On Mon, Oct 09, 2023 at 11:55:36PM +0200, Theo Buehler wrote:
> On Mon, Oct 09, 2023 at 11:50:14PM +0200, Tobias Heider wrote:
> > On Mon, Oct 09, 2023 at 11:24:19PM +0200, Theo Buehler wrote:
> > > On Mon, Oct 09, 2023 at 10:49:53PM +0200, Tobias Heider wrote:
> > >
On Mon, Oct 09, 2023 at 11:24:19PM +0200, Theo Buehler wrote:
> On Mon, Oct 09, 2023 at 10:49:53PM +0200, Tobias Heider wrote:
> > ipsecctl wrongly assumes that strings like the pf tag or
> > the identities are always null terminated.
> > The diff below fixes the case
ipsecctl wrongly assumes that strings like the pf tag or
the identities are always null terminated.
The diff below fixes the cases that always kill my
ipsecctl -m when running a fuzzer.
ok?
Index: pfkdump.c
===
RCS file: /mount/openb
On Sun, Oct 08, 2023 at 07:42:54PM +0200, Mark Kettenis wrote:
> Hector Martin has added support for the BCM4388 that is found on the
> last generation of Apple Macs. Based on his commits I've managed to
> get it working on my M2 Pro mini. I still have to clean up some of
> that stuff, but here i
On Mon, Oct 09, 2023 at 12:29:43AM +0200, Tobias Heider wrote:
> The diff below adds pledge("stdio") calls for the pfkey dump subset
> of ipsecctl commands.
>
> In particular ipsecctl -s which prints all SAs or flows in the kernel
> and more importantly ipsecctl -m wh
The diff below adds pledge("stdio") calls for the pfkey dump subset
of ipsecctl commands.
In particular ipsecctl -s which prints all SAs or flows in the kernel
and more importantly ipsecctl -m which contiously parses and prints every
pfkey message forwarded by the kernel don't seem to need any add
Like with route messages we should really only forward pfkey messages
that made it past the validation step. This fixes a lot of possible
crashes in ipsecctl -m.
ok?
diff /home/user/got/co/src
commit - 1ce2bc211dba4164679169b9248650fd1d6ba9d2
path + /home/user/got/co/src
blob - e750ae8bdbe6819473
On Thu, Sep 07, 2023 at 09:04:43AM +0200, Walter Alejandro Iglesias wrote:
> Dear OpenBSD developers,
>
> On Aug 2 I reported this bug:
>
> https://marc.info/?l=openbsd-bugs&m=169100763926909&w=2
>
> After fiddling around I found a solution that works for both vi base and
> nvi from ports:
>
Hi,
the diff below disables and restores the keyboard backlight together with
the screen on idle timeout to save a bit of battery.
ok?
diff 848795b17df6d7aac8fe7242132657e294ce39df
0bb6b11cdeac4d4755e336594acf830b859e9d34
commit - 848795b17df6d7aac8fe7242132657e294ce39df
commit + 0bb6b11cdeac4d
On Sun, Aug 20, 2023 at 12:23:49PM +0200, Stefan Fritsch wrote:
> Am 13.08.23 um 17:38 schrieb Tobias Heider:
> > On Sun, Aug 13, 2023 at 08:33:54AM -0400, Andrew Cagney wrote:
> > > > Hi Andrew,
> > > >
> > > > can you share the qemu cmd you are usin
On Fri, Aug 18, 2023 at 06:43:50PM +0100, Stuart Henderson wrote:
> On 2023/08/18 17:39, Tobias Heider wrote:
> > Hi,
> >
> > I was looking at my authlog today and as expected on a server exposed on the
> > public internet it is filled with random scanners and brute for
Hi,
I was looking at my authlog today and as expected on a server exposed on the
public internet it is filled with random scanners and brute force attacks.
One thing I noticed is that there is a lot of information we log multiple
times for a each failed connection.
Some examples below:
sshd[6216
On Mon, Aug 14, 2023 at 02:07:12AM +, Jason Tubnor wrote:
> Hi,
>
> Testing sec(4) between 2 end points with iperf3, iked has lost the associated
> iface for the sec(4) point to point link. Specifically:
>
> pfkey_sa: unsupported interface
Not sure how this can happen. Have you destroyed an
On Sun, Aug 13, 2023 at 08:33:54AM -0400, Andrew Cagney wrote:
> > Hi Andrew,
> >
> > can you share the qemu cmd you are using in your tests?
> > I'd like to see if I can reproduce this.
>
> Here's pretty much everything. Thanks for looking at it.
Thank you, I managed to reproduce your crash.
I
On Sat, Aug 12, 2023 at 06:41:17PM -0400, Andrew Cagney wrote:
> On Sat, 12 Aug 2023 at 16:18, Stuart Henderson wrote:
>
> > > Is there a way to get an updated ISO or kernel with the fix?
> > > (we're already adding an installer config file to the ISO, so why not a
> > > kernel)
> > >
> > > Andr
On Mon, Aug 07, 2023 at 02:22:23PM +1000, David Gwynne wrote:
> tobhe@ wrote the iked bits, so he'll commit them when he's ready.
>
> your config looks pretty much the same as mine except you specify a lot
> more stuff around lifetimes and crypto than i do. maybe try without "tunnel
> esp"?
>
> d
On Fri, Jul 28, 2023 at 12:06:54PM +0200, Claudio Jeker wrote:
> As suggested by tb@ add print_hexbuf() to hexdump an ibuf.
> Use this in place where a full ibuf is dumped. In some cases
> print_hex() is still used because the length is not the full
> ibuf or an offset is used.
>
> --
> :wq Claud
On Thu, Jul 27, 2023 at 03:31:32PM +0200, Claudio Jeker wrote:
> Use ibuf_data() instead of direct access to ibuf->buf.
> In some cases use ibuf_add_buf().
>
> --
> :wq Claudio
ok tobhe@
>
> Index: crypto.c
> ===
> RCS file: /cvs/
On Wed, Aug 10, 2022 at 11:08:43AM +, jon@elytron.openbsd.amsterdam wrote:
> Hello everyone. The following diff adds support for
> switching the record.source with the macppc onyx
> driver. I'm still unsure how to get mixerctl or
> sndctl to set the volume, any hints appreciated.
>
> Drew som
On Sun, Jul 23, 2023 at 09:16:40PM +, jon@elytron.openbsd.amsterdam wrote:
> If I'm not mistaken, all wskbd_{get,set}_backlight uses are in the
> following drivers: acpicbkbd, acpithinkpad, asmc, pwmleds, and now
> my implementation in adb. It is my impression that they are roughly
> the same c
On Sat, Jul 22, 2023 at 08:59:04PM -0400, George Koehler wrote:
> On Wed, 19 Jul 2023 02:03:26 +0200
> Tobias Heider wrote:
>
> > > ok anyone?
> >
> > No one interested in working keyboard backlight shortcuts?
> > Don't get scared by the powerbook
On Fri, Jul 14, 2023 at 09:17:20PM +0200, Tobias Heider wrote:
> On Fri, Jul 14, 2023 at 05:53:41PM +, jon@elytron.openbsd.amsterdam wrote:
> > Hello everyone. After a tobhe@'s recent patch [1] to add suspend
> > keysyms for other mac laptops, and a brief consultatio
On Tue, Jul 18, 2023 at 03:16:12PM +0200, Claudio Jeker wrote:
> ibuf_cat() is the same as ibuf_add_buf() so use the latter.
ok tobhe@
>
> --
> :wq Claudio
>
> Index: eap.c
> ===
> RCS file: /cvs/src/sbin/iked/eap.c,v
> retrieving
On Sun, Jul 16, 2023 at 04:24:15PM +0200, Claudio Jeker wrote:
> Rename ibuf_get() to ibuf_getdata() by merging the two functions together.
> I want to use ibuf_get() as part of the ibuf API so this needs to move.
> Also use ibuf_add_zero() in a place of ibuf_reserve() and remove a check
> for buf-
On Fri, Jul 14, 2023 at 05:53:41PM +, jon@elytron.openbsd.amsterdam wrote:
> Hello everyone. After a tobhe@'s recent patch [1] to add suspend
> keysyms for other mac laptops, and a brief consultation with him,
> I am reposting an updated version of my keyboard backlight
> patch [2], which you c
On Thu, Jul 13, 2023 at 05:44:03AM +0200, Theo Buehler wrote:
> This is analogous to the change that op committed to smtpd a few days
> ago. Instead of using ENGINE to make RSA use privsep via imsg, create
> an RSA method that has custom priv_enc/priv_dec methods, replace the
> default RSA method.
On Sat, Jul 08, 2023 at 07:33:01PM +0200, Tobias Heider wrote:
> On Sat, Jul 08, 2023 at 04:06:33PM +, Miod Vallat wrote:
> > > Now that we have request_sleep() we can add a new internal KS_Cmd_Sleep
> > > keycode, map it into the macbook keyboard, catch in
On Sat, Jul 08, 2023 at 04:06:33PM +, Miod Vallat wrote:
> > Now that we have request_sleep() we can add a new internal KS_Cmd_Sleep
> > keycode, map it into the macbook keyboard, catch in wskbd and go to sleep.
> >
> > ok?
>
> > --- sys/dev/usb/ukbdmap.c
> > +++ sys/dev/usb/ukbdmap.c
> > @@
Now that we have request_sleep() we can add a new internal KS_Cmd_Sleep
keycode, map it into the macbook keyboard, catch in wskbd and go to sleep.
ok?
diff 4cfcaa1dc85fba5c0672ef2787341ee6cc639979
16365606ee1145b5ae95e7bb74a7d9a411d0004a
commit - 4cfcaa1dc85fba5c0672ef2787341ee6cc639979
commit +
On July 8, 2023 11:36:21 AM GMT+03:00, Mark Kettenis
wrote:
>> Date: Sat, 8 Jul 2023 10:10:51 +0200
>> From: Tobias Heider
>>
>> This diff adds request_sleep(), a MI way of sending the machine to sleep in a
>> safe thread. Support is limited to amd64
This diff adds request_sleep(), a MI way of sending the machine to sleep in a
safe thread. Support is limited to amd64, i386 and arm64 at the moment, macppc
is currently an empty stub since it doesn't implement a sleep task (yet).
Once this works, my next plan is adding a Ks_Cmd_Sleep keybinding t
On Fri, Jul 07, 2023 at 02:02:49PM +0200, Alexander Hall wrote:
> On July 7, 2023 12:50:55 PM GMT+02:00, Stefan Sperling wrote:
> >On Fri, Jul 07, 2023 at 12:26:16PM +0200, Tobias Heider wrote:
> >> For bigger changesets I have started experimenting with using got.
> >&g
For bigger changesets I have started experimenting with using got.
I don't like to have the whole tree on disk twice so I keep my got and CVS
checkouts in the same directory.
A downside of this approach is of course that got always lists all the unknown
CVS dirs in got status. Does anything speak a
On Wed, Jul 05, 2023 at 04:53:33PM +0200, Tobias Heider wrote:
> I am planning to restructure the APM/sleep APIs to make it easier to suspend
> from more places like as a suspend keyboard shortcut.
>
> The acpiioctl handler is x86 specific code which is currently built on all
> pla
I am planning to restructure the APM/sleep APIs to make it easier to suspend
from more places like as a suspend keyboard shortcut.
The acpiioctl handler is x86 specific code which is currently built on all
platforms but only hooked up on i386 and amd64. It is also in the way of
my plans, so I'd p
This diff optionally enables the new multi touch mouse button behaviour
for apldcms.
ok?
diff f3d7c2e4ca7de4e46cc3e888ef8fbfe71829307f
63e5d5edf5e8315206aa117b1d3a6be78e7fdd94
commit - f3d7c2e4ca7de4e46cc3e888ef8fbfe71829307f
commit + 63e5d5edf5e8315206aa117b1d3a6be78e7fdd94
blob - 7f4d8fb56f0b9
On Wed, Jun 28, 2023 at 12:03:41AM +0200, Ulf Brosziewski wrote:
> This version of the diff adds a wsconsctl field, named "mouse.tp.
> mtbuttons", and an update to the wsmouse.4 page. Apart from that, it
> contains only stylistic changes.
>
> The new wsconsctl field is just a boolean, I don't thi
On Wed, Jun 28, 2023 at 08:38:16AM +, Gerhard Roth wrote:
> Hi Tobi,
>
> a recent change to iked.c moved the call to daemon() behind proc_init().
> Now iked forks all its children and afterwards daemonizes itself into
> background leaving the kids behind orphaned.
>
> The patch below restores
On Sat, Jun 24, 2023 at 08:40:01PM +0200, Theo Buehler wrote:
> On Sat, Jun 24, 2023 at 08:15:40PM +0200, Omar Polo wrote:
> > while talking about a related matter with tb and jsing, jsing noted
> > that ssl_init() in smtpd is completely useless. All its loading is
> > already done automatically b
On Tue, Jun 13, 2023 at 10:57:06AM +0200, Theo Buehler wrote:
> There are a lot of print_host() calls that have an explicit cast and
> pass NULL, 0 as second and third arguments. This is responsible for a
> lot of awkward line wrapping. The exlicit casts can be avoided by
> using a function with a
On Tue, May 23, 2023 at 03:20:27PM +0200, Claudio Jeker wrote:
> Another mechanical diff. Replace ibuf_advance() with ibuf_reserve().
>
> Again ibuf_advance() just calls ibuf_reserve().
ok too
> --
> :wq Claudio
>
> Index: eap.c
> ===
On Tue, May 23, 2023 at 11:56:18AM +0200, Claudio Jeker wrote:
> There is a lot of duplication in iked's imsg_util.c
> Now here is a minimal diff removing all extra parts added that are not
> needed anymore. The removal of ibuf_zero() depends partially on my
> previous imsg diff.
>
> With my imsg
This patch enables the capslock LED on apple m1/m2 laptops in xenocara.
Console mode was already working by setting the correct accessop, for
X we are missing an ioctl handler.
Only tested on apldc but the aplhidev code looks identical so the fix
should be the same.
Index: apldc.c
===
On Wed, Mar 08, 2023 at 01:37:18AM +0100, Tobias Heider wrote:
> Hi,
>
> I was playing with ps today and noticed that the alignment of everything
> following the "command" keyword seems to be broken currently. An easy way
> to test this is running ps -axo command,uid
Hi,
I was playing with ps today and noticed that the alignment of everything
following the "command" keyword seems to be broken currently. An easy way
to test this is running ps -axo command,uid which gives me a wrongly aligned
uid for some processes:
/usr/X11R6/bin/X35
X: [priv] (Xorg)
On Wed, Mar 01, 2023 at 04:53:00PM +, Stuart Henderson wrote:
> [from misc]
> > > I don't see that in the iked.conf manual. There is some reference to not
> > > using psk in /etc/examples/iked.conf but it's not clear whether that's
> > > because of the need to share a single psk with all endpoi
On Thu, Feb 23, 2023 at 10:25:15AM -0600, joshua stein wrote:
> On Thu, 23 Feb 2023 at 17:05:53 +0100, Tobias Heider wrote:
> > Wow, thank you for looking into this! I've used your version for a few days
> > now and it works really well for me (on a m2 macbook air). I ac
On Tue, Feb 21, 2023 at 08:10:36PM +0100, Ulf Brosziewski wrote:
> This diff is an extension of Tobias Heider's proposal, which aims at
> providing "Apple-like" button inputs on clickpads. I have added some
> things in order to approximate the behaviour of other input drivers.
>
> It's a quick sh
Many of our networking daemons use proc.c to set up processes and ipc. I
couldn't
find two that are actually exactly the same, but it looks like none of them are
ever
using proc_ispeer, so here is a diff to delete it from all of them.
Index: sbin/iked/proc.c
=
Hi,
iked currently enforces an arbitrary limit of only a single remote name
server. As we have found out, a good reason to support more than one
is to have a backup when the connection to that server fails for some
reason.
With the diff below we can support all the name servers we get and
fall b
On Mon, Sep 19, 2022 at 11:16:51AM +0200, Ulf Brosziewski wrote:
> Is there enough interest in this feature among OpenBSD users? I haven't
> seen many requests for it, if any. Moreover, is it a good idea to configure
> different input methods on this or that hardware just because another OS
> has
On Sat, Jan 14, 2023 at 04:29:04PM +1100, Damien Miller wrote:
>
>
> On Fri, 13 Jan 2023, Damien Miller wrote:
>
> > Hi,
> >
> > Forewarning: this is a big, noisy diff. Also on Github at
> > https://github.com/djmdjm/openssh-wip/pull/18
> >
> > This updates the ED25519 code to the latest versi
We have released OpenIKED 7.2, which will be arriving in the
OpenIKED directory of your local OpenBSD mirror soon.
This release includes the following changes to the previous release:
* Added iked connection statistics counters that can be viewed with
'ikectl show stats'
* Added support
This is the boilerplate code to route lid_action through to aplsmc(4) which I
previously sent as part of another diff. Depending on how we are going to use
it, the aplsmc(4) part might need a bit of refinement to distinguish between
LID_OPEN/CLOSE events.
Index: arch/arm64/arm64/acpi_machdep.c
=
On Thu, Nov 24, 2022 at 08:36:48PM +0100, Mark Kettenis wrote:
> > Date: Thu, 24 Nov 2022 19:04:03 +0100
> > From: Tobias Heider
> >
> > The diff below disables the screen backlight on apple silicon macs when the
> > lid is closed.
>
> Can we distinguish l
The diff below disables the screen backlight on apple silicon macs when the
lid is closed.
Normally, we suspend or hibernate depending on the value of machdep.lid_action.
Since suspend doesn't work reliably yet I think this is a good intermediate
solution to save some power while the laptop is idl
On Mon, Nov 21, 2022 at 03:09:25PM +, Klemens Nanni wrote:
> On Mon, Nov 21, 2022 at 03:42:37PM +0100, Tobias Heider wrote:
> > Here is a more cleaned up version of the previous diff. I moved all the
> > firmware logic to a new write_firmware() function. This should be easy
&
On Sat, Nov 19, 2022 at 08:27:18PM +0100, Tobias Heider wrote:
> On Sat, Nov 19, 2022 at 07:25:52PM +0100, Mark Kettenis wrote:
> > > Date: Sat, 19 Nov 2022 18:44:19 +0100
> > > From: Tobias Heider
> > >
> > > On Sat, Nov 19, 2022 at 06:33:51PM +0100, Mark
On Sat, Nov 19, 2022 at 07:25:52PM +0100, Mark Kettenis wrote:
> > Date: Sat, 19 Nov 2022 18:44:19 +0100
> > From: Tobias Heider
> >
> > On Sat, Nov 19, 2022 at 06:33:51PM +0100, Mark Kettenis wrote:
> > > > Date: Sat, 19 Nov 2022 18:26:36 +0100
> > >
On Sat, Nov 19, 2022 at 06:33:51PM +0100, Mark Kettenis wrote:
> > Date: Sat, 19 Nov 2022 18:26:36 +0100
> > From: Tobias Heider
> >
> > Here is the promised last diff we need to enable Apple M* bootloader
> > updates.
> >
> > With this, installbo
Here is the promised last diff we need to enable Apple M* bootloader updates.
With this, installboot(8) will pick up apple-boot.bin from the firmware
directory and writes it to $ESP/m1n1/boot.bin if both file and target
directory exist.
Creation of the m1n1/ directory is expected to happen during
Hi all,
we are working on automated bootloader and device-tree updates for Apple
Silicon machines. This is necessary because both drivers and device trees
are moving targets and without a way to update both we end up in situations
where drivers suddenly stop working.
All of the fw_update(8) infr
On Tue, Nov 08, 2022 at 11:06:43AM -0700, Todd C. Miller wrote:
> On Tue, 08 Nov 2022 18:33:48 +0100, Tobias Heider wrote:
>
> > If ain == NULL then a points to newly malloced memory which should be
> > freed when BN_bin2bn() fails.
>
> We don't have an "ain&quo
nm.a is initialized to NULL until it gets alloced by x509_name_ex_new().
The following 'goto err' should free nm.a before returning.
ok?
Index: asn1/x_name.c
===
RCS file: /cvs/src/lib/libcrypto/asn1/x_name.c,v
retrieving revision 1.
If ain == NULL then a points to newly malloced memory which should be
freed when BN_bin2bn() fails.
ok?
Index: bn/bn_mpi.c
===
RCS file: /cvs/src/lib/libcrypto/bn/bn_mpi.c,v
retrieving revision 1.8
diff -u -p -r1.8 bn_mpi.c
--- bn/bn
Same diff as for RSA_print(). Old version leaks when EVP_PKEY_set1_DSA()
fails.
ok?
Index: dsa/dsa_prn.c
===
RCS file: /cvs/src/lib/libcrypto/dsa/dsa_prn.c,v
retrieving revision 1.6
diff -u -p -r1.6 dsa_prn.c
--- dsa/dsa_prn.c
If EVP_PKEY_set1_RSA() returns 0 we seem leak pk here.
ok?
Index: rsa/rsa_prn.c
===
RCS file: /cvs/src/lib/libcrypto/rsa/rsa_prn.c,v
retrieving revision 1.7
diff -u -p -r1.7 rsa_prn.c
--- rsa/rsa_prn.c 29 Jan 2017 17:49:23 -000
On Sun, Sep 18, 2022 at 02:21:06PM +0200, Tobias Heider wrote:
> Hi,
>
> the diff below adds a new mouse type WSMOUSE_TYPE_APPLE which emulates Apples
> touchpad behaviour. Instead of mapping soft-buttons to an area on the pad,
> the different mouse buttons are mapped to sin
Hi,
the diff below adds a new mouse type WSMOUSE_TYPE_APPLE which emulates Apples
touchpad behaviour. Instead of mapping soft-buttons to an area on the pad,
the different mouse buttons are mapped to single-finger, two-finger and
three-finger clicks as is the default in macos.
The diff enables th
file mode 100644
index 000..f9774df20f2
--- /dev/null
+++ sys/dev/fdt/gpiobl.c
@@ -0,0 +1,127 @@
+/* $OpenBSD$ */
+/*
+ * Copyright (c) 2022 Tobias Heider
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted
On Wed, Sep 14, 2022 at 11:56:48AM +, Miod Vallat wrote:
> > Hey,
> >
> > the diff below adds FN key combos for Page Up, Page Down and some more
> > on the M2 keyboard. Most of the logic was copied from ukbd.
>
> This means most of the munging logic should move from ukbd into hidkbd,
> but t
Hey,
the diff below adds FN key combos for Page Up, Page Down and some more
on the M2 keyboard. Most of the logic was copied from ukbd.
This makes scrolling tmux a lot more fun.
ok?
diff --git a/sys/arch/arm64/dev/apldc.c b/sys/arch/arm64/dev/apldc.c
index 82a17df59b5..a4db46d8a92 100644
--- a/
Hi,
we currently generate one pair of 2048 bit RSA keys for isakmpd and iked by
default on new installations. In 2022 this seems a little outdated and iked
has had proper support for EC keys for quite some time now, so I propose we
switch to P-256 ECDSA keys by default.
It looks like isakmpd
On Wed, Jun 22, 2022 at 01:02:17PM +, Sibar Soumi wrote:
> Dear OpenBSD developers
>
>
>
> I would like to report an error in iked.
>
>
>
> The error occurs with the processing logic in case of simultaneous Child SA
> rekeying. That is, by simultaneous rekeying, two Child SAs are creat
On Sat, May 28, 2022 at 03:17:07PM +0200, Gerhard Roth wrote:
> Hi,
>
> since there's a 'sa_free(sa)' followed by a 'continue' a few lines down
> from the RB_FOREACH(), we must use RB_FOREACH_SAFE() instead.
>
> Gerhard
ok tobhe@
>
>
> Index: sbin/iked/ikev2.c
> ==
We have released OpenIKED 7.1, which will be arriving in the
OpenIKED directory of your local OpenBSD mirror soon.
This release includes the following changes to the previous release:
* Added 'ikectl show certinfo' command to print loaded CAs and certificates
* Improved IKEv2 Message Fragmen
On Sat, May 21, 2022 at 12:51:19PM +0100, Stuart Henderson wrote:
> On 2022/05/21 13:44, Tobias Heider wrote:
> > On Fri, May 20, 2022 at 03:41:12PM +0100, Stuart Henderson wrote:
> > > I ran into problems with Apple clients failing to connect to
> > > iked afte
On Fri, May 20, 2022 at 03:41:12PM +0100, Stuart Henderson wrote:
> I ran into problems with Apple clients failing to connect to
> iked after updating a machine to 7.1, introduced by
> https://github.com/openbsd/src/commit/e3f5cf2ee26929d75dc2df9e86d97c36b2a94268
>
> spi=0xac3d46687441f957: recv I
On Fri, May 14, 2021 at 09:23:02PM +0100, Stuart Henderson wrote:
> On 2021/05/14 21:14, Tobias Heider wrote:
> > On Thu, May 13, 2021 at 02:39:37PM +0900, Katsuhiro Ueno wrote:
> > > Hi,
> > >
> > > I would be happy if iked(8) supports intermediate CAs an
Hey,
it looks like in sshkey_save_public() the same fd will be closed twice
if the first fclose() returns something other than 0.
The patch below should make sure everything only gets closed once.
I moved the close() call and refactored a bit to improve readability.
Index: authfile.c
===
On Tue, Mar 08, 2022 at 08:17:13PM +0100, Alexander Bluhm wrote:
> Hi,
>
> In IPsec policy replace integer refcount with atomic refcount.
>
> It is a bit strange that ipo_refcnt is never taken, but let's go
> towards MP safety in small steps.
>
> ok?
>
> bluhm
ok tobhe@
>
> Index: net/pfkeyv
On Mon, Feb 14, 2022 at 12:00:24PM +1100, Jonathan Gray wrote:
> On Sun, Feb 13, 2022 at 03:17:27PM +0100, Theo Buehler wrote:
> > On Sun, Feb 13, 2022 at 02:30:21PM +0100, Tobias Heider wrote:
> > > OF_getproplen() will return -1 if "reset-gpios" is not found which
&g
00..c011cb1cffe
--- /dev/null
+++ sys/arch/armv7/marvell/mvodog.c
@@ -0,0 +1,99 @@
+/* $OpenBSD$ */
+/*
+ * Copyright (c) 2022 Tobias Heider
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the abo
OF_getproplen() will return -1 if "reset-gpios" is not found which
currently causes a panic:
panic: malloc: allocation too large, type = 2, size = 4294967295
Below is a fix.
ok?
Index: mvpcie.c
===
RCS file: /mount/openbsd/cvs/src/
Hey,
I'm trying to get the Turris Omnia running and one thing missing
is a driver for the armada-380-wdg. We already have a similar driver
called mvdog(4) that currently only supports the armada-3700 watchdog.
The diff below adds support for disabling the armada-380-wdg.
ok?
Index: mvdog.c
Hi,
clang ships with a pretty useful static analyzer to find all kinds of bugs
in C and C++ code:
https://clang-analyzer.llvm.org/
I use it regularly to check my own diffs and found plenty of bugs I could
have missed otherwise. While we have the code in base we don't actually
build it into our
On Mon, Jan 10, 2022 at 04:20:36PM +0100, Stefan Sperling wrote:
> On Mon, Jan 10, 2022 at 03:50:45PM +0100, Tobias Heider wrote:
> > Makes sense. I also fixed the one in sdmmc_mem_send_cxd_data().
>
> Doesn't build here, there a few errors like this:
>
> /usr/src/sys/d
On Mon, Jan 10, 2022 at 02:39:58PM +, Visa Hankala wrote:
> On Mon, Jan 10, 2022 at 03:21:49PM +0100, Tobias Heider wrote:
> > On Mon, Jan 10, 2022 at 01:41:53PM +, Visa Hankala wrote:
> > > On Mon, Jan 10, 2022 at 01:12:10PM +0100, Tobias Heider wrote:
> > > &
On Mon, Jan 10, 2022 at 11:00:52AM +0100, Stefan Sperling wrote:
> Ping. I have had zero feedback on this so far. Anyone?
Makes sense, I remember that part of the code making problems before.
ok tobhe.
>
> On Tue, Jan 04, 2022 at 02:35:52PM +0100, Stefan Sperling wrote:
> > The function ieee8021
On Mon, Jan 10, 2022 at 01:41:53PM +, Visa Hankala wrote:
> On Mon, Jan 10, 2022 at 01:12:10PM +0100, Tobias Heider wrote:
> > sdmmc_mem_send_scr() tries to malloc() with M_NOWAIT and returns 0 on
> > error, which leads to sdmmc_mem_sd_init() passing uninitialized stac
sdmmc_mem_send_scr() tries to malloc() with M_NOWAIT and returns 0 on
error, which leads to sdmmc_mem_sd_init() passing uninitialized stack
memory to sdmmc_mem_decode_scr().
The diff below makes sdmmc_mem_send_scr() return ENOMEM if malloc fails.
ok?
diff --git a/sys/dev/sdmmc/sdmmc_mem.c b/sys/
Hey,
tb@ noticed that we do a lot of redundant explicit NULL checks before
calling libcrypto *_free() functions. A few of the free() calls can also
be avoided by using X509_get0_pubkey() instead of X509_get_pubkey().
ok?
Index: ca.c
==
Hi,
the diff below adds tdb_delete_locked() for use in pfkeyv2_sa_flush().
This way we won't have to worry about keeping the inline code and
tdb_delete() in sync.
ok?
Index: net/pfkeyv2.c
===
RCS file: /cvs/src/sys/net/pfkeyv2.c,v
r
On Fri, Nov 26, 2021 at 01:17:22AM +0300, Vitaliy Makkoveev wrote:
> On Thu, Nov 25, 2021 at 10:59:25PM +0100, Alexander Bluhm wrote:
> > On Thu, Nov 25, 2021 at 05:13:16PM +0100, Tobias Heider wrote:
> > > Now with the missing parts from pfkeyv2.c as noticed by Hrvoje.
> >
On Thu, Nov 25, 2021 at 03:50:29PM +0100, Tobias Heider wrote:
> As discussed in the previous thread we can simplify the tdb cleanup
> code by removing the TDBF_DELETED flag and instead checking if the
> tdb was already unlinked.
>
> ok?
>
Now with the missing parts from pfkey
As discussed in the previous thread we can simplify the tdb cleanup
code by removing the TDBF_DELETED flag and instead checking if the
tdb was already unlinked.
ok?
Index: ip_ipsp.c
===
RCS file: /cvs/src/sys/netinet/ip_ipsp.c,v
retr
On Wed, Nov 24, 2021 at 03:52:26PM +0100, Alexander Bluhm wrote:
> On Wed, Nov 24, 2021 at 05:12:36PM +0300, Vitaliy Makkoveev wrote:
> > Understood. But his means we encoded double unref when we calling
> > tdb_unref() just after tdb_delete(tdb). To me it looks better to avoid
> > this and rework
On Tue, Nov 23, 2021 at 02:18:26PM +0100, Alexander Bluhm wrote:
> On Tue, Nov 23, 2021 at 06:54:59AM +0100, Hrvoje Popovski wrote:
> > after 24 hours hitting sasyncd setup one box panic
>
> Thanks for testing.
>
> I have reduced my iked lifetime to about 10 seconds and got the
> same panic on my
We have released OpenIKED 7.0, which will be arriving in the
OpenIKED directory of your local OpenBSD mirror soon.
This release includes the following changes to the previous release:
* Added client-side support for DNS configuration via
OpenBSD resolvd(8) and systemd-resolved(8)
* Added
On Wed, Nov 03, 2021 at 02:55:11PM +0900, YASUOKA Masahiko wrote:
> Hi,
>
> On Tue, 2 Nov 2021 07:03:43 +
> Jason McIntyre wrote:
> > On Tue, Nov 02, 2021 at 12:02:07PM +0900, YASUOKA Masahiko wrote:
> >> I'd like to clarify "aes" in ipsec.conf accepts 128:256 bits.
> >>
> >> sbin/ipsecctl/i
1 - 100 of 260 matches
Mail list logo