dhcpd - pf table handler child not cleaned up

Hi tech@, sthen@ pointed out to me that dhcpd doesn't properly terminate the pf table handler. I reproduced the issue both on 6.1 and -current. Minimal config I used on my server: /etc/dhcpd.conf subnet 45.63.9.186 netmask 255.255.255.224 { range 45.63.9.186 45.63.9.186; } enabled dhcpd

Re: pfctl: make functions return void, merge two ifs

On Tue, Jun 13, 2017 at 12:43:51AM +0200, Adam Wolk wrote: > On Mon, Jun 12, 2017 at 11:43:44PM +0200, Alexandr Nedvedicky wrote: > > Hello Adam, > > > > > > > > > It was a rainy evening here, so here's the updated pfctl diff. > > > >

Re: smtpd session hang

On Fri, Jun 16, 2017 at 07:12:43PM +0300, Henri Kemppainen wrote: > > > Nice catch, the diff reads fine to me, I'll commit later today when I > > > have another ok from eric@ > > > Yes, this looks correct. But, I would rather move the resume test before > > the EOM test, to avoid touching the

Re: pfctl: make functions return void, merge two ifs

On Mon, Jun 12, 2017 at 11:43:44PM +0200, Alexandr Nedvedicky wrote: > Hello Adam, > > > > > It was a rainy evening here, so here's the updated pfctl diff. > > I'm sorry to hear about the rainy weather [1]. > anyway, you might want to run regression test for pfctl. > > cd

Re: pfctl: make functions return void, merge two ifs

On Mon, Jun 12, 2017 at 01:59:07PM +0200, Mike Belopuhov wrote: > On Sun, Jun 11, 2017 at 15:03 +0100, Raymond wrote: > > Transform the following functions (which never return anything other than > > 0, and whose return value is never used) to void: > > > > * pfctl_clear_stats,

Re: pfctl: make functions return void, merge two ifs

On Sun, Jun 11, 2017 at 03:03:56PM +0100, Raymond wrote: > Transform the following functions (which never return anything other than 0, > and whose return value is never used) to void: > > * pfctl_clear_stats, pfctl_clear_interface_flags, pfctl_clear_rules, > pfctl_clear_src_nodes,

Re: usr/bin/ktrace: replace snprintf(3)/write(2) with #define and write(2)

On Sun, Jun 11, 2017 at 11:10:30AM -0600, Theo de Raadt wrote: > + write(STDERR_FILENO, NO_KTRACE, sizeof(NO_KTRACE)); > > Naw, I dislike that sizeof. > > You can use dprintf, it is signal-safe in OpenBSD as long as the format > string doesn't contain floating-point strings. Attaching

usr/bin/ktrace: replace snprintf(3)/write(2) with #define and write(2)

Hi tech@, Using the GREATSCOTT[1] pattern to output in the ktrace signal handler, dropping the need for an snprintf and the 8k stack buffer. Brought to attention by BlackFrog on #openbsd-daily Feedback, OK's? Regards, Adam [1] - https://marc.info/?l=openbsd-tech=149613049920485=2 Index:

Re: nc: missing rpath pledge for -P

On Sat, Jun 10, 2017 at 12:45:01AM +0200, Theo Buehler wrote: > On Fri, Jun 09, 2017 at 11:59:44PM +0200, Theo Buehler wrote: > > On Fri, Jun 09, 2017 at 11:55:26PM +0200, Adam Wolk wrote: > > > On Fri, Jun 09, 2017 at 11:54:03PM +0200, Adam Wolk wrote: > > > > On F

Re: nc: missing rpath pledge for -P

On Fri, Jun 09, 2017 at 11:54:03PM +0200, Adam Wolk wrote: > On Fri, Jun 09, 2017 at 09:28:29PM +, ra...@openmailbox.org wrote: > > Hello! > > > > Here is a patch with a pledge bugfix in netcat and some minor style > > improvements. > > > > An example o

Re: nc: missing rpath pledge for -P

On Fri, Jun 09, 2017 at 09:28:29PM +, ra...@openmailbox.org wrote: > Hello! > > Here is a patch with a pledge bugfix in netcat and some minor style > improvements. > > An example of how to trigger the bug: > > $ nc -Ptest -v -c blog.tintagel.pl 443 > nc: pledge: Operation not permitted > >

doas: add confirm to prompt the user on what is to be executed

Hi tech@ This is a feture that came up in a chat I had with Kurt Mosiejczuk. I have been recently reading source daily as a learning experience and decided that implementing the feature we discussed would be a nice exercise. The attached diff extends the configuration syntax with a new option

Re: htpasswd: use crypt_newhash instead of bcrypt API

On Tue, Jun 06, 2017 at 08:29:23PM +, Florian Obser wrote: > On Tue, Jun 06, 2017 at 08:49:32PM +0200, Adam Wolk wrote: > > On Tue, Jun 06, 2017 at 12:28:59PM -0600, Theo de Raadt wrote: > > > > The only thing against using automatic rounds would be having

Re: htpasswd: use crypt_newhash instead of bcrypt API

On Tue, Jun 06, 2017 at 12:28:59PM -0600, Theo de Raadt wrote: > > The only thing against using automatic rounds would be having them guessed > > on a > > weaker machine and used on a more powerful server - doubt though that would > > ever > > pick something below 8 rounds. > > I don't see the

Re: htpasswd: use crypt_newhash instead of bcrypt API

On Tue, Jun 06, 2017 at 02:20:38PM -0400, Bryan Steele wrote: > > > > - if (strlcpy(salt, bcrypt_gensalt(8), sizeof(salt)) >= sizeof(salt)) > > - errx(1, "salt too long"); > > - if (strlcpy(hash, bcrypt(pass, salt), sizeof(hash)) >= sizeof(hash)) > > - errx(1, "hash too

htpasswd: use crypt_newhash instead of bcrypt API

Hi tech@ While reading htpasswd and htpasswd handling in httpd I noticed that both use different APIs to handle encrypting/decrypting the passwords. - htpasswd uses the bcrypt API - httpd uses the new crypt API The documentation for bcrypt states: These functions are deprecated in favor of

Re: chown: Remove SUPPORT_DOT ifdef - it's on by default for 22 years

On Sat, May 27, 2017 at 10:58:40PM +0100, Jason McIntyre wrote: > On Sat, May 27, 2017 at 11:45:43PM +0200, Adam Wolk wrote: > > Index: chown.8 > > === > > RCS file: /cvs/src/bin/chmod/chown.8,v > > retrie

Re: chown: Remove SUPPORT_DOT ifdef - it's on by default for 22 years

On Sat, May 27, 2017 at 11:01:29PM +0200, Adam Wolk wrote: > On Sat, May 27, 2017 at 01:42:45PM -0600, Theo de Raadt wrote: > > I agree with you. Maybe change the comment > > > > /* UID and GID are separated by a dot and UID exists. */ > > > >

Re: chown: Remove SUPPORT_DOT ifdef - it's on by default for 22 years

On Sat, May 27, 2017 at 01:42:45PM -0600, Theo de Raadt wrote: > I agree with you. Maybe change the comment > > /* UID and GID are separated by a dot and UID exists. */ > > to say a bit more on the matter, to prevent a zealot from arriving 2-3 > years from now and proposing

chown: Remove SUPPORT_DOT ifdef - it's on by default for 22 years

Hi tech@, I stumbled on SUPPORT_DOT while reading /usr/src/bin/chmod.c, got curious and started doing some research. POSIX changed the separator from . to : to make the utility properly work with usernames containing a dot. The standard doesn't forbid keeping the dot handling for backwards

Re: man.openbsd.org links on FAQ pages should point to -release

On Tue, Dec 06, 2016 at 07:46:31PM +0100, Adam Wolk wrote: > Hi tech@ > > _gypcio on IRC reported that pkg_sign uses a -s signify flag that was renamed > in > -current to signify2. The entry in the FAQ showing that example also linked > to a > pkg_sign man page fro

Re: man.openbsd.org links on FAQ pages should point to -release

On Tue, Dec 06, 2016 at 07:46:31PM +0100, Adam Wolk wrote: > Hi tech@ > > _gypcio on IRC reported that pkg_sign uses a -s signify flag that was renamed > in > -current to signify2. The entry in the FAQ showing that example also linked > to a > pkg_sign man page fro

man.openbsd.org links on FAQ pages should point to -release

Hi tech@ _gypcio on IRC reported that pkg_sign uses a -s signify flag that was renamed in -current to signify2. The entry in the FAQ showing that example also linked to a pkg_sign man page from -current which lead to the confusion. Here is a diff generated with: perl -pi.bak -e

merge usbd_open_pipe.9 & usbd_close_pipe.9 into a single manpage

Hi tech@, I have been going through usbdi recently and I believe that the mentioned manpages can be merged into a single one since they operate on the same abstraction in the interface. I am cross referrencing with NetBSD which recently added documentation for the usbdi interface: -

mg - fix modeline segfault

Hi tech@ attaching a fix for the following crash caused by a null pointer dereference while the modeline is trying to work on a unusable display #0 0x0bf6a4e04433 in modeline (wp=0xbf948d9d400, modelinecolor=2) at display.c:800 800 vscreen[n]->v_color = modelinecolor;/*

Re: mg - Check pointer before calling showbuffer()

On Tue, Sep 06, 2016 at 05:10:39PM +, Mark Lumsden wrote: > Source Joachim Nilsson: > > Found by Coverity Scan. The popbuf() function iterated over a list to > find a wp pointer, then sent it to showbuffer() which immediately went > ahead and dereferenced it. This patch simply

pledge: telnet should not verify if hostname is a fully qualified domain

Hi tech@, I have been noticing coredumps from telnet on my laptop for some time now and finally found an evening to investigate it. The typical use case: $ telnet localhost 22 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. SSH-2.0-OpenSSH_7.2 ^] telnet> quit Connection

Re: Firefox, malloc(3) and threads

On Fri, 22 Jan 2016 22:46:39 +0100 (CET) Mark Kettenis wrote: > Firefox makes a lot of concurrent malloc(3) calls. The locking to > make malloc(3) thread-safe is a bit...suboptimal. This diff makes > things better by using a mutex instead of spinlock. If you're

Re: [patch] PkgCreate.pm make it more clear why a shared library is invalid

On Thu, 12 Nov 2015 16:15:35 +0100 Marc Espie <es...@nerim.net> wrote: > On Wed, Nov 11, 2015 at 05:13:45PM +0100, Adam Wolk wrote: > > Hi tech@, > > > > I have been working recently on packaging a shared library for the > > first time and hit a stumbling block y

[patch] PkgCreate.pm make it more clear why a shared library is invalid

Hi tech@, I have been working recently on packaging a shared library for the first time and hit a stumbling block yesterday. $ make package `/usr/ports/pobj/libwebsockets-1.5/fake-amd64/.fake_done' is up to date. ===> Building package for libwebsockets-1.5 Create

file(1) no longer tells if a file is stripped (www/faq/ports/guide.html patch)

objdump(1) with the --syms flag which reports if the provided input binary was stripped of symbols like initially intended. Regards, Adam Wolk Index: guide.html === RCS file: /cvs/www/faq/ports/guide.html,v retrieving revision 1.38 d

Re: Unlock the reaper

On Wed, 8 Jul 2015 22:20:49 +0100 Stuart Henderson st...@openbsd.org wrote: On 2015/07/08 20:00, Max Fillinger wrote: On Wed, Jul 08, 2015 at 03:53:46PM +0200, Mark Kettenis wrote: I'm looking for testers for this diff. This should be safe to run on amd64, i386 and sparc64. But has

Re: [Patch] New item to the Migrating to OpenBSD guide

On Sun, 28 Jun 2015 19:55:58 +0200 Denis Fondras open...@ledeuns.net wrote: This patch is regarding the fact that there are no binary updates, which is a given thing What you missed : https://stable.mtier.org/ What do you mean? The author mentioned mtier.org both in his original blog

Re: [Patch] httpd - don't leak fcgi file descriptors

On Sun, 31 May 2015 19:25:22 -0400 Todd Mortimer t...@opennet.ca wrote: Hi tech@, Hi Joerg, Thanks for getting back to me. I cloned the server and upgraded it to the 31 May snapshot, did the sysmerge and upgraded the packages to the snapshot versions. The behaviour is still there. It

Re: sys/ucontext.h - dead code walking?

On Sun, Apr 19, 2015, at 12:23 AM, Philip Guenther wrote: On Sat, Apr 18, 2015 at 2:56 PM, Adam Wolk adam.w...@koparo.com wrote: On Sat, Apr 18, 2015, at 11:44 PM, Mark Kettenis wrote: From: Adam Wolk adam.w...@koparo.com Date: Sat, 18 Apr 2015 23:23:40 +0200 ... Which lead me

sys/ucontext.h - dead code walking?

/gcc/config/i386/linux64.h:#include sys/ucontext.h ./gnu/usr.bin/gcc/gcc/config/ia64/linux.h:#include sys/ucontext.h PS. I would greatly appreciate If anyone pointed me at a file that still defines mcontext_t or an acceptable workaround :) Regards, -- Adam Wolk adam.w...@koparo.com

Re: sys/ucontext.h - dead code walking?

On Sat, Apr 18, 2015, at 11:44 PM, Mark Kettenis wrote: From: Adam Wolk adam.w...@koparo.com Date: Sat, 18 Apr 2015 23:23:40 +0200 Hi tech@, I'm working on a port for lang/dart and got stuck on ucontext.h compile errors. The first one was quite easy, changing sys/ucontext.h

Re: inteldrm/radeondrm running -current

On Wed, Apr 15, 2015, at 11:56 PM, Mark Kettenis wrote: Hi folks, Earlier today, I committed a diff that includes a check that the drm ioctls return a proper error code. If you see something like: drmioctl: cmd 0xXX errno -YY in your dmesg or on your console, please let me know.

Re: [PATCH] bsd.port.mk - make relation between GH_TAGNAME GH_COMMIT more apparent (prevent actual bug regression)

On Sun, Apr 5, 2015, at 01:31 PM, Stuart Henderson wrote: On 2015-04-04, Landry Breuil lan...@rhaalovely.net wrote: On Sat, Apr 04, 2015 at 11:07:11PM +0200, Adam Wolk wrote: Hi tech@ I'm the maintainer of www/otter-browser and I got caught while packaging otter-browser 0.9.04

Re: [PATCH] bsd.port.mk - make relation between GH_TAGNAME GH_COMMIT more apparent (prevent actual bug regression)

On Sat, Apr 4, 2015, at 11:27 PM, Landry Breuil wrote: On Sat, Apr 04, 2015 at 11:07:11PM +0200, Adam Wolk wrote: Hi tech@ I'm the maintainer of www/otter-browser and I got caught while packaging otter-browser 0.9.04. Upstream asked us to point at a different commit then the tagged

[PATCH] bsd.port.mk - make relation between GH_TAGNAME GH_COMMIT more apparent (prevent actual bug regression)

Hi tech@ I'm the maintainer of www/otter-browser and I got caught while packaging otter-browser 0.9.04. Upstream asked us to point at a different commit then the tagged revision so we did: GH_TAGNAME = v0.9.04 # This is the actual tagged revision # GH_COMMIT =

Re: Unbreak adventure(6)

On Wed, Dec 31, 2014, at 04:16 PM, Theo Buehler wrote: The adventure game is currently broken. When it's started without any arguments, it spits a pile of garbage to stdout before eventually dumping its core. Confirmed true for i386 running a snapshot from 27-Dec-2014. With your patch

Re: next LibreSSL-portable release coming soon

Regards, -- Adam Wolk adam.w...@koparo.com On Mon, Dec 8, 2014, at 03:54 PM, Brent Cook wrote: We spent the weekend buttoning up features and closing issues with LibreSSL-portable. All features and fixes for the next release are now landed in the github mirror

Re: Is there a repo for the latest LibreSSL portable?

. The GitHub repository should be used for informational purposes only. Regards, -- Adam Wolk adam.w...@koparo.com