Re: Change to mailer.conf(5) man page
On Sat, Sep 15, 2018 at 09:42:47PM -0400, Matt Schwartz wrote: > Damnit! I forgot one line. Please disregard the previous. Now all > lines of mailer.conf(5) should reflect that sendmail is no longer in > the default install. > i'm ok with this, though the spacing on your diff got mangled and it doesn;t apply. i'd be tempted to remove the text ", named /usr/local/libexec/sendmail/sendmail" anyone want to ok (or commit with my ok)? jmc > Index: mailer.conf.5 > === > RCS file: /cvs/src/usr.sbin/mailwrapper/mailer.conf.5,v > retrieving revision 1.17 > diff -u -p -u -r1.17 mailer.conf.5 > --- mailer.conf.5 8 Dec 2015 09:06:32 - 1.17 > +++ mailer.conf.5 16 Sep 2018 01:41:53 - > @@ -78,14 +78,14 @@ This example shows how to invoke the tra > MTA suite in place of > .Xr smtpd 8 . > .Bd -literal > -# Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail > -sendmail /usr/libexec/sendmail/sendmail > -send-mail /usr/libexec/sendmail/sendmail > -mailq /usr/libexec/sendmail/sendmail > -makemap/usr/libexec/sendmail/makemap > -newaliases /usr/libexec/sendmail/sendmail > -hoststat /usr/libexec/sendmail/sendmail > -purgestat /usr/libexec/sendmail/sendmail > +# Execute the "real" sendmail program, named > /usr/local/libexec/sendmail/sendmail > +sendmail /usr/local/libexec/sendmail/sendmail > +send-mail /usr/local/libexec/sendmail/sendmail > +mailq /usr/local/libexec/sendmail/sendmail > +makemap/usr/local/libexec/sendmail/makemap > +newaliases /usr/local/libexec/sendmail/sendmail > +hoststat /usr/local/libexec/sendmail/sendmail > +purgestat /usr/local/libexec/sendmail/sendmail > .Ed > .Sh SEE ALSO > .Xr mail 1 , > > On Sat, Sep 15, 2018 at 9:36 PM Matt Schwartz > wrote: > > > > Quick correction to the mailer.conf(5) man page. Since sendmail is no > > longer in the default install, the man page has been corrected to > > reflect that the sendmail binary would be in > > /usr/local/libexec/sendmail instead of /usr/libexec/sendmail. > > > > Index: mailer.conf.5 > > === > > RCS file: /cvs/src/usr.sbin/mailwrapper/mailer.conf.5,v > > retrieving revision 1.17 > > diff -u -p -u -r1.17 mailer.conf.5 > > --- mailer.conf.5 8 Dec 2015 09:06:32 - 1.17 > > +++ mailer.conf.5 16 Sep 2018 01:34:31 - > > @@ -79,13 +79,13 @@ MTA suite in place of > > .Xr smtpd 8 . > > .Bd -literal > > # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail > > -sendmail /usr/libexec/sendmail/sendmail > > -send-mail /usr/libexec/sendmail/sendmail > > -mailq /usr/libexec/sendmail/sendmail > > -makemap/usr/libexec/sendmail/makemap > > -newaliases /usr/libexec/sendmail/sendmail > > -hoststat /usr/libexec/sendmail/sendmail > > -purgestat /usr/libexec/sendmail/sendmail > > +sendmail /usr/local/libexec/sendmail/sendmail > > +send-mail /usr/local/libexec/sendmail/sendmail > > +mailq /usr/local/libexec/sendmail/sendmail > > +makemap/usr/local/libexec/sendmail/makemap > > +newaliases /usr/local/libexec/sendmail/sendmail > > +hoststat /usr/local/libexec/sendmail/sendmail > > +purgestat /usr/local/libexec/sendmail/sendmail > > .Ed > > .Sh SEE ALSO > > .Xr mail 1 , >
Re: Change to mailer.conf(5) man page
On Sat, Sep 15, 2018, Matt Schwartz wrote: > reflect that the sendmail binary would be in > /usr/local/libexec/sendmail instead of /usr/libexec/sendmail. In that case you might want to change the comment too (or simply remove it...) > # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail > +sendmail /usr/local/libexec/sendmail/sendmail
Re: openssl s_time: different tally marks for different TLS versions
I'm generally opposed to breaking stdout compatibility with the
"openssl" command tools because we have no clue what shell scripts and
other applications this will break.
with a *very good reason* I think it's ok, but this (I think this
looks better) isn't one of them. the "openssl" command is kept the
way it is *for compatibilityt with crap that wants it*.
If you truly dislike the output - WRITE A NEW TOOL THAT DOESN'T SUCK ;)
On Sat, Sep 15, 2018 at 1:21 PM Scott Cheloha wrote:
>
> Bump.
>
> On Tue, Aug 28, 2018 at 10:33:34AM -0500, Scott Cheloha wrote:
> > Two diffs here.
> >
> > First, move the tally mark printing out of the benchmark loop.
> >
> > Second, print '0' for TLS 1.0, '1' for TLS 1.1, etc.
> >
> > This breaks stdout compatibility with OpenSSL s_time, and prior
> > versions of s_time in general, because 't' was used for TLS 1.0
> > (behavior change) and '2' was used for SSLv2 (marker collision).
> >
> > (The choice of a single character as the mark predated any plans
> > for a successor to SSL. The choice of 't' predated any plans for
> > a revision to TLS.)
> >
> > I think the utility of distinguishing between the various TLS
> > versions at a glance outweighs the value of compatibility with
> > older versions of the software. Especially given how haphazard
> > the stdout behavior of this code is anyway, I don't think we're
> > going to break a zillion scripts. The primary utility of this
> > app is interactive testing and eyeballing your performance.
> >
> > But... if this is unacceptable the alternative is to just print
> > 't' for any and all TLS versions. I think this is less useful,
> > but one can always use s_client, so it isn't the end of the world.
> >
> > Thoughts? ok?
> >
> > PS. Using DTLS to encrypt HTTP isn't a thing, right? It isn't
> > useful to check for DTLS1_VERSION from SSL_version(3)?
> >
> > Diff 1:
> >
> > Index: s_time.c
> > ===
> > RCS file: /cvs/src/usr.bin/openssl/s_time.c,v
> > retrieving revision 1.31
> > diff -u -p -r1.31 s_time.c
> > --- s_time.c 28 Aug 2018 14:30:48 - 1.31
> > +++ s_time.c 28 Aug 2018 15:13:18 -
> > @@ -92,6 +92,7 @@ extern int verify_depth;
> > static void s_time_usage(void);
> > static int run_test(SSL *);
> > static int benchmark(int);
> > +static void print_tally_mark(SSL *);
> >
> > static SSL_CTX *tm_ctx = NULL;
> > static const SSL_METHOD *s_time_meth = NULL;
> > @@ -393,6 +394,24 @@ run_test(SSL *scon)
> > return 1;
> > }
> >
> > +static void
> > +print_tally_mark(SSL *scon)
> > +{
> > + int ver;
> > +
> > + if (SSL_session_reused(scon))
> > + ver = 'r';
> > + else {
> > + ver = SSL_version(scon);
> > + if (ver == TLS1_VERSION)
> > + ver = 't';
> > + else
> > + ver = '*';
> > + }
> > + fputc(ver, stdout);
> > + fflush(stdout);
> > +}
> > +
> > static int
> > benchmark(int reuse_session)
> > {
> > @@ -400,7 +419,6 @@ benchmark(int reuse_session)
> > int nConn = 0;
> > SSL *scon = NULL;
> > int ret = 1;
> > - int ver;
> >
> > if (reuse_session) {
> > /* Get an SSL object so we can reuse the session id */
> > @@ -429,18 +447,7 @@ benchmark(int reuse_session)
> > if (!run_test(scon))
> > goto end;
> > nConn += 1;
> > - if (SSL_session_reused(scon))
> > - ver = 'r';
> > - else {
> > - ver = SSL_version(scon);
> > - if (ver == TLS1_VERSION)
> > - ver = 't';
> > - else
> > - ver = '*';
> > - }
> > - fputc(ver, stdout);
> > - fflush(stdout);
> > -
> > + print_tally_mark(scon);
> > if (!reuse_session) {
> > SSL_free(scon);
> > scon = NULL;
> >
> > Diff 1+2:
> >
> > Index: s_time.c
> > ===
> > RCS file: /cvs/src/usr.bin/openssl/s_time.c,v
> > retrieving revision 1.31
> > diff -u -p -r1.31 s_time.c
> > --- s_time.c 28 Aug 2018 14:30:48 - 1.31
> > +++ s_time.c 28 Aug 2018 15:15:27 -
> > @@ -92,6 +92,7 @@ extern int verify_depth;
> > static void s_time_usage(void);
> > static int run_test(SSL *);
> > static int benchmark(int);
> > +static void print_tally_mark(SSL *);
> >
> > static SSL_CTX *tm_ctx = NULL;
> > static const SSL_METHOD *s_time_meth = NULL;
> > @@ -393,6 +394,33 @@ run_test(SSL *scon)
> > return 1;
> > }
> >
> > +static void
> > +print_tally_mark(SSL *scon)
> > +{
> > + int mark;
> > +
> > + if (SSL_session_reused(scon)) {
> > + mark = 'r';
> > + goto print;
> > + }
> > + switch (SSL_version(scon)) {
> > + case TLS1_VERSION:
> > +
Re: bsd.rd failure in VirtualBox
On Sat, Sep 15, 2018 at 11:59 AM David Higgs wrote: > I often use VirtualBox (version 5.2.18 on OS X) to familiarize myself > with new features in snapshots, before upgrading my physical hardware. > > This afternoon, I tried updating bsd.rd (amd64, 6.4-beta RAMDISK_CD > #281) and wasn't able to successfully boot it. I had to rely on the > video capture ability of VirtualBox to even notice there was a panic > (typed out below) before it rebooted to the "BIOS" splash screen. > ... > Also attached is the dmesg from a prior working snapshot. I haven't > tried updating since this prior snapshot, so I don't have further > insight into when the issue first appeared. > Thank you for the complete and clear report! I have a diff in the amd64 snapshots to use the CPU's PCID support in many cases and this VirtualBox setup found a bug in it. I've generated a new diff that should fix this, so a future snap should fix this, though when that'll happend depends on the snap builder's schedule. Philip Guenther
Re: Change to mailer.conf(5) man page
Damnit! I forgot one line. Please disregard the previous. Now all lines of mailer.conf(5) should reflect that sendmail is no longer in the default install. Index: mailer.conf.5 === RCS file: /cvs/src/usr.sbin/mailwrapper/mailer.conf.5,v retrieving revision 1.17 diff -u -p -u -r1.17 mailer.conf.5 --- mailer.conf.5 8 Dec 2015 09:06:32 - 1.17 +++ mailer.conf.5 16 Sep 2018 01:41:53 - @@ -78,14 +78,14 @@ This example shows how to invoke the tra MTA suite in place of .Xr smtpd 8 . .Bd -literal -# Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail -sendmail /usr/libexec/sendmail/sendmail -send-mail /usr/libexec/sendmail/sendmail -mailq /usr/libexec/sendmail/sendmail -makemap/usr/libexec/sendmail/makemap -newaliases /usr/libexec/sendmail/sendmail -hoststat /usr/libexec/sendmail/sendmail -purgestat /usr/libexec/sendmail/sendmail +# Execute the "real" sendmail program, named /usr/local/libexec/sendmail/sendmail +sendmail /usr/local/libexec/sendmail/sendmail +send-mail /usr/local/libexec/sendmail/sendmail +mailq /usr/local/libexec/sendmail/sendmail +makemap/usr/local/libexec/sendmail/makemap +newaliases /usr/local/libexec/sendmail/sendmail +hoststat /usr/local/libexec/sendmail/sendmail +purgestat /usr/local/libexec/sendmail/sendmail .Ed .Sh SEE ALSO .Xr mail 1 , On Sat, Sep 15, 2018 at 9:36 PM Matt Schwartz wrote: > > Quick correction to the mailer.conf(5) man page. Since sendmail is no > longer in the default install, the man page has been corrected to > reflect that the sendmail binary would be in > /usr/local/libexec/sendmail instead of /usr/libexec/sendmail. > > Index: mailer.conf.5 > === > RCS file: /cvs/src/usr.sbin/mailwrapper/mailer.conf.5,v > retrieving revision 1.17 > diff -u -p -u -r1.17 mailer.conf.5 > --- mailer.conf.5 8 Dec 2015 09:06:32 - 1.17 > +++ mailer.conf.5 16 Sep 2018 01:34:31 - > @@ -79,13 +79,13 @@ MTA suite in place of > .Xr smtpd 8 . > .Bd -literal > # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail > -sendmail /usr/libexec/sendmail/sendmail > -send-mail /usr/libexec/sendmail/sendmail > -mailq /usr/libexec/sendmail/sendmail > -makemap/usr/libexec/sendmail/makemap > -newaliases /usr/libexec/sendmail/sendmail > -hoststat /usr/libexec/sendmail/sendmail > -purgestat /usr/libexec/sendmail/sendmail > +sendmail /usr/local/libexec/sendmail/sendmail > +send-mail /usr/local/libexec/sendmail/sendmail > +mailq /usr/local/libexec/sendmail/sendmail > +makemap/usr/local/libexec/sendmail/makemap > +newaliases /usr/local/libexec/sendmail/sendmail > +hoststat /usr/local/libexec/sendmail/sendmail > +purgestat /usr/local/libexec/sendmail/sendmail > .Ed > .Sh SEE ALSO > .Xr mail 1 ,
Change to mailer.conf(5) man page
Quick correction to the mailer.conf(5) man page. Since sendmail is no longer in the default install, the man page has been corrected to reflect that the sendmail binary would be in /usr/local/libexec/sendmail instead of /usr/libexec/sendmail. Index: mailer.conf.5 === RCS file: /cvs/src/usr.sbin/mailwrapper/mailer.conf.5,v retrieving revision 1.17 diff -u -p -u -r1.17 mailer.conf.5 --- mailer.conf.5 8 Dec 2015 09:06:32 - 1.17 +++ mailer.conf.5 16 Sep 2018 01:34:31 - @@ -79,13 +79,13 @@ MTA suite in place of .Xr smtpd 8 . .Bd -literal # Execute the "real" sendmail program, named /usr/libexec/sendmail/sendmail -sendmail /usr/libexec/sendmail/sendmail -send-mail /usr/libexec/sendmail/sendmail -mailq /usr/libexec/sendmail/sendmail -makemap/usr/libexec/sendmail/makemap -newaliases /usr/libexec/sendmail/sendmail -hoststat /usr/libexec/sendmail/sendmail -purgestat /usr/libexec/sendmail/sendmail +sendmail /usr/local/libexec/sendmail/sendmail +send-mail /usr/local/libexec/sendmail/sendmail +mailq /usr/local/libexec/sendmail/sendmail +makemap/usr/local/libexec/sendmail/makemap +newaliases /usr/local/libexec/sendmail/sendmail +hoststat /usr/local/libexec/sendmail/sendmail +purgestat /usr/local/libexec/sendmail/sendmail .Ed .Sh SEE ALSO .Xr mail 1 ,
bsd.rd failure in VirtualBox
I often use VirtualBox (version 5.2.18 on OS X) to familiarize myself with new features in snapshots, before upgrading my physical hardware. This afternoon, I tried updating bsd.rd (amd64, 6.4-beta RAMDISK_CD #281) and wasn't able to successfully boot it. I had to rely on the video capture ability of VirtualBox to even notice there was a panic (typed out below) before it rebooted to the "BIOS" splash screen. Welcome to the OpenBSD/amd64 6.4 installation program. fatal protection fault in supervisor mode trap type 4 code 0 rip 810f24e4 cs 8 rflags 10206 cr2 6c1fed cpl a rsp 800022098a10 gsbase 0x8186eff0 kgsbase 0x0 panic: trap type 4, code 0, pc=0x810f24e4 syncing disks... done dump to dev 17,1 not possible rebooting... Also attached is the dmesg from a prior working snapshot. I haven't tried updating since this prior snapshot, so I don't have further insight into when the issue first appeared. --david OpenBSD 6.4-beta (GENERIC) #250: Sun Aug 26 00:10:38 MDT 2018 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 4278124544 (4079MB) avail mem = 4139393024 (3947MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xe1000 (10 entries) bios0: vendor innotek GmbH version "VirtualBox" date 12/01/2006 bios0: innotek GmbH VirtualBox acpi0 at bios0: rev 2 acpi0: sleep states S0 S5 acpi0: tables DSDT FACP APIC SSDT acpi0: wakeup devices acpitimer0 at acpi0: 3579545 Hz, 32 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i5-6360U CPU @ 2.00GHz, 1962.87 MHz, 06-4e-03 cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,PCLMUL,MWAIT,SSSE3,CX16,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,RDRAND,NXE,RDTSCP,LONG,LAHF,ABM,3DNOWP,ITSC,FSGSBASE,AVX2,INVPCID,RDSEED,CLFLUSHOPT,L1DF,MELTDOWN cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: CPU supports MTRRs but not enabled by BIOS cpu0: apic clock running at 999MHz cpu0: mwait min=64, max=64 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins, remapped acpiprt0 at acpi0: bus 0 (PCI0) acpicpu0 at acpi0: C1(@1 halt!) acpibat0 at acpi0: BAT0 model "1" serial 0 type VBOX oem "innotek" acpiac0 at acpi0: AC unit offline acpivideo0 at acpi0: GFX0 pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02 pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00 pciide0 at pci0 dev 1 function 1 "Intel 82371AB IDE" rev 0x01: DMA, channel 0 configured to compatibility, channel 1 configured to compatibility wd0 at pciide0 channel 0 drive 0: wd0: 128-sector PIO, LBA, 20480MB, 41943040 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 atapiscsi0 at pciide0 channel 1 drive 0 scsibus1 at atapiscsi0: 2 targets cd0 at scsibus1 targ 0 lun 0: ATAPI 5/cdrom removable cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 vga1 at pci0 dev 2 function 0 "InnoTek VirtualBox Graphics Adapter" rev 0x00 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) em0 at pci0 dev 3 function 0 "Intel 82540EM" rev 0x02: apic 1 int 19, address 08:00:27:36:05:97 "InnoTek VirtualBox Guest Service" rev 0x00 at pci0 dev 4 function 0 not configured piixpm0 at pci0 dev 7 function 0 "Intel 82371AB Power" rev 0x08: apic 1 int 23 iic0 at piixpm0 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 irq 1 irq 12 pckbd0 at pckbc0 (kbd slot) wskbd0 at pckbd0: console keyboard, using wsdisplay0 pms0 at pckbc0 (aux slot) wsmouse0 at pms0 mux 0 pcppi0 at isa0 port 0x61 spkr0 at pcppi0 vscsi0 at root scsibus2 at vscsi0: 256 targets softraid0 at root scsibus3 at softraid0: 256 targets root on wd0a (4f192ba57dbd4eac.a) swap on wd0b dump on wd0b
Re: openssl s_time: different tally marks for different TLS versions
Bump.
On Tue, Aug 28, 2018 at 10:33:34AM -0500, Scott Cheloha wrote:
> Two diffs here.
>
> First, move the tally mark printing out of the benchmark loop.
>
> Second, print '0' for TLS 1.0, '1' for TLS 1.1, etc.
>
> This breaks stdout compatibility with OpenSSL s_time, and prior
> versions of s_time in general, because 't' was used for TLS 1.0
> (behavior change) and '2' was used for SSLv2 (marker collision).
>
> (The choice of a single character as the mark predated any plans
> for a successor to SSL. The choice of 't' predated any plans for
> a revision to TLS.)
>
> I think the utility of distinguishing between the various TLS
> versions at a glance outweighs the value of compatibility with
> older versions of the software. Especially given how haphazard
> the stdout behavior of this code is anyway, I don't think we're
> going to break a zillion scripts. The primary utility of this
> app is interactive testing and eyeballing your performance.
>
> But... if this is unacceptable the alternative is to just print
> 't' for any and all TLS versions. I think this is less useful,
> but one can always use s_client, so it isn't the end of the world.
>
> Thoughts? ok?
>
> PS. Using DTLS to encrypt HTTP isn't a thing, right? It isn't
> useful to check for DTLS1_VERSION from SSL_version(3)?
>
> Diff 1:
>
> Index: s_time.c
> ===
> RCS file: /cvs/src/usr.bin/openssl/s_time.c,v
> retrieving revision 1.31
> diff -u -p -r1.31 s_time.c
> --- s_time.c 28 Aug 2018 14:30:48 - 1.31
> +++ s_time.c 28 Aug 2018 15:13:18 -
> @@ -92,6 +92,7 @@ extern int verify_depth;
> static void s_time_usage(void);
> static int run_test(SSL *);
> static int benchmark(int);
> +static void print_tally_mark(SSL *);
>
> static SSL_CTX *tm_ctx = NULL;
> static const SSL_METHOD *s_time_meth = NULL;
> @@ -393,6 +394,24 @@ run_test(SSL *scon)
> return 1;
> }
>
> +static void
> +print_tally_mark(SSL *scon)
> +{
> + int ver;
> +
> + if (SSL_session_reused(scon))
> + ver = 'r';
> + else {
> + ver = SSL_version(scon);
> + if (ver == TLS1_VERSION)
> + ver = 't';
> + else
> + ver = '*';
> + }
> + fputc(ver, stdout);
> + fflush(stdout);
> +}
> +
> static int
> benchmark(int reuse_session)
> {
> @@ -400,7 +419,6 @@ benchmark(int reuse_session)
> int nConn = 0;
> SSL *scon = NULL;
> int ret = 1;
> - int ver;
>
> if (reuse_session) {
> /* Get an SSL object so we can reuse the session id */
> @@ -429,18 +447,7 @@ benchmark(int reuse_session)
> if (!run_test(scon))
> goto end;
> nConn += 1;
> - if (SSL_session_reused(scon))
> - ver = 'r';
> - else {
> - ver = SSL_version(scon);
> - if (ver == TLS1_VERSION)
> - ver = 't';
> - else
> - ver = '*';
> - }
> - fputc(ver, stdout);
> - fflush(stdout);
> -
> + print_tally_mark(scon);
> if (!reuse_session) {
> SSL_free(scon);
> scon = NULL;
>
> Diff 1+2:
>
> Index: s_time.c
> ===
> RCS file: /cvs/src/usr.bin/openssl/s_time.c,v
> retrieving revision 1.31
> diff -u -p -r1.31 s_time.c
> --- s_time.c 28 Aug 2018 14:30:48 - 1.31
> +++ s_time.c 28 Aug 2018 15:15:27 -
> @@ -92,6 +92,7 @@ extern int verify_depth;
> static void s_time_usage(void);
> static int run_test(SSL *);
> static int benchmark(int);
> +static void print_tally_mark(SSL *);
>
> static SSL_CTX *tm_ctx = NULL;
> static const SSL_METHOD *s_time_meth = NULL;
> @@ -393,6 +394,33 @@ run_test(SSL *scon)
> return 1;
> }
>
> +static void
> +print_tally_mark(SSL *scon)
> +{
> + int mark;
> +
> + if (SSL_session_reused(scon)) {
> + mark = 'r';
> + goto print;
> + }
> + switch (SSL_version(scon)) {
> + case TLS1_VERSION:
> + mark = '0';
> + break;
> + case TLS1_1_VERSION:
> + mark = '1';
> + break;
> + case TLS1_2_VERSION:
> + mark = '2';
> + break;
> + default:
> + mark = '*';
> + }
> + print:
> + fputc(mark, stdout);
> + fflush(stdout);
> +}
> +
> static int
> benchmark(int reuse_session)
> {
> @@ -400,7 +428,6 @@ benchmark(int reuse_session)
> int nConn = 0;
> SSL *scon = NULL;
> int ret = 1;
> - int ver;
>
> if (reuse_session) {
> /* Get an SSL object so we can reuse the session id */
> @@ -429,18 +456,7 @@ benchmark(int reuse_session)
> if (!run_test(scon))
> goto end;
Re: Diff to use uid_from_user(3) and gid_from_group(3)
On Sat, Sep 15, 2018 at 06:33:47AM -0600, Todd C. Miller wrote: > We can use uid_from_user(3) and gid_from_group(3) in utilities that > do repeated passwd/group lookups. > > This is the final diff. ok tb
Re: More user_from_uid(3) and group_from_gid(3)
On Thu, Sep 13, 2018 at 11:02:17AM -0600, Todd C. Miller wrote: > Use user_from_uid(3) and group_from_gid(3) in a few more places > that do repeated lookups. ok tb
Re: stat(1): use passwd/group caches
On Thu, Sep 13, 2018 at 10:48:15AM -0600, Todd C. Miller wrote: > Use user_from_uid(3) and group_from_gid(3) to avoid extra passwd > and group file lookups. This required a bit of reordering of the > file mode handling bits to deal with the const char *. ok tb
Re: csh: simplify strsave()
On Sat, Sep 15, 2018 at 06:16:42AM -0600, Todd C. Miller wrote: > On Sat, 15 Sep 2018 12:42:22 +0200, Martijn van Duren wrote: > > > While here, should we also remove any in favour of strchr? Only > > difference seems to be the return type (bool vs pointer). > > Note that any(NULL, ch) is safe whereas strchr(NULL, ch) will crash. > It is hard to say whether or not there are actual calls to any() > with a NULL string (most use a constant string) but this needs to > be checked before committing. > > - todd >From what I see the questionable any() calls look like any(short2str(a), b). The function short2str() can return NULL if its parameter is NULL. On my system I changed short2str() to do if (src == NULL) abort(); and the same for any(): if (s == NULL) abort(); I didn't hit an abort() so far, but it's too early to have any() confidence in the change.
Re: mtree(8): use passwd/group caches
On Thu, Sep 13, 2018 at 02:15:34PM -0600, Todd C. Miller wrote: > On Thu, 13 Sep 2018 10:47:35 -0600, "Todd C. Miller" wrote: > > > Use the passwd/group cache functions in mtree(1) to avoid repeatedly > > looking up the same user/group. The passwd and group files are > > kept open too. > > I sent out and older version of the diff that was missing some > includes in mtree.c. Below is the corrected version. ok tb
Re: mail(1): use user_from_uid(3) and uid_from_user(3)
On Thu, Sep 13, 2018 at 10:35:11AM -0600, Todd C. Miller wrote: > Replace the local getname() and getuserid() functions with calls > to user_from_uid(3) and uid_from_user(3). This requires sprinkling > const in a few places but is otherwise mechanical. ok tb
Diff to use uid_from_user(3) and gid_from_group(3)
We can use uid_from_user(3) and gid_from_group(3) in utilities that
do repeated passwd/group lookups.
This is the final diff.
- todd
Index: bin/chmod/chmod.c
===
RCS file: /cvs/src/bin/chmod/chmod.c,v
retrieving revision 1.42
diff -u -p -u -r1.42 chmod.c
--- bin/chmod/chmod.c 28 May 2017 08:03:36 - 1.42
+++ bin/chmod/chmod.c 10 Sep 2018 00:46:49 -
@@ -293,7 +293,6 @@ done:
uid_t
a_uid(const char *s, int silent)
{
- struct passwd *pw;
const char *errstr;
uid_t uid;
@@ -301,8 +300,8 @@ a_uid(const char *s, int silent)
return ((uid_t)-1);
/* User name was given. */
- if ((pw = getpwnam(s)) != NULL)
- return (pw->pw_uid);
+ if (uid_from_user(s, &uid) != -1)
+ return (uid);
/* UID was given. */
uid = (uid_t)strtonum(s, 0, UID_MAX, &errstr);
@@ -323,7 +322,6 @@ a_uid(const char *s, int silent)
gid_t
a_gid(const char *s)
{
- struct group *gr;
const char *errstr;
gid_t gid;
@@ -331,8 +329,8 @@ a_gid(const char *s)
return ((gid_t)-1);
/* Group name was given. */
- if ((gr = getgrnam(s)) != NULL)
- return (gr->gr_gid);
+ if (gid_from_group(s, &gid) != -1)
+ return (gid);
/* GID was given. */
gid = (gid_t)strtonum(s, 0, GID_MAX, &errstr);
Index: bin/ps/ps.c
===
RCS file: /cvs/src/bin/ps/ps.c,v
retrieving revision 1.72
diff -u -p -u -r1.72 ps.c
--- bin/ps/ps.c 8 Aug 2018 14:38:31 - 1.72
+++ bin/ps/ps.c 10 Sep 2018 00:46:49 -
@@ -92,7 +92,6 @@ main(int argc, char *argv[])
struct kinfo_proc *kp, **kinfo;
struct varent *vent;
struct winsize ws;
- struct passwd *pwd;
dev_t ttydev;
pid_t pid;
uid_t uid;
@@ -217,11 +216,8 @@ main(int argc, char *argv[])
break;
}
case 'U':
- pwd = getpwnam(optarg);
- if (pwd == NULL)
+ if (uid_from_user(optarg, &uid) == -1)
errx(1, "%s: no such user", optarg);
- uid = pwd->pw_uid;
- endpwent();
Uflag = xflg = 1;
break;
case 'u':
Index: sbin/fsdb/fsdb.c
===
RCS file: /cvs/src/sbin/fsdb/fsdb.c,v
retrieving revision 1.31
diff -u -p -u -r1.31 fsdb.c
--- sbin/fsdb/fsdb.c9 Sep 2016 15:37:14 - 1.31
+++ sbin/fsdb/fsdb.c10 Sep 2018 01:59:26 -
@@ -760,7 +760,6 @@ CMDFUNCSTART(chowner)
int rval = 1;
uid_t uid;
char *cp;
- struct passwd *pwd;
if (!checkactive())
return 1;
@@ -768,9 +767,7 @@ CMDFUNCSTART(chowner)
uid = strtoul(argv[1], &cp, 0);
if (cp == argv[1] || *cp != '\0' ) {
/* try looking up name */
- if ((pwd = getpwnam(argv[1]))) {
- uid = pwd->pw_uid;
- } else {
+ if (uid_from_user(argv[1], &uid) == -1) {
warnx("bad uid `%s'", argv[1]);
return 1;
}
Index: sbin/pfctl/parse.y
===
RCS file: /cvs/src/sbin/pfctl/parse.y,v
retrieving revision 1.683
diff -u -p -u -r1.683 parse.y
--- sbin/pfctl/parse.y 6 Sep 2018 15:07:33 - 1.683
+++ sbin/pfctl/parse.y 10 Sep 2018 02:12:51 -
@@ -2965,14 +2965,14 @@ uid : STRING{
if (!strcmp($1, "unknown"))
$$ = UID_MAX;
else {
- struct passwd *pw;
+ uid_t uid;
- if ((pw = getpwnam($1)) == NULL) {
+ if (uid_from_user($1, &uid) == -1) {
yyerror("unknown user %s", $1);
free($1);
YYERROR;
}
- $$ = pw->pw_uid;
+ $$ = uid;
}
free($1);
}
@@ -3043,14 +3043,14 @@ gid : STRING{
if (!strcmp($1, "unknown"))
$$ = GID_MAX;
else {
- struct group*grp;
+ gid_t gid;
- if ((grp = getgrnam($1)) == NULL) {
+ if (gid_from_group($1, &gid) == -1) {
Re: csh: simplify strsave()
On Sat, 15 Sep 2018 12:42:22 +0200, Martijn van Duren wrote: > While here, should we also remove any in favour of strchr? Only > difference seems to be the return type (bool vs pointer). Note that any(NULL, ch) is safe whereas strchr(NULL, ch) will crash. It is hard to say whether or not there are actual calls to any() with a NULL string (most use a constant string) but this needs to be checked before committing. - todd
Re: csh: simplify strsave()
On 09/14/18 16:30, Michael Mikonos wrote:
> On Sat, Sep 08, 2018 at 10:13:35AM +0200, Martijn van Duren wrote:
>> On 09/08/18 04:57, Michael Mikonos wrote:
>>> Hello,
>>>
>>> The function strsave() in csh(1) is practically strdup(3).
>>> The only difference is memory allocation failure results in
>>> calling the stderror() error handler, which will later exit.
>>> This patch makes the code (IMO) clearer by removing two loops.
>>> xmalloc() behaves the same as xreallocarray() in terms of
>>> calling stderror(). Does this look OK?
>>>
>>> - Michael
>>>
>> Why not use strdup(3) altogether then? This way it's even more
>> clear what's intended. Maybe we should even rename the function
>> to xstrdup?
>>
>> martijn@
>
> Your patch was better. Here is a version with the function renamed
> and const added to the param list to match strdup(3).
OK martijn@
While here, should we also remove any in favour of strchr? Only
difference seems to be the return type (bool vs pointer).
Index: dol.c
===
RCS file: /cvs/src/bin/csh/dol.c,v
retrieving revision 1.21
diff -u -p -r1.21 dol.c
--- dol.c 16 Dec 2017 10:27:21 - 1.21
+++ dol.c 15 Sep 2018 10:41:24 -
@@ -541,7 +541,7 @@ Dgetdol(void)
for (i = 0; Isdigit(*np); i = i * 10 + *np++ - '0')
continue;
- if ((i < 0 || i > upb) && !any("-*", *np)) {
+ if ((i < 0 || i > upb) && !strchr("-*", *np)) {
dolerror(vp->v_name);
return;
}
@@ -642,7 +642,7 @@ fixDolMod(void)
dolmod[dolnmod++] = delim;
if (!delim || letter(delim)
- || Isdigit(delim) || any(" \t\n", delim)) {
+ || Isdigit(delim) || strchr(" \t\n", delim)) {
seterror(ERR_BADSUBST);
break;
}
@@ -657,7 +657,7 @@ fixDolMod(void)
}
continue;
}
- if (!any("htrqxes", c))
+ if (!strchr("htrqxes", c))
stderror(ERR_BADMOD, c);
dolmod[dolnmod++] = c;
if (c == 'q')
@@ -691,7 +691,7 @@ setDolp(Char *cp)
delim = dolmod[++i];
if (!delim || letter(delim)
- || Isdigit(delim) || any(" \t\n", delim)) {
+ || Isdigit(delim) || strchr(" \t\n", delim)) {
seterror(ERR_BADSUBST);
break;
}
@@ -901,7 +901,7 @@ heredoc(Char *term)
/* \ quotes \ $ ` here */
if (c == '\\') {
c = DgetC(0);
- if (!any("$\\`", c))
+ if (!strchr("$\\`", c))
unDgetC(c | QUOTE), c = '\\';
else
c |= QUOTE;
@@ -918,7 +918,7 @@ heredoc(Char *term)
* If any ` in line do command substitution
*/
mbp = mbuf;
- if (any(short2str(mbp), '`')) {
+ if (strchr(short2str(mbp), '`')) {
/*
* 1 arg to dobackp causes substitution to be literal. Words are
* broken only at newlines so that all blanks and tabs are
Index: exec.c
===
RCS file: /cvs/src/bin/csh/exec.c,v
retrieving revision 1.19
diff -u -p -r1.19 exec.c
--- exec.c 26 Dec 2015 13:48:38 - 1.19
+++ exec.c 15 Sep 2018 10:41:24 -
@@ -137,7 +137,7 @@ doexec(Char **v, struct command *t)
blkfree(pv);
pexerr();
}
-slash = any(short2str(expath), '/');
+slash = (bool) strchr(short2str(expath), '/');
/*
* Glob the argument list, if necessary. Otherwise trim off the quote bits.
@@ -492,7 +492,7 @@ iscommand(Char *name)
Char **pv;
Char *sav;
struct varent *v;
-bool slash = any(short2str(name), '/');
+bool slash = (bool) strchr(short2str(name), '/');
int hashval = 0, hashval1, i;
v = adrof(STRpath);
@@ -680,7 +680,7 @@ tellmewhat(struct wordent *lexp, Char *s
if ((i = iscommand(sp->word)) != 0) {
Char **pv;
struct varent *v;
- boolslash = any(short2str(sp->word), '/');
+ boolslash = (bool) strchr(short2str(sp->word), '/');
v = adrof(STRpath);
if (v == 0 || v->vec[0] == 0 || slash)
Index: exp.c
===
RCS file: /cvs/src/bin/csh/exp.c,v
retrieving revision 1.16
diff -u -p -r1.16 exp.c
--- exp.c 26 Dec 2015 13:48:38 - 1.16
+++ exp.c 15 Sep 2018 10:41:24 -
@@ -36,6 +36,7 @@
#include
#include
#include
+#include
#include "csh.h"
#include "extern.h"
@@ -238,7 +239,7 @@ exp3a(Char ***vp, bool ignore)
p1 = exp4(vp, ignore);
op = **vp;
-if (op && any("<>", op[0]) && op[0] == op[1]) {
+if (op && strchr("<>", op[0]) && op[0] == op[1]) {
(*vp)++;
p2 = exp3a(vp, ignore);
if (op[0] == '<')
@@ -392,7 +393,7
