shorten pppoe output in tcpdump
if you're tcpdumping on a pppoe(4)s parent, you'll see stuff like this:
23:43:26.780560 PPPoE-Discovery
code Initiation, version 1, type 1, id 0x, length 12
tag Service-Name, length 0
tag Host-Uniq, length 4 d\023\205\030
...
23:43:29.205560 PPPoE-Session
code Session, version 1, type 1, id 0x0011, length 12
LCP: Configure-Request, Magic-Number=100455513, Vendor-Ext
the diff below changes it to:
23:43:26.780560 PPPoE-Discovery Initiation sid=0x
tag Service-Name
tag Host-Uniq=d\023\205\030
...
23:43:29.205560 LCP Configure-Request Id=0x01: Magic-Number=100455513
you can see more detail with -e:
23:43:26.780560 cc:05:0e:88:00:00 Broadcast 8863 60: PPPoE-Discovery Initiation
sid=0x
tag Service-Name
tag Host-Uniq=d\023\205\030
...
23:43:29.205560 cc:05:0e:88:00:00 ca:01:0e:88:00:06 8864 60: PPPoE sid=0x0011:
LCP Configure-Request Id=0x01: Magic-Number=100455513
or the useless stuff with -v:
23:43:26.780560 cc:05:0e:88:00:00 Broadcast 8863 60: PPPoE-Discovery Initiation
ver=1 type=1 sid=0x len=12
tag Service-Name
tag Host-Uniq=d\023\205\030
...
23:43:29.205560 cc:05:0e:88:00:00 ca:01:0e:88:00:06 8864 60: PPPoE ver=1 type=1
code=Session sid=0x0011 len=12: LCP Configure-Request Id=0x01:
Magic-Number=100455513
the printer for pppoe interfaces now uses the printer for pppoe
session packets. by default you'll see nothing, but can make it
appear with -e.
ok?
Index: interface.h
===
RCS file: /cvs/src/usr.sbin/tcpdump/interface.h,v
retrieving revision 1.71
diff -u -p -r1.71 interface.h
--- interface.h 6 Feb 2018 03:07:51 - 1.71
+++ interface.h 6 Feb 2018 07:10:25 -
@@ -182,7 +182,8 @@ struct pcap_pkthdr;
extern int ether_encap_print(u_short, const u_char *, u_int, u_int);
extern int llc_print(const u_char *, u_int, u_int, const u_char *,
const u_char *);
-extern int pppoe_if_print(u_short, const u_char *, u_int, u_int);
+extern void pppoe_disc_print(const u_char *, u_int, u_int);
+extern void pppoe_print(const u_char *, u_int, u_int);
extern void aarp_print(const u_char *, u_int);
extern void arp_print(const u_char *, u_int, u_int);
extern void atalk_print(const u_char *, u_int);
Index: print-ppp.c
===
RCS file: /cvs/src/usr.sbin/tcpdump/print-ppp.c,v
retrieving revision 1.32
diff -u -p -r1.32 print-ppp.c
--- print-ppp.c 6 Feb 2018 03:41:58 - 1.32
+++ print-ppp.c 6 Feb 2018 07:10:25 -
@@ -1171,7 +1171,6 @@ ppp_if_print(u_char *user, const struct
void
ppp_ether_if_print(u_char *user, const struct pcap_pkthdr *h, const u_char *p)
{
- u_int16_t pppoe_sid, pppoe_len;
u_int l = h->caplen;
u_int length = h->len;
@@ -1180,192 +1179,213 @@ ppp_ether_if_print(u_char *user, const s
ts_print(&h->ts);
- if (eflag)
- printf("PPPoE ");
-
- if (l < sizeof(struct pppoe_header)) {
- printf("[|pppoe]");
- return;
- }
+ pppoe_print(p, length, l);
- pppoe_sid = EXTRACT_16BITS(p + 2);
- pppoe_len = EXTRACT_16BITS(p + 4);
-
- if (eflag) {
- printf("\n\tcode ");
- switch (p[1]) {
- case PPPOE_CODE_PADI:
- printf("Initiation");
- break;
- case PPPOE_CODE_PADO:
- printf("Offer");
- break;
- case PPPOE_CODE_PADR:
- printf("Request");
- break;
- case PPPOE_CODE_PADS:
- printf("Confirm");
- break;
- case PPPOE_CODE_PADT:
- printf("Terminate");
- break;
- case PPPOE_CODE_SESSION:
- printf("Session");
- break;
- default:
- printf("Unknown(0x%02x)", p[1]);
- break;
- }
- printf(", version %d, type %d, id 0x%04x, length %d\n\t",
- (p[0] & 0xf), (p[0] & 0xf0) >> 4, pppoe_sid, pppoe_len);
- }
+ if (xflag)
+ default_print(p, l);
- if (length < pppoe_len) {
-(void)printf(" truncated-pppoe - %d bytes missing!",
-pppoe_len - length);
-pppoe_len = length;
-}
+ putchar('\n');
+}
- ppp_print(p + sizeof(struct pppoe_header), pppoe_len);
+static int
+pppoe_header_read(struct pppoe_header *ph, const u_char *p, u_int l)
+{
+ if (l < sizeof(*ph))
+ return (-1);
- if (xflag)
- default_print(p, h->caplen);
+ ph->vertype = *(p + 0);
+ ph->code = *(p + 1);
+ ph->sessionid = EXTRACT_16BITS(p + 2);
+ ph->len = EXTRACT_16BI
Re: ftp: don't close fin or s twice
On Tue, Feb 06, 2018 at 03:02:14PM +1300, richard.n.proc...@gmail.com wrote:
>
>
> On Tue, 6 Feb 2018, Theo Buehler wrote:
>
> > In cleanup_url_get, fin and s will be closed a second time, so mark them
> > as invalid after closing them the first time.
> >
> > Another option might be to remove the fclose/close calls, but since this
> > happens right before the recursive call, I'm not sure whether this might
> > run the risk of hitting limits.
>
> I got curious about the 'else if': fin = fdopen(s) is possible,
> and closing both 'fin' and 's' will clobber errno.
>
> How about the following further tweak to eliminate it?
>
> I've also attached a follow-up patch that renames 's' -> 'fd'; searching
> for 's' is infeasible without the compiler's help.
>
I'm ok with both diffs.
> Index: ftp/fetch.c
> ===
> --- ftp.orig/fetch.c
> +++ ftp/fetch.c
> @@ -636,9 +636,11 @@ noslash:
> }
> } else {
> fin = fdopen(s, "r+");
> + s = -1;
> }
> #else /* !NOSSL */
> fin = fdopen(s, "r+");
> + s = -1;
> #endif /* !NOSSL */
>
> #ifdef SMALL
> @@ -912,10 +914,14 @@ noslash:
> *loctail = '\0';
> if (verbose)
> fprintf(ttyout, "Redirected to %s\n", redirurl);
> - if (fin != NULL)
> + if (fin != NULL) {
> fclose(fin);
> - else if (s != -1)
> + fin = NULL;
> + }
> + if (s != -1) {
> close(s);
> + s = -1;
> + }
> rval = url_get(redirurl, proxyenv, savefile, lastfile);
> free(redirurl);
> goto cleanup_url_get;
> @@ -1039,10 +1045,14 @@ cleanup_url_get:
> free(full_host);
> free(sslhost);
> #endif /* !NOSSL */
> - if (fin != NULL)
> + if (fin != NULL) {
> fclose(fin);
> - else if (s != -1)
> + fin = NULL;
> + }
> + if (s != -1) {
> close(s);
> + s = -1;
> + }
> if (out >= 0 && out != fileno(stdout))
> close(out);
> free(buf);
>
>
> Index: ftp/fetch.c
> ===
> --- ftp.orig/fetch.c
> +++ ftp/fetch.c
> @@ -189,7 +189,7 @@ url_get(const char *origline, const char
> const char * volatile savefile;
> char * volatile proxyurl = NULL;
> char *credentials = NULL;
> - volatile int s = -1, out = -1;
> + volatile int fd = -1, out = -1;
> volatile sig_t oldintr, oldinti;
> FILE *fin = NULL;
> off_t hashbytes;
> @@ -364,13 +364,13 @@ noslash:
> if (isfileurl) {
> struct stat st;
>
> - s = open(path, O_RDONLY);
> - if (s == -1) {
> + fd = open(path, O_RDONLY);
> + if (fd == -1) {
> warn("Can't open file %s", path);
> goto cleanup_url_get;
> }
>
> - if (fstat(s, &st) == -1)
> + if (fstat(fd, &st) == -1)
> filesize = -1;
> else
> filesize = st.st_size;
> @@ -399,7 +399,7 @@ noslash:
> warn("Can't fstat %s", savefile);
> goto cleanup_url_get;
> }
> - if (lseek(s, st.st_size, SEEK_SET) == -1) {
> + if (lseek(fd, st.st_size, SEEK_SET) == -1) {
> warn("Can't lseek %s", path);
> goto cleanup_url_get;
> }
> @@ -429,7 +429,7 @@ noslash:
> /* Finally, suck down the file. */
> i = 0;
> oldinti = signal(SIGINFO, psummary);
> - while ((len = read(s, buf, buflen)) > 0) {
> + while ((len = read(fd, buf, buflen)) > 0) {
> bytes += len;
> for (cp = buf; len > 0; len -= i, cp += i) {
> if ((i = write(out, cp, len)) == -1) {
> @@ -535,7 +535,7 @@ noslash:
> if (verbose)
> setvbuf(ttyout, NULL, _IOLBF, 0);
>
> - s = -1;
> + fd = -1;
> for (res = res0; res; res = res->ai_next) {
> if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
> sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
> @@ -543,8 +543,8 @@ noslash:
> if (verbose)
> fprintf(ttyout, "Trying %s...\n", hbuf);
>
> - s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
> - if (s == -1) {
> + fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
> + if (fd == -1)
Re: ftp: don't close fin or s twice
On Tue, 6 Feb 2018, Theo Buehler wrote:
> In cleanup_url_get, fin and s will be closed a second time, so mark them
> as invalid after closing them the first time.
>
> Another option might be to remove the fclose/close calls, but since this
> happens right before the recursive call, I'm not sure whether this might
> run the risk of hitting limits.
I got curious about the 'else if': fin = fdopen(s) is possible,
and closing both 'fin' and 's' will clobber errno.
How about the following further tweak to eliminate it?
I've also attached a follow-up patch that renames 's' -> 'fd'; searching
for 's' is infeasible without the compiler's help.
Index: ftp/fetch.c
===
--- ftp.orig/fetch.c
+++ ftp/fetch.c
@@ -636,9 +636,11 @@ noslash:
}
} else {
fin = fdopen(s, "r+");
+ s = -1;
}
#else /* !NOSSL */
fin = fdopen(s, "r+");
+ s = -1;
#endif /* !NOSSL */
#ifdef SMALL
@@ -912,10 +914,14 @@ noslash:
*loctail = '\0';
if (verbose)
fprintf(ttyout, "Redirected to %s\n", redirurl);
- if (fin != NULL)
+ if (fin != NULL) {
fclose(fin);
- else if (s != -1)
+ fin = NULL;
+ }
+ if (s != -1) {
close(s);
+ s = -1;
+ }
rval = url_get(redirurl, proxyenv, savefile, lastfile);
free(redirurl);
goto cleanup_url_get;
@@ -1039,10 +1045,14 @@ cleanup_url_get:
free(full_host);
free(sslhost);
#endif /* !NOSSL */
- if (fin != NULL)
+ if (fin != NULL) {
fclose(fin);
- else if (s != -1)
+ fin = NULL;
+ }
+ if (s != -1) {
close(s);
+ s = -1;
+ }
if (out >= 0 && out != fileno(stdout))
close(out);
free(buf);
Index: ftp/fetch.c
===
--- ftp.orig/fetch.c
+++ ftp/fetch.c
@@ -189,7 +189,7 @@ url_get(const char *origline, const char
const char * volatile savefile;
char * volatile proxyurl = NULL;
char *credentials = NULL;
- volatile int s = -1, out = -1;
+ volatile int fd = -1, out = -1;
volatile sig_t oldintr, oldinti;
FILE *fin = NULL;
off_t hashbytes;
@@ -364,13 +364,13 @@ noslash:
if (isfileurl) {
struct stat st;
- s = open(path, O_RDONLY);
- if (s == -1) {
+ fd = open(path, O_RDONLY);
+ if (fd == -1) {
warn("Can't open file %s", path);
goto cleanup_url_get;
}
- if (fstat(s, &st) == -1)
+ if (fstat(fd, &st) == -1)
filesize = -1;
else
filesize = st.st_size;
@@ -399,7 +399,7 @@ noslash:
warn("Can't fstat %s", savefile);
goto cleanup_url_get;
}
- if (lseek(s, st.st_size, SEEK_SET) == -1) {
+ if (lseek(fd, st.st_size, SEEK_SET) == -1) {
warn("Can't lseek %s", path);
goto cleanup_url_get;
}
@@ -429,7 +429,7 @@ noslash:
/* Finally, suck down the file. */
i = 0;
oldinti = signal(SIGINFO, psummary);
- while ((len = read(s, buf, buflen)) > 0) {
+ while ((len = read(fd, buf, buflen)) > 0) {
bytes += len;
for (cp = buf; len > 0; len -= i, cp += i) {
if ((i = write(out, cp, len)) == -1) {
@@ -535,7 +535,7 @@ noslash:
if (verbose)
setvbuf(ttyout, NULL, _IOLBF, 0);
- s = -1;
+ fd = -1;
for (res = res0; res; res = res->ai_next) {
if (getnameinfo(res->ai_addr, res->ai_addrlen, hbuf,
sizeof(hbuf), NULL, 0, NI_NUMERICHOST) != 0)
@@ -543,8 +543,8 @@ noslash:
if (verbose)
fprintf(ttyout, "Trying %s...\n", hbuf);
- s = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
- if (s == -1) {
+ fd = socket(res->ai_family, res->ai_socktype, res->ai_protocol);
+ if (fd == -1) {
cause = "socket";
continue;
}
@@ -552,17 +552,17 @@ noslash:
#ifndef SMALL
if (srcaddr) {
ftp: don't close fin or s twice
In cleanup_url_get, fin and s will be closed a second time, so mark them
as invalid after closing them the first time.
Another option might be to remove the fclose/close calls, but since this
happens right before the recursive call, I'm not sure whether this might
run the risk of hitting limits.
Index: fetch.c
===
RCS file: /var/cvs/src/usr.bin/ftp/fetch.c,v
retrieving revision 1.164
diff -u -p -r1.164 fetch.c
--- fetch.c 25 Sep 2017 11:04:54 - 1.164
+++ fetch.c 6 Feb 2018 00:37:17 -
@@ -912,10 +912,13 @@ noslash:
*loctail = '\0';
if (verbose)
fprintf(ttyout, "Redirected to %s\n", redirurl);
- if (fin != NULL)
+ if (fin != NULL) {
fclose(fin);
- else if (s != -1)
+ fin = NULL;
+ } else if (s != -1) {
close(s);
+ s = -1;
+ }
rval = url_get(redirurl, proxyenv, savefile, lastfile);
free(redirurl);
goto cleanup_url_get;
Re: ipsec ah_massage_headers cleanup
On Mon, 5 Feb 2018, Alexander Bluhm wrote:
> Hi,
>
> While reading ah_massage_headers() for the erratas, I found some
> issues which are ugly, but not security relevant.
>
> - Declare global array ipseczeroes with zeroes constant.
> - The proto parameter contains the address family, so call it af.
> - Remove an unused if block, just keep the else.
> - If m_copyback(M_NOWAIT) fails, return with error instead of working
> with an inconsistent mbuf.
> - ip6_nxt is u_int8_t, no need to clear the high bits.
> - The offset and next protocol are advanced for all extension
> headers, move it after the switch.
> - ah_massage_headers() returns an errno, call the variable error.
>
> ok?
one comment inline
ok procter@
>
> bluhm
>
> Index: netinet/ip_ah.c
> ===
> RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_ah.c,v
> retrieving revision 1.134
> diff -u -p -r1.134 ip_ah.c
> --- netinet/ip_ah.c 1 Feb 2018 21:06:31 - 1.134
> +++ netinet/ip_ah.c 5 Feb 2018 16:05:04 -
> @@ -80,7 +80,7 @@ voidah_output_cb(struct cryptop *);
> void ah_input_cb(struct cryptop *);
> int ah_massage_headers(struct mbuf **, int, int, int, int);
>
> -unsigned char ipseczeroes[IPSEC_ZEROES_SIZE]; /* zeroes! */
> +const unsigned char ipseczeroes[IPSEC_ZEROES_SIZE]; /* zeroes! */
>
>
> /*
> @@ -190,21 +190,19 @@ ah_zeroize(struct tdb *tdbp)
> * Massage IPv4/IPv6 headers for AH processing.
> */
> int
> -ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
> +ah_massage_headers(struct mbuf **m0, int af, int skip, int alg, int out)
> {
> struct mbuf *m = *m0;
> unsigned char *ptr;
> - int off, count;
> -
> + int error, off, count;
> struct ip *ip;
> -
> #ifdef INET6
> struct ip6_ext *ip6e;
> struct ip6_hdr ip6;
> int ad, alloc, nxt, noff;
> #endif /* INET6 */
>
> - switch (proto) {
> + switch (af) {
> case AF_INET:
> /*
>* This is the least painful way of dealing with IPv4 header
> @@ -229,10 +227,8 @@ ah_massage_headers(struct mbuf **m0, int
>
> /* IPv4 option processing */
> for (off = sizeof(struct ip); off < skip;) {
> - if (ptr[off] == IPOPT_EOL || ptr[off] == IPOPT_NOP ||
> - off + 1 < skip)
> - ;
> - else {
> + if (ptr[off] != IPOPT_EOL && ptr[off] != IPOPT_NOP &&
> + off + 1 >= skip) {
> DPRINTF(("%s: illegal IPv4 option length for"
> " option %d\n", __func__, ptr[off]));
>
> @@ -355,7 +351,14 @@ ah_massage_headers(struct mbuf **m0, int
> ip6.ip6_dst.s6_addr16[1] = 0;
>
> /* Done with IPv6 header. */
> - m_copyback(m, 0, sizeof(struct ip6_hdr), &ip6, M_NOWAIT);
> + error = m_copyback(m, 0, sizeof(struct ip6_hdr), &ip6,
> + M_NOWAIT);
> + if (error) {
> + DPRINTF(("%s: m_copyback no memory", __func__));
> + ahstat_inc(ahs_hdrops);
> + m_freem(m);
> + return error;
> + }
>
> /* Let's deal with the remaining headers (if any). */
> if (skip - sizeof(struct ip6_hdr) > 0) {
> @@ -386,7 +389,7 @@ ah_massage_headers(struct mbuf **m0, int
> } else
> break;
>
> - nxt = ip6.ip6_nxt & 0xff; /* Next header type. */
> + nxt = ip6.ip6_nxt; /* Next header type. */
>
> for (off = 0; off < skip - sizeof(struct ip6_hdr);) {
> if (off + sizeof(struct ip6_ext) >
> @@ -428,10 +431,6 @@ ah_massage_headers(struct mbuf **m0, int
>
> if (count != noff)
> goto error6;
> -
> - /* Advance. */
> - off += ((ip6e->ip6e_len + 1) << 3);
> - nxt = ip6e->ip6e_nxt;
> break;
>
> case IPPROTO_ROUTING:
> @@ -471,15 +470,17 @@ ah_massage_headers(struct mbuf **m0, int
> (caddr_t)&ip6);
> addr[0] = ip6.ip6_dst;
> ip6.ip6_dst = finaldst;
> - m_copyback(m, 0, sizeof(ip6), &ip6,
> - M_NOWAIT);
> -
> + error = m_copyback(m, 0, sizeof(ip6),
> + &ip6, M_NOWAIT);
> + if (error) {
> + if (alloc)
> + free(ptr, M_XDATA, 0);
>
Re: ber.{c,h}: remove direct fd read/writes
On Mon, Feb 05, 2018 at 06:52:39PM +0100, Jeremie Courreges-Anglas wrote:
>
> Hi,
>
> while reviewing an snmpd diff, I noticed that the fd in struct ber was
> always set to -1; and indeed snmpd, ldapd and ypldap only pass buffers
> to the ber API. So this diff removes support for direct read/writes
> from file descriptors and kills the related XXX.
>
> ok?
Sure, kill it with fire. Happy to see this go.
>
> Index: usr.sbin/ldapd/ber.c
> ===
> RCS file: /cvs/src/usr.sbin/ldapd/ber.c,v
> retrieving revision 1.12
> diff -u -p -r1.12 ber.c
> --- usr.sbin/ldapd/ber.c 11 Feb 2017 20:40:03 - 1.12
> +++ usr.sbin/ldapd/ber.c 5 Feb 2018 17:51:37 -
> @@ -783,10 +783,6 @@ ber_write_elements(struct ber *ber, stru
> if (ber_dump_element(ber, root) == -1)
> return -1;
>
> - /* XXX this should be moved to a different function */
> - if (ber->fd != -1)
> - return write(ber->fd, ber->br_wbuf, len);
> -
> return (len);
> }
>
> @@ -1095,9 +1091,9 @@ ber_read_element(struct ber *ber, struct
> DPRINTF("ber read element size %zd\n", len);
> totlen += r + len;
>
> - /* If using an external buffer and the total size of the element
> - * is larger then the external buffer don't bother to continue. */
> - if (ber->fd == -1 && len > ber->br_rend - ber->br_rptr) {
> + /* If the total size of the element is larger than the buffer
> + * don't bother to continue. */
> + if (len > ber->br_rend - ber->br_rptr) {
> errno = ECANCELED;
> return -1;
> }
> @@ -1243,17 +1239,7 @@ ber_free(struct ber *b)
> static ssize_t
> ber_getc(struct ber *b, u_char *c)
> {
> - ssize_t r;
> - /*
> - * XXX calling read here is wrong in many ways. The most obvious one
> - * being that we will block till data arrives.
> - * But for now it is _good enough_ *gulp*
> - */
> - if (b->fd == -1)
> - r = ber_readbuf(b, c, 1);
> - else
> - r = read(b->fd, c, 1);
> - return r;
> + return ber_readbuf(b, c, 1);
> }
>
> static ssize_t
> @@ -1262,22 +1248,10 @@ ber_read(struct ber *ber, void *buf, siz
> u_char *b = buf;
> ssize_t r, remain = len;
>
> - /*
> - * XXX calling read here is wrong in many ways. The most obvious one
> - * being that we will block till data arrives.
> - * But for now it is _good enough_ *gulp*
> - */
> -
> while (remain > 0) {
> - if (ber->fd == -1)
> - r = ber_readbuf(ber, b, remain);
> - else
> - r = read(ber->fd, b, remain);
> - if (r == -1) {
> - if (errno == EINTR || errno == EAGAIN)
> - continue;
> + r = ber_readbuf(ber, b, remain);
> + if (r == -1)
> return -1;
> - }
> if (r == 0)
> return (b - (u_char *)buf);
> b += r;
> Index: usr.sbin/ldapd/ber.h
> ===
> RCS file: /cvs/src/usr.sbin/ldapd/ber.h,v
> retrieving revision 1.2
> diff -u -p -r1.2 ber.h
> --- usr.sbin/ldapd/ber.h 11 Feb 2017 20:40:03 - 1.2
> +++ usr.sbin/ldapd/ber.h 5 Feb 2018 17:51:37 -
> @@ -35,7 +35,6 @@ struct ber_element {
> };
>
> struct ber {
> - int fd;
> u_char *br_wbuf;
> u_char *br_wptr;
> u_char *br_wend;
> Index: usr.sbin/ldapd/conn.c
> ===
> RCS file: /cvs/src/usr.sbin/ldapd/conn.c,v
> retrieving revision 1.14
> diff -u -p -r1.14 conn.c
> --- usr.sbin/ldapd/conn.c 20 Jan 2017 11:55:08 - 1.14
> +++ usr.sbin/ldapd/conn.c 5 Feb 2018 17:51:37 -
> @@ -296,7 +296,6 @@ conn_accept(int fd, short event, void *d
> log_warn("malloc");
> goto giveup;
> }
> - conn->ber.fd = -1;
> ber_set_application(&conn->ber, ldap_application);
> conn->fd = afd;
> conn->listener = l;
> Index: usr.sbin/ldapd/util.c
> ===
> RCS file: /cvs/src/usr.sbin/ldapd/util.c,v
> retrieving revision 1.8
> diff -u -p -r1.8 util.c
> --- usr.sbin/ldapd/util.c 20 Jan 2017 11:55:08 - 1.8
> +++ usr.sbin/ldapd/util.c 5 Feb 2018 17:51:37 -
> @@ -113,7 +113,6 @@ ber2db(struct ber_element *root, struct
> memset(val, 0, sizeof(*val));
>
> memset(&ber, 0, sizeof(ber));
> - ber.fd = -1;
> ber_write_elements(&ber, root);
>
> if ((len = ber_get_writebuf(&ber, &buf)) == -1)
> @@ -168,7 +167,6 @@ db2ber(struct btval *val, int compressio
> assert(val != NULL);
>
> memset(&ber, 0, sizeof(ber));
> - ber.fd = -1;
>
> if (compression_level > 0) {
> if (val->s
Re: [PATCH] Fix Order of Intel Graphics on amd64.html
> Date: Mon, 5 Feb 2018 08:34:26 -0800 > From: Bryan Vyhmeister > > Ping. Any thoughts? ok kettenis@ > On Sun, Jan 28, 2018 at 05:26:12PM -0800, Bryan Vyhmeister wrote: > > I noticed that the order of listed Intel integrated graphics support is > > not consistent from newest to oldest as it is for Radeon devices on the > > same page. The patch puts Kaby Lake above Skylake as it is 7th and then > > 6th generation respectively. > > > > Bryan > > > > > > Index: amd64.html > > === > > RCS file: /cvs/www/amd64.html,v > > retrieving revision 1.274 > > diff -u -p -r1.274 amd64.html > > --- amd64.html 19 Nov 2017 18:36:41 - 1.274 > > +++ amd64.html 29 Jan 2018 01:22:34 - > > @@ -73,8 +73,8 @@ expected to work: > > > > Intel devices can be confusing as well. Some devices expected to work: > > > > -Intel Skylake (found on i-6xxx CPU) > > Intel Kaby Lake (found on i-7xxx CPU) > > +Intel Skylake (found on i-6xxx CPU) > > Intel Broadwell (found on i-5xxx CPU) > > Earlier Intel models and revisions are expected to work as well. > > The PowerVR graphics found on some Atom CPUs are not supported. > > > >
ber.{c,h}: remove direct fd read/writes
Hi,
while reviewing an snmpd diff, I noticed that the fd in struct ber was
always set to -1; and indeed snmpd, ldapd and ypldap only pass buffers
to the ber API. So this diff removes support for direct read/writes
from file descriptors and kills the related XXX.
ok?
Index: usr.sbin/ldapd/ber.c
===
RCS file: /cvs/src/usr.sbin/ldapd/ber.c,v
retrieving revision 1.12
diff -u -p -r1.12 ber.c
--- usr.sbin/ldapd/ber.c11 Feb 2017 20:40:03 - 1.12
+++ usr.sbin/ldapd/ber.c5 Feb 2018 17:51:37 -
@@ -783,10 +783,6 @@ ber_write_elements(struct ber *ber, stru
if (ber_dump_element(ber, root) == -1)
return -1;
- /* XXX this should be moved to a different function */
- if (ber->fd != -1)
- return write(ber->fd, ber->br_wbuf, len);
-
return (len);
}
@@ -1095,9 +1091,9 @@ ber_read_element(struct ber *ber, struct
DPRINTF("ber read element size %zd\n", len);
totlen += r + len;
- /* If using an external buffer and the total size of the element
-* is larger then the external buffer don't bother to continue. */
- if (ber->fd == -1 && len > ber->br_rend - ber->br_rptr) {
+ /* If the total size of the element is larger than the buffer
+* don't bother to continue. */
+ if (len > ber->br_rend - ber->br_rptr) {
errno = ECANCELED;
return -1;
}
@@ -1243,17 +1239,7 @@ ber_free(struct ber *b)
static ssize_t
ber_getc(struct ber *b, u_char *c)
{
- ssize_t r;
- /*
-* XXX calling read here is wrong in many ways. The most obvious one
-* being that we will block till data arrives.
-* But for now it is _good enough_ *gulp*
-*/
- if (b->fd == -1)
- r = ber_readbuf(b, c, 1);
- else
- r = read(b->fd, c, 1);
- return r;
+ return ber_readbuf(b, c, 1);
}
static ssize_t
@@ -1262,22 +1248,10 @@ ber_read(struct ber *ber, void *buf, siz
u_char *b = buf;
ssize_t r, remain = len;
- /*
-* XXX calling read here is wrong in many ways. The most obvious one
-* being that we will block till data arrives.
-* But for now it is _good enough_ *gulp*
-*/
-
while (remain > 0) {
- if (ber->fd == -1)
- r = ber_readbuf(ber, b, remain);
- else
- r = read(ber->fd, b, remain);
- if (r == -1) {
- if (errno == EINTR || errno == EAGAIN)
- continue;
+ r = ber_readbuf(ber, b, remain);
+ if (r == -1)
return -1;
- }
if (r == 0)
return (b - (u_char *)buf);
b += r;
Index: usr.sbin/ldapd/ber.h
===
RCS file: /cvs/src/usr.sbin/ldapd/ber.h,v
retrieving revision 1.2
diff -u -p -r1.2 ber.h
--- usr.sbin/ldapd/ber.h11 Feb 2017 20:40:03 - 1.2
+++ usr.sbin/ldapd/ber.h5 Feb 2018 17:51:37 -
@@ -35,7 +35,6 @@ struct ber_element {
};
struct ber {
- int fd;
u_char *br_wbuf;
u_char *br_wptr;
u_char *br_wend;
Index: usr.sbin/ldapd/conn.c
===
RCS file: /cvs/src/usr.sbin/ldapd/conn.c,v
retrieving revision 1.14
diff -u -p -r1.14 conn.c
--- usr.sbin/ldapd/conn.c 20 Jan 2017 11:55:08 - 1.14
+++ usr.sbin/ldapd/conn.c 5 Feb 2018 17:51:37 -
@@ -296,7 +296,6 @@ conn_accept(int fd, short event, void *d
log_warn("malloc");
goto giveup;
}
- conn->ber.fd = -1;
ber_set_application(&conn->ber, ldap_application);
conn->fd = afd;
conn->listener = l;
Index: usr.sbin/ldapd/util.c
===
RCS file: /cvs/src/usr.sbin/ldapd/util.c,v
retrieving revision 1.8
diff -u -p -r1.8 util.c
--- usr.sbin/ldapd/util.c 20 Jan 2017 11:55:08 - 1.8
+++ usr.sbin/ldapd/util.c 5 Feb 2018 17:51:37 -
@@ -113,7 +113,6 @@ ber2db(struct ber_element *root, struct
memset(val, 0, sizeof(*val));
memset(&ber, 0, sizeof(ber));
- ber.fd = -1;
ber_write_elements(&ber, root);
if ((len = ber_get_writebuf(&ber, &buf)) == -1)
@@ -168,7 +167,6 @@ db2ber(struct btval *val, int compressio
assert(val != NULL);
memset(&ber, 0, sizeof(ber));
- ber.fd = -1;
if (compression_level > 0) {
if (val->size < sizeof(uint32_t))
Index: usr.sbin/snmpctl/snmpclient.c
===
RCS file: /cvs/src/usr.sbin/snmpctl/snmpclient.c,v
retrieving revision 1.14
diff -u -p -r1.14 snmpclient.c
---
ipsec ah_massage_headers cleanup
Hi,
While reading ah_massage_headers() for the erratas, I found some
issues which are ugly, but not security relevant.
- Declare global array ipseczeroes with zeroes constant.
- The proto parameter contains the address family, so call it af.
- Remove an unused if block, just keep the else.
- If m_copyback(M_NOWAIT) fails, return with error instead of working
with an inconsistent mbuf.
- ip6_nxt is u_int8_t, no need to clear the high bits.
- The offset and next protocol are advanced for all extension
headers, move it after the switch.
- ah_massage_headers() returns an errno, call the variable error.
ok?
bluhm
Index: netinet/ip_ah.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_ah.c,v
retrieving revision 1.134
diff -u -p -r1.134 ip_ah.c
--- netinet/ip_ah.c 1 Feb 2018 21:06:31 - 1.134
+++ netinet/ip_ah.c 5 Feb 2018 16:05:04 -
@@ -80,7 +80,7 @@ void ah_output_cb(struct cryptop *);
void ah_input_cb(struct cryptop *);
intah_massage_headers(struct mbuf **, int, int, int, int);
-unsigned char ipseczeroes[IPSEC_ZEROES_SIZE]; /* zeroes! */
+const unsigned char ipseczeroes[IPSEC_ZEROES_SIZE]; /* zeroes! */
/*
@@ -190,21 +190,19 @@ ah_zeroize(struct tdb *tdbp)
* Massage IPv4/IPv6 headers for AH processing.
*/
int
-ah_massage_headers(struct mbuf **m0, int proto, int skip, int alg, int out)
+ah_massage_headers(struct mbuf **m0, int af, int skip, int alg, int out)
{
struct mbuf *m = *m0;
unsigned char *ptr;
- int off, count;
-
+ int error, off, count;
struct ip *ip;
-
#ifdef INET6
struct ip6_ext *ip6e;
struct ip6_hdr ip6;
int ad, alloc, nxt, noff;
#endif /* INET6 */
- switch (proto) {
+ switch (af) {
case AF_INET:
/*
* This is the least painful way of dealing with IPv4 header
@@ -229,10 +227,8 @@ ah_massage_headers(struct mbuf **m0, int
/* IPv4 option processing */
for (off = sizeof(struct ip); off < skip;) {
- if (ptr[off] == IPOPT_EOL || ptr[off] == IPOPT_NOP ||
- off + 1 < skip)
- ;
- else {
+ if (ptr[off] != IPOPT_EOL && ptr[off] != IPOPT_NOP &&
+ off + 1 >= skip) {
DPRINTF(("%s: illegal IPv4 option length for"
" option %d\n", __func__, ptr[off]));
@@ -355,7 +351,14 @@ ah_massage_headers(struct mbuf **m0, int
ip6.ip6_dst.s6_addr16[1] = 0;
/* Done with IPv6 header. */
- m_copyback(m, 0, sizeof(struct ip6_hdr), &ip6, M_NOWAIT);
+ error = m_copyback(m, 0, sizeof(struct ip6_hdr), &ip6,
+ M_NOWAIT);
+ if (error) {
+ DPRINTF(("%s: m_copyback no memory", __func__));
+ ahstat_inc(ahs_hdrops);
+ m_freem(m);
+ return error;
+ }
/* Let's deal with the remaining headers (if any). */
if (skip - sizeof(struct ip6_hdr) > 0) {
@@ -386,7 +389,7 @@ ah_massage_headers(struct mbuf **m0, int
} else
break;
- nxt = ip6.ip6_nxt & 0xff; /* Next header type. */
+ nxt = ip6.ip6_nxt; /* Next header type. */
for (off = 0; off < skip - sizeof(struct ip6_hdr);) {
if (off + sizeof(struct ip6_ext) >
@@ -428,10 +431,6 @@ ah_massage_headers(struct mbuf **m0, int
if (count != noff)
goto error6;
-
- /* Advance. */
- off += ((ip6e->ip6e_len + 1) << 3);
- nxt = ip6e->ip6e_nxt;
break;
case IPPROTO_ROUTING:
@@ -471,15 +470,17 @@ ah_massage_headers(struct mbuf **m0, int
(caddr_t)&ip6);
addr[0] = ip6.ip6_dst;
ip6.ip6_dst = finaldst;
- m_copyback(m, 0, sizeof(ip6), &ip6,
- M_NOWAIT);
-
+ error = m_copyback(m, 0, sizeof(ip6),
+ &ip6, M_NOWAIT);
+ if (error) {
+ if (alloc)
+ free(ptr, M_XDATA, 0);
+ ahstat_inc(ahs_hdrops);
+ m_freem(m);
+ return error;
+
Re: [PATCH] Fix Order of Intel Graphics on amd64.html
Ping. Any thoughts? On Sun, Jan 28, 2018 at 05:26:12PM -0800, Bryan Vyhmeister wrote: > I noticed that the order of listed Intel integrated graphics support is > not consistent from newest to oldest as it is for Radeon devices on the > same page. The patch puts Kaby Lake above Skylake as it is 7th and then > 6th generation respectively. > > Bryan > > > Index: amd64.html > === > RCS file: /cvs/www/amd64.html,v > retrieving revision 1.274 > diff -u -p -r1.274 amd64.html > --- amd64.html19 Nov 2017 18:36:41 - 1.274 > +++ amd64.html29 Jan 2018 01:22:34 - > @@ -73,8 +73,8 @@ expected to work: > > Intel devices can be confusing as well. Some devices expected to work: > > -Intel Skylake (found on i-6xxx CPU) > Intel Kaby Lake (found on i-7xxx CPU) > +Intel Skylake (found on i-6xxx CPU) > Intel Broadwell (found on i-5xxx CPU) > Earlier Intel models and revisions are expected to work as well. > The PowerVR graphics found on some Atom CPUs are not supported. >
