshots, reporting bugs, contributing code and packaging for other
systems.

This is a bugfix and reliability release, no new feature.


BugFixes:
=

  * fix a bug causing possible timeouts of incoming SSL sessions
  * fix a case-folding issue when looking up keys in static tables
  * plug several memory leaks in the MTA engine
  * while there, fix a use-after-free in debug traces


Checksums:
==

  SHA256 (opensmtpd-5.3.3.tar.gz) =
  01c4f22cdc5b4f04205f2b1490e275fba2c2265c9eb586f5c259dd3ecb6271b0

  SHA256 (opensmtpd-5.3.3p1.tar.gz) =
  34f0e208e6fdde5c5c25bb11f468436c4d6148a8b640c32117869cad140b823c


Support:


You are encouraged to register to our general purpose mailing-list:
http://www.opensmtpd.org/list.html

The "Official" IRC channel for the project is at:
#OpenSMTPD @ irc.freenode.net


Reporting Bugs:
===

Please read http://www.opensmtpd.org/report.html
Security bugs should be reported directly to secur...@opensmtpd.org
Other bugs may be reported to b...@opensmtpd.org

OpenSMTPD is brought to you by Gilles Chehade, Eric Faurot and Charles Longeau.

Re: smtpd setup

[Eric Faurot]

On Fri, May 17, 2013 at 07:31:42PM -0700, Scott wrote:
> The initial debug advice I got was helpful, so I thought I'd take the next
> step and add relaying to gmail (back to that in a minute), but apparently I
> just don't get it still. Rolling back to my previously working setup failed
> also, this time with a new error: 421. I don't get much help looking for
> explanations of 421 on the web.

>From the log you sent, it fails because the .forward file in your user
dir is empty.  This is actually a bug that is fixed in the upcoming
release.  Either rm it, or put the username in there, for now.

> I wondered if somehow I gummed up my queue when I was diddling around with
> the relay settings.
> 
> # ls /var/spool/smtpd/
> a0
> 
> Ok, so that's my just-failed message, so I flush it, just to be sanitary:
> 
> # smtpctl remove a0b31f71a4e509ff
> (BTW, is there a way to flush ALL queued messages? smtpctl(8) doesn't
> allude to it. If there isn't, what's the proper way to do so?)

Get the envelope ids from the "mailq" output and pass them to "smtpctl
remove".  Something like:

# mailq | cut -d \| -f 1 | xargs -L 1 smtpctl remove

Eric.

Re: smtpd setup

[Eric Faurot]

On Tue, May 07, 2013 at 05:23:35PM -0700, Scott wrote:
> Greetings all,
> 
> I was excited to try out smtpd because of future plans to go away from
> webmail. Right after installing 5.3 I followed the directions in man smtpd
> to make the switch. smtpd.conf is untouched, but here are the values anyway:
> 
> listen on lo0
> table aliases db:/etc/mail/aliases.db
> accept for local alias  deliver to mbox
> accept for any relay
> 
> However, sending a test mail to myself yields two different errors. On my
> server:
> # echo 'test' | mail -s TEST scott
> send-mail: command failed: 553 Sender address syntax error
> 
> on my desktop:
> # echo 'test' | mail -s TEST scott
> send-mail: command failed: 550 Invalid recipient
> 
> The same test works with sendmail enabled. What have I missed?
> 
> -Scott

I would bet it has something to do with the hostname.  Run the
server with "smtpd -d -T smtp" and look at the addresses in the smtp
transaction.

Eric.

Announce: OpenSMTPD 5.3.1 released

[Eric Faurot]

OpenSMTPD 5.3.1 has just been released and the archives are available at
our main site: www.OpenSMTPD.org

OpenSMTPD is a FREE implementation of the SMTP protocol with some common
extensions. It allows ordinary machines to exchange e-mails with systems
speaking the SMTP protocol. It implements a fairly large part of RFC5321
and can already cover a large range of use-cases.

It runs on OpenBSD, NetBSD, FreeBSD, DragonFlyBSD, MacOSX and Linux.

We would like to thank the OpenSMTPD community for their help in testing
the snapshots, reporting bugs, contributing code and packaging for other
systems.

This is a bugfix release mostly, with just one new feature.


Features:
=

  * add support for local deliveries through LMTP
contributed by Ashish SHUKLA


BugFixes:
=

  * accept clients that use the [IPv6:...] notation in their EHLO
  * do not replace '/' with ':' in %{user.directory} expansion
  * fix possible crash upon reload in table_db API
  * do not close session on temporary failure of a recipient
  * sync asr with latest bugfixes from OpenBSD
  * various minor fixes


Checksums:
==

  SHA256 (opensmtpd-5.3.1.tar.gz) =
  d9368757f041fb19ea67bc58ddf9453b7ea7f0896f0bd27c253400b22dda2d5c

  SHA256 (opensmtpd-5.3.1p1.tar.gz) =
  64e0aaa5145894af23a1e28cba7e8435931a6c4e671db7669327478e01a1c28e


Support:


You are encouraged to register to our general purpose mailing-list:
http://www.opensmtpd.org/list.html

The "Official" IRC channel for the project is at:
#OpenSMTPD @ irc.freenode.net


Reporting Bugs:
===

Please read http://www.opensmtpd.org/report.html
Security bugs should be reported directly to secur...@opensmtpd.org
Other bugs may be reported to b...@opensmtpd.org

OpenSMTPD is brought to you by Gilles Chehade, Eric Faurot and Charles Longeau.

smtpd alias expansion updated, please test

[Eric Faurot]

Hi,

I have just commited a rather deep change to the alias expansion logic
in smtpd.  It fixes a bug reported by halex@ in virtual maps, where an
alias expanding to two different virtual users would end up being sent
only to the first one.

Alias expansion is tricky. We want to make sure that the change doesn't
introduce a regression.  So please test and report problems you notice
to gil...@openbsd.org and e...@openbsd.org.

Thank you.

Eric.

Re: smtpd - strange names in maillog

[Eric Faurot]

Can you try this diff instead?

Eric.

Index: sockaddr.c
===
RCS file: /cvs/src/usr.sbin/smtpd/sockaddr.c,v
retrieving revision 1.4
diff -u -p -u -r1.4 sockaddr.c
--- sockaddr.c  16 May 2011 10:57:41 -  1.4
+++ sockaddr.c  14 Jun 2012 11:16:18 -
@@ -114,13 +114,13 @@ sockaddr_as_fqdn(const struct sockaddr *
 
switch (sa->sa_family) {
case AF_INET:
-   addr = ((const struct sockaddr_in *)sa)->sin_addr.s_addr;
+   addr = ntohl(((const struct sockaddr_in *)sa)->sin_addr.s_addr);
snprintf(dst, max,
"%d.%d.%d.%d.in-addr.arpa.",
-   (addr >> 24) & 0xff,
-   (addr >> 16) & 0xff,
+   addr & 0xff,
(addr >> 8) & 0xff,
-   addr & 0xff);
+   (addr >> 16) & 0xff,
+   (addr >> 24) & 0xff);
break;
case AF_INET6:
in6_addr = &((const struct sockaddr_in6 *)sa)->sin6_addr;

Re: smtpd - strange names in maillog

[Eric Faurot]

On Wed, Jun 13, 2012 at 07:39:46PM +0200, Jan Stary wrote:
> Through my smtpd, I am sending an email to an address
> in the fjfi.cvut.cz domain. The email get delivered alright,
> but the maillog message is strange:
> 
> Jun 13 19:32:08 mini smtpd[7138]: 93fe4a4f: from=, 
> size=427, nrcpts=1, proto=ESMTP, relay=0@localhost [IPv6:::1]
> Jun 13 19:32:10 mini smtpd[6586]: 93fe4a4f700df332: 
> to=, delay=2, relay=n003-000-000-000.static.ge.com 
> [147.32.9.3], stat=Sent (2.0.0 Ok: queued as CECD3C0083)
> 
> $ host -t mx fjfi.cvut.cz. 
> fjfi.cvut.cz mail is handled by 70 brk1.fjfi.cvut.cz.
> fjfi.cvut.cz mail is handled by 30 mailgw1.fjfi.cvut.cz.
> fjfi.cvut.cz mail is handled by 50 mailgw2.fjfi.cvut.cz.
> fjfi.cvut.cz mail is handled by 60 brk2.fjfi.cvut.cz.
> 
> So smtpd correctly chooses the first priority MX, which is 
> 
> $ host mailgw1.fjfi.cvut.cz.
> mailgw1.fjfi.cvut.cz has address 147.32.9.3
> 
> $ host 147.32.9.3
> 3.9.32.147.in-addr.arpa domain name pointer mailgw1.fjfi.cvut.cz.
> 
> All the resolvers in my /etc/resolv.conf resolve
> mailgw1.fjfi.cvut.cz. to 147.32.9.3 and back, as above.
> 
> So how did "relay=n003-000-000-000.static.ge.com [147.32.9.3]"
> get into the log? Am I missing something?
> 
>   Jan

That's an endianness issue. I thought I fixed that already...
Can you try this?

Eric.

Index: sockaddr.c
===
RCS file: /cvs/src/usr.sbin/smtpd/sockaddr.c,v
retrieving revision 1.4
diff -u -p -u -r1.4 sockaddr.c
--- sockaddr.c  16 May 2011 10:57:41 -  1.4
+++ sockaddr.c  13 Jun 2012 18:40:52 -
@@ -114,7 +114,7 @@ sockaddr_as_fqdn(const struct sockaddr *
 
switch (sa->sa_family) {
case AF_INET:
-   addr = ((const struct sockaddr_in *)sa)->sin_addr.s_addr;
+   addr = ntohl(((const struct sockaddr_in *)sa)->sin_addr.s_addr);
snprintf(dst, max,
"%d.%d.%d.%d.in-addr.arpa.",
(addr >> 24) & 0xff,

Re: OpenSMTPD memory leak...

[Eric Faurot]

On Wed, Jan 11, 2012 at 05:39:43PM +0100, Ivan Nudzik wrote:
>   Hi,
>   I'm running OpenBSD5 (all from binaries) as a spam filter installed in 
> SPARC
> LDOM (T1000). I've changed sendmail for OpenSMTPD and after few weeks a see
> that OpenSMTPD ate almost all memory:

  [snip]

> Are you devs already aware of that leak? Can I help with some traces/dumps
> till I'll must restart it?

I bet it's this one:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/smtpd/ssl.c#rev1.38

If you want to try opensmtpd you should really really run the code from
current. The one shipped with 5.0 is old and it does not help finding bugs.

Eric.

Re: If I install OpenBSD 4.9, when will I have to upgrade to 5.0?

[Eric Faurot]

On Mon, Jul 11, 2011 at 04:25:53AM -0700, lancebaynes87 wrote:
> This is starting to get funny. 
> 
> The worlds most secure os, and it doesn't have any docs regarding the 
> different versions security support time.

No kidding? http://www.openbsd.org/faq/faq5.html#Flavors

You are linked directly there by reading the 7th question of the FAQ which is:

"1.7 - When is the next release of OpenBSD?"

Was that so damn hard???

Seriously...

> How long does a version get's security support? 
> 
> If I install a version of OpenBSD then when do I have to upgrade to a fresher 
> version??
> 
> E.g.:
> 
> If I install OpenBSD 4.9 on it's release date, then when do I have to upgrade 
> to 5.0?? (so that there is no more patches for 4.9, so I have to install 5.0)
> 
> thanks.

Re: Installer bug? - Upgrade 4.6 to 4.7 failed to upgrade base47, on i386 and amd64

[Eric Faurot]

On Fri, Jun 04, 2010 at 03:55:53PM +0800, Uwe Dippel wrote:
> On Fri, Jun 4, 2010 at 2:41 PM, patrick keshishian  wrote:
> 
> > you mean applying the errata47.html patches? If so, are you certain
> > your source tree is tagged OPENBSD_4_7 and not anything else?
> 
> Do I understand you correctly? I am not building releases. I am
> installing/downloading the sets; then I do all the stuff in 'Upgrade
> guide', then
> 
> rm -Rf * in /usr/src
> rm -Rf * in /usr/xenocara
> rm -Rf * in /usr/ports,
> and then tar ... the source files meticulously as pointed out in the guide:
> # cd /usr/src
> # tar xzf ../sys.tar.gz
> # tar xzf ../src.tar.gz
> # cd /usr
> # tar xzf xenocara.tar.gz
> # tar xzf ports.tar.gz
> and then download the patches into /usr/src, then applying them
> and this is what you would see in the serial log.
> So I don't tag, because I don't cvs; what i do is just download the 4
> files. (Also see my other post, it points clearly to the sequence and
> the reboots done, with always checking pfctl after each reboot.)
> 
> Uwe

Don't you have old stuff lying around in /usr/obj that gets installed
over your new binaries?

Re: pf.conf reassemble and antispoof questions

[Eric Faurot]

On Fri, Nov 06, 2009 at 10:07:51AM +0100, Henning Brauer wrote:
> * Robert Waite  [2009-11-05 20:08]:
> > I have been on OBSD 4.4 for a bit and had not really messed with pf.conf for
> > a while.
> > 
> > When I updated to 4.6 there were a couple of settings that seemed
> > ambiguous to me.
> > 
> > 1) under Options, "set reassemble on". I know it is on by default but I got
> > a parsing
> > error when I tried it. I also found some man pages online that were missing
> > this
> > option however the man page in 4.6 does include it. So A) Is this supposed
> > to work
> 
> of course it works if you use it as written in the manpage. hint: the
> value is not "on".

well, it is actually what is written like that in the manpage.

Eric.

Index: pf.conf.5
===
RCS file: /cvs/src/share/man/man5/pf.conf.5,v
retrieving revision 1.462
diff -u -r1.462 pf.conf.5
--- pf.conf.5   5 Nov 2009 16:01:36 -   1.462
+++ pf.conf.5   6 Nov 2009 09:31:59 -
@@ -1095,9 +1095,9 @@
 .Ar reassemble
 option is used to enable or disable the reassembly of fragmented packets,
 and can be set to
-.Ar on
+.Ar yes
 (the default) or
-.Ar off .
+.Ar no .
 If
 .Ar no-df
 is also specified, fragments with the

Re: Slow CD/DVD read time (AMD64 current 4.5 02/19/2009 12:11:00 PM on Intel Q9550, 8GB RAM, 1TB WD)

[Eric Faurot]

On Sat, 21 Feb 2009 16:20:07 -0500
David Heinrich  wrote:

> I'm installing OpenBSD AMD64 current (4.5) as of 12/19/2009 12:11:00
> PM. I am at the step where it says "Getting base45.tgz"..it started
> out saying it would require 40 or more minutes and seems to be
> transferring data from the CD to hard-drive at a rate of 20 KB/sec.
> Why is it going so slow?

Can't really say without a full dmesg, but maybe DMA support is missing for
your SATA controller. Send a full dmesg, or check the DMA status on the
"pciide* at" lines.


Eric.

Re: OpenBSD WiFi tutorial

[Eric Faurot]

On Sat, 6 Sep 2008 17:59:00 +0530
"Siju George" <[EMAIL PROTECTED]> wrote:

> Hi,
> 
> Is there a simple tutorial or howto on setting up wireless for OpenBSD?
> Especially setting up OpenBSD as a WiFi hub?

There is even better: manpages.

man ifconfig
man 


Eric.

Re: web development on OpenBSD

[Eric Faurot]

On Tue, 29 Apr 2008 20:08:37 +1200
Richard Toohey <[EMAIL PROTECTED]> wrote:

> Hello,
>
> I plan to develop a money management app for personal use on
> OpenBSD. Since I am not big on any backend /prog.language I have
> decided to ask the experts, what should i choose. Based on the
> consensus and depth of a response, I will devote my time studying that
> language/server and try to build this app.

> requirement: Browser based app. with AJAX (multiuser if possible)
> my_hardware_limitation: 40gig disk, 1GB RAM , no video RAM, pentium 4
> CPU 2GHz Level of expertise: starter

> which components will be a good fit?:

> 1. Backend: MySQL or SQLite
> 2. webserver: apache or Lighttpd
> 3. development language: PHP or Java or Javascript (and XML I guess)
>

PHP is complete crap and a disaster as a programming language. Java is
way too cumbersome. For this kind of use-case, I would definitely use
python and twisted+nevow+axiom.

If you don't know python at all the learning curve for all this might
be a bit step, but probably not worse than having to learn
SQL+HTTP+some other language (especially if you struggle with php).

Nevow is a really nice framework for web-based applications. It also
has all the "AJAX" you need (seamless two-way RPC between python and
javascript). As a persistence system, Axiom is very convenient to use,
but it is sqlite only, and you don't have full control over your DB
schema. You might like it or not.

I would think twice before using this combination for a very very busy
site, but for personnal or "small business" use, it is perfect.

I just imported www/py-nevow a few days ago. check the ports ML
archive for an axiom port.

Eric.

Re: poll(2) vs kqueue(2) performance

[Eric Faurot]

On Sat, 19 Apr 2008 13:27:34 +0800
"Edwin Eyan Moragas" <[EMAIL PROTECTED]> wrote:

> Hi all,
> 
> been reading the select(2) man pages and it mentions poll(2)
> being more efficient in most cases. this makes it obvious to
> discard the use of select(2) in writing new servers.
> 
> i've come across some performance benchmarks which is trying
> to use kqueue(2).
> 
> the question is, which one is more useful when writing new servers?
> kqueue or poll?

The more useful is event(3).

Eric.

Re: Real men don't attack straw men

[Eric Faurot]

RMS wrote:

> I've been trying for a couple of years to get going a modified version
> of Firefox that won't offer to install any non-free plug-ins, but we
> don't have enough people to make this work very well.  If you would
> like to help, please let me know.  It is an important project.

Hahaha!!! Oh my god, this is just so fucking funny!

<< I've been trying for a couple of years to get people to castrate
themselves so it won't be possible for them to do "bad things(tm)",
but it does not seem to be working too well... If you would like to
help, please let me know.  It is an important project. >>


Eric.

Re: OpenBSD kernel janitors

[Eric Faurot]

On Sat, 3 Nov 2007 12:01:46 +0100
Karel Kulhavy <[EMAIL PROTECTED]> wrote:

> > We've got a PR database with bugs in it, and we NEVER get fixes from
> > outsiders.  That's not news to anyone, if they actually wanted to do
> 
> Maybe the outsiders just cannot find the PR database. I put
> "openbsd pr database" into google and looked into all links on the first
> page. The pr database is always mentioned, but never linked. Where is it?

Right on the front page. The "Bug Tracking" link.

Eric.

Re: Speeding up OBSD bootup

[Eric Faurot]

On Sat, 6 Oct 2007 16:08:41 +0200
Karel Kulhavy <[EMAIL PROTECTED]> wrote:

> Is it possible to specify the kernel that the hardware for which there are
> drivers probing for but I don't have in my PC is absent? Since OBSD has no
> suspend to disk/RAM, the bootup speed is critical when working with a laptop
> in public transport.

Look at config(8). There is also an entry in the FAQ:
http://openbsd.org/faq/faq5.html#config

Eric.

Re: port forwarding

[Eric Faurot]

On 12/4/06, Bambero <[EMAIL PROTECTED]> wrote:

Hello

I have a problem with port forwarding. My "network" looks like this:

INERNET   <=>  [ne3] router (OpenBSD-3.9) [ne4] (192.168.0.1)  <=>
client (192.168.0.2)

I want to forward port  of my router [ne3] to port 80 on client machine.
I have the following rules in my /etc/pf.conf:

===
ext_if="ne3"
int_if="ne4"

nat on $ext_if from !($ext_if) -> ($ext_if)

rdr pass proto tcp from any to any port  ->  port 80
===



What may be wrong ?


You want to forward to the "client machine", but your last rule does
not say so.

Eric.

Re: Voice-Chat Software (maybe even a Client wich works on openBSD? ;) ) ?

[Eric Faurot]

On 7/13/06, Sebastian Rother <[EMAIL PROTECTED]> wrote:

Hello everybody,

I`m looking for a Voice-Chat/VoIP Solution.


You could take a look at shtoom.

http://divmod.org/trac/wiki/ShtoomProject

I think it has already been mentioned on this list (or ports?).

Eric.

Re: cruxports for OpenBSD

[Eric Faurot]

On 6/17/06, Siju George <[EMAIL PROTECTED]> wrote:


there is a software called foo

suppose 3.9 installs foo.1.1.1 if you use ports.

now a few security holes are found in foo.1.1.1

So the foo developers release foo.1.1.2

And the foo developers *strongly encourage* everybody running
foo.1.1.1 to upgrade to foo.1.1.2 as soon as possible.

So what is the best wat to do it in the present ports system?


Well, update to stable: http://openbsd.org/pkg-stable.html

Eric.

Re: openbsd's future plans?

[Eric Faurot]

On 2/8/06, Diana Eichert <[EMAIL PROTECTED]> wrote:

> I cast a vote for re-writing the kernel in Ruby because of it's robust
> threads implementation.

No no no, OpenBSD should be rewritten with the new GPL v3 as soon
as it stabilizes. It seems much more robust than the previous releases,
and it is already very good at spawning threads.

Eric.

Re: openbsd web site design proposals (from HOTO write bad docs)

[Eric Faurot]

On 11/28/05, Jeremy David <[EMAIL PROTECTED]> wrote:

> > I just wanted to point that your original argument was wrong. You said "fix 
> > it because it is broken for people", which is not true.
>
> I would say that it is. "Broken" doesn't necessarily mean that it
> makes your browser crash. When you look at www.openbsd.org in lynx,
> every page has a bunch of links at the top that you have to scroll
> through endlessly in order to get to the content. It looks nice in
> Firefox, but not in browsers that a lot of people use, especially the
> kinds of people who want to use OpenBSD. For those people who use
> lynx, www.openbsd.org is a frustrating challenge to navigate.

Humm,  we are certainly not looking at the same site. _Only_ the root page
has that menu, and that makes sense, since it is the useful content of that
page. I think it is very usable with lynx.

> Similarly for the blind who use a text reader to read them the content
> on the web page, lists are not identified as such in the code, and
> therefore someone using an alternative way of getting information from
> the web can't find what they're looking for without a lot of
> frustration. Saying that it works for me OK right now is simply not
> good enough.

As it has been said several times in more or less polite terms, saying it is not
working for someone without pointing to a "real problem" is not good enough.

> Well, I believe that fixing it right the first time will save you some
> panic and further problems in the future.

But it will waste time now and introduce other problems.
Panic is a bit strong. The world will not collapse when an hypothetic
brand-new browser will not show the openbsd site correctly.

> The idea has been mentioned in this thread that it's too difficult to
> make websites work in multiple browsers and still be valid. That idea
> is simply incorrect. Here's an example. http://www.cerealport.com/?p=8

- the white text is difficult to read because of the lack of constrast with
  the image in background.
- why do I have to click on the menu entry to expand them? what about
  the accessibility?
- the overal look is not much better than the openbsd site.

> I believe that fixing it now will get the content of openbsd.org,
> which is superb, into the minds of everyone who is looking for it, now
> and in the future.

It also conforts people who think all that glitters is gold, instead
of encouraging
critical thinking.

Eric.

Re: openbsd web site design proposals (from HOTO write bad docs)

[Eric Faurot]

On 11/28/05, Jeremy David <[EMAIL PROTECTED]> wrote:
> On 11/28/05, Eric Faurot <[EMAIL PROTECTED]> wrote:
> > On 11/28/05, Jeremy David <[EMAIL PROTECTED]> wrote:
> >
> > > The website is hacky, invalid, and broken.
> >
> > broken? which page? which browser?
>
> Hi. Thanks for joining the conversation, Eric.
>
> I appreciate your question, but I believe to cite a particular page
> which doesn't work as intended on a particular browser would be to
> miss the point.

I just wanted to point that your original argument was wrong. You said "fix it
because it is broken for people", which is not true.

> What is means when the HTML code is invalid is that you're inviting
> unpredictability. Sure, it might look ok in this version of Firefox,
> but what about the next version of FIrefox? Or the 2007 edition of
> Konquerer? The only way to make sure that your HTML code will not
> cause an unpredictable fault in a browser now, or in the future is to
> make the code valid.

I fully agree. When that happens, action will be taken by someone who
decides it is "then" a priority.

> Making the code valid now will save you a lot of trouble in the future
> when, hypothetically, Firefox 2 is released and it chokes and dies on
> this particular piece of invalid code. Why wait around until it
> breaks? The best way to handle the problem is to fix it now, so that
> you don't have to rush and fix it when it crashes and burns later.

Why fix it if it is not broken? (not broken means readable by a human).
There again the keyword is "hypothetic". Also, I think major browsers
will continue to be extremly lenient wrt to html code for a long time for
three reasons:
- lots of content is hand generated, which means error-prone, and for a
  browser writer, rejecting non-valid pages is not an option.
- no one will use a browser that will refuse to render their favorite online
  banking/shopping/chatting site, where html is often far far for correct.
- the code to 'normalize' the structure is already there, and working
well enough,
  so why would they throw it away?

Again, I'm all for standards and good design and all, but this is simply not
an issue for the OpenBSD team now.  Browsers should be the ones putting
efforts in respecting standards first. Microsoft takes part of the W3
specification working groups, and then they impose us that utter crap called IE?
Come on...

Eric.

Re: openbsd web site design proposals (from HOTO write bad docs)

[Eric Faurot]

On 11/28/05, Jeremy David <[EMAIL PROTECTED]> wrote:

> Well, simply as a matter of fact, it's actually untrue that the site is
> functional. Functional for you? Maybe. For everyone? Not exactly.
>
> Check this out:
>
> http://validator.w3.org/check?uri=http%3A%2F%2Fwww.openbsd.org&charset=%28det
> ect+automatically%29&
>
> There are 5 errors on the main page alone. That means that no matter how
> useful the content on the website is, the code breaks down for a lot of
> people.

No, that means it is broken for the w3 validator. Please cite one browser for
which the content cannot be read correctly.

> Standards are important. Where HTML is concerned, they're doubly so,
> because there are so many different clients (browsers) being used by so many
> different kinds of people.

> http://www.webstandards.org/about/
> http://www.zeldman.com/dwws/

Very nice, I wonder why firefox on my amd64 is slow as hell
with the last page, for the little content it has. probably bad design.

> I'm really underwhelmed by comments like "Why don't you cut the guy some
> slack" and "I don't speak for Nick, but I imagine he probably feels a
> unappreciated when folks feel like nitpicking his "design""
>
> Excusing errors in the interests of not hurting someone's feelings is a
> great way to end up with a third-rate product.

> The website is hacky, invalid, and broken.

broken? which page? which browser?

>  Not to mention the fact that most
> people think it's ugly. If that hurts someone's feelings then I'm sorry, but
> it does no one any favors to ignore errors and broken code.

Call me a pervert, but actually I sort of like the "vintage" look of it. FreeBSD
looks so boringly corporate these days...

I am all for good design, good html and everything, but frankly I don't
feel this kind of discussions helps anything. Yes, having checked the
html sources (with my eyes, not with the validator), I think using
'better html' could probably help the maintainance a bit. So what?
Would I impose that to the guy that is actually working on the content?
If it were to be changed (maybe it will someday), it would be done
for pragmatic reasons (or for the very own pleasure of the openbsd team,
but that is another story), not to satisfy a dogmatic standpoint.
Which browser? which page?

Eric.

Re: problem with dynamic linking on amd64 or expected behaviour?

[Eric Faurot]

oops, I might have spoken a bit too quick: I didn't see the recent ld.so changes
and I didn't realize my amd64 snapshot was so old. I'll try with a
more recent one.

Sorry for the noise.

Eric.

problem with dynamic linking on amd64 or expected behaviour?

[Eric Faurot]

Hi,

I am stuck on the following dynamic linking problem: python-expat has
a pyexpat.so module that contains a complete expat implementation
(1.95.8). Now there is the _cairo.so python that depends on
libcairo.so and libfreetype.so (found in /usr/X11R6/lib) which in turn
is linked to /usr/X11R6/lib/libexpat.so.5.0 (1.95.6). With python on
amd64...

>>> import pyexpat; import cairo

... seems to work (maybe not for long though), but...

>>> import cairo; import pyexpat

... segfaults during pyexpat importation, because pyexpat init code
calls an XML_* function that is resolved in libexpat.so.5.0 (dlopen-ed
by cairo.so) instead of pyexpat.so.

The funny thing is that problem does not happen on powerpc. So, I
suspect that this is a "feature" of the dynamic linker, using a wrong
search path for symbols on amd64. I have tried to investigate a bit
but I am not knowledgeable enough about the linking business. Anyway,
I have traced of the ld.so activity for the different cases: (names
are --)

http://ekyo.nerim.net/openbsd/

The segfault happens at pyexpat.c:1970 "MYCONST(XML_ERROR_UNBOUND_PREFIX);".
XML_ErrorString() returns NULL in /usr/X11R6/lib/libexpat.so.5.0,
crashing strlen later.

Eric.

Re: making packages out of the portstree

[Eric Faurot]

On 10/12/05, Marc Peters <[EMAIL PROTECTED]> wrote:
> hi all,
>
> i wanted to install a package on an box, which i built out of the
> portstree via "make package". everything goes fine and the package is
> available in "/usr/ports/packages/i386/cdrom/" and "../ftp/". i copied
> the .tgz to the machine, where i wanted to install it on, but it failed
> with the following error:
>
> # pkg_add nut-2.0.0p0.tgz
> Unknown element: @pkgpath sysutils/nut,no_cgi

> can anyone point me in the right direction?

You must be using the current port tree with a stable release.
This does not work.

Eric.

Re: very weird random numbers with jot on macppc

[Eric Faurot]

On 5/31/05, Otto Moerbeek <[EMAIL PROTECTED]> wrote:

> Well, after some really deep digging, this commit by Dale Rahn fixes
> the problem.
> 
> http://www.openbsd.org/cgi-bin/cvsweb/src/sys/arch/powerpc/powerpc/trap.c.diff?r1=1.67&r2=1.68&f=h
> 
> Thanks for the report.

I'm glad this can make openbsd better. Tracking the bug was probably much
more difficult. Thanks for that.

What puzzles me is that although it looks like a really "fundamental" flaw,
it does not seem to have much impact on the overall system stability.
Could you possibly post your canonical code exposing the bug?

Eric.

Re: ifconfig not showing ipv6 peer addr on 3.7

[Eric Faurot]

On 6/1/05, Brad <[EMAIL PROTECTED]> wrote:

> IPv6 with ppp does not work at the moment.

Just in case that "breakage" was not intentional, but a side-effect of other
changes in ppp, I can report that it used to work on 3.6. I had to
apply this diff
http://archives.neohapsis.com/archives/openbsd/2004-11/2880.html
to actually get packets from the interface, but it IPV6CP worked and
ifconfig showed the peer address correctly even without the patch.

Eric.

ifconfig not showing ipv6 peer addr on 3.7

[Eric Faurot]

When using ppp on 3.7 with IPV6CP, ifconfig does not show the peer
ipv6 address on the local link, although it should be there.

  $ ifconfig tun0 inet6 
  tun0: flags=8010 mtu 1500
  inet6 fe80::502a:8671%tun0 ->  prefixlen 64 scopeid 0x6

whereas in ppp, after dial:

  ppp ON myhost> show iface
  tun0 (idx 6)  mtu 1500 has 2 addresses:
  inet  -->  netmask 0x
  inet6 fe80::502a:8671 --> fe80::203:feff

I looked a bit into ifconfig.c and I noted that on line 2234, the
ioctl call does not fail, but the resulting ifr_addr is empty (len=0,
family=0). It definitely worked on 3.6.

Eric.

Re: very weird random numbers with jot on macppc

[Eric Faurot]

On 5/27/05, Han Boetes <[EMAIL PROTECTED]> wrote:
> Eric Faurot wrote:
> > I've noted that jot(1) behaviour is erratic on my system (ibook)
> > wrt to random number generation.
> 
> Not a solution to this interesting problem but if you want to get
> real random numbers you can use this little program I wrote:

Well, I don't really need it actually. I was just toying with jot after
I discovered it 'by accident'.

I confirm that it works on my ibook G3 when x is global. Very weird.

Eric.

very weird random numbers with jot on macppc

[Eric Faurot]

I've noted that jot(1) behaviour is erratic on my system (ibook) wrt to
random number generation.

"jot -r 0" will start generating 1's continuously after a (short) while.
It does it even quicker when higher precision is requested.
"jot -p 9 0" starts throwing 1.0's after 74 random lines.
"jot -p 5 0" will do that after 104 lines.  Oddly enough, it happens
only when output goes to the terminal (pipes and redirections seem to
work).

Also, the examples in the manpage produce very suspicious results: The
following happens every 4 or 5 invocations:

$ jot -r -p 0 10 0.5 3.5 | sort -n | uniq -c 
33162 1
33422 2
33416 3
$ jot -r -p 0 10 0.5 3.5 | sort -n | uniq -c 
33183 1
33223 2
33594 3
$ jot -r -p 0 10 0.5 3.5 | sort -n | uniq -c 
 838 1
 781 2
 784 3
97597 0


Another one (more than half the time):

$ jot -w %d -r 10 1 4 | sort -n | uniq -c 
33104 1
33476 2
33420 3
$ jot -w %d -r 10 1 4 | sort -n | uniq -c 
89731 1
5164 2
5105 3
$ jot -w %d -r 10 1 4 | sort -n | uniq -c 
33210 1
33443 2
33347 3
$ jot -w %d -r 10 1 4 | sort -n | uniq -c 
97808 1
1090 2
1102 3

I'm not an entropy expert, but I suspect there is something very wrong.
All seem to work fine on i386.  So I guess it is a macppc issue.
Here is the dmesg output.

[ using 308668 bytes of bsd ELF symbol table ]
console out [ATY,Bee_A]console in [keyboard] ADB found
using parent ATY,BeeParent:: memaddr 9800 size 800, : consaddr
9c008000, : ioaddr 9002, size 2: memtag 8000, iotag 8000:
width 1024 linebytes 1024 height 768 depth 8
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2005 OpenBSD. All rights reserved.  http://www.OpenBSD.org

OpenBSD 3.7 (GENERIC) #225: Sun Mar 20 00:55:39 MST 2005
[EMAIL PROTECTED]:/usr/src/sys/arch/macppc/compile/GENERIC
real mem = 134217728 (131072K)
avail mem = 112680960 (110040K)
using 1254 buffers containing 6709248 bytes of memory
mainbus0 (root)
cpu0 at mainbus0: 750FX (Revision 0x203): 800 MHz: 512KB L2 cache
memc0 at mainbus0: uni-n
mpcpcibr0 at mainbus0: uni-north, Revision 0xff
pci0 at mpcpcibr0 bus 0
pchb0 at pci0 dev 11 function 0 "Apple Pangea AGP" rev 0x00
vgafb0 at pci0 dev 16 function 0 "ATI Radeon Mobility M7 LW" rev 0x00, mmio
wsdisplay0 at vgafb0: console (std, vt100 emulation)
mpcpcibr1 at mainbus0: uni-north, Revision 0x0
pci1 at mpcpcibr1 bus 0
pchb1 at pci1 dev 11 function 0 "Apple Pangea PCI" rev 0x00
macobio0 at pci1 dev 23 function 0 "Apple Pangea" rev 0x00
openpic0 at macobio0: version 0x4614
gpio_obio0 at macobio0
gpio_obio1 at gpio_obio0 offset 0x9 irq 47
programmer-switch at gpio_obio0 offset 0x11 not configured
firewire-linkon at gpio_obio0 offset 0x5b not configured
cpu-vcore-select at gpio_obio0 offset 0x6b not configured
extint-gpio4 at gpio_obio0 offset 0x5c not configured
gpio9 at gpio_obio0 offset 0x73 not configured
extint-gpio12 at gpio_obio0 offset 0x64 not configured
gpio5 at gpio_obio0 offset 0x6f not configured
gpio6 at gpio_obio0 offset 0x70 not configured
extint-gpio4 at gpio_obio0 offset 0x5c not configured
gpio11 at gpio_obio0 offset 0x75 not configured
extint-gpio15 at gpio_obio0 offset 0x67 not configured
zsc0 at macobio0: irq 22,23
zstty0 at zsc0 channel 0
zstty1 at zsc0 channel 1
snapper0 at macobio0: irq 30,1,2
adb0 at macobio0 irq 25: via-pmu 3 targets
aed0 at adb0 addr 0: ADB Event device
akbd0 at adb0 addr 2: iBook keyboard with inverted T (ISO layout)
wskbd0 at akbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0
ams0 at adb0 addr 3: EMP trackpad  2-button, 400 dpi
wsmouse0 at ams0 mux 0
abtn0 at adb0 addr 7: brightness/volume/eject buttons
apm0 at adb0: battery flags 0x5, 0% charged
ki2c0 at macobio0
wdc0 at macobio0 irq 19: DMA
wd0 at wdc0 channel 0 drive 0: 
wd0: 16-sector PIO, LBA48, 28615MB, 58605120 sectors
atapiscsi0 at wdc0 channel 0 drive 1
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0:  SCSI0
5/cdrom removable
wd0(wdc0:0:0): using PIO mode 4, DMA mode 2
cd0(wdc0:0:1): using PIO mode 4, DMA mode 2
audio0 at snapper0
ohci0 at pci1 dev 24 function 0 "Apple Pangea USB" rev 0x00: irq 27, version 1.0
usb0 at ohci0: USB revision 1.0
uhub0 at usb0
uhub0: Apple OHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
ohci1 at pci1 dev 25 function 0 "Apple Pangea USB" rev 0x00: irq 28, version 1.0
usb1 at ohci1: USB revision 1.0
uhub1 at usb1
uhub1: Apple OHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
mpcpcibr2 at mainbus0: uni-north, Revision 0x6
pci2 at mpcpcibr2 bus 0
pchb2 at pci2 dev 11 function 0 "Apple Pangea PCI" rev 0x00
"Apple Pangea FireWire" rev 0x00 at pci2 dev 14 function 0 not configured
gem0 at pci2 dev 15 function 0 "Apple GMAC" rev 0x00: irq 41, address
00:0a:95:89:b1:9c
bmtphy0 at gem0 phy 0: BCM5221 100baseTX PHY, rev. 4
uhidev0 at uhub1 port 1 configuration 1 interface 0
uhidev0: Logitech USB