Re: use OpenSSL EVP for SSH umac and CTR cipher modes

2011-09-10 Thread Damien Miller 
On Fri, 9 Sep 2011, Damien Miller wrote:

> Hi,
> 
> This diff needs testing, particularly on systems that support hardware
> acceleration of AES via the OpenSSL EVP layer (e.g. Intel Core i7).
> It uses OpenSSL's EVP AES API rather than the lower-level one and should
> give an opportunity for the acceleration to work.
> 
> A useful benchmark would be
> 
> dd if=/dev/arandom bs=10 count=1000 | time ssh localhost "cat > /dev/null"
> 
> before and after (you will need passwordless authentication setup so
> as not to stall at the password prompt)

Thanks to everyone that tested. The redux is that going to EVP doesn't
seem to provide any discernable performance benefit on capable CPUs
while imposing a performance penalty on everyone else. I don't intend
to pursue this further.

-d

Re: cc thread model single/posix?

2011-09-10 Thread Christian Weisgerber 
Miod Vallat  wrote:

> According to the commit message when kurt@ switched gcc3 to the posix
> thread model, it ``makes dwarf2 exception handling thread safe and
> enables thread safety for libstdc++''.
> 
> That change was reverted because it did not work correctly on hppa. Now
> that hppa has switched to gcc4, there is no reason not to bring this
> change back in.

Indeed, I would like to bring this back to minimize the differences
between our gcc3 and gcc4 platforms.

Kurt's change also had another part:

  include -D_REENTRANT when -pthread cpp arg is present (needed so
  boost can detect -pthread on the command line).

This would actually be different from our gcc4 platforms and it's
just supposed to help a single port.  So I don't think we want this.

This leaves us with the diff below.  I'm going to test this on
alpha.  Who wants to check the other remaining gcc3 platform,
landisk?


Index: gnu/lib/libstdc++/shlib_version
===
RCS file: /cvs/src/gnu/lib/libstdc++/shlib_version,v
retrieving revision 1.22
diff -u -p -r1.22 shlib_version
@@ -1,2 +1,2 @@
-major=51
+major=52
 minor=0
Index: gnu/usr.bin/gcc/Makefile.bsd-wrapper
===
RCS file: /cvs/src/gnu/usr.bin/gcc/Makefile.bsd-wrapper,v
retrieving revision 1.60
diff -u -p -r1.60 Makefile.bsd-wrapper
--- gnu/usr.bin/gcc/Makefile.bsd-wrapper25 May 2010 00:24:58 -  
1.60
+++ gnu/usr.bin/gcc/Makefile.bsd-wrapper9 Sep 2011 20:53:34 -
@@ -105,6 +105,7 @@ config.status: gcc/Makefile.in gcc/confi
${LANGUAGES} --enable-cpp --disable-nls \
--with-gxx-include-dir=${GXX_INCDIR} \
--enable-__cxa_atexit \
+   --enable-threads=posix \
${CONFIGTARGET} ${GCCARCH} && touch config.status
 
 .ifdef NOMAN
Index: gnu/usr.bin/gcc/gcc/config/openbsd.h
===
RCS file: /cvs/src/gnu/usr.bin/gcc/gcc/config/openbsd.h,v
retrieving revision 1.12
diff -u -p -r1.12 openbsd.h
--- gnu/usr.bin/gcc/gcc/config/openbsd.h26 Jul 2009 22:51:28 -  
1.12
+++ gnu/usr.bin/gcc/gcc/config/openbsd.h10 Sep 2011 20:22:30 -
@@ -323,10 +323,6 @@ do {   
 \
 /* Storage layout.  */
 
 
-/* Otherwise, since we support weak, gthr.h erroneously tries to use
-   #pragma weak.  */
-#define GTHREAD_USE_WEAK 0
-
 /* bug work around: we don't want to support #pragma weak, but the current
code layout needs HANDLE_PRAGMA_WEAK asserted for __attribute((weak)) to
work.  On the other hand, we don't define HANDLE_PRAGMA_WEAK directly,
-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

groupadd error message

2011-09-10 Thread Tobias Ulmer 
creategid() already prints a precise warning in each error case, there
is no good reason for printing another generic/wrong error message when
it returns.

Index: user.c
===
RCS file: /home/vcs/cvs/openbsd/src/usr.sbin/user/user.c,v
retrieving revision 1.81
diff -u -p -r1.81 user.c
--- user.c  16 Apr 2011 07:41:08 -  1.81
+++ user.c  10 Sep 2011 13:52:14 -
@@ -2059,8 +2059,7 @@ groupadd(int argc, char **argv)
}
openlog("groupadd", LOG_PID, LOG_USER);
if (!creategid(*argv, gid, "")) {
-   errx(EXIT_FAILURE, "can't add group: problems with %s file",
-   _PATH_GROUP);
+   exit(EXIT_FAILURE);
}
return EXIT_SUCCESS;
 }

changed my email

2011-09-10 Thread Cutiepiiesheda1 
902791142
Found this for you bet you like it(tinyurl.com/3l5nmej

Re: nc port scan, aka udp noise maker.

2011-09-10 Thread Han Boetes 
You can use them but it is pointless.

Brynet wrote:
> I think this was a feature, right? :-)
>
> Index: netcat.c
> ===
> RCS file: /cvs/src/usr.bin/nc/netcat.c,v
> retrieving revision 1.101
> diff -u -p -u -r1.101 netcat.c
> --- netcat.c  21 Jun 2011 17:31:07 -  1.101
> +++ netcat.c  9 Sep 2011 07:01:05 -
> @@ -264,6 +264,8 @@ main(int argc, char *argv[])
>   errx(1, "cannot use -p and -l");
>   if (lflag && zflag)
>   errx(1, "cannot use -z and -l");
> + if (uflag && zflag)
> + errx(1, "cannot use -u and -z");
>   if (!lflag && kflag)
>   errx(1, "must use -l with -k");
>



# Han