Re: pf.conf.5: mention the inversion (!) operator

On Fri, May 19, 2017 at 10:47:55AM +0200, Michal Mazurek wrote: > On 07:52:28, 19.05.17, Jason McIntyre wrote: > > On Fri, May 19, 2017 at 08:34:54AM +0200, Michal Mazurek wrote: > > > Now that it was commited, what remains is to convert tabs to spaces > > > inside a > > > literal block: > > >

Re: [patch] Avoid system(3) in ikectl

On 2017/05/19 00:32, Matthew Martin wrote: > ikectl errors in a number of situations where shell special characters > are used. For example: > > % doas ikectl ca test create password \' > [...] > subject=/C=DE/ST=Lower Saxony/L=Hanover/O=OpenBSD/OU=iked/CN=VPN > CA/emailAddress=r...@openbsd.org

Remove conditionals around crypto based free functions on relayd(8)

Hi, This removes the conditionals around crypto based free functions for relayd(8), where appropriate. Sanity checked was already performed by tb@ briefly. I was also preparing a similar diff for smtpd(8) last week, but deraadt@ already committed it as part of a larger diff. OK? Index: relay.c

Re: Remove conditionals around crypto based free functions on relayd(8)

On Fri, May 19, 2017 at 11:18:00AM +0100, Ricardo Mestre wrote: > Hi, > > This removes the conditionals around crypto based free functions for > relayd(8), > where appropriate. Sanity checked was already performed by tb@ briefly. > > I was also preparing a similar diff for smtpd(8) last week,

Re: Remove conditionals around crypto based free functions on relayd(8)

You're absolutely right, even if approved I won't commit until claudio@ rebases it with libtls. On 12:53 Fri 19 May , Theo Buehler wrote: > On Fri, May 19, 2017 at 11:18:00AM +0100, Ricardo Mestre wrote: > > Hi, > > > > This removes the conditionals around crypto based free functions for >

Re: pf.conf.5: mention the inversion (!) operator

On 07:52:28, 19.05.17, Jason McIntyre wrote: > On Fri, May 19, 2017 at 08:34:54AM +0200, Michal Mazurek wrote: > > Now that it was commited, what remains is to convert tabs to spaces inside > > a > > literal block: > > > > morning. > > what's the reason for wanting this? Consistency is my

ipip_input outer af

Hi, Instead of looking at the IP version of the header, we can use the outer address family passed to ipip_input(). ok? bluhm Index: netinet/ip_ipip.c === RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_ipip.c,v retrieving

Re: [PATCH] pcidump - Enhanced Capabilities

Yes, this is correct. I missed those two somehow ... 2017-05-17 8:11 GMT+02:00, Jonathan Gray : > On Thu, Mar 16, 2017 at 03:19:23PM +0100, Simon Mages wrote: >> Hi, >> >> right now i got the chance to play a little bit with PCIe. I read some >> parts of the spec >> and was

Re: uslcom(4) baudrates

On Fri, May 19, 2017 at 08:17:50PM +0200, Mark Kettenis wrote: > The "official" Firefly-RK3399 firmware use a baudrate of 1.5 Mbps. > This is somewhat annoying (OpenBSD/arm64 expects the console to run at > 115200 bps) and I plan to provide firmware images that use the > standard rate instead.

acme-client(1) -vD output - double slash ('//') in PEM file paths

Hi all, A minor thing - I'm not sure it warrants an email to bugs@ Something I had noticed only today: # acme-client -vD domain.org [...] acme-client: /etc/ssl//domain.org.chain.pem: created acme-client: /etc/ssl/domain.org.crt: created acme-client:

Re: ksh(1): don't output invalid UTF-8 characters

On Fri, May 19, 2017 at 09:33:33AM -0300, Lucas Gabriel Vuotto wrote: > Hi, > > On 19/05/17 03:42, Anton Lindqvist wrote: > > Hi, > > I did submit this problem[1] earlier but with an incomplete analysis and > > fix. Here's a second attempt. > > > > This does only occur when running ksh with

ipip_input inner header

Hi, In IPIP input rename the variable ipo to ip as it is used for inner and outer header. Reset values depending on the the mbuf when the mbuf is adjusted. Check the length of the inner IP header with the correct size in case of IPv6. Check the IPv4 header size including IP options. For the

Re: ksh(1): vi mode UTF-8 bug

Hi Anton, Anton Lindqvist wrote on Fri, May 19, 2017 at 02:11:37PM +0200: > Hi, > Another UTF-8 related bug reported by tb@. How to re-produce: > > 1. Enable vi mode: > >$ set -o vi > > 2. Input the following characters: öa > > 3. Press escape and then x twice. > > 4. An invalid UTF-8

ksh(1): vi mode UTF-8 bug

Hi, Another UTF-8 related bug reported by tb@. How to re-produce: 1. Enable vi mode: $ set -o vi 2. Input the following characters: öa 3. Press escape and then x twice. 4. An invalid UTF-8 character is displayed. Similar to one of my previous diffs, looks like the column counter is wrong.

Re: improving qsort worst case behavior

On Thu, 18 May 2017 09:58:14 -0600, "Todd C. Miller" wrote: > I believe the best approach is to switch qsort.c to "introsort". > The changes are minimal and the elimination of the O(n^2) worst > case is compelling. I've added input arrays to the qsort regress test that exhibit quadratic behavior

Re: ksh(1): don't output invalid UTF-8 characters

Hi Anton, Anton Lindqvist wrote on Fri, May 19, 2017 at 08:42:05AM +0200: > 1. Run ksh under tmux. > > 2. Input the following characters, without spaces: > >a (any character) ^B (backward-char) ö (any UTF-8 character) > > 3. At this point, the prompt gets overwritten. > > Since ksh read

[PATCHv2 1/2] nc: support -T tlscompat option

Some services are still provided using TLS 1.0 and older ciphers. It is possible to use the nc command to connect to these services using the "-T tlsall" option, but that also enables legacy and insecure ciphers and is not desirable. Instead add a new "-T tlscompat" option that can be used to

[PATCHv2 2/2] nc: do not require IPV6_TCLASS

Older IPv6 implementations may not have an IPV6_TCLASS option. Tolerate this situation by simply returning an error if an attempt is made to use IPV6_TCLASS on such a system. Signed-off-by: Kyle J. McKay --- CHANGES SINCE v1: * Regenerate patch so it applies cleanly; no

Re: pf: percpu anchor stacks

On Mon, May 15, 2017 at 03:19:19PM +0200, Alexandr Nedvedicky wrote: > I'm attaching updated final patch, which accepts your suggestion. I think this broke sys/net/pf_forward. http://bluhm.genua.de/regress/results/regress.html When backing out pf.c rev 1.1024 it works again. I guess it is a

mcast-proxy daemon

Hello tech@, I have been developing a new daemon for OpenBSD that fills in a gap in the multicast protocol support for network edges. More specifically I'm talking about a multicast proxy. I'm sending this e-mail to share the daemon code and see if there is interest in such. The mcast-proxy is a

Re: mg backup directory

Previous patch shall be ignored, as it was an ugly hack. Below is a patch that is simpler and fixes expandtilde instead, so it fixes the problem in other situations (writing files to ~, for example). The only thing that I'm not sure is whether to use getuid or geteuid. Any suggestion /

Re: pf: percpu anchor stacks

Hello, On Fri, May 19, 2017 at 06:10:54PM +0200, Alexander Bluhm wrote: > On Mon, May 15, 2017 at 03:19:19PM +0200, Alexandr Nedvedicky wrote: > > I'm attaching updated final patch, which accepts your suggestion. > > I think this broke sys/net/pf_forward. >

Re: ksh(1): don't output invalid UTF-8 characters

ksh has problems for me with Anton's example in several terminals, not just in tmux. Mostly the cursor seems to end up one character off rather than in the prompt, which is less visibly incorrect perhaps, but still wrong. I don't know that ksh will be able to predict this reliably (not uncommon

Re: ksh(1): don't output invalid UTF-8 characters

Hi Perhaps I haven't understood what you are saying correctly, but I don't think it is possible to send control characters or any other invalid UTF-8 bytes inside UTF-8 characters and safely predict what the terminal will do. How about these examples: printf '\343\203\010\217a\n' printf

uslcom(4) baudrates

The "official" Firefly-RK3399 firmware use a baudrate of 1.5 Mbps. This is somewhat annoying (OpenBSD/arm64 expects the console to run at 115200 bps) and I plan to provide firmware images that use the standard rate instead. But until I figure out how to properly build ATF (ARM Trusted Firmware)

Re: ksh(1): don't output invalid UTF-8 characters

Hi, On 19/05/17 03:42, Anton Lindqvist wrote: > Hi, > I did submit this problem[1] earlier but with an incomplete analysis and > fix. Here's a second attempt. > > This does only occur when running ksh with emacs mode under tmux. How to > re-produce: > > 1. Run ksh under tmux. > > 2. Input the

Re: ksh(1): don't output invalid UTF-8 characters

Hi Nicholas, Nicholas Marriott wrote on Fri, May 19, 2017 at 07:04:53PM +0100: > Perhaps I haven't understood what you are saying correctly, What matters most is that sending an incomplete character followed by U+0008 (ASCII BACKSPACE) is a no-op, both in the sense that it doesn't change the

Re: ksh(1): don't output invalid UTF-8 characters

Hi Nicholas, Nicholas Marriott wrote on Fri, May 19, 2017 at 07:27:36PM +0100: > ksh has problems for me with Anton's example in several terminals, > not just in tmux. Mostly the cursor seems to end up one character > off rather than in the prompt, which is less visibly incorrect > perhaps, but

Re: pf.conf.5: mention the inversion (!) operator

Now that it was commited, what remains is to convert tabs to spaces inside a literal block: Index: share/man/man5/pf.conf.5 === RCS file: /cvs/src/share/man/man5/pf.conf.5,v retrieving revision 1.561 diff -u -p -r1.561 pf.conf.5 ---

Re: event(3): mention bufferevent_setwatermark

Ping On Mon, May 15, 2017 at 07:41:56PM +0200, Anton Lindqvist wrote: > Hi, > The bufferevent_setwatermark function is not mentioned in event(3). > Maybe the function deserves to be documented under the "BUFFERED EVENTS" > section but I know too little about the API to determine if that would >

ksh(1): don't output invalid UTF-8 characters

Hi, I did submit this problem[1] earlier but with an incomplete analysis and fix. Here's a second attempt. This does only occur when running ksh with emacs mode under tmux. How to re-produce: 1. Run ksh under tmux. 2. Input the following characters, without spaces: a (any character) ^B

Re: pf.conf.5: mention the inversion (!) operator

On Fri, May 19, 2017 at 08:34:54AM +0200, Michal Mazurek wrote: > Now that it was commited, what remains is to convert tabs to spaces inside a > literal block: > morning. what's the reason for wanting this? jmc > Index: share/man/man5/pf.conf.5 >

Re: event(3): mention bufferevent_setwatermark

On Fri, May 19, 2017 at 08:39:09AM +0200, Anton Lindqvist wrote: > Ping > morning. please be patient! jmc > On Mon, May 15, 2017 at 07:41:56PM +0200, Anton Lindqvist wrote: > > Hi, > > The bufferevent_setwatermark function is not mentioned in event(3). > > Maybe the function deserves to be

Re: event(3): mention bufferevent_setwatermark

I think it needs some text as well, there isn't much point in just listing the function. bufferevent_settimeout is also missing a description. I'm away for the next two weeks but I'll look when I get back. On Mon, May 15, 2017 at 07:41:57PM +0200, Anton Lindqvist wrote: > Hi, > The

Re: [patch] ND_COMPUTER_RTIME is not uniformly distributed

On Mon, May 15, 2017 at 03:49:55PM +0200, Mike Belopuhov wrote: > On Sun, May 07, 2017 at 18:59 -0500, Matthew Martin wrote: > > RFC 4861 specifies ReachableTime "should be a uniformly distributed > > random value between MIN_RANDOM_FACTOR and MAX_RANDOM_FACTOR times > > BaseReachableTime

Re: pf: percpu anchor stacks

Hello, would you be able to try patch below to check if it will fix pf_forward failures? thanks a lot and sorry for inconveniences regards sasha 8<---8<---8<--8< diff -r eb40d8d52679 src/sys/net/pf.c --- a/src/sys/net/pf.c Fri May 19

Re: ksh(1): don't output invalid UTF-8 characters

Hi On Fri, May 19, 2017 at 10:23:08PM +0200, Ingo Schwarze wrote: > Hi Nicholas, > > Nicholas Marriott wrote on Fri, May 19, 2017 at 07:04:53PM +0100: > > > Perhaps I haven't understood what you are saying correctly, > > What matters most is that sending an incomplete character > followed by

Re: ksh(1): don't output invalid UTF-8 characters

On Fri, May 19, 2017 at 09:29:06PM +0200, Ingo Schwarze wrote: > On a side note, i don't think gnome-terminal and konsole are relevant. > I never installed them before and did so now for the first time for > testing, but they installed so many libraries that i feel uncomfortable > and unsafe using

Re: pf: percpu anchor stacks

On Fri, May 19, 2017 at 11:47:21PM +0200, Alexandr Nedvedicky wrote: > would you be able to try patch below to check if it will fix pf_forward > failures? Yes, this fixes it. OK bluhm@ > thanks a lot > and sorry for inconveniences Thanks for the quick fix. And there was no inconvenience, I

Re: ksh(1): don't output invalid UTF-8 characters

Having a look at ksh, I don't see how Anton's original diff is much different from x_emacs() looping around x_e_getc() until it finishes a long key input? It would be better to stop reading early if an invalid UTF-8 byte is input rather than always requiring exactly N bytes; he needs to fix his