Re: [PATCH] VMD: Ensure disk is a regular file prior to vm boot
On Wed, Aug 30, 2017 at 04:56:20PM -0700, Carlos Cardenas wrote:
> Add check(s) in vmd/vmctl to ensure a VM's disk are regular files.
>
> Tested with the following:
> vmctl start "test1" -d /dev/sd3c #block device
> vmctl start "test2" -d /dev/rsd3c #char device
> vmctl start "test3" -d fifo #named pipe
>
> Comments? Ok?
>
Looks good, committed. Thanks!
-ml
> diff --git usr.sbin/vmctl/vmctl.c usr.sbin/vmctl/vmctl.c
> index f694f61e48c..e3db6a78c5b 100644
> --- usr.sbin/vmctl/vmctl.c
> +++ usr.sbin/vmctl/vmctl.c
> @@ -204,6 +204,11 @@ vm_start_complete(struct imsg *imsg, int *ret, int
> autoconnect)
> warnx("could not find specified disk image(s)");
> *ret = ENOENT;
> break;
> + case VMD_DISK_INVALID:
> + warnx("specified disk image(s) are "
> +"not regular files");
> + *ret = ENOENT;
> + break;
> default:
> errno = res;
> warn("start vm command failed");
> diff --git usr.sbin/vmd/config.c usr.sbin/vmd/config.c
> index 1e1166f8263..ced7ab666b4 100644
> --- usr.sbin/vmd/config.c
> +++ usr.sbin/vmd/config.c
> @@ -20,6 +20,7 @@
> #include
> #include
> #include
> +#include
> #include
>
> #include
> @@ -157,6 +158,7 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> uint32_t peerid, uid_t uid)
> struct vmd_if *vif;
> struct vmop_create_params *vmc = &vm->vm_params;
> struct vm_create_params *vcp = &vmc->vmc_params;
> + struct stat stat_buf;
> unsigned int i;
> int fd = -1, vmboot = 0;
> int kernfd = -1, *diskfds = NULL, *tapfds = NULL;
> @@ -225,6 +227,19 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> uint32_t peerid, uid_t uid)
>
> /* Open disk images for child */
> for (i = 0 ; i < vcp->vcp_ndisks; i++) {
> +/* Stat disk[i] to ensure it is a regular file */
> +if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
> + log_warn("%s: can't open disk %s", __func__,
> + vcp->vcp_disks[i]);
> + errno = VMD_DISK_MISSING;
> + goto fail;
> +}
> +if (S_ISREG(stat_buf.st_mode) == 0) {
> + log_warn("%s: disk %s is not a regular file", __func__,
> + vcp->vcp_disks[i]);
> + errno = VMD_DISK_INVALID;
> + goto fail;
> +}
> if ((diskfds[i] =
> open(vcp->vcp_disks[i], O_RDWR)) == -1) {
> log_warn("%s: can't open disk %s", __func__,
> diff --git usr.sbin/vmd/vmd.h usr.sbin/vmd/vmd.h
> index 57bdb71cd5f..daeffa7c80e 100644
> --- usr.sbin/vmd/vmd.h
> +++ usr.sbin/vmd/vmd.h
> @@ -53,6 +53,7 @@
> /* vmd -> vmctl error codes */
> #define VMD_BIOS_MISSING 1001
> #define VMD_DISK_MISSING 1002
> +#define VMD_DISK_INVALID 1003
>
> /* 100.64.0.0/10 from rfc6598 (IPv4 Prefix for Shared Address Space) */
> #define VMD_DHCP_PREFIX "100.64.0.0/10"
> --
> 2.14.1
>
Re: [PATCH] vm.conf: Clarify VM name constraints
On Thu, Aug 31, 2017 at 08:11:55AM +0200, Jasper Lievisse Adriaanse wrote: > On Wed, Aug 30, 2017 at 05:11:26PM -0700, Carlos Cardenas wrote: > > Add VM name constraints to match those in vmctl.8 manpage. > > > > Comments? Ok? > Applied, thanks. > > > diff --git usr.sbin/vmd/vm.conf.5 usr.sbin/vmd/vm.conf.5 > > index d1e68dbce5d..77a7a4e8cea 100644 > > --- usr.sbin/vmd/vm.conf.5 > > +++ usr.sbin/vmd/vm.conf.5 > > @@ -108,7 +108,9 @@ section starts with a declaration of the virtual machine > > .Ar name : > > .Bl -tag -width Ds > > .It Ic vm Ar name Brq ... > > -This name can be any string, and is typically a hostname. > > +The name can be any alphanumeric string along with '.', '-', and '_' > > +characters. However, it cannot start with '.', '-', or '_'. > > +Typically the name is a hostname. > > .El > > .Pp > > Followed by a block of parameters that is enclosed in curly brackets: > > -- > > 2.14.1 > > > > -- > jasper > Ah, thanks. You beat me to it :)
Re: [PATCH] VMD: Ensure disk is a regular file prior to vm boot
On Thu, Aug 31, 2017 at 06:56:45AM +0100, Raf Czlonka wrote:
> Hi Carlos,
>
> Doesn't this mean that, even though it might not be possible to do
> this today (is it?), you're effectively disabling the usage of
> physical disks for VMs, i.e. equivalent of a raw disk device used
> in other hypervisors?
>
> Regards,
>
> Raf
>
Use of raw block or character devices is not supported today and is not
easily achievable in the near term. Using a block device is blocked
in the kernel UIPC layer and using a character device doesn't work because
of some limitations in the seeking capability of such devices.
Today if you try to use such devices you are presented with a confusing
and misleading error message. Carlos' diff is a step in the right direction.
Should someone come along later and make raw devices work, this diff can
be easily removed.
-ml
> On Thu, Aug 31, 2017 at 12:56:20AM BST, Carlos Cardenas wrote:
> > Add check(s) in vmd/vmctl to ensure a VM's disk are regular files.
> >
> > Tested with the following:
> > vmctl start "test1" -d /dev/sd3c #block device
> > vmctl start "test2" -d /dev/rsd3c #char device
> > vmctl start "test3" -d fifo #named pipe
> >
> > Comments? Ok?
> >
> > diff --git usr.sbin/vmctl/vmctl.c usr.sbin/vmctl/vmctl.c
> > index f694f61e48c..e3db6a78c5b 100644
> > --- usr.sbin/vmctl/vmctl.c
> > +++ usr.sbin/vmctl/vmctl.c
> > @@ -204,6 +204,11 @@ vm_start_complete(struct imsg *imsg, int *ret, int
> > autoconnect)
> > warnx("could not find specified disk image(s)");
> > *ret = ENOENT;
> > break;
> > + case VMD_DISK_INVALID:
> > + warnx("specified disk image(s) are "
> > +"not regular files");
> > + *ret = ENOENT;
> > + break;
> > default:
> > errno = res;
> > warn("start vm command failed");
> > diff --git usr.sbin/vmd/config.c usr.sbin/vmd/config.c
> > index 1e1166f8263..ced7ab666b4 100644
> > --- usr.sbin/vmd/config.c
> > +++ usr.sbin/vmd/config.c
> > @@ -20,6 +20,7 @@
> > #include
> > #include
> > #include
> > +#include
> > #include
> >
> > #include
> > @@ -157,6 +158,7 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> > uint32_t peerid, uid_t uid)
> > struct vmd_if *vif;
> > struct vmop_create_params *vmc = &vm->vm_params;
> > struct vm_create_params *vcp = &vmc->vmc_params;
> > + struct stat stat_buf;
> > unsigned int i;
> > int fd = -1, vmboot = 0;
> > int kernfd = -1, *diskfds = NULL, *tapfds = NULL;
> > @@ -225,6 +227,19 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> > uint32_t peerid, uid_t uid)
> >
> > /* Open disk images for child */
> > for (i = 0 ; i < vcp->vcp_ndisks; i++) {
> > +/* Stat disk[i] to ensure it is a regular file */
> > +if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
> > + log_warn("%s: can't open disk %s", __func__,
> > + vcp->vcp_disks[i]);
> > + errno = VMD_DISK_MISSING;
> > + goto fail;
> > +}
> > +if (S_ISREG(stat_buf.st_mode) == 0) {
> > + log_warn("%s: disk %s is not a regular file", __func__,
> > + vcp->vcp_disks[i]);
> > + errno = VMD_DISK_INVALID;
> > + goto fail;
> > +}
> > if ((diskfds[i] =
> > open(vcp->vcp_disks[i], O_RDWR)) == -1) {
> > log_warn("%s: can't open disk %s", __func__,
> > diff --git usr.sbin/vmd/vmd.h usr.sbin/vmd/vmd.h
> > index 57bdb71cd5f..daeffa7c80e 100644
> > --- usr.sbin/vmd/vmd.h
> > +++ usr.sbin/vmd/vmd.h
> > @@ -53,6 +53,7 @@
> > /* vmd -> vmctl error codes */
> > #define VMD_BIOS_MISSING 1001
> > #define VMD_DISK_MISSING 1002
> > +#define VMD_DISK_INVALID 1003
> >
> > /* 100.64.0.0/10 from rfc6598 (IPv4 Prefix for Shared Address Space) */
> > #define VMD_DHCP_PREFIX"100.64.0.0/10"
> > --
> > 2.14.1
> >
>
> --
> Raf Czlonka
> Support Systems Analyst
> Clinical School Computing Service, School of Clinical Medicine
> University of Cambridge, Box 111 Cambridge Biomedical Campus
> Cambridge, CB2 0SP, Tel. 01223 (7)46728
>
Re: Unbreak DEBUG for nfsd(8)
On Wed, Aug 30, 2017 at 08:01:36PM +0100, Ricardo Mestre wrote:
> On 19:30 Wed 30 Aug , Otto Moerbeek wrote:
> > On Wed, Aug 30, 2017 at 05:54:16PM +0100, Ricardo Mestre wrote:
> >
> > > Hi,
> > >
> > > Unbreak DEBUG for nfsd(8), this one was caught with cppcheck.
> > >
> > > It has been broken for about 7 years ago when a couple of errx calls,
> > > which had
> > > string format arguments, were replaced by syslog calls.
> >
> > Can you please formulate this without using a GNU extension, i.e. the
> > standard knows
> >
> > #define X A(a, ...) bla
> >
> > but not
> >
> > #define X A(a...) bla
> >
> > -Otto
> >
>
> Hi Otto,
>
> Something like this then?
>
> I also had to convert a few syslog calls since fprintf doesn't know about %m,
> so in those cases I added strerror to them.
Looks good.
-Otto
>
> Index: nfsd.c
> ===
> RCS file: /cvs/src/sbin/nfsd/nfsd.c,v
> retrieving revision 1.36
> diff -u -p -u -r1.36 nfsd.c
> --- nfsd.c7 Jun 2016 01:29:38 - 1.36
> +++ nfsd.c30 Aug 2017 18:57:56 -
> @@ -64,7 +64,11 @@
>
> /* Global defs */
> #ifdef DEBUG
> -#define syslog(e, s)fprintf(stderr,(s))
> +#define syslog(e, s, ...) \
> +do { \
> + fprintf(stderr, (s), ##__VA_ARGS__);\
> + fprintf(stderr, "\n"); \
> +} while (0)
> int debug = 1;
> #else
> int debug = 0;
> @@ -163,13 +167,15 @@ main(int argc, char *argv[])
> if (udpflag &&
> (!pmap_set(RPCPROG_NFS, 2, IPPROTO_UDP, NFS_PORT) ||
>!pmap_set(RPCPROG_NFS, 3, IPPROTO_UDP, NFS_PORT))) {
> - syslog(LOG_ERR, "can't register with portmap for UDP
> (%m).");
> + syslog(LOG_ERR, "can't register with portmap for UDP
> (%s).",
> + strerror(errno));
> return (1);
> }
> if (tcpflag &&
> (!pmap_set(RPCPROG_NFS, 2, IPPROTO_TCP, NFS_PORT) ||
>!pmap_set(RPCPROG_NFS, 3, IPPROTO_TCP, NFS_PORT))) {
> - syslog(LOG_ERR, "can't register with portmap for TCP
> (%m).");
> + syslog(LOG_ERR, "can't register with portmap for TCP
> (%s).",
> + strerror(errno));
> return (1);
> }
> return (0);
> @@ -182,7 +188,7 @@ main(int argc, char *argv[])
> for (i = 0; i < nfsdcnt; i++) {
> switch (fork()) {
> case -1:
> - syslog(LOG_ERR, "fork: %m");
> + syslog(LOG_ERR, "fork: %s", strerror(errno));
> return (1);
> case 0:
> break;
> @@ -193,7 +199,7 @@ main(int argc, char *argv[])
> setproctitle("server");
> nsd.nsd_nfsd = NULL;
> if (nfssvc(NFSSVC_NFSD, &nsd) < 0) {
> - syslog(LOG_ERR, "nfssvc: %m");
> + syslog(LOG_ERR, "nfssvc: %s", strerror(errno));
> return (1);
> }
> return (0);
> @@ -240,7 +246,7 @@ main(int argc, char *argv[])
> }
> if (setsockopt(tcpsock,
> SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0)
> - syslog(LOG_ERR, "setsockopt SO_REUSEADDR: %m");
> + syslog(LOG_ERR, "setsockopt SO_REUSEADDR: %s",
> strerror(errno));
> memset(&inetaddr, 0, sizeof inetaddr);
> inetaddr.sin_family = AF_INET;
> inetaddr.sin_addr.s_addr = INADDR_ANY;
> @@ -284,7 +290,7 @@ main(int argc, char *argv[])
> if (connect_type_cnt > 1) {
> ret = poll(&pfd, 1, INFTIM);
> if (ret < 1) {
> - syslog(LOG_ERR, "poll failed: %m");
> + syslog(LOG_ERR, "poll failed: %s",
> strerror(errno));
> return (1);
> }
>
> @@ -297,14 +303,14 @@ main(int argc, char *argv[])
> if (errno == EWOULDBLOCK || errno == EINTR ||
> errno == ECONNABORTED)
> continue;
> - syslog(LOG_ERR, "accept failed: %m");
> + syslog(LOG_ERR, "accept failed: %s",
> strerror(errno));
> return (1);
> }
> memset(inetpeer.sin_zero, 0, sizeof(inetpeer.sin_zero));
> if (setsockopt(msgsock, SOL_SOCKET,
> SO_KEEPALIVE, &on, sizeof(on)) < 0)
> syslog(LOG_ERR,
> - "setsockopt SO_KEEPALIVE:
Re: [PATCH] vm.conf: Clarify VM name constraints
On Wed, Aug 30, 2017 at 05:11:26PM -0700, Carlos Cardenas wrote: > Add VM name constraints to match those in vmctl.8 manpage. > > Comments? Ok? Applied, thanks. > diff --git usr.sbin/vmd/vm.conf.5 usr.sbin/vmd/vm.conf.5 > index d1e68dbce5d..77a7a4e8cea 100644 > --- usr.sbin/vmd/vm.conf.5 > +++ usr.sbin/vmd/vm.conf.5 > @@ -108,7 +108,9 @@ section starts with a declaration of the virtual machine > .Ar name : > .Bl -tag -width Ds > .It Ic vm Ar name Brq ... > -This name can be any string, and is typically a hostname. > +The name can be any alphanumeric string along with '.', '-', and '_' > +characters. However, it cannot start with '.', '-', or '_'. > +Typically the name is a hostname. > .El > .Pp > Followed by a block of parameters that is enclosed in curly brackets: > -- > 2.14.1 > -- jasper
Re: [PATCH] VMD: Ensure disk is a regular file prior to vm boot
Hi Carlos,
Doesn't this mean that, even though it might not be possible to do
this today (is it?), you're effectively disabling the usage of
physical disks for VMs, i.e. equivalent of a raw disk device used
in other hypervisors?
Regards,
Raf
On Thu, Aug 31, 2017 at 12:56:20AM BST, Carlos Cardenas wrote:
> Add check(s) in vmd/vmctl to ensure a VM's disk are regular files.
>
> Tested with the following:
> vmctl start "test1" -d /dev/sd3c #block device
> vmctl start "test2" -d /dev/rsd3c #char device
> vmctl start "test3" -d fifo #named pipe
>
> Comments? Ok?
>
> diff --git usr.sbin/vmctl/vmctl.c usr.sbin/vmctl/vmctl.c
> index f694f61e48c..e3db6a78c5b 100644
> --- usr.sbin/vmctl/vmctl.c
> +++ usr.sbin/vmctl/vmctl.c
> @@ -204,6 +204,11 @@ vm_start_complete(struct imsg *imsg, int *ret, int
> autoconnect)
> warnx("could not find specified disk image(s)");
> *ret = ENOENT;
> break;
> + case VMD_DISK_INVALID:
> + warnx("specified disk image(s) are "
> +"not regular files");
> + *ret = ENOENT;
> + break;
> default:
> errno = res;
> warn("start vm command failed");
> diff --git usr.sbin/vmd/config.c usr.sbin/vmd/config.c
> index 1e1166f8263..ced7ab666b4 100644
> --- usr.sbin/vmd/config.c
> +++ usr.sbin/vmd/config.c
> @@ -20,6 +20,7 @@
> #include
> #include
> #include
> +#include
> #include
>
> #include
> @@ -157,6 +158,7 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> uint32_t peerid, uid_t uid)
> struct vmd_if *vif;
> struct vmop_create_params *vmc = &vm->vm_params;
> struct vm_create_params *vcp = &vmc->vmc_params;
> + struct stat stat_buf;
> unsigned int i;
> int fd = -1, vmboot = 0;
> int kernfd = -1, *diskfds = NULL, *tapfds = NULL;
> @@ -225,6 +227,19 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
> uint32_t peerid, uid_t uid)
>
> /* Open disk images for child */
> for (i = 0 ; i < vcp->vcp_ndisks; i++) {
> +/* Stat disk[i] to ensure it is a regular file */
> +if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
> + log_warn("%s: can't open disk %s", __func__,
> + vcp->vcp_disks[i]);
> + errno = VMD_DISK_MISSING;
> + goto fail;
> +}
> +if (S_ISREG(stat_buf.st_mode) == 0) {
> + log_warn("%s: disk %s is not a regular file", __func__,
> + vcp->vcp_disks[i]);
> + errno = VMD_DISK_INVALID;
> + goto fail;
> +}
> if ((diskfds[i] =
> open(vcp->vcp_disks[i], O_RDWR)) == -1) {
> log_warn("%s: can't open disk %s", __func__,
> diff --git usr.sbin/vmd/vmd.h usr.sbin/vmd/vmd.h
> index 57bdb71cd5f..daeffa7c80e 100644
> --- usr.sbin/vmd/vmd.h
> +++ usr.sbin/vmd/vmd.h
> @@ -53,6 +53,7 @@
> /* vmd -> vmctl error codes */
> #define VMD_BIOS_MISSING 1001
> #define VMD_DISK_MISSING 1002
> +#define VMD_DISK_INVALID 1003
>
> /* 100.64.0.0/10 from rfc6598 (IPv4 Prefix for Shared Address Space) */
> #define VMD_DHCP_PREFIX "100.64.0.0/10"
> --
> 2.14.1
>
--
Raf Czlonka
Support Systems Analyst
Clinical School Computing Service, School of Clinical Medicine
University of Cambridge, Box 111 Cambridge Biomedical Campus
Cambridge, CB2 0SP, Tel. 01223 (7)46728
lock(1): wipe hash before exit in one-time password case
Hi,
In the one-time password case we want to wipe the hash itself
before exit, right?
This must have slipped through when tedu@ patiently rewrote
and committed my botched patch a little while back.
--
Scott Cheloha
P.S. I didn't botch it this time, right?
Index: usr.bin/lock/lock.c
===
RCS file: /cvs/src/usr.bin/lock/lock.c,v
retrieving revision 1.40
diff -u -p -r1.40 lock.c
--- usr.bin/lock/lock.c 8 Jul 2017 22:27:17 - 1.40
+++ usr.bin/lock/lock.c 31 Aug 2017 01:41:09 -
@@ -211,7 +211,7 @@ main(int argc, char *argv[])
}
} else if (crypt_checkpass(s, hash) == 0) {
explicit_bzero(s, sizeof(s));
- explicit_bzero(s1, sizeof(s1));
+ explicit_bzero(hash, sizeof(hash));
break;
}
putc('\a', stderr);
[PATCH] VMD: Ensure disk is a regular file prior to vm boot
Add check(s) in vmd/vmctl to ensure a VM's disk are regular files.
Tested with the following:
vmctl start "test1" -d /dev/sd3c #block device
vmctl start "test2" -d /dev/rsd3c #char device
vmctl start "test3" -d fifo #named pipe
Comments? Ok?
diff --git usr.sbin/vmctl/vmctl.c usr.sbin/vmctl/vmctl.c
index f694f61e48c..e3db6a78c5b 100644
--- usr.sbin/vmctl/vmctl.c
+++ usr.sbin/vmctl/vmctl.c
@@ -204,6 +204,11 @@ vm_start_complete(struct imsg *imsg, int *ret, int
autoconnect)
warnx("could not find specified disk image(s)");
*ret = ENOENT;
break;
+ case VMD_DISK_INVALID:
+ warnx("specified disk image(s) are "
+"not regular files");
+ *ret = ENOENT;
+ break;
default:
errno = res;
warn("start vm command failed");
diff --git usr.sbin/vmd/config.c usr.sbin/vmd/config.c
index 1e1166f8263..ced7ab666b4 100644
--- usr.sbin/vmd/config.c
+++ usr.sbin/vmd/config.c
@@ -20,6 +20,7 @@
#include
#include
#include
+#include
#include
#include
@@ -157,6 +158,7 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
uint32_t peerid, uid_t uid)
struct vmd_if *vif;
struct vmop_create_params *vmc = &vm->vm_params;
struct vm_create_params *vcp = &vmc->vmc_params;
+ struct stat stat_buf;
unsigned int i;
int fd = -1, vmboot = 0;
int kernfd = -1, *diskfds = NULL, *tapfds = NULL;
@@ -225,6 +227,19 @@ config_setvm(struct privsep *ps, struct vmd_vm *vm,
uint32_t peerid, uid_t uid)
/* Open disk images for child */
for (i = 0 ; i < vcp->vcp_ndisks; i++) {
+/* Stat disk[i] to ensure it is a regular file */
+if (stat(vcp->vcp_disks[i], &stat_buf) == -1) {
+ log_warn("%s: can't open disk %s", __func__,
+ vcp->vcp_disks[i]);
+ errno = VMD_DISK_MISSING;
+ goto fail;
+}
+if (S_ISREG(stat_buf.st_mode) == 0) {
+ log_warn("%s: disk %s is not a regular file", __func__,
+ vcp->vcp_disks[i]);
+ errno = VMD_DISK_INVALID;
+ goto fail;
+}
if ((diskfds[i] =
open(vcp->vcp_disks[i], O_RDWR)) == -1) {
log_warn("%s: can't open disk %s", __func__,
diff --git usr.sbin/vmd/vmd.h usr.sbin/vmd/vmd.h
index 57bdb71cd5f..daeffa7c80e 100644
--- usr.sbin/vmd/vmd.h
+++ usr.sbin/vmd/vmd.h
@@ -53,6 +53,7 @@
/* vmd -> vmctl error codes */
#define VMD_BIOS_MISSING 1001
#define VMD_DISK_MISSING 1002
+#define VMD_DISK_INVALID 1003
/* 100.64.0.0/10 from rfc6598 (IPv4 Prefix for Shared Address Space) */
#define VMD_DHCP_PREFIX"100.64.0.0/10"
--
2.14.1
[PATCH] vm.conf: Clarify VM name constraints
Add VM name constraints to match those in vmctl.8 manpage. Comments? Ok? diff --git usr.sbin/vmd/vm.conf.5 usr.sbin/vmd/vm.conf.5 index d1e68dbce5d..77a7a4e8cea 100644 --- usr.sbin/vmd/vm.conf.5 +++ usr.sbin/vmd/vm.conf.5 @@ -108,7 +108,9 @@ section starts with a declaration of the virtual machine .Ar name : .Bl -tag -width Ds .It Ic vm Ar name Brq ... -This name can be any string, and is typically a hostname. +The name can be any alphanumeric string along with '.', '-', and '_' +characters. However, it cannot start with '.', '-', or '_'. +Typically the name is a hostname. .El .Pp Followed by a block of parameters that is enclosed in curly brackets: -- 2.14.1
delaying the start of ifstated in /etc/rc
Depending on the use case for ifstated, dependencies may exist with other daemons for performing interface checks and/or external tests. For example, one might use ifstated to check a dhcpd enabled interface, or connectivity to a vmd virtual machine. Does anyone have any objections with delaying the start of ifstated? Comments? Ok? Index: src/etc/rc === RCS file: /cvs/src/etc/rc,v retrieving revision 1.517 diff -u -p -r1.517 rc --- src/etc/rc 29 Aug 2017 16:56:13 - 1.517 +++ src/etc/rc 31 Aug 2017 00:17:06 - @@ -558,7 +558,7 @@ echo 'preserving editor files.'; /usr/li run_upgrade_script sysmerge echo -n 'starting network daemons:' -start_daemon ldomd sshd switchd snmpd ldpd ripd ospfd ospf6d bgpd ifstated +start_daemon ldomd sshd switchd snmpd ldpd ripd ospfd ospf6d bgpd start_daemon relayd dhcpd dhcrelay mrouted dvmrpd radiusd eigrpd if ifconfig lo0 inet6 >/dev/null 2>&1; then @@ -569,7 +569,7 @@ fi start_daemon hostapd lpd smtpd slowcgi httpd ftpd start_daemon ftpproxy ftpproxy6 tftpd tftpproxy identd inetd rarpd bootparamd -start_daemon rbootd mopd vmd spamd spamlogd sndiod +start_daemon rbootd mopd vmd spamd spamlogd sndiod ifstated echo '.' # If rc.firsttime exists, run it just once, and make sure it is deleted.
Re: i386 zzz broken, Was: CVS: cvs.openbsd.org: src
On Wed, Aug 30, 2017 at 12:48:20AM -0700, Mike Larkin wrote: > On Tue, Aug 29, 2017 at 04:32:04PM -0700, Mike Larkin wrote: > > On Mon, Aug 28, 2017 at 11:18:13PM +0300, li...@wrant.com wrote: > > > Mon, 28 Aug 2017 10:16:58 -0600 (MDT) Ted Unangst > > > > CVSROOT:/cvs > > > > Module name:src > > > > Changes by: t...@cvs.openbsd.org2017/08/28 10:16:58 > > > > > > > > Modified files: > > > > usr.sbin/apmd : apmd.8 apmd.c > > > > > > > > Log message: > > > > add -z and -Z options to auto suspend or hibernate when low on battery. > > > > from Jesper Wallin > > > > > > > > > > Hi tech@, > > > > > > Could someone please test and confirm suspend still works on i386? I am > > > getting the laptop to wake but it's stuck, black screen, high fan speed, > > > no response, only long press on the power button works. It used to work > > > flawless, I suspect it might be from the last few snapshots, can't tell. > > > > > > Ready to provide details if this works elsewhere & someone's interested. > > > Please let me know if it's a known/expected issue, or better sendbug(1). > > > > > > Kind regards, > > > Anton Lazarov > > > > > > > Hmm, I can repro this here even with qemu. It's stuck in lapic_delay. > > > > I'll see if I can track down what's going wrong. It would also help if you > > could narrow down when it broke. > > > > -ml > > > > I figured out what was going on, but it's unclear why this suddenly broke. > > Once we get to the bottom of what caused the breakage, I'll commit a fix. > > -ml > We figured out what was going wrong. I just committed a fix. Should be in snaps soon. Thanks for reporting it. -ml
Re: change closelog(3) description
On Wed, 30 Aug 2017 12:49:43 -0600, "Theo de Raadt" wrote: > > > How about "discard resources", or something more nebulous. Especially > > > if it frightens signal handler authors. > > > > I understand what you are getting at but that seems so vague as to > > be unhelpful. > > Precisely how is it vague? It gives no indication of what resources might be allocated. > The manual is telling people to follow an open/close idiom, only in > certain circumstances. > > But in our cases, it doesn't close any fd. Or discard any resources. > It kind of does nothing. Sure, but we are the outlier here. On other systems there will be at least one file descriptor. > What we want to do is leave enough text that people will follow the > model. And warn them. But not be more precise than that. I understand what you mean, I'm just not convinced such nebulous language is helpful. - todd
Re: softraid: export rebuild status to sensor
On Wed, Aug 30, 2017 at 02:20:31PM +0200, Patrick Wildt wrote: > Hi, > > like our other hardware raid controller drivers, softraid should > report the rebuild state properly. Currently the sensor exports > the drive state in that case as "unknown", which is misleading. > > ok? > makes sense to me. ok > Patrick > > diff --git a/sys/dev/softraid.c b/sys/dev/softraid.c > index 1593c76bdcd..280e832f849 100644 > --- a/sys/dev/softraid.c > +++ b/sys/dev/softraid.c > @@ -4867,6 +4867,11 @@ sr_sensors_refresh(void *arg) > sv->sv_sensor.status = SENSOR_S_WARN; > break; > > + case BIOC_SVREBUILD: > + sv->sv_sensor.value = SENSOR_DRIVE_REBUILD; > + sv->sv_sensor.status = SENSOR_S_WARN; > + break; > + > case BIOC_SVSCRUB: > case BIOC_SVONLINE: > sv->sv_sensor.value = SENSOR_DRIVE_ONLINE; >
Re: Unbreak DEBUG for nfsd(8)
On 19:30 Wed 30 Aug , Otto Moerbeek wrote:
> On Wed, Aug 30, 2017 at 05:54:16PM +0100, Ricardo Mestre wrote:
>
> > Hi,
> >
> > Unbreak DEBUG for nfsd(8), this one was caught with cppcheck.
> >
> > It has been broken for about 7 years ago when a couple of errx calls, which
> > had
> > string format arguments, were replaced by syslog calls.
>
> Can you please formulate this without using a GNU extension, i.e. the
> standard knows
>
> #define X A(a, ...) bla
>
> but not
>
> #define X A(a...) bla
>
> -Otto
>
Hi Otto,
Something like this then?
I also had to convert a few syslog calls since fprintf doesn't know about %m,
so in those cases I added strerror to them.
Index: nfsd.c
===
RCS file: /cvs/src/sbin/nfsd/nfsd.c,v
retrieving revision 1.36
diff -u -p -u -r1.36 nfsd.c
--- nfsd.c 7 Jun 2016 01:29:38 - 1.36
+++ nfsd.c 30 Aug 2017 18:57:56 -
@@ -64,7 +64,11 @@
/* Global defs */
#ifdef DEBUG
-#definesyslog(e, s)fprintf(stderr,(s))
+#definesyslog(e, s, ...) \
+do { \
+ fprintf(stderr, (s), ##__VA_ARGS__);\
+ fprintf(stderr, "\n"); \
+} while (0)
intdebug = 1;
#else
intdebug = 0;
@@ -163,13 +167,15 @@ main(int argc, char *argv[])
if (udpflag &&
(!pmap_set(RPCPROG_NFS, 2, IPPROTO_UDP, NFS_PORT) ||
!pmap_set(RPCPROG_NFS, 3, IPPROTO_UDP, NFS_PORT))) {
- syslog(LOG_ERR, "can't register with portmap for UDP
(%m).");
+ syslog(LOG_ERR, "can't register with portmap for UDP
(%s).",
+ strerror(errno));
return (1);
}
if (tcpflag &&
(!pmap_set(RPCPROG_NFS, 2, IPPROTO_TCP, NFS_PORT) ||
!pmap_set(RPCPROG_NFS, 3, IPPROTO_TCP, NFS_PORT))) {
- syslog(LOG_ERR, "can't register with portmap for TCP
(%m).");
+ syslog(LOG_ERR, "can't register with portmap for TCP
(%s).",
+ strerror(errno));
return (1);
}
return (0);
@@ -182,7 +188,7 @@ main(int argc, char *argv[])
for (i = 0; i < nfsdcnt; i++) {
switch (fork()) {
case -1:
- syslog(LOG_ERR, "fork: %m");
+ syslog(LOG_ERR, "fork: %s", strerror(errno));
return (1);
case 0:
break;
@@ -193,7 +199,7 @@ main(int argc, char *argv[])
setproctitle("server");
nsd.nsd_nfsd = NULL;
if (nfssvc(NFSSVC_NFSD, &nsd) < 0) {
- syslog(LOG_ERR, "nfssvc: %m");
+ syslog(LOG_ERR, "nfssvc: %s", strerror(errno));
return (1);
}
return (0);
@@ -240,7 +246,7 @@ main(int argc, char *argv[])
}
if (setsockopt(tcpsock,
SOL_SOCKET, SO_REUSEADDR, &on, sizeof(on)) < 0)
- syslog(LOG_ERR, "setsockopt SO_REUSEADDR: %m");
+ syslog(LOG_ERR, "setsockopt SO_REUSEADDR: %s",
strerror(errno));
memset(&inetaddr, 0, sizeof inetaddr);
inetaddr.sin_family = AF_INET;
inetaddr.sin_addr.s_addr = INADDR_ANY;
@@ -284,7 +290,7 @@ main(int argc, char *argv[])
if (connect_type_cnt > 1) {
ret = poll(&pfd, 1, INFTIM);
if (ret < 1) {
- syslog(LOG_ERR, "poll failed: %m");
+ syslog(LOG_ERR, "poll failed: %s",
strerror(errno));
return (1);
}
@@ -297,14 +303,14 @@ main(int argc, char *argv[])
if (errno == EWOULDBLOCK || errno == EINTR ||
errno == ECONNABORTED)
continue;
- syslog(LOG_ERR, "accept failed: %m");
+ syslog(LOG_ERR, "accept failed: %s",
strerror(errno));
return (1);
}
memset(inetpeer.sin_zero, 0, sizeof(inetpeer.sin_zero));
if (setsockopt(msgsock, SOL_SOCKET,
SO_KEEPALIVE, &on, sizeof(on)) < 0)
syslog(LOG_ERR,
- "setsockopt SO_KEEPALIVE: %m");
+ "setsockopt SO_KEEPALIVE: %s",
strerror(errno));
nfsdargs.sock = msgsock;
nfsdargs.name = (caddr_t)&inet
Re: change closelog(3) description
> > How about "discard resources", or something more nebulous. Especially > > if it frightens signal handler authors. > > I understand what you are getting at but that seems so vague as to > be unhelpful. Precisely how is it vague? The manual is telling people to follow an open/close idiom, only in certain circumstances. But in our cases, it doesn't close any fd. Or discard any resources. It kind of does nothing. What we want to do is leave enough text that people will follow the model. And warn them. But not be more precise than that.
Re: change closelog(3) description
On Wed, 30 Aug 2017 12:24:38 -0600, "Theo de Raadt" wrote: > How about "discard resources", or something more nebulous. Especially > if it frightens signal handler authors. I understand what you are getting at but that seems so vague as to be unhelpful. - todd
Re: change closelog(3) description
> > On Wed, Aug 30, 2017 at 10:35:16AM -0600, Todd C. Miller wrote: > > > We don't actually have any log file descriptors since we have > > > sendsyslog(2) so make the description a bit more generic. > > > It is also closer to what POSIX says. > > > > > > OK? > > > > The term "log file" could be misunderstood as refering to a log file. > > > > Is "... will close any open file descriptor for logging." better? > > Possibly. I don't like using "log file" either. POSIX says any > file descriptors opened by openlog() or syslog(). So perhaps: > > The > .Fn closelog > function will close any file descriptors opened by the > .Fn openlog , > .Fn openlog_r , > .Fn syslog > or > .Fn syslog_r > functions. How about "discard resources", or something more nebulous. Especially if it frightens signal handler authors.
Re: change closelog(3) description
On Wed, Aug 30, 2017 at 12:09:13PM -0600, Todd C. Miller wrote: > The > .Fn closelog > function will close any file descriptors opened by the > .Fn openlog , > .Fn openlog_r , > .Fn syslog > or > .Fn syslog_r > functions. > > What do you think? OK bluhm@
Re: change closelog(3) description
On Wed, Aug 30, 2017 at 12:09:13PM -0600, Todd C. Miller wrote: > On Wed, 30 Aug 2017 20:04:57 +0200, Alexander Bluhm wrote: > > > On Wed, Aug 30, 2017 at 10:35:16AM -0600, Todd C. Miller wrote: > > > We don't actually have any log file descriptors since we have > > > sendsyslog(2) so make the description a bit more generic. > > > It is also closer to what POSIX says. > > > > > > OK? > > > > The term "log file" could be misunderstood as refering to a log file. > > > > Is "... will close any open file descriptor for logging." better? > > Possibly. I don't like using "log file" either. POSIX says any > file descriptors opened by openlog() or syslog(). So perhaps: > > The > .Fn closelog > function will close any file descriptors opened by the > .Fn openlog , > .Fn openlog_r , > .Fn syslog > or > .Fn syslog_r > functions. > > What do you think? > > - todd > i misread the original diff also. i think what you propose now is clearer. jmc
Re: change closelog(3) description
On Wed, 30 Aug 2017 20:04:57 +0200, Alexander Bluhm wrote: > On Wed, Aug 30, 2017 at 10:35:16AM -0600, Todd C. Miller wrote: > > We don't actually have any log file descriptors since we have > > sendsyslog(2) so make the description a bit more generic. > > It is also closer to what POSIX says. > > > > OK? > > The term "log file" could be misunderstood as refering to a log file. > > Is "... will close any open file descriptor for logging." better? Possibly. I don't like using "log file" either. POSIX says any file descriptors opened by openlog() or syslog(). So perhaps: The .Fn closelog function will close any file descriptors opened by the .Fn openlog , .Fn openlog_r , .Fn syslog or .Fn syslog_r functions. What do you think? - todd
Re: change closelog(3) description
On Wed, Aug 30, 2017 at 10:35:16AM -0600, Todd C. Miller wrote: > We don't actually have any log file descriptors since we have > sendsyslog(2) so make the description a bit more generic. > It is also closer to what POSIX says. > > OK? The term "log file" could be misunderstood as refering to a log file. Is "... will close any open file descriptor for logging." better? bluhm > Index: lib/libc/gen/syslog.3 > === > RCS file: /cvs/src/lib/libc/gen/syslog.3,v > retrieving revision 1.34 > diff -u -p -u -r1.34 syslog.3 > --- lib/libc/gen/syslog.3 29 Aug 2017 18:23:01 - 1.34 > +++ lib/libc/gen/syslog.3 30 Aug 2017 16:26:50 - > @@ -273,7 +273,7 @@ reentrant functions. > .Pp > The > .Fn closelog > -function can be used to close the log file. > +function will close any open log file descriptors. > .Fn closelog_r > does the same thing but in a reentrant way and takes an additional > pointer to a
Re: ksh(1): drop needless chunk
On Wed, Aug 30, 2017 at 07:25:45PM +0200, Jeremie Courreges-Anglas wrote: > > I don't think this is relevant. > it probably isn;t relevant. i guess it's not helpful either, in such a big page. but it is a bit of the author's character. i'm not sure it's worth removing it. jmc > > Index: ksh.1 > === > RCS file: /cvs/src/bin/ksh/ksh.1,v > retrieving revision 1.195 > diff -u -p -r1.195 ksh.1 > --- ksh.1 30 Aug 2017 17:08:45 - 1.195 > +++ ksh.1 30 Aug 2017 17:23:59 - > @@ -1535,9 +1535,6 @@ sequences (such as escape codes) by usin > substitution (see below) or by prefixing your prompt with a non-printing > character (such as control-A) followed by a carriage return and then > delimiting > the escape codes with this non-printing character. > -By the way, don't blame me for > -this hack; it's in the original > -.Nm . > .Pp > The default prompt is > .Sq $\ \& > > -- > jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE >
Re: Unbreak DEBUG for nfsd(8)
On Wed, Aug 30, 2017 at 05:54:16PM +0100, Ricardo Mestre wrote:
> Hi,
>
> Unbreak DEBUG for nfsd(8), this one was caught with cppcheck.
>
> It has been broken for about 7 years ago when a couple of errx calls, which
> had
> string format arguments, were replaced by syslog calls.
Can you please formulate this without using a GNU extension, i.e. the
standard knows
#define X A(a, ...) bla
but not
#define X A(a...) bla
-Otto
>
> OK?
>
> Index: nfsd.c
> ===
> RCS file: /cvs/src/sbin/nfsd/nfsd.c,v
> retrieving revision 1.36
> diff -u -p -u -r1.36 nfsd.c
> --- nfsd.c7 Jun 2016 01:29:38 - 1.36
> +++ nfsd.c30 Aug 2017 10:57:55 -
> @@ -64,7 +64,11 @@
>
> /* Global defs */
> #ifdef DEBUG
> -#define syslog(e, s)fprintf(stderr,(s))
> +#define syslog(e, s, a...) \
> +do { \
> + fprintf(stderr, (s), ## a); \
> + fprintf(stderr, "\n"); \
> +} while (0)
> int debug = 1;
> #else
> int debug = 0;
ksh(1): drop needless chunk
I don't think this is relevant. Index: ksh.1 === RCS file: /cvs/src/bin/ksh/ksh.1,v retrieving revision 1.195 diff -u -p -r1.195 ksh.1 --- ksh.1 30 Aug 2017 17:08:45 - 1.195 +++ ksh.1 30 Aug 2017 17:23:59 - @@ -1535,9 +1535,6 @@ sequences (such as escape codes) by usin substitution (see below) or by prefixing your prompt with a non-printing character (such as control-A) followed by a carriage return and then delimiting the escape codes with this non-printing character. -By the way, don't blame me for -this hack; it's in the original -.Nm . .Pp The default prompt is .Sq $\ \& -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: strtok_r(3): mention standards
On Mon, Aug 28 2017, Jeremie Courreges-Anglas wrote: > On Mon, Aug 28 2017, "Todd C. Miller" wrote: >> On Mon, 28 Aug 2017 14:29:18 +0200, Jeremie Courreges-Anglas wrote: >> >>> IIUC strtok_r appeared in IEEE Std 1003.1c-1995, the diff below >>> documents that. That would be the first use of .St -p1003.1c-95 in the >>> tree. (Is this one available online? My search skillz have failed me >>> so far...) >> >> The "conforms to" bit does not need to specify the first version >> of the standard that the function appeared in. I'd be inclined to >> use -p1003.1-2001 like we do in many of our other manuals. > > ack. strtok_r appeared in SUSv2 before POSIX 2001. So, -susv2 (we > already use it, no idea if consistently though) or -p1003.1-2001? > > I don't feel strongly about it, it just feels weird not to mention > a standard. :) No further input, here's an updated diff following hints from millert@ and jmc@. Index: strtok.3 === RCS file: /d/cvs/src/lib/libc/string/strtok.3,v retrieving revision 1.21 diff -u -p -p -u -r1.21 strtok.3 --- strtok.35 Jun 2013 03:39:23 - 1.21 +++ strtok.330 Aug 2017 17:18:47 - @@ -140,6 +140,10 @@ The .Fn strtok function conforms to .St -ansiC . +The +.Fn strtok_r +function conforms to +.St -p1003.1-2001 . .Sh HISTORY The .Fn strtok -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Unbreak DEBUG for nfsd(8)
Hi,
Unbreak DEBUG for nfsd(8), this one was caught with cppcheck.
It has been broken for about 7 years ago when a couple of errx calls, which had
string format arguments, were replaced by syslog calls.
OK?
Index: nfsd.c
===
RCS file: /cvs/src/sbin/nfsd/nfsd.c,v
retrieving revision 1.36
diff -u -p -u -r1.36 nfsd.c
--- nfsd.c 7 Jun 2016 01:29:38 - 1.36
+++ nfsd.c 30 Aug 2017 10:57:55 -
@@ -64,7 +64,11 @@
/* Global defs */
#ifdef DEBUG
-#definesyslog(e, s)fprintf(stderr,(s))
+#definesyslog(e, s, a...) \
+do { \
+ fprintf(stderr, (s), ## a); \
+ fprintf(stderr, "\n"); \
+} while (0)
intdebug = 1;
#else
intdebug = 0;
Re: ksh: add support for HISTCONTROL ignorespace & ignoredups
On Wed, 30 Aug 2017 18:50:26 +0200, Jeremie Courreges-Anglas wrote: > On Wed, Aug 30 2017, "Todd C. Miller" wrote: > > Looks good to me. Do we want to document this as an extension in > > the manual? We're not very good about documenting extensions to > > traditional ksh behavior. > > I'm not against this but I'm not thrilled either. If anyone is > motivated enough, great. The first other extension that comes to my > mind seems to be... HISTFILE. Fair enough. - todd
Re: ksh: add support for HISTCONTROL ignorespace & ignoredups
On Wed, Aug 30 2017, "Todd C. Miller" wrote: > Looks good to me. Do we want to document this as an extension in > the manual? We're not very good about documenting extensions to > traditional ksh behavior. I'm not against this but I'm not thrilled either. If anyone is motivated enough, great. The first other extension that comes to my mind seems to be... HISTFILE. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
change closelog(3) description
We don't actually have any log file descriptors since we have sendsyslog(2) so make the description a bit more generic. It is also closer to what POSIX says. OK? - todd Index: lib/libc/gen/syslog.3 === RCS file: /cvs/src/lib/libc/gen/syslog.3,v retrieving revision 1.34 diff -u -p -u -r1.34 syslog.3 --- lib/libc/gen/syslog.3 29 Aug 2017 18:23:01 - 1.34 +++ lib/libc/gen/syslog.3 30 Aug 2017 16:26:50 - @@ -273,7 +273,7 @@ reentrant functions. .Pp The .Fn closelog -function can be used to close the log file. +function will close any open log file descriptors. .Fn closelog_r does the same thing but in a reentrant way and takes an additional pointer to a
Re: ksh: add support for HISTCONTROL ignorespace & ignoredups
Looks good to me. Do we want to document this as an extension in the manual? We're not very good about documenting extensions to traditional ksh behavior. - todd
OpenBSD Errata: August 30th, 2017 (net80211)
Errata patches for the wireless stack have been released for OpenBSD 6.1 and 6.0. State transition errors could cause reinstallation of old WPA keys. Binary updates for the amd64 and i386 platforms are available via the syspatch utility. Source code patches can be found on the respective errata pages: https://www.openbsd.org/errata60.html https://www.openbsd.org/errata61.html As this affects the kernel, a reboot will be needed after patching.
Re: ksh: add support for HISTCONTROL ignorespace & ignoredups
Yes, please!
Il 30 agosto 2017 13:04:02 CEST, Jeremie Courreges-Anglas ha
scritto:
>
>This implements a feature I miss from bash. What I care about:
>- not clog the history with repeated commands
>- easily prevent some commands to go in the history
>
>The diff below implements HISTCONTROL for this, user-facing behavior
>based on bash. The default ksh behavior doesn't change.
>
>I did not implement:
>- "ignoreboth", which is a shorthand for "ignoredups:ignorespace";
> trivial, but not really useful
>- "erasedups", I have no use for this and it's not as trivial
>
>I have yet to put this in an mkr (dunno yet if the space savings of the
>setlocale removal positively affects the ramdisks).
>
>Thoughts? ok?
>
>
>Index: history.c
>===
>RCS file: /d/cvs/src/bin/ksh/history.c,v
>retrieving revision 1.68
>diff -u -p -r1.68 history.c
>--- history.c 28 Aug 2017 19:41:55 - 1.68
>+++ history.c 30 Aug 2017 10:38:43 -
>@@ -42,6 +42,8 @@ static FILE *histfh;
> static char **current; /* current position in history[] */
> static char*hname;/* current name of history file */
> static inthstarted; /* set after hist_init() called */
>+static intignoredups; /* ditch duplicated history lines? */
>+static intignorespace;/* ditch lines starting with a space? */
> static Source *hist_source;
> static uint32_t line_co;
>
>@@ -513,6 +515,28 @@ findhistrel(const char *str)
> return start + rec + 1;
> }
>
>+void
>+sethistcontrol(const char *str)
>+{
>+ char *spec, *tok, *state;
>+
>+ ignorespace = 0;
>+ ignoredups = 0;
>+
>+ if (str == NULL)
>+ return;
>+
>+ spec = str_save(str, ATEMP);
>+ for (tok = strtok_r(spec, ":", &state); tok != NULL;
>+ tok = strtok_r(NULL, ":", &state)) {
>+ if (strcmp(tok, "ignoredups") == 0)
>+ ignoredups = 1;
>+ else if (strcmp(tok, "ignorespace") == 0)
>+ ignorespace = 1;
>+ }
>+ afree(spec, ATEMP);
>+}
>+
> /*
> *set history
> *this means reallocating the dataspace
>@@ -608,6 +632,18 @@ histsave(int lno, const char *cmd, int d
> {
> char*c, *cp;
>
>+ if (ignorespace && cmd[0] == ' ')
>+ return;
>+
>+ c = str_save(cmd, APERM);
>+ if ((cp = strrchr(c, '\n')) != NULL)
>+ *cp = '\0';
>+
>+ if (ignoredups && histptr >= history && strcmp(*histptr, c) == 0) {
>+ afree(c, APERM);
>+ return;
>+ }
>+
> if (dowrite && histfh) {
> #ifndef SMALL
> struct stat sb;
>@@ -623,10 +659,6 @@ histsave(int lno, const char *cmd, int d
> }
> #endif
> }
>-
>- c = str_save(cmd, APERM);
>- if ((cp = strrchr(c, '\n')) != NULL)
>- *cp = '\0';
>
> if (histptr < history + histsize - 1)
> histptr++;
>Index: ksh.1
>===
>RCS file: /d/cvs/src/bin/ksh/ksh.1,v
>retrieving revision 1.193
>diff -u -p -r1.193 ksh.1
>--- ksh.1 19 Aug 2017 06:19:42 - 1.193
>+++ ksh.1 30 Aug 2017 10:38:43 -
>@@ -1407,6 +1407,15 @@ It is also searched when a command can't
> See
> .Sx Functions
> below for more information.
>+.It Ev HISTCONTROL
>+A colon separated list of history settings.
>+If
>+.Li ignoredups
>+is present, lines identical to the previous history line will not be
>saved.
>+If
>+.Li ignorespace
>+is present, lines starting with a space will not be saved.
>+Unknown settings are ignored.
> .It Ev HISTFILE
> The name of the file used to store command history.
> When assigned to, history is loaded from the specified file.
>Index: sh.h
>===
>RCS file: /d/cvs/src/bin/ksh/sh.h,v
>retrieving revision 1.61
>diff -u -p -r1.61 sh.h
>--- sh.h 4 Jul 2017 11:46:15 - 1.61
>+++ sh.h 30 Aug 2017 10:38:43 -
>@@ -457,6 +457,7 @@ void hist_finish(void);
> void histsave(int, const char *, int);
> #ifdef HISTORY
> int c_fc(char **);
>+void sethistcontrol(const char *);
> void sethistsize(int);
> void sethistfile(const char *);
> char ** histpos(void);
>Index: table.h
>===
>RCS file: /d/cvs/src/bin/ksh/table.h,v
>retrieving revision 1.11
>diff -u -p -r1.11 table.h
>--- table.h10 Oct 2015 07:35:16 - 1.11
>+++ table.h30 Aug 2017 10:38:43 -
>@@ -160,15 +160,16 @@ extern const struct builtin shbuiltins [
> #define V_MAILPATH 6
> #define V_MAILCHECK 7
> #define V_RANDOM8
>-#define V_HISTSIZE9
>-#define V_HISTFILE10
>-#define V_VISUAL 11
>-#define V_EDITOR 12
>-#define V_COLUMNS 13
>-#define V_POSIXLY_CORRECT 1
pflogd(8) fork+exec
fork+exec model for pflogd(8); moves pcap init to the re-exec'd privsep
parent and uses 'legit' fdpassing primitives to send the bpf fd to the
unprivileged child process.
I've tried to keep this difff small so that it can go in, there's more
work to be done in the future, but this will let things proceed further.
Tested with normal usage, late snaplen setting, and also that the
optional tcpdump 'expression' feature still works.
Remember to use absolute paths if testing.
ok?
-Bryan.
Index: pflogd.c
===
RCS file: /cvs/src/sbin/pflogd/pflogd.c,v
retrieving revision 1.54
diff -u -p -u -r1.54 pflogd.c
--- sbin/pflogd/pflogd.c23 Jul 2017 14:28:22 - 1.54
+++ sbin/pflogd/pflogd.c30 Aug 2017 04:25:46 -
@@ -54,6 +54,7 @@ pcap_t *hpcap;
static FILE *dpcap;
int Debug = 0;
+static int privchild = 0;
static int snaplen = DEF_SNAPLEN;
static int cur_snaplen = DEF_SNAPLEN;
@@ -73,7 +74,6 @@ void dump_packet(u_char *, const struct
void dump_packet_nobuf(u_char *, const struct pcap_pkthdr *, const u_char *);
int flush_buffer(FILE *);
int if_exists(char *);
-int init_pcap(void);
void logmsg(int, const char *, ...);
void purge_buffer(void);
int reset_dump(int);
@@ -215,8 +215,6 @@ init_pcap(void)
set_pcap_filter();
- cur_snaplen = snaplen = pcap_snapshot(hpcap);
-
/* lock */
if (ioctl(pcap_fileno(hpcap), BIOCLOCK) < 0) {
logmsg(LOG_ERR, "BIOCLOCK: %s", strerror(errno));
@@ -542,9 +540,7 @@ main(int argc, char **argv)
ret = 0;
- closefrom(STDERR_FILENO + 1);
-
- while ((ch = getopt(argc, argv, "Dxd:f:i:s:")) != -1) {
+ while ((ch = getopt(argc, argv, "Dxd:f:i:P:s:")) != -1) {
switch (ch) {
case 'D':
Debug = 1;
@@ -560,6 +556,11 @@ main(int argc, char **argv)
case 'i':
interface = optarg;
break;
+ case 'P': /* used internally, exec the parent */
+ privchild = strtonum(optarg, 2, INT_MAX, &errstr);
+ if (errstr)
+ errx(1, "priv child %s: %s", errstr, optarg);
+ break;
case 's':
snaplen = strtonum(optarg, 0, PFLOGD_MAXSNAPLEN,
&errstr);
@@ -567,6 +568,7 @@ main(int argc, char **argv)
snaplen = DEF_SNAPLEN;
if (errstr)
snaplen = PFLOGD_MAXSNAPLEN;
+ cur_snaplen = snaplen;
break;
case 'x':
Xflag = 1;
@@ -606,18 +608,14 @@ main(int argc, char **argv)
if (filter == NULL)
logmsg(LOG_NOTICE, "Failed to form filter expression");
}
+ argc += optind;
+ argv -= optind;
- /* initialize pcap before dropping privileges */
- if (init_pcap()) {
- logmsg(LOG_ERR, "Exiting, init failure");
- exit(1);
- }
+ if (privchild > 1)
+ priv_exec(privchild, argc, argv);
/* Privilege separation begins here */
- if (priv_init()) {
- logmsg(LOG_ERR, "unable to privsep");
- exit(1);
- }
+ priv_init(argc, argv);
/*
* XXX needs wpath cpath rpath, for try_reset_dump() ?
@@ -633,6 +631,9 @@ main(int argc, char **argv)
signal(SIGALRM, sig_alrm);
signal(SIGHUP, sig_hup);
alarm(delay);
+
+ if (priv_init_pcap(snaplen))
+ errx(1, "priv_init_pcap failed");
buffer = malloc(PFLOGD_BUFSIZE);
Index: pflogd.h
===
RCS file: /cvs/src/sbin/pflogd/pflogd.h,v
retrieving revision 1.5
diff -u -p -u -r1.5 pflogd.h
--- sbin/pflogd/pflogd.h10 Oct 2015 22:36:06 - 1.5
+++ sbin/pflogd/pflogd.h30 Aug 2017 04:25:46 -
@@ -34,13 +34,15 @@
void logmsg(int priority, const char *message, ...);
/* Privilege separation */
-intpriv_init(void);
+void priv_init(int, char **);
+__dead void priv_exec(int, int, char **);
+intpriv_init_pcap(int);
intpriv_set_snaplen(int snaplen);
intpriv_open_log(void);
intpriv_move_log(void);
intpriv_pcap_stats(struct pcap_stat *);
-pcap_t *pcap_open_live_fd(int fd, int snaplen, char *ebuf);
+int init_pcap(void);
void set_pcap_filter(void);
/* File descriptor send/recv */
void send_fd(int, int);
Index: privsep.c
===
RCS file: /cvs/src/sbin/pflogd/privsep.c,v
retrieving revision 1.27
diff -u -p -u -r1.27 privsep.c
--- sbin/pflogd/privsep.c 12 Aug 2017 16:31:09 - 1.27
+++ sbin/pflogd/privsep.c 30 Aug 2017 04:25:46 -
@@ -40,6 +40,7 @@
Re: ksh: kill emacs-usemeta
On Wed, Aug 30 2017, Jeremie Courreges-Anglas wrote:
> On Wed, Aug 30 2017, Jeremie Courreges-Anglas wrote:
>> As mentioned in https://marc.info/?l=openbsd-tech&m=150401359712984&w=2
>> emacs-usemeta isn't used since some time already. I have a diff that
>> just hides the flag but I changed my mind. The people who use the saved
>> output of "set +o" from an earlier ksh might be negatively affected, but
>> that's a bit far-fetched.
>>
>> So here's the simple diff. ok?
>>
>> The first hunk also deletes a useless comment.
>
> Actually my tests weren't thorough, it turns out we should probably hide
> the emacs-usemeta option instead of completely deleting it. Else ksh
> will stop processing a .profile/.kshrc that contains set +/-o
> emacs-usemeta, which could lead to confusion...
>
> I'll go back to my previous diff.
So here's another take, with input from anton@. Seems to behave well,
but I managed to mess up the previous one, so please watch out. ;)
Comments? ok?
Index: sh.h
===
RCS file: /d/cvs/src/bin/ksh/sh.h,v
retrieving revision 1.61
diff -u -p -r1.61 sh.h
--- sh.h4 Jul 2017 11:46:15 - 1.61
+++ sh.h30 Aug 2017 12:10:38 -
@@ -139,7 +139,7 @@ enum sh_flag {
FCSHHISTORY,/* csh-style history enabled */
#ifdef EMACS
FEMACS, /* emacs command editing */
- FEMACSUSEMETA, /* use 8th bit as meta */
+ FEMACSUSEMETA, /* XXX delete after 6.2 */
#endif
FERREXIT, /* -e: quit on error */
#ifdef EMACS
Index: misc.c
===
RCS file: /d/cvs/src/bin/ksh/misc.c,v
retrieving revision 1.57
diff -u -p -r1.57 misc.c
--- misc.c 4 Jul 2017 11:46:15 - 1.57
+++ misc.c 30 Aug 2017 12:10:38 -
@@ -129,7 +129,7 @@ const struct option options[] = {
{ "csh-history", 0,OF_ANY }, /* non-standard */
#ifdef EMACS
{ "emacs",0,OF_ANY },
- { "emacs-usemeta", 0, OF_ANY }, /* non-standard */
+ { "emacs-usemeta", 0, OF_ANY }, /* XXX delete after 6.2 */
#endif
{ "errexit",'e',OF_ANY },
#ifdef EMACS
@@ -185,8 +185,11 @@ option(const char *n)
int i;
for (i = 0; i < NELEM(options); i++)
- if (options[i].name && strcmp(options[i].name, n) == 0)
+ if (options[i].name && strcmp(options[i].name, n) == 0) {
+ if (i == FEMACSUSEMETA)
+ warningf(true, "%s: deprecated option", n);
return i;
+ }
return -1;
}
@@ -226,7 +229,9 @@ printoptions(int verbose)
/* verbose version */
shprintf("Current option settings\n");
- for (i = n = oi.opt_width = 0; i < NELEM(options); i++)
+ for (i = n = oi.opt_width = 0; i < NELEM(options); i++) {
+ if (i == FEMACSUSEMETA)
+ continue;
if (options[i].name) {
len = strlen(options[i].name);
oi.opts[n].name = options[i].name;
@@ -234,16 +239,20 @@ printoptions(int verbose)
if (len > oi.opt_width)
oi.opt_width = len;
}
+ }
print_columns(shl_stdout, n, options_fmt_entry, &oi,
oi.opt_width + 5, 1);
} else {
/* short version ala ksh93 */
shprintf("set");
- for (i = 0; i < NELEM(options); i++)
+ for (i = 0; i < NELEM(options); i++) {
+ if (i == FEMACSUSEMETA)
+ continue;
if (options[i].name)
shprintf(" %co %s",
Flag(i) ? '-' : '+',
options[i].name);
+ }
shprintf("\n");
}
}
Index: emacs.c
===
RCS file: /d/cvs/src/bin/ksh/emacs.c,v
retrieving revision 1.71
diff -u -p -r1.71 emacs.c
--- emacs.c 29 Aug 2017 23:04:50 - 1.71
+++ emacs.c 30 Aug 2017 12:10:38 -
@@ -1452,9 +1452,6 @@ x_init_emacs(void)
ainit(AEDIT);
x_nextcmd = -1;
- /* XXX unused */
- Flag(FEMACSUSEMETA) = 1;
-
/* new keybinding stuff */
TAILQ_INIT(&kblist);
Index: ksh.1
===
RCS file: /d/cvs/src/bin/ksh/ksh.1,v
retrieving revision 1.193
diff -u -p -r1.193 ksh.1
--- ksh.1 19 Aug 2017 06:19:42 - 1.193
+++ ksh.1 30 Aug 2017 12:10:38 -
@@ -3587,9 +3587,6 @@ character.
.It Ic emacs
Enable BRL emacs-like command-line editing (interactive
Re: ksh: add support for HISTCONTROL ignorespace & ignoredups
Hi Jeremie, Am 30.08.2017 13:04 schrieb Jeremie Courreges-Anglas: This implements a feature I miss from bash. What I care about: - not clog the history with repeated commands - easily prevent some commands to go in the history The diff below implements HISTCONTROL for this, user-facing behavior based on bash. The default ksh behavior doesn't change. I did not implement: - "ignoreboth", which is a shorthand for "ignoredups:ignorespace"; trivial, but not really useful - "erasedups", I have no use for this and it's not as trivial I have yet to put this in an mkr (dunno yet if the space savings of the setlocale removal positively affects the ramdisks). Thoughts? ok? I'd would love to see that feature in ksh since duplicates keep annoying me. I tested your patch on current and it works fine for me. Cheers and thanks Matthias
softraid: export rebuild status to sensor
Hi, like our other hardware raid controller drivers, softraid should report the rebuild state properly. Currently the sensor exports the drive state in that case as "unknown", which is misleading. ok? Patrick diff --git a/sys/dev/softraid.c b/sys/dev/softraid.c index 1593c76bdcd..280e832f849 100644 --- a/sys/dev/softraid.c +++ b/sys/dev/softraid.c @@ -4867,6 +4867,11 @@ sr_sensors_refresh(void *arg) sv->sv_sensor.status = SENSOR_S_WARN; break; + case BIOC_SVREBUILD: + sv->sv_sensor.value = SENSOR_DRIVE_REBUILD; + sv->sv_sensor.status = SENSOR_S_WARN; + break; + case BIOC_SVSCRUB: case BIOC_SVONLINE: sv->sv_sensor.value = SENSOR_DRIVE_ONLINE;
Re: i386 zzz broken, Was: CVS: cvs.openbsd.org: src
On 2017/08/30 09:04, Florian Obser wrote: > On Tue, Aug 29, 2017 at 07:25:33PM -0700, Chris Cappuccio wrote: > > li...@wrant.com [li...@wrant.com] wrote: > > > > > > Please let me know if you want me to generate some dumps or similar, but > > > unfortunately, I can't yet test patches or handle compilation on my own. > > > I realise my info on this is incredibly lacking as quality & usefulness. > > > > > > > Stuart Henderson has an archive of kernels from snapshot builds that you > > can use to better narrow down when the regression started. > > > > Unfortunately I don't remember the URL. > > IIRC sthen asked for it to not be shared, it got shared on misc and he > changed the URL or shutdown the archive. Use this: > https://ftp.hostserver.de/archive/ > > It keeps all base for all archs and packages for amd64 for 80 days. Yes - I do still have the archive for some arches (amd64, armv7, i386, loongson, macppc, octeon, sparc64) - kernels only, archived daily if they changed since the previous snapshot, currently back to the start of 2015 (though I may cull them at some point). If the archive on hostserver doesn't go back far enough, let me know which arch and approx dates of interest and I'll copy the relevant files to somewhere suitable to fetch from.
Re: ksh: kill emacs-usemeta
On Wed, Aug 30 2017, Jeremie Courreges-Anglas wrote: > As mentioned in https://marc.info/?l=openbsd-tech&m=150401359712984&w=2 > emacs-usemeta isn't used since some time already. I have a diff that > just hides the flag but I changed my mind. The people who use the saved > output of "set +o" from an earlier ksh might be negatively affected, but > that's a bit far-fetched. > > So here's the simple diff. ok? > > The first hunk also deletes a useless comment. Actually my tests weren't thorough, it turns out we should probably hide the emacs-usemeta option instead of completely deleting it. Else ksh will stop processing a .profile/.kshrc that contains set +/-o emacs-usemeta, which could lead to confusion... I'll go back to my previous diff. -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
ksh: add support for HISTCONTROL ignorespace & ignoredups
This implements a feature I miss from bash. What I care about:
- not clog the history with repeated commands
- easily prevent some commands to go in the history
The diff below implements HISTCONTROL for this, user-facing behavior
based on bash. The default ksh behavior doesn't change.
I did not implement:
- "ignoreboth", which is a shorthand for "ignoredups:ignorespace";
trivial, but not really useful
- "erasedups", I have no use for this and it's not as trivial
I have yet to put this in an mkr (dunno yet if the space savings of the
setlocale removal positively affects the ramdisks).
Thoughts? ok?
Index: history.c
===
RCS file: /d/cvs/src/bin/ksh/history.c,v
retrieving revision 1.68
diff -u -p -r1.68 history.c
--- history.c 28 Aug 2017 19:41:55 - 1.68
+++ history.c 30 Aug 2017 10:38:43 -
@@ -42,6 +42,8 @@ static FILE *histfh;
static char **current; /* current position in history[] */
static char*hname; /* current name of history file */
static int hstarted; /* set after hist_init() called */
+static int ignoredups; /* ditch duplicated history lines? */
+static int ignorespace;/* ditch lines starting with a space? */
static Source *hist_source;
static uint32_tline_co;
@@ -513,6 +515,28 @@ findhistrel(const char *str)
return start + rec + 1;
}
+void
+sethistcontrol(const char *str)
+{
+ char *spec, *tok, *state;
+
+ ignorespace = 0;
+ ignoredups = 0;
+
+ if (str == NULL)
+ return;
+
+ spec = str_save(str, ATEMP);
+ for (tok = strtok_r(spec, ":", &state); tok != NULL;
+tok = strtok_r(NULL, ":", &state)) {
+ if (strcmp(tok, "ignoredups") == 0)
+ ignoredups = 1;
+ else if (strcmp(tok, "ignorespace") == 0)
+ ignorespace = 1;
+ }
+ afree(spec, ATEMP);
+}
+
/*
* set history
* this means reallocating the dataspace
@@ -608,6 +632,18 @@ histsave(int lno, const char *cmd, int d
{
char*c, *cp;
+ if (ignorespace && cmd[0] == ' ')
+ return;
+
+ c = str_save(cmd, APERM);
+ if ((cp = strrchr(c, '\n')) != NULL)
+ *cp = '\0';
+
+ if (ignoredups && histptr >= history && strcmp(*histptr, c) == 0) {
+ afree(c, APERM);
+ return;
+ }
+
if (dowrite && histfh) {
#ifndef SMALL
struct stat sb;
@@ -623,10 +659,6 @@ histsave(int lno, const char *cmd, int d
}
#endif
}
-
- c = str_save(cmd, APERM);
- if ((cp = strrchr(c, '\n')) != NULL)
- *cp = '\0';
if (histptr < history + histsize - 1)
histptr++;
Index: ksh.1
===
RCS file: /d/cvs/src/bin/ksh/ksh.1,v
retrieving revision 1.193
diff -u -p -r1.193 ksh.1
--- ksh.1 19 Aug 2017 06:19:42 - 1.193
+++ ksh.1 30 Aug 2017 10:38:43 -
@@ -1407,6 +1407,15 @@ It is also searched when a command can't
See
.Sx Functions
below for more information.
+.It Ev HISTCONTROL
+A colon separated list of history settings.
+If
+.Li ignoredups
+is present, lines identical to the previous history line will not be saved.
+If
+.Li ignorespace
+is present, lines starting with a space will not be saved.
+Unknown settings are ignored.
.It Ev HISTFILE
The name of the file used to store command history.
When assigned to, history is loaded from the specified file.
Index: sh.h
===
RCS file: /d/cvs/src/bin/ksh/sh.h,v
retrieving revision 1.61
diff -u -p -r1.61 sh.h
--- sh.h4 Jul 2017 11:46:15 - 1.61
+++ sh.h30 Aug 2017 10:38:43 -
@@ -457,6 +457,7 @@ voidhist_finish(void);
void histsave(int, const char *, int);
#ifdef HISTORY
intc_fc(char **);
+void sethistcontrol(const char *);
void sethistsize(int);
void sethistfile(const char *);
char **histpos(void);
Index: table.h
===
RCS file: /d/cvs/src/bin/ksh/table.h,v
retrieving revision 1.11
diff -u -p -r1.11 table.h
--- table.h 10 Oct 2015 07:35:16 - 1.11
+++ table.h 30 Aug 2017 10:38:43 -
@@ -160,15 +160,16 @@ extern const struct builtin shbuiltins [
#defineV_MAILPATH 6
#defineV_MAILCHECK 7
#defineV_RANDOM8
-#define V_HISTSIZE 9
-#define V_HISTFILE 10
-#define V_VISUAL 11
-#define V_EDITOR 12
-#define V_COLUMNS 13
-#define V_POSIXLY_CORRECT 14
-#define V_TMOUT15
-#define V_TMPDIR 16
-#define V_LINENO 17
+#defineV_HISTCONTROL 9
+#defineV_H
tcpdump: decode RSN beacon elements
This makes tcpdump -v -y IEEE802_11_RADIO decode RSN beacon elements.
Before:
rsn 0x010fac04010fac04010fac02
After:
rsn=
Code which generates this element can be found in ieee80211_add_rsn_body()
in the file sys/net80211/ieee80211_output.c.
ok?
Index: print-802_11.c
===
RCS file: /cvs/src/usr.sbin/tcpdump/print-802_11.c,v
retrieving revision 1.39
diff -u -p -r1.39 print-802_11.c
--- print-802_11.c 4 Mar 2017 17:51:20 - 1.39
+++ print-802_11.c 30 Aug 2017 10:46:14 -
@@ -101,6 +101,9 @@ void ieee80211_print_essid(u_int8_t *,
voidieee80211_print_country(u_int8_t *, u_int);
voidieee80211_print_htcaps(u_int8_t *, u_int);
voidieee80211_print_htop(u_int8_t *, u_int);
+voidieee80211_print_rsncipher(u_int8_t []);
+voidieee80211_print_akm(u_int8_t []);
+voidieee80211_print_rsn(u_int8_t *, u_int);
int ieee80211_print_beacon(struct ieee80211_frame *, u_int);
int ieee80211_print_assocreq(struct ieee80211_frame *, u_int);
int ieee80211_print_elements(uint8_t *);
@@ -601,6 +604,193 @@ ieee80211_print_htop(u_int8_t *data, u_i
printf(">");
}
+void
+ieee80211_print_rsncipher(uint8_t selector[4])
+{
+ if (memcmp(selector, MICROSOFT_OUI, 3) != 0 &&
+ memcmp(selector, IEEE80211_OUI, 3) != 0) {
+ printf("0x%x%x%x%x", selector[0], selector[1], selector[2],
+selector[3]);
+ return;
+ }
+
+ /* See 802.11-2012 Table 8-99 */
+ switch (selector[3]) {
+ case 0: /* use group data cipher suite */
+ printf("usegroup");
+ break;
+ case 1: /* WEP-40 */
+ printf("wep40");
+ break;
+ case 2: /* TKIP */
+ printf("tkip");
+ break;
+ case 4: /* CCMP (RSNA default) */
+ printf("ccmp");
+ break;
+ case 5: /* WEP-104 */
+ printf("wep104");
+ break;
+ case 6: /* BIP */
+ printf("bip");
+ break;
+ default:
+ printf("%d", selector[3]);
+ break;
+ }
+}
+
+void
+ieee80211_print_akm(uint8_t selector[4])
+{
+ if (memcmp(selector, MICROSOFT_OUI, 3) != 0 &&
+ memcmp(selector, IEEE80211_OUI, 3) != 0) {
+ printf("0x%x%x%x%x", selector[0], selector[1], selector[2],
+selector[3]);
+ return;
+ }
+
+ switch (selector[3]) {
+ case 1:
+ printf("802.1x");
+ break;
+ case 2:
+ printf("PSK");
+ break;
+ case 5:
+ printf("SHA256-802.1x");
+ break;
+ case 6:
+ printf("SHA256-PSK");
+ break;
+ default:
+ printf("%d", selector[3]);
+ break;
+ }
+}
+
+/* Caller checks len */
+void
+ieee80211_print_rsn(u_int8_t *data, u_int len)
+{
+ uint16_t version, nciphers, nakms, rsncap, npmk;
+ int i, j;
+ uint8_t selector[4];
+
+ if (len < 2) {
+ ieee80211_print_element(data, len);
+ return;
+ }
+
+ version = (data[0]) | (data[1] << 8);
+ printf("=");
+ return;
+ }
+
+ data += 2;
+ printf(",groupcipher ");
+ for (i = 0; i < 4; i++)
+ selector[i] = data[i];
+ ieee80211_print_rsncipher(selector);
+
+ if (len < 8) {
+ printf(">");
+ return;
+ }
+
+ data += 4;
+ nciphers = (data[0]) | ((data[1]) << 8);
+ data += 2;
+
+ if (len < 8 + (nciphers * 4)) {
+ printf(">");
+ return;
+ }
+
+ printf(",cipher%s ", nciphers > 1 ? "s" : "");
+ for (i = 0; i < nciphers; i++) {
+ for (j = 0; j < 4; j++)
+ selector[j] = data[i + j];
+ ieee80211_print_rsncipher(selector);
+ if (i < nciphers - 1)
+ printf(" ");
+ data += 4;
+ }
+
+ if (len < 8 + (nciphers * 4) + 2) {
+ printf(">");
+ return;
+ }
+
+ nakms = (data[0]) | ((data[1]) << 8);
+ data += 2;
+
+ if (len < 8 + (nciphers * 4) + 2 + (nakms * 4)) {
+ printf(">");
+ return;
+ }
+
+ printf(",akm%s ", nakms > 1 ? "s" : "");
+ for (i = 0; i < nciphers; i++) {
+ for (j = 0; j < 4; j++)
+ selector[j] = data[i + j];
+ ieee80211_print_akm(selector);
+ if (i < nciphers - 1)
+ printf(" ");
+ data += 4;
+ }
+
+ if (len < 8 + (nciphers * 4) + 2 + (nakms * 4) + 2) {
+ printf(">");
+ return;
+ }
+
+ rsncap = (data[0]) | ((data[1]) << 8
[PATCH] Move definition of IMSG_DATA_SIZE() to imsg.h
There is a bunch of programs that define IMSG_DATA_SIZE() themselves in
a similar fashion. This patch reduces code duplication a bit.
---
lib/libutil/imsg.h | 1 +
sbin/iked/iked.h | 1 -
usr.sbin/httpd/httpd.h | 1 -
usr.sbin/relayd/relayd.h | 1 -
usr.sbin/snmpd/snmpd.h | 1 -
usr.sbin/vmd/proc.h | 1 -
6 files changed, 1 insertion(+), 5 deletions(-)
diff --git a/lib/libutil/imsg.h b/lib/libutil/imsg.h
index 8bf9414789b..8436e157b38 100644
--- a/lib/libutil/imsg.h
+++ b/lib/libutil/imsg.h
@@ -23,6 +23,7 @@
#define IBUF_READ_SIZE 65535
#define IMSG_HEADER_SIZE sizeof(struct imsg_hdr)
+#define IMSG_DATA_SIZE(imsg) ((imsg)->hdr.len - IMSG_HEADER_SIZE)
#define MAX_IMSGSIZE 16384
struct ibuf {
diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h
index b536d58e157..dd10990118a 100644
--- a/sbin/iked/iked.h
+++ b/sbin/iked/iked.h
@@ -64,7 +64,6 @@ struct imsgev {
if (IMSG_DATA_SIZE(imsg) < sizeof(*p)) \
fatalx("bad length imsg received"); \
} while (0)
-#define IMSG_DATA_SIZE(imsg) ((imsg)->hdr.len - IMSG_HEADER_SIZE)
#define IKED_ADDR_EQ(_a, _b) \
((_a)->addr_mask == (_b)->addr_mask && \
diff --git a/usr.sbin/httpd/httpd.h b/usr.sbin/httpd/httpd.h
index 05cbb8e3550..c9c1f929c27 100644
--- a/usr.sbin/httpd/httpd.h
+++ b/usr.sbin/httpd/httpd.h
@@ -191,7 +191,6 @@ struct imsgev {
if (IMSG_DATA_SIZE(imsg) < sizeof(*p)) \
fatalx("bad length imsg received"); \
} while (0)
-#define IMSG_DATA_SIZE(imsg) ((imsg)->hdr.len - IMSG_HEADER_SIZE)
#define MAX_IMSG_DATA_SIZE (MAX_IMSGSIZE - IMSG_HEADER_SIZE)
struct ctl_conn {
diff --git a/usr.sbin/relayd/relayd.h b/usr.sbin/relayd/relayd.h
index 6d1ed6e1b0a..5c2a33c20f8 100644
--- a/usr.sbin/relayd/relayd.h
+++ b/usr.sbin/relayd/relayd.h
@@ -889,7 +889,6 @@ struct imsgev {
if (IMSG_DATA_SIZE(imsg) < sizeof(*p)) \
fatalx("bad length imsg received"); \
} while (0)
-#define IMSG_DATA_SIZE(imsg) ((imsg)->hdr.len - IMSG_HEADER_SIZE)
struct ctl_conn {
TAILQ_ENTRY(ctl_conn)entry;
diff --git a/usr.sbin/snmpd/snmpd.h b/usr.sbin/snmpd/snmpd.h
index b4e15bbbec1..0a8c9c50070 100644
--- a/usr.sbin/snmpd/snmpd.h
+++ b/usr.sbin/snmpd/snmpd.h
@@ -105,7 +105,6 @@ struct imsgev {
if (IMSG_DATA_SIZE(imsg) < sizeof(*p)) \
fatalx("bad length imsg received"); \
} while (0)
-#define IMSG_DATA_SIZE(imsg) ((imsg)->hdr.len - IMSG_HEADER_SIZE)
/* initially control.h */
struct control_sock {
diff --git a/usr.sbin/vmd/proc.h b/usr.sbin/vmd/proc.h
index b91f3a5fecb..48ac5736f5b 100644
--- a/usr.sbin/vmd/proc.h
+++ b/usr.sbin/vmd/proc.h
@@ -52,7 +52,6 @@ struct imsgev {
if (IMSG_DATA_SIZE(imsg) < sizeof(*p)) \
fatalx("bad length imsg received (%s)", #p);\
} while (0)
-#define IMSG_DATA_SIZE(imsg) ((imsg)->hdr.len - IMSG_HEADER_SIZE)
/* control socket */
struct control_sock {
--
2.13.3
Re: Remove the no longer true CAVEATS section in rasops.9
> Date: Wed, 30 Aug 2017 07:53:39 +0200 > From: Frederic Cambus > > Hi tech@, > > Remove the CAVEATS section in rasops.9, which no longer holds truth. > > Comments? OK? > > Index: share/man/man9/rasops.9 > === > RCS file: /cvs/src/share/man/man9/rasops.9,v > retrieving revision 1.18 > diff -u -p -r1.18 rasops.9 > --- share/man/man9/rasops.9 21 Aug 2017 11:49:50 - 1.18 > +++ share/man/man9/rasops.9 29 Aug 2017 22:25:52 - > @@ -235,5 +235,3 @@ subsystem was written by > .An Andrew Doran Aq Mt a...@netbsd.org . > Display rotation was written by > .An Christopher Pascoe Aq Mt pas...@openbsd.org . > -.Sh CAVEATS > -Display rotation only works for 16bpp displays. Actually this is still somewhat true. I think underlining only works on 16bpp displays.
ksh: kill emacs-usemeta
As mentioned in https://marc.info/?l=openbsd-tech&m=150401359712984&w=2
emacs-usemeta isn't used since some time already. I have a diff that
just hides the flag but I changed my mind. The people who use the saved
output of "set +o" from an earlier ksh might be negatively affected, but
that's a bit far-fetched.
So here's the simple diff. ok?
The first hunk also deletes a useless comment.
Index: emacs.c
===
RCS file: /d/cvs/src/bin/ksh/emacs.c,v
retrieving revision 1.71
diff -u -p -r1.71 emacs.c
--- emacs.c 29 Aug 2017 23:04:50 - 1.71
+++ emacs.c 30 Aug 2017 09:33:22 -
@@ -1452,10 +1452,6 @@ x_init_emacs(void)
ainit(AEDIT);
x_nextcmd = -1;
- /* XXX unused */
- Flag(FEMACSUSEMETA) = 1;
-
- /* new keybinding stuff */
TAILQ_INIT(&kblist);
/* man page order */
Index: ksh.1
===
RCS file: /d/cvs/src/bin/ksh/ksh.1,v
retrieving revision 1.193
diff -u -p -r1.193 ksh.1
--- ksh.1 19 Aug 2017 06:19:42 - 1.193
+++ ksh.1 30 Aug 2017 09:33:28 -
@@ -3587,9 +3587,6 @@ character.
.It Ic emacs
Enable BRL emacs-like command-line editing (interactive shells only); see
.Sx Emacs editing mode .
-.It Ic emacs-usemeta
-In emacs command-line editing, use the 8th bit as meta (^[) prefix.
-This is the default.
.It Ic gmacs
Enable gmacs-like command-line editing (interactive shells only).
Currently identical to emacs editing except that transpose (^T) acts slightly
Index: misc.c
===
RCS file: /d/cvs/src/bin/ksh/misc.c,v
retrieving revision 1.57
diff -u -p -r1.57 misc.c
--- misc.c 4 Jul 2017 11:46:15 - 1.57
+++ misc.c 30 Aug 2017 09:33:33 -
@@ -129,7 +129,6 @@ const struct option options[] = {
{ "csh-history", 0,OF_ANY }, /* non-standard */
#ifdef EMACS
{ "emacs",0,OF_ANY },
- { "emacs-usemeta", 0, OF_ANY }, /* non-standard */
#endif
{ "errexit",'e',OF_ANY },
#ifdef EMACS
Index: sh.h
===
RCS file: /d/cvs/src/bin/ksh/sh.h,v
retrieving revision 1.61
diff -u -p -r1.61 sh.h
--- sh.h4 Jul 2017 11:46:15 - 1.61
+++ sh.h30 Aug 2017 09:33:37 -
@@ -139,7 +139,6 @@ enum sh_flag {
FCSHHISTORY,/* csh-style history enabled */
#ifdef EMACS
FEMACS, /* emacs command editing */
- FEMACSUSEMETA, /* use 8th bit as meta */
#endif
FERREXIT, /* -e: quit on error */
#ifdef EMACS
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: i386 zzz broken, Was: CVS: cvs.openbsd.org: src
On Tue, Aug 29, 2017 at 07:25:33PM -0700, Chris Cappuccio wrote: > li...@wrant.com [li...@wrant.com] wrote: > > > > Please let me know if you want me to generate some dumps or similar, but > > unfortunately, I can't yet test patches or handle compilation on my own. > > I realise my info on this is incredibly lacking as quality & usefulness. > > > > Stuart Henderson has an archive of kernels from snapshot builds that you > can use to better narrow down when the regression started. > > Unfortunately I don't remember the URL. IIRC sthen asked for it to not be shared, it got shared on misc and he changed the URL or shutdown the archive. Use this: https://ftp.hostserver.de/archive/ It keeps all base for all archs and packages for amd64 for 80 days. -- I'm not entirely sure you are real.
Re: [patch] kbd should give an error unless we're root
On Wed, Aug 30, 2017 at 08:14:16AM +0200, Jeremie Courreges-Anglas wrote: > > Well, the behavior of kbd depends on the permissions of the device > files, not on the fact that you're root or not. Maybe something like > this would be more appropriate? > Ah, you're absolutely right! No idea why, but for some reason I was under the impression that the device files always were owned by root and had its permissions set to 0600.
Re: i386 zzz broken, Was: CVS: cvs.openbsd.org: src
On Tue, Aug 29, 2017 at 04:32:04PM -0700, Mike Larkin wrote: > On Mon, Aug 28, 2017 at 11:18:13PM +0300, li...@wrant.com wrote: > > Mon, 28 Aug 2017 10:16:58 -0600 (MDT) Ted Unangst > > > CVSROOT: /cvs > > > Module name: src > > > Changes by: t...@cvs.openbsd.org2017/08/28 10:16:58 > > > > > > Modified files: > > > usr.sbin/apmd : apmd.8 apmd.c > > > > > > Log message: > > > add -z and -Z options to auto suspend or hibernate when low on battery. > > > from Jesper Wallin > > > > > > > Hi tech@, > > > > Could someone please test and confirm suspend still works on i386? I am > > getting the laptop to wake but it's stuck, black screen, high fan speed, > > no response, only long press on the power button works. It used to work > > flawless, I suspect it might be from the last few snapshots, can't tell. > > > > Ready to provide details if this works elsewhere & someone's interested. > > Please let me know if it's a known/expected issue, or better sendbug(1). > > > > Kind regards, > > Anton Lazarov > > > > Hmm, I can repro this here even with qemu. It's stuck in lapic_delay. > > I'll see if I can track down what's going wrong. It would also help if you > could narrow down when it broke. > > -ml > I figured out what was going on, but it's unclear why this suddenly broke. Once we get to the bottom of what caused the breakage, I'll commit a fix. -ml
Re: csh(1): zap redundant assignment
On Wed, Aug 30 2017, Anton Lindqvist wrote:
> Comments? OK?
Sure.
> Index: lex.c
> ===
> RCS file: /cvs/src/bin/csh/lex.c,v
> retrieving revision 1.24
> diff -u -p -r1.24 lex.c
> --- lex.c 23 Jan 2017 04:53:15 - 1.24
> +++ lex.c 30 Aug 2017 07:09:50 -
> @@ -1426,7 +1426,6 @@ again:
> off = (int) feobp % BUFSIZ;
> roomleft = BUFSIZ - off;
>
> - roomleft = BUFSIZ - off;
> for (;;) {
> if (filec && intty) {
> c = numleft ? numleft : tenex(ttyline, BUFSIZ);
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
csh(1): zap redundant assignment
Comments? OK?
Index: lex.c
===
RCS file: /cvs/src/bin/csh/lex.c,v
retrieving revision 1.24
diff -u -p -r1.24 lex.c
--- lex.c 23 Jan 2017 04:53:15 - 1.24
+++ lex.c 30 Aug 2017 07:09:50 -
@@ -1426,7 +1426,6 @@ again:
off = (int) feobp % BUFSIZ;
roomleft = BUFSIZ - off;
- roomleft = BUFSIZ - off;
for (;;) {
if (filec && intty) {
c = numleft ? numleft : tenex(ttyline, BUFSIZ);
