Include in crypt_checkpass.3
The man-page crypt_checkpass.3 makes a reference to the constant '_PASSWORD_LEN' which is defined in but doesn't say so. Index: lib/libc/crypt/crypt_checkpass.3 === RCS file: /cvs/src/lib/libc/crypt/crypt_checkpass.3,v retrieving revision 1.12 diff -u -p -u -p -r1.12 crypt_checkpass.3 --- lib/libc/crypt/crypt_checkpass.329 Jul 2019 23:14:06 - 1.12 +++ lib/libc/crypt/crypt_checkpass.329 Oct 2021 06:52:05 - @@ -22,6 +22,7 @@ .Nm crypt_newhash .Nd password hashing .Sh SYNOPSIS +.In pwd.h .In unistd.h .Ft int .Fn crypt_checkpass "const char *password" "const char *hash"
acme-client(1): Fix misleading comment
While auditing acme-client(1) I have noticed that the source code still
makes references to curl.
Apparently acme-client(1) used curl for HTTP transfers up until this
commit:
https://github.com/kristapsdz/acme-client/commit/d9d2382d5ebfa9dc6c3c086c1acf0e905d389fbc
The following diff should solve it:
Index: usr.sbin/acme-client/netproc.c
===
RCS file: /cvs/src/usr.sbin/acme-client/netproc.c,v
retrieving revision 1.30
diff -u -p -u -p -r1.30 netproc.c
--- usr.sbin/acme-client/netproc.c 12 Jul 2021 15:09:20 - 1.30
+++ usr.sbin/acme-client/netproc.c 24 Aug 2021 06:47:42 -
@@ -33,7 +33,7 @@
#define RETRY_MAX 10
/*
- * Buffer used when collecting the results of a CURL transfer.
+ * Buffer used when collecting the results of an http transfer.
*/
struct buf {
char*buf; /* binary buffer */
@@ -41,7 +41,7 @@ structbuf {
};
/*
- * Used for CURL communications.
+ * Used for communication with other processes.
*/
struct conn {
const char*newnonce; /* nonce authority */
Replace .Ar macros with .Fa in pledge.2
The pledge.2 man-page makes use of the incorrect .Ar macro which is not intended for manuals in section 2 as .Fa exists for that purpose. Similar to 1.18 in /cvs/src/lib/libm/man/sqrt.3 Index: pledge.2 === RCS file: /cvs/src/lib/libc/sys/pledge.2,v retrieving revision 1.60 diff -u -p -u -p -r1.60 pledge.2 --- pledge.217 Jul 2020 16:40:26 - 1.60 +++ pledge.230 Jun 2021 17:02:04 - @@ -33,9 +33,9 @@ management, read-write operations on fil and networking. In general, these modes were selected by studying the operation of many programs using libc and other such interfaces, and setting -.Ar promises +.Fa promises or -.Ar execpromises . +.Fa execpromises . .Pp Use of .Fn pledge @@ -60,7 +60,7 @@ with the flag. .Pp A -.Ar promises +.Fa promises value of .Qq \& restricts the process to the @@ -72,9 +72,9 @@ with another process. Passing .Dv NULL to -.Ar promises +.Fa promises or -.Ar execpromises +.Fa execpromises specifies to not change the current value. .Pp Some system calls, when allowed, have restrictions applied to them: @@ -136,9 +136,9 @@ and any files below .Pa /usr/share/zoneinfo . .It Fn pledge : Can only reduce permissions for -.Ar promises +.Fa promises and -.Ar execpromises . +.Fa execpromises . .It Xr sysctl 2 : A small set of read-only operations are allowed, sufficient to support: @@ -150,7 +150,7 @@ and system sensor readings. .El .Pp The -.Ar promises +.Fa promises argument is specified as a string, with space separated keywords: .Bl -tag -width "prot_exec" -offset indent .It Va stdio @@ -464,7 +464,7 @@ Coupled with the .Va proc promise, this allows a process to fork and execute another program. If -.Ar execpromises +.Fa execpromises has been previously set the new program begins with those promises, unless setuid/setgid bits are set in which case execution is blocked with .Er EACCES . @@ -596,12 +596,12 @@ Rather than killing the process upon vio Also when .Fn pledge is called with higher -.Ar promises +.Fa promises or -.Ar execpromises , +.Fa execpromises , those changes will be ignored and return success. This is useful when a parent enforces -.Ar execpromises +.Fa execpromises but an execve'd child has a different idea. .El .Sh RETURN VALUES @@ -611,12 +611,12 @@ but an execve'd child has a different id will fail if: .Bl -tag -width Er .It Bq Er EFAULT -.Ar promises +.Fa promises or -.Ar execpromises +.Fa execpromises points outside the process's allocated address space. .It Bq Er EINVAL -.Ar promises +.Fa promises is malformed or contains invalid keywords. .It Bq Er EPERM This process is attempting to increase permissions.
More use of mdoc macros in sqrt.3
This diff inserts an .Fa to the places where it belongs to as well as an .Er for EDOM. Index: lib/libm/man/sqrt.3 === RCS file: /cvs/src/lib/libm/man/sqrt.3,v retrieving revision 1.17 diff -u -p -u -p -r1.17 sqrt.3 --- lib/libm/man/sqrt.3 8 Feb 2020 01:09:57 - 1.17 +++ lib/libm/man/sqrt.3 29 Jun 2021 13:36:28 - @@ -57,7 +57,7 @@ The .Fn cbrt function computes the cube root of -.Ar x . +.Fa x . The .Fn cbrtf function is a single precision version of @@ -70,7 +70,8 @@ function is an extended precision versio The .Fn sqrt function computes -the non-negative square root of x. +the non-negative square root of +.Fa x . The .Fn sqrtf function is a single precision version of @@ -80,14 +81,17 @@ The function is an extended precision version of .Fn sqrt . .Sh RETURN VALUES -If x is negative, +If +.Fa x +is negative, .Fn sqrt "x" , .Fn sqrtf "x" and .Fn sqrtl "x" set the global variable .Va errno -to EDOM. +to +.Er EDOM . .Sh HISTORY A .Fn sqrt
Extend history for getpagesize(3)
The man page for the obsolete function getpagesize(3) still lacks information regarding its removal (and existance) in SUS. This diff makes this more clear. Index: lib/libc/gen/getpagesize.3 === RCS file: /cvs/src/lib/libc/gen/getpagesize.3,v retrieving revision 1.11 diff -u -p -u -p -r1.11 getpagesize.3 --- lib/libc/gen/getpagesize.3 5 Jun 2013 03:39:22 - 1.11 +++ lib/libc/gen/getpagesize.3 22 May 2021 14:42:55 - @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd $Mdocdate: June 5 2013 $ +.Dd $Mdocdate: May 22 2021 $ .Dt GETPAGESIZE 3 .Os .Sh NAME @@ -61,5 +61,9 @@ hardware page size. .Sh HISTORY The .Fn getpagesize -function call appeared in +function call first appeared in .Bx 4.2 . +It was part of the +.St -susv2 +as a legacy feature and was removed in +.St -susv3 .
Correct name for size_t argument in strlcpy.3
Hello tech@, currently the man-page for strlcpy(3) and strlcat(3) calls the third argument for those functions "dstsize" whereas the C source code calls it "dsize". This patch addresses this issue by renaming it to "dsize" to keep coherency between the man-page and the source code. diff --git a/lib/libc/string/strlcpy.3 b/lib/libc/string/strlcpy.3 index a14145e199f..7e0a6379638 100644 --- a/lib/libc/string/strlcpy.3 +++ b/lib/libc/string/strlcpy.3 @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: January 25 2019 $ +.Dd $Mdocdate: April 30 2021 $ .Dt STRLCPY 3 .Os .Sh NAME @@ -24,9 +24,9 @@ .Sh SYNOPSIS .In string.h .Ft size_t -.Fn strlcpy "char *dst" "const char *src" "size_t dstsize" +.Fn strlcpy "char *dst" "const char *src" "size_t dsize" .Ft size_t -.Fn strlcat "char *dst" "const char *src" "size_t dstsize" +.Fn strlcat "char *dst" "const char *src" "size_t dsize" .Sh DESCRIPTION The .Fn strlcpy @@ -47,17 +47,17 @@ and take the full size of the destination buffer and guarantee NUL-termination if there is room. Note that room for the NUL should be included in -.Fa dstsize . +.Fa dsize . .Pp .Fn strlcpy copies up to -.Fa dstsize +.Fa dsize \- 1 characters from the string .Fa src to .Fa dst , NUL-terminating the result if -.Fa dstsize +.Fa dsize is not 0. .Pp .Fn strlcat @@ -66,17 +66,17 @@ appends string to the end of .Fa dst . It will append at most -.Fa dstsize +.Fa dsize \- strlen(dst) \- 1 characters. It will then NUL-terminate, unless -.Fa dstsize +.Fa dsize is 0 or the original .Fa dst string was longer than -.Fa dstsize +.Fa dsize (in practice this should not happen as it means that either -.Fa dstsize +.Fa dsize is incorrect or that .Fa dst is not a proper string). @@ -121,7 +121,7 @@ the length of .Pp If the return value is .Cm >= -.Va dstsize , +.Va dsize , the output string has been truncated. It is the caller's responsibility to handle this. .Sh EXAMPLES
Re: mg: minibuffer anomaly
I consider the name "null" for a goto section as too misleading.
I would prefer something like "nokey" or "skipkey".
Cheers,
Emil Engler
On Thu, Feb 25, 2021 at 07:40:01PM +, Mark Lumsden wrote:
> I was testing mg's goto-line function via the minibuffer (M-x goto-line) and
> I just kept my finger on the '0' key. After a brief time '0's started
> appearing in the main buffer, where the cursor had been. For a second I
> thought there had been an issue with memory allocation but after looking at
> the code I see what happens is when the memory allocated to the minibuffer
> fills up, a message "Line too long." should show in the minibuffer. It
> probably did, but since I was pressing the '0' key it disappeared instantly
> and I didn't realise that mg had tried to inform me of my error. mg then
> continued to accept my '0's as normal input.
>
> This diff soaks up the user input while the the maximum character length
> boundary is crossed in the minbuffer and allows the user to see the error
> message and respond accordingly.
>
> There may be other ways to handle this situation (like not pressing the '0'
> key so many times) but I think having mg do something is better than
> it *seemingly* not do anything. Any suggestions/preferences/better
> solutions?
>
> Mark
>
> Index: echo.c
> ===
> RCS file: /cvs/src/usr.bin/mg/echo.c,v
> retrieving revision 1.66
> diff -u -p -u -p -r1.66 echo.c
> --- echo.c24 Oct 2016 17:18:42 - 1.66
> +++ echo.c25 Feb 2021 19:06:21 -
> @@ -336,8 +336,8 @@ veread(const char *fp, char *buf, size_t
> }
> if (!dynbuf && epos + 1 >= nbuf) {
> dobeep();
> - ewprintf("Line too long");
> - return (emptyval);
> + ewprintf("Line too long. Press Enter.");
> + goto null;
> }
> for (t = epos; t > cpos; t--)
> buf[t] = buf[t - 1];
> @@ -492,8 +492,8 @@ veread(const char *fp, char *buf, size_t
> }
> if (!dynbuf && epos + 1 >= nbuf) {
> dobeep();
> - ewprintf("Line too long");
> - return (emptyval);
> + ewprintf("Line too long. Press Enter.");
> + goto null;
> }
> for (i = epos; i > cpos; i--)
> buf[i] = buf[i - 1];
> @@ -507,6 +507,9 @@ veread(const char *fp, char *buf, size_t
> ttmove(rr, cc);
> ttflush();
> }
> +
> +null:/* soak up any continuing key strokes */
> +;
> }
> done:
> if (cwin == TRUE) {
>
Re: usb_init_task(9): correct type
On 1/16/21 8:00 AM, Anton Lindqvist wrote: Hi, The usb_init_task(9) macro accepts a `struct usb_task'. If it's macro, is it even correct to show the types it accepts in it's "prototype"? Other parts of the documentation (kqueue(2) EV_SET for example) leave all types out.
Re: ldapd warning
It can overflow! Please check for the positivity and width of size_t before! Cheers, Emil On 11/28/20 11:20 PM, Theo Buehler wrote: /usr/src/usr.sbin/ldapd/util.c:46:21: warning: comparison of integers of different signs: 'int' and 'size_t' (aka 'unsigned long') [-Wsign-compare] if (ret < 0 || ret >= size) ~~~ ^ This has been around for a while. I forgot that I had this patch in my tree. Index: util.c === RCS file: /cvs/src/usr.sbin/ldapd/util.c,v retrieving revision 1.12 diff -u -p -r1.12 util.c --- util.c 24 Oct 2019 12:39:26 - 1.12 +++ util.c 4 Aug 2020 07:14:33 - @@ -43,7 +43,7 @@ bsnprintf(char *str, size_t size, const va_start(ap, format); ret = vsnprintf(str, size, format, ap); va_end(ap); - if (ret < 0 || ret >= size) + if (ret < 0 || (size_t)ret >= size) return 0; return 1;
Re: Typo fix in nsd.conf.5.in
I think "ease of compatibility" was meant I personally would keep it that way but thanks for the nice catch! Cheers, Emil On 11/27/20 11:44 AM, Eddie Thieda wrote: Hello, Here's a small typo fix, url included if text gets mangled. http://ix.io/2FEF --- nsd.conf.5.in Tue Oct 13 06:06:08 2020 +++ nsd.conf.5.in2 Fri Nov 27 05:35:17 2020 @@ -161,7 +161,7 @@ anycast instances. Use ip-transparent to be able to l turn on later (typical for certain load-balancing). .TP .B interface:\fR [@port] [servers] [bindtodevice] [setfib] -Same as ip\-address (for easy of compatibility with unbound.conf). +Same as ip\-address (for easy compatibility with unbound.conf). .TP .B ip\-transparent:\fR Allows NSD to bind to non local addresses. This is useful to have NSD
[PATCH]: Return 505 when receiving a HTTP/0.9 request
The HTTP/1.1 specification says that we MUST implement HTTP/0.9 which we
don't do. We also fail to provide the correct error message if we
receive such a request. Here is a patch which will return a 505 error
instead of a 400 error if we receive no HTTP version which is the
indicator that this is an HTTP/0.9 request.
Cheers,
Emil
Index: usr.sbin/httpd/server_http.c
===
RCS file: /cvs/src/usr.sbin/httpd/server_http.c,v
retrieving revision 1.142
diff -u -p -u -p -r1.142 server_http.c
--- usr.sbin/httpd/server_http.c29 Oct 2020 12:30:52 -
1.142
+++ usr.sbin/httpd/server_http.c22 Nov 2020 16:42:18 -
@@ -313,7 +313,7 @@ server_read_http(struct bufferevent *bev
desc->http_version = strchr(desc->http_path, ' ');
if (desc->http_version == NULL) {
- server_abort_http(clt, 400, "malformed");
+ server_abort_http(clt, 505, "HTTP
Version Not Supported");
goto abort;
}
[PATCH]: Fix unclear man page of acpidump(8)
The man page of acpidump(8) says that "kern.allowkmem" must be set to some value in order for the program to work properly. However it does not define to what value it must be set. I am not certainly sure if there are other options between 0 and 1 but if so the man page should be fixed anyway with these options IMO. Cheers, Emil Index: usr.sbin/acpidump/acpidump.8 === RCS file: /cvs/src/usr.sbin/acpidump/acpidump.8,v retrieving revision 1.18 diff -u -p -u -p -r1.18 acpidump.8 --- usr.sbin/acpidump/acpidump.81 Jun 2017 12:26:14 - 1.18 +++ usr.sbin/acpidump/acpidump.822 Nov 2020 16:21:01 - @@ -68,8 +68,9 @@ $ iasl -d .. .Nm requires the ability to open .Pa /dev/kmem -which may be restricted based upon the value of the +which requires .Ar kern.allowkmem +to be set to 1 by .Xr sysctl 8 . .Pp .Nm
[PATCH]: Clearer documentation when using EVFILT_EXCEPT
Currently it isn't mentioned that a socket is required when using EVFILT_EXCEPT with NOTE_OOB. To some experienced users it might be clear that it must be a socket but I don't think an additional word would hurt anyone. Index: lib/libc/sys/kqueue.2 === RCS file: /cvs/src/lib/libc/sys/kqueue.2,v retrieving revision 1.42 diff -u -p -u -p -r1.42 kqueue.2 --- lib/libc/sys/kqueue.2 22 Jun 2020 13:42:06 - 1.42 +++ lib/libc/sys/kqueue.2 13 Nov 2020 10:46:44 - @@ -315,7 +315,8 @@ Takes a descriptor as the identifier, an specified exceptional conditions has occurred on the descriptor. Conditions are specified in .Fa fflags . -Currently, a filter can monitor the reception of out-of-band data with +Currently, a filter can monitor the reception of out-of-band data on a +socket with .Dv NOTE_OOB . .It Dv EVFILT_WRITE Takes a descriptor as the identifier, and returns whenever
Re: [PATCH]: Add a check for upgrade feature to sysupgrade(8)
Indeed, it will still download and install it. It is unsuitable because after the mail was sent it can already be too late and it can take lots of network bandwidth. This can be problematic for various reasons. On 2020-08-03 15:10, Stuart Henderson wrote: > On 2020/08/03 13:50, Solene Rapenne wrote: >> On Mon, 3 Aug 2020 13:28:38 +0200 >> Emil Engler : >> >>> ## Abstract >>> This patch adds an argument to sysupgrade(8) which makes it possible >>> to check if an upgrade is available, similar to "syspatch -c". >>> This works both, for snapshots and releases. >>> >>> ## Usage >>> Add "-c" to sysupgrade. >>> If the script exits with a zero, an upgrade is available. If it fails >>> you are already on the newest version or an upgrade cannot be pulled >>> for whatever reason. >>> >>> ## Motivation >>> I want a cronjob on my desktop (which is on -current) that checks >>> regularly if a new snapshot is available and notifies me if this is >>> the case. syspatch(8) already has such a feature, so why not add >>> one to sysupgrade? Also it could be useful on -stable and -release >>> systems. >> >> it seems to me you could use this in your crontab >> >> sysupgrade -n | grep "Already on last snapshot" || sh >> send_mail_new_snasphot.sh >> > > That won't just check, it will stage the release for install on next boot. >
[PATCH]: Add a check for upgrade feature to sysupgrade(8)
## Abstract
This patch adds an argument to sysupgrade(8) which makes it possible
to check if an upgrade is available, similar to "syspatch -c".
This works both, for snapshots and releases.
## Usage
Add "-c" to sysupgrade.
If the script exits with a zero, an upgrade is available. If it fails
you are already on the newest version or an upgrade cannot be pulled
for whatever reason.
## Motivation
I want a cronjob on my desktop (which is on -current) that checks
regularly if a new snapshot is available and notifies me if this is
the case. syspatch(8) already has such a feature, so why not add
one to sysupgrade? Also it could be useful on -stable and -release
systems.
## Notes
This was already brought up a year ago by Andrew Klaus, however it
got no feedback at all. Also this diff is a smaller one.
The Message-ID of that patch:
c714aaea-208a-346f-9d83-20e590888fb1
Feedback and thoughts?
Index: usr.sbin/sysupgrade/sysupgrade.8
===
RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.8,v
retrieving revision 1.10
diff -u -p -u -p -r1.10 sysupgrade.8
--- usr.sbin/sysupgrade/sysupgrade.83 Oct 2019 12:43:58 - 1.10
+++ usr.sbin/sysupgrade/sysupgrade.83 Aug 2020 10:44:53 -
@@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: October 3 2019 $
+.Dd $Mdocdate: August 3 2020 $
.Dt SYSUPGRADE 8
.Os
.Sh NAME
@@ -22,7 +22,7 @@
.Nd upgrade system to the next release or a new snapshot
.Sh SYNOPSIS
.Nm
-.Op Fl fkn
+.Op Fl fknc
.Op Fl r | s
.Op Ar installurl
.Sh DESCRIPTION
@@ -60,6 +60,9 @@ By default they will be deleted after th
Fetch and verify the files and create
.Pa /bsd.upgrade
but do not reboot.
+.It Fl c
+Check if there is an upgrade available. It will succeed if a new version
+is available or will fail if not.
.It Fl r
Upgrade to the next release.
This is the default if the system is currently running a release.
Index: usr.sbin/sysupgrade/sysupgrade.sh
===
RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v
retrieving revision 1.39
diff -u -p -u -p -r1.39 sysupgrade.sh
--- usr.sbin/sysupgrade/sysupgrade.sh 4 Jul 2020 18:30:46 - 1.39
+++ usr.sbin/sysupgrade/sysupgrade.sh 3 Aug 2020 10:44:53 -
@@ -34,7 +34,7 @@ ug_err()
usage()
{
- ug_err "usage: ${0##*/} [-fkn] [-r | -s] [installurl]"
+ ug_err "usage: ${0##*/} [-fknc] [-r | -s] [installurl]"
}
unpriv()
@@ -75,12 +75,14 @@ SNAP=false
FORCE=false
KEEP=false
REBOOT=true
+CHECK=false
-while getopts fknrs arg; do
+while getopts fkncrs arg; do
case ${arg} in
f) FORCE=true;;
k) KEEP=true;;
n) REBOOT=false;;
+ c) CHECK=true;;
r) RELEASE=true;;
s) SNAP=true;;
*) usage;;
@@ -146,6 +148,14 @@ rm SHA256.sig
if cmp -s /var/db/installed.SHA256 SHA256 && ! $FORCE; then
echo "Already on latest snapshot."
+ if $CHECK; then
+ exit 1
+ fi
+ exit 0
+fi
+
+if $CHECK; then
+ echo "Upgrade is available"
exit 0
fi
