On Tue, 17 May 2016, Henning Brauer wrote:
> > What about systems with net.inet6.ip6.v6only=0?
>
> Those haven't been taken into consideration by yours truly and might be
> the compelling argument to have this code :)
That sysctl isn't hooked up to anything, it should be removed.
(compare
On Sun, May 15, 2016 at 11:52:18AM +0200, Matthieu Herrb wrote:
> On Sun, May 15, 2016 at 06:45:54PM +1000, Jonathan Gray wrote:
> > On Sun, May 15, 2016 at 10:01:49AM +0200, Matthieu Herrb wrote:
> > > On Sat, May 14, 2016 at 01:30:08PM +1000, Jonathan Gray wrote:
> > > > Still looking for some
Add some missing body tags using the standard colors.
Also set the background color in the footer table cell on the main page.
Tim.
Index: crypto.html
===
RCS file: /cvs/www/crypto.html,v
retrieving revision 1.149
diff -u -p -r1.149
On Tue, May 17, 2016 at 02:02:37AM +0200, Kim Lidström wrote:
> Is this patch better? I have tested it by trying both cnmac0, cnmac1 and
> cnmac2 as rootdev and it seems to work properly.
> I also removed the outdated comment, changed the pointless text (Maybe
> it'd be more appropriate to remove
4/4: I don't believe V4L2_BUF_FLAG_QUEUED and V4L2_BUF_FLAG_DONE
flags are handled correctly in our uvideo driver.
According to linuxtv.org Buffers Chap 3. Input/Output Table 3.4
Buffer Flags:
2/4: Assumption on endpoint index to use in uvideo_vs_open() vs
actual saved endpoint address.
Index: uvideo.c
===
RCS file: /cvs/obsd/src/sys/dev/usb/uvideo.c,v
retrieving revision 1.185
diff -u -p -u -p -r1.185 uvideo.c
---
3/4: In uvideo_vs_set_alt(), according to the comment within
while()-loop searches for an endpoint with requested
bandwidth, or best match. An iterator index (int i) is used
in the while()-loop, and eventually its value is used in
usbd_set_interface().
Is the "matched"
Greetings,
I have been looking at uvideo trying to model a new driver I'm
attempting to port over and found a few issues (or what I precive
as issues).
Since the list likes separate diffs for easier discussion, Here
is my attempt to break them up in four emails. I think, with
exception of one,
The wording made it hard for me to understand at first. The "unless"
"non-zero" seem like double negatives.
Index: daemon.3
===
RCS file: /cvs/src/lib/libc/gen/daemon.3,v
retrieving revision 1.12
diff -u -p -u -r1.12 daemon.3
---
ping.
Tested with current source status.
On Tue, May 10, 2016 at 06:59:36PM +0200, Jan Klemkow wrote:
> Hi,
>
> This diff adds client side certificate checks to httpd. Most parts are
> straight forward. But, to transfer the whole certificate authority
> store to the server process through the
Use crypt_checkpass.
Note that this introduces a slight functional change. A user with a blank
password will be allowed to login with a blank password. I think if you don't
like that, you should give the user a password.
Bonus: if the user is not found, hashing work is still performed to prevent
> On 2016/05/17 08:27, Brent Cook wrote:
> > This patch came by way of the openntpd github. Linux (and possibly others)
> > will attempt to bind to 0.0.0.0 when binding to '::' and return an error if
> > it can't, unless IPV6_V6ONLY is set.
>
> Do you see why they're doing this?
>
> In an OS
> On 2016/05/17 15:01, Ted Unangst wrote:
> > Theo de Raadt wrote:
> > > From the beginning we were promised that modifying a program to use
> > > IPv6 only required opening a 2nd socket using AF_INET6. Then the
> > > recipes grew, and grew and grew. It went astray.
> > >
> > > 10,000 programs
On 2016/05/17 08:27, Brent Cook wrote:
> This patch came by way of the openntpd github. Linux (and possibly others)
> will attempt to bind to 0.0.0.0 when binding to '::' and return an error if
> it can't, unless IPV6_V6ONLY is set.
Do you see why they're doing this?
In an OS where IPV6_V6ONLY=0
> On May 17, 2016, at 10:21 AM, Stuart Henderson wrote:
>
> On 2016/05/17 08:27, Brent Cook wrote:
>> This patch came by way of the openntpd github. Linux (and possibly others)
>> will attempt to bind to 0.0.0.0 when binding to '::' and return an error if
>> it can't,
bytevolc...@safe-mail.net wrote:
>
> Index: sys/dev/softraid_crypto.c
> ===
> RCS file: /cvs/src/sys/dev/softraid_crypto.c,v
> retrieving revision 1.126
> diff -u -p -r1.126 softraid_crypto.c
> --- sys/dev/softraid_crypto.c 12 Apr
Theo de Raadt wrote:
> From the beginning we were promised that modifying a program to use
> IPv6 only required opening a 2nd socket using AF_INET6. Then the
> recipes grew, and grew and grew. It went astray.
>
> 10,000 programs don't follow the practice. If everyone has to follow
> this
> Date: Tue, 17 May 2016 19:03:05 +0200
> From: Stefan Sperling
>
> This diff addresses some of my nitpicks in iwm:
>
> Move some declarations to if_iwmreg.h so we can use iwm_phy_db_* prototypes.
> Remove redundant declaration of iwm_send_phy_db_data().
> Remove pointless
> Date: Tue, 17 May 2016 18:34:19 +0200
> From: Stefan Sperling
>
> According to a comment in iwlwifi:
>
> * Clearing FH_MEM_RCSR_CHNL0_CONFIG_REG to 0 turns off Rx DMA.
> * Driver should poll FH_MEM_RSSR_RX_STATUS_REG for
> * FH_RSSR_CHNL0_RX_STATUS_CHNL_IDLE (bit 24)
This diff addresses some of my nitpicks in iwm:
Move some declarations to if_iwmreg.h so we can use iwm_phy_db_* prototypes.
Remove redundant declaration of iwm_send_phy_db_data().
Remove pointless iwm_fw_alive(); just call iwm_post_alive() directly.
Simplify iwm_prepare_card_hw() and
According to a comment in iwlwifi:
* Clearing FH_MEM_RCSR_CHNL0_CONFIG_REG to 0 turns off Rx DMA.
* Driver should poll FH_MEM_RSSR_RX_STATUS_REG for
* FH_RSSR_CHNL0_RX_STATUS_CHNL_IDLE (bit 24) before continuing.
We missed polling this bit in the init code path. Probably harmless,
but can be
> Theo de Raadt wrote:
> > In general, I think -portable's should not add it back without really
> > clear justification. The automatic tunnels are just as risky outside
> > OpenBSD, because their packet filter tools encounter the same
> > difficulty protecting against abuse.
>
> But in this
The problem here is that other operating systems contain an insecure
default, and the IETF ``solution'' requires every application declare
``make my network safe''.
So let's fix 1 program!! That'll sure help the world... What about
the other 10,000 programs that also speak to the network?
What
Also separate out the specification (does that count as a "standard"?)
and the implementation.
Index: fuse_main.3
===
RCS file: /home/cvs/src/lib/libfuse/fuse_main.3,v
retrieving revision 1.1
diff -u -p -r1.1 fuse_main.3
---
Theo de Raadt wrote:
> In general, I think -portable's should not add it back without really
> clear justification. The automatic tunnels are just as risky outside
> OpenBSD, because their packet filter tools encounter the same
> difficulty protecting against abuse.
But in this case, using the
The message subject is confusing - setting this ioctl to 1 is forcing
OpenBSD-like behaviour everywhere and *disabling* the v4-in-v6 mapping.
On 17 May 2016 16:58:56 BST, Theo de Raadt wrote:
>> > But I doubt this justifies that we add the compat goo (which is
>> >
> > But I doubt this justifies that we add the compat goo (which is
> > missing from all the other daemons as well).
>
> Whether it's in base or in portable it needs to go somewhere.
Why -- to hurt people?
ntpd (with UDP traffic) will be man-in-the-middle'd using the
v4-over-v6 tunnel.
> IPV6_V6ONLY and net.inet6.ip6.v6only have no effect in OpenBSD. The
> setsockopt does fail if you try to set it to a different value than the
> sysctl. So there is no additional risk here because OpenBSD denied early
> on the double usage of IPv6 sockets for IPv4 connections.
Correct.
If
On 17/05/16(Tue) 09:26, Theo de Raadt wrote:
> > Does it need the ifdef? It's standard ipv6 api..
>
> It is risk, all gigantic risk.
>
> Anyone who enables that will (not..) discover that their pf rulesets
> are wrong.
I don't understand, could you explain which risk you're talking about?
It
On 2016/05/17 17:42, Claudio Jeker wrote:
> On Tue, May 17, 2016 at 09:26:58AM -0600, Theo de Raadt wrote:
> > > Does it need the ifdef? It's standard ipv6 api..
> >
> > It is risk, all gigantic risk.
> >
> > Anyone who enables that will (not..) discover that their pf rulesets
> > are wrong.
> >
On Tue, May 17, 2016 at 09:26:58AM -0600, Theo de Raadt wrote:
> > Does it need the ifdef? It's standard ipv6 api..
>
> It is risk, all gigantic risk.
>
> Anyone who enables that will (not..) discover that their pf rulesets
> are wrong.
>
IPV6_V6ONLY and net.inet6.ip6.v6only have no effect in
> Does it need the ifdef? It's standard ipv6 api..
It is risk, all gigantic risk.
Anyone who enables that will (not..) discover that their pf rulesets
are wrong.
On 2016/05/17 08:27, Brent Cook wrote:
> This patch came by way of the openntpd github. Linux (and possibly others)
> will attempt to bind to 0.0.0.0 when binding to '::' and return an error if
> it can't, unless IPV6_V6ONLY is set. See
>
* Martin Pieuchot [2016-05-17 17:05]:
> On 17/05/16(Tue) 16:16, Henning Brauer wrote:
> > * Gilles Chehade [2016-05-17 15:56]:
> > > On Tue, May 17, 2016 at 08:27:42AM -0500, Brent Cook wrote:
> > > > This patch came by way of the openntpd github. Linux (and
On 17/05/16(Tue) 16:16, Henning Brauer wrote:
> * Gilles Chehade [2016-05-17 15:56]:
> > On Tue, May 17, 2016 at 08:27:42AM -0500, Brent Cook wrote:
> > > This patch came by way of the openntpd github. Linux (and possibly others)
> > > will attempt to bind to 0.0.0.0 when
The iop(4) driver has been gone for two years and tpms(4) has been
renamed to utpms(4) as well.
Bryan
Index: www/macppc.html
===
RCS file: /cvs/www/macppc.html,v
retrieving revision 1.250
diff -u -p -r1.250 macppc.html
---
On Tue, May 17, 2016 at 04:16:09PM +0200, Henning Brauer wrote:
> * Gilles Chehade [2016-05-17 15:56]:
> > On Tue, May 17, 2016 at 08:27:42AM -0500, Brent Cook wrote:
> > > This patch came by way of the openntpd github. Linux (and possibly others)
> > > will attempt to bind to
* Gilles Chehade [2016-05-17 15:56]:
> On Tue, May 17, 2016 at 08:27:42AM -0500, Brent Cook wrote:
> > This patch came by way of the openntpd github. Linux (and possibly others)
> > will attempt to bind to 0.0.0.0 when binding to '::' and return an error if
> > it can't, unless
On Tue, May 17, 2016 at 08:27:42AM -0500, Brent Cook wrote:
> This patch came by way of the openntpd github. Linux (and possibly others)
> will attempt to bind to 0.0.0.0 when binding to '::' and return an error if
> it can't, unless IPV6_V6ONLY is set. See
>
This patch came by way of the openntpd github. Linux (and possibly others)
will attempt to bind to 0.0.0.0 when binding to '::' and return an error if
it can't, unless IPV6_V6ONLY is set. See
https://github.com/openntpd-portable/openntpd-portable/issues/19
OK as an in-tree patch? OpenBSD seems to
Diff below moves the code that updates an ARP cache into its own
function. The goal of this refactoring is to defer the insertion
of a route entry to a serialized context: a task.
Inserting a route might will possibly require the caller to sleep,
so this function will be called in the hot path
On 17 May 2016 at 02:56, David Gwynne wrote:
> the vlan ioctls have been superseded by the generic ifparent and
> vnetid ioctls, and will eventually go away.
>
> this removes the vlan ioctl handling from ifconfig. however, to
> continue to support existing vlan interface
I have also noticed that bioctl reports the key disk as
incorrect. I initially thought it was my patch, but it seems to be wrong
whether or not my patch is applied. In fact the contents of the disk do
not change at all:
# bioctl softraid0
Volume Status Size Device
softraid0 0
(if you don't have a specific interest in ports dependencies fun, you can
stop reading now).
Just as an example, my 25 most common dependencies + their deps end up as
a list of 283 ports
Here's the vars.log excerpt
Most of these should be familiar to bulk builders.
(which more or less means
People might be interested to know dpb has a new "permanent log".
I've moved the "most common dependencies" into build-stats, so that
dpb can use it from one run to the next.
I hadn't done that before because it used to be a mixed bag of
blessings: run LISTING quickly on some ports, then do a
45 matches
Mail list logo