diff: relayd generate an output rule for "route to"

2023-09-12 Thread YASUOKA Masahiko 
Hi,

After 6.9 packets passed by "route-to" started to be evaluated when
output.  As the result, states are created for output direction,
because it is not considered about "direct server return", has some
problems (eg. the state is deleted because the state tracking is
failed.)

relayd(8) creates the input rule automatically.  In the same way, a
rule for output should be created.

example output of "pfctl -sr"

pass in quick on rdomain 0 inet proto tcp from any to 192.168.2.212 port = 
8080 flags any keep state (sloppy, tcp.established 600) route-to @en2 
source-hash 0x11121314212223243132333441424344
+   pass out quick on rdomain 0 inet proto tcp from any to 192.168.2.212 port = 
8080 flags any keep state (sloppy, tcp.established 600)

ok?

Index: usr.sbin/relayd/pfe_filter.c
===
RCS file: /cvs/src/usr.sbin/relayd/pfe_filter.c,v
retrieving revision 1.63
diff -u -p -r1.63 pfe_filter.c
--- usr.sbin/relayd/pfe_filter.c30 Jun 2023 12:16:00 -  1.63
+++ usr.sbin/relayd/pfe_filter.c13 Sep 2023 04:58:36 -
@@ -486,6 +486,20 @@ sync_ruleset(struct relayd *env, struct 
if (ioctl(env->sc_pf->dev, DIOCADDRULE, &rio) == -1)
fatal("cannot add rule");
log_debug("%s: rule added to anchor \"%s\"", __func__, anchor);
+
+   /*
+* Create "pass out" rule for "route to" which is needed to
+* make the states sloppy, short timeout and so on.
+*/
+   if (t->conf.fwdmode == FWD_ROUTE) {
+   rio.rule.direction = PF_OUT;
+   rio.rule.rt &= ~PF_ROUTETO;
+   rio.rule.route.addr.type = PF_ADDR_NONE;
+   if (ioctl(env->sc_pf->dev, DIOCADDRULE, &rio) == -1)
+   fatal("cannot add rule");
+   log_debug("%s: rule added to anchor \"%s\"", __func__,
+   anchor);
+   }
}
if (transaction_commit(env) == -1)
log_warn("%s: add rules transaction failed", __func__);

Re: ksh(1): implement p_tv() with p_ts()

2023-09-12 Thread Todd C . Miller 
On Tue, 12 Sep 2023 07:49:27 +0200, Theo Buehler wrote:

> While this looks like an improvement to me, this uses a new non-portable
> construct in ksh. I don't know how much we care.

I don't think we care.  If someone wants to ports our ksh it
is easy enough to supply TIMEVAL_TO_TIMESPEC if necessary.

 - todd

Re: ksh(1): implement p_tv() with p_ts()

2023-09-12 Thread Todd C . Miller 
On Mon, 11 Sep 2023 22:10:49 -0500, Scott Cheloha wrote:

> p_tv() is identical to p_ts() in every way except for the subsecond
> conversion constants.
>
> Better to write p_ts() once: in p_tv(), convert from timeval to
> timespec and call p_ts().

OK millert@

 - todd

Re: path: speed-up pkg-config

2023-09-12 Thread Marc Espie 
On Mon, Sep 11, 2023 at 09:55:53AM +0200, Marc Espie wrote:
> Not to pkgconf levels, but still way faster than what we had
> 
> Updated patch from what I've shown to people, turns out the second grep
> wasn't quite working.
> 
> This does cache the set_variables_from_env shennanigans, speeding up large
> processing of recursive files by a large factor (since we keep a cache
> of relevant env variables, and don't bother setting the same value twice)
> 
> 
> The optimisation in PkgConfig.pm is sligtly less powerful: we got a marker
> for variable expansions straight up when we parse a pkgconfig file, before
> even splitting into lists, so instead of "raw" lists, 
> tag them as NoExpand/ToExpand classes, so  that we can forego variable
> expansion altogether.
> 
> Please test, this appears to pass regress, and I've just put this into
> a partial bulk.

Oops, as gkoehler noticed, I sent out the old patch.
Here's the actual fixed one:

Index: pkg-config
===
RCS file: /cvs/src/usr.bin/pkg-config/pkg-config,v
retrieving revision 1.96
diff -u -p -r1.96 pkg-config
--- pkg-config  8 Jun 2023 08:55:27 -   1.96
+++ pkg-config  11 Sep 2023 07:50:57 -
@@ -279,6 +279,26 @@ if ($mode{cflags} || $mode{libs} || $mod
 exit $rc;
 
 ###
+sub set_variables_from_env($file)
+{
+   state (%done, @l);
+
+   if (!defined $done{$file}) {
+   my $pkg = $file;
+
+   $pkg =~ s/(^.*\/)?(.*?)\.pc$/$2/g;
+   $pkg = uc($pkg);
+   if (!@l) {
+   @l = grep {/PKG_CONFIG_/} keys %ENV;
+   }
+   for my $k (@l) {
+   next unless $k =~ m/PKG_CONFIG_${pkg}_(\w+)/;
+   $variables->{lc($1)} = $ENV{$k};
+   }
+   $done{$file} = 1;
+   }
+
+}
 
 sub handle_config($p, $op, $v, $list)
 {
@@ -300,22 +320,7 @@ sub handle_config($p, $op, $v, $list)
}
 
my $get_props = sub($property) {
-   my $pkg;
-
-   # See if there's anything in the environment that we need to
-   # take into account.
-   ($pkg = $p) =~ s/(^.*\/)?(.*?)\.pc$/$2/g;
-   $pkg = uc($pkg);
-
-   if (grep {/PKG_CONFIG_${pkg}.*/} keys %ENV) {
-   # Now that we know we have something to look for, do
-   # the inefficient iteration.
-   while (my ($k, $v) = each %ENV) {
-   if ($k =~ /^PKG_CONFIG_${pkg}_(\w+)/) {
-   $variables->{lc($1)} = $v;
-   }
-   }
-   }
+   set_variables_from_env($p);
 
my $deps = $cfg->get_property($property, $variables);
return unless defined $deps;
Index: OpenBSD/PkgConfig.pm
===
RCS file: /cvs/src/usr.bin/pkg-config/OpenBSD/PkgConfig.pm,v
retrieving revision 1.10
diff -u -p -r1.10 PkgConfig.pm
--- OpenBSD/PkgConfig.pm8 Jun 2023 08:55:27 -   1.10
+++ OpenBSD/PkgConfig.pm11 Sep 2023 07:50:57 -
@@ -16,6 +16,7 @@
 
 use v5.36;
 
+
 # interface to the *.pc file format of pkg-config.
 package OpenBSD::PkgConfig;
 
@@ -72,10 +73,14 @@ sub add_variable($self, $name, $value)
 
 sub parse_value($self, $name, $value)
 {
+   my $class = "OpenBSD::PkgConfig::NoExpand";
+   if ($value =~ m/\$\{.*\}/) {
+   $class = "OpenBSD::PkgConfig::ToExpand";
+   }
if (defined $parse->{$name}) {
-   return $parse->{$name}($value);
+   return bless $parse->{$name}($value), $class;
} else {
-   return [split /(?parse_value($name, $value);
} else {
-   $v = [];
+   $v = bless [], "OpenBSD::PkgConfig::NoExpand";
}
$self->{properties}{$name} = $v;
 }
@@ -121,8 +126,9 @@ sub read_fh($class, $fh, $name = '')
}
}
if (defined $cfg->{properties}{Libs}) {
-   $cfg->{properties}{Libs} =
-   $cfg->compress_list($cfg->{properties}{Libs});
+   $cfg->{properties}{Libs} = bless
+   $cfg->compress_list($cfg->{properties}{Libs}),
+   ref($cfg->{properties}{Libs});
}
return $cfg;
 }
@@ -220,6 +226,9 @@ sub get_property($self, $k, $extra = {})
if (!defined $l) {
return undef;
}
+   if ($l->noexpand) {
+   return [@$l];
+   }
my $r = [];
for my $v (@$l) {
my $w = $self->expanded($v, $extra);
@@ -263,4 +272,17 @@ sub add_bases($self, $extra)
}
 }
 
+package OpenBSD::PkgConfig::NoExpand;
+our @ISA = qw(OpenBSD::PkgConfig);
+sub noexpand($)
+{
+   1
+}
+
+package OpenBSD::PkgConfig::ToExp