Re: CVS commit: src/sys/netinet
Unfortunately pfctl references them if it sees ICMP_PHOTURIS defined. A quick search for these does show a lot of use out there between *BSD, linux, etc. And http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xml#icmp-parameters-codes-40 shows a few more even and RFC2521 seems to be defining all of this. BTW: What happens if icmp_error gets something above ICMP_MAX_TYPE in? It appears we hard panic: if ((u_int)type ICMP_MAXTYPE) panic(icmp_error); James On Fri, Dec 23, 2011 at 2:12 PM, Christos Zoulas chris...@astron.com wrote: In article 20111223220300.9e70b17...@cvs.netbsd.org, James Chacon source-changes-d@NetBSD.org wrote: -=-=-=-=-=- #define ICMP_PHOTURIS 40 /* security */ +#define ICMP_PHOTURIS_UNKNOWN_INDEX 1 /* Bad index */ +#define ICMP_PHOTURIS_AUTH_FAILED 2 /* Auth failed */ +#define ICMP_PHOTURIS_DECRYPT_FAILED 3 /* Decrypt failed */ I don't know where ip_compat.h got these from, but they are wrong according to the IANA assigment, and this is why I did not copy them. http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xml#icmp-parameters-codes-40 christos
Re: CVS commit: src/sys/netinet
Think we should go ahead and add the codes for 0,4 and 5? James On Fri, Dec 23, 2011 at 2:44 PM, Christos Zoulas chris...@zoulas.com wrote: On Dec 23, 2:20pm, chacon.ja...@gmail.com (James Chacon) wrote: -- Subject: Re: CVS commit: src/sys/netinet | Unfortunately pfctl references them if it sees ICMP_PHOTURIS defined. Ah. | A quick search for these does show a lot of use out there between | *BSD, linux, etc. | | And http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xml#icm= | p-parameters-codes-40 | shows a few more even and RFC2521 seems to be defining all of this. | | BTW: What happens if icmp_error gets something above ICMP_MAX_TYPE in? | It appears we hard panic: | | if ((u_int)type ICMP_MAXTYPE) | panic(icmp_error); | The code wil not generate them, so there will be no panic. Changing ICMP_MAXTYPE to be 18 will require us re-doing the ICMP stats... I am not prepared to do this yet. It will lead to binary incompatibility with netstat. christos
Re: CVS commit: src/sys/netinet
On Fri, Dec 23, 2011 at 3:36 PM, Christos Zoulas chris...@zoulas.com wrote: On Dec 23, 3:10pm, chacon.ja...@gmail.com (James Chacon) wrote: -- Subject: Re: CVS commit: src/sys/netinet | Think we should go ahead and add the codes for 0,4 and 5? Well, are the ones for 1 and 3 correct? I have really no opinion on this. I would like to read up some more on the RFC and implementations first. As far as I can tell, yes. I was looking at other implementations and it appears the codes used universally are: #define ICMP_PHOTURIS_UNKNOWN_INDEX 0 /* unknown sec index */ #define ICMP_PHOTURIS_AUTH_FAILED 1 /* auth failed */ #define ICMP_PHOTURIS_DECOMPRESS_FAILED 2 /* decompress failed */ #define ICMP_PHOTURIS_DECRYPT_FAILED3 /* decrypt failed */ #define ICMP_PHOTURIS_NEED_AUTHN4 /* no authentication */ #define ICMP_PHOTURIS_NEED_AUTHZ5 /* no authorization */ (That comes from libdnet icmp.h) James
Re: CVS commit: src/lib/libc/stdio
On Oct 26, 2009, at 4:02 PM, David Laight wrote: On Sun, Oct 25, 2009 at 05:42:20PM +, Christos Zoulas wrote: Can we just revert the past 2 commits? Changing: (size_t)x - x + 0u does not look like an improvement to me. At least the first shows the intent, the second is just confusing, specially when size_t is unsigned long. Actually, IMHO, lint is just being too picky here. Having to add a cast whenever an 'int' variable is passed to a function that has a 'size_t' parameter really is just polluting the code with pointless casts. They are different types though. It's a signed vs unsigned issue. James