Re: netcat: bump BUFSIZE to 64k?

On Sun, 18 Dec 2022 at 17:01, Theo Buehler wrote: > > This is the remaining bit of mpf's recent netcat diff. The commit log > shows that it was bumped to 64k in the past, but that was promptly > reverted due to concerns of buffer bloat caused by atomicio blocking > traffic in the other direction.

Re: ssh-keygen(1): by default generate ed25519 key (instead of rsa)

On Sun, 6 Nov 2022 at 18:31, Job Snijders wrote: > > Dear all, > > Support for using Ed25519 for server and user authentication was > introduced in 2014. I like the compactness of Ed25519 public keys. > > Perhaps now is a good time to make Ed25519 the default key type when > invoking

Re: Recommended EDNS buffer sizes for nsd and unbound

On Wed, Sep 18, 2019 at 5:56 PM Florian Obser wrote: > > On Tue, Sep 17, 2019 at 08:19:29PM +0400, logan wrote: > > Hi All, > > > > There was a presentation about fragmentation attacks against DNS: > > https://indico.dns-oarc.net/event/31/contributions/692/attachments/660/1115/fujiwara-5.pdf > >

Re: I have a program I wish to submit for the base

On Mon, Feb 1, 2016 at 6:18 AM, Luke Small wrote: > I fixed the uname(1) call and replaced it with uname(3) I read the style > man page. ran the program through indent. > > 2 seasoned OpenBSD developers have taken time to reply to you, and they do not like the general idea.

Re: I have a program I wish to submit for the base

On Fri, Jan 29, 2016 at 12:44 PM, Jérémie Courrèges-Anglas wrote: > Luke Small writes: > > > I wanted to use kqueue. Name another script or programming language that > > offers it from the base install. NONE! > > > Hi Luke, I understand your perspective.

[PATCH] pledging dhclient

Hi guys, I've been playing with pledge in base. Here's a small patch for dhclient. It's still a WiP. I can kill -HUP dhclient, and so far no issues. I would like it to pledge before however, so that write operations (write_*) that take their input from the network are further tightened down.

Re: bzero() -> explicit_bzero() in bgpd(8)

On Thu, Sep 10, 2015 at 6:36 PM, Michael McConville < mmcco...@sccs.swarthmore.edu> wrote: > These seem like they were definitely meant to be explicit zeroings. > > Hi, I'm not entirely sure about this. Since the variable (data) is used before return, it would not be optimized away by the

LibreSSL 2038 problem

Hi folks, I read that 64-bit time issues have been fixed in LibreSSL, and that it is 2038 ready. We need to create certificates on 64-bit systems using RFC3779 that are valid beyond year 2038. RFC3779 support was removed in LibreSSL, back in release 2.1.4. I was wondering if there would be

Re: [patch 1/3] ksh: add overflow checking for memory allocations

On Sat, May 23, 2015 at 12:28 PM, Theo Buehler t...@math.ethz.ch wrote: This set of three patches adds overflow checking to ksh in the spirit of the malloc(A*B) - reallocarray(NULL, A, B) conversions that were ongoing since last summer. I've been running these patches on my main laptop since

Re: seccomp system call

On Sun, May 3, 2015 at 8:18 PM, Nicolas Bedos nicolas.be...@gmail.com wrote: I am wondering if the seccomp system call [1] would be welcomed in the OpenBSD tree. I remember it was among the subjects of last year's Google Summer of Code. If there is still interest in having it implemented, I am

Re: fread optimization

On Wed, Jan 21, 2015 at 5:42 PM, enh e...@google.com wrote: On Wed, Jan 21, 2015 at 3:04 AM, Martin Pieuchot mpieuc...@nolizard.org wrote: Hello Elliott, On 20/01/15(Tue) 16:15, enh wrote: that patch wasn't setting the _flags right on error or eof. Thanks! Below is a version of your diff

Re: amd64 kernel W^X

On Jan 14, 2015 7:57 AM, Theo de Raadt dera...@cvs.openbsd.org wrote: Mike Larkin has been slow at informing the world, despite my prodding. Probably started working on something else cool... So.. I am going to take it upon myself to sing praise to him, and hopefully he'll let me off

Re: Shadow TCP stacks

On Sat, Oct 25, 2014 at 01:23:47PM -0400, Ian Grant wrote: And when you have more than words, please put it on a a web site and do nothing more than tell people once. Still a lot of words, but code too, and an outline of a test framework that others may be interested in using. I would be

Re: [PATCH, libressl] discuss: removal of padding extension?

On Wed, Jul 23, 2014 at 10:20:23AM +0200, Hanno B?ck wrote: Hi, Quick background: Some router firmwares from F5 have a bug that they fail if the SSL handshake is between 256 and 511 bytes. F5 should issue fixes for their firmware. Following up that openssl and other major ssl

libressl compilation issues (?)

Hey guys, I downloaded the latest snapshot, and attempted to build from sources. However, i'm getting those errors: /usr/src/lib/libssl/ssl/../../libssl/src/ssl/s23_clnt.c: In function 'ssl_fill_hello_random': /usr/src/lib/libssl/ssl/../../libssl/src/ssl/s23_clnt.c:300: error:

Re: Typo in macro name for ASN

On Fri, Jun 06, 2014 at 09:47:03AM +0200, Miod Vallat wrote: From Quanah Gibson-Mount: UNKOWN-UNKNOWN Index: crypto/asn1/asn1_err.c Please refrain from sending diffs you obviously didn't test. Miod Compiled and tested: Index: src/crypto/asn1/asn1.h

Typo in macro name for ASN

Hi All, From Quanah Gibson-Mount: UNKOWN-UNKNOWN Index: crypto/asn1/asn1_err.c === RCS file: /cvs/src/lib/libssl/src/crypto/asn1/asn1_err.c,v retrieving revision 1.16 diff -u -p -u -p -r1.16 asn1_err.c --- crypto/asn1/asn1_err.c

LibreSSL memory leak fix

Hi All, From OpenSSL RT: http://rt.openssl.org/Ticket/Display.html?id=3278user=guestpass=guest len can be 0 as well, and in which case, memory isn't freed. Patch from Frantisek Boranek: Index: lib/libssl/src/crypto/pkcs12/p12_kiss.c

LibreSSL memory leak fix

Hi All, From Martin Brejcha: Index: src/lib/libssl/src/crypto/bio/bss_dgram.c === RCS file: /cvs/src/lib/libssl/src/crypto/bio/bss_dgram.c,v retrieving revision 1.25 diff -u -p -u -p -r1.25 bss_dgram.c ---

spelling correction for libressl verify.pod

Hi All, From OpenSSL RT 3355: Index: doc/apps/verify.pod === RCS file: /cvs/src/lib/libssl/src/doc/apps/verify.pod,v retrieving revision 1.8 diff -u -p -u -p -r1.8 verify.pod --- doc/apps/verify.pod 4 May 2014 20:31:33 -

-noout description in sess_id.c

Hi All, From Martin Kaiser (OpenSSL RT #3364): -noout mentions a CRL, which is incorrect. Index: lib/libssl/src/apps/sess_id.c === RCS file: /cvs/src/lib/libssl/src/apps/sess_id.c,v retrieving revision 1.16 diff -u -p -u -p -r1.16

socket descriptor leak in s_socket.c

Hi All, From OpenSSL RT #3342: CID: 966576 96677 Index: lib/libssl/src/apps/s_socket.c === RCS file: /cvs/src/lib/libssl/src/apps/s_socket.c,v retrieving revision 1.38 diff -u -p -u -p -r1.38 s_socket.c ---

typo in ssl_err.c

Hi All, From Marcos Marado: heartbearts-heartbeats. Index: src/ssl/ssl_err.c === RCS file: /cvs/src/lib/libssl/src/ssl/ssl_err.c,v retrieving revision 1.19 diff -u -p -u -p -r1.19 ssl_err.c --- src/ssl/ssl_err.c 14 Apr 2014

sftp zap extra whitespace

Hi All, An extra whitespace can be removed here: Index: sftp.c === RCS file: /cvs/src/usr.bin/ssh/sftp.c,v retrieving revision 1.162 diff -u -p -u -p -r1.162 sftp.c --- sftp.c 29 Apr 2014 20:36:51 - 1.162 +++ sftp.c

ssh regression suite connect-privsep.sh issue

Hi All, The 'Z' flag was removed 10 days ago by Ted. connect-privsep.sh complains that there is an unknown malloc option. Diff below: Index: connect-privsep.sh === RCS file: /cvs/src/regress/usr.bin/ssh/connect-privsep.sh,v

Re: IPv6 by default

On Tue, Apr 29, 2014 at 2:05 AM, Simon Perreault si...@per.reau.lt wrote: Tech, Now that my AI_ADDRCONFIG diff is in, it's time to reveal my evil master plan: make getaddrinfo() return IPv6 results first by default. The diff below would be the end goal. I guess people will have valid

Re: IPv6 DoS sysctl man page additions

, Loganaden Velvindron wrote: Hi All, I'm taking a short break from playing with pf statistics. There were 4 sysctls added from KAME, but the man pages weren't updated accordingly. (Adapted from the NetBSD man page changes) Feedback welcomed. Index: lib/libc/gen/sysctl.3

sftp enum alphabetical sort fix

Hi All, Trivial fix for sftp. Index: sftp.c === RCS file: /cvs/src/usr.bin/ssh/sftp.c,v retrieving revision 1.159 diff -u -p -u -p -r1.159 sftp.c --- sftp.c 21 Apr 2014 14:36:16 - 1.159 +++ sftp.c 21 Apr 2014

Re: [Patch] security: check ed25519 private key

On Mon, Apr 21, 2014 at 04:20:03PM +0200, Fritjof Bornebusch wrote: Hi tech@, here is a small diff, that checks if the ~/.ssh/id_ed25519 private key has the right permissions. That's seems good to me. Fritjof Index: security

sftp upload resume support man page diff

Hi All, As sftp resume upload has been implemented, here's a man page diff to describe the feature. Feedback welcomed. Index: sftp.1 === RCS file: /cvs/src/usr.bin/ssh/sftp.1,v retrieving revision 1.97 diff -u -p -u -p -r1.97

Re: sftp upload resume diff

Simplify the diff: use -a for both upload and download resume support. This makes it more consistent. Index: sftp-client.h === RCS file: /cvs/src/usr.bin/ssh/sftp-client.h,v retrieving revision 1.24 diff -u -p -u -p -r1.24

IPv6 DoS sysctl man page additions

Hi All, I'm taking a short break from playing with pf statistics. There were 4 sysctls added from KAME, but the man pages weren't updated accordingly. (Adapted from the NetBSD man page changes) Feedback welcomed. Index: lib/libc/gen/sysctl.3

Re: IPv6 DoS sysctl man page additions

On Sat, Apr 19, 2014 at 04:04:30AM -0700, Loganaden Velvindron wrote: Hi All, I'm taking a short break from playing with pf statistics. There were 4 sysctls added from KAME, but the man pages weren't updated accordingly. (Adapted from the NetBSD man page changes) Feedback welcomed

IPv6 mtudisctimeout sysctl man page fix

Hi All, The code was added for MTU discovery timeout in IPv6, but the man page misses the description. Feedback welcomed. Index: sbin/sysctl/sysctl.8 === RCS file: /cvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.174 diff -u

Re: IPv6 mtudisctimeout sysctl man page fix

On Sat, Apr 19, 2014 at 07:51:34AM -0700, Loganaden Velvindron wrote: Hi All, The code was added for MTU discovery timeout in IPv6, but the man page misses the description. Feedback welcomed. s/icmp6/ip6 from henning@ and sthen@, and change from Return the number of seconds to Number

Re: IPv6 mtudisctimeout sysctl man page fix

On Sat, Apr 19, 2014 at 08:19:23AM -0700, Loganaden Velvindron wrote: On Sat, Apr 19, 2014 at 07:51:34AM -0700, Loganaden Velvindron wrote: Hi All, The code was added for MTU discovery timeout in IPv6, but the man page misses the description. Feedback welcomed. s/icmp6/ip6

sftp upload resume diff

Hi All, First version of the diff: It works fine for resuming uploads. I'm going to upload a 2nd revision soon. Index: sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p

Re: sftp upload resume diff

Hi, Fixed the style issue for an error() line that Mike Larkin pointed out to me. Index: usr.bin/ssh/sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p -r1.114 sftp-client.c

Re: sftp upload resume diff

Rework the wording for uploading resume as suggested by Mike Larkin. (More tweaks coming up soon) Index: sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p -r1.114

Re: sftp upload resume diff

Use = instead of == || for file size comparison as pointed out by Okan Demirmen. Index: sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p -r1.114 sftp-client.c ---

Re: OpenBSD Foundation 2014 Fundraising Campaign.

On Thu, Apr 10, 2014 at 8:23 PM, Bob Beck b...@openbsdfoundation.org wrote: The OpenBSD Foundation is happy to report that the $150,000 goal of the 2014 fundraising campaign has been reached. We wish to thank our contributors large and small. We will continue our fundraising efforts both in

Re: Do you use IPv6?

I'll give it a try when I get home :) On Mon, Mar 31, 2014 at 6:30 PM, Martin Pieuchot mpieuc...@nolizard.org wrote: On 27/03/14(Thu) 15:14, Martin Pieuchot wrote: If you do, please test the diff below and make sure it does not change anything in your routing table! This diff is a first

Re: HEADS UP: librt revert

On Sun, Mar 23, 2014 at 10:34 PM, Marc Espie es...@nerim.net wrote: kili@ just committed a revert of the librt addition in src and corresponding patches in ports. If you've built a tree with librt, you want to # rm -f /usr/lib/librt.a This lib was added to facilitate porting software, as

Re: HEADS UP: librt revert

On Sun, Mar 23, 2014 at 10:46 PM, Loganaden Velvindron logana...@gmail.com wrote: On Sun, Mar 23, 2014 at 10:34 PM, Marc Espie es...@nerim.net wrote: kili@ just committed a revert of the librt addition in src and corresponding patches in ports. If you've built a tree with librt, you want

Re: GSoC proposal: Porting Capsicum to OpenBSD

On Thu, Mar 13, 2014 at 10:08 AM, Jean-Philippe Ouellet jean-phili...@ouellet.biz wrote: On 3/12/14 11:15 PM, Loganaden Velvindron wrote: I've read about the file vulnerability, and capsicumization also came to mind. However, there was also a discussion when i was playing with capsicum

Re: GSoC proposal: Porting Capsicum to OpenBSD

On Thu, Mar 13, 2014 at 10:57 AM, Jean-Philippe Ouellet jean-phili...@ouellet.biz wrote: On 3/13/14 2:39 AM, Loganaden Velvindron wrote: I'm not a mentor, but I'd be happy to help you in any way I can. You can send mails to tech@ for testing your diffs. Any chance you'd like to review my

Re: GSoC proposal: Porting Capsicum to OpenBSD

On Thu, Mar 13, 2014 at 11:44 AM, dpl tucha...@gmail.com wrote: Wow, I like to see this activity. I'm the one that started this thread. Jean-Phillipe: The main problem we'll have if both of us work on this is that it won't not be possible to work on userland if the kernel doesn't yet provide

Re: GSoC proposal: Porting Capsicum to OpenBSD

On Wed, Mar 12, 2014 at 12:58 PM, tuchalia tucha...@gmail.com wrote: Hi all, I'm really interested in this possibility of porting the Capsicum framework That's awesome ! to OpenBSD. Should l try to port also the Casper daemon to OpenBSD, or only work in the kernel implementation? Capsicum

Re: GSoC proposal: Porting Capsicum to OpenBSD

On Wed, Mar 12, 2014 at 10:49 PM, Jean-Philippe Ouellet jean-phili...@ouellet.biz wrote: On 3/12/14 4:58 AM, tuchalia wrote: Hi all, I'm really interested in this possibility of porting the Capsicum framework to OpenBSD. Should l try to port also the Casper daemon to OpenBSD, or only work

Re: GSoC proposal: Porting Capsicum to OpenBSD

On Thu, Mar 13, 2014 at 1:01 AM, Jean-Philippe Ouellet jean-phili...@ouellet.biz wrote: On 3/12/14 4:58 AM, tuchalia wrote: Should l try to port also the Casper daemon to OpenBSD, or only work in the kernel implementation? Based on more private mail, I figured it'd be a good idea to make

ip6_mroute.c: minor stats fix

Hi All, From FreeBSD, Only count table lookups when we're actually processing packets. Index: sys/netinet6/ip6_mroute.c === RCS file: /cvs/src/sys/netinet6/ip6_mroute.c,v retrieving revision 1.67 diff -u -p -u -p -r1.67

Re: sysctl.8: add missing mtudisctimeout for ipv6

On Mon, Mar 3, 2014 at 5:41 PM, Jason McIntyre j...@kerhand.co.uk wrote: On Sun, Mar 02, 2014 at 10:51:22AM -0800, Loganaden Velvindron wrote: Hi, While going through some of the commit logs, I noticed that sysctl didn't list ip6.mtudisctimeout. Patch attached: Index: sbin/sysctl/sysctl.8

Re: sysctl.8: add missing mtudisctimeout for ipv6

On Mon, Mar 3, 2014 at 5:41 PM, Jason McIntyre j...@kerhand.co.uk wrote: On Sun, Mar 02, 2014 at 10:51:22AM -0800, Loganaden Velvindron wrote: Hi, While going through some of the commit logs, I noticed that sysctl didn't list ip6.mtudisctimeout. Patch attached: Index: sbin/sysctl/sysctl.8

Re: USB install image for OpenBSD 5.5 - TESTING REQUIRED

On Mon, Mar 3, 2014 at 7:16 PM, Chris Cappuccio ch...@nmedia.net wrote: Loganaden Velvindron [logana...@gmail.com] wrote: That's OpenBSD -current right ? I'm going to test it in the afternoon, as the CDROM drive has issues on my OpenBSD development machine. Yes. The correct .fs images

sysctl.8: add missing mtudisctimeout for ipv6

Hi, While going through some of the commit logs, I noticed that sysctl didn't list ip6.mtudisctimeout. Patch attached: Index: sbin/sysctl/sysctl.8 === RCS file: /cvs/src/sbin/sysctl/sysctl.8,v retrieving revision 1.173 diff -u -p

Re: USB install image for OpenBSD 5.5 - TESTING REQUIRED

On Sat, Mar 1, 2014 at 7:59 AM, Chris Cappuccio ch...@nmedia.net wrote: Chris Cappuccio [ch...@nmedia.net] wrote: The installation entails: dd if=miniroot55.fs of=/dev/rsd2c Actually, for the install55.fs image, you want to specify a block size, (or wait ages.) dd if=install55.fs

Re: GSoC proposal: Quirinus C library (qc)

On Tue, Feb 25, 2014 at 3:39 PM, Dmitry Selyutin ghostman...@gmail.com wrote: Hello everyone! My name is Dmitry, I'm 22 years old student from Lomonosov Moscow State University of Russia. This message is addressed mainly to C connoiseurs, yet I think other people may find it interesting. It's

Trivial patch for ipv6

Hi All, based on a similar change from FreeBSD: Change the return error from EACCES to EPERM as it is not a file. Index: src/sys/netinet6/ip6_mroute.c === RCS file: /cvs/src/sys/netinet6/ip6_mroute.c,v retrieving revision 1.67 diff

Re: signed packages

On Fri, Jan 17, 2014 at 3:26 PM, Marc Espie es...@nerim.net wrote: It's probably time to talk about it. Yes, we are now distributing signed packages. A lot of people have probably noticed because there was a key mismatch on at least one batch of signed packages. Obviously, we haven't

Re: Request for Funding our Electricity

On Wed, Jan 15, 2014 at 12:40 AM, Donald Allen donaldcal...@gmail.com wrote: On Tue, Jan 14, 2014 at 3:03 PM, Bob Beck b...@openbsdfoundation.org wrote: Just to bring this issue back to the forefront. In light of shrinking funding, we do need to look for a source to cover project expenses.

whois close fd patch

Hi All, From NetBSD: Coverity CID 1736 Close fd sfo sfi before returning from whois(). whois() is called from within a loop before exiting. for (name = *argv; (name = *argv) != NULL; argv++) rval += whois(name, host ? host : choose_server(name, country),

fgen free alias in error path

Hi All, From NetBSD: Coverity CID 1748: Free alias on error. alias-name = strdup(token-text); if (alias-name == NULL) (void)err(1, out of memory); token = yylex();

irc.mindcry.org down

Hi All, I can no longer find irc.mindcry.org on the internet. Is that permanent or temporary ? //logan c-x-c-c

Re: column memory leak fix

On Mon, Dec 30, 2013 at 12:45:47PM +0100, Mike Belopuhov wrote: On Sun, Dec 29, 2013 at 22:45 -0800, Loganaden Velvindron wrote: Hi All, From NetBSD: Plug memory leak. Coverity CID 1596 memory leak? can you please elaborate where else this memory is leaking if not back

Re: column memory leak fix

On Mon, Dec 30, 2013 at 08:42:00AM -0500, Ted Unangst wrote: On Mon, Dec 30, 2013 at 13:53, Mike Belopuhov wrote: On Mon, Dec 30, 2013 at 03:59 -0800, Loganaden Velvindron wrote: On Mon, Dec 30, 2013 at 12:45:47PM +0100, Mike Belopuhov wrote: On Sun, Dec 29, 2013 at 22:45 -0800, Loganaden

user(8) free() before returning in groupmod()

From NetBSD: Coverity annotation -- although memsave free()s its first argument, it will allocate memory and assign it to its first argument, so it is neutral Coverity CID 3228: memory leak -- failed to free() newname in groupmod() Index: src/usr.sbin/user/user.c

Re: column memory leak fix

On Mon, Dec 30, 2013 at 10:32 PM, patrick keshishian sids...@boxsoft.com wrote: On Mon, Dec 30, 2013 at 04:58:50PM +0100, Mike Belopuhov wrote: On 30 December 2013 16:35, Loganaden Velvindron lo...@elandsys.com wrote: On Mon, Dec 30, 2013 at 08:42:00AM -0500, Ted Unangst wrote: On Mon, Dec

restore(8) fd leak fix

Hi All, From NetBSD: Fix fd leak. Found by cppcheck Index: src/sbin/restore/symtab.c === RCS file: /cvs/src/sbin/restore/symtab.c,v retrieving revision 1.20 diff -u -p -r1.20 symtab.c --- src/sbin/restore/symtab.c 24 Apr 2013

ldconfig fd leak fix

Hi All, From NetBSD: Fix file descriptor leak. Found by cppcheck. Index: src/libexec/ld.so/ldconfig/ldconfig.c === RCS file: /cvs/src/libexec/ld.so/ldconfig/ldconfig.c,v retrieving revision 1.31 diff -u -p -r1.31 ldconfig.c ---

lpr fd leak fix

Hi All, From NetBSD: Fix fd leak in error cases. Found by cppcheck. Index: cmds.c === RCS file: /cvs/src/usr.sbin/lpr/lpc/cmds.c,v Index: cmds.c === RCS file:

Re: lpr fd leak fix

Diff got garbled. Re-sending it: Index: cmds.c === RCS file: /cvs/src/usr.sbin/lpr/lpc/cmds.c,v retrieving revision 1.25 diff -u -p -r1.25 cmds.c --- cmds.c 24 Nov 2013 21:32:32 - 1.25 +++ cmds.c 29 Dec 2013

Re: ldconfig fd leak fix

On Sun, Dec 29, 2013 at 09:51:28AM -0800, patrick keshishian wrote: Hi, Accidentally deleted this message from my inbox. This is a reconstruction from mailing list archive. Suggestion/comment below. Earlier today: Hi All, From NetBSD: Fix file descriptor leak. Found by

user(8) fd fix

Hi All, From NetBSD: Close masterfd after reading from it. Found by cppcheck. Index: src/usr.sbin/user/user.c === RCS file: /cvs/src/usr.sbin/user/user.c,v retrieving revision 1.98 diff -u -p -r1.98 user.c ---

pwd_mkdb fd leak fix

Hi All, From NetBSD: fd leak fix, found by cppcheck. Index: src/usr.sbin/pwd_mkdb/pwd_mkdb.c === RCS file: /cvs/src/usr.sbin/pwd_mkdb/pwd_mkdb.c,v retrieving revision 1.43 diff -u -p -r1.43 pwd_mkdb.c ---

Re: user(8) fd fix

On Sun, Dec 29, 2013 at 03:19:08PM -0500, Ted Unangst wrote: On Sun, Dec 29, 2013 at 11:59, Loganaden Velvindron wrote: Hi All, From NetBSD: Close masterfd after reading from it. Found by cppcheck. This is wrong. Proper code using fdopen() with error checking should close(2

column memory leak fix

Hi All, From NetBSD: Plug memory leak. Coverity CID 1596 Index: src/usr.bin/column/column.c === RCS file: /cvs/src/usr.bin/column/column.c,v retrieving revision 1.16 diff -u -p -r1.16 column.c --- src/usr.bin/column/column.c 26 Nov

cmp fd leak fix

Hi All, From NetBSD: Plug fd leak. Coverity CID 1624. Index: src/usr.bin/cmp/special.c === RCS file: /cvs/src/usr.bin/cmp/special.c,v retrieving revision 1.7 diff -u -p -r1.7 special.c --- src/usr.bin/cmp/special.c 19 Jan 2011

mke2fs.c memory leak

From NetBSD: free(bbp) in error paths. Coverity CID 274748. Index: src/sbin/newfs_ext2fs/mke2fs.c === RCS file: /cvs/src/sbin/newfs_ext2fs/mke2fs.c,v retrieving revision 1.5 diff -u -p -r1.5 mke2fs.c ---

rnd.c small space diff

Hi, While peeking into rnd.c, I can across a tiny style issue. Index: src/sys/dev/rnd.c === RCS file: /cvs/src/sys/dev/rnd.c,v retrieving revision 1.148 diff -u -p -r1.148 rnd.c --- src/sys/dev/rnd.c 11 Dec 2013 19:34:11 -

Re: txp(4) 3Com 3XP Typhoon/Sidewinder diff needs testing

On Mon, Dec 2, 2013 at 4:36 PM, Mike Belopuhov m...@belopuhov.com wrote: On 2 December 2013 03:07, Brad Smith b...@comstyle.com wrote: Here is a diff for the txp(4) 3Com 3XP Typhoon/Sidewinder driver to clean up and update the receive filter / ioctl handling code to be in line with the other

Re: IPv6 routing header type 0

On Thu, Nov 14, 2013 at 4:27 AM, Alexander Bluhm alexander.bl...@gmx.net wrote: On Fri, Oct 18, 2013 at 08:45:02PM +0200, Alexander Bluhm wrote: Our IPv6 stack scans all extension headers for routing header type 0 and drops the packet if it finds one. RFC 5095 demands to handle a routing

Re: IPv6 routing header type 0

On Thu, Nov 14, 2013 at 10:04 PM, Mike Belopuhov m...@belopuhov.com wrote: On 14 November 2013 18:52, Henning Brauer lists-openbsdt...@bsws.de wrote: * Theo de Raadt dera...@cvs.openbsd.org [2013-11-14 18:47]: it is the status quo *right now* Look, you can't call something the status quo

ip6_mroute.c m_free() - m_freem()

Hi, I came across this small diff in netbsd. It fixes a small case of mbuf leak possibility. Index: sys/netinet6/ip6_mroute.c === RCS file: /cvs/src/sys/netinet6/ip6_mroute.c,v retrieving revision 1.62 diff -u -p -r1.62 ip6_mroute.c

[lists-openbsdt...@bsws.de: Re: ip6_mroute.c m_free() - m_freem()]

- Forwarded message from Henning Brauer lists-openbsdt...@bsws.de - Date: Fri, 4 Oct 2013 13:34:26 +0200 From: Henning Brauer lists-openbsdt...@bsws.de To: Loganaden Velvindron lo...@elandsys.com Subject: Re: ip6_mroute.c m_free() - m_freem() User-Agent: Mutt/1.5.21 (2010-09-15) ok

Re: Multicast macros and global list of addresses

On Tue, Oct 1, 2013 at 3:33 PM, Martin Pieuchot mpieuc...@nolizard.org wrote: On 19/09/13(Thu) 13:59, Martin Pieuchot wrote: Diff below change the macros used to iterate over the multicast records linked to an interface without using the global lists of addresses. These records are currently

Re: openbsd ioctl fix (in6.c)

On Mon, Sep 30, 2013 at 10:51:47PM +0200, Alexander Bluhm wrote: On Wed, Sep 18, 2013 at 12:01:10AM -0700, Loganaden Velvindron wrote: Index: in6.c === RCS file: /cvs/src/sys/netinet6/in6.c,v retrieving revision 1.118 diff

Re: openbsd ioctl fix (in6.c)

ping ? On Wed, Sep 18, 2013 at 11:01 AM, Loganaden Velvindron lo...@elandsys.com wrote: On Tue, Aug 27, 2013 at 10:37:30AM +0200, Martin Pieuchot wrote: On 22/08/13(Thu) 23:31, Claudio Jeker wrote: On Wed, Aug 21, 2013 at 09:59:56AM -0700, Loganaden Velvindron wrote: I'm not sure

Re: openbsd ioctl fix (in6.c)

On Tue, Aug 27, 2013 at 10:37:30AM +0200, Martin Pieuchot wrote: On 22/08/13(Thu) 23:31, Claudio Jeker wrote: On Wed, Aug 21, 2013 at 09:59:56AM -0700, Loganaden Velvindron wrote: I'm not sure if applies to OpenBSD as well, but NetBSD also disallowed SIOCSIFDSTADDR for ioctl

Re: openbsd ioctl fix (in6.c)

On Tue, Aug 27, 2013 at 10:37:30AM +0200, Martin Pieuchot wrote: On 22/08/13(Thu) 23:31, Claudio Jeker wrote: On Wed, Aug 21, 2013 at 09:59:56AM -0700, Loganaden Velvindron wrote: I'm not sure if applies to OpenBSD as well, but NetBSD also disallowed SIOCSIFDSTADDR for ioctl

udp6 fix for possible memory corruption

Hi, From NetBSD: http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/udp6_output.c?rev=1.41content-type=text/x-cvsweb-markuponly_with_tag=MAIN Under some circumstances, udp6_output() would call ip6_clearpktopts() with an uninitialized struct ip6_pktopts on the stack, opt. ip6_clearpktopts(opt,

ipv6 atomic draft - rfc6946 diff

Hi, The draft is now an RFC. Perhaps the code should reflect those changes as well ? Index: sys/netinet6/frag6.c === RCS file: /cvs/src/sys/netinet6/frag6.c,v retrieving revision 1.47 diff -u -p -r1.47 frag6.c ---

Re: ipv6 atomic draft - rfc6946 diff

be reassembled from the contents of that sole fragment. bit-flag, and some clarifications added. On 2013 Aug 21 (Wed) at 23:40:12 -0700 (-0700), Loganaden Velvindron wrote: :Hi, : :The draft is now an RFC. :Perhaps the code should reflect those changes as well ? : : :Index: sys

openbsd ioctl fix (in6.c)

I'm not sure if applies to OpenBSD as well, but NetBSD also disallowed SIOCSIFDSTADDR for ioctl. http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/in6.c?annotate=1.166only_with_tag=MAIN 1.2 itojun374:switch (cmd) { 1.104 christos 375:/* 1.105 christos 376:

Re: OpenBSD in6 ioctl fix

On Wed, Aug 21, 2013 at 8:05 PM, Loganaden Velvindron lo...@elandsys.com wrote: It appears that SIOCSIFDSTADDR should not be allowed upon an AF_INET6 socket as well. From netbsd: http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/in6.c?annotate=1.166only_with_tag=MAIN 1.2 itojun

OpenBSD in6 ioctl fix

It appears that SIOCSIFDSTADDR should not be allowed upon an AF_INET6 socket as well. From netbsd: http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/netinet6/in6.c?annotate=1.166only_with_tag=MAIN 1.2 itojun374:switch (cmd) { 1.104 christos 375:/* 1.105 christos

Re: goodbye to some isa devices

On Tue, Mar 26, 2013 at 5:09 PM, Ted Unangst t...@tedunangst.com wrote: On Tue, Mar 26, 2013 at 11:13, Mark Kettenis wrote: Date: Tue, 26 Mar 2013 05:20:27 -0400 From: Ted Unangst t...@tedunangst.com These isa devs are already disabled and not particularly popular among our users. affected:

Re: mg: don't spin when stdin is lost

On Mon, Jan 14, 2013 at 9:16 PM, Florian Obser flor...@openbsd.org wrote: this can be tested like this: EDITOR=mg cvs commit kill cvs - mg spins with 100% cpu in ttgetc Might be related to what I saw a few times. When I detached screen or tmux, and go back, cpu would shoot to 100%. While

Re: Goodbye to you my file descriptor

Thanks for fixing my mistake :-) On Sat, Nov 3, 2012 at 6:57 PM, Christiano F. Haesbaert haesba...@haesbaert.org wrote: On Tue, Oct 30, 2012 at 04:44:36PM +0100, rustyBSD wrote: Le 30/10/2012 15:32, Christiano F. Haesbaert a ?crit : That should be an access(2) call. Yes.Something like this

Re: Bringing some sanity to IPv6 traffic (IETF Internet-Drafts)

Concerning the oversized-header-chain draft. I'm still trying to wrap my head around ipv6 :-) I was looking at the code and I thought of something like: /* * If it's the 1st fragment, record the length of the * unfragmentable part and the next header of the fragment

Another nsd vulnerability fix

It can be triggered if nsd was compiled with --enable-zone-stats. http://www.nlnetlabs.nl/downloads/CVE-2012-2979.txt OpenBSD patch: Index: query.c === RCS file: /cvs/src/usr.sbin/nsd/query.c,v retrieving revision 1.6 diff -u -p

  1   2   3   >