Re: Removing PF

2019-03-31 Thread Ian McWilliam
"peeing on, or even integration into baby mulching machines or atomic bombs to be dropped on Australia" That's a lot of missing features to implement in one release cycle. Ian McWilliam From: owner-t...@openbsd.org on behalf of Claudio Jeker Sent: Monday,

Removing PF

2019-03-31 Thread Claudio Jeker
There have been internal discussions about OpenBSD also removing the pf packet filter after the upcoming 6.5 release. Instead a switch to using David Gwynne's new bpf filter will happen. The benefits outweigh the drawbacks and the missing features will be readily implemented in time for the 6.6

sys/dev/pci/if_wb.c: repair "} if"

2019-03-31 Thread Christian Weisgerber
Some sort of merge error; FreeBSD, where this was imported from, always had "else if". Also, semantically more plausible. ok? Index: sys/dev/pci/if_wb.c === RCS file: /cvs/src/sys/dev/pci/if_wb.c,v retrieving revision 1.69 diff -u

Re: sys/dev/x86emu/x86emu.c: repair "} if"

2019-03-31 Thread Theo de Raadt
Yes, very weird. There are about 20 more in the base tree. Some of them are missing "else", but some are not. > I'm grepping the tree for "} if" lines... > > I'm confident that these were intended as "else if", compare the > corresponding ror_* functions. Also, it doesn't actually change >

sys/dev/x86emu/x86emu.c: repair "} if"

2019-03-31 Thread Christian Weisgerber
I'm grepping the tree for "} if" lines... I'm confident that these were intended as "else if", compare the corresponding ror_* functions. Also, it doesn't actually change the result. ok? Index: sys/dev/x86emu/x86emu.c === RCS

Re: iked(8): add support for IKEv2 Message Fragmentation

2019-03-31 Thread Tim Stewart
On 3/30/19 3:11 PM, Tobias Heider wrote: Hi Stuart, I'm glad to see people are using this. There's some smaller fixes that I haven't sent to the list yet, so probably I'll send an updated diff on monday. I plan to start using this patch this week, likely as soon as you send the updated diff.

Re: httpd(8): Adapt to industry wide current best security practices

2019-03-31 Thread Bryan Steele
On Mon, Apr 01, 2019 at 02:30:22AM +0200, Florian Obser wrote: > OK? > > diff --git server_http.c server_http.c > index 6c8549d2b41..f04a15bd056 100644 > --- server_http.c > +++ server_http.c > @@ -1176,7 +1176,7 @@ server_response(struct httpd *httpd, struct client *clt) > struct

Re: httpd(8): Adapt to industry wide current best security practices

2019-03-31 Thread Theo de Raadt
relayd needs this also. It is a very often a bump in the wire, protecting cisco devices. Florian Obser wrote: > OK? > > diff --git server_http.c server_http.c > index 6c8549d2b41..f04a15bd056 100644 > --- server_http.c > +++ server_http.c > @@ -1176,7 +1176,7 @@ server_response(struct httpd

httpd(8): Adapt to industry wide current best security practices

2019-03-31 Thread Florian Obser
OK? diff --git server_http.c server_http.c index 6c8549d2b41..f04a15bd056 100644 --- server_http.c +++ server_http.c @@ -1176,7 +1176,7 @@ server_response(struct httpd *httpd, struct client *clt) struct http_descriptor *resp = clt->clt_descresp; struct server *srv =

Re: smtpd.conf(5)/table(5) manuals: change `\-' to `-'

2019-03-31 Thread Jason McIntyre
On Sat, Mar 23, 2019 at 11:50:53PM -0600, Randy Hartman wrote: > Change smtpd.conf(5) and table(5) man pages to represent hyphen > as plain `-'. According to mandoc_char(7), "[...] in manual pages > just write plain `-' to represent hyphen, minus, and hyphen-minus." > > Found while comparing

Re: bgpd: unbreak route origin validation

2019-03-31 Thread Denis Fondras
On Sun, Mar 31, 2019 at 06:03:01PM +0200, Claudio Jeker wrote: > On Fri, Mar 22, 2019 at 09:25:32PM +0100, Denis Fondras wrote: > > (better when the right diff is sent...) > > > > ROV has been broken since the configuration reload changes. > > > > Index: rde.c > >

improve rsync(1) manual page

2019-03-31 Thread Ingo Schwarze
Hi, here are serveral bugfixes and improvements for the rsync(1) manual. OK? Ingo Bugfixes: * For -D and -l: s/Transfer/Also transfer/. * In the EXAMPLES, the renaming rsync -> openrsync caused a mess; the worst aspect is the --rsync-path in the last example. I don't have a good

Re: bgpd: unbreak route origin validation

2019-03-31 Thread Claudio Jeker
On Fri, Mar 22, 2019 at 09:25:32PM +0100, Denis Fondras wrote: > (better when the right diff is sent...) > > ROV has been broken since the configuration reload changes. > > Index: rde.c > === > RCS file:

Re: fix the gpio pin for ar9287-based usb devices

2019-03-31 Thread Stefan Sperling
On Sun, Mar 31, 2019 at 06:09:37PM +0800, Kevin Lo wrote: > Hi, > > AR9287-based usb devices use GPIO pin 10 for LED, not 8. > Tested with TP-LINK TL-WN821N V3. ok? OK > > Index: sys/dev/ic/ar9287.c > === > RCS file:

fix the gpio pin for ar9287-based usb devices

2019-03-31 Thread Kevin Lo
Hi, AR9287-based usb devices use GPIO pin 10 for LED, not 8. Tested with TP-LINK TL-WN821N V3. ok? Index: sys/dev/ic/ar9287.c === RCS file: /cvs/src/sys/dev/ic/ar9287.c,v retrieving revision 1.27 diff -u -p -u -p -r1.27 ar9287.c

Re: bgpd: remove announce ... from the manpage too

2019-03-31 Thread Claudio Jeker
On Wed, Mar 27, 2019 at 09:43:31PM +0100, Sebastian Benoit wrote: > > ok? Sure. > (benno_announce_doc.diff) > > diff --git usr.sbin/bgpd/bgpd.conf.5 usr.sbin/bgpd/bgpd.conf.5 > index a6f975e935d..86adf872f64 100644 > --- usr.sbin/bgpd/bgpd.conf.5 > +++ usr.sbin/bgpd/bgpd.conf.5 > @@ -737,23

Re: bgpd: unbreak route origin validation

2019-03-31 Thread Claudio Jeker
On Fri, Mar 22, 2019 at 04:47:46PM +0100, Denis Fondras wrote: > ROV has been broken since the configuration reload changes. I don't like this. The goal is to not use memcpy for struct bgpd_config because of all the pointer it holds. It feels like a field is missing in copy_config(). Will look