date:20120427

sh regs.h conflict persists

2012-04-27 Thread Paul Irofti

This should fix it, but my kernel is still compiling.

Index: signal.h
===
RCS file: /cvs/src/sys/arch/sh/include/signal.h,v
retrieving revision 1.4
diff -u -p -r1.4 signal.h
--- signal.h13 Apr 2012 18:09:01 -  1.4
+++ signal.h27 Apr 2012 10:25:04 -
@@ -40,7 +40,6 @@
 typedef int sig_atomic_t;
 
 #if __BSD_VISIBLE || __XPG_VISIBLE = 420
-#include sh/reg.h
 
 /*
  * Information pushed on stack when a signal is delivered.

Re: pfctl: fix printing of 'foo/*' anchors

2012-04-27 Thread Stuart Henderson

On 2012/04/27 00:51, Lawrence Teo wrote:
 The diff below fixes pfctl so that it will show the 'authpf/*' anchor
 as intended:

This is extremely useful for relayd/ftp-proxy too.

 Note that since this diff changes the behavior of
 pfctl -a 'foo/*' -sr, it will also change the pfload* regression
 tests since those tests execute this command:
 pfctl -o none -a 'regress/*' -gvvsr
 
 If this diff is correct, I would appreciate some guidance from the
 developers on how to address the pfload* regression tests.

First problem: -a 'regress/*' used to print anchor regress,
and now it _only_ prints sub-anchors. Following diff changes it
to print the named anchor itself as well as sub-anchors, which
is how I would expect recursive printing to work.

Index: pfctl.c
===
RCS file: /cvs/src/sbin/pfctl/pfctl.c,v
retrieving revision 1.310
diff -u -p -r1.310 pfctl.c
--- pfctl.c 18 Apr 2012 14:42:17 -  1.310
+++ pfctl.c 27 Apr 2012 10:57:12 -
@@ -1937,6 +1937,7 @@ main(int argc, char *argv[])
int  optimize = PF_OPTIMIZE_BASIC;
int  level;
char anchorname[MAXPATHLEN];
+   int  anchor_wildcard = 0;
char*path;
char*lfile = NULL, *sfile = NULL;
const char *errstr;
@@ -2097,9 +2098,10 @@ main(int argc, char *argv[])
int len = strlen(anchoropt);
 
if (anchoropt[len - 1] == '*') {
-   if (len = 2  anchoropt[len - 2] == '/')
+   if (len = 2  anchoropt[len - 2] == '/') {
anchoropt[len - 2] = '\0';
-   else
+   anchor_wildcard = 1;
+   } else
anchoropt[len - 1] = '\0';
opts |= PF_OPT_RECURSE;
}
@@ -2137,6 +2139,10 @@ main(int argc, char *argv[])
pfctl_load_fingerprints(dev, opts);
pfctl_show_rules(dev, path, opts, PFCTL_SHOW_RULES,
anchorname, 0, 0, shownr);
+   if (anchor_wildcard)
+   pfctl_show_rules(dev, path, opts,
+   PFCTL_SHOW_RULES, anchorname, 0,
+   anchor_wildcard, shownr);
break;
case 'l':
pfctl_load_fingerprints(dev, opts);

If '-s l' and maybe also '-s a' get the same treatment then I think
I'll be OK with this going in.

Next problem, and this is not directly relating to the above diff
to fix printing, but it is highlighted by it: the anchors added by
pfload regression tests are never emptied. Running 'make pfload-update'
results in the same crap being added to lots of the files it produces.
So it seems the -Fr / -Fa flush commands also need teaching how to work
recursively and the regress Makefile changing to use this.

If I bypass this problem by temporarily adjusting pfload${n}-update
to use individual anchor names per rule (rather than '-a regress'
I used '-a foo$n') I see that with the above diff an additional
summary is printed each time, each rule-printing gets these additional
lines:

   [ Skip steps: i=end d=end r=end f=end p=end sa=end da=end sp=end dp=end ]
   [ queue: qname= qid=0 pqname= pqid=0 ]
   [ Evaluations: 0 Packets: 0 Bytes: 0   States: 0 
]
+  [ Skip steps: i=0 d=0 r=0 f=0 p=0 sa=0 da=0 sp=0 dp=0 ]
+  [ queue: qname= qid=0 pqname= pqid=0 ]
+  [ Evaluations: 0 Packets: 0 Bytes: 0   States: 0 
]

This is slightly ugly but I don't think it's a major problem.

also spotted, though I don't know if it's a problem, I don't see
a way to remove an anchor once created. But then again, I don't see
why you don't end up with hundreds of old ftp-proxy anchors showing
up...so not sure what's going on here.

Re: [resend] ipv6 support for tftp

2012-04-27 Thread Brad Smith


On 19/04/12 2:54 PM, Gleydson Soares wrote:

On Tue, Mar 06, 2012 at 09:32:47AM +, Stuart Henderson wrote:

On 2011/01/22 19:40, Gleydson Soares wrote:

can anyone test this diff? your feedback will be most welcome
On Wed, Sep 08, 2010 at 11:51:11AM -0300, Gleydson Soares wrote:

hi,

- ipv6 support for tftp client.

based on an old itojun's diff.


weerd@ pointed out this old diff - here's a slightly updated version;
only minor tweaks from gsoares@ version: whitespace nits in some lines
touched in the diff, and I rewrote the manpage diff.

works for me against usr/sbin/tftpd; any comments?


Tested against OpenBSD's tftpd and dnsmasq. Working fine for me.

--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Re: [resend] ipv6 support for tftp

2012-04-27 Thread Gleydson Soares

On Fri, Apr 27, 2012 at 12:34:19PM -0400, Brad Smith wrote:
 Tested against OpenBSD's tftpd and dnsmasq. Working fine for me.

here is an updated version of the diff.

- setpeer0() and setpeer() were renamed accordingly for clarity and 
consistency. (requested by henning@)
- fix memleak(call freeaddrinfo() to release *res0)
- checks against valid server port number
- man page tweaked based on points by sthen@ and jmc@

this diff has been OK by sthen@ jmc@ henning@
i will commit it tomorrow if no objections till there.
? 1
? tftp_ipv6_3.diff
Index: main.c
===
RCS file: /cvs/src/usr.bin/tftp/main.c,v
retrieving revision 1.30
diff -u -p -r1.30 main.c
--- main.c  27 Oct 2009 23:59:44 -  1.30
+++ main.c  24 Apr 2012 15:39:19 -
@@ -68,7 +68,8 @@ void   put(int, char **);
 voidquit(int, char **);
 voidsetascii(int, char **);
 voidsetbinary(int, char **);
-voidsetpeer(int, char **);
+voidsetpeer(char *, char *);
+voidparsearg(int, char **);
 voidsetrexmt(int, char **);
 voidsettimeout(int, char **);
 voidsettrace(int, char **);
@@ -86,9 +87,8 @@ static __dead void command(void);
 struct cmd *getcmd(char *);
 char   *tail(char *);
 
-struct sockaddr_in  peeraddr;
+struct sockaddr_storage peeraddr;
 int f;
-short   port;
 int trace;
 int verbose;
 int connected;
@@ -98,7 +98,6 @@ intmargc;
 char   *margv[MAXARGV+1];
 char   *prompt = tftp;
 voidintr(int);
-struct servent *sp;
 int rexmtval = TIMEOUT;
 int maxtimeout = 5 * TIMEOUT;
 charhostname[MAXHOSTNAMELEN];
@@ -134,7 +133,7 @@ struct cmd {
 };
 
 struct cmd cmdtab[] = {
-   { connect,chelp,  setpeer },
+   { connect,chelp,  parsearg },
{ mode,   mhelp,  modecmd },
{ put,shelp,  put },
{ get,rhelp,  get },
@@ -170,26 +169,14 @@ structmodes {
 int
 main(int argc, char *argv[])
 {
-   struct sockaddr_in  s_in;
-
-   /* socket, bind */
-   sp = getservbyname(tftp, udp);
-   if (sp == 0)
-   errx(1, udp/tftp: unknown service);
-   f = socket(AF_INET, SOCK_DGRAM, 0);
-   if (f  0)
-   err(3, socket);
-   bzero((char *)s_in, sizeof(s_in));
-   s_in.sin_family = AF_INET;
-   if (bind(f, (struct sockaddr *)s_in, sizeof(s_in))  0)
-   err(1, bind);
+   f = -1;
 
/* set default transfer mode */
strlcpy(mode, netascii, sizeof(mode));
 
/* set peer if given */
if (argc  1)
-   setpeer(argc, argv);
+   parsearg(argc, argv);
 
/* catch SIGINT */
signal(SIGINT, intr);
@@ -205,11 +192,73 @@ main(int argc, char *argv[])
 }
 
 void
-setpeer(int argc, char *argv[])
+setpeer(char *host, char *port)
 {
-   struct hostent  *host;
-   const char  *errstr;
+   struct addrinfo hints, *res0, *res;
+   int error;
+   struct sockaddr_storage ss;
+   char *cause = unknown;
+
+   if (connected) {
+   close(f);
+   f = -1;
+   }
+   connected = 0;
+
+   memset(hints, 0, sizeof(hints));
+   hints.ai_family = PF_UNSPEC;
+   hints.ai_socktype = SOCK_DGRAM;
+   hints.ai_protocol = IPPROTO_UDP;
+   hints.ai_flags = AI_CANONNAME;
+   if (!port)
+   port = tftp;
+   error = getaddrinfo(host, port, hints, res0);
+   if (error) {
+   warnx(%s, gai_strerror(error));
+   return;
+   }
+
+   for (res = res0; res; res = res-ai_next) {
+   if (res-ai_addrlen  sizeof(peeraddr))
+   continue;
+   f = socket(res-ai_family, res-ai_socktype, res-ai_protocol);
+   if (f  0) {
+   cause = socket;
+   continue;
+   }
 
+   memset(ss, 0, sizeof(ss));
+   ss.ss_family = res-ai_family;
+   ss.ss_len = res-ai_addrlen;
+   if (bind(f, (struct sockaddr *)ss, ss.ss_len)  0) {
+   cause = bind;
+   close(f);
+   f = -1;
+   continue;
+   }
+
+   break;
+   }
+
+   if (f  0)
+   warn(%s, cause);
+   else {
+   /* res-ai_addr = sizeof(peeraddr) is guaranteed */
+   memcpy(peeraddr, res-ai_addr, res-ai_addrlen);
+   if (res-ai_canonname) {
+   (void) strncpy(hostname, res-ai_canonname,
+

Invito Omaggio ExpoSanita' 2012

2012-04-27 Thread Sanitaliaweb.it

Gentile Operatore,
auspicando di farle cosa gradita, in allegato alla presente, le inviamo un 
piccolo omaggio per una Sua eventuale presenza a EXPOSANITA.
Non dimentichi di venirci a trovare allo Stand n. 9.

Scarichi e stampi l'invito, al seguente indirizzo 
www.sanitaliaweb.it/invito_expo.pdf

Nel ringraziarla per lattenzione porgiamo i nostri cordiali saluti.

La redazione di www.sanitaliaweb.it

Re: pfctl: fix printing of 'foo/*' anchors

2012-04-27 Thread Lawrence Teo

On Fri, Apr 27, 2012 at 12:45:01PM +0100, Stuart Henderson wrote:
 On 2012/04/27 00:51, Lawrence Teo wrote:
  The diff below fixes pfctl so that it will show the 'authpf/*' anchor
  as intended:
 
 This is extremely useful for relayd/ftp-proxy too.

I agree.  I bumped into this bug while writing a custom proxy that uses
'foo/*' anchors, so I think the fix will also help future proxies that
use these anchors.

  Note that since this diff changes the behavior of
  pfctl -a 'foo/*' -sr, it will also change the pfload* regression
  tests since those tests execute this command:
  pfctl -o none -a 'regress/*' -gvvsr
  
  If this diff is correct, I would appreciate some guidance from the
  developers on how to address the pfload* regression tests.
 
 First problem: -a 'regress/*' used to print anchor regress,
 and now it _only_ prints sub-anchors. Following diff changes it
 to print the named anchor itself as well as sub-anchors, which
 is how I would expect recursive printing to work.

Thank you for catching this!  I agree that the behavior shown by your
revised diff is much closer to what users expect.

 If '-s l' and maybe also '-s a' get the same treatment then I think
 I'll be OK with this going in.

Here's a revised diff that makes it work with '-s l'.

Index: pfctl.c
===
RCS file: /cvs/src/sbin/pfctl/pfctl.c,v
retrieving revision 1.310
diff -u -p pfctl.c
--- pfctl.c 18 Apr 2012 14:42:17 -  1.310
+++ pfctl.c 28 Apr 2012 02:18:05 -
@@ -864,6 +864,7 @@ pfctl_show_rules(int dev, char *path, int opts, enum p
switch (format) {
case PFCTL_SHOW_LABELS:
if (pr.rule.label[0]) {
+   INDENT(depth, !(opts  PF_OPT_VERBOSE));
printf(%s %llu %llu %llu %llu
 %llu %llu %llu %llu\n,
pr.rule.label,
@@ -1937,6 +1938,7 @@ main(int argc, char *argv[])
int  optimize = PF_OPTIMIZE_BASIC;
int  level;
char anchorname[MAXPATHLEN];
+   int  anchor_wildcard = 0;
char*path;
char*lfile = NULL, *sfile = NULL;
const char *errstr;
@@ -2097,9 +2099,10 @@ main(int argc, char *argv[])
int len = strlen(anchoropt);
 
if (anchoropt[len - 1] == '*') {
-   if (len = 2  anchoropt[len - 2] == '/')
+   if (len = 2  anchoropt[len - 2] == '/') {
anchoropt[len - 2] = '\0';
-   else
+   anchor_wildcard = 1;
+   } else
anchoropt[len - 1] = '\0';
opts |= PF_OPT_RECURSE;
}
@@ -2137,11 +2140,19 @@ main(int argc, char *argv[])
pfctl_load_fingerprints(dev, opts);
pfctl_show_rules(dev, path, opts, PFCTL_SHOW_RULES,
anchorname, 0, 0, shownr);
+   if (anchor_wildcard)
+   pfctl_show_rules(dev, path, opts,
+   PFCTL_SHOW_RULES, anchorname, 0,
+   anchor_wildcard, shownr);
break;
case 'l':
pfctl_load_fingerprints(dev, opts);
pfctl_show_rules(dev, path, opts, PFCTL_SHOW_LABELS,
anchorname, 0, 0, shownr);
+   if (anchor_wildcard)
+   pfctl_show_rules(dev, path, opts,
+   PFCTL_SHOW_LABELS, anchorname, 0,
+   anchor_wildcard, shownr);
break;
case 'q':
pfctl_show_altq(dev, ifaceopt, opts,

I'm not sure what's the best way to handle '-s a' yet, since I think
users typically run 'pfctl -s a' to find out everything about their
full ruleset instead of specific anchors.  Applying a recursive
behavior on '-s a' also seems complex.  Do you have any thoughts on
what a command like pfctl -a 'foo/*' -s a should show?

 Next problem, and this is not directly relating to the above diff
 to fix printing, but it is highlighted by it: the anchors added by
 pfload regression tests are never emptied. Running 'make pfload-update'
 results in the same crap being added to lots of the files it produces.
 So it seems the -Fr / -Fa flush commands also need teaching how to work
 recursively and the regress Makefile changing to use this.
 
 If I bypass this problem by temporarily adjusting pfload${n}-update
 to use individual anchor names per rule (rather than '-a regress'
 I used '-a foo$n') I see that with the above diff an additional
 summary is printed each time, each rule-printing gets these additional
 lines:
 
[ Skip steps: i=end

sh regs.h conflict persists

Re: pfctl: fix printing of 'foo/*' anchors

Re: [resend] ipv6 support for tftp

Re: [resend] ipv6 support for tftp

Invito Omaggio ExpoSanita' 2012

Re: pfctl: fix printing of 'foo/*' anchors

6 matches

Site Navigation

Mail list logo

Footer information