Re: normalize ldap DN in the config
> On Oct 6, 2021, at 2:13 PM, Claudio Jeker wrote:
>
> Run into this while setting up a new DN.
> The DN in namespace only matches if it is normalized.
> So it may be best to do this by default when adding a namespace.
> With this using a capitalized namespace like "o=OpenBSD,c=CA" will
> work. Also as a side note the rootdn is already normalized so no need
> to fix that.
>
> Totally unrelated but I could not resist to change the error check for
> host from the somewhat funky <= 0 to a != 1 (host returns 1 on success and
> 0 and -1 on failure).
>
> I will split this into two commits in the end.
> --
> :wq Claudio
>
> Index: parse.y
> ===
> RCS file: /cvs/src/usr.sbin/ldapd/parse.y,v
> retrieving revision 1.40
> diff -u -p -r1.40 parse.y
> --- parse.y 2 May 2021 14:39:05 - 1.40
> +++ parse.y 6 Oct 2021 16:56:50 -
> @@ -207,7 +207,7 @@ conf_main : LISTEN ON STRING port ssl ce
> if (! interface($3, cert, &conf->listeners,
> $4, $5)) {
> if (host($3, cert, &conf->listeners,
> - $4, $5) <= 0) {
> + $4, $5) != 1) {
> yyerror("invalid virtual ip or
> interface: %s", $3);
> free($6);
> free($3);
> @@ -1206,15 +1206,16 @@ namespace_new(const char *suffix)
>
> if ((ns = calloc(1, sizeof(*ns))) == NULL)
> return NULL;
> - ns->suffix = strdup(suffix);
> ns->sync = 1;
> ns->cache_size = 1024;
> ns->index_cache_size = 512;
> + ns->suffix = strdup(suffix);
> if (ns->suffix == NULL) {
> free(ns->suffix);
> free(ns);
> return NULL;
> }
> + normalize_dn(ns->suffix);
> TAILQ_INIT(&ns->indices);
> TAILQ_INIT(&ns->request_queue);
> SIMPLEQ_INIT(&ns->acl);
>
Diff looks fine. OK gsoares
Re: sample unbound.conf tweak
On Sun, Jun 21, 2020 at 04:47:22PM +0100, Stuart Henderson wrote: > An "uncomment" was left in when we reenabled dnssec by default, > and it seems a bit pointless to say "comment out to disable". ok? > makes sense, ok with me. > > Index: unbound.conf > === > RCS file: /cvs/src/etc/unbound.conf,v > retrieving revision 1.19 > diff -u -p -r1.19 unbound.conf > --- unbound.conf7 Nov 2019 15:46:37 - 1.19 > +++ unbound.conf21 Jun 2020 15:46:34 - > @@ -19,12 +19,12 @@ server: > hide-identity: yes > hide-version: yes > > - # Perform DNSSEC validation. Comment out the below option to > disable. > + # Perform DNSSEC validation. > # > auto-trust-anchor-file: "/var/unbound/db/root.key" > val-log-level: 2 > > - # Uncomment to synthesize NXDOMAINs from DNSSEC NSEC chains > + # Synthesize NXDOMAINs from DNSSEC NSEC chains. > # https://tools.ietf.org/html/rfc8198 > # > aggressive-nsec: yes >
Re: refer to pointers as non-null
On Fri, Jan 31, 2020 at 05:33:05AM -0500, Ted Unangst wrote: > Noticed this in wait.2, though I imagine other occurences abound. > > I believe non-null is clearer when refering to a pointer than non-zero, which > is a bit 80s, and less likely to be mistaken for the value pointed to. This > same page also refers to non-zero values, fwiw. > > > Index: wait.2 > === > RCS file: /home/cvs/src/lib/libc/sys/wait.2,v > retrieving revision 1.30 > diff -u -p -r1.30 wait.2 > --- wait.21 May 2017 00:08:31 - 1.30 > +++ wait.231 Jan 2020 10:28:42 - > @@ -70,7 +70,7 @@ On return from a successful > .Fn wait > call, the > .Fa status > -area, if non-zero, is filled in with termination information about the > +area, if non-null, is filled in with termination information about the > process that exited (see below). > .Pp > The > @@ -137,7 +137,7 @@ signal also have their status reported. > .Pp > If > .Fa rusage > -is non-zero, a summary of the resources used by the terminated > +is non-null, a summary of the resources used by the terminated > process and all its > children is returned (this information is currently not available > for stopped processes). diff looks right, things got confused maybe because that wait(2) returns pid_t, but it's refering to status pointer.
Re: introduce 'pfctl -FR' to reset settings to defaults
+void
> +pfctl_reset(int dev, int opts)
> +{
> + struct pfctlpf;
> + struct pfr_buffer t;
> + int i;
> +
> + pf.dev = dev;
> + pfctl_init_options(&pf);
> +
> + /* Force reset upon pfctl_load_options() */
> + pf.debug_set = 1;
> + pf.reass_set = 1;
> + pf.syncookieswat_set = 1;
> + pf.ifname = strdup("none");
> + if (pf.ifname == NULL)
> + warn("%s: Warning: can't reset loginterface\n", __func__);
do you really need this
extra newline here?
warn() itself already includes
one.
> + else
> + pf.ifname_set = 1;
> +
> + memset(&t, 0, sizeof(t));
> + t.pfrb_type = PFRB_TRANS;
> + if (pfctl_trans(dev, &t, DIOCXBEGIN, 0))
> + warn("%s, DIOCXBEGIN", __func__);
> +
> + for (i = 0; pf_limits[i].name; i++)
> + pf.limit_set[pf_limits[i].index] = 1;
> +
> + for (i = 0; pf_timeouts[i].name; i++)
> + pf.timeout_set[pf_timeouts[i].timeout] = 1;
> +
> + pfctl_load_options(&pf);
> +
> + if (pfctl_trans(dev, &t, DIOCXCOMMIT, 0))
> + warn("%s, DIOCXCOMMIT", __func__);
> +
> + pfctl_clear_interface_flags(dev, opts);
> +}
Re: Replace getprogname() to argv[0] in bnaddsub
On Tue, Jul 17, 2018 at 10:09:37PM +0900, Kinichiro Inoguchi wrote:
> To run regress bnaddsub on Windows, I would like to supersede getprogname
> with argv[0] since it is not on Windows.
>
> OK ?
>
> Index: regress/lib/libcrypto/bn/addsub/bnaddsub.c
> ===
> RCS file: /cvs/src/regress/lib/libcrypto/bn/addsub/bnaddsub.c,v
> retrieving revision 1.1
> diff -u -p -u -p -r1.1 bnaddsub.c
> --- regress/lib/libcrypto/bn/addsub/bnaddsub.c10 Jul 2018 16:57:50
> - 1.1
> +++ regress/lib/libcrypto/bn/addsub/bnaddsub.c17 Jul 2018 13:01:08
> -
> @@ -216,7 +216,7 @@ main(int argc, char *argv[])
>
> if ((bio_err = BIO_new_fp(stderr, BIO_NOCLOSE)) == NULL) {
> fprintf(stderr, "%s: failed to initialize bio_err",
> - getprogname());
> + argv[0]);
> return 1;
> }
>
>
how about of using __progname ?
Re: sync calloc call in ber.c
On Wed, Jun 27, 2018 at 10:05:52AM -0400, Rob Pierce wrote:
> This ber.c change has been in ldapd since rev 1.1 and was applied to snmpd
> back
> in 2012. The following diff applies the change to the ldap client and ypldap.
>
> Ok?
looks right,
>
> Index: usr.bin/ldap/ber.c
> ===
> RCS file: /cvs/src/usr.bin/ldap/ber.c,v
> retrieving revision 1.2
> diff -u -p -r1.2 ber.c
> --- usr.bin/ldap/ber.c27 Jun 2018 13:22:17 - 1.2
> +++ usr.bin/ldap/ber.c27 Jun 2018 13:55:51 -
> @@ -269,7 +269,7 @@ ber_add_nstring(struct ber_element *prev
> struct ber_element *elm;
> char *string;
>
> - if ((string = calloc(1, len)) == NULL)
> + if ((string = calloc(1, len + 1)) == NULL)
> return NULL;
> if ((elm = ber_get_element(BER_TYPE_OCTETSTRING)) == NULL) {
> free(string);
>
> Index: usr.sbin/ypldap/ber.c
> ===
> RCS file: /cvs/src/usr.sbin/ypldap/ber.c,v
> retrieving revision 1.14
> diff -u -p -r1.14 ber.c
> --- usr.sbin/ypldap/ber.c 27 Jun 2018 13:22:17 - 1.14
> +++ usr.sbin/ypldap/ber.c 27 Jun 2018 13:55:51 -
> @@ -269,7 +269,7 @@ ber_add_nstring(struct ber_element *prev
> struct ber_element *elm;
> char *string;
>
> - if ((string = calloc(1, len)) == NULL)
> + if ((string = calloc(1, len + 1)) == NULL)
> return NULL;
> if ((elm = ber_get_element(BER_TYPE_OCTETSTRING)) == NULL) {
> free(string);
>
Re: ldapd: avoid passing NULL to asprintf(3) when there's no parent dn entry
On Mon, Jun 25, 2018 at 12:27:23PM +0200, Jeremie Courreges-Anglas wrote:
> On Mon, Jun 25 2018, Gleydson Soares wrote:
> > avoid passing NULL to asprintf(3) when there's no parent dn entry,
> > this happens when adding a new naming context and then putting the first
> > rdn in.
> >
> > Jun 24 23:51:23 x250 ldapd: vfprintf %s NULL in "@%.*s,%.*s"
> > Jun 25 00:13:14 x250 ldapd: vfprintf %s NULL in "@%.*s,%.*s"
>
> Are those log entries the only symptom, or does this problem affect
> ldapd(8) operations?
it doesn't affect anything, just messed up my logs.
>
> The diff looks correct but more complicated than necessary. Unless I'm
> missing something the shorter diff below would also help. Does it work
> for you?
clever!
works for me, i'm going to commit it tonight. thanks,
>
>
> Index: index.c
> ===
> RCS file: /d/cvs/src/usr.sbin/ldapd/index.c,v
> retrieving revision 1.11
> diff -u -p -p -u -r1.11 index.c
> --- index.c 20 Jan 2017 11:55:08 - 1.11
> +++ index.c 25 Jun 2018 10:19:00 -
> @@ -138,6 +138,7 @@ index_rdn_key(struct namespace *ns, stru
> if (parent_dn == NULL) {
> rdnsz = dnsz;
> pdnsz = 0;
> + parent_dn = "";
> } else {
> rdnsz = parent_dn - (char *)dn->data;
> pdnsz = dnsz - rdnsz - 1;
>
> --
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ldapd: fix regress
On Mon, Jun 25, 2018 at 08:49:31AM +0200, Landry Breuil wrote:
> On Mon, Jun 25, 2018 at 02:25:40AM -0300, Gleydson Soares wrote:
> > unbreak ldapd regress,
> > everything seems to be working fine.
>
> the point of the overly complicated grep line was to handle the case
> where you have a running production ldapd, and you spawn another one for
> regress.. that's also why it starts on another tcp port.
currently it's broken, grep doesn't grab the pid since
there's no pid there in log file.
kill: illegal process id: startup
here's a diff that works for me, if you have a better approach
let me know.
? ldapd1.conf
? log
Index: Makefile
===
RCS file: /cvs/src/regress/usr.sbin/ldapd/Makefile,v
retrieving revision 1.8
diff -u -p -r1.8 Makefile
--- Makefile25 Jun 2017 22:06:06 - 1.8
+++ Makefile25 Jun 2018 13:57:39 -
@@ -33,9 +33,9 @@ bootstrap:
@[ -z "${SUDO}" ] || ${SUDO} true
@${SUDO} install -m 600 -o root ${.CURDIR}/ldapd.conf
${.OBJDIR}/ldapd1.conf
@${SUDO} ldapd -n -r ${.OBJDIR} -f ${.OBJDIR}/ldapd1.conf
- @${SUDO} ldapd -dvv -r ${.OBJDIR} -f ${.OBJDIR}/ldapd1.conf >
${.OBJDIR}/log 2>&1 &
+ @${SUDO} ldapd -dvv -r ${.OBJDIR} -f ${.OBJDIR}/ldapd1.conf >
${.OBJDIR}/log 2>&1 & \
+ echo $$! > ${.OBJDIR}/ldapd.pid
@sleep 1
- @grep -a startup ${.OBJDIR}/log |sed -e 's/.*\[// ; s/\].*//' >
${.OBJDIR}/ldapd.pid
.if ! (make(clean) || make(cleandir) || make(obj))
.END:
ldapd: fix regress
unbreak ldapd regress,
everything seems to be working fine.
;;x250 ~/src/regress/usr.sbin/ldapd> make ; echo $?
configuration ok
ldapsearch -x -H ldapi://%2ftmp%2fldapi | diff -
/home/gsoares/src/regress/usr.sbin/ldapd/out/empty.log
ldapsearch -x -p 6639 -h localhost 2>&1 | diff -
/home/gsoares/src/regress/usr.sbin/ldapd/out/empty.log
ldapsearch -x -p 6636 -h localhost 2>&1 | diff -
/home/gsoares/src/regress/usr.sbin/ldapd/out/empty.log
configuration ok
ldapadd -f /home/gsoares/src/regress/usr.sbin/ldapd/dit-example.ldif
-Dcn=admin,dc=example,dc=com -x -w secret -h localhost -p 6639 | diff -
/home/gsoares/src/regress/usr.sbin/ldapd/out/adding.log
ldapsearch -x -b dc=example,dc=com -h localhost -p 6639 | diff -
/home/gsoares/src/regress/usr.sbin/ldapd/out/example.log
ldapsearch -x -D cn=admin,dc=example,dc=com -w secret -b dc=example,dc=com -h
localhost -p 6639 | diff -
/home/gsoares/src/regress/usr.sbin/ldapd/out/example.log
configuration ok
1 ldap entries
cn=admin,dc=example,dc=com
configuration ok
ldapdelete -Dcn=admin,dc=example,dc=com -x -w secret -h localhost -p 6639 -r
dc=example,dc=com
ldapsearch -x -p 6639 -h localhost 2>&1 | diff -
/home/gsoares/src/regress/usr.sbin/ldapd/out/empty.log
0
Index: Makefile
===
RCS file: /cvs/src/regress/usr.sbin/ldapd/Makefile,v
retrieving revision 1.8
diff -u -p -r1.8 Makefile
--- Makefile25 Jun 2017 22:06:06 - 1.8
+++ Makefile25 Jun 2018 05:20:52 -
@@ -35,7 +35,7 @@ bootstrap:
@${SUDO} ldapd -n -r ${.OBJDIR} -f ${.OBJDIR}/ldapd1.conf
@${SUDO} ldapd -dvv -r ${.OBJDIR} -f ${.OBJDIR}/ldapd1.conf >
${.OBJDIR}/log 2>&1 &
@sleep 1
- @grep -a startup ${.OBJDIR}/log |sed -e 's/.*\[// ; s/\].*//' >
${.OBJDIR}/ldapd.pid
+ @pgrep -n ldapd > ${.OBJDIR}/ldapd.pid
.if ! (make(clean) || make(cleandir) || make(obj))
.END:
ldapd: avoid passing NULL to asprintf(3) when there's no parent dn entry
avoid passing NULL to asprintf(3) when there's no parent dn entry,
this happens when adding a new naming context and then putting the first
rdn in.
Jun 24 23:51:23 x250 ldapd: vfprintf %s NULL in "@%.*s,%.*s"
Jun 25 00:13:14 x250 ldapd: vfprintf %s NULL in "@%.*s,%.*s"
? ldapd.diff
Index: index.c
===
RCS file: /cvs/src/usr.sbin/ldapd/index.c,v
retrieving revision 1.11
diff -u -p -r1.11 index.c
--- index.c 20 Jan 2017 11:55:08 - 1.11
+++ index.c 24 Jun 2018 22:06:04 -
@@ -144,9 +144,14 @@ index_rdn_key(struct namespace *ns, stru
++parent_dn;
}
- if (asprintf(&t, "@%.*s,%.*s", pdnsz, parent_dn, rdnsz,
- (char *)dn->data) == -1)
- return -1;
+ if (!pdnsz) {
+ if (asprintf(&t, "@,%.*s", rdnsz, (char *)dn->data) == -1)
+ return -1;
+ } else {
+ if (asprintf(&t, "@%.*s,%.*s", pdnsz, parent_dn, rdnsz,
+ (char *)dn->data) == -1)
+ return -1;
+ }
normalize_dn(t);
key->data = t;
vmd: sync DPADD with LDADD
sync DPADD with LDADD adding missing ${LIBPTHREAD} to ensure
that binary is rebuilt in case of pthread library changes.
Index: Makefile
===
RCS file: /cvs/src/usr.sbin/vmd/Makefile,v
retrieving revision 1.17
diff -u -p -r1.17 Makefile
--- Makefile3 Jan 2018 05:39:56 - 1.17
+++ Makefile24 Jun 2018 05:31:47 -
@@ -15,7 +15,7 @@ CFLAGS+= -Wshadow -Wpointer-arith -Wcast
CFLAGS+= -Wsign-compare
LDADD+=-lutil -lpthread -levent
-DPADD+=${LIBUTIL} ${LIBEVENT}
+DPADD+=${LIBUTIL} ${LIBPTHREAD} ${LIBEVENT}
YFLAGS=
spamlogd: add missing ${LIBCRYPTO} to DPADD
add missing ${LIBCRYPTO}
Index: Makefile
===
RCS file: /cvs/src/libexec/spamlogd/Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 Makefile
--- Makefile21 Aug 2013 16:13:30 - 1.7
+++ Makefile24 Jun 2018 04:04:42 -
@@ -6,7 +6,7 @@ MAN=spamlogd.8
CFLAGS+= -Wall -Wstrict-prototypes -I${.CURDIR}/../spamd
LDADD+= -lpcap -lcrypto
-DPADD+=${LIBPCAP}
+DPADD+=${LIBPCAP} ${LIBCRYPTO}
.PATH: ${.CURDIR}/../spamd
.include
sasyncd: remove redundant memset() call
calloc() already filled all the memory block to 0, zap memset().
Index: pfkey.c
===
RCS file: /cvs/src/usr.sbin/sasyncd/pfkey.c,v
retrieving revision 1.28
diff -u -p -r1.28 pfkey.c
--- pfkey.c 18 Apr 2017 02:29:56 - 1.28
+++ pfkey.c 24 Jun 2018 04:36:51 -
@@ -115,7 +115,6 @@ pfkey_send_flush(struct syncpeer *p)
static u_int32_t seq = 1;
if (m) {
- memset(m, 0, sizeof *m);
m->sadb_msg_version = PF_KEY_V2;
m->sadb_msg_seq = seq++;
m->sadb_msg_type = SADB_FLUSH;
Re: use __func__ in iked util.c log_debug
On Fri, Jun 22, 2018 at 08:58:24AM -0400, Rob Pierce wrote:
> ok?
looks good to me,
>
> Index: util.c
> ===
> RCS file: /cvs/src/sbin/iked/util.c,v
> retrieving revision 1.35
> diff -u -p -r1.35 util.c
> --- util.c13 Dec 2017 08:27:06 - 1.35
> +++ util.c22 Jun 2018 12:52:09 -
> @@ -703,7 +703,7 @@ expand_string(char *label, size_t len, c
> char *p, *q;
>
> if ((tmp = calloc(1, len)) == NULL) {
> - log_debug("expand_string: calloc");
> + log_debug("%s: calloc", __func__);
> return (-1);
> }
> p = q = label;
> @@ -711,7 +711,7 @@ expand_string(char *label, size_t len, c
> *q = '\0';
> if ((strlcat(tmp, p, len) >= len) ||
> (strlcat(tmp, repl, len) >= len)) {
> - log_debug("expand_string: string too long");
> + log_debug("%s: string too long", __func__);
> free(tmp);
> return (-1);
> }
> @@ -719,7 +719,7 @@ expand_string(char *label, size_t len, c
> p = q;
> }
> if (strlcat(tmp, p, len) >= len) {
> - log_debug("expand_string: string too long");
> + log_debug("%s: string too long", __func__);
> free(tmp);
> return (-1);
> }
>
Re: ldap(1) -y secretfile
On Wed, Jun 20, 2018 at 04:32:34PM +0200, Reyk Floeter wrote: > Hi, > > the following diff adds support for reading the bind secret from a > file; this allows to hide it from ps. The -y flag is once again > compatible with OpenLDAP's client. > > Pointed out by Tim Chase on Twitter. > > OK? builds and runs fine here. ;;x250 ~/hack/cvs/src/usr.bin/ldap> ./ldap search -c /etc/ldap/certs/lo0.crt -H ldaps://localhost -D \ "cn=admin,dc=trusted,dc=com,dc=br" -b \ "ou=people,dc=trusted,dc=com,dc=br" -y secret ou: people description: All people in organisation objectclass: organizationalunit dn: cn=gleydson soares,ou=people,dc=trusted,dc=com,dc=br objectclass: inetOrgPerson cn: Gleydson Soares sn: Gleydson uid: gsoares <...> i like it, ok gsoares@
vmd: def nitems() locally
hi, following diff defines nitems locally and stop including Index: control.c === RCS file: /cvs/src/usr.sbin/vmd/control.c,v retrieving revision 1.22 diff -u -p -r1.22 control.c --- control.c 8 Sep 2017 06:24:31 - 1.22 +++ control.c 30 Apr 2018 22:45:22 - @@ -17,7 +17,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#include /* nitems */ #include #include #include Index: priv.c === RCS file: /cvs/src/usr.sbin/vmd/priv.c,v retrieving revision 1.13 diff -u -p -r1.13 priv.c --- priv.c 11 Nov 2017 02:50:07 - 1.13 +++ priv.c 30 Apr 2018 22:45:22 - @@ -16,7 +16,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#include /* nitems */ #include #include #include Index: vmd.c === RCS file: /cvs/src/usr.sbin/vmd/vmd.c,v retrieving revision 1.84 diff -u -p -r1.84 vmd.c --- vmd.c 25 Apr 2018 15:49:48 - 1.84 +++ vmd.c 30 Apr 2018 22:45:22 - @@ -16,7 +16,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#include /* nitems */ #include #include #include Index: vmd.h === RCS file: /cvs/src/usr.sbin/vmd/vmd.h,v retrieving revision 1.68 diff -u -p -r1.68 vmd.h --- vmd.h 27 Apr 2018 12:15:10 - 1.68 +++ vmd.h 30 Apr 2018 22:45:22 - @@ -35,6 +35,10 @@ #ifndef VMD_H #define VMD_H +#ifndef nitems +#define nitems(_a) (sizeof((_a)) / sizeof((_a)[0])) +#endif + #define SET(_v, _m)((_v) |= (_m)) #define CLR(_v, _m)((_v) &= ~(_m)) #define ISSET(_v, _m) ((_v) & (_m)) Index: vmm.c === RCS file: /cvs/src/usr.sbin/vmd/vmm.c,v retrieving revision 1.81 diff -u -p -r1.81 vmm.c --- vmm.c 13 Apr 2018 17:12:44 - 1.81 +++ vmm.c 30 Apr 2018 22:45:22 - @@ -16,7 +16,6 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#include /* nitems */ #include #include #include
Re: ldapd: one negation is enough
Florian Obser writes:
> this made my head hurt, pointed out by clang.
>
> "logical not is only applied to the left hand side of this comparison
> [-Wlogical-not-parentheses]"
>
> OK?
oh I realized I had forgotten something,
I've this change in my tree for months and ok'ed by millert@.
please commit it, OK gsoares
>
> diff --git ldapd/modify.c ldapd/modify.c
> index f5d9007faaa..485d0fcfba9 100644
> --- ldapd/modify.c
> +++ ldapd/modify.c
> @@ -132,7 +132,7 @@ ldap_add(struct request *req)
> return ldap_refer(req, dn, NULL, refs);
> }
>
> - if (!authorized(req->conn, ns, ACI_WRITE, dn, LDAP_SCOPE_BASE) != 0)
> + if (!authorized(req->conn, ns, ACI_WRITE, dn, LDAP_SCOPE_BASE))
> return ldap_respond(req, LDAP_INSUFFICIENT_ACCESS);
>
> /* Check that we're not adding immutable attributes.
> @@ -242,7 +242,7 @@ ldap_modify(struct request *req)
> return ldap_refer(req, dn, NULL, refs);
> }
>
> - if (!authorized(req->conn, ns, ACI_WRITE, dn, LDAP_SCOPE_BASE) != 0)
> + if (!authorized(req->conn, ns, ACI_WRITE, dn, LDAP_SCOPE_BASE))
> return ldap_respond(req, LDAP_INSUFFICIENT_ACCESS);
>
> if (namespace_begin(ns) == -1) {
>
>
> --
> I'm not entirely sure you are real.
Re: pfctl: Fix function name in errx(3) message
> What about the other calls to calloc(3); shouldn't we keep their > respective error messages consistent? seems that several err()/errx() calls in pfctl code are hard-coding the function name... instead of hard code, maybe those calls should be changed to: errx(1, "%s: anystring", __func__)
Re: Improved support for Apple trackpads: tests needed
Hi Ulf, > This patch for ubcmtp makes it use the multitouch-input functions of > wsmouse. It's the first driver that would apply the "tracking" variant > (wsmouse_mtframe). > > No wonders will result from the change, but the two-finger gestures that > involve movement - scrolling and click-and-drag with two fingers on a > clickpad - should work without flaws. > > A quick way to check whether all touch positions are available and the > selection of the active touch works properly is two-finger-scrolling, > performed with only one finger moving, then switching to the other one. > > Please note that click-and-drag will still require that the "ClickPad" > attribute is set in the synaptics(4) configuration. > > The patch has been tested on a MacBookPro 8,2 (from 2011). It would be > nice to learn that it doesn't introduce regressions on older or newer > models. > > If you don't use a brand-new version of the synaptics driver, you may > encounter the following bug: If the X cursor is in a window with > scrollable content and you put two finger on the touchpad without moving > them, the window content may quickly scroll up and down by a small > distance. This bug is fixed in the latest version. i've been running a kernel with your patch in, works here, MacBookAir 6,1 notable improvement, gestures is more responsive, i've tested text selection and scrolling with two-fingers and also by putting one-finger and scroling with the second finger... works fine... thanks for the patch, it's just makes my life more confortable. // gsoares
Re: undocumented -P/-I in relayd, vmd, httpd, ...
Philipp Buehler writes: > Hi there, > > while crawling through relayd source, I noticed that there is I:P: in > getopt. > P is obviously setting the proc-title, but I am unsure what to "get" > from an > instance-number via -I. > > This found way into httpd, snmpd, switchd and vmd also; mainly while > g2k16. > > If someone dares to explain it, I can mop up a diff for the manpages. > > ciao > -- > pb This is for internal use only. -P/-I flags were introduced to deal with fork+exec,
Re: fix uname.3 manpage.
Philip Guenther writes:
>
> On Sat, 8 Oct 2016, Gleydson Soares wrote:
> > uname(3) function returns 0 on successful and -1 on failure.
> > "non-negative value" is wrong here.
>
> Hmm, that's a direct quote from the standard. While our implementation
> only returns zero on success, an application which checked for a return
> value of exactly zero would be non-portable.
>
>
> Philip
I stlumbled upon it, while reading uname(1) code.
src/usr.bin/uname/uname.c:104
if (uname(&u))
err(1, NULL);
Index: uname.c
===
RCS file: /cvs/src/usr.bin/uname/uname.c,v
retrieving revision 1.17
diff -u -p -r1.17 uname.c
--- uname.c 24 Dec 2015 15:01:24 - 1.17
+++ uname.c 9 Oct 2016 18:41:31 -
@@ -101,7 +101,7 @@ main(int argc, char *argv[])
print_mask = PRINT_SYSNAME;
}
- if (uname(&u))
+ if (uname(&u) == -1)
err(1, NULL);
if (print_mask & PRINT_SYSNAME) {
fix uname.3 manpage.
uname(3) function returns 0 on successful and -1 on failure. "non-negative value" is wrong here. Index: uname.3 === RCS file: /cvs/src/lib/libc/gen/uname.3,v retrieving revision 1.15 diff -u -p -r1.15 uname.3 --- uname.3 21 Jan 2014 03:15:45 - 1.15 +++ uname.3 9 Oct 2016 17:50:16 - @@ -65,7 +65,7 @@ Machine hardware platform. .Sh RETURN VALUES The .Fn uname -function returns a non-negative value if successful; +function returns 0 if successful; otherwise the value -1 is returned and the global variable .Va errno is set to indicate the error.
passwd(1) - use explicit_bzero(3)
after recents passwd(1) changes, We should use explicit_bzero(3) for
clearing these sensitive strings.
OK?
Index: local_passwd.c
===
RCS file: /cvs/src/usr.bin/passwd/local_passwd.c,v
retrieving revision 1.50
diff -u -p -r1.50 local_passwd.c
--- local_passwd.c 31 Aug 2016 12:41:19 - 1.50
+++ local_passwd.c 31 Aug 2016 14:17:40 -
@@ -174,8 +174,10 @@ getnewpasswd(struct passwd *pw, login_ca
}
if (crypt_checkpass(p, pw->pw_passwd) != 0) {
errno = EACCES;
+ explicit_bzero(oldpass, sizeof(oldpass));
pw_error(NULL, 1, 1);
}
+ explicit_bzero(oldpass, sizeof(oldpass));
}
}
@@ -204,6 +206,7 @@ getnewpasswd(struct passwd *pw, login_ca
if (p != NULL && strcmp(newpass, p) == 0)
break;
(void)printf("Mismatch; try again, EOF to quit.\n");
+ explicit_bzero(newpass, sizeof(newpass));
}
(void)signal(SIGINT, saveint);
@@ -212,8 +215,10 @@ getnewpasswd(struct passwd *pw, login_ca
pref = login_getcapstr(lc, "localcipher", NULL, NULL);
if (crypt_newhash(newpass, pref, hash, sizeof(hash)) != 0) {
(void)printf("Couldn't generate hash.\n");
+ explicit_bzero(newpass, sizeof(newpass));
pw_error(NULL, 0, 0);
}
+ explicit_bzero(newpass, sizeof(newpass));
free(pref);
return hash;
}
pf.conf X11 rule.
Xserver no longer listen on tcp 6000:6010 by default. I wonder if that pf rule is still necessary. Index: pf.conf === RCS file: /cvs/src/etc/pf.conf,v retrieving revision 1.54 diff -u -p -r1.54 pf.conf --- pf.conf 23 Aug 2014 05:49:42 - 1.54 +++ pf.conf 28 Aug 2016 01:22:26 - @@ -6,6 +6,3 @@ set skip on lo block return # block stateless traffic pass # establish keep-state - -# By default, do not permit remote connections to X11 -block return in on ! lo0 proto tcp to port 6000:6010
Re: wifind(8) find your wifi
On Thu, Jun 2, 2016 at 7:52 PM, Mike Belopuhov wrote: > On 3 June 2016 at 00:17, Gleydson Soares wrote: >> I usually just use a small script that lives in ~/bin >> > > It's a great name, though. Oops, Disregard it... it was a reply to: http://marc.info/?l=openbsd-misc&m=146488514620893&w=2 unintentionally I sent to tech@, my mailclient won the fight...
wifind(8) find your wifi
I usually just use a small script that lives in ~/bin cat ~/bin/wifi #!/bin/sh if [[ $1 == "home" ]]; then doas ifconfig run0 nwid foonet wpa wpakey ultrasecret doas dhclient run0 fi
Re: doas: adjust yyerror() output
> what about just printing "doas: "? I prefer not hardcoded string, although I've committed as you pointed out,
doas: adjust yyerror() output
I just stumbled over this...
% doas abc
syntax error at line 1
%
I took some secs trying to figure out what was wrong with abc's command syntax
that I typed out.
But bingo, It was happenned due my doas.conf has a syntax error...
Seems that yyerror() doesn't print out the progname's string,
sounds better for a quick diagnosis?
% doas abc
doas: syntax error at line 1
%
sounds better for a quick diagnosis?
OK?
Index: parse.y
===
RCS file: /cvs/src/usr.bin/doas/parse.y,v
retrieving revision 1.14
diff -u -p -r1.14 parse.y
--- parse.y 4 Dec 2015 09:41:49 - 1.14
+++ parse.y 26 Apr 2016 01:37:57 -
@@ -176,6 +176,7 @@ yyerror(const char *fmt, ...)
{
va_list va;
+ fprintf(stderr, "%s: ", getprogname());
va_start(va, fmt);
vfprintf(stderr, fmt, va);
va_end(va);
Re: ldapd: add -r option to specify datadir path
> Here's a similar diff for ldapctl, thoughts? With your tweaks sounds much better. OK gsoares@
Re: ldapd: add -r option to specify datadir path
> Thinking about it .. would a call to access(2) with R_OK|W_OK|R_OK|F_OK > satisfy > everyone ? Or only F_OK ? Sounds better than chdir(2), but it will lack if datadir was passed to access(2) without including trailing "/" eg with access(datadir, F_OK): $ touch /home/gsoares/testfile <- creating a file, not a directory $ doas ./ldapd -r /home/gsoares/testfile ; echo $? <- no trailing /home/gsoares/testfile"/" 0 so for directory existence check, I would suggest to use just stat(2). diff attached. Index: ldapd.c === RCS file: /cvs/src/usr.sbin/ldapd/ldapd.c,v retrieving revision 1.17 diff -u -p -r1.17 ldapd.c --- ldapd.c 1 Feb 2016 20:00:18 - 1.17 +++ ldapd.c 2 Feb 2016 10:10:43 - @@ -17,6 +17,7 @@ */ #include +#include #include #include #include @@ -117,6 +118,7 @@ main(int argc, char *argv[]) struct event ev_sigterm; struct event ev_sigchld; struct event ev_sighup; + struct stat s; datadir = DATADIR; log_init(1);/* log to stderr until daemonized */ @@ -178,8 +180,8 @@ main(int argc, char *argv[]) skip_chroot = 1; } - if (datadir && chdir(datadir)) - err(1, "chdir"); + if ((stat(datadir, &s) == -1) || !S_ISDIR(s.st_mode)) + errx(1, "Invalid directory"); if (!skip_chroot && (pw = getpwnam(LDAPD_USER)) == NULL) err(1, "%s", LDAPD_USER);
Re: ldapd: add -r option to specify datadir path
On Mon, Feb 1, 2016 at 5:13 PM, Jérémie Courrèges-Anglas wrote: > Gleydson Soares writes: > >> Hi Landry, >> >> On Sun, Jan 31, 2016 at 09:39:52AM +0100, Landry Breuil wrote: >>> Hi, >>> >>> i'm tinkering with ldapd and writing regress tests for it, and to >>> allow running independent instances (with separate port/control >>> socket/etc) i needed to add the possibility to specify an alternative >>> datadir, which was so far #defined in the code. >>> Patch is pretty simple and works fine, i'm open to suggestions of course >>> on a better wording for the manpage and option choose (i went for -r..) >>> okays welcome too ! >> >> slight tweak, >> looks like it is missing a chdir(3) to check failure if an >> invalid(nonexistent) >> datadir was passed to optarg. >> >> I just added these lines in ldapd.c: >> 159 if (datadir && chdir(datadir)) >> 160 err(1, "chdir"); > > Hum, while a check would be nicer, I prefer when daemons stick to /. It is. ldape() will take care right afterwards.
Re: ldapd: add -r option to specify datadir path
Hi Landry,
On Sun, Jan 31, 2016 at 09:39:52AM +0100, Landry Breuil wrote:
> Hi,
>
> i'm tinkering with ldapd and writing regress tests for it, and to
> allow running independent instances (with separate port/control
> socket/etc) i needed to add the possibility to specify an alternative
> datadir, which was so far #defined in the code.
> Patch is pretty simple and works fine, i'm open to suggestions of course
> on a better wording for the manpage and option choose (i went for -r..)
> okays welcome too !
slight tweak,
looks like it is missing a chdir(3) to check failure if an invalid(nonexistent)
datadir was passed to optarg.
I just added these lines in ldapd.c:
159 if (datadir && chdir(datadir))
160 err(1, "chdir");
% doas ./ldapd -r /home/gsoares/non-existentdoas
ldapd: chdir: No such file or directory
%
updated diff attached.
Index: ldapd.8
===
RCS file: /cvs/src/usr.sbin/ldapd/ldapd.8,v
retrieving revision 1.12
diff -u -p -r1.12 ldapd.8
--- ldapd.8 11 Aug 2014 08:21:55 - 1.12
+++ ldapd.8 1 Feb 2016 18:51:17 -
@@ -57,6 +57,11 @@ Use
.Ar file
as the configuration file, instead of the default
.Pa /etc/ldapd.conf .
+.It Fl r Ar directory
+Store and read database files in
+.Ar directory
+, instead of the default
+.Pa /var/db/ldap .
.It Fl n
Configtest mode.
Only check the configuration file for validity.
Index: ldapd.c
===
RCS file: /cvs/src/usr.sbin/ldapd/ldapd.c,v
retrieving revision 1.15
diff -u -p -r1.15 ldapd.c
--- ldapd.c 24 Dec 2015 17:47:57 - 1.15
+++ ldapd.c 1 Feb 2016 18:51:17 -
@@ -48,6 +48,7 @@ static voidldapd_log_verbose(struct im
struct ldapd_stats stats;
pid_t ldape_pid;
+char * datadir;
void
usage(void)
@@ -55,7 +56,7 @@ usage(void)
extern char *__progname;
fprintf(stderr, "usage: %s [-dnv] [-D macro=value] "
- "[-f file] [-s file]\n", __progname);
+ "[-f file] [-r directory] [-s file]\n", __progname);
exit(1);
}
@@ -115,9 +116,10 @@ main(int argc, char *argv[])
struct event ev_sigchld;
struct event ev_sighup;
+ datadir = DATADIR;
log_init(1);/* log to stderr until daemonized */
- while ((c = getopt(argc, argv, "dhvD:f:ns:")) != -1) {
+ while ((c = getopt(argc, argv, "dhvD:f:nr:s:")) != -1) {
switch (c) {
case 'd':
debug = 1;
@@ -137,6 +139,9 @@ main(int argc, char *argv[])
case 'n':
configtest = 1;
break;
+ case 'r':
+ datadir = optarg;
+ break;
case 's':
csockpath = optarg;
break;
@@ -174,6 +179,9 @@ main(int argc, char *argv[])
if (!skip_chroot && (pw = getpwnam(LDAPD_USER)) == NULL)
err(1, "%s", LDAPD_USER);
+ if (datadir && chdir(datadir))
+ err(1, "chdir");
+
if (!debug) {
if (daemon(1, 0) == -1)
err(1, "failed to daemonize");
@@ -343,7 +351,7 @@ ldapd_open_request(struct imsgev *iev, s
/* make sure path is null-terminated */
oreq->path[PATH_MAX] = '\0';
- if (strncmp(oreq->path, DATADIR, strlen(DATADIR)) != 0) {
+ if (strncmp(oreq->path, datadir, strlen(datadir)) != 0) {
log_warnx("refusing to open file %s", oreq->path);
fatal("ldape sent invalid open request");
}
Index: namespace.c
===
RCS file: /cvs/src/usr.sbin/ldapd/namespace.c,v
retrieving revision 1.14
diff -u -p -r1.14 namespace.c
--- namespace.c 24 Dec 2015 17:47:57 - 1.14
+++ namespace.c 1 Feb 2016 18:51:17 -
@@ -38,6 +38,7 @@ static voidnamespace_queue_replay(int
static int namespace_set_fd(struct namespace *ns,
struct btree **bt, int fd, unsigned int flags);
+extern char*datadir;
int
namespace_begin_txn(struct namespace *ns, struct btree_txn **data_txn,
struct btree_txn **indx_txn, int rdonly)
@@ -115,7 +116,7 @@ namespace_open(struct namespace *ns)
if (ns->sync == 0)
db_flags |= BT_NOSYNC;
- if (asprintf(&ns->data_path, "%s/%s_data.db", DATADIR, ns->suffix) < 0)
+ if (asprintf(&ns->data_path, "%s/%s_data.db", datadir, ns->suffix) < 0)
return -1;
log_info("opening namespace %s", ns->suffix);
ns->data_db = btree_open(ns->data_path, db_flags | BT_REVERSEKEY, 0644);
@@ -124,7 +125,7 @@ namespace_open(struct namespace *ns)
btree_set_cache_size(ns->data_db, ns->cache_size);
- if (asprintf(&ns->indx_pa
domainname(1) - make usage __dead
make usage() __dead and static, while here switch main to return instead of
exit(3)
? domainname
Index: domainname.c
===
RCS file: /cvs/src/bin/domainname/domainname.c,v
retrieving revision 1.9
diff -u -p -r1.9 domainname.c
--- domainname.c16 Jan 2015 06:39:31 - 1.9
+++ domainname.c29 Jan 2016 18:06:46 -
@@ -39,7 +39,7 @@
extern char *__progname;
-void usage(void);
+__dead static void usage(void);
int
main(int argc, char *argv[])
@@ -66,10 +66,10 @@ main(int argc, char *argv[])
err(1, "getdomainname");
(void)printf("%s\n", domainname);
}
- exit(0);
+ return(0);
}
-void
+__dead static void
usage(void)
{
(void)fprintf(stderr, "usage: %s [name-of-domain]\n", __progname);
Re: whitespace patch rm.c
Looks right and obvious. OK gsoares@
On Wed, Jan 27, 2016 at 8:25 PM, Edgar Pettijohn
wrote:
> Index: rm.c
> ===
> RCS file: /cvs/src/bin/rm/rm.c,v
> retrieving revision 1.35
> diff -u -p -u -r1.35 rm.c
> --- rm.c17 Nov 2015 17:17:24 -1.35
> +++ rm.c27 Jan 2016 23:20:05 -
> @@ -399,7 +399,7 @@ checkdot(char **argv)
> complained = 0;
> for (t = argv; *t;) {
> /* strip trailing slashes */
> -p = strrchr (*t, '\0');
> +p = strrchr(*t, '\0');
> while (--p > *t && *p == '/')
> *p = '\0';
>
>
> Not subscribed to list "cc" if you wish.
>
Re: [PATCH] octeon.html
committed, thanks!
Re: ARP input path without KERNEL_LOCK
On Tue, Dec 29, 2015 at 7:23 AM, Martin Pieuchot wrote: > I got one positive test report from Hrvoje Popovski and one from mxb, > anybody else tried this diff? seems fine here, no regressions so far...
Re: [patch] basename(1) tweaks
>> - activate stack protector > > Hm? Changing the exit to a return does this? yes, stack protector only works if the function returns.
relayctl(8): add manpage "log" bits
hi, as spotted out by Luis Gustavo on misc@ http://marc.info/?l=openbsd-misc&m=144859324815165&w=2 relayct(8) manpage is missing the "log" bits. here is a diff to fix that OKs? // gsoares ? relayctl Index: relayctl.8 === RCS file: /cvs/src/usr.sbin/relayctl/relayctl.8,v retrieving revision 1.31 diff -u -p -r1.31 relayctl.8 --- relayctl.8 24 Jul 2015 15:25:08 - 1.31 +++ relayctl.8 27 Nov 2015 04:03:43 - @@ -42,6 +42,10 @@ Enable the host. Start checking its health again. .It Cm load Ar filename Reload the configuration from the specified file. +.It Cm log brief +Disable verbose debug logging. +.It Cm log verbose +Enable verbose debug logging. .It Cm monitor Continuously report any changes in the host checking engine and the .Xr pf 4
Re: ntpd(8): Make -n quieter
On Tue, Sep 01, 2015 at 09:21:03AM +0200, Peter Hessler wrote: > On 2015 Aug 31 (Mon) at 14:28:11 -0400 (-0400), Michael Reed wrote: > :On 08/31/15 07:36, Sebastian Benoit wrote: > :> Michael Reed(m.r...@mykolab.com) on 2015.08.30 14:58:35 -0400: > :>> Hi all, > :>> > :>> If ntpd is run with the -n flag, and /etc/ntpd.conf is parsed without > :>> error, then "Configuration OK" is printed. I don't think this is > :>> particularly useful, as both a lack of an error message and an exit > :>> value of 0 already indicate success in this case. This seems to be the > :>> case for most (many?) programs in the base system, such as doas(1). > :> > :> I like the message. Why is it a problem? > :> > :> /Benno > :> > : > :It's admittedly not much of a problem, more just to follow the Unix > :principle of saying nothing if there's nothing wrong. > : > :Regards, > :Michael > : > > In my mind, -n is explicitly asking for a configuration check, so > explicitly telling me it's OK is a good thing. sure, and if anyone wants less bother, just redirect the stderr like $ ntpd -n -f /etc/ntpd.conf 2>/dev/null ; echo $? 0 //gsoares
Re: [patch]file: xstrdup just wrappes strdup(3)
> + err(1, "xstrdup"); slight tweak, usually the err output is: err(1, "strdup")
Re: FUSE Patches
Stefan Sperling writes: > On Sun, Feb 22, 2015 at 01:17:27AM +0800, Helg wrote: >> I thought I might be a bit late with this but thanks for letting me >> know. I'll keep working on it and submit the patches individually once >> 5.7 is released. > > Any news? FUSE patches are exciting... I'm Looking forward to build and test them
Re: Fix for connect race in relayd
> (The pastebin expire) patches on tech@ are preferably as inline(text/plain) in the body of the email. and make sure that your mail client doesn't corrupt it. most openbsd developers uses mutt, but there are a lot of MUAs that handle correctly inline content disposition without mangling the diff ( mail/alpine, mail/mew, mail/mu) or even git-format-patch/git-send-email... cheers, gsoares
Re: test null before free in relayd
On Mon, May 25, 2015 at 1:23 PM, sven falempin wrote: > Index: relay.c > === > RCS file: /cvs/src/usr.sbin/relayd/relay.c,v > retrieving revision 1.194 > diff -u -p -r1.194 relay.c > --- relay.c 18 May 2015 16:57:20 - 1.194 > +++ relay.c 25 May 2015 16:20:16 - > @@ -1649,8 +1649,7 @@ relay_close(struct rsession *con, const > __func__, relay_inflight); > } > } > - if (con->se_in.buf != NULL) > - free(con->se_in.buf); > + free(con->se_in.buf); > > if (con->se_out.bev != NULL) > bufferevent_free(con->se_out.bev); > > > -- > - > () ascii ribbon campaign - against html e-mail > /\ your diff is incomplete... well, why just this occurrence? there is others check null before free(3) in same file. and please, be more specific adding more details about your changes: eg.: (I am removing the null check here, because free(3) itself already check against null).
Re: mg(1) segfault
> I hate the startup file.
> Look, this is a use after free, but I can't find it...
>
> #0 0x1b9de0b1b77f in definemacro (f=0, n=1)
> at /usr/src/usr.bin/mg/macro.c:43
> 43 lp2 = lp1->l_fp;
> (gdb) p *maclhead
> $1 = {l_fp = 0xdfdfdfdfdfdfdfdf, l_bp = 0xdfdfdfdfdfdfdfdf,
> l_size = -538976289, l_used = -538976289,
> l_text = 0xdfdfdfdfdfdfdfdf }
seems that it is in excline(), look:
src/usr.bin/mg/extend.c:907
lp = maclcur->l_fp;
while (lp != maclcur) {
np = lp->l_fp;
free(lp);
lp = np;
}
free(lp);
return (status);
excline() loads .mg file and free(lp) lines afterwards.
following diff add a cleanline check to make sure that the cleanup was already
done or not.
avoid user after free in definemacro()/macro.c:45 in cases where excline() take
care of the free lines cleanup.
? mg
Index: extend.c
===
RCS file: /cvs/src/usr.bin/mg/extend.c,v
retrieving revision 1.61
diff -u -p -u -p -r1.61 extend.c
--- extend.c24 Mar 2015 22:28:10 - 1.61
+++ extend.c11 Apr 2015 04:41:38 -
@@ -910,6 +910,7 @@ cleanup:
free(lp);
lp = np;
}
+ cleanline = 1;
free(lp);
return (status);
}
Index: macro.c
===
RCS file: /cvs/src/usr.bin/mg/macro.c,v
retrieving revision 1.16
diff -u -p -u -p -r1.16 macro.c
--- macro.c 19 Mar 2015 21:22:15 - 1.16
+++ macro.c 11 Apr 2015 04:41:38 -
@@ -15,6 +15,7 @@
#include "key.h"
#include "macro.h"
+int cleanline = 0;
int inmacro = FALSE; /* Macro playback in progess */
int macrodef = FALSE; /* Macro recording in progress */
int macrocount = 0;
@@ -38,7 +39,7 @@ definemacro(int f, int n)
}
/* free lines allocated for string arguments */
- if (maclhead != NULL) {
+ if (!cleanline && maclhead != NULL) {
for (lp1 = maclhead->l_fp; lp1 != maclhead; lp1 = lp2) {
lp2 = lp1->l_fp;
free(lp1);
Index: macro.h
===
RCS file: /cvs/src/usr.bin/mg/macro.h,v
retrieving revision 1.7
diff -u -p -u -p -r1.7 macro.h
--- macro.h 18 Nov 2005 20:56:53 - 1.7
+++ macro.h 11 Apr 2015 04:41:38 -
@@ -6,6 +6,7 @@
#define MAXMACRO 256 /* maximum functs in a macro */
+extern int cleanline;
extern int inmacro;
extern int macrodef;
extern int macrocount;
Re: mg(1) segfault
> return (macrodef = FALSE);
but we shouldn't change macrodef here.
? mg
? mg_segfault.diff
? v2_mg_segfault.diff
Index: macro.c
===
RCS file: /cvs/src/usr.bin/mg/macro.c,v
retrieving revision 1.16
diff -u -p -u -p -r1.16 macro.c
--- macro.c 19 Mar 2015 21:22:15 - 1.16
+++ macro.c 4 Apr 2015 16:09:38 -
@@ -34,11 +34,11 @@ definemacro(int f, int n)
if (macrodef) {
ewprintf("already defining macro");
- return (macrodef = FALSE);
+ return (FALSE);
}
/* free lines allocated for string arguments */
- if (maclhead != NULL) {
+ if (macrodef && maclhead != NULL) {
for (lp1 = maclhead->l_fp; lp1 != maclhead; lp1 = lp2) {
lp2 = lp1->l_fp;
free(lp1);
mg(1) segfault
mg(1) segfault.
it is triggered as follows:
1- echo "(start-kbd-macro)" >> $HOME/.mg
2- open mg and type twice C-x (
find below the backtrace and a patch to fix.
OK?
Program received signal SIGBUS, Bus error.
definemacro (f=Variable "f" is not available.
) at macro.c:43
43 lp2 = lp1->l_fp;
(gdb) backtrace
#0 definemacro (f=Variable "f" is not available.
) at macro.c:43
#1 0x038cecf15606 in doin () at kbd.c:158
#2 0x038cecf16d4b in main (argc=Variable "argc" is not available.
) at main.c:188
(gdb)
? mg
? mg_segfault.diff
Index: macro.c
===
RCS file: /cvs/src/usr.bin/mg/macro.c,v
retrieving revision 1.16
diff -u -p -r1.16 macro.c
--- macro.c 19 Mar 2015 21:22:15 - 1.16
+++ macro.c 4 Apr 2015 13:45:15 -
@@ -38,7 +38,7 @@ definemacro(int f, int n)
}
/* free lines allocated for string arguments */
- if (maclhead != NULL) {
+ if (macrodef && maclhead != NULL) {
for (lp1 = maclhead->l_fp; lp1 != maclhead; lp1 = lp2) {
lp2 = lp1->l_fp;
free(lp1);
Re: [miniroot/install.sub] skip x* sets if do not expect to run X.
please, disregard this diff. it is definitely wrong. -- gsoares
[miniroot/install.sub] skip x* sets if do not expect to run X.
the diff below changes src/distrib/miniroot/install.sub to by default skip x*
sets if someone do not expect to run X
"Do you expect to run the X Window System [no]"
if someone still want to install those sets may select by hand afterwards:
"Set name(s)? (or 'abort' or 'done') [done] x*"
i've compile a RAMDISK_CD and seems to work fine.
ok? feedback?
Index: install.sub
===
RCS file: /cvs/src/distrib/miniroot/install.sub,v
retrieving revision 1.674
diff -u -p -r1.674 install.sub
--- install.sub 2 Jan 2013 20:35:00 - 1.674
+++ install.sub 11 Jan 2013 23:41:45 -
@@ -1098,8 +1098,9 @@ install_files() {
for _f in $THESETS; do
isin $_f $_files || continue;
_sets=$(addel $_f $_sets)
- if [[ -z $DISPLAY && ! -d /mnt/etc/X11 ]]; then
- # No displays and X isn't installed ==> skip X sets
+ if [[ -z $DISPLAY && ! -d /mnt/etc/X11 || $x11 == n ]]; then
+ # No displays and X isn't installed or do not expect to
run X
+ # => skip X sets
isin ${_f%${VERSION}.tgz} xbase xetc xshare xfont xserv
&& continue
fi
isin $_f $DEFAULTSETS "site$VERSION-$(hostname -s).tgz" && \
Re: M_DONTWAIT -> M_NOWAIT
On Fri, Dec 28, 2012 at 1:25 PM, Todd C. Miller wrote: > OK for all but that m_split() change where M_DONTWAIT is actually > appropriate. We shouldn't be using M_DONTWAIT for malloc() but it > is correct for the mbuf functions. Ooops. good catch. m_split() was changed by a lack of attention. diff fixed and committed. thanks.
M_DONTWAIT -> M_NOWAIT
following diff tweak malloc(9) to use M_NOWAIT instead of M_DONTWAIT.
this will make the code more consistent since that M_DONTWAIT is a flag defined
for mbuf(9),
so we shouldn't to confuse.
no functional change since that M_DONTWAIT is defined as M_NOWAIT in mbuf.h.
OK ?
Index: net/bpf.c
===
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.82
diff -u -p -r1.82 bpf.c
--- net/bpf.c 21 Dec 2012 11:17:22 - 1.82
+++ net/bpf.c 28 Dec 2012 14:00:32 -
@@ -1482,7 +1482,7 @@ void
bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen)
{
struct bpf_if *bp;
- bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_DONTWAIT);
+ bp = (struct bpf_if *)malloc(sizeof(*bp), M_DEVBUF, M_NOWAIT);
if (bp == 0)
panic("bpfattach");
Index: net/pf_if.c
===
RCS file: /cvs/src/sys/net/pf_if.c,v
retrieving revision 1.63
diff -u -p -r1.63 pf_if.c
--- net/pf_if.c 28 Jul 2011 11:03:49 - 1.63
+++ net/pf_if.c 28 Dec 2012 14:00:32 -
@@ -112,7 +112,7 @@ pfi_kif_get(const char *kif_name)
return (kif);
/* create new one */
- if ((kif = malloc(sizeof(*kif), PFI_MTYPE, M_DONTWAIT|M_ZERO)) == NULL)
+ if ((kif = malloc(sizeof(*kif), PFI_MTYPE, M_NOWAIT|M_ZERO)) == NULL)
return (NULL);
strlcpy(kif->pfik_name, kif_name, sizeof(kif->pfik_name));
Index: net/pfkeyv2.c
===
RCS file: /cvs/src/sys/net/pfkeyv2.c,v
retrieving revision 1.127
diff -u -p -r1.127 pfkeyv2.c
--- net/pfkeyv2.c 26 Sep 2012 14:53:23 - 1.127
+++ net/pfkeyv2.c 28 Dec 2012 14:00:32 -
@@ -155,7 +155,7 @@ pfkeyv2_create(struct socket *socket)
struct pfkeyv2_socket *pfkeyv2_socket;
if (!(pfkeyv2_socket = malloc(sizeof(struct pfkeyv2_socket),
- M_PFKEY, M_DONTWAIT | M_ZERO)))
+ M_PFKEY, M_NOWAIT | M_ZERO)))
return (ENOMEM);
pfkeyv2_socket->next = pfkeyv2_sockets;
@@ -228,7 +228,7 @@ pfkeyv2_sendmessage(void **headers, int
/* ...and allocate it */
if (!(buffer = malloc(j + sizeof(struct sadb_msg), M_PFKEY,
- M_DONTWAIT))) {
+ M_NOWAIT))) {
rval = ENOMEM;
goto ret;
}
@@ -391,7 +391,7 @@ pfkeyv2_policy(struct ipsec_acquire *ipa
return (EINVAL);
}
- if (!(p = malloc(i, M_PFKEY, M_DONTWAIT | M_ZERO))) {
+ if (!(p = malloc(i, M_PFKEY, M_NOWAIT | M_ZERO))) {
rval = ENOMEM;
goto ret;
} else
@@ -606,7 +606,7 @@ pfkeyv2_get(struct tdb *sa, void **heade
goto ret;
}
- if (!(p = malloc(i, M_PFKEY, M_DONTWAIT | M_ZERO))) {
+ if (!(p = malloc(i, M_PFKEY, M_NOWAIT | M_ZERO))) {
rval = ENOMEM;
goto ret;
} else
@@ -893,7 +893,7 @@ pfkeyv2_send(struct socket *socket, void
struct mbuf *packet;
if (!(freeme = malloc(sizeof(struct sadb_msg) + len, M_PFKEY,
- M_DONTWAIT))) {
+ M_NOWAIT))) {
rval = ENOMEM;
goto ret;
}
@@ -958,7 +958,7 @@ pfkeyv2_send(struct socket *socket, void
/* Send a message back telling what the SA (the SPI really) is
*/
if (!(freeme = malloc(sizeof(struct sadb_sa), M_PFKEY,
- M_DONTWAIT | M_ZERO))) {
+ M_NOWAIT | M_ZERO))) {
rval = ENOMEM;
goto ret;
}
@@ -1341,7 +1341,7 @@ pfkeyv2_send(struct socket *socket, void
i = sizeof(struct sadb_supported) + sizeof(ealgs);
- if (!(freeme = malloc(i, M_PFKEY, M_DONTWAIT | M_ZERO))) {
+ if (!(freeme = malloc(i, M_PFKEY, M_NOWAIT | M_ZERO))) {
rval = ENOMEM;
goto ret;
}
@@ -1359,7 +1359,7 @@ pfkeyv2_send(struct socket *socket, void
i = sizeof(struct sadb_supported) + sizeof(aalgs);
- if (!(freeme = malloc(i, M_PFKEY, M_DONTWAIT | M_ZERO))) {
+ if (!(freeme = malloc(i, M_PFKEY, M_NOWAIT | M_ZERO))) {
rval = ENOMEM;
goto ret;
}
@@ -1380,7 +1380,7 @@ pfkeyv2_send(struct socket *socket, void
i = sizeof(struct sadb_supported) + sizeof(calgs);
- if (!(freeme = malloc(i, M_PFKEY, M_DONTWAIT | M_ZERO))) {
+ if (!(freeme = malloc(i, M_PFKEY, M_NOWAIT | M_ZERO))) {
rval = ENOMEM;
goto ret;
}
@@ -1713,7 +1713,7 @@ pfkeyv2_send(struct socket *socket, void
sizeof(struct sad
set ifp->if_baudrate with IF_Gbps() / IF_Mbps()
set ifp->if_baudrate with IF_Gbps() / IF_Mbps(). OK ? Index: if_ste.c === RCS file: /cvs/src/sys/dev/pci/if_ste.c,v retrieving revision 1.48 diff -u -p -r1.48 if_ste.c --- if_ste.c18 Oct 2012 21:44:21 - 1.48 +++ if_ste.c23 Nov 2012 14:07:41 - @@ -931,7 +931,7 @@ ste_attach(struct device *parent, struct ifp->if_ioctl = ste_ioctl; ifp->if_start = ste_start; ifp->if_watchdog = ste_watchdog; - ifp->if_baudrate = 1000; + ifp->if_baudrate = IF_Mbps(100); IFQ_SET_MAXLEN(&ifp->if_snd, STE_TX_LIST_CNT - 1); IFQ_SET_READY(&ifp->if_snd); bcopy(sc->sc_dev.dv_xname, ifp->if_xname, IFNAMSIZ); Index: if_tl.c === RCS file: /cvs/src/sys/dev/pci/if_tl.c,v retrieving revision 1.51 diff -u -p -r1.51 if_tl.c --- if_tl.c 22 Jun 2011 16:44:27 - 1.51 +++ if_tl.c 23 Nov 2012 14:07:42 - @@ -2125,7 +2125,7 @@ tl_attach(parent, self, aux) ifp->if_ioctl = tl_ioctl; ifp->if_start = tl_start; ifp->if_watchdog = tl_watchdog; - ifp->if_baudrate = 1000; + ifp->if_baudrate = IF_Mbps(100); IFQ_SET_MAXLEN(&ifp->if_snd, TL_TX_LIST_CNT - 1); IFQ_SET_READY(&ifp->if_snd); bcopy(sc->sc_dev.dv_xname, ifp->if_xname, IFNAMSIZ); Index: if_txp.c === RCS file: /cvs/src/sys/dev/pci/if_txp.c,v retrieving revision 1.104 diff -u -p -r1.104 if_txp.c --- if_txp.c5 Apr 2011 18:01:21 - 1.104 +++ if_txp.c23 Nov 2012 14:07:42 - @@ -225,7 +225,7 @@ txp_attachhook(void *vsc) ifp->if_ioctl = txp_ioctl; ifp->if_start = txp_start; ifp->if_watchdog = txp_watchdog; - ifp->if_baudrate = 1000; + ifp->if_baudrate = IF_Mbps(100); IFQ_SET_MAXLEN(&ifp->if_snd, TX_ENTRIES); IFQ_SET_READY(&ifp->if_snd); ifp->if_capabilities = 0; Index: if_vge.c === RCS file: /cvs/src/sys/dev/pci/if_vge.c,v retrieving revision 1.51 diff -u -p -r1.51 if_vge.c --- if_vge.c22 Jun 2011 16:44:27 - 1.51 +++ if_vge.c23 Nov 2012 14:07:42 - @@ -787,7 +787,7 @@ vge_attach(struct device *parent, struct ifp->if_ioctl = vge_ioctl; ifp->if_start = vge_start; ifp->if_watchdog = vge_watchdog; - ifp->if_baudrate = 10; + ifp->if_baudrate = IF_Gbps(1); #ifdef VGE_JUMBO ifp->if_hardmtu = VGE_JUMBO_MTU; #endif Index: if_vr.c === RCS file: /cvs/src/sys/dev/pci/if_vr.c,v retrieving revision 1.117 diff -u -p -r1.117 if_vr.c --- if_vr.c 20 Oct 2012 16:12:22 - 1.117 +++ if_vr.c 23 Nov 2012 14:07:42 - @@ -623,7 +623,7 @@ vr_attach(struct device *parent, struct ifp->if_ioctl = vr_ioctl; ifp->if_start = vr_start; ifp->if_watchdog = vr_watchdog; - ifp->if_baudrate = 1000; + ifp->if_baudrate = IF_Mbps(100); ifp->if_capabilities = 0; IFQ_SET_READY(&ifp->if_snd); bcopy(sc->sc_dev.dv_xname, ifp->if_xname, IFNAMSIZ); Index: if_wb.c === RCS file: /cvs/src/sys/dev/pci/if_wb.c,v retrieving revision 1.49 diff -u -p -r1.49 if_wb.c --- if_wb.c 18 Oct 2012 21:44:21 - 1.49 +++ if_wb.c 23 Nov 2012 14:07:42 - @@ -794,7 +794,7 @@ wb_attach(parent, self, aux) ifp->if_ioctl = wb_ioctl; ifp->if_start = wb_start; ifp->if_watchdog = wb_watchdog; - ifp->if_baudrate = 1000; + ifp->if_baudrate = IF_Mbps(100); IFQ_SET_MAXLEN(&ifp->if_snd, WB_TX_LIST_CNT - 1); IFQ_SET_READY(&ifp->if_snd);
fix altq.9
splimp -> splnet
OK ?
Index: altq.9
===
RCS file: /cvs/src/share/man/man9/altq.9,v
retrieving revision 1.14
diff -u -p -r1.14 altq.9
--- altq.9 31 May 2007 19:20:00 - 1.14
+++ altq.9 14 Nov 2012 19:11:03 -
@@ -272,7 +272,7 @@ looks as follows:
|
| mflags = m->m_flags;
| len = m->m_pkthdr.len;
- s = splimp(); | s = splimp();
+ s = splnet(); | s = splnet();
if (IF_QFULL(&ifp->if_snd)) { | IFQ_ENQUEUE(&ifp->if_snd, m,
| NULL, error);
IF_DROP(&ifp->if_snd);| if (error != 0) {
@@ -419,7 +419,7 @@ immediately after
.Fn IFQ_POLL
returns the same packet.
Note that they need to be guarded by
-.Fn splimp
+.Fn splnet
if called from outside of
.Fn if_start .
.Ss Eliminating IF_PREPEND
@@ -571,7 +571,7 @@ The dequeue operations looks like:
.Bd -literal
##old-style## ##new-style##
|
- s = splimp(); | s = splimp();
+ s = splnet(); | s = splnet();
IF_DEQUEUE(&sc->sc_fastq, m); | IF_DEQUEUE(&sc->sc_fastq, m);
if (m == NULL)| if (m == NULL)
IF_DEQUEUE(&sc->sc_if.if_snd, m); | IFQ_DEQUEUE(&sc->sc_if.if_snd, m);
usr.bin/mail: use F_OK instead of 0 in access()
hi,
use F_OK macro instead of 0 in access() when cheching by file existence. make
de code easier to read. no funcional change.
OK ?
Index: cmd2.c
===
RCS file: /cvs/src/usr.bin/mail/cmd2.c,v
retrieving revision 1.18
diff -u -p -r1.18 cmd2.c
--- cmd2.c 6 Apr 2011 11:36:26 - 1.18
+++ cmd2.c 13 Nov 2012 18:54:35 -
@@ -166,7 +166,7 @@ save1(char *str, int mark, char *cmd, st
return(1);
printf("\"%s\" ", file);
fflush(stdout);
- if (access(file, 0) >= 0)
+ if (access(file, F_OK) >= 0)
disp = "[Appended]";
else
disp = "[New file]";
src/sys/net/if_pflow.c - fix kernel builds without bpfilter
Hi,
protect bpfilter portion with #if NBPFILTER > 0.
fix kernel builds without bpfilter.
OK ?
Index: if_pflow.c
===
RCS file: /cvs/src/sys/net/if_pflow.c,v
retrieving revision 1.21
diff -u -p -r1.21 if_pflow.c
--- if_pflow.c 30 Oct 2012 12:09:05 - 1.21
+++ if_pflow.c 8 Nov 2012 13:49:13 -
@@ -1106,7 +1106,9 @@ pflow_sendout_mbuf(struct pflow_softc *s
{
struct udpiphdr *ui;
u_int16_tlen = m->m_pkthdr.len;
+#if NBPFILTER > 0
struct ifnet*ifp = &sc->sc_if;
+#endif
struct ip *ip;
int err;
Re: Virtio drivers for OpenBSD
could you resubmit a new diff against -current ? please, attach it inline here. On Wed, Jul 11, 2012 at 9:07 AM, Stefan Fritsch wrote: > Hi, > > I have been working on porting NetBSD's virtio drivers to OpenBSD. I am > not finished yet, but in order to prevent duplicate work, I thought I'd > publish the current state (attached as diff to OpenBSD 5.1). It adds a > virtio block device driver (viod) and a virtio network interface > (if_vioif). It is stable enough to run make -j 2 in /usr/src on a viod > disk. > > Comments are welcome. > > BTW: Which device numbers should I choose for viod? Use the first unused > number or just add virtio at the end? > > Cheers, > Stefan > > [demime 1.01d removed an attachment of type TEXT/x-diff which had a name of > openbsd-virtio-v1.diff]
Re: [resend] ipv6 support for tftp
On Fri, Apr 27, 2012 at 12:34:19PM -0400, Brad Smith wrote:
> Tested against OpenBSD's tftpd and dnsmasq. Working fine for me.
here is an updated version of the diff.
- setpeer0() and setpeer() were renamed accordingly for clarity and
consistency. (requested by henning@)
- fix memleak(call freeaddrinfo() to release *res0)
- checks against valid server port number
- man page tweaked based on points by sthen@ and jmc@
this diff has been OK by sthen@ jmc@ henning@
i will commit it tomorrow if no objections till there.
? 1
? tftp_ipv6_3.diff
Index: main.c
===
RCS file: /cvs/src/usr.bin/tftp/main.c,v
retrieving revision 1.30
diff -u -p -r1.30 main.c
--- main.c 27 Oct 2009 23:59:44 - 1.30
+++ main.c 24 Apr 2012 15:39:19 -
@@ -68,7 +68,8 @@ void put(int, char **);
voidquit(int, char **);
voidsetascii(int, char **);
voidsetbinary(int, char **);
-voidsetpeer(int, char **);
+voidsetpeer(char *, char *);
+voidparsearg(int, char **);
voidsetrexmt(int, char **);
voidsettimeout(int, char **);
voidsettrace(int, char **);
@@ -86,9 +87,8 @@ static __dead void command(void);
struct cmd *getcmd(char *);
char *tail(char *);
-struct sockaddr_in peeraddr;
+struct sockaddr_storage peeraddr;
int f;
-short port;
int trace;
int verbose;
int connected;
@@ -98,7 +98,6 @@ intmargc;
char *margv[MAXARGV+1];
char *prompt = "tftp";
voidintr(int);
-struct servent *sp;
int rexmtval = TIMEOUT;
int maxtimeout = 5 * TIMEOUT;
charhostname[MAXHOSTNAMELEN];
@@ -134,7 +133,7 @@ struct cmd {
};
struct cmd cmdtab[] = {
- { "connect",chelp, setpeer },
+ { "connect",chelp, parsearg },
{ "mode", mhelp, modecmd },
{ "put",shelp, put },
{ "get",rhelp, get },
@@ -170,26 +169,14 @@ structmodes {
int
main(int argc, char *argv[])
{
- struct sockaddr_in s_in;
-
- /* socket, bind */
- sp = getservbyname("tftp", "udp");
- if (sp == 0)
- errx(1, "udp/tftp: unknown service");
- f = socket(AF_INET, SOCK_DGRAM, 0);
- if (f < 0)
- err(3, "socket");
- bzero((char *)&s_in, sizeof(s_in));
- s_in.sin_family = AF_INET;
- if (bind(f, (struct sockaddr *)&s_in, sizeof(s_in)) < 0)
- err(1, "bind");
+ f = -1;
/* set default transfer mode */
strlcpy(mode, "netascii", sizeof(mode));
/* set peer if given */
if (argc > 1)
- setpeer(argc, argv);
+ parsearg(argc, argv);
/* catch SIGINT */
signal(SIGINT, intr);
@@ -205,11 +192,73 @@ main(int argc, char *argv[])
}
void
-setpeer(int argc, char *argv[])
+setpeer(char *host, char *port)
{
- struct hostent *host;
- const char *errstr;
+ struct addrinfo hints, *res0, *res;
+ int error;
+ struct sockaddr_storage ss;
+ char *cause = "unknown";
+
+ if (connected) {
+ close(f);
+ f = -1;
+ }
+ connected = 0;
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_DGRAM;
+ hints.ai_protocol = IPPROTO_UDP;
+ hints.ai_flags = AI_CANONNAME;
+ if (!port)
+ port = "tftp";
+ error = getaddrinfo(host, port, &hints, &res0);
+ if (error) {
+ warnx("%s", gai_strerror(error));
+ return;
+ }
+
+ for (res = res0; res; res = res->ai_next) {
+ if (res->ai_addrlen > sizeof(peeraddr))
+ continue;
+ f = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
+ if (f < 0) {
+ cause = "socket";
+ continue;
+ }
+ memset(&ss, 0, sizeof(ss));
+ ss.ss_family = res->ai_family;
+ ss.ss_len = res->ai_addrlen;
+ if (bind(f, (struct sockaddr *)&ss, ss.ss_len) < 0) {
+ cause = "bind";
+ close(f);
+ f = -1;
+ continue;
+ }
+
+ break;
+ }
+
+ if (f < 0)
+ warn("%s", cause);
+ else {
+ /* res->ai_addr <= sizeof(peeraddr) is guaranteed */
+ memcpy(&peeraddr, res->ai_addr, res->ai_addrlen);
+ if (res->ai_canonname) {
+
Re: [resend] ipv6 support for tftp
On Tue, Mar 06, 2012 at 09:32:47AM +, Stuart Henderson wrote:
> On 2011/01/22 19:40, Gleydson Soares wrote:
> > can anyone test this diff? your feedback will be most welcome
> > On Wed, Sep 08, 2010 at 11:51:11AM -0300, Gleydson Soares wrote:
> > > hi,
> > >
> > > - ipv6 support for tftp client.
> > >
> > > based on an old itojun's diff.
>
> weerd@ pointed out this old diff - here's a slightly updated version;
> only minor tweaks from gsoares@ version: whitespace nits in some lines
> touched in the diff, and I rewrote the manpage diff.
>
> works for me against usr/sbin/tftpd; any comments?
anyone willing to give this diff a go?
Index: main.c
===
RCS file: /cvs/src/usr.bin/tftp/main.c,v
retrieving revision 1.30
diff -u -p -r1.30 main.c
--- main.c 27 Oct 2009 23:59:44 - 1.30
+++ main.c 19 Apr 2012 18:47:44 -
@@ -68,6 +68,7 @@ void put(int, char **);
voidquit(int, char **);
voidsetascii(int, char **);
voidsetbinary(int, char **);
+voidsetpeer0(char *, char *);
voidsetpeer(int, char **);
voidsetrexmt(int, char **);
voidsettimeout(int, char **);
@@ -86,9 +87,8 @@ static __dead void command(void);
struct cmd *getcmd(char *);
char *tail(char *);
-struct sockaddr_in peeraddr;
+struct sockaddr_storage peeraddr;
int f;
-short port;
int trace;
int verbose;
int connected;
@@ -98,7 +98,6 @@ intmargc;
char *margv[MAXARGV+1];
char *prompt = "tftp";
voidintr(int);
-struct servent *sp;
int rexmtval = TIMEOUT;
int maxtimeout = 5 * TIMEOUT;
charhostname[MAXHOSTNAMELEN];
@@ -170,19 +169,7 @@ struct modes {
int
main(int argc, char *argv[])
{
- struct sockaddr_in s_in;
-
- /* socket, bind */
- sp = getservbyname("tftp", "udp");
- if (sp == 0)
- errx(1, "udp/tftp: unknown service");
- f = socket(AF_INET, SOCK_DGRAM, 0);
- if (f < 0)
- err(3, "socket");
- bzero((char *)&s_in, sizeof(s_in));
- s_in.sin_family = AF_INET;
- if (bind(f, (struct sockaddr *)&s_in, sizeof(s_in)) < 0)
- err(1, "bind");
+ f = -1;
/* set default transfer mode */
strlcpy(mode, "netascii", sizeof(mode));
@@ -205,11 +192,69 @@ main(int argc, char *argv[])
}
void
-setpeer(int argc, char *argv[])
+setpeer0(char *host, char *port)
{
- struct hostent *host;
- const char *errstr;
+ struct addrinfo hints, *res0, *res;
+ int error;
+ struct sockaddr_storage ss;
+ char *cause = "unknown";
+
+ if (connected) {
+ close(f);
+ f = -1;
+ connected = 0;
+ }
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_DGRAM;
+ hints.ai_protocol = IPPROTO_UDP;
+ hints.ai_flags = AI_CANONNAME;
+ if (!port)
+ port = "tftp";
+ error = getaddrinfo(host, port, &hints, &res0);
+ if (error) {
+ warnx("%s", gai_strerror(error));
+ return;
+ }
+
+ for (res = res0; res; res = res->ai_next) {
+ f = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
+ if (f < 0) {
+ cause = "socket";
+ continue;
+ }
+
+ memset(&ss, 0, sizeof(ss));
+ ss.ss_family = res->ai_family;
+ ss.ss_len = res->ai_addrlen;
+ if (bind(f, (struct sockaddr *)&ss, ss.ss_len) < 0) {
+ cause = "bind";
+ close(f);
+ f = -1;
+ continue;
+ }
+
+ break;
+ }
+
+ if (f < 0)
+ warn("%s", cause);
+ else {
+ memcpy(&peeraddr, res->ai_addr, res->ai_addrlen);
+ if (res->ai_canonname) {
+ (void) strncpy(hostname, res->ai_canonname,
+ sizeof(hostname));
+ } else
+ (void) strncpy(hostname, host, sizeof(hostname));
+ hostname[sizeof(hostname)-1] = 0;
+ connected = 1;
+ }
+}
bgplg: use -A with traceroute6 to print the AS number
now that we've the option -A with traceroute6, bgplg is happy to use
OK ?
Index: bgplg.h
===
RCS file: /cvs/src/usr.bin/bgplg/bgplg.h,v
retrieving revision 1.8
diff -u -p -r1.8 bgplg.h
--- bgplg.h 8 Nov 2011 12:21:29 - 1.8
+++ bgplg.h 28 Mar 2012 01:51:38 -
@@ -67,7 +67,7 @@ struct cmd {
{ "ping", 1, 1, "", \
{ PING, "-c4", "-w2", NULL } }, \
{ "traceroute6", 1, 1, "", \
- { TRACEROUTE6, "-l", NULL } }, \
+ { TRACEROUTE6, "-Al", NULL } }, \
{ "ping6", 1, 1, "", \
{ PING6, "-c4", "-i2", NULL } },\
{ "help", 0, 0, NULL, { NULL }, lg_help }, \
Re: etc/rc.d/ldapd stop - pexp - ldapd: ldap server
On Tue, Sep 20, 2011 at 04:33:10PM +0200, MERIGHI Marcus wrote: > anyone? it is in, already committed. > > mcmer-open...@tor.at (MERIGHI Marcus), 2011.09.09 (Fri) 16:22 (CEST): > > Hello, > > > > the stock > > $ /etc/rc.d/ldapd stop > > does not work for me. The diff below makes it work. > > > > Index: ldapd > > === > > RCS file: /cvs/src/etc/rc.d/ldapd,v > > retrieving revision 1.1 > > diff -u -r1.1 ldapd > > --- ldapd 6 Jul 2011 18:55:36 - 1.1 > > +++ ldapd 9 Sep 2011 14:14:15 - > > @@ -6,4 +6,6 @@ > > > > . /etc/rc.d/rc.subr > > > > +pexp="ldapd: ldap server.*" > > + > > rc_cmd $1
plug a memleak in output_listing()
plug a memleak in output_listing(); from NetBSD Index: aicasm.c === RCS file: /cvs/src/sys/dev/microcode/aic7xxx/aicasm.c,v retrieving revision 1.14 diff -u -r1.14 aicasm.c --- aicasm.c4 Oct 2005 23:46:14 - 1.14 +++ aicasm.c11 Feb 2011 22:24:44 - @@ -594,6 +594,7 @@ if (isatty(fileno(stdin)) == 0) putchar(input); } + free(func_values); fprintf(stdout, "\nThanks!\n"); }
typo inteface->interface (pipex_local.h)
Index: pipex_local.h
===
RCS file: /cvs/src/sys/net/pipex_local.h,v
retrieving revision 1.10
diff -u -r1.10 pipex_local.h
--- pipex_local.h 20 Nov 2010 20:11:19 - 1.10
+++ pipex_local.h 23 Jan 2011 13:35:04 -
@@ -76,7 +76,7 @@
#ifdef PIPEX_PPPOE
struct pipex_pppoe_session {
- struct ifnet *over_ifp; /* ether inteface */
+ struct ifnet *over_ifp; /* ether interface */
};
#endif /* PIPEX_PPPOE */
[resend] ipv6 support for tftp
can anyone test this diff? your feedback will be most welcome
On Wed, Sep 08, 2010 at 11:51:11AM -0300, Gleydson Soares wrote:
> hi,
>
> - ipv6 support for tftp client.
>
> based on an old itojun's diff.
Index: tftpsubs.c
===
RCS file: /cvs/src/usr.bin/tftp/tftpsubs.c,v
retrieving revision 1.14
diff -u -r1.14 tftpsubs.c
--- tftpsubs.c 27 Oct 2009 23:59:44 - 1.14
+++ tftpsubs.c 8 Sep 2010 14:01:19 -
@@ -258,7 +258,7 @@
{
int i, j = 0;
charrbuf[SEGSIZE_MIN];
- struct sockaddr_in from;
+ struct sockaddr_storage from;
socklen_t fromlen;
for (;;) {
Index: tftp.c
===
RCS file: /cvs/src/usr.bin/tftp/tftp.c,v
retrieving revision 1.22
diff -u -r1.22 tftp.c
--- tftp.c 27 Oct 2009 23:59:44 - 1.22
+++ tftp.c 8 Sep 2010 14:01:39 -
@@ -58,7 +58,7 @@
#include "tftpsubs.h"
static int makerequest(int, const char *, struct tftphdr *, const char *);
-static voidnak(int);
+static voidnak(int, struct sockaddr *);
static voidtpacket(const char *, struct tftphdr *, int);
static voidstartclock(void);
static voidstopclock(void);
@@ -67,7 +67,7 @@
static voidoack(struct tftphdr *, int, int);
static int oack_set(const char *, const char *);
-extern struct sockaddr_in peeraddr; /* filled in by main */
+extern struct sockaddr_storage peeraddr; /* filled in by main */
extern int f; /* the opened socket */
extern int trace;
extern int verbose;
@@ -124,7 +124,8 @@
sendfile(int fd, char *name, char *mode)
{
struct tftphdr *dp, *ap; /* data and ack packets */
- struct sockaddr_in from;
+ struct sockaddr_storage from;
+ struct sockaddr_storage peer;
struct pollfdpfd[1];
unsigned longamount;
socklen_tfromlen;
@@ -138,6 +139,7 @@
convert = !strcmp(mode, "netascii");
block = 0;
amount = 0;
+ memcpy(&peer, &peeraddr, peeraddr.ss_len);
do {
/* read data from file */
@@ -146,7 +148,7 @@
else {
size = readit(file, &dp, convert, segment_size);
if (size < 0) {
- nak(errno + 100);
+ nak(errno + 100, (struct sockaddr *)&peer);
break;
}
dp->th_opcode = htons((u_short)DATA);
@@ -164,8 +166,8 @@
if (trace)
tpacket("sent", dp, size + 4);
if (sendto(f, dp, size + 4, 0,
- (struct sockaddr *)&peeraddr,
- sizeof(peeraddr)) != size + 4) {
+ (struct sockaddr *)&peer,
+ peer.ss_len) != size + 4) {
warn("sendto");
goto abort;
}
@@ -202,7 +204,19 @@
warn("recvfrom");
goto abort;
}
- peeraddr.sin_port = from.sin_port; /* added */
+ switch (peer.ss_family) { /* added */
+ case AF_INET:
+ ((struct sockaddr_in *)&peer)->sin_port =
+ ((struct sockaddr_in *)&from)->sin_port;
+ break;
+ case AF_INET6:
+ ((struct sockaddr_in6 *)&peer)->sin6_port =
+ ((struct sockaddr_in6 *)&from)->sin6_port;
+ break;
+ default:
+ /* unsupported */
+ break;
+ }
if (trace)
tpacket("received", ap, n);
@@ -256,7 +270,8 @@
recvfile(int fd, char *name, char *mode)
{
struct tftphdr *dp, *ap; /* data and ack packets */
- struct sockaddr_in from;
+ struct sockaddr_storage from;
+ struct sockaddr_storage peer;
struct pollfdpfd[1];
unsigned longamount;
socklen_tfromlen;
@@ -273,6 +288,7 @@
block = 1;
amount = 0;
firsttrip = 1;
+ memcpy(&peer, &peeraddr, peeraddr.ss_len);
options:
do {
@@ -298,8 +314,8 @
Re: ipv6 support for tftp
On Wed, Sep 08, 2010 at 11:51:11AM -0300, Gleydson Soares wrote:
> hi,
>
> - ipv6 support for tftp client.
>
> based on an old itojun's diff.
i forgot to attach the diff inline.
Index: tftpsubs.c
===
RCS file: /cvs/src/usr.bin/tftp/tftpsubs.c,v
retrieving revision 1.14
diff -u -r1.14 tftpsubs.c
--- tftpsubs.c 27 Oct 2009 23:59:44 - 1.14
+++ tftpsubs.c 8 Sep 2010 14:01:19 -
@@ -258,7 +258,7 @@
{
int i, j = 0;
charrbuf[SEGSIZE_MIN];
- struct sockaddr_in from;
+ struct sockaddr_storage from;
socklen_t fromlen;
for (;;) {
Index: tftp.c
===
RCS file: /cvs/src/usr.bin/tftp/tftp.c,v
retrieving revision 1.22
diff -u -r1.22 tftp.c
--- tftp.c 27 Oct 2009 23:59:44 - 1.22
+++ tftp.c 8 Sep 2010 14:01:39 -
@@ -58,7 +58,7 @@
#include "tftpsubs.h"
static int makerequest(int, const char *, struct tftphdr *, const char *);
-static voidnak(int);
+static voidnak(int, struct sockaddr *);
static voidtpacket(const char *, struct tftphdr *, int);
static voidstartclock(void);
static voidstopclock(void);
@@ -67,7 +67,7 @@
static voidoack(struct tftphdr *, int, int);
static int oack_set(const char *, const char *);
-extern struct sockaddr_in peeraddr; /* filled in by main */
+extern struct sockaddr_storage peeraddr; /* filled in by main */
extern int f; /* the opened socket */
extern int trace;
extern int verbose;
@@ -124,7 +124,8 @@
sendfile(int fd, char *name, char *mode)
{
struct tftphdr *dp, *ap; /* data and ack packets */
- struct sockaddr_in from;
+ struct sockaddr_storage from;
+ struct sockaddr_storage peer;
struct pollfdpfd[1];
unsigned longamount;
socklen_tfromlen;
@@ -138,6 +139,7 @@
convert = !strcmp(mode, "netascii");
block = 0;
amount = 0;
+ memcpy(&peer, &peeraddr, peeraddr.ss_len);
do {
/* read data from file */
@@ -146,7 +148,7 @@
else {
size = readit(file, &dp, convert, segment_size);
if (size < 0) {
- nak(errno + 100);
+ nak(errno + 100, (struct sockaddr *)&peer);
break;
}
dp->th_opcode = htons((u_short)DATA);
@@ -164,8 +166,8 @@
if (trace)
tpacket("sent", dp, size + 4);
if (sendto(f, dp, size + 4, 0,
- (struct sockaddr *)&peeraddr,
- sizeof(peeraddr)) != size + 4) {
+ (struct sockaddr *)&peer,
+ peer.ss_len) != size + 4) {
warn("sendto");
goto abort;
}
@@ -202,7 +204,19 @@
warn("recvfrom");
goto abort;
}
- peeraddr.sin_port = from.sin_port; /* added */
+ switch (peer.ss_family) { /* added */
+ case AF_INET:
+ ((struct sockaddr_in *)&peer)->sin_port =
+ ((struct sockaddr_in *)&from)->sin_port;
+ break;
+ case AF_INET6:
+ ((struct sockaddr_in6 *)&peer)->sin6_port =
+ ((struct sockaddr_in6 *)&from)->sin6_port;
+ break;
+ default:
+ /* unsupported */
+ break;
+ }
if (trace)
tpacket("received", ap, n);
@@ -256,7 +270,8 @@
recvfile(int fd, char *name, char *mode)
{
struct tftphdr *dp, *ap; /* data and ack packets */
- struct sockaddr_in from;
+ struct sockaddr_storage from;
+ struct sockaddr_storage peer;
struct pollfdpfd[1];
unsigned longamount;
socklen_tfromlen;
@@ -273,6 +288,7 @@
block = 1;
amount = 0;
firsttrip = 1;
+ memcpy(&peer, &peeraddr, peeraddr.ss_len);
options:
do {
@@ -298,8 +314,8 @@
ipv6 support for tftp
hi, - ipv6 support for tftp client. based on an old itojun's diff. [demime 1.01d removed an attachment of type text/x-diff]
update bind/root.hint
hi, sync root.hint with ftp.internic.net. - ipv6 address for i-root added - remove extra spaces in k-root and l-root Index: root.hint === RCS file: /cvs/src/etc/bind/root.hint,v retrieving revision 1.7 diff -u root.hint --- root.hint 29 Dec 2009 08:14:00 - 1.7 +++ root.hint 18 Jun 2010 13:04:07 - @@ -11,8 +11,8 @@ ; on server FTP.INTERNIC.NET ; -OR-RS.INTERNIC.NET ; -; last update:Dec 12, 2008 -; related version of root zone: 2008121200 +; last update:Jun 17, 2010 +; related version of root zone: 2010061700 ; ; formerly NS.INTERNIC.NET ; @@ -61,6 +61,7 @@ ; .360 NSI.ROOT-SERVERS.NET. I.ROOT-SERVERS.NET. 360 A 192.36.148.17 +I.ROOT-SERVERS.NET. 360 2001:7FE::53 ; ; operated by VeriSign, Inc. ; @@ -71,14 +72,14 @@ ; operated by RIPE NCC ; .360 NSK.ROOT-SERVERS.NET. -K.ROOT-SERVERS.NET. 360 A 193.0.14.129 +K.ROOT-SERVERS.NET. 360 A 193.0.14.129 K.ROOT-SERVERS.NET. 360 2001:7fd::1 ; ; operated by ICANN ; .360 NSL.ROOT-SERVERS.NET. L.ROOT-SERVERS.NET. 360 A 199.7.83.42 -L.ROOT-SERVERS.NET. 360 2001:500:3::42 +L.ROOT-SERVERS.NET. 360 2001:500:3::42 ; ; operated by WIDE ;
Re: libexec/tftp-proxy: should to call endpwent()
sure
but make sense to remove bad examples in tree
On Wed, Jun 02, 2010 at 08:33:10AM -0600, Theo de Raadt wrote:
> > endpwent() here to close file descriptor opened by getpwnam(),
> > since that all work with the password database was done.
>
> But no file descriptor is open.
>
> setpassent() was never called to keep the fd open.
>
> It's even explained in the manual page.
>
> > Index: tftp-proxy.c
> > ===
> > RCS file: /cvs/src//libexec/tftp-proxy/tftp-proxy.c,v
> > retrieving revision 1.6
> > diff -u tftp-proxy.c
> > --- tftp-proxy.c13 Apr 2008 00:22:17 - 1.6
> > +++ tftp-proxy.c2 Jun 2010 13:06:16 -
> > @@ -128,6 +128,7 @@
> > syslog(LOG_ERR, "can't revoke privs: %m");
> > exit(1);
> > }
> > + endpwent();
> >
> > /* non-blocking io */
> > if (ioctl(fd, FIONBIO, &on) < 0) {
Index: privsep.c
===
RCS file: /cvs/src//usr.sbin/tcpdump/privsep.c,v
retrieving revision 1.28
diff -u privsep.c
--- privsep.c 17 Apr 2009 22:31:24 - 1.28
+++ privsep.c 2 Jun 2010 15:18:00 -
@@ -175,7 +175,6 @@
err(1, "setresgid() failed");
if (setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
err(1, "setresuid() failed");
- endpwent();
close(socks[0]);
priv_fd = socks[1];
Index: privsep.c
===
RCS file: /cvs/src//usr.sbin/syslogd/privsep.c,v
retrieving revision 1.34
diff -u privsep.c
--- privsep.c 23 Nov 2008 04:29:42 - 1.34
+++ privsep.c 2 Jun 2010 15:18:56 -
@@ -435,7 +435,6 @@
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 ||
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1)
err(1, "failure dropping privs");
- endpwent();
if (dup2(fd[0], STDIN_FILENO) == -1)
err(1, "dup2 failed");
libexec/tftp-proxy: should to call endpwent()
endpwent() here to close file descriptor opened by getpwnam(), since that all
work with the password database was done.
Index: tftp-proxy.c
===
RCS file: /cvs/src//libexec/tftp-proxy/tftp-proxy.c,v
retrieving revision 1.6
diff -u tftp-proxy.c
--- tftp-proxy.c13 Apr 2008 00:22:17 - 1.6
+++ tftp-proxy.c2 Jun 2010 13:06:16 -
@@ -128,6 +128,7 @@
syslog(LOG_ERR, "can't revoke privs: %m");
exit(1);
}
+ endpwent();
/* non-blocking io */
if (ioctl(fd, FIONBIO, &on) < 0) {
Re: which ISO for a VM?
On Mon, Apr 5, 2010 at 11:38 AM, Sean Kennedy wrote: > I concur, it was a Valid question on running OpenBSD in a VM. really, i was very radical in the last email. really. shut it up and hack. maybe starting helping the virtualbox guys to close the related bug at http://www.virtualbox.org/ticket/639. i think, it hasn't been fixed.
Re: which ISO for a VM?
virtualize your brain. it is nice. On Fri, Apr 2, 2010 at 6:23 AM, Zachary Uram wrote: > I have never run OpenBSD before and want to try it out. Wondering if > there is an ISO I can run in VirtualBox? If not what is the > recommended method for users who wish to run OpenBSD in > virtualization? > > Regards, > Zach > > <>< http://www.fidei.org ><>
Re: if_loop
On Fri, Jan 8, 2010 at 9:15 PM, Claudio Jeker wrote: > > On Fri, Jan 08, 2010 at 01:06:03AM -0300, Gleydson Soares wrote: > >> i guess that if ifp might be bpf attached in loop_clone_create() it should be detached case destroyed. > >> Index: if_loop.c > >> === > >> RCS file: /cvs/src/sys/net/if_loop.c,v > >> retrieving revision 1.44 > >> diff -N -u if_loop.c > >> --- if_loop.c 7 May 2008 12:58:54 - 1.44 > >> +++ if_loop.c 8 Jan 2010 03:34:17 - > >> @@ -221,6 +221,9 @@ > >> if (ifp == lo0ifp) > >> return (EPERM); > >> > >> +#if NBPFILTER > 0 > >> + bpfdetach(ifp); > >> +#endif > >> if_detach(ifp); > >> > >> free(ifp, M_DEVBUF); > >> > > > > bpfdetach() is called in if_detach(). So there is no need for this diff. > > > > -- > > :wq Claudio sure. my eyes slipped in if.c
if_loop
i guess that if ifp might be bpf attached in loop_clone_create() it should be detached case destroyed. Index: if_loop.c === RCS file: /cvs/src/sys/net/if_loop.c,v retrieving revision 1.44 diff -N -u if_loop.c --- if_loop.c 7 May 2008 12:58:54 - 1.44 +++ if_loop.c 8 Jan 2010 03:34:17 - @@ -221,6 +221,9 @@ if (ifp == lo0ifp) return (EPERM); +#if NBPFILTER > 0 + bpfdetach(ifp); +#endif if_detach(ifp); free(ifp, M_DEVBUF);
Re: kernel hacking
/usr/src/* On Thu, Dec 10, 2009 at 2:24 PM, Robert Yuri wrote: > which the best way to learn about OpenBSD kernel ? > I found a bunch of docs from FreeBSD site such as developer's handbook at > http://www.freebsd.org/doc/en_US.ISO8859-1/books/developers-handbook/ , > there any same that for openbsd ? > > thanks, > ry
