Re: replace microtime with getmicrouptime in ip_mroute.c

[Claudio Jeker]

On Thu, Sep 08, 2016 at 11:54:01AM +1000, David Gwynne wrote:
> it uses the time to rate limit the sending of assertion messages.
> 
> there are two reasons for this change.
> 
> firstly, using uptime instead of wall time means the intervals will
> be measured against a a monotonic clock that isnt skewed by clock
> changes. it should therefore always be rate limited to 30 seconds,
> even if the clock jumps in the middle of that interval.
> 
> secondly, using the get variant of the api means it can use a cached clock 
> time at the expense of accuracy. accuracy between 30s intervals isnt 
> necessary in this use case, but making it use the faster clock read is good 
> cos this path is in response to packets, so it will mitigate a DoS.
> 
> ok?

OK claudio@
 
> after this i intend to tweak the code to use ratecheck().
> 
> Index: ip_mroute.c
> ===
> RCS file: /cvs/src/sys/netinet/ip_mroute.c,v
> retrieving revision 1.90
> diff -u -p -r1.90 ip_mroute.c
> --- ip_mroute.c   7 Mar 2016 18:44:00 -   1.90
> +++ ip_mroute.c   8 Sep 2016 01:49:05 -
> @@ -1482,7 +1482,7 @@ ip_mdq(struct mbuf *m, struct ifnet *ifp
>   return (0);
>   }
>  
> - microtime();
> + getmicrouptime();
>  
>   TV_DELTA(rt->mfc_last_assert, now, delta);
>  
> 

-- 
:wq Claudio

[patch] Some consistence

[Daniel Bolgheroni]

Some consistence.

Index: ls.1
===
RCS file: /cvs/src/bin/ls/ls.1,v
retrieving revision 1.77
diff -u -p -r1.77 ls.1
--- ls.110 Aug 2016 19:46:43 -  1.77
+++ ls.18 Sep 2016 01:44:18 -
@@ -370,7 +370,7 @@ and set-group-ID mode is set.
 If in the owner permissions, the file is executable
 and set-user-ID mode is set.
 If in the group permissions, the file is executable
-and setgroup-ID mode is set.
+and set-group-ID mode is set.
 .It Sy x
 The file is executable or the directory is
 searchable.

-- 
db

Re: Default softraid crypto PBKDF2 rounds

[Damien Miller]

On Wed, 7 Sep 2016, Andreas Bartelt wrote:

> yes, due to the larger internal state of the blowfish algorithm which is
> harder to efficiently realize in dedicated hardware. However, since bcrypt's
> internal state effectively is of fixed size, scrypt would be an even better
> option since it allows for a parameterization of this internal state. Is there
> any interest in switching to scrypt in the context of password authentication
> on OpenBSD?

no, its advantages aren't sufficient for the disruption IMO.

We might consider whatever wins the shootout going on between balloon
hashing and Argon2, but bcrypt has survived so incredibly well that
we can afford to wait.

look(1): eliminate FOLD and DICT macros

[Todd C. Miller]

There's no need to check for isascii() with ANSI ctype macros/functions.
Eliminating the macros makes the code clearer.

 - todd

Index: usr.bin/look/look.c
===
RCS file: /cvs/src/usr.bin/look/look.c,v
retrieving revision 1.18
diff -u -p -u -r1.18 look.c
--- usr.bin/look/look.c 9 Oct 2015 01:37:08 -   1.18
+++ usr.bin/look/look.c 7 Sep 2016 21:44:53 -
@@ -57,20 +57,9 @@
 
 #include "pathnames.h"
 
-/*
- * FOLD and DICT convert characters to a normal form for comparison,
- * according to the user specified flags.
- * 
- * DICT expects integers because it uses a non-character value to
- * indicate a character which should not participate in comparisons.
- */
 #defineEQUAL   0
 #defineGREATER 1
 #defineLESS(-1)
-#define NO_COMPARE (-2)
-
-#defineFOLD(c) (isascii(c) && isupper(c) ? tolower(c) : (c))
-#defineDICT(c) (isascii(c) && isalnum(c) ? (c) : NO_COMPARE)
 
 int dflag, fflag;
 
@@ -147,10 +136,8 @@ look(char *string, char *front, char *ba
/* Reformat string to avoid doing it multiple times later. */
for (readp = writep = string; ch = *readp++;) {
if (fflag)
-   ch = FOLD((unsigned char)ch);
-   if (dflag)
-   ch = DICT((unsigned char)ch);
-   if (ch != NO_COMPARE)
+   ch = tolower((unsigned char)ch);
+   if (!dflag || isalnum((unsigned char)ch))
*(writep++) = ch;
}
*writep = '\0';
@@ -294,11 +281,8 @@ compare(char *s1, char *s2, char *back)
for (; *s1 && s2 < back && *s2 != '\n'; ++s1, ++s2) {
ch = *s2;
if (fflag)
-   ch = FOLD((unsigned char)ch);
-   if (dflag)
-   ch = DICT((unsigned char)ch);
-
-   if (ch == NO_COMPARE) {
+   ch = tolower((unsigned char)ch);
+   if (dflag && !isalnum((unsigned char)ch)) {
++s2;   /* Ignore character in comparison. */
continue;
}

remove unreachable code from all audio drivers

[Alexandre Ratchov]

This diff deletes unreachable code in low-level audio drivers.  As
this touches all archs, tests (a quick kernel build is enough) are
welcome on anything but amd64 and i386.

OK?

Index: share/man/man9/audio.9
===
RCS file: /cvs/src/share/man/man9/audio.9,v
retrieving revision 1.24
diff -u -p -r1.24 audio.9
--- share/man/man9/audio.9  1 Sep 2016 10:14:08 -   1.24
+++ share/man/man9/audio.9  7 Sep 2016 14:01:04 -
@@ -45,9 +45,6 @@ structure.
 struct audio_hw_if {
int (*open)(void *, int);
void(*close)(void *);
-   int (*drain)(void *);
-
-   int (*query_encoding)(void *, struct audio_encoding *);
int (*set_params)(void *, int, int,
struct audio_params *, struct audio_params *);
int (*round_blocksize)(void *, int);
@@ -78,15 +75,12 @@ struct audio_hw_if {
void*(*allocm)(void *, int, size_t, int, int);
void(*freem)(void *, void *, int);
size_t  (*round_buffersize)(void *, int, size_t);
-   paddr_t (*mappage)(void *, void *, off_t, int);
-
int (*get_props)(void *);
 
int (*trigger_output)(void *, void *, void *, int,
void (*)(void *), void *, struct audio_params *);
int (*trigger_input)(void *, void *, void *, int,
void (*)(void *), void *, struct audio_params *);
-   void(*get_default_params)(void *, int, struct audio_params *);
 };
 
 struct audio_params {
@@ -160,22 +154,6 @@ is matched by a call to
 This function returns 0 on success, otherwise an error code.
 .It Fn "void (*close)" "void *hdl"
 This function is called when the audio device is closed.
-.It Fn "int (*drain)" "void *hdl"
-This function is optional.
-If supplied, it is called before the device is closed or when the
-.Dv AUDIO_DRAIN
-.Xr ioctl 2
-is called.
-It makes sure that no samples remain to be played that could
-be lost when
-.Fn close
-is called.
-This function returns 0 on success, otherwise an error code.
-.It Fn "int (*query_encoding)" "void *hdl" "struct audio_encoding *ae"
-This function fills
-.Fa ae
-and returns 0 or, if there is no encoding with the given number, returns
-.Er EINVAL .
 .It Fn "int (*set_params)" "void *hdl" "int setmode" "int usemode" \
 "struct audio_params *play" "struct audio_params *rec"
 This function is called to set the audio encoding mode.
@@ -375,18 +353,6 @@ Note that the buffer size is always a mu
 and
 .Fn round_buffersize
 must be consistent.
-.It Fn "paddr_t (*mappage)" "void *hdl" "void *addr" "off_t offs" "int prot"
-This function is optional.
-If supplied, it is called for
-.Xr mmap 2 .
-It returns the map value for the page at offset
-.Fa offs
-from address
-.Fa addr
-mapped with protection
-.Fa prot .
-This function returns \-1 on failure, or a machine dependent opaque
-value on success.
 .It Fn "int (*get_props)" "void *hdl"
 This function returns a combination of
 .Dv AUDIO_PROP_xxx
@@ -435,21 +401,6 @@ will be called with the argument
 Once started, the transfer may be stopped using
 .Fn halt_input .
 This function returns 0 on success, otherwise an error code.
-.It Fn "void (*get_default_params)" "void *hdl" "int direction" \
-"struct audio_params *param"
-This function is optional.
-If supplied, it is called to retrieve the default configuration
-for the given
-.Fa direction ,
-parameterized in
-.Fa param .
-.Fa direction
-is
-.Dv AUMODE_PLAY
-or
-.Dv AUMODE_RECORD .
-The default configuration should not include emulated formats, and should
-reflect the optimal operating configuration for the underlying hardware.
 .El
 .Pp
 If the audio hardware is capable of input from more
@@ -497,7 +448,6 @@ and be of class
 .Dv AudioCoutputs .
 .Sh SEE ALSO
 .Xr ioctl 2 ,
-.Xr mmap 2 ,
 .Xr open 2 ,
 .Xr sio_open 3 ,
 .Xr audio 4 ,
Index: sys/arch/hppa/gsc/harmony.c
===
RCS file: /cvs/src/sys/arch/hppa/gsc/harmony.c,v
retrieving revision 1.31
diff -u -p -r1.31 harmony.c
--- sys/arch/hppa/gsc/harmony.c 8 Sep 2015 07:14:04 -   1.31
+++ sys/arch/hppa/gsc/harmony.c 7 Sep 2016 14:01:05 -
@@ -56,7 +56,6 @@
 
 int harmony_open(void *, int);
 voidharmony_close(void *);
-int harmony_query_encoding(void *, struct audio_encoding *);
 int harmony_set_params(void *, int, int, struct audio_params *,
 struct audio_params *);
 int harmony_round_blocksize(void *, int);
@@ -79,8 +78,6 @@ int harmony_trigger_input(void *, vo
 struct audio_hw_if harmony_sa_hw_if = {
harmony_open,
harmony_close,
-   NULL,
-   harmony_query_encoding,
harmony_set_params,
harmony_round_blocksize,
harmony_commit_settings,
@@ -99,11 +96,9 @@ struct audio_hw_if harmony_sa_hw_if = {
harmony_allocm,
harmony_freem,
harmony_round_buffersize,
-   NULL,
harmony_get_props,

static pie for arm

[Mark Kettenis]

Diff below makes static pie work on arm.  While reviewing the
MD_CRT0_START assembly I noticed that we don't actually need to save
r4 and r5 on the stack as those arguments are unused.  I also removed
the useless comment around the stack alignment code.

I'll probably hold off on the bsd.own.mk bit for a bit to give people
the opportunity to install a proper rcrt0.o file.

ok?


Index: libexec/ld.so/arm/archdep.h
===
RCS file: /cvs/src/libexec/ld.so/arm/archdep.h,v
retrieving revision 1.7
diff -u -p -r1.7 archdep.h
--- libexec/ld.so/arm/archdep.h 18 May 2016 20:40:20 -  1.7
+++ libexec/ld.so/arm/archdep.h 7 Sep 2016 20:22:20 -
@@ -60,6 +60,10 @@ RELOC_DYN(Elf_Rel *r, const Elf_Sym *s, 
 {
if (ELF_R_TYPE(r->r_info) == R_ARM_RELATIVE) {
*p += v;
+   } else if (ELF_R_TYPE(r->r_info) == R_ARM_GLOB_DAT) {
+   *p += v + s->st_value;
+   } else if (ELF_R_TYPE(r->r_info) == R_ARM_ABS32) {
+   *p += v + s->st_value;
} else {
/* XXX - printf might not work here, but we give it a shot. */
_dl_printf("Unknown bootstrap relocation.\n");
Index: lib/csu/arm/md_init.h
===
RCS file: /cvs/src/lib/csu/arm/md_init.h,v
retrieving revision 1.7
diff -u -p -r1.7 md_init.h
--- lib/csu/arm/md_init.h   24 Mar 2016 05:27:19 -  1.7
+++ lib/csu/arm/md_init.h   7 Sep 2016 20:22:20 -
@@ -87,21 +87,70 @@
"__start:   \n" \
"   mov r3, r0  /* cleanup */   \n" \
"/* Get argc/argv/envp from stack */\n" \
-   "   ldr r0, [sp, #0x]   \n" \
-   "   add r1, sp, #0x0004 \n" \
+   "   ldr r0, [sp, #0]\n" \
+   "   add r1, sp, #4  \n" \
"   add r2, r1, r0, lsl #2  \n" \
-   "   add r2, r2, #0x0004 \n" \
+   "   add r2, r2, #4  \n" \
"   \n" \
"/* \n" \
" * Ensure the stack is properly\n" \
" * aligned before calling C code.  \n" \
" */\n" \
-   /* #if 1 */ \
"   bic sp, sp, #7" /*__STRING(STACKALIGNBYTES)*/ " \n" \
-   /* #endif */\
"   sub sp, sp, #8  \n" \
-   "   str r5, [sp, #4]\n" \
-   "   str r4, [sp, #0]\n" \
"   \n" \
"   b   ___start\n" \
+   ".previous");
+
+#defineMD_RCRT0_START  \
+   char **environ, *__progname;\
+   __asm(  \
+   ".text  \n" \
+   "   .align  0   \n" \
+   "   .globl  _start  \n" \
+   "   .globl  __start \n" \
+   "_start:\n" \
+   "__start:   \n" \
+   "   mov fp, sp  \n" \
+   "   mov r0, fp  \n" \
+   "   \n" \
+   "   sub sp, sp, #4+4+(16*4) \n" \
+   "   add r1, sp, #4  \n" \
+   "   \n" \
+   "   ldr r8, .L_GOT  \n" \
+   "1: add r8, pc, r8  \n" \
+   "   ldr r2, .L__DYNAMIC \n" \
+   "   add r2, r2, r8  \n" \
+   "   \n" \
+   "   bl  _dl_boot_bind   \n" \
+   "   \n" \
+   "   mov sp, fp  \n" \
+   "   mov fp, #0  \n" \
+   "   \n" \
+   "   mov r3, #0  /* cleanup */   \n" \
+   "/* Get argc/argv/envp from stack */\n" \
+   "   ldr r0, [sp, #0]\n" \
+   "   add r1, sp, #4  \n" \
+   "   add r2, r1, r0, lsl #2  \n" \
+   "   add r2, r2, #4  \n" \
+   "   \n" \
+   "/* \n" \
+   " * Ensure the stack is properly\n" \
+   " * aligned before calling C code.  \n" \
+   " */\n" \
+   "   bic sp, sp, #7" /*__STRING(STACKALIGNBYTES)*/ " \n" \
+   "   sub sp, sp, #8  \n" \
+   "   \n" \
+   "   b   ___start  

Re: mount(8): remove unneeded headers

[Ted Unangst]

Michal Mazurek wrote:
> ok?
> 
> Index: sbin/mount/getmntopts.c
> ===
> RCS file: /cvs/src/sbin/mount/getmntopts.c,v
> retrieving revision 1.12
> diff -u -p -r1.12 getmntopts.c
> --- sbin/mount/getmntopts.c   16 Jan 2015 06:39:59 -  1.12
> +++ sbin/mount/getmntopts.c   7 Sep 2016 17:29:37 -
> @@ -31,11 +31,9 @@
>   */
>  
>  #include 
> -#include 

I think this is too far. mntopts.h definitely uses defines from here, it
should be considered a prerequisite even if this file doesn't use them
at present. Otherwise looks ok.

Re: Fix Wacom Intuos S 2 descriptor and make wsmouse work

[Frank Groeneveld]

On Wed, Sep 07, 2016 at 12:12:43AM +0200, Ulf Brosziewski wrote:
> Hi, I was a bit hasty, I should have mentioned that calling
> wsmouse_input_sync is required here. The equivalent of your
> code would would be this:
> 
> if (x != 0 || y != 0 || buttons != ms->sc_buttons) {
>   wsmouse_position(ms->sc_wsmousedev, x, y);
>   /* ignore proximity, it will cause invalid button 2 events */
>   if ((data[0] & 0xf0) != 0xc0)
>   wsmouse_buttons(ms->sc_wsmousedev, buttons);
>   wsmouse_input_sync();
> }
> 
> The WSMOUSE_INPUT macro - a substitute for the old wsmouse_input
> function - does include that call (see wsmousevar.h).
> 
> There is a set of functions for reporting input states:
> wsmouse_buttons, wsmouse_motion, wsmouse_position, wsmouse_touch,
> and wsmouse_mtstate (and the somewhat special wsmouse_set and
> wsmouse_mtframe). A driver can call them in any order, and it
> doesn't need to check whether there are deltas, wsmouse does
> this anyway. However, a frame must be finished by a call to
> wsmouse_input_sync. It is this function that generates the
> wscons events.
> 
> The new interface has been introduced in 6.0.
> 

That explains, thanks you very much for the detailed reply. My sources
were less than a week old, so it will probably just work with the sync
call.

I'll probably send an updated diff when I've fixed the scaling issue.

Frank

mount(8): remove unneeded headers

[Michal Mazurek]

ok?

Index: sbin/mount/getmntopts.c
===
RCS file: /cvs/src/sbin/mount/getmntopts.c,v
retrieving revision 1.12
diff -u -p -r1.12 getmntopts.c
--- sbin/mount/getmntopts.c 16 Jan 2015 06:39:59 -  1.12
+++ sbin/mount/getmntopts.c 7 Sep 2016 17:29:37 -
@@ -31,11 +31,9 @@
  */
 
 #include 
-#include 
 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
Index: sbin/mount/mount.c
===
RCS file: /cvs/src/sbin/mount/mount.c,v
retrieving revision 1.67
diff -u -p -r1.67 mount.c
--- sbin/mount/mount.c  4 Sep 2016 19:45:27 -   1.67
+++ sbin/mount/mount.c  7 Sep 2016 17:29:37 -
@@ -35,7 +35,6 @@
 #include 
 #include 
 
-#include 
 #include 
 #include 
 
@@ -48,7 +47,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 
 #include "pathnames.h"

-- 
Michal Mazurek

ping(8): fix multicast source address selection

[Florian Obser]

This got broken in rev 1.136 9 months ago. Sorry about that.

Tests / OKs?

p.s. applying + diff -bu is easier to figure out what's going on.

diff --git ping.c ping.c
index 9c2395a..b879d6f 100644
--- ping.c
+++ ping.c
@@ -121,7 +121,6 @@ int options;
 int moptions;
 #defineMULTICAST_NOLOOP0x001
 #defineMULTICAST_TTL   0x002
-#defineMULTICAST_IF0x004
 
 /*
  * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum
@@ -395,24 +394,25 @@ main(int argc, char *argv[])
freeaddrinfo(res);
 
if (source) {
-   if (IN_MULTICAST(ntohl(dst.sin_addr.s_addr)))
-   moptions |= MULTICAST_IF;
-   else {
-   memset(, 0, sizeof(from4));
-   from4.sin_family = AF_INET;
-   if (inet_aton(source, _addr) == 0) {
-   memset(, 0, sizeof(hints));
-   hints.ai_family = AF_INET;
-   hints.ai_socktype = SOCK_DGRAM; /*dummy*/
-   if ((error = getaddrinfo(source, NULL, ,
-   )))
-   errx(1, "%s: %s", source,
-   gai_strerror(error));
-   if (res->ai_addrlen != sizeof(from4))
-   errx(1, "size of sockaddr mismatch");
-   memcpy(, res->ai_addr, res->ai_addrlen);
-   freeaddrinfo(res);
-   }
+   memset(, 0, sizeof(from4));
+   from4.sin_family = AF_INET;
+   if (inet_aton(source, _addr) == 0) {
+   memset(, 0, sizeof(hints));
+   hints.ai_family = AF_INET;
+   hints.ai_socktype = SOCK_DGRAM; /*dummy*/
+   if ((error = getaddrinfo(source, NULL, , )))
+   errx(1, "%s: %s", source, gai_strerror(error));
+   if (res->ai_addrlen != sizeof(from4))
+   errx(1, "size of sockaddr mismatch");
+   memcpy(, res->ai_addr, res->ai_addrlen);
+   freeaddrinfo(res);
+   }
+
+   if (IN_MULTICAST(ntohl(dst.sin_addr.s_addr))) {
+   if (setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF,
+   _addr, sizeof(from4.sin_addr)) < 0)
+   err(1, "setsockopt IP_MULTICAST_IF");
+   } else {
if (bind(s, (struct sockaddr *), sizeof(from4))
< 0)
err(1, "bind");
@@ -492,10 +492,6 @@ main(int argc, char *argv[])
setsockopt(s, IPPROTO_IP, IP_MULTICAST_TTL, ,
sizeof(ttl)) < 0)
err(1, "setsockopt IP_MULTICAST_TTL");
-   if ((moptions & MULTICAST_IF) &&
-   setsockopt(s, IPPROTO_IP, IP_MULTICAST_IF, _addr,
-   sizeof(from4.sin_addr)) < 0)
-   err(1, "setsockopt IP_MULTICAST_IF");
 
/*
 * When trying to send large packets, you must increase the


-- 
I'm not entirely sure you are real.

Re: mg: Collect forked off children from M-| command

[Todd C. Miller]

On Wed, 07 Sep 2016 12:05:22 -, Mark Lumsden wrote:

> Source Joachim Nilsson:
> 
> Collect forked off children from M-| command
> 
> Mg left zombies from commands executed when piping a region of text to
> an external command.  This patch makes sure to collect for the child
> before returning.
> 
> Looks ok to me. ok?

OK millert@.

 - todd

Re: mg: Collect forked off children from M-| command

[Sunil Nimmagadda]

On Wed, Sep 07, 2016 at 12:05:22PM +, Mark Lumsden wrote:
> Source Joachim Nilsson:
> 
> Collect forked off children from M-| command
> 
> Mg left zombies from commands executed when piping a region of text to
> an external command.  This patch makes sure to collect for the child
> before returning.
> 
> Looks ok to me. ok?

Ok sunil@

Re: Default softraid crypto PBKDF2 rounds

[Andreas Bartelt]

On 09/07/16 09:16, Damien Miller wrote:

On Tue, 6 Sep 2016, David Coppa wrote:


Il 6 settembre 2016 14:56:32 CEST, Filippo Valsorda  ha 
scritto:

Hello,

I recently had the occasion to dive into the softraid crypto code [1]
and was quite pleased with the cleanliness of it all. However, I found
surprising the default value of 8k PBKDF2 rounds.

I know it is easy to override and I should have RTFM, but I (naively,
I'll admit) assumed OpenBSD would pick very robust defaults, erring on
the conservative side. Is it maybe time to bump it up, or pick it based
on a quick machine benchmark?

If there's consensus I might also provide a patch for the live
benchmark
option.


yes, autodetection of a sensible value would be cool...


using bcrypt_kdf would be better :)




yes, due to the larger internal state of the blowfish algorithm which is 
harder to efficiently realize in dedicated hardware. However, since 
bcrypt's internal state effectively is of fixed size, scrypt would be an 
even better option since it allows for a parameterization of this 
internal state. Is there any interest in switching to scrypt in the 
context of password authentication on OpenBSD?

Re: [patch] make npppd do as the man page says

[YASUOKA Masahiko]

Sorry for long delay.

Using empty sting for hostname in PPTP is intentional.  So I will fix
the man page.  Thank you for your report.

On Tue, 8 Mar 2016 11:20:40 +
Joe Holden  wrote:
> Below is a patch that corrects pptp to set the pptp hostname as the
> system hostname, as per the man page and l2tp:
> 
> diff --git a/usr.sbin/npppd/pptp/pptp_ctrl.c
> b/usr.sbin/npppd/pptp/pptp_ctrl.c
> index 1dfdc03..722b2a0 100644
> --- a/usr.sbin/npppd/pptp/pptp_ctrl.c
> +++ b/usr.sbin/npppd/pptp/pptp_ctrl.c
> @@ -721,6 +721,7 @@ pptp_ctrl_send_SCCRP(pptp_ctrl *_this, int result,
> int error)
> struct pptp_scc *scc;
> char logbuf[512];
> const char *val;
> +   char hbuf[NI_MAXHOST + NI_MAXSERV + 16];
> 
> scc = bytebuffer_pointer(_this->send_buf);
> lpkt = bytebuffer_remaining(_this->send_buf);
> @@ -749,8 +750,10 @@ pptp_ctrl_send_SCCRP(pptp_ctrl *_this, int
> result, int error)
>  * 63 character */
> /* host name */
> 
> -   if ((val = PPTP_CTRL_CONF(_this)->hostname) == NULL)
> -   val = "";
> +   if ((val = PPTP_CTRL_CONF(_this)->hostname) == NULL) {
> +   gethostname(hbuf, sizeof(hbuf));
> +   val = hbuf;
> +   }
> strlcpy(scc->host_name, val, sizeof(scc->host_name));
> 
> /* vender name */
> 

Re: smtpd shutdown cleanup

[Gilles Chehade]

On Tue, Sep 06, 2016 at 11:31:04PM +0200, Eric Faurot wrote:
> Previously, all processes would shutdown on receiving SIGINT or SIGTERM.
> When going down, the parent process would kill all the other process and
> waitpid() them.
> 
> Now, only the parent process handles SIGTERM and SIGINT, other processes
> ignore them. Upon receiving one of these signals, the parent process all
> imsg sockets and waitpid() for the children.  It fatal()s if one of the
> imsg sockets is closed unexpectedly.
> 
> Other processes exit() "normally" when one of their imsg socket is closed
> (except for client connection on the control socket of course). That's how
> they are supposed to stop now.  When doing so, they log as "debug" instead
> of "info" because useless logs are useless.
> 
> This makes the shutdown sequence much saner.
> 

ok

> Index: ca.c
> ===
> RCS file: /cvs/src/usr.sbin/smtpd/ca.c,v
> retrieving revision 1.24
> diff -u -p -r1.24 ca.c
> --- ca.c  4 Sep 2016 16:10:31 -   1.24
> +++ ca.c  6 Sep 2016 19:33:45 -
> @@ -66,29 +66,14 @@ static uint64_trsae_reqid = 0;
>  static void
>  ca_shutdown(void)
>  {
> - log_info("info: ca agent exiting");
> + log_debug("debug: ca agent exiting");
>   _exit(0);
>  }
>  
> -static void
> -ca_sig_handler(int sig, short event, void *p)
> -{
> - switch (sig) {
> - case SIGINT:
> - case SIGTERM:
> - ca_shutdown();
> - break;
> - default:
> - fatalx("ca_sig_handler: unexpected signal");
> - }
> -}
> -
>  int
>  ca(void)
>  {
>   struct passwd   *pw;
> - struct event ev_sigint;
> - struct event ev_sigterm;
>  
>   purge_config(PURGE_LISTENERS|PURGE_TABLES|PURGE_RULES);
>  
> @@ -110,10 +95,8 @@ ca(void)
>   imsg_callback = ca_imsg;
>   event_init();
>  
> - signal_set(_sigint, SIGINT, ca_sig_handler, NULL);
> - signal_set(_sigterm, SIGTERM, ca_sig_handler, NULL);
> - signal_add(_sigint, NULL);
> - signal_add(_sigterm, NULL);
> + signal(SIGINT, SIG_IGN);
> + signal(SIGTERM, SIG_IGN);
>   signal(SIGPIPE, SIG_IGN);
>   signal(SIGHUP, SIG_IGN);
>  
> @@ -242,6 +225,9 @@ ca_imsg(struct mproc *p, struct imsg *im
>   int  ret = 0;
>   uint64_t id;
>   int  v;
> +
> + if (imsg == NULL)
> + ca_shutdown();
>  
>   if (p->proc == PROC_PARENT) {
>   switch (imsg->hdr.type) {
> Index: control.c
> ===
> RCS file: /cvs/src/usr.sbin/smtpd/control.c,v
> retrieving revision 1.116
> diff -u -p -r1.116 control.c
> --- control.c 4 Sep 2016 16:10:31 -   1.116
> +++ control.c 6 Sep 2016 19:33:45 -
> @@ -63,7 +63,6 @@ static void control_shutdown(void);
>  static void control_listen(void);
>  static void control_accept(int, short, void *);
>  static void control_close(struct ctl_conn *);
> -static void control_sig_handler(int, short, void *);
>  static void control_dispatch_ext(struct mproc *, struct imsg *);
>  static void control_digest_update(const char *, size_t, int);
>  static void control_broadcast_verbose(int, int);
> @@ -89,6 +88,12 @@ control_imsg(struct mproc *p, struct ims
>   const void  *data;
>   size_t   sz;
>  
> + if (imsg == NULL) {
> + if (p->proc != PROC_CLIENT)
> + control_shutdown();
> + return;
> + }
> +
>   if (p->proc == PROC_PONY) {
>   switch (imsg->hdr.type) {
>   case IMSG_CTL_SMTP_SESSION:
> @@ -186,19 +191,6 @@ control_imsg(struct mproc *p, struct ims
>   imsg_to_str(imsg->hdr.type));
>  }
>  
> -static void
> -control_sig_handler(int sig, short event, void *p)
> -{
> - switch (sig) {
> - case SIGINT:
> - case SIGTERM:
> - control_shutdown();
> - break;
> - default:
> - fatalx("control_sig_handler: unexpected signal");
> - }
> -}
> -
>  int
>  control_create_socket(void)
>  {
> @@ -245,8 +237,6 @@ int
>  control(void)
>  {
>   struct passwd   *pw;
> - struct event ev_sigint;
> - struct event ev_sigterm;
>  
>   purge_config(PURGE_EVERYTHING);
>  
> @@ -271,10 +261,8 @@ control(void)
>   imsg_callback = control_imsg;
>   event_init();
>  
> - signal_set(_sigint, SIGINT, control_sig_handler, NULL);
> - signal_set(_sigterm, SIGTERM, control_sig_handler, NULL);
> - signal_add(_sigint, NULL);
> - signal_add(_sigterm, NULL);
> + signal(SIGINT, SIG_IGN);
> + signal(SIGTERM, SIG_IGN);
>   signal(SIGPIPE, SIG_IGN);
>   signal(SIGHUP, SIG_IGN);
>  
> @@ -305,7 +293,7 @@ control(void)
>  static void
>  control_shutdown(void)
>  {
> - log_info("info: control process exiting");
> + log_debug("debug: control agent exiting");
>  

Re: Default softraid crypto PBKDF2 rounds

[Damien Miller]

On Tue, 6 Sep 2016, David Coppa wrote:

> Il 6 settembre 2016 14:56:32 CEST, Filippo Valsorda  ha 
> scritto:
> >Hello,
> >
> >I recently had the occasion to dive into the softraid crypto code [1]
> >and was quite pleased with the cleanliness of it all. However, I found
> >surprising the default value of 8k PBKDF2 rounds.
> >
> >I know it is easy to override and I should have RTFM, but I (naively,
> >I'll admit) assumed OpenBSD would pick very robust defaults, erring on
> >the conservative side. Is it maybe time to bump it up, or pick it based
> >on a quick machine benchmark?
> >
> >If there's consensus I might also provide a patch for the live
> >benchmark
> >option.
> 
> yes, autodetection of a sensible value would be cool...

using bcrypt_kdf would be better :)

Re: Some cleanups and tweaks for wc(1)

[Joerg Jung]

> On 04 Sep 2016, at 00:06, Frederic Cambus  wrote:
> 
> Hi tech@,
> 
> Some cleanups and tweaks for wc(1):
> 
> - Removed unnecessary string.h include
> - Changed 'format_and_print' argument type to int64_t and casting
>  inside the function
> - Declaring 'print_counts', 'format_and_print', and 'cnt' as static
> - Remove unnecessary cast for NULL, and (void) casts from printfs,
>  'mbtowc' and 'format_and_print' calls
> - In 'cnt', change bufsz type from ssize_t to size_t to avoid
>  converting between pointers to integer types with different sign
>  when calling getline (catched when compiling with Clang)
> - Use return instead of exit in main

ok jung@

> Index: wc.c
> ===
> RCS file: /cvs/src/usr.bin/wc/wc.c,v
> retrieving revision 1.20
> diff -u -p -u -p -r1.20 wc.c
> --- wc.c  8 Dec 2015 01:00:45 -   1.20
> +++ wc.c  8 May 2016 21:51:28 -
> @@ -34,7 +34,6 @@
> #include 
> #include 
> #include 
> -#include 
> #include 
> #include 
> #include 
> @@ -45,12 +44,12 @@
> 
> int64_t   tlinect, twordct, tcharct;
> int   doline, doword, dochar, humanchar, multibyte;
> -int  rval;
> +int  rval;
> extern char *__progname;
> 
> -void print_counts(int64_t, int64_t, int64_t, char *);
> -void format_and_print(long long);
> -void cnt(char *);
> +static void print_counts(int64_t, int64_t, int64_t, char *);
> +static void format_and_print(int64_t);
> +static void cnt(char *);
> 
> int
> main(int argc, char *argv[])
> @@ -82,10 +81,10 @@ main(int argc, char *argv[])
>   break;
>   case '?':
>   default:
> - (void)fprintf(stderr,
> + fprintf(stderr,
>   "usage: %s [-c | -m] [-hlw] [file ...]\n",
>   __progname);
> - exit(1);
> + return 1;
>   }
>   argv += optind;
>   argc -= optind;
> @@ -99,7 +98,7 @@ main(int argc, char *argv[])
>   doline = doword = dochar = 1;
> 
>   if (!*argv) {
> - cnt((char *)NULL);
> + cnt(NULL);
>   } else {
>   int dototal = (argc > 1);
> 
> @@ -111,14 +110,14 @@ main(int argc, char *argv[])
>   print_counts(tlinect, twordct, tcharct, "total");
>   }
> 
> - exit(rval);
> + return rval;
> }
> 
> -void
> +static void
> cnt(char *file)
> {
>   static char *buf;
> - static ssize_t bufsz;
> + static size_t bufsz;
> 
>   FILE *stream;
>   char *C;
> @@ -213,7 +212,7 @@ cnt(char *file)
>   ++charct;
>   len = mbtowc(, C, MB_CUR_MAX);
>   if (len == -1) {
> - (void)mbtowc(NULL, NULL,
> + mbtowc(NULL, NULL,
>   MB_CUR_MAX);
>   len = 1;
>   wc = L' ';
> @@ -263,31 +262,31 @@ cnt(char *file)
>   }
> }
> 
> -void 
> -format_and_print(long long v)
> +static void
> +format_and_print(int64_t v)
> {
>   if (humanchar) {
>   char result[FMT_SCALED_STRSIZE];
> 
> - (void)fmt_scaled(v, result);
> - (void)printf("%7s", result);
> + fmt_scaled((long long)v, result);
> + printf("%7s", result);
>   } else {
> - (void)printf(" %7lld", v);
> + printf(" %7lld", v);
>   }
> }
> 
> -void
> +static void
> print_counts(int64_t lines, int64_t words, int64_t chars, char *name)
> {
>   if (doline)
> - format_and_print((long long)lines);
> + format_and_print(lines);
>   if (doword)
> - format_and_print((long long)words);
> + format_and_print(words);
>   if (dochar)
> - format_and_print((long long)chars);
> + format_and_print(chars);
> 
>   if (name)
> - (void)printf(" %s\n", name);
> + printf(" %s\n", name);
>   else
> - (void)printf("\n");
> + printf("\n");
> }
>