Re: Add support for hex floats to *scanf

[Michael Forney]

On 2019-05-28, Michael Forney  wrote:
> I noticed that OpenBSD's fscanf doesn't yet support hex float strings,
> which are standardized in C99. I am using them in my application (which
> I would like to support OpenBSD), since the "%a" format specifier is a
> convenient way to preserve the exact floating point value.
>
> strtod already supports parsing hex floats, so it is just the scanner
> in __svfscanf that needed changes.
>
> The implementation reuses the PFXOK and NZDIGITS flags from CT_INT
> scanning and follows similar logic to CT_INT. This required allocating
> new flag values for DPTOK and EXPOK.
>
> I did my best to follow style(9), but since the indentation level of this
> switch is so high, I found it difficult wrap lines nicely. I noticed that
> several existing lines broke the "space around binary operators" rule if
> the added space would require unnatural wrapping, so I did the same here.
>
> I wasn't sure which comments I should carry over from the CT_INT case
> (for example, above `case 'x':`), or if any of the other changes require
> additional comments. Please let me know if they do.

Just bumping this so it doesn't get forgotten. I'd be happy to address
any feedback anyone might have.

Re: Errata patches for OpenSMTPD have been released for OpenBSD 6.5 and 6.6.

[Stuart Henderson]

Also be aware that 6.4 is affected too but you will need to update this to a
supported release before you can receive syspatch updates.


On 2020/01/28 23:49, gil...@poolp.org wrote:
> Hello tech@
> 
> Erratas have been published for a security vulnerability discovered in smtpd 
> by Qualys:
> 
> 6.5/030_smtpd_exec.patch.sig
> 6.6/019_smtpd_exec.patch.sig
> 
> 
> It is VERY important that you syspatch as soon as possible.
> 
> I'll write about this bug later when things have settled, particularly about 
> what made
> it possible and what plans we have so similar bugs don't lead to similar 
> consequences,
> two ideas have been discussed to lock things down.
> 
> But for now, it's syspatch time.
> 
> Gilles
> 

Re: Teach du(1) the -m flag, disk usage in megabytes

[Lauri Tirkkonen]

On Tue, Jan 28 2020 18:03:19 +0100, Florian Obser wrote:
> On Tue, Jan 28, 2020 at 09:58:40AM -0700, Todd C. Miller wrote:
> > On Mon, 27 Jan 2020 18:29:39 -0500, Daniel Jakots wrote:
> > 
> > > Can't you achieve what you want with `du -sh * | sort -h`? du(1)'s -h
> > > options will automatically select the best suffix and sort(1)'s -h
> > > will sort first using the suffix then the numerical value.
> > 
> > Yes, I forgot about "sort -h".  Old habits die hard :-)
> 
> ... which is not in posix, netbsd nor illumos.

So, do you think that 'du -m' will be in all those then? POSIX doesn't
have it [0].

The way I see it, the entire conversation in this thread is about doing
things that might be useful to people. IMO, arguing about where
extensions are or aren't implemented isn't productive.

[0]: https://pubs.opengroup.org/onlinepubs/9699919799/utilities/du.html

-- 
Lauri Tirkkonen | lotheac @ IRCnet

Errata patches for OpenSMTPD have been released for OpenBSD 6.5 and 6.6.

[gilles]

Hello tech@

Erratas have been published for a security vulnerability discovered in smtpd by 
Qualys:

6.5/030_smtpd_exec.patch.sig
6.6/019_smtpd_exec.patch.sig


It is VERY important that you syspatch as soon as possible.

I'll write about this bug later when things have settled, particularly about 
what made
it possible and what plans we have so similar bugs don't lead to similar 
consequences,
two ideas have been discussed to lock things down.

But for now, it's syspatch time.

Gilles

Re: Update disklabel(8) man page

[Otto Moerbeek]

On Tue, Jan 28, 2020 at 06:43:38PM +0100, Martin wrote:

> Hi
> 
> Attached a diff to bring the disklabel man page up to date. Information
> taken directly from editor.c line 95.

Committed, thanks,

-Otto

> 
> Best,
> 
> Martin
> 
> Index: disklabel.8
> ===
> RCS file: /cvs/src/sbin/disklabel/disklabel.8,v
> retrieving revision 1.138
> diff -u -p -r1.138 disklabel.8
> --- disklabel.8   19 Dec 2019 09:38:03 -  1.138
> +++ disklabel.8   28 Jan 2020 17:42:08 -
> @@ -529,7 +529,7 @@ and may vary from architecture to archit
>  swap 10% of disk.   80M \(en 2x max physical memory
>  /tmp  8% of disk.  120M \(en 4G
>  /var 13% of disk.   80M \(en 2x size of crash dump
> -/usr 10% of disk. 1300M \(en 6G
> +/usr 10% of disk. 1500M \(en 6G
>  /usr/X11R63% of disk.  384M \(en 1G
>  /usr/local   15% of disk.1G \(en 20G
>  /usr/src  2% of disk. 1300M \(en 2G
> 

cwm: refactor client cycling

[Okan Demirmen]

Hi,

The below refactors client cycling to be available from a client context
instead of limiting to a screen context; this allows bindings for the 4
related functions (window-{,r}cycle,window-{,r}cycle-ingroup) for either
key or mouse (current only available via key bindings). With the
refactor to client context a lot of the layers added over the years to
make this mimic other WM's can be simplified, I hope.

I'm posting here in case I'm missing an expected behavior, or few.

Feedback welcome.

Index: calmwm.h
===
RCS file: /home/open/cvs/xenocara/app/cwm/calmwm.h,v
retrieving revision 1.372
diff -u -p -r1.372 calmwm.h
--- calmwm.h22 Jan 2020 19:58:35 -  1.372
+++ calmwm.h28 Jan 2020 18:26:46 -
@@ -395,7 +395,7 @@ __dead void  usage(void);
 voidclient_applysizehints(struct client_ctx *);
 voidclient_config(struct client_ctx *);
 struct client_ctx  *client_current(struct screen_ctx *);
-voidclient_cycle(struct screen_ctx *, int);
+voidclient_cycle(struct client_ctx *, int);
 voidclient_remove(struct client_ctx *);
 voidclient_draw_border(struct client_ctx *);
 struct client_ctx  *client_find(Window);
Index: client.c
===
RCS file: /home/open/cvs/xenocara/app/cwm/client.c,v
retrieving revision 1.255
diff -u -p -r1.255 client.c
--- client.c7 Mar 2019 14:28:17 -   1.255
+++ client.c28 Jan 2020 18:26:46 -
@@ -31,8 +31,8 @@
 
 #include "calmwm.h"
 
-static struct client_ctx   *client_next(struct client_ctx *);
-static struct client_ctx   *client_prev(struct client_ctx *);
+static struct client_ctx   *client_next(struct client_ctx *, int);
+static struct client_ctx   *client_prev(struct client_ctx *, int);
 static void client_placecalc(struct client_ctx *);
 static void client_wm_protocols(struct client_ctx *);
 static void client_mwm_hints(struct client_ctx *);
@@ -677,72 +677,58 @@ match:
 }
 
 void
-client_cycle(struct screen_ctx *sc, int flags)
+client_cycle(struct client_ctx *cc, int flags)
 {
-   struct client_ctx   *newcc, *oldcc, *prevcc;
+   struct screen_ctx   *sc = cc->sc;
+   struct client_ctx   *newcc = cc;
int  again = 1;
 
-   if (TAILQ_EMPTY(&sc->clientq))
-   return;
-
-   prevcc = TAILQ_FIRST(&sc->clientq);
-   oldcc = client_current(sc);
-   if (oldcc == NULL)
-   oldcc = (flags & CWM_CYCLE_REVERSE) ?
-   TAILQ_LAST(&sc->clientq, client_q) :
-   TAILQ_FIRST(&sc->clientq);
-
-   newcc = oldcc;
while (again) {
again = 0;
+   if (flags & CWM_CYCLE_FORWARD)
+   newcc = client_next(newcc, CLIENT_SKIP_CYCLE);
+   else
+   newcc = client_prev(newcc, CLIENT_SKIP_CYCLE);
 
-   newcc = (flags & CWM_CYCLE_REVERSE) ? client_prev(newcc) :
-   client_next(newcc);
-
-   /* Only cycle visible and non-ignored windows. */
-   if ((newcc->flags & (CLIENT_SKIP_CYCLE)) ||
-   ((flags & CWM_CYCLE_INGROUP) &&
-   (newcc->gc != oldcc->gc)))
+   if ((flags & CWM_CYCLE_INGROUP) && (newcc->gc != cc->gc))
again = 1;
-
-   /* Is oldcc the only non-hidden window? */
-   if (newcc == oldcc) {
-   if (again)
-   return; /* No windows visible. */
-   break;
-   }
}
+   if (newcc == cc)
+   return;
 
-   /* Reset when cycling mod is released. XXX I hate this hack */
-   sc->cycling = 1;
-   client_ptrsave(oldcc);
-   client_raise(prevcc);
+   sc->cycling = 1; /* XXX Reset when cycling mod is released. XXX */
+   client_ptrsave(cc);
+   client_raise(cc);
client_raise(newcc);
-   if (!client_inbound(newcc, newcc->ptr.x, newcc->ptr.y)) {
-   newcc->ptr.x = newcc->geom.w / 2;
-   newcc->ptr.y = newcc->geom.h / 2;
-   }
-   client_ptrwarp(newcc);
+   client_ptr_inbound(newcc, 0);
 }
 
 static struct client_ctx *
-client_next(struct client_ctx *cc)
+client_next(struct client_ctx *cc, int flags)
 {
struct screen_ctx   *sc = cc->sc;
-   struct client_ctx   *newcc;
+   struct client_ctx   *nextcc;
 
-   return(((newcc = TAILQ_NEXT(cc, entry)) != NULL) ?
-   newcc : TAILQ_FIRST(&sc->clientq));
+   nextcc = TAILQ_NEXT(cc, entry);
+   if (nextcc == NULL)
+   nextcc = TAILQ_FIRST(&sc->clientq);
+   if (flags && (nextcc->flags & flags))
+   nextcc = client_next(nex

Update disklabel(8) man page

[Martin]

Hi

Attached a diff to bring the disklabel man page up to date. Information
taken directly from editor.c line 95.

Best,

Martin

Index: disklabel.8
===
RCS file: /cvs/src/sbin/disklabel/disklabel.8,v
retrieving revision 1.138
diff -u -p -r1.138 disklabel.8
--- disklabel.8 19 Dec 2019 09:38:03 -  1.138
+++ disklabel.8 28 Jan 2020 17:42:08 -
@@ -529,7 +529,7 @@ and may vary from architecture to archit
 swap   10% of disk.   80M \(en 2x max physical memory
 /tmp8% of disk.  120M \(en 4G
 /var   13% of disk.   80M \(en 2x size of crash dump
-/usr   10% of disk. 1300M \(en 6G
+/usr   10% of disk. 1500M \(en 6G
 /usr/X11R6  3% of disk.  384M \(en 1G
 /usr/local 15% of disk.1G \(en 20G
 /usr/src2% of disk. 1300M \(en 2G

Re: Teach du(1) the -m flag, disk usage in megabytes

[Florian Obser]

On Tue, Jan 28, 2020 at 09:58:40AM -0700, Todd C. Miller wrote:
> On Mon, 27 Jan 2020 18:29:39 -0500, Daniel Jakots wrote:
> 
> > Can't you achieve what you want with `du -sh * | sort -h`? du(1)'s -h
> > options will automatically select the best suffix and sort(1)'s -h
> > will sort first using the suffix then the numerical value.
> 
> Yes, I forgot about "sort -h".  Old habits die hard :-)

... which is not in posix, netbsd nor illumos.


> 
>  - todd
> 

-- 
I'm not entirely sure you are real.

Re: Teach du(1) the -m flag, disk usage in megabytes

[Todd C . Miller]

On Mon, 27 Jan 2020 18:29:39 -0500, Daniel Jakots wrote:

> Can't you achieve what you want with `du -sh * | sort -h`? du(1)'s -h
> options will automatically select the best suffix and sort(1)'s -h
> will sort first using the suffix then the numerical value.

Yes, I forgot about "sort -h".  Old habits die hard :-)

 - todd

L1D Eviction Sampling / CVE-2020-0549 / INTEL-SA-00329

[Zachary Peschke]

Just in case you haven't heard yet...

https://cacheoutattack.com/
https://software.intel.com/security-software-guidance/software-guidance/l1d-eviction-sampling

- Zac

Re: man afterboot / inc. of wsconsctl

[Jason McIntyre]

On Tue, Jan 28, 2020 at 12:38:52PM +0100, su.root wrote:
> Hi,
> would like to suggest inc. / reference of wsconsctl in the afterboot man 
> page. Might
> be particularly useful for further fine tuning of respective variables
> pertaining to devices / laptops.
> 

hi.

i don;t think we should just drop an Xr in. if there was something
concrete to be said, that might be different. remember, you're expected
to poke a bit anyway, and there's a very good faq that can help with
some of the peripherals.

if there's some concrete advice missing i guess you could submit a diff.

jmc

IPv6 Support for umb(4)

[Gerhard Roth]

Hi,

this patch adds IPv6 support to umb(4).

It will try to obtain a IPv6 address if the kernel is compiled with INET6.
Currently there is no option to disable IPv6 on such a kernel (other than
manually calling "ifconfig umb0 -inet6"). Nor is there a IPv6-only mode which
refrains from obtaining an IPv4 address from the kernel.

To get an IPv6 address, your provider has to offer one. But more importantly
the firmware of your umb(4) device has to have IPv6 support. I stumbled
across two older Sierra Wireless modules (EM8805 and MC3805) that refused
to provide an IPv6 address.

Have fun,

Gerhard


Index: sbin/ifconfig/ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.417
diff -u -p -u -p -r1.417 ifconfig.c
--- sbin/ifconfig/ifconfig.c27 Dec 2019 14:34:46 -  1.417
+++ sbin/ifconfig/ifconfig.c23 Jan 2020 09:24:38 -
@@ -5666,6 +5666,7 @@ umb_status(void)
char apn[UMB_APN_MAXLEN+1];
char pn[UMB_PHONENR_MAXLEN+1];
int  i, n;
+   char astr[INET6_ADDRSTRLEN];
 
memset((char *)&mi, 0, sizeof(mi));
ifr.ifr_data = (caddr_t)&mi;
@@ -5830,7 +5831,15 @@ umb_status(void)
for (i = 0, n = 0; i < UMB_MAX_DNSSRV; i++) {
if (mi.ipv4dns[i].s_addr == INADDR_ANY)
break;
-   printf("%s %s", n++ ? "" : "\tdns", inet_ntoa(mi.ipv4dns[i]));
+   printf("%s %s", n++ ? "" : "\tdns",
+   inet_ntop(AF_INET, &mi.ipv4dns[i], astr, sizeof (astr)));
+   }
+   for (i = 0; i < UMB_MAX_DNSSRV; i++) {
+   if (memcmp(&mi.ipv6dns[i], &in6addr_any,
+   sizeof (mi.ipv6dns[i])) == 0)
+   break;
+   printf("%s %s", n++ ? "" : "\tdns",
+   inet_ntop(AF_INET6, &mi.ipv6dns[i], astr, sizeof (astr)));
}
if (n)
printf("\n");
Index: share/man/man4/umb.4
===
RCS file: /cvs/src/share/man/man4/umb.4,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 umb.4
--- share/man/man4/umb.423 Nov 2017 20:47:26 -  1.9
+++ share/man/man4/umb.428 Jan 2020 09:04:20 -
@@ -40,6 +40,11 @@ will remain in this state until the MBIM
 In case the device is connected to an "always-on" USB port,
 it may be possible to connect to a provider without entering the
 PIN again even if the system was rebooted.
+.Pp
+If the kernel has been compiled with INET6, the driver will try to
+obtain an IPv6 address from the provider. To succeed with the IPv6
+configuration, both the ISP and the MBIM device have to offer IPv6
+support.
 .Sh HARDWARE
 The following devices should work:
 .Pp
@@ -64,10 +69,6 @@ The following devices should work:
 .%U http://www.usb.org/developers/docs/devclass_docs/MBIM10Errata1_073013.zip
 .Re
 .Sh CAVEATS
-The
-.Nm
-driver does not support IPv6.
-.Pp
 Devices which fail to provide a conforming MBIM implementation will
 probably be attached as some other driver, such as
 .Xr umsm 4 .
Index: sys/dev/usb/if_umb.c
===
RCS file: /cvs/src/sys/dev/usb/if_umb.c,v
retrieving revision 1.31
diff -u -p -u -p -r1.31 if_umb.c
--- sys/dev/usb/if_umb.c26 Nov 2019 23:04:28 -  1.31
+++ sys/dev/usb/if_umb.c28 Jan 2020 09:08:16 -
@@ -43,6 +43,14 @@
 #include 
 #include 
 
+#ifdef INET6
+#include 
+#include 
+#include 
+#include 
+#include 
+#endif
+
 #include 
 
 #include 
@@ -158,7 +166,11 @@ int umb_decode_connect_info(struct umb
 voidumb_clear_addr(struct umb_softc *);
 int umb_add_inet_config(struct umb_softc *, struct in_addr, u_int,
struct in_addr);
-voidumb_send_inet_proposal(struct umb_softc *);
+#ifdef INET6
+int umb_add_inet6_config(struct umb_softc *, struct in6_addr *,
+   u_int, struct in6_addr *);
+#endif
+voidumb_send_inet_proposal(struct umb_softc *, int);
 int umb_decode_ip_configuration(struct umb_softc *, void *, int);
 voidumb_rx(struct umb_softc *);
 voidumb_rxeof(struct usbd_xfer *, void *, usbd_status);
@@ -800,8 +812,8 @@ umb_input(struct ifnet *ifp, struct mbuf
 #endif /* INET6 */
default:
ifp->if_ierrors++;
-   DPRINTFN(4, "%s: dropping packet with bad IP version (%d)\n",
-   __func__, ipv);
+   DPRINTFN(4, "%s: dropping packet with bad IP version (af %d)\n",
+   __func__, af);
m_freem(m);
return 1;
}
@@ -902,7 +914,10 @@ umb_rtrequest(struct ifnet *ifp, int req
struct umb_softc *sc = ifp->if_softc;
 
if (req == RTM_PROPOSAL) {
-   umb_send_inet_proposal(sc);
+   umb_send_inet_proposal(sc, AF_INET);
+#ifdef INET

Re: ipsec flow type changes, use->require

[Tobias Heider]

On Tue, Jan 28, 2020 at 01:19:17AM +, Stuart Henderson wrote:
> This at least needs documenting in current.html/upgrade67.html so that
> people aren't caught by surprise (it took me several days to figure
> out as I'd forgotten about this commit!) but this would be better if
> we can show a workaround for people affected by the change.

Agree, sorry for the inconvenience.

> I tried adding a 'type use' flow with ipsecctl but this failed with
> "writev failed: Invalid argument" (same if I removed the existing 'type
> require' flow first) - not sure if there's another way to do this.
>
> Workarounds on $myworkstation side (split horizon DNS, natting
> $myworkstation's non-tunnel traffic to $EXTERNAL_IP to another IP) are
> possible I suppose, but not very appealing. Does anyone have other ideas?

Something you could try is using a virtual interface with an IP from your
private range for the roadwarrior:

myworkstation_vpn = 10.71.0.255

hostname.vether0:
inet $myworkstation_vpn/18

iked.conf:
ikev2 esp from $myworkstation_vpn to 10.71.0.0/18 \
local $myworkstation peer $EXTERNAL_IP \
...

man afterboot / inc. of wsconsctl

[su.root]

Hi,
would like to suggest inc. / reference of wsconsctl in the afterboot man page. 
Might
be particularly useful for further fine tuning of respective variables
pertaining to devices / laptops.

[PATCH] [www] faq/current.html - pretty print paths

[Raf Czlonka]

Hi all,

Using the convention from earlier in the faq/current.html file,
enclose file/directory paths in .

Cheers,

Raf

Index: faq/current.html
===
RCS file: /cvs/www/faq/current.html,v
retrieving revision 1.1021
diff -u -p -r1.1021 current.html
--- faq/current.html28 Jan 2020 00:16:29 -  1.1021
+++ faq/current.html28 Jan 2020 10:42:42 -
@@ -173,8 +173,8 @@ Users are advised to consider alternativ
 
 2020/01/24 - [packages] firefox 71.0: pledge configuration 
change
 Previously, disabling pledge was done by modifying an entry in about:config
-but now it is done using files in /etc/firefox as explained in the pkg-readme
-file, /usr/local/share/doc/pkg-readmes/firefox.
+but now it is done using files in /etc/firefox as explained in 
the pkg-readme
+file, /usr/local/share/doc/pkg-readmes/firefox.
 Unveil has been added to firefox to restrict filesystem access by default.
 To grant access to additional paths or disable unveil, see the pkg-readme file.