Re: once rules fix
Klemens Nanni writes:
> Thanks! Diff makes sense, see comments inline. I confirm that this
> restores intended behaviour and regress is fine as well.
>
> With those addressed OK kn; or I take care of it after getting an OK.
> sashan?
Thanks for pointing to the details. Fixed now:
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index e8dd97f6222..ceca208ab71 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -354,7 +354,7 @@ struct pfctl_watermarks syncookie_opts;
int disallow_table(struct node_host *, const char *);
int disallow_urpf_failed(struct node_host *, const char *);
int disallow_alias(struct node_host *, const char *);
-int rule_consistent(struct pf_rule *, int);
+int rule_consistent(struct pf_rule *);
int process_tabledef(char *, struct table_opts *, int);
voidexpand_label_str(char *, size_t, const char *, const char *);
voidexpand_label_if(const char *, char *, size_t, const char *);
@@ -377,8 +377,7 @@ void expand_rule(struct pf_rule *, int,
struct node_if *,
struct node_proto *,
struct node_os *, struct node_host *, struct node_port *,
struct node_host *, struct node_port *, struct node_uid *,
- struct node_gid *, struct node_if *, struct node_icmp *,
- const char *);
+ struct node_gid *, struct node_if *, struct node_icmp *);
int expand_queue(char *, struct node_if *, struct queue_opts *);
int expand_skip_interface(struct node_if *);
@@ -876,6 +875,7 @@ anchorrule : ANCHOR anchorname dir quick interface af
proto fromto
{
struct pf_rule r;
struct node_proto *proto;
+ char*p;
memset(, 0, sizeof(r));
if (pf->astack[pf->asd + 1]) {
@@ -913,7 +913,33 @@ anchorrule : ANCHOR anchorname dir quick interface af
proto fromto
"rules must specify a name");
YYERROR;
}
+
+ /*
+* Don't make non-brace anchors part of the
main anchor pool.
+*/
+ if ((r.anchor = calloc(1, sizeof(*r.anchor)))
== NULL) {
+ err(1, "anchorrule: calloc");
+ }
+ pf_init_ruleset(>ruleset);
+ r.anchor->ruleset.anchor = r.anchor;
+ if (strlcpy(r.anchor->path, $2,
+ sizeof(r.anchor->path)) >=
sizeof(r.anchor->path)) {
+ errx(1, "anchorrule: strlcpy");
+ }
+ if ((p = strrchr($2, '/')) != NULL) {
+ if (strlen(p) == 1) {
+ yyerror("anchorrule: bad anchor
name %s",
+ $2);
+ YYERROR;
+ }
+ } else
+ p = $2;
+ if (strlcpy(r.anchor->name, p,
+ sizeof(r.anchor->name)) >=
sizeof(r.anchor->name)) {
+ errx(1, "anchorrule: strlcpy");
+ }
}
+
r.direction = $3;
r.quick = $4.quick;
r.af = $6;
@@ -955,8 +981,7 @@ anchorrule : ANCHOR anchorname dir quick interface af
proto fromto
expand_rule(, 0, $5, NULL, NULL, NULL, $7, $8.src_os,
$8.src.host, $8.src.port, $8.dst.host, $8.dst.port,
- $9.uid, $9.gid, $9.rcv, $9.icmpspec,
- pf->astack[pf->asd + 1] ? pf->alast->name : $2);
+ $9.uid, $9.gid, $9.rcv, $9.icmpspec);
free($2);
pf->astack[pf->asd + 1] = NULL;
}
@@ -1110,7 +1135,7 @@ antispoof : ANTISPOOF logquick antispoof_ifspc af
antispoof_opts {
if (h != NULL)
expand_rule(, 0, j, NULL, NULL, NULL,
NULL, NULL, h, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL, "");
+ NULL, NULL, NULL, NULL);
if ((i->ifa_flags & IFF_LOOPBACK) == 0) {
bzero(,
Re: acpithinkpad: fix brightness keys, keyboard backlight value
Hi Joshua,
I just tried your patch on T470p and X230.
On T470p, display brightness keys are now working and keyboard
backlight is reported correctly by wsconsctl.
On X230, display brightness keys are still working fine.
Regards,
On Tue, Mar 05 2019, joshua stein wrote:
Here we go again...
On at least the ThinkPad X1C6, the screen brightness keys (F5
and
F6) do not work and "wsconsctl keyboard.backlight" doesn't
report
the correct value when the keyboard backlight is adjusted with
Fn+Space.
These are both caused by the default event mask not including
these
events, so explicitly enable them.
But then acpithinkpad has to actually do something for the
screen
brightness keys, but it tries the very old CMOS method which
doesn't
work on these newer machines[0]. So make it use the ACPI
method.
I renamed thinkpad_[gs]et_backlight to
thinkpad_[gs]et_kbd_backlight
because it was confusing that they have nothing to do with
screen
backlight.
0. "newer machines" being those with MHKV reporting version 2.
If
this diff breaks on older "newer machines", this metric will
have to
be changed to something else.
Index: sys/dev/acpi/acpithinkpad.c
===
RCS file: /cvs/src/sys/dev/acpi/acpithinkpad.c,v
retrieving revision 1.61
diff -u -p -u -p -r1.61 acpithinkpad.c
--- sys/dev/acpi/acpithinkpad.c 1 Jul 2018 19:40:49 -
1.61
+++ sys/dev/acpi/acpithinkpad.c 5 Mar 2019 20:00:23 -
@@ -124,6 +124,10 @@
#defineTHINKPAD_ADAPTIVE_MODE_HOME 1
#defineTHINKPAD_ADAPTIVE_MODE_FUNCTION 3
+#define THINKPAD_MASK_BRIGHTNESS_UP (1 << 15)
+#define THINKPAD_MASK_BRIGHTNESS_DOWN (1 << 16)
+#define THINKPAD_MASK_KBD_BACKLIGHT(1 << 17)
+
struct acpithinkpad_softc {
struct devicesc_dev;
@@ -134,6 +138,8 @@ struct acpithinkpad_softc {
struct ksensor sc_sens[THINKPAD_NSENSORS];
struct ksensordevsc_sensdev;
+ uint64_t sc_hkey_version;
+
uint64_t sc_thinklight;
const char *sc_thinklight_get;
const char *sc_thinklight_set;
@@ -161,8 +167,8 @@ int thinkpad_activate(struct device *,
i
/* wscons hook functions */
void thinkpad_get_thinklight(struct acpithinkpad_softc *);
void thinkpad_set_thinklight(void *, int);
-intthinkpad_get_backlight(struct wskbd_backlight *);
-intthinkpad_set_backlight(struct wskbd_backlight *);
+intthinkpad_get_kbd_backlight(struct wskbd_backlight *);
+intthinkpad_set_kbd_backlight(struct wskbd_backlight *);
extern int (*wskbd_get_backlight)(struct wskbd_backlight *);
extern int (*wskbd_set_backlight)(struct wskbd_backlight *);
void thinkpad_get_brightness(struct acpithinkpad_softc *);
@@ -284,6 +290,10 @@ thinkpad_attach(struct device *parent, s
printf("\n");
+ if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKV",
0, NULL,
+ >sc_hkey_version))
+ sc->sc_hkey_version = THINKPAD_HKEY_VERSION1;
+
#if NAUDIO > 0 && NWSKBD > 0
/* Defer speaker mute */
if (thinkpad_get_volume_mute(sc) == 1)
@@ -299,14 +309,14 @@ thinkpad_attach(struct device *parent, s
0, NULL, >sc_thinklight) == 0) {
sc->sc_thinklight_get = "KLCG";
sc->sc_thinklight_set = "KLCS";
- wskbd_get_backlight = thinkpad_get_backlight;
- wskbd_set_backlight = thinkpad_set_backlight;
+ wskbd_get_backlight = thinkpad_get_kbd_backlight;
+ wskbd_set_backlight = thinkpad_set_kbd_backlight;
} else if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode,
"MLCG",
0, NULL, >sc_thinklight) == 0) {
sc->sc_thinklight_get = "MLCG";
sc->sc_thinklight_set = "MLCS";
- wskbd_get_backlight = thinkpad_get_backlight;
- wskbd_set_backlight = thinkpad_set_backlight;
+ wskbd_get_backlight = thinkpad_get_kbd_backlight;
+ wskbd_set_backlight = thinkpad_set_kbd_backlight;
}
if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "PBLG",
@@ -327,13 +337,19 @@ thinkpad_enable_events(struct acpithinkp
int64_t mask;
int i;
- /* Get the supported event mask */
+ /* Get the default event mask */
if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKA",
0, NULL, )) {
printf("%s: no MHKA\n", DEVNAME(sc));
return (1);
}
+ /* Enable events we need to know about */
+ mask |= (THINKPAD_MASK_BRIGHTNESS_UP |
THINKPAD_MASK_BRIGHTNESS_DOWN |
+ THINKPAD_MASK_KBD_BACKLIGHT);
+
+ DPRINTF(("%s: setting event mask to 0x%llx\n",
DEVNAME(sc), mask));
+
/* Update hotkey mask */
bzero(args, sizeof(args));
args[0].type = args[1].type = AML_OBJTYPE_INTEGER;
@@ -380,6 +396,8 @@ thinkpad_hotkey(struct aml_node *node, i
if (aml_evalinteger(sc->sc_acpi,
Re: libcrypto: INTEGER_cmp vs. STRING_cmp
On Tue, Mar 05, 2019 at 11:39:02PM +0100, Holger Mikolon wrote: > Hi, > > while debugging an unusual openssl use case, I tried reading and > understanding libcrypto x509 code and came across the comparison > of serialNumbers (of type ASN1_INTEGER*) with a string comparison > function. Below patch fixes the comparison to use ASN1_INTEGER_cmp. > > The man page (ASN1_STRING_cmp(3)) contains the following unambiguous > advice: > > "These functions should not be used to examine or modify ASN1_INTEGER > or ASN1_ENUMERATED types: the relevant INTEGER or ENUMERATED utility > functions should be used instead." > > Revision 1.26 introduced the use of ASN1_STRING_cmp for the serialNumber > with the commit message "Expand obsolete M_ASN1.*(cmp|dup|print|set) > macros ..." So it seems to have been an intentional change, even though > it contradicts the man page. > > Thoughts? The change definitely was intentional, as it was a strictly mechanical macro expansion. While your patch is correct, I think it is incomplete. If you grep for serialNumber, you'll find a few more STRING vs. INTEGER mixups. I would prefer to address them all at the same time. If you're up for it, it would probably be a good idea to look at the changes introduced by the commit you mentioned and see what else looks suspicious and needs fixing. > > Best regards > Holger > > > > Index: x509_cmp.c > === > RCS file: /cvs/src/lib/libcrypto/x509/x509_cmp.c,v > retrieving revision 1.34 > diff -u -p -u -r1.34 x509_cmp.c > --- x509_cmp.c24 Aug 2018 19:59:32 - 1.34 > +++ x509_cmp.c5 Mar 2019 22:19:34 - > @@ -76,7 +76,7 @@ X509_issuer_and_serial_cmp(const X509 *a > > ai = a->cert_info; > bi = b->cert_info; > - i = ASN1_STRING_cmp(ai->serialNumber, bi->serialNumber); > + i = ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber); > if (i) > return (i); > return (X509_NAME_cmp(ai->issuer, bi->issuer)); >
libcrypto: typo in comment
Index: x509_vfy.c
===
RCS file: /cvs/src/lib/libcrypto/x509/x509_vfy.c,v
retrieving revision 1.71
diff -u -p -u -r1.71 x509_vfy.c
--- x509_vfy.c 19 Aug 2018 20:19:31 - 1.71
+++ x509_vfy.c 5 Mar 2019 22:19:46 -
@@ -159,7 +159,7 @@ x509_subject_cmp(X509 **a, X509 **b)
}
#endif
-/* Return 1 is a certificate is self signed */
+/* Return 1 if a certificate is self signed */
static int
cert_self_signed(X509 *x)
{
Re: acpithinkpad: fix brightness keys, keyboard backlight value
On Tue, Mar 05, 2019 at 02:03:13PM -0600, joshua stein wrote:
> Here we go again...
>
> On at least the ThinkPad X1C6, the screen brightness keys (F5 and
> F6) do not work and "wsconsctl keyboard.backlight" doesn't report
> the correct value when the keyboard backlight is adjusted with
> Fn+Space.
>
> These are both caused by the default event mask not including these
> events, so explicitly enable them.
>
> But then acpithinkpad has to actually do something for the screen
> brightness keys, but it tries the very old CMOS method which doesn't
> work on these newer machines[0]. So make it use the ACPI method.
>
> I renamed thinkpad_[gs]et_backlight to thinkpad_[gs]et_kbd_backlight
> because it was confusing that they have nothing to do with screen
> backlight.
>
>
> 0. "newer machines" being those with MHKV reporting version 2. If
> this diff breaks on older "newer machines", this metric will have to
> be changed to something else.
>
>
This patch fixes the backlight buttons and keyboard brightness reading on the
T740s. Awesome!
Thanks,
Tracey
> Index: sys/dev/acpi/acpithinkpad.c
> ===
> RCS file: /cvs/src/sys/dev/acpi/acpithinkpad.c,v
> retrieving revision 1.61
> diff -u -p -u -p -r1.61 acpithinkpad.c
> --- sys/dev/acpi/acpithinkpad.c 1 Jul 2018 19:40:49 - 1.61
> +++ sys/dev/acpi/acpithinkpad.c 5 Mar 2019 20:00:23 -
> @@ -124,6 +124,10 @@
> #define THINKPAD_ADAPTIVE_MODE_HOME 1
> #define THINKPAD_ADAPTIVE_MODE_FUNCTION 3
>
> +#define THINKPAD_MASK_BRIGHTNESS_UP (1 << 15)
> +#define THINKPAD_MASK_BRIGHTNESS_DOWN(1 << 16)
> +#define THINKPAD_MASK_KBD_BACKLIGHT (1 << 17)
> +
> struct acpithinkpad_softc {
> struct devicesc_dev;
>
> @@ -134,6 +138,8 @@ struct acpithinkpad_softc {
> struct ksensor sc_sens[THINKPAD_NSENSORS];
> struct ksensordevsc_sensdev;
>
> + uint64_t sc_hkey_version;
> +
> uint64_t sc_thinklight;
> const char *sc_thinklight_get;
> const char *sc_thinklight_set;
> @@ -161,8 +167,8 @@ int thinkpad_activate(struct device *, i
> /* wscons hook functions */
> void thinkpad_get_thinklight(struct acpithinkpad_softc *);
> void thinkpad_set_thinklight(void *, int);
> -int thinkpad_get_backlight(struct wskbd_backlight *);
> -int thinkpad_set_backlight(struct wskbd_backlight *);
> +int thinkpad_get_kbd_backlight(struct wskbd_backlight *);
> +int thinkpad_set_kbd_backlight(struct wskbd_backlight *);
> extern int (*wskbd_get_backlight)(struct wskbd_backlight *);
> extern int (*wskbd_set_backlight)(struct wskbd_backlight *);
> void thinkpad_get_brightness(struct acpithinkpad_softc *);
> @@ -284,6 +290,10 @@ thinkpad_attach(struct device *parent, s
>
> printf("\n");
>
> + if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKV", 0, NULL,
> + >sc_hkey_version))
> + sc->sc_hkey_version = THINKPAD_HKEY_VERSION1;
> +
> #if NAUDIO > 0 && NWSKBD > 0
> /* Defer speaker mute */
> if (thinkpad_get_volume_mute(sc) == 1)
> @@ -299,14 +309,14 @@ thinkpad_attach(struct device *parent, s
> 0, NULL, >sc_thinklight) == 0) {
> sc->sc_thinklight_get = "KLCG";
> sc->sc_thinklight_set = "KLCS";
> - wskbd_get_backlight = thinkpad_get_backlight;
> - wskbd_set_backlight = thinkpad_set_backlight;
> + wskbd_get_backlight = thinkpad_get_kbd_backlight;
> + wskbd_set_backlight = thinkpad_set_kbd_backlight;
> } else if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MLCG",
> 0, NULL, >sc_thinklight) == 0) {
> sc->sc_thinklight_get = "MLCG";
> sc->sc_thinklight_set = "MLCS";
> - wskbd_get_backlight = thinkpad_get_backlight;
> - wskbd_set_backlight = thinkpad_set_backlight;
> + wskbd_get_backlight = thinkpad_get_kbd_backlight;
> + wskbd_set_backlight = thinkpad_set_kbd_backlight;
> }
>
> if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "PBLG",
> @@ -327,13 +337,19 @@ thinkpad_enable_events(struct acpithinkp
> int64_t mask;
> int i;
>
> - /* Get the supported event mask */
> + /* Get the default event mask */
> if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKA",
> 0, NULL, )) {
> printf("%s: no MHKA\n", DEVNAME(sc));
> return (1);
> }
>
> + /* Enable events we need to know about */
> + mask |= (THINKPAD_MASK_BRIGHTNESS_UP | THINKPAD_MASK_BRIGHTNESS_DOWN |
> + THINKPAD_MASK_KBD_BACKLIGHT);
> +
> + DPRINTF(("%s: setting event mask to 0x%llx\n", DEVNAME(sc), mask));
> +
> /* Update hotkey mask */
> bzero(args, sizeof(args));
> args[0].type = args[1].type = AML_OBJTYPE_INTEGER;
> @@ -380,6 +396,8 @@
Re: acpithinkpad: fix brightness keys, keyboard backlight value
joshua stein(j...@openbsd.org) on 2019.03.05 14:03:13 -0600:
> Here we go again...
>
> On at least the ThinkPad X1C6, the screen brightness keys (F5 and
> F6) do not work and "wsconsctl keyboard.backlight" doesn't report
> the correct value when the keyboard backlight is adjusted with
> Fn+Space.
>
> These are both caused by the default event mask not including these
> events, so explicitly enable them.
>
> But then acpithinkpad has to actually do something for the screen
> brightness keys, but it tries the very old CMOS method which doesn't
> work on these newer machines[0]. So make it use the ACPI method.
>
> I renamed thinkpad_[gs]et_backlight to thinkpad_[gs]et_kbd_backlight
> because it was confusing that they have nothing to do with screen
> backlight.
>
>
> 0. "newer machines" being those with MHKV reporting version 2. If
> this diff breaks on older "newer machines", this metric will have to
> be changed to something else.
with this the Fn-F5/F6 buttons work on the x270, and it makes
wsconsctl keyboard.backlight show the current setting and wsconsctl
keyboard.backlight=0/50/100 set the keyboard light.
On the x230, the F8/9 brightness keys still work (and the keyboard led is
different of course)
/Benno
> Index: sys/dev/acpi/acpithinkpad.c
> ===
> RCS file: /cvs/src/sys/dev/acpi/acpithinkpad.c,v
> retrieving revision 1.61
> diff -u -p -u -p -r1.61 acpithinkpad.c
> --- sys/dev/acpi/acpithinkpad.c 1 Jul 2018 19:40:49 - 1.61
> +++ sys/dev/acpi/acpithinkpad.c 5 Mar 2019 20:00:23 -
> @@ -124,6 +124,10 @@
> #define THINKPAD_ADAPTIVE_MODE_HOME 1
> #define THINKPAD_ADAPTIVE_MODE_FUNCTION 3
>
> +#define THINKPAD_MASK_BRIGHTNESS_UP (1 << 15)
> +#define THINKPAD_MASK_BRIGHTNESS_DOWN(1 << 16)
> +#define THINKPAD_MASK_KBD_BACKLIGHT (1 << 17)
> +
> struct acpithinkpad_softc {
> struct devicesc_dev;
>
> @@ -134,6 +138,8 @@ struct acpithinkpad_softc {
> struct ksensor sc_sens[THINKPAD_NSENSORS];
> struct ksensordevsc_sensdev;
>
> + uint64_t sc_hkey_version;
> +
> uint64_t sc_thinklight;
> const char *sc_thinklight_get;
> const char *sc_thinklight_set;
> @@ -161,8 +167,8 @@ int thinkpad_activate(struct device *, i
> /* wscons hook functions */
> void thinkpad_get_thinklight(struct acpithinkpad_softc *);
> void thinkpad_set_thinklight(void *, int);
> -int thinkpad_get_backlight(struct wskbd_backlight *);
> -int thinkpad_set_backlight(struct wskbd_backlight *);
> +int thinkpad_get_kbd_backlight(struct wskbd_backlight *);
> +int thinkpad_set_kbd_backlight(struct wskbd_backlight *);
> extern int (*wskbd_get_backlight)(struct wskbd_backlight *);
> extern int (*wskbd_set_backlight)(struct wskbd_backlight *);
> void thinkpad_get_brightness(struct acpithinkpad_softc *);
> @@ -284,6 +290,10 @@ thinkpad_attach(struct device *parent, s
>
> printf("\n");
>
> + if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKV", 0, NULL,
> + >sc_hkey_version))
> + sc->sc_hkey_version = THINKPAD_HKEY_VERSION1;
> +
> #if NAUDIO > 0 && NWSKBD > 0
> /* Defer speaker mute */
> if (thinkpad_get_volume_mute(sc) == 1)
> @@ -299,14 +309,14 @@ thinkpad_attach(struct device *parent, s
> 0, NULL, >sc_thinklight) == 0) {
> sc->sc_thinklight_get = "KLCG";
> sc->sc_thinklight_set = "KLCS";
> - wskbd_get_backlight = thinkpad_get_backlight;
> - wskbd_set_backlight = thinkpad_set_backlight;
> + wskbd_get_backlight = thinkpad_get_kbd_backlight;
> + wskbd_set_backlight = thinkpad_set_kbd_backlight;
> } else if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MLCG",
> 0, NULL, >sc_thinklight) == 0) {
> sc->sc_thinklight_get = "MLCG";
> sc->sc_thinklight_set = "MLCS";
> - wskbd_get_backlight = thinkpad_get_backlight;
> - wskbd_set_backlight = thinkpad_set_backlight;
> + wskbd_get_backlight = thinkpad_get_kbd_backlight;
> + wskbd_set_backlight = thinkpad_set_kbd_backlight;
> }
>
> if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "PBLG",
> @@ -327,13 +337,19 @@ thinkpad_enable_events(struct acpithinkp
> int64_t mask;
> int i;
>
> - /* Get the supported event mask */
> + /* Get the default event mask */
> if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKA",
> 0, NULL, )) {
> printf("%s: no MHKA\n", DEVNAME(sc));
> return (1);
> }
>
> + /* Enable events we need to know about */
> + mask |= (THINKPAD_MASK_BRIGHTNESS_UP | THINKPAD_MASK_BRIGHTNESS_DOWN |
> + THINKPAD_MASK_KBD_BACKLIGHT);
> +
> + DPRINTF(("%s: setting event mask to 0x%llx\n", DEVNAME(sc),
Re: relayd websocket
Hi!
On 3/5/19 10:36 PM, Claudio Jeker wrote:
> I guess that this would need strcasestr() instead of strcasecmp(), since you
> are looking for the substring "Upgrade" in value. Maybe more is needed if
> we want to be sure that 'Connection: Upgrade-maybe' does not match.
You are correct about strcasestr. "Connection: Upgrade-maybe" would need
to have correct "Upgrade: websocket". Anyway, lets be strict.
Does something like this make sense?
Index: usr.sbin/relayd/relay_http.c
===
RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v
retrieving revision 1.72
diff -u -p -r1.72 relay_http.c
--- usr.sbin/relayd/relay_http.c4 Mar 2019 21:25:03 - 1.72
+++ usr.sbin/relayd/relay_http.c5 Mar 2019 22:33:47 -
@@ -166,6 +166,7 @@ relay_read_http(struct bufferevent *bev,
struct relay_http_priv *priv = con->se_priv;
char*line = NULL, *key, *value;
char*urlproto, *host, *path;
+ char*valuecopy, *valuepart;
int action, unique, ret;
const char *errstr;
size_t size, linelen;
@@ -399,10 +400,18 @@ relay_read_http(struct bufferevent *bev,
if (cre->line != 1) {
if (cre->dir == RELAY_DIR_REQUEST) {
- if (strcasecmp("Connection", key) == 0 &&
- strcasecmp("Upgrade", value) == 0)
- priv->http_upgrade_req |=
- HTTP_CONNECTION_UPGRADE;
+
+
+ if (strcasecmp("Connection", key) == 0) {
+ valuecopy = strdup(value);
+ while ((valuepart = strsep(, ",
")) != NULL)
+ if (strcasecmp("Upgrade", valuepart) ==
0)
+ priv->http_upgrade_req |=
+ HTTP_CONNECTION_UPGRADE;
+ free(valuecopy);
+ }
+
+
if (strcasecmp("Upgrade", key) == 0 &&
strcasecmp("websocket", value) == 0)
priv->http_upgrade_req |=
begin-base64 644 websocket2.diff
SW5kZXg6IHVzci5zYmluL3JlbGF5ZC9yZWxheV9odHRwLmMKPT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQpSQ1MgZmlsZTog
L2N2cy9zcmMvdXNyLnNiaW4vcmVsYXlkL3JlbGF5X2h0dHAuYyx2CnJldHJpZXZpbmcgcmV2aXNp
b24gMS43MgpkaWZmIC11IC1wIC1yMS43MiByZWxheV9odHRwLmMKLS0tIHVzci5zYmluL3JlbGF5
ZC9yZWxheV9odHRwLmMJNCBNYXIgMjAxOSAyMToyNTowMyAtMDAwMAkxLjcyCisrKyB1c3Iuc2Jp
bi9yZWxheWQvcmVsYXlfaHR0cC5jCTUgTWFyIDIwMTkgMjI6MzM6NDcgLTAwMDAKQEAgLTE2Niw2
ICsxNjYsNyBAQCByZWxheV9yZWFkX2h0dHAoc3RydWN0IGJ1ZmZlcmV2ZW50ICpiZXYsCiAJc3Ry
dWN0IHJlbGF5X2h0dHBfcHJpdgkqcHJpdiA9IGNvbi0+c2VfcHJpdjsKIAljaGFyCQkJKmxpbmUg
PSBOVUxMLCAqa2V5LCAqdmFsdWU7CiAJY2hhcgkJCSp1cmxwcm90bywgKmhvc3QsICpwYXRoOwor
CWNoYXIJCQkqdmFsdWVjb3B5LCAqdmFsdWVwYXJ0OwogCWludAkJCSBhY3Rpb24sIHVuaXF1ZSwg
cmV0OwogCWNvbnN0IGNoYXIJCSplcnJzdHI7CiAJc2l6ZV90CQkJIHNpemUsIGxpbmVsZW47CkBA
IC0zOTksMTAgKzQwMCwxOCBAQCByZWxheV9yZWFkX2h0dHAoc3RydWN0IGJ1ZmZlcmV2ZW50ICpi
ZXYsCiAKIAkJaWYgKGNyZS0+bGluZSAhPSAxKSB7CiAJCQlpZiAoY3JlLT5kaXIgPT0gUkVMQVlf
RElSX1JFUVVFU1QpIHsKLQkJCQlpZiAoc3RyY2FzZWNtcCgiQ29ubmVjdGlvbiIsIGtleSkgPT0g
MCAmJgotCQkJCSAgICBzdHJjYXNlY21wKCJVcGdyYWRlIiwgdmFsdWUpID09IDApCi0JCQkJCXBy
aXYtPmh0dHBfdXBncmFkZV9yZXEgfD0KLQkJCQkJICAgIEhUVFBfQ09OTkVDVElPTl9VUEdSQURF
OworCisKKwkJCQlpZiAoc3RyY2FzZWNtcCgiQ29ubmVjdGlvbiIsIGtleSkgPT0gMCkgeworCQkJ
CSAgICB2YWx1ZWNvcHkgPSBzdHJkdXAodmFsdWUpOworCQkJCSAgICB3aGlsZSAoKHZhbHVlcGFy
dCA9IHN0cnNlcCgmdmFsdWVjb3B5LCAiLCAiKSkgIT0gTlVMTCkKKwkJCQkgICAgCWlmIChzdHJj
YXNlY21wKCJVcGdyYWRlIiwgdmFsdWVwYXJ0KSA9PSAwKQorCQkJCQkgICAgcHJpdi0+aHR0cF91
cGdyYWRlX3JlcSB8PQorCQkJCQkgICAgCUhUVFBfQ09OTkVDVElPTl9VUEdSQURFOworCQkJCSAg
ICBmcmVlKHZhbHVlY29weSk7CisJCQkJfQorCisKIAkJCQlpZiAoc3RyY2FzZWNtcCgiVXBncmFk
ZSIsIGtleSkgPT0gMCAmJgogCQkJCSAgICBzdHJjYXNlY21wKCJ3ZWJzb2NrZXQiLCB2YWx1ZSkg
PT0gMCkKIAkJCQkJcHJpdi0+aHR0cF91cGdyYWRlX3JlcSB8PQo=
libcrypto: INTEGER_cmp vs. STRING_cmp
Hi, while debugging an unusual openssl use case, I tried reading and understanding libcrypto x509 code and came across the comparison of serialNumbers (of type ASN1_INTEGER*) with a string comparison function. Below patch fixes the comparison to use ASN1_INTEGER_cmp. The man page (ASN1_STRING_cmp(3)) contains the following unambiguous advice: "These functions should not be used to examine or modify ASN1_INTEGER or ASN1_ENUMERATED types: the relevant INTEGER or ENUMERATED utility functions should be used instead." Revision 1.26 introduced the use of ASN1_STRING_cmp for the serialNumber with the commit message "Expand obsolete M_ASN1.*(cmp|dup|print|set) macros ..." So it seems to have been an intentional change, even though it contradicts the man page. Thoughts? Best regards Holger Index: x509_cmp.c === RCS file: /cvs/src/lib/libcrypto/x509/x509_cmp.c,v retrieving revision 1.34 diff -u -p -u -r1.34 x509_cmp.c --- x509_cmp.c 24 Aug 2018 19:59:32 - 1.34 +++ x509_cmp.c 5 Mar 2019 22:19:34 - @@ -76,7 +76,7 @@ X509_issuer_and_serial_cmp(const X509 *a ai = a->cert_info; bi = b->cert_info; - i = ASN1_STRING_cmp(ai->serialNumber, bi->serialNumber); + i = ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber); if (i) return (i); return (X509_NAME_cmp(ai->issuer, bi->issuer));
radeon driver argb cursor fixes (was Re: X segmentation fault by chromium)
On Mon, Mar 04, 2019 at 09:14:45AM +0100, Matthieu Herrb wrote:
> On Sat, Mar 02, 2019 at 10:24:22PM +0200, Mihai Popescu wrote:
> > Hello,
> >
> > I am able to generate a segmentation fault on X with chromium help.
> > This is happening each time I visit the web page at [1]. Basically,
> > there is a picture of a product and whenever I hover the mouse over
> > it, X gets a segmentation fault and exits at xenodm login prompt.
> > Sometimes, if I repeat this procedure over and over, I get an offset
> > for the image on my display, making things hard to see.
> >
> > [1]
> > https://computers.woot.com/offers/lenovo-thinkcentre-m78-amd-a4-sff-desktop-1
> >
> > I have inspected the web page in question with firefox, and I can tell
> > the page loads a special image cursor when I hover on the picture in
> > question. No segmentation fault for X this time.
> >
>
> Hi,
>
> Thanks for the bug report. Can you try the attached patch (from
> upstream) ?
The patch below is in the most recent snapshots and Mihai reported that it
fixes the issue for him. So if you're using the ati/radeon driver
please test (and pay attention to possible cursor corruption...)
The relevant upstream commits are:
https://gitlab.freedesktop.org/xorg/driver/xf86-video-ati/commit/0c40a76d1c050d018e6d59bebb5efc9c62be308c
Detect and fix up non-premultiplied cursor data
and
https://gitlab.freedesktop.org/xorg/driver/xf86-video-ati/commit/99ac121770da53196124d80375a5c8edbcf827fa
Skip gamma correction of cursor data if premultiplied R/G/B > alpha
ok ?
Index: src/drmmode_display.c
===
RCS file: /cvs/OpenBSD/xenocara/driver/xf86-video-ati/src/drmmode_display.c,v
retrieving revision 1.18
diff -u -p -u -r1.18 drmmode_display.c
--- src/drmmode_display.c 13 Jan 2019 07:16:48 - 1.18
+++ src/drmmode_display.c 4 Mar 2019 08:12:30 -
@@ -1038,29 +1038,62 @@ drmmode_cursor_src_offset(Rotation rotat
#endif
-static uint32_t
-drmmode_cursor_gamma(xf86CrtcPtr crtc, uint32_t argb)
+static Bool
+drmmode_cursor_pixel(xf86CrtcPtr crtc, uint32_t *argb, Bool *premultiplied,
+Bool *apply_gamma)
{
- uint32_t alpha = argb >> 24;
+ uint32_t alpha = *argb >> 24;
uint32_t rgb[3];
int i;
- if (!alpha)
- return 0;
+ if (premultiplied) {
+#if XORG_VERSION_CURRENT < XORG_VERSION_NUMERIC(1, 18, 4, 0, 0)
+ if (alpha == 0 && (*argb & 0xff) != 0) {
+ /* Doesn't look like premultiplied alpha */
+ *premultiplied = FALSE;
+ return FALSE;
+ }
+#endif
- if (crtc->scrn->depth != 24 && crtc->scrn->depth != 32)
- return argb;
+ if (!(*apply_gamma))
+ return TRUE;
+
+ if (*argb > (alpha | alpha << 8 | alpha << 16 | alpha << 24)) {
+ /* Un-premultiplied R/G/B would overflow gamma LUT,
+* don't apply gamma correction
+*/
+ *apply_gamma = FALSE;
+ return FALSE;
+ }
+ }
+
+ if (!alpha) {
+ *argb = 0;
+ return TRUE;
+ }
- /* Un-premultiply alpha */
+ /* Extract RGB */
for (i = 0; i < 3; i++)
- rgb[i] = ((argb >> (i * 8)) & 0xff) * 0xff / alpha;
+ rgb[i] = (*argb >> (i * 8)) & 0xff;
- /* Apply gamma correction and pre-multiply alpha */
- rgb[0] = (crtc->gamma_blue[rgb[0]] >> 8) * alpha / 0xff;
- rgb[1] = (crtc->gamma_green[rgb[1]] >> 8) * alpha / 0xff;
- rgb[2] = (crtc->gamma_red[rgb[2]] >> 8) * alpha / 0xff;
+ if (premultiplied) {
+ /* Un-premultiply alpha */
+ for (i = 0; i < 3; i++)
+ rgb[i] = rgb[i] * 0xff / alpha;
+ }
+
+ if (*apply_gamma) {
+ rgb[0] = crtc->gamma_blue[rgb[0]] >> 8;
+ rgb[1] = crtc->gamma_green[rgb[1]] >> 8;
+ rgb[2] = crtc->gamma_red[rgb[2]] >> 8;
+ }
- return alpha << 24 | rgb[2] << 16 | rgb[1] << 8 | rgb[0];
+ /* Premultiply alpha */
+ for (i = 0; i < 3; i++)
+ rgb[i] = rgb[i] * alpha / 0xff;
+
+ *argb = alpha << 24 | rgb[2] << 16 | rgb[1] << 8 | rgb[0];
+ return TRUE;
}
static void
@@ -1069,27 +1102,36 @@ drmmode_load_cursor_argb (xf86CrtcPtr cr
ScrnInfoPtr pScrn = crtc->scrn;
RADEONInfoPtr info = RADEONPTR(pScrn);
drmmode_crtc_private_ptr drmmode_crtc = crtc->driver_private;
+ Bool premultiplied = TRUE;
+ Bool apply_gamma = TRUE;
+ uint32_t argb;
uint32_t *ptr;
/* cursor should be mapped already */
ptr = (uint32_t *)(drmmode_crtc->cursor_bo->ptr);
+ if (crtc->scrn->depth != 24 && crtc->scrn->depth != 32)
+ apply_gamma = FALSE;
Re: reverse scroll direction wstpad
On 3/5/19 7:40 PM, Ted Unangst wrote: > Ulf Brosziewski wrote: >> BTW, reverting the scroll direction is also possible by configuring >> a "ZAxisMapping" in ws(4), with an xorg.conf like this one: >> >> Section "InputClass" >> Identifier "touchpad_scroll_buttons" >> MatchIsTouchPad "true" >> Option "ZAxisMapping" "5 4" >> EndSection > > I used something like this (with xinput) a few years ago, but it stopped > working because chrome uses the new xinput extension instead of buttons. Does > that make sense? I'm not sure how wstpad would handle this. > >> As it happens, I'm just testing patches that add "precision >> scrolling" to wscons. If they make it into the tree, it would make >> sense to defer other changes in this area. > > Is that smaller jumps? As it happens, I went back to synatpics because I like > scrolling one pixel at a time. [...] Yes, it's what the X Input Protocol calls "smooth scrolling" - terminology isn't stable here - and it's the method that is also applied by synaptics(4).
Re: acpithinkpad: fix brightness keys, keyboard backlight value
On Tue, Mar 05, 2019 at 02:03:13PM -0600, joshua stein wrote:
> Here we go again...
>
> On at least the ThinkPad X1C6, the screen brightness keys (F5 and
> F6) do not work and "wsconsctl keyboard.backlight" doesn't report
> the correct value when the keyboard backlight is adjusted with
> Fn+Space.
>
> These are both caused by the default event mask not including these
> events, so explicitly enable them.
>
> But then acpithinkpad has to actually do something for the screen
> brightness keys, but it tries the very old CMOS method which doesn't
> work on these newer machines[0]. So make it use the ACPI method.
>
> I renamed thinkpad_[gs]et_backlight to thinkpad_[gs]et_kbd_backlight
> because it was confusing that they have nothing to do with screen
> backlight.
>
>
> 0. "newer machines" being those with MHKV reporting version 2. If
> this diff breaks on older "newer machines", this metric will have to
> be changed to something else.
>
This patch fixes both the brightness buttons and the backlight keyboard
reporting in wsconsctl on my x280.
If this doesn't break older models ok jturner@.
>
> Index: sys/dev/acpi/acpithinkpad.c
> ===
> RCS file: /cvs/src/sys/dev/acpi/acpithinkpad.c,v
> retrieving revision 1.61
> diff -u -p -u -p -r1.61 acpithinkpad.c
> --- sys/dev/acpi/acpithinkpad.c 1 Jul 2018 19:40:49 - 1.61
> +++ sys/dev/acpi/acpithinkpad.c 5 Mar 2019 20:00:23 -
> @@ -124,6 +124,10 @@
> #define THINKPAD_ADAPTIVE_MODE_HOME 1
> #define THINKPAD_ADAPTIVE_MODE_FUNCTION 3
>
> +#define THINKPAD_MASK_BRIGHTNESS_UP (1 << 15)
> +#define THINKPAD_MASK_BRIGHTNESS_DOWN(1 << 16)
> +#define THINKPAD_MASK_KBD_BACKLIGHT (1 << 17)
> +
> struct acpithinkpad_softc {
> struct devicesc_dev;
>
> @@ -134,6 +138,8 @@ struct acpithinkpad_softc {
> struct ksensor sc_sens[THINKPAD_NSENSORS];
> struct ksensordevsc_sensdev;
>
> + uint64_t sc_hkey_version;
> +
> uint64_t sc_thinklight;
> const char *sc_thinklight_get;
> const char *sc_thinklight_set;
> @@ -161,8 +167,8 @@ int thinkpad_activate(struct device *, i
> /* wscons hook functions */
> void thinkpad_get_thinklight(struct acpithinkpad_softc *);
> void thinkpad_set_thinklight(void *, int);
> -int thinkpad_get_backlight(struct wskbd_backlight *);
> -int thinkpad_set_backlight(struct wskbd_backlight *);
> +int thinkpad_get_kbd_backlight(struct wskbd_backlight *);
> +int thinkpad_set_kbd_backlight(struct wskbd_backlight *);
> extern int (*wskbd_get_backlight)(struct wskbd_backlight *);
> extern int (*wskbd_set_backlight)(struct wskbd_backlight *);
> void thinkpad_get_brightness(struct acpithinkpad_softc *);
> @@ -284,6 +290,10 @@ thinkpad_attach(struct device *parent, s
>
> printf("\n");
>
> + if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKV", 0, NULL,
> + >sc_hkey_version))
> + sc->sc_hkey_version = THINKPAD_HKEY_VERSION1;
> +
> #if NAUDIO > 0 && NWSKBD > 0
> /* Defer speaker mute */
> if (thinkpad_get_volume_mute(sc) == 1)
> @@ -299,14 +309,14 @@ thinkpad_attach(struct device *parent, s
> 0, NULL, >sc_thinklight) == 0) {
> sc->sc_thinklight_get = "KLCG";
> sc->sc_thinklight_set = "KLCS";
> - wskbd_get_backlight = thinkpad_get_backlight;
> - wskbd_set_backlight = thinkpad_set_backlight;
> + wskbd_get_backlight = thinkpad_get_kbd_backlight;
> + wskbd_set_backlight = thinkpad_set_kbd_backlight;
> } else if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MLCG",
> 0, NULL, >sc_thinklight) == 0) {
> sc->sc_thinklight_get = "MLCG";
> sc->sc_thinklight_set = "MLCS";
> - wskbd_get_backlight = thinkpad_get_backlight;
> - wskbd_set_backlight = thinkpad_set_backlight;
> + wskbd_get_backlight = thinkpad_get_kbd_backlight;
> + wskbd_set_backlight = thinkpad_set_kbd_backlight;
> }
>
> if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "PBLG",
> @@ -327,13 +337,19 @@ thinkpad_enable_events(struct acpithinkp
> int64_t mask;
> int i;
>
> - /* Get the supported event mask */
> + /* Get the default event mask */
> if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKA",
> 0, NULL, )) {
> printf("%s: no MHKA\n", DEVNAME(sc));
> return (1);
> }
>
> + /* Enable events we need to know about */
> + mask |= (THINKPAD_MASK_BRIGHTNESS_UP | THINKPAD_MASK_BRIGHTNESS_DOWN |
> + THINKPAD_MASK_KBD_BACKLIGHT);
> +
> + DPRINTF(("%s: setting event mask to 0x%llx\n", DEVNAME(sc), mask));
> +
> /* Update hotkey mask */
> bzero(args, sizeof(args));
> args[0].type = args[1].type =
Re: relayd websocket
On Tue, Mar 05, 2019 at 04:21:30PM +, Rivo Nurges wrote:
> Hi!
>
> RFC 6455 4.2.1 states:
> 4. A |Connection| header field that *includes* the token "Upgrade",
> treated as an ASCII case-insensitive value.
>
> In my test case Firefox sends: Connection: keep-alive, Upgrade
>
> Relayd currently expects Connection to equal Upgrade, not include Upgrade.
>
> I haven't figured out how to configure Thunderbird to send proper diffs,
> so I'm sending bas64 encoded version too.
>
> Index: usr.sbin/relayd/relay_http.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v
> retrieving revision 1.72
> diff -u -p -r1.72 relay_http.c
> --- usr.sbin/relayd/relay_http.c 4 Mar 2019 21:25:03 - 1.72
> +++ usr.sbin/relayd/relay_http.c 5 Mar 2019 16:03:56 -
> @@ -400,7 +400,7 @@ relay_read_http(struct bufferevent *bev,
> if (cre->line != 1) {
> if (cre->dir == RELAY_DIR_REQUEST) {
> if (strcasecmp("Connection", key) == 0 &&
> - strcasecmp("Upgrade", value) == 0)
> + strcasecmp("Upgrade", value) >= 0)
> priv->http_upgrade_req |=
> HTTP_CONNECTION_UPGRADE;
> if (strcasecmp("Upgrade", key) == 0 &&
>
I guess that this would need strcasestr() instead of strcasecmp(), since you
are looking for the substring "Upgrade" in value. Maybe more is needed if
we want to be sure that 'Connection: Upgrade-maybe' does not match.
--
:wq Claudio
Re: once rules fix
Hello Klemens, On Tue, Mar 05, 2019 at 04:47:33PM +0100, Klemens Nanni wrote: > Thanks! Diff makes sense, see comments inline. I confirm that this > restores intended behaviour and regress is fine as well. > > With those addressed OK kn; or I take care of it after getting an OK. > sashan? I did not want to be the first one to chip-in in this case. I've missed two nits around `p`, you've found, when Petr presented me with his fix before sending it to tech. And I'm still OK with this fix. just give Petr chance to send a fixed patch tomorrow. thanks and regards sashan
acpithinkpad: fix brightness keys, keyboard backlight value
Here we go again...
On at least the ThinkPad X1C6, the screen brightness keys (F5 and
F6) do not work and "wsconsctl keyboard.backlight" doesn't report
the correct value when the keyboard backlight is adjusted with
Fn+Space.
These are both caused by the default event mask not including these
events, so explicitly enable them.
But then acpithinkpad has to actually do something for the screen
brightness keys, but it tries the very old CMOS method which doesn't
work on these newer machines[0]. So make it use the ACPI method.
I renamed thinkpad_[gs]et_backlight to thinkpad_[gs]et_kbd_backlight
because it was confusing that they have nothing to do with screen
backlight.
0. "newer machines" being those with MHKV reporting version 2. If
this diff breaks on older "newer machines", this metric will have to
be changed to something else.
Index: sys/dev/acpi/acpithinkpad.c
===
RCS file: /cvs/src/sys/dev/acpi/acpithinkpad.c,v
retrieving revision 1.61
diff -u -p -u -p -r1.61 acpithinkpad.c
--- sys/dev/acpi/acpithinkpad.c 1 Jul 2018 19:40:49 - 1.61
+++ sys/dev/acpi/acpithinkpad.c 5 Mar 2019 20:00:23 -
@@ -124,6 +124,10 @@
#defineTHINKPAD_ADAPTIVE_MODE_HOME 1
#defineTHINKPAD_ADAPTIVE_MODE_FUNCTION 3
+#define THINKPAD_MASK_BRIGHTNESS_UP(1 << 15)
+#define THINKPAD_MASK_BRIGHTNESS_DOWN (1 << 16)
+#define THINKPAD_MASK_KBD_BACKLIGHT(1 << 17)
+
struct acpithinkpad_softc {
struct devicesc_dev;
@@ -134,6 +138,8 @@ struct acpithinkpad_softc {
struct ksensor sc_sens[THINKPAD_NSENSORS];
struct ksensordevsc_sensdev;
+ uint64_t sc_hkey_version;
+
uint64_t sc_thinklight;
const char *sc_thinklight_get;
const char *sc_thinklight_set;
@@ -161,8 +167,8 @@ int thinkpad_activate(struct device *, i
/* wscons hook functions */
void thinkpad_get_thinklight(struct acpithinkpad_softc *);
void thinkpad_set_thinklight(void *, int);
-intthinkpad_get_backlight(struct wskbd_backlight *);
-intthinkpad_set_backlight(struct wskbd_backlight *);
+intthinkpad_get_kbd_backlight(struct wskbd_backlight *);
+intthinkpad_set_kbd_backlight(struct wskbd_backlight *);
extern int (*wskbd_get_backlight)(struct wskbd_backlight *);
extern int (*wskbd_set_backlight)(struct wskbd_backlight *);
void thinkpad_get_brightness(struct acpithinkpad_softc *);
@@ -284,6 +290,10 @@ thinkpad_attach(struct device *parent, s
printf("\n");
+ if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKV", 0, NULL,
+ >sc_hkey_version))
+ sc->sc_hkey_version = THINKPAD_HKEY_VERSION1;
+
#if NAUDIO > 0 && NWSKBD > 0
/* Defer speaker mute */
if (thinkpad_get_volume_mute(sc) == 1)
@@ -299,14 +309,14 @@ thinkpad_attach(struct device *parent, s
0, NULL, >sc_thinklight) == 0) {
sc->sc_thinklight_get = "KLCG";
sc->sc_thinklight_set = "KLCS";
- wskbd_get_backlight = thinkpad_get_backlight;
- wskbd_set_backlight = thinkpad_set_backlight;
+ wskbd_get_backlight = thinkpad_get_kbd_backlight;
+ wskbd_set_backlight = thinkpad_set_kbd_backlight;
} else if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MLCG",
0, NULL, >sc_thinklight) == 0) {
sc->sc_thinklight_get = "MLCG";
sc->sc_thinklight_set = "MLCS";
- wskbd_get_backlight = thinkpad_get_backlight;
- wskbd_set_backlight = thinkpad_set_backlight;
+ wskbd_get_backlight = thinkpad_get_kbd_backlight;
+ wskbd_set_backlight = thinkpad_set_kbd_backlight;
}
if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "PBLG",
@@ -327,13 +337,19 @@ thinkpad_enable_events(struct acpithinkp
int64_t mask;
int i;
- /* Get the supported event mask */
+ /* Get the default event mask */
if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKA",
0, NULL, )) {
printf("%s: no MHKA\n", DEVNAME(sc));
return (1);
}
+ /* Enable events we need to know about */
+ mask |= (THINKPAD_MASK_BRIGHTNESS_UP | THINKPAD_MASK_BRIGHTNESS_DOWN |
+ THINKPAD_MASK_KBD_BACKLIGHT);
+
+ DPRINTF(("%s: setting event mask to 0x%llx\n", DEVNAME(sc), mask));
+
/* Update hotkey mask */
bzero(args, sizeof(args));
args[0].type = args[1].type = AML_OBJTYPE_INTEGER;
@@ -380,6 +396,8 @@ thinkpad_hotkey(struct aml_node *node, i
if (aml_evalinteger(sc->sc_acpi, sc->sc_devnode, "MHKP",
0, NULL, ))
break;
+
+ DPRINTF(("%s: event 0x%03llx\n", DEVNAME(sc), event));
if (event == 0)
break;
@@
Re: reverse scroll direction wstpad
Ulf Brosziewski wrote: > BTW, reverting the scroll direction is also possible by configuring > a "ZAxisMapping" in ws(4), with an xorg.conf like this one: > > Section "InputClass" > Identifier "touchpad_scroll_buttons" > MatchIsTouchPad "true" > Option "ZAxisMapping" "5 4" > EndSection I used something like this (with xinput) a few years ago, but it stopped working because chrome uses the new xinput extension instead of buttons. Does that make sense? I'm not sure how wstpad would handle this. > As it happens, I'm just testing patches that add "precision > scrolling" to wscons. If they make it into the tree, it would make > sense to defer other changes in this area. Is that smaller jumps? As it happens, I went back to synatpics because I like scrolling one pixel at a time. There's no urgency. I wanted to send patches to show exactly what I was changing, not because I need them committed.
relayd websocket
Hi!
RFC 6455 4.2.1 states:
4. A |Connection| header field that *includes* the token "Upgrade",
treated as an ASCII case-insensitive value.
In my test case Firefox sends: Connection: keep-alive, Upgrade
Relayd currently expects Connection to equal Upgrade, not include Upgrade.
I haven't figured out how to configure Thunderbird to send proper diffs,
so I'm sending bas64 encoded version too.
Index: usr.sbin/relayd/relay_http.c
===
RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v
retrieving revision 1.72
diff -u -p -r1.72 relay_http.c
--- usr.sbin/relayd/relay_http.c4 Mar 2019 21:25:03 - 1.72
+++ usr.sbin/relayd/relay_http.c5 Mar 2019 16:03:56 -
@@ -400,7 +400,7 @@ relay_read_http(struct bufferevent *bev,
if (cre->line != 1) {
if (cre->dir == RELAY_DIR_REQUEST) {
if (strcasecmp("Connection", key) == 0 &&
- strcasecmp("Upgrade", value) == 0)
+ strcasecmp("Upgrade", value) >= 0)
priv->http_upgrade_req |=
HTTP_CONNECTION_UPGRADE;
if (strcasecmp("Upgrade", key) == 0 &&
begin-base64 644 websocket.diff
SW5kZXg6IHVzci5zYmluL3JlbGF5ZC9yZWxheV9odHRwLmMKPT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQpSQ1MgZmlsZTog
L2N2cy9zcmMvdXNyLnNiaW4vcmVsYXlkL3JlbGF5X2h0dHAuYyx2CnJldHJpZXZpbmcgcmV2aXNp
b24gMS43MgpkaWZmIC11IC1wIC1yMS43MiByZWxheV9odHRwLmMKLS0tIHVzci5zYmluL3JlbGF5
ZC9yZWxheV9odHRwLmMJNCBNYXIgMjAxOSAyMToyNTowMyAtMDAwMAkxLjcyCisrKyB1c3Iuc2Jp
bi9yZWxheWQvcmVsYXlfaHR0cC5jCTUgTWFyIDIwMTkgMTY6MDM6NTYgLTAwMDAKQEAgLTQwMCw3
ICs0MDAsNyBAQCByZWxheV9yZWFkX2h0dHAoc3RydWN0IGJ1ZmZlcmV2ZW50ICpiZXYsCiAJCWlm
IChjcmUtPmxpbmUgIT0gMSkgewogCQkJaWYgKGNyZS0+ZGlyID09IFJFTEFZX0RJUl9SRVFVRVNU
KSB7CiAJCQkJaWYgKHN0cmNhc2VjbXAoIkNvbm5lY3Rpb24iLCBrZXkpID09IDAgJiYKLQkJCQkg
ICAgc3RyY2FzZWNtcCgiVXBncmFkZSIsIHZhbHVlKSA9PSAwKQorCQkJCSAgICBzdHJjYXNlY21w
KCJVcGdyYWRlIiwgdmFsdWUpID49IDApCiAJCQkJCXByaXYtPmh0dHBfdXBncmFkZV9yZXEgfD0K
IAkJCQkJICAgIEhUVFBfQ09OTkVDVElPTl9VUEdSQURFOwogCQkJCWlmIChzdHJjYXNlY21wKCJV
cGdyYWRlIiwga2V5KSA9PSAwICYmCg==
Re: once rules fix
Thanks! Diff makes sense, see comments inline. I confirm that this
restores intended behaviour and regress is fine as well.
With those addressed OK kn; or I take care of it after getting an OK.
sashan?
On Tue, Mar 05, 2019 at 04:31:40AM -0800, petr.hoffm...@oracle.com wrote:
> @@ -913,7 +913,33 @@ anchorrule : ANCHOR anchorname dir quick interface
> af proto fromto
> "rules must specify a name");
> YYERROR;
> }
> +
> + /*
> + * Don't make non-brace anchors part of the
> main anchor pool.
> + */
> + if ((r.anchor = calloc(1, sizeof(*r.anchor)))
> == NULL) {
> + err(1, "anchorrule: calloc");
> + }
> + pf_init_ruleset(>ruleset);
> + r.anchor->ruleset.anchor = r.anchor;
> + if (strlcpy(r.anchor->path, $2,
> + sizeof(r.anchor->path)) >=
> sizeof(r.anchor->path)) {
> + errx(1, "anchorrule: strlcpy");
> + }
> + if ((p = strrchr($2, '/')) != NULL) {
> + if (strlen(p) == 1) {
> + yyerror("anchorrule: bad anchor
> name %s",
> + $2);
> + YYERROR;
> + }
> + } else
> + p = (char *)$2;
This cast is not needed.
> @@ -5875,7 +5900,7 @@ int
> filteropts_to_rule(struct pf_rule *r, struct filter_opts *opts)
> {
> if (opts->marker & FOM_ONCE) {
> - if (r->action != PF_PASS && r->action != PF_MATCH) {
> + if ((r->action != PF_PASS && r->action != PF_DROP) ||
> r->anchor) {
`PF_MATCH' -> `PF_DROP' is obviously correct here; I made this
copy/pasta mistake in parse.y revision 1.682:
date: 2018/07/16 08:29:08; author: kn; state: Exp; lines: +11 -29;
reduce duplicate code, fix typo/free correct buffer
In filteropts_to_rule():
* Merge `once' handling from `anchorrule' and `pfrule'
* Remove/shorten duplicate code block
* Fix typo I introduced with r1.678 that frees the wrong buffer (twice)
OK sashan
> @@ -1112,35 +1112,13 @@ pfctl_show_limits(int dev, int opts)
>
> /* callbacks for rule/nat/rdr/addr */
> int
> -pfctl_add_rule(struct pfctl *pf, struct pf_rule *r, const char *anchor_call)
> +pfctl_add_rule(struct pfctl *pf, struct pf_rule *r)
Now that you touch the signature, you might as well make it void as it
always returns 0.
> {
> struct pf_rule *rule;
> struct pf_ruleset *rs;
> char*p;
`p' is now unused.
Re: ssh man pages: PKCS#11 no longer limited to RSA
On Tue, Mar 05, 2019 at 04:27:22PM +0100, Christian Weisgerber wrote: > Minor man page tweaks to reflect the fact that PKCS#11 support is > no longer limited to RSA. OK, I've been using ECDSA on a PIV smartcard just fine.
Re: ssh man pages: PKCS#11 no longer limited to RSA
ok! Christian Weisgerber(na...@mips.inka.de) on 2019.03.05 16:27:22 +0100: > Minor man page tweaks to reflect the fact that PKCS#11 support is > no longer limited to RSA. > > Index: ssh-keygen.1 > === > RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.1,v > retrieving revision 1.156 > diff -u -p -r1.156 ssh-keygen.1 > --- ssh-keygen.1 23 Jan 2019 04:51:02 - 1.156 > +++ ssh-keygen.1 5 Mar 2019 15:20:15 - > @@ -279,7 +279,7 @@ Requests changing the comment in the pri > The program will prompt for the file containing the private keys, for > the passphrase if the key has one, and for the new comment. > .It Fl D Ar pkcs11 > -Download the RSA public keys provided by the PKCS#11 shared library > +Download the public keys provided by the PKCS#11 shared library > .Ar pkcs11 . > When used in combination with > .Fl s , > Index: ssh.1 > === > RCS file: /cvs/src/usr.bin/ssh/ssh.1,v > retrieving revision 1.400 > diff -u -p -r1.400 ssh.1 > --- ssh.1 22 Jan 2019 11:51:25 - 1.400 > +++ ssh.1 5 Mar 2019 15:18:05 - > @@ -270,8 +270,8 @@ on the master process. > .It Fl I Ar pkcs11 > Specify the PKCS#11 shared library > .Nm > -should use to communicate with a PKCS#11 token providing the user's > -private RSA key. > +should use to communicate with a PKCS#11 token providing keys for user > +authentication. > .Pp > .It Fl i Ar identity_file > Selects a file from which the identity (private key) for > -- > Christian "naddy" Weisgerber na...@mips.inka.de >
ssh man pages: PKCS#11 no longer limited to RSA
Minor man page tweaks to reflect the fact that PKCS#11 support is no longer limited to RSA. Index: ssh-keygen.1 === RCS file: /cvs/src/usr.bin/ssh/ssh-keygen.1,v retrieving revision 1.156 diff -u -p -r1.156 ssh-keygen.1 --- ssh-keygen.123 Jan 2019 04:51:02 - 1.156 +++ ssh-keygen.15 Mar 2019 15:20:15 - @@ -279,7 +279,7 @@ Requests changing the comment in the pri The program will prompt for the file containing the private keys, for the passphrase if the key has one, and for the new comment. .It Fl D Ar pkcs11 -Download the RSA public keys provided by the PKCS#11 shared library +Download the public keys provided by the PKCS#11 shared library .Ar pkcs11 . When used in combination with .Fl s , Index: ssh.1 === RCS file: /cvs/src/usr.bin/ssh/ssh.1,v retrieving revision 1.400 diff -u -p -r1.400 ssh.1 --- ssh.1 22 Jan 2019 11:51:25 - 1.400 +++ ssh.1 5 Mar 2019 15:18:05 - @@ -270,8 +270,8 @@ on the master process. .It Fl I Ar pkcs11 Specify the PKCS#11 shared library .Nm -should use to communicate with a PKCS#11 token providing the user's -private RSA key. +should use to communicate with a PKCS#11 token providing keys for user +authentication. .Pp .It Fl i Ar identity_file Selects a file from which the identity (private key) for -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: once rules fix
Sorry, my MUA replaced tabs with spaces in the patch I sent
previously. Find the correct one below:
diff --git a/sbin/pfctl/parse.y b/sbin/pfctl/parse.y
index e8dd97f6222..e55b2893069 100644
--- a/sbin/pfctl/parse.y
+++ b/sbin/pfctl/parse.y
@@ -354,7 +354,7 @@ struct pfctl_watermarks syncookie_opts;
int disallow_table(struct node_host *, const char *);
int disallow_urpf_failed(struct node_host *, const char *);
int disallow_alias(struct node_host *, const char *);
-int rule_consistent(struct pf_rule *, int);
+int rule_consistent(struct pf_rule *);
int process_tabledef(char *, struct table_opts *, int);
voidexpand_label_str(char *, size_t, const char *, const char *);
voidexpand_label_if(const char *, char *, size_t, const char *);
@@ -377,8 +377,7 @@ void expand_rule(struct pf_rule *, int,
struct node_if *,
struct node_proto *,
struct node_os *, struct node_host *, struct node_port *,
struct node_host *, struct node_port *, struct node_uid *,
- struct node_gid *, struct node_if *, struct node_icmp *,
- const char *);
+ struct node_gid *, struct node_if *, struct node_icmp *);
int expand_queue(char *, struct node_if *, struct queue_opts *);
int expand_skip_interface(struct node_if *);
@@ -876,6 +875,7 @@ anchorrule : ANCHOR anchorname dir quick interface af
proto fromto
{
struct pf_rule r;
struct node_proto *proto;
+ char*p;
memset(, 0, sizeof(r));
if (pf->astack[pf->asd + 1]) {
@@ -913,7 +913,33 @@ anchorrule : ANCHOR anchorname dir quick interface af
proto fromto
"rules must specify a name");
YYERROR;
}
+
+ /*
+* Don't make non-brace anchors part of the
main anchor pool.
+*/
+ if ((r.anchor = calloc(1, sizeof(*r.anchor)))
== NULL) {
+ err(1, "anchorrule: calloc");
+ }
+ pf_init_ruleset(>ruleset);
+ r.anchor->ruleset.anchor = r.anchor;
+ if (strlcpy(r.anchor->path, $2,
+ sizeof(r.anchor->path)) >=
sizeof(r.anchor->path)) {
+ errx(1, "anchorrule: strlcpy");
+ }
+ if ((p = strrchr($2, '/')) != NULL) {
+ if (strlen(p) == 1) {
+ yyerror("anchorrule: bad anchor
name %s",
+ $2);
+ YYERROR;
+ }
+ } else
+ p = (char *)$2;
+ if (strlcpy(r.anchor->name, p,
+ sizeof(r.anchor->name)) >=
sizeof(r.anchor->name)) {
+ errx(1, "anchorrule: strlcpy");
+ }
}
+
r.direction = $3;
r.quick = $4.quick;
r.af = $6;
@@ -955,8 +981,7 @@ anchorrule : ANCHOR anchorname dir quick interface af
proto fromto
expand_rule(, 0, $5, NULL, NULL, NULL, $7, $8.src_os,
$8.src.host, $8.src.port, $8.dst.host, $8.dst.port,
- $9.uid, $9.gid, $9.rcv, $9.icmpspec,
- pf->astack[pf->asd + 1] ? pf->alast->name : $2);
+ $9.uid, $9.gid, $9.rcv, $9.icmpspec);
free($2);
pf->astack[pf->asd + 1] = NULL;
}
@@ -1110,7 +1135,7 @@ antispoof : ANTISPOOF logquick antispoof_ifspc af
antispoof_opts {
if (h != NULL)
expand_rule(, 0, j, NULL, NULL, NULL,
NULL, NULL, h, NULL, NULL, NULL,
- NULL, NULL, NULL, NULL, "");
+ NULL, NULL, NULL, NULL);
if ((i->ifa_flags & IFF_LOOPBACK) == 0) {
bzero(, sizeof(r));
@@ -1132,7 +1157,7 @@ antispoof : ANTISPOOF logquick antispoof_ifspc af
antispoof_opts {
expand_rule(, 0, NULL, NULL,
Re: reverse scroll direction wstpad
Adding these options - switching the scroll direction and a customizable button map for tapping - to wsmouse and wstpad would not be a big deal. If there is interest, I could prepare a patch. I doubt, however, that both should be included in the named and visible wsmouse options of wsconsctl. While the so-called "natural scrolling" seems to be popular, customizing the tap events is a somewhat rare requirement. BTW, reverting the scroll direction is also possible by configuring a "ZAxisMapping" in ws(4), with an xorg.conf like this one: Section "InputClass" Identifier "touchpad_scroll_buttons" MatchIsTouchPad "true" Option "ZAxisMapping" "5 4" EndSection As it happens, I'm just testing patches that add "precision scrolling" to wscons. If they make it into the tree, it would make sense to defer other changes in this area. On 3/2/19 7:29 PM, Ted Unangst wrote: > One more quick hack. I have become accustomed to scroll going in the reverse > direction. Previously set a negative delta with synclient. > > Again, not sure how to connect this to wsconsctl, but here's what I'm running. > > Index: wstpad.c > === > RCS file: /home/cvs/src/sys/dev/wscons/wstpad.c,v > retrieving revision 1.22 > diff -u -p -r1.22 wstpad.c > --- wstpad.c 29 Dec 2018 21:03:58 - 1.22 > +++ wstpad.c 2 Mar 2019 07:23:43 - > @@ -935,7 +939,7 @@ wstpad_cmds(struct wsmouseinput *input, > input->motion.sync |= SYNC_DELTAS; > continue; > case VSCROLL: > - input->motion.dz = tp->scroll.dz; > + input->motion.dz = -tp->scroll.dz; > input->motion.sync |= SYNC_DELTAS; > continue; > default: > >
