ftp(1): tls_close(3) handle TLS_WANT_POLLIN, TLS_WANT_PLLOUT

Hi, tls_close() could return TLS_WANT_POLLIN, TLS_WANT_POLLOUT as well. This diff repeats the call immediately. Ok? cvs server: Diffing . Index: fetch.c === RCS file: /cvs/src/usr.bin/ftp/fetch.c,v retrieving revision 1.161 diff -u

Re: ftp doesn't close(2) the output file

Theo de Raadt writes: >> > Index: fetch.c >> > === >> > RCS file: /cvs/src/usr.bin/ftp/fetch.c,v >> > retrieving revision 1.161 >> > diff -u -p -r1.161 fetch.c >> > --- fetch.c28 Feb 2017 06:31:12 -

Re: ftp doesn't close(2) the output file

> > Index: fetch.c > > === > > RCS file: /cvs/src/usr.bin/ftp/fetch.c,v > > retrieving revision 1.161 > > diff -u -p -r1.161 fetch.c > > --- fetch.c 28 Feb 2017 06:31:12 - 1.161 > > +++ fetch.c 1 Mar 2017 23:21:46 - > >

Re: ftp doesn't close(2) the output file

Stuart Henderson writes: > ftp doesn't close the output file after writing it. Normally you're > exiting anyway at that point so it doesn't really matter, but if you've > specified multiple URLs on the command line this leaks 1 FD per > requested file. Most noticable if

Re: vmd: fixed lladdr for VM guests to prevent MAC spoofing

On Wed, Mar 01, 2017 at 07:17:10PM +0100, Reyk Floeter wrote: > On Wed, Mar 01, 2017 at 01:04:57PM +0100, Reyk Floeter wrote: > > Hi, > > > > add the new "fixed lladdr" option: when multiple VMs are connected to > > a switch, it is desirable that an individual VM cannot spoof another > > MAC

Re: efiboot: disallow com(4) speed changes

On Wed, Mar 1, 2017 at 5:41 PM, sven falempin wrote: > > > On Wed, Mar 1, 2017 at 4:31 AM, Patrick Wildt wrote: > >> Hi, >> >> there is no com(4) direct access support in EFI, so setting the speed >> will fail and crash the EFI Application. Happens

Re: priq: proposed change in the behavior

On 2 March 2017 at 02:43, Mike Belopuhov wrote: > On 2 March 2017 at 01:35, David Gwynne wrote: >> On Wed, Mar 01, 2017 at 10:03:42PM +0100, Mike Belopuhov wrote: >>> Priority queueing is the default policy in OpenBSD and it >>> distributes outgoing

Re: priq: proposed change in the behavior

On 2 March 2017 at 01:35, David Gwynne wrote: > On Wed, Mar 01, 2017 at 10:03:42PM +0100, Mike Belopuhov wrote: >> Priority queueing is the default policy in OpenBSD and it >> distributes outgoing packets in 8 lists by priority (0-7) with >> an aggregate queue depth set by the

Re: priq: introduce ifq_drop

On Wed, Mar 01, 2017 at 10:06:30PM +0100, Mike Belopuhov wrote: > I've realised that something like this would be nice for convenience, > but not crucial. I'd prefer not to pass the mbuf pointer, but there's > no decent way around it. the api published in ifq.h should list what can safely be

Re: priq: proposed change in the behavior

On Wed, Mar 01, 2017 at 10:03:42PM +0100, Mike Belopuhov wrote: > Priority queueing is the default policy in OpenBSD and it > distributes outgoing packets in 8 lists by priority (0-7) with > an aggregate queue depth set by the interface: pseudo interfaces > use IFQ_MAXLEN defined equal to 256,

Re: priq: convert to mbuf lists

On 2 March 2017 at 00:56, David Gwynne wrote: > >> On 2 Mar 2017, at 06:43, Mike Belopuhov wrote: >> >> This convers hand rolled lists into exactly the same mbuf_lists. >> I need this because of the next diff that uses the ml_len packet >> counter that

Re: [PATCH] Minor spelling fixes throughout gcc md files

On Wed, Mar 01, 2017 at 04:45:33PM -0500, Carlos E. Garcia wrote: > Greetings, > > Here follows some minor spelling fixes found in markdown files inside > the gcc folder. Wanted something simple for my first patch. > > Any insight or comments? We generally aren't interested in changes like this

ftp doesn't close(2) the output file

ftp doesn't close the output file after writing it. Normally you're exiting anyway at that point so it doesn't really matter, but if you've specified multiple URLs on the command line this leaks 1 FD per requested file. Most noticable if you do some lazy benchark like "ftp -o/dev/null `yes

Re: Fix broken example link in packages.7

On 2017/03/01 23:39, Frederic Cambus wrote: > Following tj@ and sthen@ suggestions, use %c and %a instead of > hardcoding strings, and switch to http instead of https. > > Index: share/man/man7/packages.7 > === > RCS file:

Re: priq: introduce ifq_drop

On Wed, Mar 01, 2017 at 10:06:30PM +0100, Mike Belopuhov wrote: > I've realised that something like this would be nice for convenience, > but not crucial. I'd prefer not to pass the mbuf pointer, but there's > no decent way around it. A new function that combines only three commands and that is

Re: priq: proposed change in the behavior

On Wed, Mar 01, 2017 at 10:03:42PM +0100, Mike Belopuhov wrote: > The diff below changes the policy to a head drop from the queue > with the lowest priority than the packet we're trying to > enqueue. What you explain makes sense. OK bluhm@ > diff --git sys/net/ifq.c sys/net/ifq.c > index

Re: efiboot: disallow com(4) speed changes

On Wed, Mar 1, 2017 at 4:31 AM, Patrick Wildt wrote: > Hi, > > there is no com(4) direct access support in EFI, so setting the speed > will fail and crash the EFI Application. Happens when you run stty > com0 115200. > > ok? > > Patrick > > > diff --git

Re: Fix broken example link in packages.7

On Tue, Feb 28, 2017 at 09:14:49PM +, Stuart Henderson wrote: > On 2017/02/28 20:28, Frederic Cambus wrote: > > Hi tech@, > > > > In packages.7, PKG_PATH points to a broken link. This diff fixes it. > > https is going to be horrible for pkg_add -u... Following tj@ and sthen@ suggestions,

Re: priq: convert to mbuf lists

On Wed, Mar 01, 2017 at 09:43:16PM +0100, Mike Belopuhov wrote: > This convers hand rolled lists into exactly the same mbuf_lists. > I need this because of the next diff that uses the ml_len packet > counter that mbuf_lists have. Otherwise there's no functional > change. > void * >

Re: C99 initializers for domains

On Wed, Mar 01, 2017 at 01:40:58PM +0100, Martin Pieuchot wrote: > I converted the declarations when I audited the existing 'dom_init' > functions. > +struct domain inet6domain = { > + .dom_family = AF_INET6, > + .dom_name = "internet6", > + .dom_protosw = (struct protosw *)inet6sw, > +

Re: nd6_timer & global list of IPv6 addresses

On Wed, Mar 01, 2017 at 12:46:08PM +0100, Martin Pieuchot wrote: > The work done in this timer should be considerably reduced when we'll > move autoconf out of the kernel. However we'll always need to check > for IPv6 address life time expiration. This use case doesn't justify > a specific

Re: Global list of IPv6 addresses & icmp6

On Wed, Mar 01, 2017 at 12:39:56PM +0100, Martin Pieuchot wrote: > Like for IPv4, I'd like to get rid of this global list. The reason is > that having fewer global data structures means fewer locking. > > Here's a trivial conversion to use the routing table in ICMPv6 echo > reply code. Note

[PATCH] Minor spelling fixes throughout gcc md files

Greetings, Here follows some minor spelling fixes found in markdown files inside the gcc folder. Wanted something simple for my first patch. Any insight or comments? Cheers, Carlos Index: gcc/config/alpha/alpha.md === RCS file:

Re: vmd + httpd + meta-data

On Wed, Mar 01, 2017 at 09:29:30AM +0100, Reyk Floeter wrote: > On Mon, Feb 27, 2017 at 10:37:04PM +0100, Kristaps Dzonsons wrote: > > > I wrote this little tool for vmd that is not intended for the tree, > > > but will eventually go into ports (it uses kcgi which is not in base). > > > > Have

priq: proposed change in the behavior

Priority queueing is the default policy in OpenBSD and it distributes outgoing packets in 8 lists by priority (0-7) with an aggregate queue depth set by the interface: pseudo interfaces use IFQ_MAXLEN defined equal to 256, hardware device drivers normally size it by their TX ring minus 1

Re: relayd(8): more rdomain integration diff

Hi double-p! On Wed, Mar 01, 2017 at 08:00:30PM +0100, Philipp Buehler wrote: > Hi folks, > > after trying forth and back to overcome some limitations in relayd along > multiple > "instances" and rdomain/rtable I decided to scrub some rust of my C/yacc and > produced the following diffs against

priq: convert to mbuf lists

This convers hand rolled lists into exactly the same mbuf_lists. I need this because of the next diff that uses the ml_len packet counter that mbuf_lists have. Otherwise there's no functional change. --- sys/net/ifq.c | 48 ++-- 1 file changed, 18

OpenBSD errata, Mar 1, 2017

A man-in-the-middle vulnerability has been found in OpenBSD's wireless stack. A malicious access point can trick an OpenBSD client using WPA1 or WPA2 into connecting to this malicious AP instead of the desired AP. When this attack is used successfully the OpenBSD client will send and accept

Re: /bsd: file: table is full

Peter Haag wrote: > Hi list, > I'm running a moderate busy OpenBSD 6.0 server for mail ( postfix, cyrus ) as > well as > web server ( nginx, php ) and experiance the following kernel messages: > > /bsd: file: table is full > > /bsd: process: table is full > > Is there an advice or rule on how

relayd(8): more rdomain integration diff

Hi folks, after trying forth and back to overcome some limitations in relayd along multiple "instances" and rdomain/rtable I decided to scrub some rust of my C/yacc and produced the following diffs against -current to relayd and relayctl. Feats: - relayd/relayctl: -s sockname; obviously and

Re: vmd: fixed lladdr for VM guests to prevent MAC spoofing

On Wed, Mar 01, 2017 at 01:04:57PM +0100, Reyk Floeter wrote: > Hi, > > add the new "fixed lladdr" option: when multiple VMs are connected to > a switch, it is desirable that an individual VM cannot spoof another > MAC address, especially when using meta-data*. vmd(8) can enforce > this by

[PATCH] Update link to the VMware backdoor docs

The link to the VMware backdoor docs in the vmt(4) driver is dead. Update it to a working one. Index: src/sys/dev/pv/vmt.c === RCS file: /cvs/src/sys/dev/pv/vmt.c,v retrieving revision 1.12 diff -u -p -r1.12 vmt.c ---

/bsd: file: table is full

Hi list, I'm running a moderate busy OpenBSD 6.0 server for mail ( postfix, cyrus ) as well as web server ( nginx, php ) and experiance the following kernel messages: /bsd: file: table is full /bsd: process: table is full Is there an advice or rule on how the values kern.maxfiles,

Re: PF_ROUTE vs NET_LOCK()

On Tue, Feb 28, 2017 at 01:28:45PM +0100, Martin Pieuchot wrote: > Routing sockets do not really need the NET_LOCK(), only route_output() > needs it. That depends what the future use of the netlock will be. route_input() is called from tcp, icmp, arp timers. Currently they have kernel lock, but

Re: xdm in afterboot

On 2017/03/01 15:08, Jan Stary wrote: > The transition from xdm to xenodm is not reflected in afterboot(8). *ponders* does it actually need to change name? In terms of configuration etc it's all the same as xdm, minus the parts that have been removed... This might be easier than diagnosing

Re: xdm in afterboot

On Wed, Mar 01, 2017 at 03:08:41PM +0100, Jan Stary wrote: > The transition from xdm to xenodm is not reflected in afterboot(8). > > Jan > fixed, thanks. jmc > Index: share/man/man8/afterboot.8 > === > RCS file:

Re: C99 initializers for domains

OK On Wed, Mar 01, 2017 at 01:40:58PM +0100, Martin Pieuchot wrote: > I converted the declarations when I audited the existing 'dom_init' > functions. > > ok? > > Index: kern/uipc_proto.c > === > RCS file:

xdm in afterboot

The transition from xdm to xenodm is not reflected in afterboot(8). Jan Index: share/man/man8/afterboot.8 === RCS file: /cvs/src/share/man/man8/afterboot.8,v retrieving revision 1.157 diff -u -p -u -p -r1.157 afterboot.8 ---

C99 initializers for domains

I converted the declarations when I audited the existing 'dom_init' functions. ok? Index: kern/uipc_proto.c === RCS file: /cvs/src/sys/kern/uipc_proto.c,v retrieving revision 1.12 diff -u -p -r1.12 uipc_proto.c --- kern/uipc_proto.c

vmd: fixed lladdr for VM guests to prevent MAC spoofing

Hi, add the new "fixed lladdr" option: when multiple VMs are connected to a switch, it is desirable that an individual VM cannot spoof another MAC address, especially when using meta-data*. vmd(8) can enforce this by comparing the address in the Ethernet header with the configured/generated

nd6_timer & global list of IPv6 addresses

The work done in this timer should be considerably reduced when we'll move autoconf out of the kernel. However we'll always need to check for IPv6 address life time expiration. This use case doesn't justify a specific global data structure. So let's iterate over the global list of interfaces

vmd: split vmm.c into vm.c and vmm.c

Hi, the attached diff is somewhat but big without a functional change, it splits vmm.c into two files: - vmm.c: the vmm parent process that forks and maintains all the VMs - vm.c: each individual VM process and most of the real vmm(4) "magic" As discussed with mlarkin@ over beer. OK? Reyk

efiboot: disallow com(4) speed changes

Hi, there is no com(4) direct access support in EFI, so setting the speed will fail and crash the EFI Application. Happens when you run stty com0 115200. ok? Patrick diff --git a/sys/arch/amd64/stand/libsa/dev_i386.c b/sys/arch/amd64/stand/libsa/dev_i386.c index e40856cbf05..245ced84a8e

Re: vmd + httpd + meta-data

On Mon, Feb 27, 2017 at 10:37:04PM +0100, Kristaps Dzonsons wrote: > > I wrote this little tool for vmd that is not intended for the tree, > > but will eventually go into ports (it uses kcgi which is not in base). > > Have you thought of writing this in a secure language like Rust or > Swift?