Re: RFC 7217: random but stable addresses (take 2)

2017-07-13 Thread Ted Unangst
David Gwynne wrote: > secondly, im always wary of truncating hash output in case it throws away > some of the guarantees it's supposed to provide. if you cut sha512 output > down to an 8th of its size, is it 8 times easier to calculate a collision, or > more than 8 times easier? sha384 being a

Re: pledge ifstated

2017-07-13 Thread Rob Pierce
On Mon, Jul 10, 2017 at 01:21:58PM -0400, Rob Pierce wrote: > The following diff is loosely based on the approach that was taken for > pledging mountd. Other code/approaches leveraged from various networking > daemons. > > This first step moves the ioctl with SIOCGIFDATA call to a privileged >

Re: RFC 7217: random but stable addresses (take 2)

2017-07-13 Thread David Gwynne
> On 14 Jul 2017, at 06:30, Christian Weisgerber wrote: > > On 2017-07-13, Florian Obser wrote: > >> It switches the hash function to SipHash24 from sha512 as suggested by dlg > > It's for from clear to me whether SipHash is suitable for crypto >

time(1): kill some lint-era voids, switch to getprogname(3)

2017-07-13 Thread Scott Cheloha
The (void) casts are going out of style. While here, switch from __progname to getprogname(3) -- Scott Cheloha Index: usr.bin/time/time.c === RCS file: /cvs/src/usr.bin/time/time.c,v retrieving revision 1.22 diff -u -p -r1.22

Re: armv7 _dcache_wbinv_all, or _dcache_wb_all ?

2017-07-13 Thread Artturi Alm
On Fri, Jul 14, 2017 at 03:28:25AM +0300, Artturi Alm wrote: > Hi, > > i'm having hard time choosing, between this diff, and the one that > renames it to for what it does, which would likely incur cleanup > elsewhere. current is just wrong.. but i'm open to be taught on this > matter anyway. > >

time(1): perror(3) -> err(3) and friends

2017-07-13 Thread Scott Cheloha
We currently use a mix of perror(3) and err(3). In one case you can merge perror + exit into err, which is nice. The warns, though, are not equivalent (you get a "time: " prefix), so maybe this is too risky. Putting it out here anyway. -- Scott Cheloha Index: usr.bin/time/time.c

armv7 _dcache_wbinv_all, or _dcache_wb_all ?

2017-07-13 Thread Artturi Alm
Hi, i'm having hard time choosing, between this diff, and the one that renames it to for what it does, which would likely incur cleanup elsewhere. current is just wrong.. but i'm open to be taught on this matter anyway. -Artturi diff --git a/sys/arch/arm/arm/cpufunc.c

time(1): kill some NOTREACHEDs

2017-07-13 Thread Scott Cheloha
style(9) says these can go. -- Scott Cheloha Index: usr.bin/time/time.c === RCS file: /cvs/src/usr.bin/time/time.c,v retrieving revision 1.22 diff -u -p -r1.22 time.c --- usr.bin/time/time.c 13 Jul 2017 06:39:54 - 1.22 +++

time(1): make global flags local

2017-07-13 Thread Scott Cheloha
The flags don't need to be global, and there are more obvious ways to zero a variable. While here, order the stack structures and variables by size. -- Scott Cheloha Index: usr.bin/time/time.c === RCS file:

Re: add simple ifstated regression test script

2017-07-13 Thread Rob Pierce
Sure, no problem. Thank you. Rob From: "Sebastian Benoit" To: "Rob Pierce" Cc: "tech" Sent: Thursday, July 13, 2017 6:12:14 PM Subject: Re: add simple ifstated regression test script BQ_BEGIN Hi, i wanted to commit this, but

Re: add simple ifstated regression test script

2017-07-13 Thread Sebastian Benoit
Hi, i wanted to commit this, but saw that it does not have a licence yet. Can i add /usr/share/misc/license.template with your name and email-Adress? /Benno Rob Pierce(r...@2keys.ca) on 2017.07.06 13:12:26 -0400: > On Sun, Jul 02, 2017 at 06:29:07PM +0200, Sebastian Benoit wrote: > > Rob

Re: Add Diffie-Hellman group negotiation to iked

2017-07-13 Thread viq
On 17-06-25 21:44:24, Tim Stewart wrote: > Hi, > > In this message I've tried to encode everything I've done to allow > strongSwan on Android to connect with iked, including the latest patch. > I have also verified that it breaks neither initial negotiation nor > Child SA rekeying for OpenBSD,

Re: RFC 7217: random but stable addresses (take 2)

2017-07-13 Thread Christian Weisgerber
On 2017-07-13, Florian Obser wrote: > It switches the hash function to SipHash24 from sha512 as suggested by dlg It's for from clear to me whether SipHash is suitable for crypto operations, and which ones, other than the hash tables it was designed for. We went with

Re: RFC 7217: random but stable addresses (take 2)

2017-07-13 Thread Florian Obser
On Thu, Jul 13, 2017 at 05:59:24PM +0200, Alexander Bluhm wrote: > On Thu, Jul 13, 2017 at 03:43:50PM +, Florian Obser wrote: > > It switches the hash function to SipHash24 from sha512 as suggested by dlg > > Is is performance critical? Then siphash would be better. no > > Is is a

dhcpd - pf table handler child not cleaned up

2017-07-13 Thread Adam Wolk
Hi tech@, sthen@ pointed out to me that dhcpd doesn't properly terminate the pf table handler. I reproduced the issue both on 6.1 and -current. Minimal config I used on my server: /etc/dhcpd.conf subnet 45.63.9.186 netmask 255.255.255.224 { range 45.63.9.186 45.63.9.186; } enabled dhcpd

fsck_ext2fs: Remove always false comparison

2017-07-13 Thread Matthew Martin
src/sbin/fsck_ext2fs/dir.c: In function 'dircheck': src/sbin/fsck_ext2fs/dir.c:241: warning: comparison is always false due to limited range of data type And indeed in /usr/include/ufs/ext2fs/ext2fs_dir.h e2d_namelen is a u_int8_t and a few lines above #define EXT2FS_MAXNAMLEN255 diff

Re: [patch] Remove binc from vi(1)

2017-07-13 Thread Martijn van Duren
No one? On 07/02/17 19:58, Martijn van Duren wrote: > Any takers? > > On 06/22/17 21:32, Martijn van Duren wrote: >> Hello tech@, >> >> Attached a patch to remove the binc function from vi and replace it with >> recallocarray. The functions effectively do the same thing since >> BINC_{GOTO,RET}

pledge ifstated

2017-07-13 Thread Rob Pierce
The following diff is loosely based on the approach that was taken for pledging mountd. Other code/approaches leveraged from various networking daemons. This first step moves the ioctl with SIOCGIFDATA call to a privileged child so we can at least pledge "stdio rpath dns inet proc exec" without

Re: sosend netlock assertion crash

2017-07-13 Thread Martin Pieuchot
On 13/07/17(Thu) 18:10, Alexander Bluhm wrote: > On Thu, Jul 13, 2017 at 10:01:09AM -0600, Todd C. Miller wrote: > > On Thu, 13 Jul 2017 17:41:19 +0200, Alexander Bluhm wrote: > > > > > My laptop just crashed while running some php ports regress tests. > > > The kernel complained that it did not

Re: remove net.inet6.ip6.maxifdefrouters and net.inet6.ip6.maxifprefixes sysctls

2017-07-13 Thread Stuart Henderson
On 2017/07/13 15:23, Florian Obser wrote: > pointed out by jmc, these sysctls are useless now, too, the kernel no > longer tracks prefixes or default routers from router advertisements. > OK? ports/shells/nsh will need patching, not sure about others yet, X crashed when I tried to search unpacked

Re: sosend netlock assertion crash

2017-07-13 Thread Alexander Bluhm
On Thu, Jul 13, 2017 at 10:01:09AM -0600, Todd C. Miller wrote: > On Thu, 13 Jul 2017 17:41:19 +0200, Alexander Bluhm wrote: > > > My laptop just crashed while running some php ports regress tests. > > The kernel complained that it did not hold the netlock in sounlock() > > after the out label in

Re: sosend netlock assertion crash

2017-07-13 Thread Todd C. Miller
On Thu, 13 Jul 2017 17:41:19 +0200, Alexander Bluhm wrote: > My laptop just crashed while running some php ports regress tests. > The kernel complained that it did not hold the netlock in sounlock() > after the out label in sosend(). The assert is correct, let's fix > the obvious offender.

Re: RFC 7217: random but stable addresses (take 2)

2017-07-13 Thread Alexander Bluhm
On Thu, Jul 13, 2017 at 03:43:50PM +, Florian Obser wrote: > It switches the hash function to SipHash24 from sha512 as suggested by dlg Is is performance critical? Then siphash would be better. Is is a security concern? Is is a problem that someone could try to calculate our secret when he

OpenNTPD 6.1p1, 6.2p1 released

2017-07-13 Thread Brent Cook
We have made two new portable OpenNTPD releases today. These should be arriving soon in the OpenNTPD directory of an OpenBSD mirror near you. OpenNTPD 6.1p1 represents the version shipped with OpenBSD 6.1. It provides a number of new features and reliability improvements. OpenNTPD 6.2p1 is the

OpenNTPD 6.1p1, 6.2p1 released

2017-07-13 Thread Brent Cook
announce at openbsd.org Thu, 13 Jul 2017 10:41:48 -0500

RFC 7217: random but stable addresses (take 2)

2017-07-13 Thread Florian Obser
this has all the bells and whistles notably the installer and documentation for the net.inet6.ip6.soiikey sysctl are missing. the sysctl implementation is from dlg, all the mistakes are probably tweaks by me ;) It switches the hash function to SipHash24 from sha512 as suggested by dlg Comments,

sosend netlock assertion crash

2017-07-13 Thread Alexander Bluhm
Hi, My laptop just crashed while running some php ports regress tests. The kernel complained that it did not hold the netlock in sounlock() after the out label in sosend(). The assert is correct, let's fix the obvious offender. ok? bluhm Index: kern/uipc_socket.c

Re: CVS: cvs.openbsd.org: src

2017-07-13 Thread Martijn van Duren
On 07/03/17 08:30, Martijn van Duren wrote: > On 07/01/17 18:14, Mark Kettenis wrote: >> CVSROOT: /cvs >> Module name: src >> Changes by: kette...@cvs.openbsd.org2017/07/01 10:14:10 >> >> Modified files: >> sys/dev/pci/drm: drm_irq.c drm_linux.c drm_linux.h >>

Re: arm/sysreg.h use in C

2017-07-13 Thread aa e30
13.7.2017 17.50 "Mark Kettenis" kirjoitti: > Date: Thu, 13 Jul 2017 15:49:03 +0300 > From: Artturi Alm > > On Sat, Jul 01, 2017 at 10:53:14AM +0300, Artturi Alm wrote: > > Hi, > > > > just in case i didn't make it clear what it is for, here's diff

remove net.inet6.ip6.maxifdefrouters and net.inet6.ip6.maxifprefixes sysctls

2017-07-13 Thread Florian Obser
pointed out by jmc, these sysctls are useless now, too, the kernel no longer tracks prefixes or default routers from router advertisements. OK? diff --git lib/libc/gen/sysctl.3 lib/libc/gen/sysctl.3 index 0ac92a5c079..e6d3d092b2f 100644 --- lib/libc/gen/sysctl.3 +++ lib/libc/gen/sysctl.3 @@

Re: signal info code SEGV_ACCERR

2017-07-13 Thread Mark Kettenis
> Date: Thu, 13 Jul 2017 14:54:41 +0200 > From: Alexander Bluhm > > Hi, > > The regress test src/regress/sys/kern/siginfo-fault checks wether > the si_code is set to SEGV_ACCERR after memory access with wrong > permissions has triggert a SIGSEGV. > > Relevant commit

Re: arm/sysreg.h use in C

2017-07-13 Thread Mark Kettenis
> Date: Thu, 13 Jul 2017 15:49:03 +0300 > From: Artturi Alm > > On Sat, Jul 01, 2017 at 10:53:14AM +0300, Artturi Alm wrote: > > Hi, > > > > just in case i didn't make it clear what it is for, here's diff "fixing" > > current uses below, compile-tested. > > > > -Artturi

signal info code SEGV_ACCERR

2017-07-13 Thread Alexander Bluhm
Hi, The regress test src/regress/sys/kern/siginfo-fault checks wether the si_code is set to SEGV_ACCERR after memory access with wrong permissions has triggert a SIGSEGV. Relevant commit message of the test is: According to POSIX, SIGSEGV should specify SEGV_ACCERR if the memory pages

Re: arm/sysreg.h use in C

2017-07-13 Thread Artturi Alm
On Sat, Jul 01, 2017 at 10:53:14AM +0300, Artturi Alm wrote: > Hi, > > just in case i didn't make it clear what it is for, here's diff "fixing" > current uses below, compile-tested. > > -Artturi > Hi, ping? Noone up for bikeshedding, or seen useless/worse than handcrafting? I think this would

Re: armv7 small XXX fix

2017-07-13 Thread Artturi Alm
On Wed, Jul 12, 2017 at 04:21:11PM -0400, Dale Rahn wrote: > On Wed, Jul 12, 2017 at 11:06:23PM +0300, Artturi Alm wrote: > > On Wed, Jul 12, 2017 at 06:12:34PM +0200, Mark Kettenis wrote: > > > > Date: Mon, 10 Jul 2017 23:18:59 +0300 > > > > From: Artturi Alm > > > > > >

Re: time(1): use monotonic clock for computing elapsed time

2017-07-13 Thread Mike Belopuhov
On Thu, Jul 13, 2017 at 13:44 +1000, David Gwynne wrote: > > > On 13 Jul 2017, at 11:16 am, Scott Cheloha wrote: > > > > Hi, > > > > The "real" elapsed time for time(1) and the ksh/csh time builtins is > > currently computed with gettimeofday(2), so it's subject to

Re: urndis issues

2017-07-13 Thread Mike Belopuhov
On Wed, Jul 12, 2017 at 21:04 +, Jonathan Armani wrote: > Hi, > > Thanks I was cooking the same diff. > > Ok armani@ > Hi, thanks! I want to get rid of printfs though and return errors (or unhandled status codes) so that we don't paper over them. In theory, all error codes that I've seen