Re: ssh(1), getrrsetbyname(3), SSHFP and DNSSEC

2020-07-17 Thread Peter J. Philipp
On Fri, Jul 17, 2020 at 11:45:22PM +0200, Jesper Wallin wrote: > Thoughts? > > > Yours, > Jesper Wallin I found this very interesting. Too bad you didn't quote any RFC's that support this behaviour because RFC 4033 says you shouldn't set the AD bit in a query, RFC 4035 says something similar, b

dhclient.conf - correct typo

2020-07-17 Thread Larry Hynes
seonds -> seconds Index: sbin/dhclient/dhclient.conf.5 === RCS file: /cvs/src/sbin/dhclient/dhclient.conf.5,v retrieving revision 1.50 diff -u -p -r1.50 dhclient.conf.5 --- sbin/dhclient/dhclient.conf.5 10 Feb 2020 13:18:20 -000

Re: xhci(4) isoc: fix bogus handling of chained TRBs

2020-07-17 Thread sc . dying
hi, On 2020/07/15 21:28, sc.dy...@gmail.com wrote: > hi, > > The patch works well on Intel PCH xhci, but not on AMD Bolton xHCI. > I'll investigate this problem. Bolton xHCI sometimes raises following events. (I added printf Completion Code.) #246 cc 13 remain 0 type 5 origlen 2048 frlengths[6]

Re: ssh(1), getrrsetbyname(3), SSHFP and DNSSEC

2020-07-17 Thread Jeremy C. Reed
On Fri, 17 Jul 2020, Jeremy C. Reed wrote: > > To get a response with the AD flag set, the request itself also needs > > to have the AD flag set. I re-read your post again and see you already clarified this.

Re: ssh(1), getrrsetbyname(3), SSHFP and DNSSEC

2020-07-17 Thread Jeremy C. Reed
On Fri, 17 Jul 2020, Jesper Wallin wrote: > To get a response with the AD flag set, the request itself also needs > to have the AD flag set. ... > -#define RES_DEFAULT(RES_RECURSE | RES_DEFNAMES | RES_DNSRCH) > +#define RES_DEFAULT(RES_RECURSE | RES_DEFNAMES | RES_DNSRCH | RES_USE_AD) C

Re: Add ability to set control values with video(1)

2020-07-17 Thread Laurence Tratt
On Mon, Jul 13, 2020 at 07:39:41PM +0100, Laurence Tratt wrote: > video(1) allows users to adjust controls such as brightness, saturation > (etc.) depending on the input device in question. These values persist even > after video(1) has quit, allowing you to e.g. increase the brightness of a > web

ssh(1), getrrsetbyname(3), SSHFP and DNSSEC

2020-07-17 Thread Jesper Wallin
Hi all, I recently decided to add SSHFP records for my servers, since I never memorize or write down my key fingerprints. I learned that if I want ssh(1) to trust these records, DNSSEC needs to be enabled for my zone. To validate these records, ssh(1) is using getrrsetbyname(3), which checks if

Re: timekeep: fixing large skews on amd64 with RDTSCP

2020-07-17 Thread Philip Guenther
On Thu, Jul 16, 2020 at 4:55 PM Scott Cheloha wrote: > > On Jul 16, 2020, at 19:36, Theo de Raadt wrote: > > > >> Note the third sentence. > >> > >> Given that, I reason that a serializing instruction before *and* after > >> the RDTSC should freeze it in place. > > > > I haven't seen anyone read

Re: net80211: skip input block ack window gaps faster

2020-07-17 Thread Uwe Werler
> Next version. > > One problem with the previous patch was that it effectively limited the > size of the BA window to the arbitrarily chosen limit of 16. We should not > drop frames which arrive out of order but still fall within the BA window. > > With this version, we allow the entire block ac

Re: net80211: skip input block ack window gaps faster

2020-07-17 Thread Stefan Sperling
On Fri, Jul 17, 2020 at 03:59:38PM +0200, Stefan Sperling wrote: > While measuring Tx performance at a fixed Tx rate with iwm(4) I observed > unexpected dips in throughput measured by tcpbench. These dips coincided > with one or more gap timeouts shown in 'netstat -W iwm0', such as: > 77 inpu

pipex(4): document global data locks

2020-07-17 Thread Vitaliy Makkoveev
Subj. Also add NET_ASSERT_LOCKED() to pipex_{link,unlink,rele}_session() to be sure they called under NET_LOCK(). Index: sys/net/pipex.c === RCS file: /cvs/src/sys/net/pipex.c,v retrieving revision 1.120 diff -u -p -r1.120 pipex.c ---

net80211: skip input block ack window gaps faster

2020-07-17 Thread Stefan Sperling
While measuring Tx performance at a fixed Tx rate with iwm(4) I observed unexpected dips in throughput measured by tcpbench. These dips coincided with one or more gap timeouts shown in 'netstat -W iwm0', such as: 77 input block ack window gaps timed out Which means lost frames on the receiv

ppp{ac,x}(4): document locks

2020-07-17 Thread Vitaliy Makkoveev
Subj. Index: sys/net/if_pppx.c === RCS file: /cvs/src/sys/net/if_pppx.c,v retrieving revision 1.97 diff -u -p -r1.97 if_pppx.c --- sys/net/if_pppx.c 17 Jul 2020 08:57:27 - 1.97 +++ sys/net/if_pppx.c 17 Jul 2020 13:51:14 -

pipex_iface_fini() release multicast session under NET_LOCK()

2020-07-17 Thread Vitaliy Makkoveev
We are going to lock the whole pipex(4) by NET_LOCK(). So move `multicast_session' freeing undet NET_LOCK() too. Index: sys/net/pipex.c === RCS file: /cvs/src/sys/net/pipex.c,v retrieving revision 1.120 diff -u -p -r1.120 pipex.c ---

Re: Add missing `IFXF_CLONED' to pseudo-interfaces

2020-07-17 Thread Vitaliy Makkoveev
ping? > On 10 Jul 2020, at 14:59, Vitaliy Makkoveev wrote: > > Some pseudo interfaces have missing `IFXF_CLONED' flag. Diff below fixes > this. > > Index: sys/net/if_ppp.c > === > RCS file: /cvs/src/sys/net/if_ppp.c,v > retrieving

iwn: fix off-by-one in antenna calibration for iwn5000

2020-07-17 Thread Holger Mikolon
I came across this by reading the code if_iwn.c and DPRINTFs on a kernel with IWN_DEBUG. IWN_LSB() returns an index starting with 1, however the arrays used later on (noise and gain in iwn5000_set_gains()) start with 0. The current code accounts for this difference when setting the antenna gain by

Re: wsfontload(8): display number of characters in a loaded font

2020-07-17 Thread Stuart Henderson
Seems useful. While it's not especially likely anyone is parsing the output of this, just in case they are it's usually more admin-friendly to add a new column at the end unless there's a good reason not to. -- Sent from a phone, apologies for poor formatting. On 16 July 2020 21:29:50 Frederic

Avoid realloc

2020-07-17 Thread Gerhard Roth
Recently a stat(2) call was added to load_server_config() of ssh to avoid reallocs. However, a buffer of 'st_size' length might be too short to hold the null terminator of the string. Add one more byte to the size, if it is sure that we can't overflow. Gerhard Index: usr.bin/ssh/servconf.c ==

Re: Add missing `IFXF_CLONED' to pseudo-interfaces

2020-07-17 Thread Vitaliy Makkoveev
anyone? On Fri, Jul 10, 2020 at 02:59:55PM +0300, Vitaliy Makkoveev wrote: > Some pseudo interfaces have missing `IFXF_CLONED' flag. Diff below fixes > this. > > Index: sys/net/if_ppp.c > === > RCS file: /cvs/src/sys/net/if_ppp.c,v >

faq/pf/carp: pfsync0 does not exist by default

2020-07-17 Thread Klemens Nanni
Without /etc/hostname.pfsync0 there will be no such interface upon boot. Feedback? OK? Index: faq/pf/carp.html === RCS file: /cvs/www/faq/pf/carp.html,v retrieving revision 1.63 diff -u -p -r1.63 carp.html --- faq/pf/carp.html28

Re: random toeplitz seeds

2020-07-17 Thread David Gwynne
On Fri, Jun 26, 2020 at 07:55:43AM +0200, Theo Buehler wrote: > This adds an stoeplitz_random_seed() function that generates a random > Toeplitz key seed with an invertible matrix T. This is necessary and > sufficient for the hash to spread out over all 65536 possible values. > > While it is clear

rge(4): support for Realtek RTL8125B

2020-07-17 Thread Kevin Lo
Hi, The following diff adds Realtek RTL8125B support to rge(4) and uses if_rxring to manage the number of filled slots on the rx ring. Tested with the TP-LINK TL-NG421 adapter. Index: share/man/man4/pci.4 === RCS file: /cvs/src/shar