Re: syslog over TLS
On Fri, Jan 16, 2015 at 01:46:09AM +0100, Alexander Bluhm wrote: Hi, This diff enables sending syslog messages over TLS. To implement the buffer layer, I have copied evbuffer.c from libevent and changed TCP to TLS where necessary. This way I made a buffertls wrapper around bufferevent. This might be integrated into libevent later. It still has some limitations: - No certificate validation. This will get a bit tricky because of privsep. Not that tricky - it has already been done and I intended to port it to libtls/libssl. Let me see if I can create a diff quickly. - Wrong format. The TLS RFC requires length-message encoding, I use message-newline inherited from TCP. - Not all lost messages are logged. - At SIGHUP messages may get lost. - Man page is missing. You can active it with @tls://ip-address. comment, test, ok? bluhm The implementation looks somewhat similar to the code in httpd/relayd that didn't copy the evbuffer code. But instead of calling tls_read/tls_write directly, you implemented evtls_read/evtls_write. I wonder if this solves/improves anything in the daemon but I haven't seen any related issue. I'm fine with adding it to syslogd locally and the diff looks sane. But I'm not convinced that libevent is the right place to add a dependency on libtls. I never pushed the SSL evbuffer wrappers back into libevent to keep portability and to avoid such a dependency; but I also saw that the implementation outside of libevent is a bit hackish because the evbuffers were never intended for anything except TCP. relayd could also benefit from it, but I want to continue to use bare libssl instead of libtls there. So it would be desirable to change the libevent code in a way that that allows a more flexible approach - instead of duplicating everything all over again, libevent should allow to provide custom read/write callbacks in a smarter way. For example, there is be no reason to have bufferevent_add() static and to duplicate the function everywhere (server_bufferevent_add()). evbuffer_read/write() could use an optional callback instead of read/write directly to allow plugging in tls_read/SSL_read etc. Problematic is the handling of things like TLS_READ_AGAIN instead of EAGAIN, but there should be a way to abstract it further. Reyk Index: usr.sbin/syslogd/Makefile === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- usr.sbin/syslogd/Makefile 5 Oct 2014 18:14:01 - 1.6 +++ usr.sbin/syslogd/Makefile 15 Jan 2015 13:26:09 - @@ -1,9 +1,9 @@ #$OpenBSD: Makefile,v 1.6 2014/10/05 18:14:01 bluhm Exp $ PROG=syslogd -SRCS=syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c +SRCS=syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c evbuffer_tls.c MAN= syslogd.8 syslog.conf.5 -LDADD= -levent -DPADD= ${LIBEVENT} +LDADD= -levent -ltls -lssl -lcrypto +DPADD= ${LIBEVENT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} .include bsd.prog.mk Index: usr.sbin/syslogd/evbuffer_tls.c === RCS file: usr.sbin/syslogd/evbuffer_tls.c diff -N usr.sbin/syslogd/evbuffer_tls.c --- /dev/null 1 Jan 1970 00:00:00 - +++ usr.sbin/syslogd/evbuffer_tls.c 15 Jan 2015 15:18:01 - @@ -0,0 +1,357 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2002-2004 Niels Provos pro...@citi.umich.edu + * Copyright (c) 2014-2015 Alexander Bluhm bl...@openbsd.org + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + *derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY
Re: syslog over TLS
Hi WRT libevent - we have already added some ASR functions to libevent for smtpd, I'd say libevent 1.4 is pretty much closed for new development upstream - there won't be much to sync - and we have a port of 2.x for ports to use. So I don't think there are strong reasons not to change our libevent as we like On Fri, Jan 16, 2015 at 10:00:46AM +0100, Reyk Floeter wrote: On Fri, Jan 16, 2015 at 01:46:09AM +0100, Alexander Bluhm wrote: Hi, This diff enables sending syslog messages over TLS. To implement the buffer layer, I have copied evbuffer.c from libevent and changed TCP to TLS where necessary. This way I made a buffertls wrapper around bufferevent. This might be integrated into libevent later. It still has some limitations: - No certificate validation. This will get a bit tricky because of privsep. Not that tricky - it has already been done and I intended to port it to libtls/libssl. Let me see if I can create a diff quickly. - Wrong format. The TLS RFC requires length-message encoding, I use message-newline inherited from TCP. - Not all lost messages are logged. - At SIGHUP messages may get lost. - Man page is missing. You can active it with @tls://ip-address. comment, test, ok? bluhm The implementation looks somewhat similar to the code in httpd/relayd that didn't copy the evbuffer code. But instead of calling tls_read/tls_write directly, you implemented evtls_read/evtls_write. I wonder if this solves/improves anything in the daemon but I haven't seen any related issue. I'm fine with adding it to syslogd locally and the diff looks sane. But I'm not convinced that libevent is the right place to add a dependency on libtls. I never pushed the SSL evbuffer wrappers back into libevent to keep portability and to avoid such a dependency; but I also saw that the implementation outside of libevent is a bit hackish because the evbuffers were never intended for anything except TCP. relayd could also benefit from it, but I want to continue to use bare libssl instead of libtls there. So it would be desirable to change the libevent code in a way that that allows a more flexible approach - instead of duplicating everything all over again, libevent should allow to provide custom read/write callbacks in a smarter way. For example, there is be no reason to have bufferevent_add() static and to duplicate the function everywhere (server_bufferevent_add()). evbuffer_read/write() could use an optional callback instead of read/write directly to allow plugging in tls_read/SSL_read etc. Problematic is the handling of things like TLS_READ_AGAIN instead of EAGAIN, but there should be a way to abstract it further. Reyk Index: usr.sbin/syslogd/Makefile === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- usr.sbin/syslogd/Makefile 5 Oct 2014 18:14:01 - 1.6 +++ usr.sbin/syslogd/Makefile 15 Jan 2015 13:26:09 - @@ -1,9 +1,9 @@ # $OpenBSD: Makefile,v 1.6 2014/10/05 18:14:01 bluhm Exp $ PROG= syslogd -SRCS= syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c +SRCS= syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c evbuffer_tls.c MAN= syslogd.8 syslog.conf.5 -LDADD= -levent -DPADD= ${LIBEVENT} +LDADD= -levent -ltls -lssl -lcrypto +DPADD= ${LIBEVENT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} .include bsd.prog.mk Index: usr.sbin/syslogd/evbuffer_tls.c === RCS file: usr.sbin/syslogd/evbuffer_tls.c diff -N usr.sbin/syslogd/evbuffer_tls.c --- /dev/null 1 Jan 1970 00:00:00 - +++ usr.sbin/syslogd/evbuffer_tls.c 15 Jan 2015 15:18:01 - @@ -0,0 +1,357 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2002-2004 Niels Provos pro...@citi.umich.edu + * Copyright (c) 2014-2015 Alexander Bluhm bl...@openbsd.org + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + *derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF
Re: syslog over TLS
On Fri, Jan 16, 2015 at 09:11:47AM +, Nicholas Marriott wrote: Hi WRT libevent - we have already added some ASR functions to libevent for smtpd, I'd say libevent 1.4 is pretty much closed for new development upstream - there won't be much to sync - and we have a port of 2.x for ports to use. So I don't think there are strong reasons not to change our libevent as we like I didn't say that we cannot change libevent - this was different when I first started using the evbuffer API for SSL in relayd. I just don't think that adding a specific dependency for libtls/libssl/libcrypto to libevent is the right direction. We could change the evbuffer API _in libevent_ to make it easier using it with TCP, libssl, libssl or anything else instead of just TCP. But without adding any TLS code to libevent. Reyk On Fri, Jan 16, 2015 at 10:00:46AM +0100, Reyk Floeter wrote: On Fri, Jan 16, 2015 at 01:46:09AM +0100, Alexander Bluhm wrote: Hi, This diff enables sending syslog messages over TLS. To implement the buffer layer, I have copied evbuffer.c from libevent and changed TCP to TLS where necessary. This way I made a buffertls wrapper around bufferevent. This might be integrated into libevent later. It still has some limitations: - No certificate validation. This will get a bit tricky because of privsep. Not that tricky - it has already been done and I intended to port it to libtls/libssl. Let me see if I can create a diff quickly. - Wrong format. The TLS RFC requires length-message encoding, I use message-newline inherited from TCP. - Not all lost messages are logged. - At SIGHUP messages may get lost. - Man page is missing. You can active it with @tls://ip-address. comment, test, ok? bluhm The implementation looks somewhat similar to the code in httpd/relayd that didn't copy the evbuffer code. But instead of calling tls_read/tls_write directly, you implemented evtls_read/evtls_write. I wonder if this solves/improves anything in the daemon but I haven't seen any related issue. I'm fine with adding it to syslogd locally and the diff looks sane. But I'm not convinced that libevent is the right place to add a dependency on libtls. I never pushed the SSL evbuffer wrappers back into libevent to keep portability and to avoid such a dependency; but I also saw that the implementation outside of libevent is a bit hackish because the evbuffers were never intended for anything except TCP. relayd could also benefit from it, but I want to continue to use bare libssl instead of libtls there. So it would be desirable to change the libevent code in a way that that allows a more flexible approach - instead of duplicating everything all over again, libevent should allow to provide custom read/write callbacks in a smarter way. For example, there is be no reason to have bufferevent_add() static and to duplicate the function everywhere (server_bufferevent_add()). evbuffer_read/write() could use an optional callback instead of read/write directly to allow plugging in tls_read/SSL_read etc. Problematic is the handling of things like TLS_READ_AGAIN instead of EAGAIN, but there should be a way to abstract it further. Reyk Index: usr.sbin/syslogd/Makefile === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- usr.sbin/syslogd/Makefile 5 Oct 2014 18:14:01 - 1.6 +++ usr.sbin/syslogd/Makefile 15 Jan 2015 13:26:09 - @@ -1,9 +1,9 @@ #$OpenBSD: Makefile,v 1.6 2014/10/05 18:14:01 bluhm Exp $ PROG=syslogd -SRCS=syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c +SRCS=syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c evbuffer_tls.c MAN= syslogd.8 syslog.conf.5 -LDADD= -levent -DPADD= ${LIBEVENT} +LDADD= -levent -ltls -lssl -lcrypto +DPADD= ${LIBEVENT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} .include bsd.prog.mk Index: usr.sbin/syslogd/evbuffer_tls.c === RCS file: usr.sbin/syslogd/evbuffer_tls.c diff -N usr.sbin/syslogd/evbuffer_tls.c --- /dev/null 1 Jan 1970 00:00:00 - +++ usr.sbin/syslogd/evbuffer_tls.c 15 Jan 2015 15:18:01 - @@ -0,0 +1,357 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2002-2004 Niels Provos pro...@citi.umich.edu + * Copyright (c) 2014-2015 Alexander Bluhm bl...@openbsd.org + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of
Document the special case pid=0 in kill(1)
POSIX says: If process number 0 is specified, all processes in the current process group shall be signaled. Add the corresponding line from kill.2 to document this case. Index: kill.1 === RCS file: /cvs/src/bin/kill/kill.1,v retrieving revision 1.37 diff -u -p -r1.37 kill.1 --- kill.1 13 Oct 2014 09:27:22 - 1.37 +++ kill.1 16 Jan 2015 09:45:46 - @@ -33,7 +33,7 @@ .\ .\@(#)kill.1 8.2 (Berkeley) 4/28/95 .\ -.Dd $Mdocdate: October 13 2014 $ +.Dd $Mdocdate: January 16 2015 $ .Dt KILL 1 .Os .Sh NAME @@ -96,6 +96,9 @@ of the default .Pp The following PIDs have special meanings: .Bl -tag -width Ds -offset indent +.It 0 +Send the signal to all processes whose group ID is equal to the +process group ID of the sender and for which the process has permission. .It \-1 If superuser, broadcast the signal to all processes; otherwise, broadcast to all processes belonging to the user.
Re: syslog over TLS
On Fri, Jan 16, 2015 at 8:46 AM, Alexander Bluhm alexander.bl...@gmx.net wrote: - Wrong format. The TLS RFC requires length-message encoding, I use message-newline inherited from TCP. Transmission of Syslog Messages over TCP (RFC 6587) prefer use 'octet-counting', not 'non-transparent-framing method'. http://tools.ietf.org/html/rfc6587#section-3.4 The older method of non-transparent-framing has problems. The newer method of octet-counting is reliable and has not been seen to cause problems noted with the non-transparent-framing method. I'd like plain TCP transmission implement 'octet-counting' too.
[patch] siphash static functions
Hi tech@, aren't these functions supposed to be static? fritjof Index: siphash.c === RCS file: /cvs/src/sys/crypto/siphash.c,v retrieving revision 1.1 diff -u -p -r1.1 siphash.c --- siphash.c 4 Nov 2014 03:01:14 - 1.1 +++ siphash.c 16 Jan 2015 10:41:37 - @@ -48,8 +48,8 @@ #include crypto/siphash.h -void SipHash_CRounds(SIPHASH_CTX *, int); -void SipHash_Rounds(SIPHASH_CTX *, int); +static void SipHash_CRounds(SIPHASH_CTX *, int); +static void SipHash_Rounds(SIPHASH_CTX *, int); void SipHash_Init(SIPHASH_CTX *ctx, const SIPHASH_KEY *key) @@ -147,7 +147,7 @@ SipHash(const SIPHASH_KEY *key, int rc, #define SIP_ROTL(x, b) ((x) (b)) | ( (x) (64 - (b))) -void +static void SipHash_Rounds(SIPHASH_CTX *ctx, int rounds) { while (rounds--) { @@ -171,7 +171,7 @@ SipHash_Rounds(SIPHASH_CTX *ctx, int rou } } -void +static void SipHash_CRounds(SIPHASH_CTX *ctx, int rounds) { u_int64_t m = lemtoh64((u_int64_t *)ctx-buf); pgpoz5I_1ymPA.pgp Description: PGP signature
Re: syslog over TLS
On Fri, Jan 16, 2015 at 06:17:01PM +0800, Dongsheng Song wrote: On Fri, Jan 16, 2015 at 8:46 AM, Alexander Bluhm alexander.bl...@gmx.net wrote: - Wrong format. The TLS RFC requires length-message encoding, I use message-newline inherited from TCP. Transmission of Syslog Messages over TCP (RFC 6587) prefer use 'octet-counting', not 'non-transparent-framing method'. http://tools.ietf.org/html/rfc6587#section-3.4 The older method of non-transparent-framing has problems. The newer method of octet-counting is reliable and has not been seen to cause problems noted with the non-transparent-framing method. I know. Implementing and testing non-transparent-framing was easier. My goal was to get TCP, TLS and events working first. Changing the format can be done later. I'd like plain TCP transmission implement 'octet-counting' too. There will be only one way for TCP and TLS as this code is shared. In the end it will be octet-counting. bluhm
Re: syslog over TLS
On Fri, Jan 16, 2015 at 01:46:09AM +0100, Alexander Bluhm wrote: This diff enables sending syslog messages over TLS. Updated diff after sys/param.h commit. Only some context changed. bluhm Index: usr.sbin/syslogd/Makefile === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- usr.sbin/syslogd/Makefile 5 Oct 2014 18:14:01 - 1.6 +++ usr.sbin/syslogd/Makefile 16 Jan 2015 11:45:40 - @@ -1,9 +1,9 @@ # $OpenBSD: Makefile,v 1.6 2014/10/05 18:14:01 bluhm Exp $ PROG= syslogd -SRCS= syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c +SRCS= syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c evbuffer_tls.c MAN= syslogd.8 syslog.conf.5 -LDADD= -levent -DPADD= ${LIBEVENT} +LDADD= -levent -ltls -lssl -lcrypto +DPADD= ${LIBEVENT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} .include bsd.prog.mk Index: usr.sbin/syslogd/evbuffer_tls.c === RCS file: usr.sbin/syslogd/evbuffer_tls.c diff -N usr.sbin/syslogd/evbuffer_tls.c --- /dev/null 1 Jan 1970 00:00:00 - +++ usr.sbin/syslogd/evbuffer_tls.c 16 Jan 2015 11:45:40 - @@ -0,0 +1,357 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2002-2004 Niels Provos pro...@citi.umich.edu + * Copyright (c) 2014-2015 Alexander Bluhm bl...@openbsd.org + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + *derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include sys/types.h +#include sys/time.h +#include sys/ioctl.h + +#include errno.h +#include event.h +#include stdio.h +#include stdlib.h +#include string.h +#include stdarg.h +#include tls.h + +#include evbuffer_tls.h + +/* prototypes */ + +void bufferevent_read_pressure_cb(struct evbuffer *, size_t, size_t, void *); +int evtls_read(struct evbuffer *, int, int, struct tls *); +int evtls_write(struct evbuffer *, int, struct tls *); + +static int +bufferevent_add(struct event *ev, int timeout) +{ + struct timeval tv, *ptv = NULL; + + if (timeout) { + timerclear(tv); + tv.tv_sec = timeout; + ptv = tv; + } + + return (event_add(ev, ptv)); +} + +static void +buffertls_readcb(int fd, short event, void *arg) +{ + struct buffertls *buftls = arg; + struct bufferevent *bufev = buftls-bt_bufev; + struct tls *ctx = buftls-bt_ctx; + int res = 0; + short what = EVBUFFER_READ; + size_t len; + int howmuch = -1; + + if (event == EV_TIMEOUT) { + what |= EVBUFFER_TIMEOUT; + goto error; + } + + /* +* If we have a high watermark configured then we don't want to +* read more data than would make us reach the watermark. +*/ + if (bufev-wm_read.high != 0) { + howmuch = bufev-wm_read.high - EVBUFFER_LENGTH(bufev-input); + /* we might have lowered the watermark, stop reading */ + if (howmuch = 0) { + struct evbuffer *buf = bufev-input; + event_del(bufev-ev_read); + evbuffer_setcb(buf, + bufferevent_read_pressure_cb, bufev); + return; + } + } + + res = evtls_read(bufev-input, fd, howmuch, ctx); + switch (res) { + case TLS_READ_AGAIN: + event_set(bufev-ev_read, fd, EV_READ, buffertls_readcb, + buftls); + goto reschedule; + case TLS_WRITE_AGAIN: +
recognise 'F'/'f' suffix in indent
Floating point constants default to double precision and can be made single precision with a 'f' or 'F' suffix or long double precision with 'l' or 'L'. It turns out indent only knows about 'u'/'U' and 'l'/'L' suffixes and will add a space between floating point constants and the suffix if 'f' or 'F' is used which results in code that won't compile. This particular problem broke the build of Mesa master on at least OpenBSD/FreeBSD/Mac OS X: https://bugs.freedesktop.org/show_bug.cgi?id=88335 Index: lexi.c === RCS file: /cvs/src/usr.bin/indent/lexi.c,v retrieving revision 1.17 diff -u -p -r1.17 lexi.c --- lexi.c 11 Oct 2014 03:05:48 - 1.17 +++ lexi.c 16 Jan 2015 13:07:26 - @@ -202,6 +202,12 @@ lexi(void) } break; } + if (!(seensfx 1) + (*buf_ptr == 'F' || *buf_ptr == 'f')) { + CHECK_SIZE_TOKEN; + *e_token++ = *buf_ptr++; + seensfx |= 1; + } } else while (chartype[(int)*buf_ptr] == alphanum) { /* copy it over */
Re: syslog over TLS
I just don't think that adding a specific dependency for libtls/libssl/libcrypto to libevent is the right direction. Let's not get hung up on how this code will fit into the libtls picture yet. It is very valuable that Alexander can get it the async tls case perfected for the syslogd case, then we learn and eventually figure out how to refactor it later. You aren't the only one with concerns about the final picture..
Re: syslog over TLS
On Fri, Jan 16, 2015 at 12:56:45PM +0100, Alexander Bluhm wrote: On Fri, Jan 16, 2015 at 01:46:09AM +0100, Alexander Bluhm wrote: This diff enables sending syslog messages over TLS. Updated diff after sys/param.h commit. Only some context changed. bluhm Despite my scepticism about putting it into libevent - The diff looks and works fine (lightly tested). The evbuffer_tls.c code is similar enough to what we have in relayd/httpd and libevent; so I don't see any problems here. Minor comments (not inline): - The ebuf[100] looks a bit weird, but it is not a problem. - I would prefer checking return value as -1 instead of 0 (tls_init() and other calls below). - The manpage bits are missing. I'm fine with putting it in and to improve/discuss the API issues later. OK Reyk Index: usr.sbin/syslogd/Makefile === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- usr.sbin/syslogd/Makefile 5 Oct 2014 18:14:01 - 1.6 +++ usr.sbin/syslogd/Makefile 16 Jan 2015 11:45:40 - @@ -1,9 +1,9 @@ #$OpenBSD: Makefile,v 1.6 2014/10/05 18:14:01 bluhm Exp $ PROG=syslogd -SRCS=syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c +SRCS=syslogd.c ttymsg.c privsep.c privsep_fdpass.c ringbuf.c evbuffer_tls.c MAN= syslogd.8 syslog.conf.5 -LDADD= -levent -DPADD= ${LIBEVENT} +LDADD= -levent -ltls -lssl -lcrypto +DPADD= ${LIBEVENT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} .include bsd.prog.mk Index: usr.sbin/syslogd/evbuffer_tls.c === RCS file: usr.sbin/syslogd/evbuffer_tls.c diff -N usr.sbin/syslogd/evbuffer_tls.c --- /dev/null 1 Jan 1970 00:00:00 - +++ usr.sbin/syslogd/evbuffer_tls.c 16 Jan 2015 11:45:40 - @@ -0,0 +1,357 @@ +/* $OpenBSD$ */ + +/* + * Copyright (c) 2002-2004 Niels Provos pro...@citi.umich.edu + * Copyright (c) 2014-2015 Alexander Bluhm bl...@openbsd.org + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote products + *derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#include sys/types.h +#include sys/time.h +#include sys/ioctl.h + +#include errno.h +#include event.h +#include stdio.h +#include stdlib.h +#include string.h +#include stdarg.h +#include tls.h + +#include evbuffer_tls.h + +/* prototypes */ + +void bufferevent_read_pressure_cb(struct evbuffer *, size_t, size_t, void *); +int evtls_read(struct evbuffer *, int, int, struct tls *); +int evtls_write(struct evbuffer *, int, struct tls *); + +static int +bufferevent_add(struct event *ev, int timeout) +{ + struct timeval tv, *ptv = NULL; + + if (timeout) { + timerclear(tv); + tv.tv_sec = timeout; + ptv = tv; + } + + return (event_add(ev, ptv)); +} + +static void +buffertls_readcb(int fd, short event, void *arg) +{ + struct buffertls *buftls = arg; + struct bufferevent *bufev = buftls-bt_bufev; + struct tls *ctx = buftls-bt_ctx; + int res = 0; + short what = EVBUFFER_READ; + size_t len; + int howmuch = -1; + + if (event == EV_TIMEOUT) { + what |= EVBUFFER_TIMEOUT; + goto error; + } + + /* + * If we have a high watermark configured then we don't want to + * read more data than would make us reach the watermark. + */ + if (bufev-wm_read.high != 0) { + howmuch = bufev-wm_read.high -
[patch] remove atoi(3) from keynote
Hi tech@, this diff removes the atoi(3) call from keynote(1). fritjof Index: keynote-keygen.c === RCS file: /cvs/src/lib/libkeynote/keynote-keygen.c,v retrieving revision 1.21 diff -u -p -r1.21 keynote-keygen.c --- keynote-keygen.c29 Jun 2004 11:35:56 - 1.21 +++ keynote-keygen.c16 Jan 2015 19:44:42 - @@ -24,6 +24,7 @@ #include ctype.h #include fcntl.h +#include limits.h #include regex.h #include stdio.h #include stdlib.h @@ -106,6 +107,7 @@ keynote_keygen(int argc, char *argv[]) RSA *rsa; FILE *fp; char *algname; +const char *errstr; if ((argc != 5) (argc != 6) (argc != 7)) { @@ -135,8 +137,8 @@ keynote_keygen(int argc, char *argv[]) if (argc 5) { - begin = atoi(argv[5]); - if (begin = -1) + begin = strtonum(argv[5], 0, INT_MAX, errstr); + if (errstr) { fprintf(stderr, Erroneous value for print-offset parameter.\n); exit(1); @@ -145,8 +147,8 @@ keynote_keygen(int argc, char *argv[]) if (argc 6) { - prlen = atoi(argv[6]); - if (prlen = 0) + prlen = strtonum(argv[6], 1, INT_MAX, errstr); + if (errstr) { fprintf(stderr, Erroneous value for print-length parameter.\n); exit(1); @@ -162,9 +164,9 @@ keynote_keygen(int argc, char *argv[]) } alg = keynote_get_key_algorithm(algname, enc, ienc); -len = atoi(argv[2]); +len = strtonum(argv[2], 1, INT_MAX, errstr); -if (len = 0) +if (errstr) { fprintf(stderr, Invalid specified keysize %d\n, len); exit(1); Index: keynote-sign.c === RCS file: /cvs/src/lib/libkeynote/keynote-sign.c,v retrieving revision 1.16 diff -u -p -r1.16 keynote-sign.c --- keynote-sign.c 29 Jun 2004 11:35:56 - 1.16 +++ keynote-sign.c 16 Jan 2015 19:44:46 - @@ -23,6 +23,7 @@ #include sys/stat.h #include ctype.h +#include limits.h #include regex.h #include stdio.h #include stdlib.h @@ -50,6 +51,7 @@ keynote_sign(int argc, char *argv[]) char *buf, *buf2, *sig, *algname; int fd, flg = 0, buflen; struct stat sb; +const char *errstr; if ((argc != 4) (argc != 5) @@ -65,8 +67,8 @@ keynote_sign(int argc, char *argv[]) if (argc 4 + flg) { -begin = atoi(argv[4 + flg]); -if (begin = -1) + begin = strtonum(argv[4 + flg], 0, INT_MAX, errstr); +if (errstr) { fprintf(stderr, Erroneous value for print-offset parameter.\n); exit(1); @@ -75,8 +77,8 @@ keynote_sign(int argc, char *argv[]) if (argc 5 + flg) { -prlen = atoi(argv[5 + flg]); -if (prlen = 0) + prlen = strtonum(argv[5 + flg], 1, INT_MAX, errstr); +if (errstr) { fprintf(stderr, Erroneous value for print-length parameter.\n); exit(1); pgp__Xagg7l1q.pgp Description: PGP signature
Re: recognise 'F'/'f' suffix in indent
Floating point constants default to double precision and can be made single precision with a 'f' or 'F' suffix or long double precision with 'l' or 'L'. It turns out indent only knows about 'u'/'U' and 'l'/'L' suffixes and will add a space between floating point constants and the suffix if 'f' or 'F' is used which results in code that won't compile. Your diff will allow for `fl' suffixes. What about doing seensfx |= 1 | 2; to make sure a forthcoming `l' suffix gets rejected? Index: lexi.c === RCS file: /cvs/src/usr.bin/indent/lexi.c,v retrieving revision 1.17 diff -u -p -r1.17 lexi.c --- lexi.c11 Oct 2014 03:05:48 - 1.17 +++ lexi.c16 Jan 2015 13:07:26 - @@ -202,6 +202,12 @@ lexi(void) } break; } + if (!(seensfx 1) + (*buf_ptr == 'F' || *buf_ptr == 'f')) { + CHECK_SIZE_TOKEN; + *e_token++ = *buf_ptr++; + seensfx |= 1; + } } else while (chartype[(int)*buf_ptr] == alphanum) { /* copy it over */
Re: recognise 'F'/'f' suffix in indent
On Fri, Jan 16, 2015 at 21:43, Miod Vallat wrote: Floating point constants default to double precision and can be made single precision with a 'f' or 'F' suffix or long double precision with 'l' or 'L'. It turns out indent only knows about 'u'/'U' and 'l'/'L' suffixes and will add a space between floating point constants and the suffix if 'f' or 'F' is used which results in code that won't compile. Your diff will allow for `fl' suffixes. What about doing seensfx |= 1 | 2; to make sure a forthcoming `l' suffix gets rejected? I'm not sure indent needs a precise parser. Isn't that what the compiler is for? As long as it doesn't *generate* incorrect code, I think it's fine. If for some reason the source file I pass to indent has 0.0fl in it, let it through; cc will tell me about it soon enough.
improve wording in alloca
Improve wording in alloca. 1. it's not a bug; it's a caveat. 2. slightly unsafe gives me the willies. 3. nobody knows what large unbounded allocations are. 4. one .Xr to malloc should suffice Index: alloca.3 === RCS file: /cvs/src/lib/libc/stdlib/alloca.3,v retrieving revision 1.13 diff -u -p -r1.13 alloca.3 --- alloca.35 Jun 2013 03:39:23 - 1.13 +++ alloca.316 Jan 2015 22:26:15 - @@ -51,9 +51,7 @@ function returns a pointer to the beginn .Sh SEE ALSO .Xr pagesize 1 , .Xr brk 2 , -.Xr calloc 3 , -.Xr malloc 3 , -.Xr realloc 3 +.Xr malloc 3 .\ .Sh HISTORY .\ The .\ .Fn alloca @@ -62,10 +60,10 @@ function returns a pointer to the beginn .\ The function appeared in 32v, pwb and pwb.2 and in 3bsd 4bsd .\ The first man page (or link to a man page that I can find at the .\ moment is 4.3... -.Sh BUGS +.Sh CAVEATS The .Fn alloca -function is slightly unsafe because it cannot ensure that the pointer +function is unsafe because it cannot ensure that the pointer returned points to a valid and usable block of memory. The allocation made may exceed the bounds of the stack, or even go further into other objects in memory, and @@ -73,4 +71,4 @@ further into other objects in memory, an cannot determine such an error. Avoid .Fn alloca -with large unbounded allocations. +when possible.
Re: improve wording in alloca
@@ -51,9 +51,7 @@ function returns a pointer to the beginn .Sh SEE ALSO .Xr pagesize 1 , .Xr brk 2 , -.Xr calloc 3 , -.Xr malloc 3 , -.Xr realloc 3 +.Xr malloc 3 This is good. It has no relationship to callor or realloc. -.Sh BUGS +.Sh CAVEATS OK. The .Fn alloca -function is slightly unsafe because it cannot ensure that the pointer +function is unsafe because it cannot ensure that the pointer OK @@ -73,4 +71,4 @@ further into other objects in memory, an cannot determine such an error. Avoid .Fn alloca -with large unbounded allocations. +when possible. I wrote it this way to provide even greater caution. It makes people think hmm, is my allocation size known. Then they run away screaming. I think my wording has more impact.
Re: massage volume control task
On 2 Jan 2015, at 4:15 pm, David Gwynne da...@gwynne.id.au wrote: can someone test this? it allocates storage for the volume change details rather than cast arguments to a single global task. adds some safety while there if audio0 is a hotplug device. ok? The keyboard audio controls on my X120e following -current work same as before with this diff applied. Index: audio.c === RCS file: /cvs/src/sys/dev/audio.c,v retrieving revision 1.125 diff -u -p -r1.125 audio.c --- audio.c 19 Dec 2014 22:44:58 - 1.125 +++ audio.c 2 Jan 2015 06:08:39 - @@ -465,11 +465,6 @@ audioattach(struct device *parent, struc } DPRINTF((audio_attach: inputs ports=0x%x, output ports=0x%x\n, sc-sc_inports.allports, sc-sc_outports.allports)); - -#if NWSKBD 0 - task_set(sc-sc_mixer_task, wskbd_set_mixervolume_callback, NULL, - NULL); -#endif /* NWSKBD 0 */ } int @@ -3432,27 +3427,39 @@ filt_audiowrite(struct knote *kn, long h } #if NWSKBD 0 +struct wskbd_vol_change { + struct task t; + long dir; + long out; +}; + int wskbd_set_mixervolume(long dir, long out) { struct audio_softc *sc; + struct wskbd_vol_change *ch; if (audio_cd.cd_ndevs == 0 || (sc = audio_cd.cd_devs[0]) == NULL) { DPRINTF((wskbd_set_mixervolume: audio_cd\n)); return (ENXIO); } - task_del(systq, sc-sc_mixer_task); - task_set(sc-sc_mixer_task, wskbd_set_mixervolume_callback, - (void *)dir, (void *)out); - task_add(systq, sc-sc_mixer_task); + ch = malloc(sizeof(*ch), M_TEMP, M_NOWAIT); + if (ch == NULL) + return (ENOMEM); + + task_set(ch-t, wskbd_set_mixervolume_callback, ch, NULL); + ch-dir = dir; + ch-out = out; + task_add(systq, ch-t); return (0); } void -wskbd_set_mixervolume_callback(void *arg1, void *arg2) +wskbd_set_mixervolume_callback(void *xch, void *null) { + struct wskbd_vol_change *ch = xch; struct audio_softc *sc; struct au_mixer_ports *ports; mixer_devinfo_t mi; @@ -3461,19 +3468,19 @@ wskbd_set_mixervolume_callback(void *arg u_int gain; int error; - if (audio_cd.cd_ndevs == 0 || (sc = audio_cd.cd_devs[0]) == NULL) { - DPRINTF((%s: audio_cd\n, __func__)); - return; - } + dir = ch-dir; + out = ch-out; + free(ch, M_TEMP, sizeof(*ch)); - dir = (long)arg1; - out = (long)arg2; + sc = (struct audio_softc *)device_lookup(audio_cd, 0); + if (sc == NULL) + return; ports = out ? sc-sc_outports : sc-sc_inports; if (ports-master == -1) { DPRINTF((%s: master == -1\n, __func__)); - return; + goto done; } if (dir == 0) { @@ -3482,7 +3489,7 @@ wskbd_set_mixervolume_callback(void *arg error = au_get_mute(sc, ports, mute); if (error != 0) { DPRINTF((%s: au_get_mute: %d\n, __func__, error)); - return; + goto done; } mute = !mute; @@ -3490,7 +3497,7 @@ wskbd_set_mixervolume_callback(void *arg error = au_set_mute(sc, ports, mute); if (error != 0) { DPRINTF((%s: au_set_mute: %d\n, __func__, error)); - return; + goto done; } } else { /* Raise or lower volume */ @@ -3499,7 +3506,7 @@ wskbd_set_mixervolume_callback(void *arg error = sc-hw_if-query_devinfo(sc-hw_hdl, mi); if (error != 0) { DPRINTF((%s: query_devinfo: %d\n, __func__, error)); - return; + goto done; } au_get_gain(sc, ports, gain, balance); @@ -3512,8 +3519,11 @@ wskbd_set_mixervolume_callback(void *arg error = au_set_gain(sc, ports, gain, balance); if (error != 0) { DPRINTF((%s: au_set_gain: %d\n, __func__, error)); - return; + goto done; } } + +done: + device_unref(sc-dev); } #endif /* NWSKBD 0 */
Re: recognise 'F'/'f' suffix in indent
On Fri, Jan 16, 2015 at 09:43:36PM +, Miod Vallat wrote: Floating point constants default to double precision and can be made single precision with a 'f' or 'F' suffix or long double precision with 'l' or 'L'. It turns out indent only knows about 'u'/'U' and 'l'/'L' suffixes and will add a space between floating point constants and the suffix if 'f' or 'F' is used which results in code that won't compile. Your diff will allow for `fl' suffixes. What about doing seensfx |= 1 | 2; to make sure a forthcoming `l' suffix gets rejected? Well it is out of the loop for u/l so it doesn't look like that is possible? Running the patched indent on 1.0fl gives me 1.0f l Index: lexi.c === RCS file: /cvs/src/usr.bin/indent/lexi.c,v retrieving revision 1.17 diff -u -p -r1.17 lexi.c --- lexi.c 11 Oct 2014 03:05:48 - 1.17 +++ lexi.c 16 Jan 2015 13:07:26 - @@ -202,6 +202,12 @@ lexi(void) } break; } + if (!(seensfx 1) + (*buf_ptr == 'F' || *buf_ptr == 'f')) { + CHECK_SIZE_TOKEN; + *e_token++ = *buf_ptr++; + seensfx |= 1; + } } else while (chartype[(int)*buf_ptr] == alphanum) { /* copy it over */
[patch] panic on boot when compiling kernel with option VFSLCKDEBUG
While troubleshooting a deadlock problem I compiled the kernel with option VFSLCKDEBUG and found that the if statement in the assert macro is missing braces. The includes seem to have changed since 5.6 as well as it was missing the declaration for the panic function. Index: kern/vfs_vops.c === RCS file: /cvs/src/sys/kern/vfs_vops.c,v retrieving revision 1.9 diff -u -p -r1.9 vfs_vops.c --- kern/vfs_vops.c 13 Aug 2013 05:52:24 - 1.9 +++ kern/vfs_vops.c 16 Jan 2015 23:30:59 - @@ -48,10 +48,12 @@ #include sys/unistd.h #ifdef VFSLCKDEBUG +#include sys/systm.h #define ASSERT_VP_ISLOCKED(vp) do { \ -if (((vp)-v_flag VLOCKSWORK) !VOP_ISLOCKED(vp)) \ +if (((vp)-v_flag VLOCKSWORK) !VOP_ISLOCKED(vp)) { \ VOP_PRINT(vp); \ panic(vp not locked); \ +} \ } while (0) #else #define ASSERT_VP_ISLOCKED(vp) /* nothing */ -- Helg xx...@msn.com
tiny ftp cleanup
Remember to set tenex mode when transferring binary files from this machine. Just a little cleanup. Unfortunately, my TOPS20 system isn't running at the moment, so I wasn't able to fully test this... bonus: this diff also removes references to ebcdic. Index: cmds.c === RCS file: /cvs/src/usr.bin/ftp/cmds.c,v retrieving revision 1.73 diff -u -p -r1.73 cmds.c --- cmds.c 16 Jan 2015 06:40:08 - 1.73 +++ cmds.c 17 Jan 2015 07:33:03 - @@ -98,18 +98,6 @@ setascii(int argc, char *argv[]) } /* - * Set tenex transfer type. - */ -/*ARGSUSED*/ -void -settenex(int argc, char *argv[]) -{ - - stype[1] = tenex; - settype(2, stype); -} - -/* * Set file transfer mode. */ /*ARGSUSED*/ Index: cmds.h === RCS file: /cvs/src/usr.bin/ftp/cmds.h,v retrieving revision 1.1 diff -u -p -r1.1 cmds.h --- cmds.h 5 May 2009 19:35:30 - 1.1 +++ cmds.h 17 Jan 2015 07:38:41 - @@ -17,7 +17,6 @@ */ void setascii(int, char **); -void settenex(int, char **); void setftmode(int, char **); void setform(int, char **); void setstruct(int, char **); Index: cmdtab.c === RCS file: /cvs/src/usr.bin/ftp/cmdtab.c,v retrieving revision 1.27 diff -u -p -r1.27 cmdtab.c --- cmdtab.c6 Jan 2013 22:12:28 - 1.27 +++ cmdtab.c17 Jan 2015 07:37:20 - @@ -111,7 +111,6 @@ charstatushelp[] = show current status char structhelp[] = set file transfer structure; char suniquehelp[] = toggle store unique on remote machine; char systemhelp[] = show remote system type; -char tenexhelp[] = set tenex file transfer type; char tracehelp[] = toggle packet tracing; char typehelp[] =set file transfer type; char umaskhelp[] = get (set) umask on remote side; @@ -201,7 +200,6 @@ struct cmd cmdtab[] = { { struct, H(structhelp), 0, 1, 1, CMPL0 setstruct }, { sunique,H(suniquehelp), 0, 0, 1, CMPL0 setsunique }, { system, H(systemhelp), 0, 1, 1, CMPL0 syst }, - { tenex, H(tenexhelp), 0, 1, 1, CMPL0 settenex }, { trace, H(tracehelp), 0, 0, 0, CMPL0 settrace }, { type, H(typehelp),0, 1, 1, CMPL0 settype }, { umask, H(umaskhelp), 0, 1, 1, CMPL0 do_umask }, Index: ftp.1 === RCS file: /cvs/src/usr.bin/ftp/ftp.1,v retrieving revision 1.94 diff -u -p -r1.94 ftp.1 --- ftp.1 15 Nov 2014 14:41:02 - 1.94 +++ ftp.1 17 Jan 2015 07:36:50 - @@ -1224,11 +1224,6 @@ The remote server will report the unique Default value is off. .It Ic system Show the type of operating system running on the remote machine. -.It Ic tenex -Set the file transfer type to that needed to -talk to -.Tn TENEX -machines. .It Ic trace Op Ic on | off Toggle packet tracing. .It Ic type Op Ar type-name @@ -1525,17 +1520,10 @@ The may be one of .Dq ascii , .Dq binary , -.Dq image , -.Dq ebcdic -.Pq currently not supported or -.Dq tenex -(local byte size 8, for PDP-10's and PDP-20's mostly). +.Dq image . .Nm -supports the ASCII and image types of file transfer, -plus local byte size 8 for -.Ic tenex -mode transfers. +supports the ASCII and image types of file transfer. .Pp .Nm supports only the default values for the remaining Index: ftp.c === RCS file: /cvs/src/usr.bin/ftp/ftp.c,v retrieving revision 1.89 diff -u -p -r1.89 ftp.c --- ftp.c 16 Jan 2015 06:40:08 - 1.89 +++ ftp.c 17 Jan 2015 07:39:54 - @@ -707,7 +707,6 @@ sendrequest(const char *cmd, const char rc = fseeko(fin, restart_point, SEEK_SET); break; case TYPE_I: - case TYPE_L: if (lseek(fileno(fin), restart_point, SEEK_SET) != -1) rc = 0; break; @@ -759,7 +758,6 @@ sendrequest(const char *cmd, const char switch (curtype) { case TYPE_I: - case TYPE_L: d = 0; while ((c = read(fileno(fin), buf, sizeof(buf))) 0) { may_send_noop_char(); @@ -1075,7 +1073,6 @@ recvrequest(const char *cmd, const char switch (curtype) { case TYPE_I: - case TYPE_L: if (restart_point lseek(fileno(fout), restart_point, SEEK_SET) 0) { warn(local: %s, local); Index: small.c === RCS file: /cvs/src/usr.bin/ftp/small.c,v retrieving revision 1.3 diff -u -p -r1.3 small.c --- small.c 16 Jan 2015 06:40:08 - 1.3 +++ small.c 17 Jan 2015