sysmerge signify problem
Hi tech, after updating to the latest snapshot (bsd.rd 03-Mar-2014 01:07) sysmerge can't verify the signatures anymore: $ sudo sysmerge -s /snapshot/etc55.tgz -x /snapshot/xetc55.tgz === Fetching file:///snapshot/etc55.tgz === Fetching file:///snapshot/SHA256.sig === Verifying etc55.tgz signature and checksum signify: verification failed: checked against wrong key ERROR: etc-SHA256.sig: signature check failed I had to use the following command: $ sudo sysmerge -S -s /snapshot/etc55.tgz -x /snapshot/xetc55.tgz === Fetching file:///snapshot/etc55.tgz === Fetching file:///snapshot/xetc55.tgz === Populating temporary root under /var/tmp/sysmerge.pUPCbvGEv1/temproot === Starting comparison === Checking directory hierarchy permissions (running mtree(8)) === Removing /var/tmp/sysmerge.pUPCbvGEv1 Is there something wrong with the keys? Fritjof
Re: sysmerge signify problem
On 2014/03/03 12:01, Fritjof Bornebusch wrote: Hi tech, after updating to the latest snapshot (bsd.rd 03-Mar-2014 01:07) sysmerge can't verify the signatures anymore: $ sudo sysmerge -s /snapshot/etc55.tgz -x /snapshot/xetc55.tgz === Fetching file:///snapshot/etc55.tgz === Fetching file:///snapshot/SHA256.sig === Verifying etc55.tgz signature and checksum signify: verification failed: checked against wrong key ERROR: etc-SHA256.sig: signature check failed I had to use the following command: $ sudo sysmerge -S -s /snapshot/etc55.tgz -x /snapshot/xetc55.tgz === Fetching file:///snapshot/etc55.tgz === Fetching file:///snapshot/xetc55.tgz === Populating temporary root under /var/tmp/sysmerge.pUPCbvGEv1/temproot === Starting comparison === Checking directory hierarchy permissions (running mtree(8)) === Removing /var/tmp/sysmerge.pUPCbvGEv1 Is there something wrong with the keys? Fritjof See http://marc.info/?l=openbsd-cvsm=139368167407088w=2 Modified files: usr.sbin/sysmerge: sysmerge.sh Log message: start using the new officially named keys. This is being done before any snapshots come out which are signed with that key... but just give it a day or two.
ip6_mroute.c: minor stats fix
Hi All,
From FreeBSD,
Only count table lookups when we're actually processing packets.
Index: sys/netinet6/ip6_mroute.c
===
RCS file: /cvs/src/sys/netinet6/ip6_mroute.c,v
retrieving revision 1.67
diff -u -p -u -p -r1.67 ip6_mroute.c
--- sys/netinet6/ip6_mroute.c 11 Nov 2013 09:15:35 - 1.67
+++ sys/netinet6/ip6_mroute.c 3 Mar 2014 12:33:06 -
@@ -190,7 +190,6 @@ static int pim6;
#define MF6CFIND(o, g, rt) do { \
struct mf6c *_rt = mf6ctable[MF6CHASH(o,g)]; \
rt = NULL; \
- mrt6stat.mrt6s_mfc_lookups++; \
while (_rt) { \
if (IN6_ARE_ADDR_EQUAL(_rt-mf6c_origin.sin6_addr, (o)) \
IN6_ARE_ADDR_EQUAL(_rt-mf6c_mcastgrp.sin6_addr, (g)) \
@@ -247,7 +246,7 @@ int
ip6_mrouter_set(int cmd, struct socket *so, struct mbuf *m)
{
if (cmd != MRT6_INIT so != ip6_mrouter)
- return (EACCES);
+ return (EPERM);
switch (cmd) {
case MRT6_INIT:
@@ -287,7 +286,8 @@ ip6_mrouter_set(int cmd, struct socket *
int
ip6_mrouter_get(int cmd, struct socket *so, struct mbuf **m)
{
- if (so != ip6_mrouter) return EACCES;
+ if (so != ip6_mrouter)
+ return (EPERM);
*m = m_get(M_WAIT, MT_SOOPTS);
@@ -998,7 +998,7 @@ ip6_mforward(struct ip6_hdr *ip6, struct
*/
s = splsoftnet();
MF6CFIND(ip6-ip6_src, ip6-ip6_dst, rt);
-
+ mrt6stat.mrt6s_mfc_lookups++;
/* Entry exists, so forward if necessary */
if (rt) {
splx(s);
Re: sysctl.8: add missing mtudisctimeout for ipv6
On Sun, Mar 02, 2014 at 10:51:22AM -0800, Loganaden Velvindron wrote: Hi, While going through some of the commit logs, I noticed that sysctl didn't list ip6.mtudisctimeout. Patch attached: Index: sbin/sysctl/sysctl.8 === RCS file: /cvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.173 diff -u -p -u -p -r1.173 sysctl.8 --- sbin/sysctl/sysctl.8 28 Oct 2013 21:02:35 - 1.173 +++ sbin/sysctl/sysctl.8 2 Mar 2014 18:45:29 - @@ -303,6 +303,7 @@ and a few require a kernel compiled with .It net.inet6.ip6.v6only Ta integer Ta no .It net.inet6.ip6.maxfrags Ta integer Ta yes .It net.inet6.ip6.mforwarding Ta integer Ta yes +.It net.inet6.ip6.mtudisctimeout Ta integer Ta yes .It net.inet6.ip6.multipath Ta integer Ta yes .It net.inet6.ip6.multicast_mtudisc Ta integer Ta yes .It net.inet6.icmp6.rediraccept Ta integer Ta yes should be accompanied by a corresponding entry in sysctl(3), along with a description. i've no idea what this stuff does, and i'm not volunteering to go find out. i notice there's a few of the ip6 sysctls not documented... jmc
Re: USB install image for OpenBSD 5.5 - TESTING REQUIRED
Loganaden Velvindron [logana...@gmail.com] wrote: That's OpenBSD -current right ? I'm going to test it in the afternoon, as the CDROM drive has issues on my OpenBSD development machine. Yes. The correct .fs images for testing are now the i386 and amd64 snapshot versions on the OpenBSD sites.
Re: sysctl.8: add missing mtudisctimeout for ipv6
On Mon, Mar 3, 2014 at 5:41 PM, Jason McIntyre j...@kerhand.co.uk wrote: On Sun, Mar 02, 2014 at 10:51:22AM -0800, Loganaden Velvindron wrote: Hi, While going through some of the commit logs, I noticed that sysctl didn't list ip6.mtudisctimeout. Patch attached: Index: sbin/sysctl/sysctl.8 === RCS file: /cvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.173 diff -u -p -u -p -r1.173 sysctl.8 --- sbin/sysctl/sysctl.8 28 Oct 2013 21:02:35 - 1.173 +++ sbin/sysctl/sysctl.8 2 Mar 2014 18:45:29 - @@ -303,6 +303,7 @@ and a few require a kernel compiled with .It net.inet6.ip6.v6only Ta integer Ta no .It net.inet6.ip6.maxfrags Ta integer Ta yes .It net.inet6.ip6.mforwarding Ta integer Ta yes +.It net.inet6.ip6.mtudisctimeout Ta integer Ta yes .It net.inet6.ip6.multipath Ta integer Ta yes .It net.inet6.ip6.multicast_mtudisc Ta integer Ta yes .It net.inet6.icmp6.rediraccept Ta integer Ta yes should be accompanied by a corresponding entry in sysctl(3), along with a description. i've no idea what this stuff does, and i'm not volunteering to go find out. i notice there's a few of the ip6 sysctls not documented... I'm also working on that :-) jmc -- This message is strictly personal and the opinions expressed do not represent those of my employers, either past or present.
Re: sysctl.8: add missing mtudisctimeout for ipv6
On Mon, Mar 3, 2014 at 5:41 PM, Jason McIntyre j...@kerhand.co.uk wrote: On Sun, Mar 02, 2014 at 10:51:22AM -0800, Loganaden Velvindron wrote: Hi, While going through some of the commit logs, I noticed that sysctl didn't list ip6.mtudisctimeout. Patch attached: Index: sbin/sysctl/sysctl.8 === RCS file: /cvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.173 diff -u -p -u -p -r1.173 sysctl.8 --- sbin/sysctl/sysctl.8 28 Oct 2013 21:02:35 - 1.173 +++ sbin/sysctl/sysctl.8 2 Mar 2014 18:45:29 - @@ -303,6 +303,7 @@ and a few require a kernel compiled with .It net.inet6.ip6.v6only Ta integer Ta no .It net.inet6.ip6.maxfrags Ta integer Ta yes .It net.inet6.ip6.mforwarding Ta integer Ta yes +.It net.inet6.ip6.mtudisctimeout Ta integer Ta yes .It net.inet6.ip6.multipath Ta integer Ta yes .It net.inet6.ip6.multicast_mtudisc Ta integer Ta yes .It net.inet6.icmp6.rediraccept Ta integer Ta yes should be accompanied by a corresponding entry in sysctl(3), along with a description. i've no idea what this stuff does, and i'm not volunteering to go find out. i notice there's a few of the ip6 sysctls not documented... which ipv6 sysctls are you referring to ? jmc -- This message is strictly personal and the opinions expressed do not represent those of my employers, either past or present.
Re: sysctl.8: add missing mtudisctimeout for ipv6
On Mon, Mar 03, 2014 at 10:46:40PM +0400, Loganaden Velvindron wrote: On Mon, Mar 3, 2014 at 5:41 PM, Jason McIntyre j...@kerhand.co.uk wrote: On Sun, Mar 02, 2014 at 10:51:22AM -0800, Loganaden Velvindron wrote: Hi, While going through some of the commit logs, I noticed that sysctl didn't list ip6.mtudisctimeout. Patch attached: Index: sbin/sysctl/sysctl.8 === RCS file: /cvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.173 diff -u -p -u -p -r1.173 sysctl.8 --- sbin/sysctl/sysctl.8 28 Oct 2013 21:02:35 - 1.173 +++ sbin/sysctl/sysctl.8 2 Mar 2014 18:45:29 - @@ -303,6 +303,7 @@ and a few require a kernel compiled with .It net.inet6.ip6.v6only Ta integer Ta no .It net.inet6.ip6.maxfrags Ta integer Ta yes .It net.inet6.ip6.mforwarding Ta integer Ta yes +.It net.inet6.ip6.mtudisctimeout Ta integer Ta yes .It net.inet6.ip6.multipath Ta integer Ta yes .It net.inet6.ip6.multicast_mtudisc Ta integer Ta yes .It net.inet6.icmp6.rediraccept Ta integer Ta yes should be accompanied by a corresponding entry in sysctl(3), along with a description. i've no idea what this stuff does, and i'm not volunteering to go find out. i notice there's a few of the ip6 sysctls not documented... which ipv6 sysctls are you referring to ? net.inet6.ip6.neighborgcthresh net.inet6.ip6.maxifprefixes net.inet6.ip6.maxifdefrouters net.inet6.ip6.maxdynroutes net.inet6.ip6.dad_pending net.inet6.ip6.mtudisctimeout any ip6 bods reading, feel free to help with a sentence or two. good luck! jmc
Re: sysctl.8: add missing mtudisctimeout for ipv6
On 3 March 2014 20:09, Jason McIntyre j...@kerhand.co.uk wrote: net.inet6.ip6.neighborgcthresh net.inet6.ip6.maxifprefixes net.inet6.ip6.maxifdefrouters net.inet6.ip6.maxdynroutes net.inet6.ip6.dad_pending net.inet6.ip6.mtudisctimeout any ip6 bods reading, feel free to help with a sentence or two. i'm looking at this and wondering if these sysctls should exist at all (: good luck! jmc cheers, mike
Re: USB install image for OpenBSD 5.5 - TESTING REQUIRED
On Mon, Mar 3, 2014 at 7:16 PM, Chris Cappuccio ch...@nmedia.net wrote: Loganaden Velvindron [logana...@gmail.com] wrote: That's OpenBSD -current right ? I'm going to test it in the afternoon, as the CDROM drive has issues on my OpenBSD development machine. Yes. The correct .fs images for testing are now the i386 and amd64 snapshot versions on the OpenBSD sites. Hi Chris, I followed your instructions, and it works fine. It loads the installer, and there are no errors. Tested on my OpenBSD dev box (AMD64) using a USB pendrive (2GB). It's currently installing by fetching remote installation files. Would you like a dmesg when the installation is completed ? -- This message is strictly personal and the opinions expressed do not represent those of my employers, either past or present.
