xlights(4): timeout_add(9) -> timeout_add_msec(9)
250 ticks at macppc's 100hz is 2500 milliseconds. ok? Index: xlights.c === RCS file: /cvs/src/sys/arch/macppc/dev/xlights.c,v retrieving revision 1.9 diff -u -p -r1.9 xlights.c --- xlights.c 8 Oct 2019 13:21:38 - 1.9 +++ xlights.c 19 Dec 2019 02:45:33 - @@ -282,7 +282,7 @@ xlights_startdma(struct xlights_softc *s dbdma_command_t *cmdp = sc->sc_dmacmd; sc->sc_dmasts = 1; - timeout_add(&sc->sc_tmo, 250); + timeout_add_msec(&sc->sc_tmo, 2500); DBDMA_BUILD(cmdp, DBDMA_CMD_OUT_LAST, 0, sc->sc_bufmap->dm_segs[0].ds_len,
ftp(1): separate file:/ URL handling
A bit late...
Move file: URL handling into its own function. This simplifies
url_get() and would have prevented problems with bogus redirections.
file_get() unrolls the code previously used in url_get(), except the
#ifndef SMALL bits were stripped out. file: support is mainly
(only?) used in the installer which is built with SMALL defined.
Resuming an incomplete file: transfer sounds nuts.
I felt a bit guilty about copying dubious code, there are some changes
that ought to be applied to url_get() too:
- write(2) can't return 0, can it? (something old about non-blocking
sockets maybe?). Anyway, no need to handle 0 explicitely.
- allocate buf before setjmp instead of marking it volatile
- save_errno/warnc dance if read(2) fails
This survived make release on amd64 and a bsd.rd upgrade with sets
on 'disk'. The resulting ftp(1) binary size decreases.
Comments/ok?
Index: fetch.c
===
--- fetch.c.orig
+++ fetch.c
@@ -68,6 +68,7 @@ struct tls;
#include "ftp_var.h"
#include "cmds.h"
+static int file_get(const char *, const char *);
static int url_get(const char *, const char *, const char *, int);
static int save_chunked(FILE *, struct tls *, int , char *, size_t);
static voidaborthttp(int);
@@ -182,6 +183,125 @@ tooslow(int signo)
}
/*
+ * Copy a local file (used by the OpenBSD installer).
+ * Returns -1 on failure, 0 on success
+ */
+static int
+file_get(const char *path, const char *outfile)
+{
+ struct stat st;
+ int fd, out, rval = -1, save_errno;
+ volatile sig_t oldintr, oldinti;
+ const char *savefile;
+ char*buf = NULL, *cp;
+ const size_t buflen = 128 * 1024;
+ off_thashbytes;
+ ssize_t len, wlen;
+
+ direction = "received";
+
+ fd = open(path, O_RDONLY);
+ if (fd == -1) {
+ warn("Can't open file %s", path);
+ return -1;
+ }
+
+ if (fstat(fd, &st) == -1)
+ filesize = -1;
+ else
+ filesize = st.st_size;
+
+ if (outfile != NULL)
+ savefile = outfile;
+ else {
+ if (path[strlen(path) - 1] == '/') /* Consider no file */
+ savefile = NULL;/* after dir invalid. */
+ else
+ savefile = basename(path);
+ }
+
+ if (EMPTYSTRING(savefile)) {
+ warnx("No filename after directory (use -o): %s", path);
+ goto cleanup_copy;
+ }
+
+ /* Open the output file. */
+ if (!pipeout) {
+ out = open(savefile, O_CREAT | O_WRONLY | O_TRUNC, 0666);
+ if (out == -1) {
+ warn("Can't open %s", savefile);
+ goto cleanup_copy;
+ }
+ } else
+ out = fileno(stdout);
+
+ if ((buf = malloc(buflen)) == NULL)
+ errx(1, "Can't allocate memory for transfer buffer");
+
+ /* Trap signals */
+ oldintr = NULL;
+ oldinti = NULL;
+ if (setjmp(httpabort)) {
+ if (oldintr)
+ (void)signal(SIGINT, oldintr);
+ if (oldinti)
+ (void)signal(SIGINFO, oldinti);
+ goto cleanup_copy;
+ }
+ oldintr = signal(SIGINT, abortfile);
+
+ bytes = 0;
+ hashbytes = mark;
+ progressmeter(-1, path);
+
+ /* Finally, suck down the file. */
+ oldinti = signal(SIGINFO, psummary);
+ while ((len = read(fd, buf, buflen)) > 0) {
+ bytes += len;
+ for (cp = buf; len > 0; len -= wlen, cp += wlen) {
+ if ((wlen = write(out, cp, len)) == -1) {
+ warn("Writing %s", savefile);
+ signal(SIGINFO, oldinti);
+ goto cleanup_copy;
+ }
+ }
+ if (hash && !progress) {
+ while (bytes >= hashbytes) {
+ (void)putc('#', ttyout);
+ hashbytes += mark;
+ }
+ (void)fflush(ttyout);
+ }
+ }
+ save_errno = errno;
+ signal(SIGINFO, oldinti);
+ if (hash && !progress && bytes > 0) {
+ if (bytes < mark)
+ (void)putc('#', ttyout);
+ (void)putc('\n', ttyout);
+ (void)fflush(ttyout);
+ }
+ if (len == -1) {
+ warnc(save_errno, "Reading from file");
+ goto cleanup_copy;
+ }
+ progressmeter(1, NULL);
+ if (verbose)
+ ptransfer(0);
+ (void)signal(SIGINT, oldintr);
+
+ rval = 0;
+
+cleanup_copy:
+ free(buf);
+ if (out >= 0 && out != fileno(stdout))
+
[patch] ftp: disallow redirect and reading from file://
Hi,
I noticed with the ftp program when downloading via HTTP or HTTPS it can
be redirected to read from a local file directly.
While testing using a CGI program that responds with the HTTP headers:
Status: 301 Moved Permanently
Location: file:///dev/urandom
The patch below disallows redirections to a file scheme.
Patch:
diff --git usr.bin/ftp/fetch.c usr.bin/ftp/fetch.c
index eff558eba6f..1c749b21048 100644
--- usr.bin/ftp/fetch.c
+++ usr.bin/ftp/fetch.c
@@ -258,6 +258,9 @@ url_get(const char *origline, const char *proxyenv, const
char *outfile, int las
} else
errx(1, "url_get: Invalid URL '%s'", newline);
+ if (isfileurl && redirect_loop > 0)
+ errx(1, "url_get: redirect to file '%s' not allowed", newline);
+
if (isfileurl) {
path = host;
} else {
--
Kind regards,
Hiltjo
Re: midi(4): *sleep(9) -> *sleep_nsec(9)
On Wed, Dec 18, 2019 at 09:54:43AM +0100, Alexandre Ratchov wrote: > On Tue, Dec 17, 2019 at 07:09:02PM -0600, Scott Cheloha wrote: > > The only conversion I'm having trouble with is the tsleep(). > > The comment says "20ms", but then we use some arithmetic > > to derive a count of ticks. > > > > Given > > > > hz * MIDI_MAXWRITE / MIDI_RATE > > > > You have hz ticks/second, and 32 bytes, and 3125 bytes/second, so you > > have > > > > hz ticks 32 bytes 3125 bytes > > * / -- > > second1 second > > > > = 32 * hz ticks > > - > > 3125 > > > > = 1 ticks > > > > if hz = 100, with integer division. > > > > I'm not sure how to use the constants to produce a count of > > milliseconds. Maybe I'm just having a slow day. > > The problem is that close() may reset the transmitter before the few > bytes of its internal buffer is sent on the wire; there's no "wait for > completion" feature in such simple hardware, so we just wait few > milliseconds. > > The transmitter buffer size is around 16 bytes, the byte rate is 3125 > bytes/second. So if we wait at least 16B / 3125B/s = 5.12ms, we're > safe. Waiting 10ms-20ms is enough and is unnoticeable. Just to be sure we're all on the same page, the comment says 20ms is 64 bytes' worth, and MIDI_MAXWRITE is 32 bytes, but you're saying the buffer is around 16 bytes. Is any of this inconsistent?
ipmi(4) fix
While playing with ipmi(4) attaching to acpi(4) I found out that using
an int for storing addresses isn't a good idea. If you use it to
store large addresses, the number becomes negative and will be sign
extended when converted into a 64-bit adddress. The appropriate type
to use here is bus_addr_t.
ok?
Index: dev/ipmivar.h
===
RCS file: /cvs/src/sys/dev/ipmivar.h,v
retrieving revision 1.31
diff -u -p -r1.31 ipmivar.h
--- dev/ipmivar.h 19 Aug 2019 18:31:02 - 1.31
+++ dev/ipmivar.h 18 Dec 2019 16:29:43 -
@@ -65,7 +65,7 @@ struct ipmi_attach_args {
int iaa_if_type;
int iaa_if_rev;
int iaa_if_iotype;
- int iaa_if_iobase;
+ bus_addr_t iaa_if_iobase;
int iaa_if_iospacing;
int iaa_if_irq;
int iaa_if_irqlvl;
Index: dev/ipmi.c
===
RCS file: /cvs/src/sys/dev/ipmi.c,v
retrieving revision 1.105
diff -u -p -r1.105 ipmi.c
--- dev/ipmi.c 19 Aug 2019 18:31:02 - 1.105
+++ dev/ipmi.c 18 Dec 2019 16:29:43 -
@@ -1450,7 +1450,7 @@ ipmi_map_regs(struct ipmi_softc *sc, str
if (bus_space_map(sc->sc_iot, ia->iaa_if_iobase,
sc->sc_if->nregs * sc->sc_if_iospacing,
0, &sc->sc_ioh)) {
- printf("%s: bus_space_map(%lx %x %x 0 %p) failed\n",
+ printf("%s: bus_space_map(%lx %lx %x 0 %p) failed\n",
DEVNAME(sc),
(unsigned long)sc->sc_iot, ia->iaa_if_iobase,
sc->sc_if->nregs * sc->sc_if_iospacing, &sc->sc_ioh);
@@ -1540,7 +1540,7 @@ ipmi_attach_common(struct ipmi_softc *sc
printf(": version %d.%d interface %s",
ia->iaa_if_rev >> 4, ia->iaa_if_rev & 0xF, sc->sc_if->name);
if (sc->sc_if->nregs > 0)
- printf(" %sbase 0x%x/%x spacing %d",
+ printf(" %sbase 0x%lx/%x spacing %d",
ia->iaa_if_iotype == 'i' ? "io" : "mem", ia->iaa_if_iobase,
ia->iaa_if_iospacing * sc->sc_if->nregs,
ia->iaa_if_iospacing);
Add sizes for free() in vio(4)
Hi tech@,
Here is a diff to add sizes for free() in vio(4).
There is an existing allocsize variable tracking size of allocations,
turns out we can pass it to free() in the error path.
Comments? OK?
Index: sys/dev/pv/if_vio.c
===
RCS file: /cvs/src/sys/dev/pv/if_vio.c,v
retrieving revision 1.14
diff -u -p -r1.14 if_vio.c
--- sys/dev/pv/if_vio.c 25 Oct 2019 07:13:54 - 1.14
+++ sys/dev/pv/if_vio.c 18 Dec 2019 14:13:45 -
@@ -482,7 +482,7 @@ err_reqs:
bus_dmamap_destroy(vsc->sc_dmat, sc->sc_rx_dmamaps[i]);
}
if (sc->sc_arrays) {
- free(sc->sc_arrays, M_DEVBUF, 0);
+ free(sc->sc_arrays, M_DEVBUF, allocsize);
sc->sc_arrays = 0;
}
err_hdr:
Re: openssl.1: note default -md value for openssl enc and how to get list of available hashes
On Wed, Dec 18, 2019 at 11:11:33AM +, Stuart Henderson wrote: > On 2019/12/18 06:30, Fabio Scotoni wrote: > > My reason for proposing that is a fear that people will still find years > > old or even decades old files much later on, forgetting or not realizing > > that they need to change -md. > > Having a note in the man page would help that specific scenario. > > The format of the man page doesn't lend itself to doing so, however. > > Would it be enough of a hint to just do this? > > Currently, the default value is > .Cm sha256 . I suppose this might help. I'm ok with that.
Re: openssl.1: note default -md value for openssl enc and how to get list of available hashes
On 2019/12/18 06:30, Fabio Scotoni wrote: > My reason for proposing that is a fear that people will still find years > old or even decades old files much later on, forgetting or not realizing > that they need to change -md. > Having a note in the man page would help that specific scenario. > The format of the man page doesn't lend itself to doing so, however. Would it be enough of a hint to just do this? Currently, the default value is .Cm sha256 . > Index: usr.bin/openssl/openssl.1 > === > RCS file: /cvs/src/usr.bin/openssl/openssl.1,v > retrieving revision 1.116 > diff -u -p -r1.116 openssl.1 > --- usr.bin/openssl/openssl.1 28 Nov 2019 11:21:33 - 1.116 > +++ usr.bin/openssl/openssl.1 18 Dec 2019 05:16:10 - > @@ -2176,11 +2176,8 @@ option. > Use > .Ar digest > to create a key from a pass phrase. > -.Ar digest > -may be one of > -.Cm md5 > -or > -.Cm sha1 . > +The default value is > +.Cm sha256 . > .It Fl none > Use NULL cipher (no encryption or decryption of input). > .It Fl nopad >
athn(4): use fixed 11n Tx retry rate while probing
This makes athn(4) use a constant Tx retry rate while MiRA is probing.
Should result in better initial Tx rate selection and thus less retries.
When testing this make sure your tree is up to date; my iwm(4) Tx retry
commit from today is required to compile this diff because that commit
added the new MiRA function being called here.
ok?
diff 66e914ccac1d2401a637a12167cad113075d2af0 /usr/src
blob - f58d36a19cad8454504d0b1f54ad89aa7966c822
file + sys/dev/ic/ar5008.c
--- sys/dev/ic/ar5008.c
+++ sys/dev/ic/ar5008.c
@@ -1375,6 +1375,11 @@ ar5008_tx(struct athn_softc *sc, struct mbuf *m, struc
/* Use same fixed rate for all tries. */
ridx[0] = ridx[1] = ridx[2] = ridx[3] =
sc->fixed_ridx;
+ } else if ((ni->ni_flags & IEEE80211_NODE_HT) &&
+ ieee80211_mira_is_probing(&an->mn)) {
+ /* Use same fixed rate for all tries. */
+ ridx[0] = ridx[1] = ridx[2] = ridx[3] =
+ ATHN_RIDX_MCS0 + ni->ni_txmcs;
} else {
/* Use fallback table of the node. */
int txrate;
Re: midi(4): *sleep(9) -> *sleep_nsec(9)
On Tue, Dec 17, 2019 at 07:09:02PM -0600, Scott Cheloha wrote: > The only conversion I'm having trouble with is the tsleep(). > The comment says "20ms", but then we use some arithmetic > to derive a count of ticks. > > Given > > hz * MIDI_MAXWRITE / MIDI_RATE > > You have hz ticks/second, and 32 bytes, and 3125 bytes/second, so you > have > > hz ticks 32 bytes 3125 bytes > * / -- > second1 second > > = 32 * hz ticks > - > 3125 > > = 1 ticks > > if hz = 100, with integer division. > > I'm not sure how to use the constants to produce a count of > milliseconds. Maybe I'm just having a slow day. The problem is that close() may reset the transmitter before the few bytes of its internal buffer is sent on the wire; there's no "wait for completion" feature in such simple hardware, so we just wait few milliseconds. The transmitter buffer size is around 16 bytes, the byte rate is 3125 bytes/second. So if we wait at least 16B / 3125B/s = 5.12ms, we're safe. Waiting 10ms-20ms is enough and is unnoticeable. ok ratchov
Re: attention please: host's IP stack behavior got changed slightly
Hello,
On Wed, Dec 18, 2019 at 12:24:57AM +0100, Alexander Bluhm wrote:
> On Mon, Dec 16, 2019 at 03:42:27PM +0100, Alexandr Nedvedicky wrote:
> > > I think this is a "do as I want" kind of thing. If I use pf(4) to redirect
> > > traffic to a different address then I think our version of strict host
> > > model should step back and accept the connection.
> >
> > and also the change makes IPv4 behavior consistent with IPv6.
> > so if we won't be committing diff for IPv4, then we should change IPv6
> > to enforce divert-to for IPv6 too.
>
> IPv4 and IPv6 code looks different. In ip6_input_if() the
> IN6_IS_ADDR_LOOPBACK() check accepts packets redirected to ::1. Do
> we really need that? We always have ::1 on lo0 and a valid route.
> And why should a source ::1 enforce local delivery? That looks
> odd.
>
> I would prefer to have the PF_TAG_TRANSLATE_LOCALHOST check in both
> ip_input_if() and ip6_input_if() to explicitly make clear that
> redirect does not follow the strict host model.
>
I see. Updated diff below makes ip6_input_if() to explicitly check
for PF_TAG_TRANSLATE_LOCALHOST tag, when ip6_forwarding is disabled.
if ip6_forwarding is enabled, then the ip6_input_if() keeps current
behavior.
thanks and
regards
sashan
8<---8<---8<--8<
diff --git a/sys/netinet/ip_input.c b/sys/netinet/ip_input.c
index 058b2f038fa..f4114f45045 100644
--- a/sys/netinet/ip_input.c
+++ b/sys/netinet/ip_input.c
@@ -753,7 +753,8 @@ in_ouraddr(struct mbuf *m, struct ifnet *ifp, struct
rtentry **prt)
}
}
} else if (ipforwarding == 0 && rt->rt_ifidx != ifp->if_index &&
- !((ifp->if_flags & IFF_LOOPBACK) || (ifp->if_type == IFT_ENC))) {
+ !((ifp->if_flags & IFF_LOOPBACK) || (ifp->if_type == IFT_ENC) ||
+ (m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST))) {
/* received on wrong interface. */
#if NCARP > 0
struct ifnet *out_if;
diff --git a/sys/netinet6/ip6_input.c b/sys/netinet6/ip6_input.c
index 5404d7ccfb4..919f8ae8f03 100644
--- a/sys/netinet6/ip6_input.c
+++ b/sys/netinet6/ip6_input.c
@@ -335,8 +335,11 @@ ip6_input_if(struct mbuf **mp, int *offp, int nxt, int af,
struct ifnet *ifp)
goto bad;
}
- if (IN6_IS_ADDR_LOOPBACK(&ip6->ip6_src) ||
- IN6_IS_ADDR_LOOPBACK(&ip6->ip6_dst)) {
+ if (((ip6_forwarding != 0) && ((IN6_IS_ADDR_LOOPBACK(&ip6->ip6_src) ||
+ IN6_IS_ADDR_LOOPBACK(&ip6->ip6_dst ||
+ ((ip6_forwarding == 0) &&
+ ((m->m_pkthdr.pf.flags & PF_TAG_TRANSLATE_LOCALHOST) &&
+ IN6_IS_ADDR_LOOPBACK(&ip6->ip6_dst {
nxt = ip6_ours(mp, offp, nxt, af);
goto out;
}
Re: openssl.1: note default -md value for openssl enc and how to get list of available hashes
On Wed, Dec 18, 2019 at 06:30:00AM +0100, Fabio Scotoni wrote: > On 12/18/19 5:46 AM, Theo Buehler wrote: > > The diff modifies the CA section, not ENC. I need to check if we can > > do something about the weak defaults there, but the diff is not > > correct. > > That's my bad. > New diff inline. Thanks, committed.
