I don't think we want to do this yet. RAND_bytes and
RAND_pseudo_bytes will not be going away.
On Mon, Apr 21, 2014 at 9:24 PM, Jean-Philippe Ouellet
jean-phili...@ouellet.biz wrote:
Here's another pass.
This replaces RAND_{,pseudo_}bytes() calls with equivelant arc4random_buf(3)
calls for
Sure - I should have spotted that.
Index: ping.c
===
RCS file: /cvs/src/sbin/ping/ping.c,v
retrieving revision 1.100
diff -u -r1.100 ping.c
--- ping.c 24 Mar 2014 11:11:49 - 1.100
+++ ping.c 22 Apr 2014 06:55:03
On Tue, Apr 22, 2014 at 02:57:54AM -0400, pe...@petermalone.org wrote:
Sure - I should have spotted that.
Still not there. Please use the fact that calloc can multiply, you get
an overflow check for free.
-Otto
Index: ping.c
Il giorno 22/apr/2014 06.59, Kārlis Miķelsons karlis.mikels...@lf.lv ha
scritto:
Hello,
Your DNS is broken. xauth is trying to resolve the current hostname.
Fix DNS or add something to /etc/hosts.
Thank you for your suggestion, but it didn't help.
$ cat /etc/resolv.conf
family inet4
It's the pms(4) driver. It happens on some Dell laptops that have a
crappy
non fully standard synaptics (alps?) touchpad.
It seems so, today this laptop booted up without pms device for some
reason,
and without it X.org started up instantly.
--
Karlis
Please switch it to poll(2) like ping6(8) is doing, there by side
stepping the whole issue.
On Tue, Apr 22, 2014 at 09:33:50AM +0200, Otto Moerbeek wrote:
On Tue, Apr 22, 2014 at 02:57:54AM -0400, pe...@petermalone.org wrote:
Sure - I should have spotted that.
Still not there. Please use
On Tue, Apr 22, 2014 at 10:29 AM, Kārlis Miķelsons
karlis.mikels...@lf.lv wrote:
It's the pms(4) driver. It happens on some Dell laptops that have a crappy
non fully standard synaptics (alps?) touchpad.
It seems so, today this laptop booted up without pms device for some reason,
and without
On Tue, Apr 22, 2014 at 12:45:25AM -0400, Peter Malone wrote:
Hi,
malloc memset can be replaced with calloc in ping.c. Please see below for
patch details:
Index: ping.c
===
RCS file: /cvs/src/sbin/ping/ping.c,v
retrieving
This replaces RAND_{,pseudo_}bytes() calls with equivelant arc4random_buf(3)
calls for apps/ and ssl/ (crypto/ still has a bunch).
Actually last time this was discussed, the idea was to leave this as-is for
now. Then we can decide if the stronger of the two should remain a seperate
name.
You are now clearing only the first time.
malloc memset can be replaced with calloc in ping.c. Please see below
for patch details:
Index: ping.c
===
RCS file: /cvs/src/sbin/ping/ping.c,v
retrieving revision 1.100
diff -u
On Mon, Apr 21, 2014 at 09:39:55PM -0300, Fernando Gont wrote:
Hi, Loganaden,
NetBSD really had these? I seem to recall that OpenBSD was the only BSD
variant with these (sensible) knobs.
Thanks,
Fernando
They copied it from OpenBSD in 2012:
kernel: Add sysctls to avoid ipv6 DoS
On 19 April 2014 13:20, Loganaden Velvindron lo...@elandsys.com wrote:
On Sat, Apr 19, 2014 at 04:04:30AM -0700, Loganaden Velvindron wrote:
Hi All,
I'm taking a short break from playing with pf statistics.
There were 4 sysctls added from KAME, but the man pages weren't updated
accordingly.
It's the pms(4) driver. It happens on some Dell laptops that have a
crappy
non fully standard synaptics (alps?) touchpad.
It seems so, today this laptop booted up without pms device for some
reason,
and without it X.org started up instantly.
Try to disable pms:
# config -e -f /bsd
Hello folks,
The removal of OPENSSL_malloc/OPENSSL_free ...
etc will cause a LOT of pain There is non négligeable number of
applications which are strongly depending on this functionality,
they use it for example to allocate SSL data structures in memory shared
between multiple forked
On 22 April 2014 08:49, Vadim Lebedev va...@mbdsys.com wrote:
Hello folks,
The removal of OPENSSL_malloc/OPENSSL_free ...
etc will cause a LOT of pain There is non négligeable number of
applications which are strongly depending on this functionality,
they use it for example to allocate
The removal of OPENSSL_malloc/OPENSSL_free ...
etc will cause a LOT of pain
Which is why they are not removed.
There is non négligeable number of
applications which are strongly depending on this functionality,
they use it for example to allocate SSL data structures in memory shared
I see a lot of duplication between lib/libc/time/strftime.c and
lib/libc/time/wcsftime.c.
Since I would like to implement LC_TIME support, I would prefer to
change only in one place but before that I prepared a simple
regression test for strftime and wcsftime that is attached.
Checking NetBSD
Theo de Raadt deraadt at cvs.openbsd.org writes:
The removal of OPENSSL_malloc/OPENSSL_free ...
etc will cause a LOT of pain
Which is why they are not removed.
There is non négligeable number of
applications which are strongly depending on this functionality,
they use it
Hi,
Vadim Lebedev wrote on Tue, Apr 22, 2014 at 01:17:16PM +:
Theo de Raadt deraadt at cvs.openbsd.org writes:
Vadim Lebedev wrote:
The removal of OPENSSL_malloc/OPENSSL_free ...
etc will cause a LOT of pain
Which is why they are not removed.
I was alarmed by this:
It happened! A remote peer *requires* IKEv2 - and I've to do that on a
machine running isakmpd with somewhat 25+ IKEv1 peers.
First hurdle: I cannot bind iked to a certain (carp) IP-address. Mad
workaround: start isakmpd (with Listen-on) first.
Second hurdle: iked loads its SAs and eventually
On 22 April 2014 17:13, Philipp
e1c1bac6253dc54a1e89ddc046585...@posteo.net wrote:
It happened! A remote peer *requires* IKEv2 - and I've to do that on a
machine running isakmpd with somewhat 25+ IKEv1 peers.
First hurdle: I cannot bind iked to a certain (carp) IP-address. Mad
workaround:
Hi tech,
it's Trojan horse not Trojan horsed, right?
Fritjof
Index: security.8
===
RCS file: /cvs/src/share/man/man8/security.8,v
retrieving revision 1.23
diff -u -p -r1.23 security.8
--- security.8 20 Apr 2014 22:15:49 -
* Fritjof Bornebusch frit...@alokat.org [2014-04-22 18:29]:
it's Trojan horse not Trojan horsed, right?
yup.
a trojan horse.
the binary has been trojan horsed.
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and
On 22 Apr 2014, at 18:32, Henning Brauer lists-openbsdt...@bsws.de wrote:
the binary has been trojan horsed.
Not sure if urban dictionary should be a terminology pool for manual
pages.
Also, there's clearly a hyphen missing: ``trojan-horsed''. No capital
T obviously since the term is common
On Tue, Apr 22, 2014 at 06:32:12PM +0200, Henning Brauer wrote:
* Fritjof Bornebusch frit...@alokat.org [2014-04-22 18:29]:
it's Trojan horse not Trojan horsed, right?
yup.
a trojan horse.
the binary has been trojan horsed.
As Henning notes, it was gramatically correct as written (if you
On Tue, Apr 22, 2014 at 18:28, Fritjof Bornebusch wrote:
Hi tech,
it's Trojan horse not Trojan horsed, right?
Fritjof
Index: security.8
===
RCS file: /cvs/src/share/man/man8/security.8,v
retrieving revision 1.23
diff -u
My bad Dirk - you're right with that one.
I'll take a look at this when I get home, and either apply your fix or
disentangle this in a hopefully more obvious way.
On Mon, Apr 21, 2014 at 1:53 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 21.04.14 19:01, Bob Beck wrote:
Not quite, because
On 22.04.14 19:16, Bob Beck wrote:
I'll take a look at this when I get home, and either apply your fix or
disentangle this in a hopefully more obvious way.
How shall I proceed with the other fixes? Just bundle them as diffs
against the current revision an put them on the list as new threads?
Post diffs one per message per thing you're trying to do - example
fix leak in foo.c - etc.
You may have slow replies for a few days, people are travelling
On Tue, Apr 22, 2014 at 12:12 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 22.04.14 19:16, Bob Beck wrote:
I'll take a look at this
Personally, when sysmerge asks if I'd like to merge something I'd
prefer a little breathing room at the prompt. (Will this break
anything?)
Index: usr.bin/sdiff//sdiff.c
===
RCS file: /work/cvsroot/src/usr.bin/sdiff/sdiff.c,v
Sorry, my webmail client ate the whitespace. mutt is a casualty of the
Valhalla rampage (whines about permissions on /dev/arandom) and kerberosV
removal. I'll rebuild mutt from ports and resubmit.
-Original Message-
From: Kent R. Spillner kspill...@acm.org
Sent: Tuesday, April 22, 2014
rm: /usr/libdata/perl5/site_perl/amd64-openbsd/kerberosV: is a directory
Index: faq/current.html
===
RCS file: /work/cvsroot/www/faq/current.html,v
retrieving revision 1.502
diff -p -u -r1.502 current.html
--- faq/current.html22
Committed, thanks.
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Thanks Florian team.
Please review the following diff.
Index: ping.c
===
RCS file: /cvs/src/sbin/ping/ping.c,v
retrieving revision 1.100
diff -u -p -u -r1.100 ping.c
--- ping.c 24 Mar 2014 11:11:49 - 1.100
+++ ping.c
Hi,
Another cleanup of malloc memset with calloc. This time with dmesg.
Index: dmesg.c
===
RCS file: /cvs/src/sbin/dmesg/dmesg.c,v
retrieving revision 1.22
diff -u -p -u -r1.22 dmesg.c
--- dmesg.c 2 Jul 2010 22:02:06 -
Hi tech,
there are some never read variables in ftp.c.
The local variable error is set but there is either a
goto bad;
bad:
(void)close(data), data = -1;
if (tmpno)
sendport = 1;
return (1);
and the variable is not going to read here.
Hi,
Another malloc memset to calloc cleanup. This time in mountd.c
Index: mountd.c
===
RCS file: /cvs/src/sbin/mountd/mountd.c,v
retrieving revision 1.73
diff -u -p -u -r1.73 mountd.c
--- mountd.c24 Mar 2014 00:19:48 -
Try to disable pms:
# config -e -f /bsd
UKCdisable pms
And see if you can reproduce the problem.
I can, after disabling pms device, X.org starts just fine.
Great. Could you compile a kernel with the diff below applied and post
its dmesg after starting Xorg. I'm guessing that the delay comes
Hi,
Another replacement of malloc memset with calloc. This time in init.c.
Also added a check as non existed prior to this.
Index: init.c
===
RCS file: /cvs/src/sbin/init/init.c,v
retrieving revision 1.49
diff -u -p -u -r1.49
Hi,
Another replacement of malloc memset with calloc. This time in bioctl.c.
Index: bioctl.c
===
RCS file: /cvs/src/sbin/bioctl/bioctl.c,v
retrieving revision 1.119
diff -u -p -u -r1.119 bioctl.c
--- bioctl.c18 Jan 2014
On Tue, Apr 22, 2014 at 03:58:23PM -0400, pe...@petermalone.org wrote:
Hi,
Another replacement of malloc memset with calloc. This time in init.c.
Also added a check as non existed prior to this.
Index: init.c
===
RCS file:
On Tue, Apr 22, 2014 at 10:07:10PM +0200, Stefan Sperling wrote:
On Tue, Apr 22, 2014 at 03:58:23PM -0400, pe...@petermalone.org wrote:
Hi,
Another replacement of malloc memset with calloc. This time in init.c.
Also added a check as non existed prior to this.
Index: init.c
No worries. :)
Quoting Stefan Sperling s...@openbsd.org:
On Tue, Apr 22, 2014 at 10:07:10PM +0200, Stefan Sperling wrote:
On Tue, Apr 22, 2014 at 03:58:23PM -0400, pe...@petermalone.org wrote:
Hi,
Another replacement of malloc memset with calloc. This time in init.c.
Also added a check
Hi,
Another replacement of malloc memset with calloc. This time in
dhclient/clparse.c
RCS file: /cvs/src/sbin/dhclient/clparse.c,v
retrieving revision 1.83
diff -u -p -u -r1.83 clparse.c
--- clparse.c 25 Jan 2014 05:21:23 - 1.83
+++ clparse.c 22 Apr 2014 20:16:36 -
@@
On Tue, Apr 22, 2014 at 15:49, pe...@petermalone.org wrote:
Hi,
Another malloc memset to calloc cleanup. This time in mountd.c
Can you be careful about whitespace? Your diffs have spaces instead of
tabs and don't apply.
The ones you've sent I can hand apply, but for future diffs please
work
Note you can often have this problem if you cut and paste your diff
into a mail message
Normally best to use something that allows you to just include the
diff from a file inline.
To check it, mail *yourself* the diff. If you can save the email
message raw and apply the
diff just by running
Damn it - that's my bad. I'll stop sending more of these patches (i
have a lot) until I get that sorted.
Apologies!
Quoting Ted Unangst t...@tedunangst.com:
On Tue, Apr 22, 2014 at 15:49, pe...@petermalone.org wrote:
Hi,
Another malloc memset to calloc cleanup. This time in mountd.c
Thanks Bob. I'll do that.
Quoting Bob Beck b...@obtuse.com:
Note you can often have this problem if you cut and paste your diff
into a mail message
Normally best to use something that allows you to just include the
diff from a file inline.
To check it, mail *yourself* the diff. If you can
On Mon, Apr 21, 2014 at 05:37, Dirk Engling wrote:
On 21.04.14 04:56, Ted Unangst wrote:
Also, can you include diffs inline please? One diff per email. Maybe
just one or two emails to start, then try sending the rest after we
see how that goes?
fix double free in d2i_ASN1_bytes by setting
Thanks ted. now I don't have to do it :)
Send more diffs Dirk :)
On Tue, Apr 22, 2014 at 2:38 PM, Ted Unangst t...@tedunangst.com wrote:
On Mon, Apr 21, 2014 at 05:37, Dirk Engling wrote:
On 21.04.14 04:56, Ted Unangst wrote:
Also, can you include diffs inline please? One diff per email.
On Thu, Apr 17, 2014 at 11:52:09AM -0500, Vladimir Támara Patiño wrote:
I see a lot of duplication between lib/libc/time/strftime.c and
lib/libc/time/wcsftime.c.
Since I would like to implement LC_TIME support, I would prefer to
change only in one place but before that I prepared a simple
On Tue, Apr 22, 2014 at 2:43 PM, Stefan Sperling s...@openbsd.org wrote:
Your regression test has at least one bug ('bad' is never initialised).
It's perhaps bad *style* to not explicitly initialize it, but C99
6.7.8p10 says If an object that has static storage duration is not
initialized
Hi tech@,
I put my hands today on a Dell Lattitude 3440 and it has an Atheros
AR9565 and a Realtek 8168. Trying -current on it shows up that re(4)
attaches but it cannot recognize the hardware revision and properly
init the card (full dmesg at end):
re0 at pci3 dev 0 function 0 Realtek
On Tue, Apr 22, 2014 at 02:57:17PM -0700, Matthew Dempsky wrote:
On Tue, Apr 22, 2014 at 2:43 PM, Stefan Sperling s...@openbsd.org wrote:
Your regression test has at least one bug ('bad' is never initialised).
It's perhaps bad *style* to not explicitly initialize it, but C99
6.7.8p10 says
Hi tech,
matchlen = 0; is never used.
Fritjof
Index: complete.c
===
RCS file: /cvs/src/usr.bin/ftp/complete.c,v
retrieving revision 1.26
diff -u -p -r1.26 complete.c
--- complete.c 26 Apr 2010 16:51:59 - 1.26
+++
remove M_ASN1_New_Malloc, M_ASN1_New, M_ASN1_New_Error marcos, they hide
a malloc and are only used once
Index: x_pkey.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_pkey.c,v
retrieving revision 1.10
diff -u -r1.10 x_pkey.c
I will be a minute reading this. The comment from the context at the
bottom of the diff has
me laughing and crying again...
On Tue, Apr 22, 2014 at 5:43 PM, Dirk Engling erdge...@erdgeist.org wrote:
remove M_ASN1_New_Malloc, M_ASN1_New, M_ASN1_New_Error marcos, they hide
a malloc and are only
Ok, this time with more mutt:
Index: usr.bin/sdiff//sdiff.c
===
RCS file: /work/cvsroot/src/usr.bin/sdiff/sdiff.c,v
retrieving revision 1.30
diff -p -u -r1.30 sdiff.c
--- usr.bin/sdiff//sdiff.c 26 Nov 2013 21:08:12 -
If I'm not mistaken, we had no drivers left that use those types?
(I've only found references to the now defunct pdq and midway.)
Index: bpf.c
===
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.92
diff -u -p -p -u -r1.92
Bob Beck b...@obtuse.com writes:
I will be a minute reading this. The comment from the context at the
bottom of the diff has
me laughing and crying again...
Note that asn1_mac.h is installed...
On Tue, Apr 22, 2014 at 5:43 PM, Dirk Engling erdge...@erdgeist.org wrote:
remove
I believe the %u format is incorrect in these cases as these are signed ints.
Brad
Index: apps/speed.c
===
RCS file: /cvs/src/lib/libssl/src/apps/speed.c,v
retrieving revision 1.34
diff -u -r1.34 speed.c
--- apps/speed.c 22 Apr 2014
Note that asn1_mac.h is installed...
You're right, I found it referenced at least here:
http://opensource.apple.com/source/OpenSSL/OpenSSL-5/openssl/crypto/asn1/p5_pbev2.c
erdgeist
I hate the amount of useless garbage API this thing exposes
externally, that we then have to wonder WTF out there might use
it G.
Dirk the right way to do this is leave the macros for now (ick) but
change the internals of all our stuff to use intrinsics
without the use of the macros. We
Once we have that done we might at an opportune time ask our intrepid
ports builders to find out for us who
is using that little gem, and we could *conisder* removing it then if
we're certain nobody has walked in looking like
an Oatmeal-drawn dog and said Oh boy Oh boy.. ANOTHER malloc wrapper
I
* remove unnecessary temp variable d
* move loop counter j in for() header
* fix prototype for memcpy
* make calculation of actual length in BN_to_ASN1_ENUMERATED
more transparent
This code still looks rather odd, it uses a temporary buffer to first
convert the number into a minimal little
Index: tasn_fre.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/tasn_fre.c,v
retrieving revision 1.9
diff -u -r1.9 tasn_fre.c
--- tasn_fre.c 18 Apr 2014 12:15:48 - 1.9
+++ tasn_fre.c 23 Apr 2014 01:47:49 -
@@ -247,7
On Mon, Apr 14, 2014 at 12:12, Otto Moerbeek wrote:
On Sun, Apr 13, 2014 at 06:34:17PM -0400, Ted Unangst wrote:
I took another look at the way junk works in malloc, and there's a few
improvements I'd like to make.
I have't been able to build perl reliably with this diff, but haven't
ruled
Index: n_pkey.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/n_pkey.c,v
retrieving revision 1.15
diff -u -r1.15 n_pkey.c
--- n_pkey.c21 Apr 2014 11:37:41 - 1.15
+++ n_pkey.c23 Apr 2014 01:50:02 -
@@ -205,7
Index: x_x509.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_x509.c,v
retrieving revision 1.12
diff -u -r1.12 x_x509.c
--- x_x509.c18 Apr 2014 11:20:32 - 1.12
+++ x_x509.c23 Apr 2014 01:54:03 -
@@ -125,6
Hi tech@,
Sending this patch for comment...
CRYPTO_memcmp() is different to memcmp() because it can only check
for equality, not greater-than/less-than.
If we check the string in reverse order we can remove a variable
from the comparison loop.
Does this look ok?
- Michael
Index: cryptlib.c
Thanks committed. This would have been matched by
RL_HWREV_8168G_SPIN2 had I not forgotten to mask the define
with 0x7c80 when adding it.
On Tue, Apr 22, 2014 at 06:02:41PM -0400, Rafael Neves wrote:
Hi tech@,
I put my hands today on a Dell Lattitude 3440 and it has an Atheros
AR9565
Nope. One of those things is not like the other..
On Tue, Apr 22, 2014 at 7:05 PM, Michael W. Bombardieri m...@ii.net wrote:
Hi tech@,
Sending this patch for comment...
CRYPTO_memcmp() is different to memcmp() because it can only check
for equality, not greater-than/less-than.
If we check
Looks good, but if you chase something like this, it's ok to send a
diff that kills all of them at once in the same file, like this. which
replaces everywhere the original author didn't know about sizeof(buf)
:)
-Bob
Index: n_pkey.c
On Wed, Apr 23, 2014 at 09:05, Michael W. Bombardieri wrote:
CRYPTO_memcmp() is different to memcmp() because it can only check
for equality, not greater-than/less-than.
If we check the string in reverse order we can remove a variable
from the comparison loop.
Does this look ok?
Almost,
Yes, ok
committed
On Wed, Apr 23, 2014 at 03:55:19AM +0200, Dirk Engling wrote:
Index: x_x509.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_x509.c,v
retrieving revision 1.12
diff -u -r1.12 x_x509.c
--- x_x509.c 18
+ while (n-- 0)
+ x |= a[n] ^ b[n];
Won't compare the bytes at [0].
Uh? It will, n gets decremented after the test but before the x |=
statement.
I think switching this to be
timingsafe_bcmp would be better, then we only have copy.
Agreed.
Hi,
You are welcome. And thank you for looking at this!
On Tue, Apr 22, 2014 at 11:45 PM, Jonathan Gray j...@jsg.id.au wrote:
Thanks committed. This would have been matched by
RL_HWREV_8168G_SPIN2 had I not forgotten to mask the define
with 0x7c80 when adding it.
On Tue, Apr 22, 2014
On Wed, Apr 23, 2014 at 04:39:01AM +, Miod Vallat wrote:
+ while (n-- 0)
+ x |= a[n] ^ b[n];
Won't compare the bytes at [0].
Uh? It will, n gets decremented after the test but before the x |=
statement.
Heh. you're right. And both Ted and I were dumbasses. I have
tied
On Tue, Apr 22, 2014 at 10:33:55PM -0600, Bob Beck wrote:
Yes, ok
committed
On Wed, Apr 23, 2014 at 03:55:19AM +0200, Dirk Engling wrote:
Index: x_x509.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_x509.c,v
79 matches
Mail list logo