[hackers] [slstatus] ip: add OpenBSD support
ip.c already works on OpenBSD, it's just missing some headers: diff --git a/components/ip.c b/components/ip.c index 686344b..422b448 100644 --- a/components/ip.c +++ b/components/ip.c @@ -1,5 +1,9 @@ /* See LICENSE file for copyright and license details. */ -#if defined(__linux__) +#if defined(__OpenBSD__) +#include +#include +#endif + #include #include #include @@ -69,4 +73,3 @@ ipv6(const char *iface) return NULL; } -#endif
Re: [hackers] [slock][PATCH] Improve option parsing routine
On 2016-10-29 21:35, Laslo Hunhold wrote: The "problem" with dmenu is that it takes "long" flags, and given so many scripts depend on it we just cannot change it that easily. when did I suggest using arg.h for dmenu? --- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
Re: [hackers] [slock][PATCH] Improve option parsing routine
On 2016-10-29 12:40, Hiltjo Posthuma wrote: This is total bullshit: it is less readable and it makes no sense to optimize this case. Please fix real bugs. uhm, like the dmenu one?[0] [0]: http://git.suckless.org/dmenu/tree/dmenu.c#n649 --- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
Re: [hackers] [slock][PATCH] Remove arg.h, simplify option parsing
On 2016-10-28 23:56, Klemens Nanni wrote: arg.h is really ugly code and way to complex for tools like slock that have such minimal synopsis. it's not ugly, you just can't wrap your head around it, it's just a unix port of the plan 9 option parser[0] [0]: http://9p.io/sources/plan9/sys/include/libc.h --- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
Re: [hackers] [dwm][PATCH] Do not call die() upon '-v' invocation
On 2016-10-28 13:21, Quentin Rameau wrote: On 2016-10-28 13:02, Quentin Rameau wrote: > On Fri, Oct 28, 2016 at 12:45:14PM +0000, Ali H. Fardan wrote: >> actually, imo, I think >> usage() should return success. > Surely not. > The call to usage() is made when wrong options have been passed to > the tool, you wouldn't return “no error” code when there actually > has been an error. How could a script test if 'foo' is compiled correctly and runs without any missing shared libraries? if such a thing existed it will return 1> else, 0 is returned, the program still works fine, you just didn't give it the right arguments. You're clearly on the wrong path for what you want to test here. A script wouldn't test on runtime if there has been some compile-time errors. That's not for the tool to tell you if it has been correctly built or not, its behaviour is expected to be built correctly. If not, that's your fault (or the packager you trust do to it for you, actually again your responsability). Blaming someone else won't solve the issue. --- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
Re: [hackers] [dwm][PATCH] Do not call die() upon '-v' invocation
On 2016-10-28 13:02, Quentin Rameau wrote: On Fri, Oct 28, 2016 at 12:45:14PM +, Ali H. Fardan wrote: actually, imo, I think usage() should return success. Surely not. The call to usage() is made when wrong options have been passed to the tool, you wouldn't return “no error” code when there actually has been an error. How could a script test if 'foo' is compiled correctly and runs without any missing shared libraries? if such a thing existed it will return 1> else, 0 is returned, the program still works fine, you just didn't give it the right arguments. --- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
Re: [hackers] [dwm][PATCH] Do not call die() upon '-v' invocation
I don't think -v should output to stderr either, actually, imo, I think
usage() should return success.
On 2016-10-28 12:40, Klemens Nanni wrote:
Returning -1 upon a valid invocation like 'dwm -v' is just wrong.
---
dwm.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/dwm.c b/dwm.c
index 421bf27..35828b4 100644
--- a/dwm.c
+++ b/dwm.c
@@ -2122,8 +2122,10 @@ zoom(const Arg *arg)
int
main(int argc, char *argv[])
{
- if (argc == 2 && !strcmp("-v", argv[1]))
- die("dwm-"VERSION);
+ if (argc == 2 && !strcmp("-v", argv[1])) {
+ fputs("dwm-"VERSION, stderr);
+ return EXIT_SUCCESS;
+ }
else if (argc != 1)
die("usage: dwm [-v]");
if (!setlocale(LC_CTYPE, "") || !XSupportsLocale())
---
() ascii ribbon campaign - against html e-mail
/\ www.asciiribbon.org - against proprietary attachments
Re: [hackers] More dwm patches
On 2016-10-27 11:54, Anselm R Garbe wrote: Doesn't sound useful to me. Wallpaper fetishists should keep using OSX. -Anselm A wallpaper can help change your mood. --- () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments
Re: [hackers][sbase][ed] small changes
O.o, whhops, that was the wrong patch, attached is the correct one.
sorry for spamming the list.diff --git a/ed.c b/ed.c
index 184ed30..feeab43 100644
--- a/ed.c
+++ b/ed.c
@@ -316,7 +316,7 @@ inject(char *s)
}
static void
-clearbuf()
+clearbuf(void)
{
if (scratch)
close(scratch);
@@ -328,7 +328,7 @@ clearbuf()
}
static void
-setscratch()
+setscratch(void)
{
int r, k;
char *dir;
@@ -407,7 +407,7 @@ match(int num)
}
static int
-rematch(int num)
+rematch(void)
{
regoff_t off = matchs[0].rm_eo;
@@ -451,18 +451,14 @@ getnum(void)
for (ln = 0; isdigit(c = input()); ln += n) {
if (ln > INT_MAX/10)
- goto invalid;
+ error("invalid address");
n = c - '0';
ln *= 10;
if (INT_MAX - ln < n)
- goto invalid;
+ error("invalid address");
}
back(c);
return ln;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static int
@@ -525,7 +521,7 @@ address(int *line)
num = isdigit(back(input())) ? getnum() : 1;
num *= sign;
if (INT_MAX - ln < num)
- goto invalid;
+ error("invalid address");
ln += num;
}
back(c);
@@ -534,14 +530,10 @@ address(int *line)
error("invalid address");
*line = ln;
return 1;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static void
-getlst()
+getlst(void)
{
int ln, c;
@@ -589,7 +581,7 @@ deflines(int def1, int def2)
}
static void
-dowrite(char *fname, int trunc)
+dowrite(const char *fname, int trunc)
{
FILE *fp;
int i, line;
@@ -604,13 +596,14 @@ dowrite(char *fname, int trunc)
curln = line2;
if (fclose(fp))
error("input/output error");
- strcpy(savfname, fname);
+ if (strlcpy(savfname, fname, sizeof(savfname)) >= sizeof(savfname))
+ error("file name too long");
modflag = 0;
curln = line;
}
static void
-doread(char *fname)
+doread(const char *fname)
{
size_t cnt;
ssize_t n;
@@ -734,8 +727,10 @@ getfname(char comm)
error("file name too long");
} else {
*bp = '\0';
- if (savfname[0] == '\0' || comm == 'e' || comm == 'f')
- strcpy(savfname, fname);
+ if (savfname[0] == '\0' || comm == 'e' || comm == 'f') {
+ if (strlcpy(savfname, fname, sizeof(savfname)) >= sizeof(savfname))
+error("file name too long");
+ }
return fname;
}
return NULL; /* not reached */
@@ -1010,7 +1005,7 @@ subline(int num, int nth)
static size_t siz, cap;
i = changed = siz = 0;
- for (m = match(num); m; m = rematch(num)) {
+ for (m = match(num); m; m = rematch()) {
addpre(, , );
changed |= addsub(, , , nth, ++i);
if (eol || bol)
Re: [hackers][sbase][ed] small changes
Uhm, sorry about that, but my last patch violates the default ed
behavior
by using eprintf(), here is the corrected version:
diff --git a/ed.c b/ed.c
index 184ed30..1e834a6 100644
--- a/ed.c
+++ b/ed.c
@@ -316,7 +316,7 @@ inject(char *s)
}
static void
-clearbuf()
+clearbuf(void)
{
if (scratch)
close(scratch);
@@ -328,7 +328,7 @@ clearbuf()
}
static void
-setscratch()
+setscratch(void)
{
int r, k;
char *dir;
@@ -407,7 +407,7 @@ match(int num)
}
static int
-rematch(int num)
+rematch(void)
{
regoff_t off = matchs[0].rm_eo;
@@ -451,18 +451,14 @@ getnum(void)
for (ln = 0; isdigit(c = input()); ln += n) {
if (ln > INT_MAX/10)
- goto invalid;
+ error("invalid address");
n = c - '0';
ln *= 10;
if (INT_MAX - ln < n)
- goto invalid;
+ error("invalid address");
}
back(c);
return ln;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static int
@@ -525,7 +521,7 @@ address(int *line)
num = isdigit(back(input())) ? getnum() : 1;
num *= sign;
if (INT_MAX - ln < num)
- goto invalid;
+ error("invalid address");
ln += num;
}
back(c);
@@ -534,14 +530,10 @@ address(int *line)
error("invalid address");
*line = ln;
return 1;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static void
-getlst()
+getlst(void)
{
int ln, c;
@@ -589,7 +581,7 @@ deflines(int def1, int def2)
}
static void
-dowrite(char *fname, int trunc)
+dowrite(const char *fname, int trunc)
{
FILE *fp;
int i, line;
@@ -604,13 +596,14 @@ dowrite(char *fname, int trunc)
curln = line2;
if (fclose(fp))
error("input/output error");
- strcpy(savfname, fname);
+ if (strlcpy(savfname, fname, sizeof(savfname)))
+ error("file name too long");
modflag = 0;
curln = line;
}
static void
-doread(char *fname)
+doread(const char *fname)
{
size_t cnt;
ssize_t n;
@@ -734,8 +727,10 @@ getfname(char comm)
error("file name too long");
} else {
*bp = '\0';
- if (savfname[0] == '\0' || comm == 'e' || comm == 'f')
- strcpy(savfname, fname);
+ if (savfname[0] == '\0' || comm == 'e' || comm == 'f') {
+ if (strlcpy(savfname, fname, sizeof(savfname)))
+ error("file name too long");
+ }
return fname;
}
return NULL; /* not reached */
@@ -1010,7 +1005,7 @@ subline(int num, int nth)
static size_t siz, cap;
i = changed = siz = 0;
- for (m = match(num); m; m = rematch(num)) {
+ for (m = match(num); m; m = rematch()) {
addpre(, , );
changed |= addsub(, , , nth, ++i);
if (eol || bol)
diff --git a/ed.c b/ed.c
index 184ed30..1e834a6 100644
--- a/ed.c
+++ b/ed.c
@@ -316,7 +316,7 @@ inject(char *s)
}
static void
-clearbuf()
+clearbuf(void)
{
if (scratch)
close(scratch);
@@ -328,7 +328,7 @@ clearbuf()
}
static void
-setscratch()
+setscratch(void)
{
int r, k;
char *dir;
@@ -407,7 +407,7 @@ match(int num)
}
static int
-rematch(int num)
+rematch(void)
{
regoff_t off = matchs[0].rm_eo;
@@ -451,18 +451,14 @@ getnum(void)
for (ln = 0; isdigit(c = input()); ln += n) {
if (ln > INT_MAX/10)
- goto invalid;
+ error("invalid address");
n = c - '0';
ln *= 10;
if (INT_MAX - ln < n)
- goto invalid;
+ error("invalid address");
}
back(c);
return ln;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static int
@@ -525,7 +521,7 @@ address(int *line)
num = isdigit(back(input())) ? getnum() : 1;
num *= sign;
if (INT_MAX - ln < num)
- goto invalid;
+ error("invalid address");
ln += num;
}
back(c);
@@ -534,14 +530,10 @@ address(int *line)
error("invalid address");
*line = ln;
return 1;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static void
-getlst()
+getlst(void)
{
int ln, c;
@@ -589,7 +581,7 @@ deflines(int def1, int def2)
}
static void
-dowrite(char *fname, int trunc)
+dowrite(const char *fname, int trunc)
{
FILE *fp;
int i, line;
@@ -604,13 +596,14 @@ dowrite(char *fname, int trunc)
curln = line2;
if (fclose(fp))
error("input/output error");
- strcpy(savfname, fname);
+ if (strlcpy(savfname, fname, sizeof(savfname)))
+ error("file name too long");
modflag = 0;
curln = line;
}
static void
-doread(char *fname)
+doread(const char *fname)
{
size_t cnt;
ssize_t n;
@@ -734,8 +727,10 @@ getfname(char
[hackers][sbase][ed] small changes
diff --git a/ed.c b/ed.c
index 184ed30..c7648eb 100644
--- a/ed.c
+++ b/ed.c
@@ -316,7 +316,7 @@ inject(char *s)
}
static void
-clearbuf()
+clearbuf(void)
{
if (scratch)
close(scratch);
@@ -328,7 +328,7 @@ clearbuf()
}
static void
-setscratch()
+setscratch(void)
{
int r, k;
char *dir;
@@ -407,7 +407,7 @@ match(int num)
}
static int
-rematch(int num)
+rematch(void)
{
regoff_t off = matchs[0].rm_eo;
@@ -451,18 +451,14 @@ getnum(void)
for (ln = 0; isdigit(c = input()); ln += n) {
if (ln > INT_MAX/10)
- goto invalid;
+ error("invalid address");
n = c - '0';
ln *= 10;
if (INT_MAX - ln < n)
- goto invalid;
+ error("invalid address");
}
back(c);
return ln;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static int
@@ -525,7 +521,7 @@ address(int *line)
num = isdigit(back(input())) ? getnum() : 1;
num *= sign;
if (INT_MAX - ln < num)
- goto invalid;
+ error("invalid address");
ln += num;
}
back(c);
@@ -534,14 +530,10 @@ address(int *line)
error("invalid address");
*line = ln;
return 1;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static void
-getlst()
+getlst(void)
{
int ln, c;
@@ -589,7 +581,7 @@ deflines(int def1, int def2)
}
static void
-dowrite(char *fname, int trunc)
+dowrite(const char *fname, int trunc)
{
FILE *fp;
int i, line;
@@ -604,13 +596,13 @@ dowrite(char *fname, int trunc)
curln = line2;
if (fclose(fp))
error("input/output error");
- strcpy(savfname, fname);
+ estrlcpy(savfname, fname, sizeof(savfname));
modflag = 0;
curln = line;
}
static void
-doread(char *fname)
+doread(const char *fname)
{
size_t cnt;
ssize_t n;
@@ -735,7 +727,7 @@ getfname(char comm)
} else {
*bp = '\0';
if (savfname[0] == '\0' || comm == 'e' || comm == 'f')
- strcpy(savfname, fname);
+ estrlcpy(savfname, fname, sizeof(savfname));
return fname;
}
return NULL; /* not reached */
@@ -1010,7 +1002,7 @@ subline(int num, int nth)
static size_t siz, cap;
i = changed = siz = 0;
- for (m = match(num); m; m = rematch(num)) {
+ for (m = match(num); m; m = rematch()) {
addpre(, , );
changed |= addsub(, , , nth, ++i);
if (eol || bol)
diff --git a/ed.c b/ed.c
index 184ed30..c7648eb 100644
--- a/ed.c
+++ b/ed.c
@@ -316,7 +316,7 @@ inject(char *s)
}
static void
-clearbuf()
+clearbuf(void)
{
if (scratch)
close(scratch);
@@ -328,7 +328,7 @@ clearbuf()
}
static void
-setscratch()
+setscratch(void)
{
int r, k;
char *dir;
@@ -407,7 +407,7 @@ match(int num)
}
static int
-rematch(int num)
+rematch(void)
{
regoff_t off = matchs[0].rm_eo;
@@ -451,18 +451,14 @@ getnum(void)
for (ln = 0; isdigit(c = input()); ln += n) {
if (ln > INT_MAX/10)
- goto invalid;
+ error("invalid address");
n = c - '0';
ln *= 10;
if (INT_MAX - ln < n)
- goto invalid;
+ error("invalid address");
}
back(c);
return ln;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static int
@@ -525,7 +521,7 @@ address(int *line)
num = isdigit(back(input())) ? getnum() : 1;
num *= sign;
if (INT_MAX - ln < num)
- goto invalid;
+ error("invalid address");
ln += num;
}
back(c);
@@ -534,14 +530,10 @@ address(int *line)
error("invalid address");
*line = ln;
return 1;
-
-invalid:
- error("invalid address");
- return -1; /* not reached */
}
static void
-getlst()
+getlst(void)
{
int ln, c;
@@ -589,7 +581,7 @@ deflines(int def1, int def2)
}
static void
-dowrite(char *fname, int trunc)
+dowrite(const char *fname, int trunc)
{
FILE *fp;
int i, line;
@@ -604,13 +596,13 @@ dowrite(char *fname, int trunc)
curln = line2;
if (fclose(fp))
error("input/output error");
- strcpy(savfname, fname);
+ estrlcpy(savfname, fname, sizeof(savfname));
modflag = 0;
curln = line;
}
static void
-doread(char *fname)
+doread(const char *fname)
{
size_t cnt;
ssize_t n;
@@ -735,7 +727,7 @@ getfname(char comm)
} else {
*bp = '\0';
if (savfname[0] == '\0' || comm == 'e' || comm == 'f')
- strcpy(savfname, fname);
+ estrlcpy(savfname, fname, sizeof(savfname));
return fname;
}
return NULL; /* not reached */
@@ -1010,7 +1002,7 @@ subline(int num, int nth)
static size_t siz, cap;
i = changed = siz = 0;
- for (m = match(num); m; m = rematch(num)) {
+ for (m = match(num); m; m = rematch())
Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations
PS: I think this is where the code originated: https://github.com/chjj/slock
Re: [hackers] [PATCH] [slock] Remove faulty example and add a section on security considerations
I suggest you take a look at this: https://notabug.org/kl3/slock it was used to be called "slock for the absolute paranoid", but this dude wanted to go further with it and make it fit his taste, but there are some security stuff he did there, check it out. -- Raiz On 2016-09-28 21:33, FRIGN wrote: Hello fellow hackers, the question has been floating around for quite some time on the internet, but I think it is a good place to answer it in the manual of our screen locker. Is slock really secure and if not, how can I harden it so that nobody can access my machine? There are two ways one can possibly circumvent a locked X screen (not including security holes in the Kernel) 1) switch to a different VT that is logged in. Then there, proceed to kill slock and switch back the now unlocked VT. 2) kill the X server with Ctrl+Alt+Backspace (if enabled). If no login manager is used, this yields an open shell. All work within the X session is usually lost, but the attacker still has access to the user data. Sysrq can be used to kill all running processes, but this also logs out the user and thus is no problem. I did not add it here because if somebody wants to "pwn" the user he can just unplug the computer or take out the battery to destroy all the work. You can disable VT switching and Ctrl+Alt+Backspace (this also overrides the local Xkb settings and is thus foolproof) for sure by setting two options in xorg.conf. See the patch for details on the instructions. Cheers FRIGN
Re: [hackers] [ii] use pledge by default if compiled on openbsc and provide errno string || Nico Golde
eprint() is not declared in ii, be careful.
Raiz
diff --git a/ii.c b/ii.c
index a32326d..51318aa 100644
--- a/ii.c
+++ b/ii.c
@@ -493,7 +493,7 @@ int main(int argc, char *argv[]) {
#ifdef __OpenBSD__ /* OpenBSD pledge(2) support */
if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
- eprint("ii pledge:");
+ fprintf(stderr, "ii pledge: %s\n", strerror(errno));
exit(EXIT_FAILURE);
}
#endif
On 2016-09-06 20:58, g...@suckless.org wrote:
commit 584290f2642eeacbe1b24e7174e49139d6787252
Author: Nico Golde
AuthorDate: Tue Sep 6 19:58:28 2016 +0200
Commit: Nico Golde
CommitDate: Tue Sep 6 19:58:28 2016 +0200
use pledge by default if compiled on openbsc and provide errno
string
diff --git a/config.mk b/config.mk
index 2cf103e..b5bc34f 100644
--- a/config.mk
+++ b/config.mk
@@ -26,5 +26,3 @@ CC = cc
CFLAGS = -g -O0 -W -Wall ${INCLUDES} -DVERSION=\"${VERSION}\"
LDFLAGS = ${LIBS}
-# OpenBSD pledge(2) support
-# CFLAGS+= -DUSE_PLEDGE
diff --git a/ii.c b/ii.c
index 3c6c3c7..a32326d 100644
--- a/ii.c
+++ b/ii.c
@@ -491,9 +491,9 @@ int main(int argc, char *argv[]) {
}
irc = tcpopen(port);
- #ifdef USE_PLEDGE /* OpenBSD pledge(2) support */
+ #ifdef __OpenBSD__ /* OpenBSD pledge(2) support */
if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
- fputs("ii: pledge\n", stderr);
+ eprint("ii pledge:");
exit(EXIT_FAILURE);
}
#endif
Re: [hackers] [quark] Use sizeof() instead of magic constants || FRIGN
On 2016-09-05 10:39, Anselm R Garbe wrote: Why should I try. This is blatantly obvious wrong code. and that's my point.
Re: [hackers] [quark] Use sizeof() instead of magic constants || FRIGN
I got an example:
try compiling this code:
#include
int
main(void)
{
printf("%d", sizeof unsigned char);
return (0);
}
you will probably get a compiler error like this:
sizeof.c: In function ‘main’:
sizeof.c:6:22: error: expected expression before ‘unsigned’
printf("%d", sizeof unsigned char);
^~~~
However, with parenthesies:
#include
int
main(void)
{
printf("%d\n", sizeof(unsigned char));
return (0);
}
It will compile successfully.
Hope you got the idea
Raiz
On 2016-09-05 10:25, FRIGN wrote:
On Mon, 5 Sep 2016 07:42:36 +0200
Anselm R Garbe wrote:
Hey Anselm,
Quick note: your syntax usage of sizeof is not 100% accurate.
Use 'sizeof(type)' with brackets but 'sizeof var' without.
I use sizeof always function-like and see no reason why I shouldn't use
"sizeof(var)" and instead use "sizeof var". It doesn't alter the code
behaviour and ultimately it's all about readability.
If you eyes have become accustomed to always use function-like syntax
for such operators the best bet is not to break this style because it's
not "necessary" to have parentheses for variable sizeof's.
Cheers
FRIGN
Re: [hackers] [quark] Use sizeof() instead of magic constants || FRIGN
On 2016-09-05 08:53, Markus Teich wrote: can you elaborate on the reasoning behind this? The styleguide says "Always use () with sizeof". from my experience, using sizeof without parenthesies could cause errors. Raiz
Re: [hackers] [ii] add OpenBSD pledge support - thanks Gleydson Soares || Nico Golde
Sorry, I can't quote your last message because I accidently deleted it. anyways, as far as I know __OpenBSD__ is either defined by the compiler (in openbsd) or the openbsd libc, so if the code being compiled under openbsd __OpenBSD__ will be defined. Raiz
Re: [hackers] [ii] add OpenBSD pledge support - thanks Gleydson Soares || Nico Golde
Would be helpful if you provided error string for pledge(), I have
also provided a pledge patch for sic and I submitted it a while ago
to the mailing list (maybe you did not notice it).
Raiz
diff --git a/sic.c b/sic.c
index ce6d216..6e37c60 100644
--- a/sic.c
+++ b/sic.c
@@ -182,6 +182,10 @@ main(int argc, char *argv[]) {
setbuf(stdout, NULL);
setbuf(srv, NULL);
setbuf(stdin, NULL);
+# ifdef __OpenBSD__
+ if (pledge("stdio", NULL)
+ eprint("pledge:");
+# endif
for(;;) { /* main loop */
FD_ZERO();
FD_SET(0, );
On 2016-09-02 17:13, g...@suckless.org wrote:
commit 18580a159febc9c9658d82d73b90b53895c1ec00
Author: Nico Golde
AuthorDate: Fri Sep 2 16:13:43 2016 +0200
Commit: Nico Golde
CommitDate: Fri Sep 2 16:13:43 2016 +0200
add OpenBSD pledge support - thanks Gleydson Soares
diff --git a/config.mk b/config.mk
index afc28d5..2cf103e 100644
--- a/config.mk
+++ b/config.mk
@@ -25,3 +25,6 @@ LIBS= -L${LIBDIR} -L/usr/lib -lc
CC = cc
CFLAGS = -g -O0 -W -Wall ${INCLUDES} -DVERSION=\"${VERSION}\"
LDFLAGS = ${LIBS}
+
+# OpenBSD pledge(2) support
+# CFLAGS+= -DUSE_PLEDGE
diff --git a/ii.c b/ii.c
index 745e29a..19f1b4c 100644
--- a/ii.c
+++ b/ii.c
@@ -490,6 +490,14 @@ int main(int argc, char *argv[]) {
}
}
irc = tcpopen(port);
+
+ #ifdef USE_PLEDGE /* OpenBSD pledge(2) support */
+ if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
+ fputs("ii: pledge\\n", stderr);
+ exit(EXIT_FAILURE);
+ }
+ #endif
+
if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) {
fputs("ii: path to irc directory too long\n", stderr);
exit(EXIT_FAILURE);
Re: [hackers] [quark] missing newline
sorry, wrong patch
On 2016-09-02 17:21, Ali H. Fardan wrote:
diff --git a/quark.c b/quark.c
index 6ff50f5..f69ed59 100644
--- a/quark.cdiff --git a/quark.c b/quark.c
index 6ff50f5..7e6530f 100644
--- a/quark.c
+++ b/quark.c
@@ -694,7 +694,7 @@ main(int argc, char *argv[])
/* raise the process limit */
rlim.rlim_cur = rlim.rlim_max = maxnprocs;
if (setrlimit(RLIMIT_NPROC, ) < 0) {
- fprintf(stderr, "%s: setrlimit RLIMIT_NPROC: %s", argv0,
+ fprintf(stderr, "%s: setrlimit RLIMIT_NPROC: %s\n", argv0,
strerror(errno));
return 1;
}
+++ b/quark.c
@@ -686,7 +686,7 @@ main(int argc, char *argv[])
/* reap children automatically */
if (signal(SIGCHLD, SIG_IGN) == SIG_ERR) {
- fprintf(stderr, "%s: signal: Failed to set SIG_IGN on"
+ fprintf(stderr, "%s: signal: Failed to set SIG_IGN on\n"
"SIGCHLD\n", argv0);
return 1;
}
@@ -694,7 +694,7 @@ main(int argc, char *argv[])
/* raise the process limit */
rlim.rlim_cur = rlim.rlim_max = maxnprocs;
if (setrlimit(RLIMIT_NPROC, ) < 0) {
- fprintf(stderr, "%s: setrlimit RLIMIT_NPROC: %s", argv0,
+ fprintf(stderr, "%s: setrlimit RLIMIT_NPROC: %s\n", argv0,
strerror(errno));
return 1;
}
[hackers] [quark] missing newline
diff --git a/quark.c b/quark.c
index 6ff50f5..f69ed59 100644
--- a/quark.c
+++ b/quark.c
@@ -686,7 +686,7 @@ main(int argc, char *argv[])
/* reap children automatically */
if (signal(SIGCHLD, SIG_IGN) == SIG_ERR) {
- fprintf(stderr, "%s: signal: Failed to set SIG_IGN on"
+ fprintf(stderr, "%s: signal: Failed to set SIG_IGN on\n"
"SIGCHLD\n", argv0);
return 1;
}
@@ -694,7 +694,7 @@ main(int argc, char *argv[])
/* raise the process limit */
rlim.rlim_cur = rlim.rlim_max = maxnprocs;
if (setrlimit(RLIMIT_NPROC, ) < 0) {
- fprintf(stderr, "%s: setrlimit RLIMIT_NPROC: %s", argv0,
+ fprintf(stderr, "%s: setrlimit RLIMIT_NPROC: %s\n", argv0,
strerror(errno));
return 1;
}
Re: [hackers] [sbase] touch(1) permissions correction
[2016-09-01 19:28] [#suckless] Raiz: 0666 is correct for touch,
it is bitwise-anded with umask. see open(2), or test with those other
utilities, or look at their code
[2016-09-01 19:30] [#suckless] looks like I'm the one introducing
bugs rather than fixing them
sorry for inconvenience.
On 2016-09-01 20:13, Ali H. Fardan wrote:
from a security prespective, touch should not allow
everyone to have write permissions to the file, if
someones needs such a permission, chmod(1) can be
used later.
I have tried touch(1) from coreutils and OpenBSD,
both set the default permissions to 644.
Raiz
diff --git a/touch.c b/touch.c
index 6e63bf8..a849901 100644
--- a/touch.c
+++ b/touch.c
@@ -26,7 +26,7 @@ touch(const char *file)
eprintf("utimensat %s:", file);
if (cflag)
return;
- if ((fd = open(file, O_WRONLY | O_CREAT | O_EXCL, 0666)) < 0)
+ if ((fd = open(file, O_WRONLY | O_CREAT | O_EXCL, 0644)) < 0)
eprintf("open %s:", file);
ret = futimens(fd, times);
close(fd);
[hackers] [sbase] touch(1) permissions correction
from a security prespective, touch should not allow
everyone to have write permissions to the file, if
someones needs such a permission, chmod(1) can be
used later.
I have tried touch(1) from coreutils and OpenBSD,
both set the default permissions to 644.
Raiz
diff --git a/touch.c b/touch.c
index 6e63bf8..a849901 100644
--- a/touch.c
+++ b/touch.c
@@ -26,7 +26,7 @@ touch(const char *file)
eprintf("utimensat %s:", file);
if (cflag)
return;
- if ((fd = open(file, O_WRONLY | O_CREAT | O_EXCL, 0666)) < 0)
+ if ((fd = open(file, O_WRONLY | O_CREAT | O_EXCL, 0644)) < 0)
eprintf("open %s:", file);
ret = futimens(fd, times);
close(fd);
Re: [hackers] [sbase] a question regarding date(1)
Right, I just found out that this is correct after going through other programs Raiz On 2016-09-01 19:08, FRIGN wrote: On Thu, 01 Sep 2016 19:01:50 +0300 "Ali H. Fardan" <r...@firemail.cc> wrote: Hey Ali, so I just came across this if (argc) statement and I'm not sure why it is placed there in the first pleace, I am assuming that argc is not tinkered with (via arg.h), but the program works well without it, so my question is, is this if() statement incorrect or it's just there because of arg.h? arg.h tinkers with argc so that after ARGEND argc represents the number of arguments. Thus the "if (argc)" means "if we have any arguments". $ tool -f farg arg when the flag f takes a mandatory argument farg the resulting argc for instance is 1 (and *argv points at "arg"). I hope that explains things. Cheers FRIGN
[hackers] [sbase] a question regarding date(1)
so I just came across this if (argc) statement and
I'm not sure why it is placed there in the first
pleace, I am assuming that argc is not tinkered with
(via arg.h), but the program works well without it,
so my question is, is this if() statement incorrect
or it's just there because of arg.h?
diff --git a/date.c b/date.c
index 1671e1f..b2836fd 100644
--- a/date.c
+++ b/date.c
@@ -33,13 +33,13 @@ main(int argc, char *argv[])
usage();
} ARGEND
- if (argc) {
- if (argc != 1 || argv[0][0] != '+')
- usage();
- else
- fmt = [0][1];
- }
- if (!(now = tztime()))
+ if (argc != 1 || argv[0][0] != '+')
+ usage();
+ else
+ fmt = [0][1];
+
+ now = tztime();
+ if (!now)
eprintf("%stime failed\n", tz);
strftime(buf, sizeof(buf), fmt, now);
[hackers] [sic] extra options patch
Greetings, This patch adds -u and -r options to sic, which allows the
user
to change the default ident and/or realname, is it good or garbage?
should
this go mainstream or just optional?
Raiz
diff --git a/sic.1 b/sic.1
index aba8db8..b85390a 100644
--- a/sic.1
+++ b/sic.1
@@ -9,6 +9,10 @@ sic \- simple irc client
.IR port ]
.RB [ \-n
.IR nick ]
+.RB [ \-u
+.IR ident ]
+.RB [ \-r
+.IR realname ]
.RB [ \-k
.IR pass ]
.RB [ \-v ]
@@ -29,6 +33,12 @@ Overrides the default port (6667)
.BI \-n " nick"
Override the default nick ($USER)
.TP
+.BI \-u " ident"
+Override the default ident ($USER)
+.TP
+.BI \-r " realname"
+Override the default realname ($USER)
+.TP
.BI \-k " pass"
Specifies the PASS connection password
.TP
diff --git a/sic.c b/sic.c
index ce6d216..1241386 100644
--- a/sic.c
+++ b/sic.c
@@ -16,6 +16,8 @@ static char *host = DEFAULT_HOST;
static char *port = DEFAULT_PORT;
static char *password;
static char nick[32];
+static char ident[10];
+static char realname[40];
static char bufin[4096];
static char bufout[4096];
static char channel[256];
@@ -138,7 +140,7 @@ parsesrv(char *cmd) {
static void
usage(void) {
- eprint("usage: sic [-h host] [-p port] [-n nick] [-k keyword] [-v]\n",
argv0);
+ eprint("usage: sic [-h host] [-p port] [-n nick] [-u ident] [-r
realname] [-k keyword] [-v]\n", argv0);
}
int
@@ -149,6 +151,8 @@ main(int argc, char *argv[]) {
fd_set rd;
strlcpy(nick, user ? user : "unknown", sizeof nick);
+ strlcpy(ident, nick, sizeof ident);
+ strlcpy(realname, nick, sizeof realname);
ARGBEGIN {
case 'h':
host = EARGF(usage());
@@ -159,6 +163,12 @@ main(int argc, char *argv[]) {
case 'n':
strlcpy(nick, EARGF(usage()), sizeof nick);
break;
+ case 'u':
+ strlcpy(ident, EARGF(usage()), sizeof ident);
+ break;
+ case 'r':
+ strlcpy(realname, EARGF(usage()), sizeof realname);
+ break;
case 'k':
password = EARGF(usage());
break;
@@ -177,7 +187,7 @@ main(int argc, char *argv[]) {
if(password)
sout("PASS %s", password);
sout("NICK %s", nick);
- sout("USER %s localhost %s :%s", nick, host, nick);
+ sout("USER %s localhost %s :%s", ident, host, realname);
fflush(srv);
setbuf(stdout, NULL);
setbuf(srv, NULL);
