[Patch] Capitalise "DHCP" and "DNS" in 70.html
Think I got them all. Ross Index: 70.html === RCS file: /cvs/www/70.html,v retrieving revision 1.85 diff -u -p -r1.85 70.html --- 70.html 9 Oct 2021 18:27:18 - 1.85 +++ 70.html 10 Oct 2021 05:02:35 - @@ -204,7 +204,7 @@ to 7.0. in https://man.openbsd.org/vmm.4;>vmm(4). Fixed https://man.openbsd.org/vmm.4;>vmm(4) vcpu locking issues. Added https://man.openbsd.org/vmd.8;>vmd(8) support for variable length vionet rx descriptor chains. - Prevented stack overflow in https://man.openbsd.org/vmd.8;>vmd(8) due to large dhcp packets on local interfaces. + Prevented stack overflow in https://man.openbsd.org/vmd.8;>vmd(8) due to large DHCP packets on local interfaces. Allowed locking of a randomly assigned lladdr in https://man.openbsd.org/vmd.8;>vmd(8). Skipped inspecting non-udp packets on local interfaces for https://man.openbsd.org/vmd.8;>vmd(8). Prevented guest virtio drivers from causing stack and buffer overflows in https://man.openbsd.org/vmd.8;>vmd(8). @@ -589,7 +589,7 @@ to 7.0. Changed https://man.openbsd.org/dhcpleased.8;>dhcpleased(8) client - identifier transmission to match other dhcp client implementations. + identifier transmission to match other DHCP client implementations. Simplified https://man.openbsd.org/dhcpleasectl.8;>dhcpleasectl(8) and added syntax to match Retried broadcast with https://man.openbsd.org/dhcpleased.8;>dhcpleased(8) when the - dhcp server is unreachable via unicast UDP. + DHCP server is unreachable via unicast UDP. Made https://man.openbsd.org/resolvd.8;>resolvd(8) - accept dns proposals for the loopback addresses. + accept DNS proposals for the loopback addresses. Added to https://man.openbsd.org/dhcpleased.conf.5;>dhcpleased.conf(5) the ability to ignore routes or nameservers from a lease and to ignore @@ -624,12 +624,12 @@ to 7.0. href="https://man.openbsd.org/resolvd.8;>resolvd(8), https://man.openbsd.org/slaacd.8;>slaacd(8) and https://man.openbsd.org/dhcpleased.8;>dhcpleased(8). - Implemented classless static routes dhcp option in Implemented classless static routes DHCP option in https://man.openbsd.org/dhcpleased.8;>dhcpleased(8). Added a new "nameserver" command to https://man.openbsd.org/route.8;>route(8), sending nameserver proposals to https://man.openbsd.org/resolvd.8;>resolvd(8) using the dns + href="https://man.openbsd.org/resolvd.8;>resolvd(8) using the DNS proposal protocol over the route socket. This command is intended be used to integrate userland triggered nameserver changes, for example by VPN software.
head(1): validate all line count arguments
Hi,
head(1) currently only validates the last count argument given. I
think we ought to be stricter. You can specify the -n option an
arbitrary number of times.
While here, let's use the default strtonum(3) error message format.
The option-argument name is "count", not "line count".
Before:
$ head -n blah
head: line count invalid: blah
$ jot 10 | head -n blah -n 5
1
2
3
4
5
After:
$ head -n blah
head: count is invalid: blah
$ jot 10 | head -n blah -n 5
head: count is invalid: blah
ok?
Index: head.c
===
RCS file: /cvs/src/usr.bin/head/head.c,v
retrieving revision 1.21
diff -u -p -r1.21 head.c
--- head.c 20 Mar 2016 17:14:51 - 1.21
+++ head.c 10 Oct 2021 01:31:29 -
@@ -48,11 +48,11 @@ static void usage(void);
int
main(int argc, char *argv[])
{
+ const char *errstr;
FILE*fp;
longcnt;
int ch, firsttime;
longlinecnt = 10;
- char*p = NULL;
int status = 0;
if (pledge("stdio rpath", NULL) == -1)
@@ -61,7 +61,9 @@ main(int argc, char *argv[])
/* handle obsolete -number syntax */
if (argc > 1 && argv[1][0] == '-' &&
isdigit((unsigned char)argv[1][1])) {
- p = argv[1] + 1;
+ linecnt = strtonum(argv[1] + 1, 1, LONG_MAX, );
+ if (errstr != NULL)
+ errx(1, "count is %s: %s", errstr, argv[1] + 1);
argc--;
argv++;
}
@@ -69,21 +71,15 @@ main(int argc, char *argv[])
while ((ch = getopt(argc, argv, "n:")) != -1) {
switch (ch) {
case 'n':
- p = optarg;
+ linecnt = strtonum(optarg, 1, LONG_MAX, );
+ if (errstr != NULL)
+ errx(1, "count is %s: %s", errstr, optarg);
break;
default:
usage();
}
}
argc -= optind, argv += optind;
-
- if (p) {
- const char *errstr;
-
- linecnt = strtonum(p, 1, LONG_MAX, );
- if (errstr)
- errx(1, "line count %s: %s", errstr, p);
- }
for (firsttime = 1; ; firsttime = 0) {
if (!*argv) {
Fix vi(1) recovery - new method
This is a new attempt at fixing vi(1) recovery by actually writing
to the recovery file. Previously I restored the SIGALRM method that
was deleted in the 90's but wondered if that was still the best way
to handle this. Checking and syncing to the recovery every 2 minutes
seems arbitrary and overly cautious.
This attempt takes it to the other direction. I'm writing each
change to the recovery file immediately after the in-memory database
is modified. Though, I can see that this might have a noticeable
impact on slower file systems.
VIM takes a sort of hybrid approach and writes to the backup every
200 characters or after 4 seconds of idle time. Perhaps this is the
best method to not get too far behind while also not hammering the
filesystem with quick edits.
For now, I'm sticking to the naive approach for review. The diff is
smaller than using SIGALRM and more straight forward and I'd like to
hear what method might make sense to improve the process. This code
would probably be the basis for other improvements.
Below is my original explanation of the problem with vi(1)'s
recovery.
This is a reference to the older SIGALRM diff (I have a version
updated to use the atomic signal flags if we want to look at the
SIGALRM process instead).
https://marc.info/?l=openbsd-tech=162940011614049
Tim.
-
While investigating an occasional crash when recovering a file with 'vi -r'
after a power failure, I noticed that the recovery files are actually never
updated during an editing session. The recovery files are created upon
initial modification of the file which saves the state of the file at the
time of the edit. You can work on a file for as long as you want and even
write it to disk but the recovery file is never updated. If the session is
then lost due to power failure or a SIGKILL and you attempt to recover with
-r, you'll be presented with the contents of the file from that first edit.
It won't contain unsaved changes nor even any changes manually written to
disk to the original file. Accepting the recovered version would lose all
of your work.
Reading the vi docs, man page, and source comments in the OpenBSD tree, they
all mention the use of SIGALRM to periodically save changes to the recovery
file. However, the code never sets up a handler or captures SIGALRM. It
only ever updates the recovery file on a SIGTERM but then also exits, I
guess to cover the case of an inadvertent clean system shutdown.
I dug through an nvi source repository[0] that seemed to cover it's entire
history and it seems this functionality was lost somewhere around 1994 and I
don't see it having been replaced by anything else. Our version seems to be
from 1996 and editors/nvi in ports still lacks code to update the recovery
file, as well.
What I've done is re-implement periodic updates to the recovery file using
SIGALRM and a timer like the original implementation but rewritten a bit to
fit the newer source file layout and event handling. That keeps the recovery
updated every 2 minutes. Then it seemed silly to be able to write changes to
the original file and if a crash happens before the next SIGALRM, recovery
would try to roll you back to before those saved changes. So I've also added
a call to sync the recovery file if you explicitly write changes to disk. I
don't think the recovery system should try to punish you for actively saving
your work even if it is only at most 2 minutes worth.
Comments or feedback? I'm unsure I've covered all caveats with this code or
if there are vi/ex usecases where it won't work correctly. For testing, I've
covered my usage and several scenarios I could contrive but I don't regularly
use ex, for example, or change many options from the default. I've been
running with this code for a week. And I suppose there must be a reason no
one has noticed or cared about this for over 20 years. Everyone else uses
vim, I guess?
Tim.
[0] https://repo.or.cz/nvi.git
-
Index: common/exf.h
===
RCS file: /cvs/src/usr.bin/vi/common/exf.h,v
retrieving revision 1.5
diff -u -p -r1.5 exf.h
--- common/exf.h24 Apr 2015 21:48:31 - 1.5
+++ common/exf.h9 Oct 2021 22:40:17 -
@@ -58,7 +58,8 @@ struct _exf {
#defineF_RCV_NORM 0x020 /* Don't delete recovery files.
*/
#defineF_RCV_ON0x040 /* Recovery is possible. */
#defineF_UNDO 0x080 /* No change since last undo. */
- u_int8_t flags;
+#defineF_RCV_SYNC 0x100 /* Recovery file sync needed. */
+ u_int16_t flags;
};
/* Flags to db_get(). */
Index: common/line.c
===
RCS file: /cvs/src/usr.bin/vi/common/line.c,v
retrieving revision 1.15
diff -u -p -r1.15 line.c
--- common/line.c 6 Jan 2016 22:28:52 - 1.15
+++ common/line.c 9 Oct 2021 22:40:17 -
@@ -218,7
syslogd: allow setting TLS protocols
This allows setting which TLS versions are usable by syslogd. Some
environments require that TLSv1.0 is disabled. Manual wording stolen from
ftp(1). any comments? ok?
Index: syslogd.8
===
RCS file: /cvs/src/usr.sbin/syslogd/syslogd.8,v
retrieving revision 1.60
diff -u -p -r1.60 syslogd.8
--- syslogd.8 27 Sep 2018 08:33:25 - 1.60
+++ syslogd.8 9 Oct 2021 20:27:37 -
@@ -51,6 +51,7 @@
.Op Fl S Ar listen_address
.Op Fl s Ar reporting_socket
.Op Fl T Ar listen_address
+.Op Fl t Ar tls_protocols
.Op Fl U Ar bind_address
.Ek
.Sh DESCRIPTION
@@ -155,6 +156,12 @@ There is no well-known port for syslog o
must be specified using the
.Ar host : Ns Ar port
syntax.
+.It Fl t Ar tls_protocols
+Specify the TLS protocols that will be supported by
+.Nm
+(see
+.Xr tls_config_parse_protocols 3
+for details).
.It Fl U Ar bind_address
Create a UDP socket for receiving messages and bind it to the
specified address.
Index: syslogd.c
===
RCS file: /cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.270
diff -u -p -r1.270 syslogd.c
--- syslogd.c 19 Sep 2021 10:17:36 - 1.270
+++ syslogd.c 9 Oct 2021 20:27:37 -
@@ -373,6 +373,7 @@ main(int argc, char *argv[])
char**path_unix, *path_ctlsock;
char**bind_host, **bind_port, **listen_host, **listen_port;
char*tls_hostport, **tls_host, **tls_port;
+ uint32_ttls_protocols = TLS_PROTOCOLS_ALL;
/* block signal until handler is set up */
sigemptyset();
@@ -392,7 +393,7 @@ main(int argc, char *argv[])
nbind = nlisten = ntls = 0;
while ((ch = getopt(argc, argv,
- "46a:C:c:dFf:hK:k:m:nP:p:rS:s:T:U:uVZ")) != -1) {
+ "46a:C:c:dFf:hK:k:m:nP:p:rS:s:T:t:U:uVZ")) != -1) {
switch (ch) {
case '4': /* disable IPv6 */
Family = PF_INET;
@@ -463,6 +464,11 @@ main(int argc, char *argv[])
address_alloc("listen", optarg, _host,
_port, );
break;
+ case 't': /* specify protocols for TLS */
+ if (tls_config_parse_protocols(_protocols, optarg)
+ != 0)
+ errx(1, "failed to parse TLS protocols");
+ break;
case 'U': /* allow udp only from address */
address_alloc("bind", optarg, _host, _port,
);
@@ -645,7 +651,7 @@ main(int argc, char *argv[])
log_warnx("options -c and -k must be used together");
}
if (tls_config_set_protocols(client_config,
- TLS_PROTOCOLS_ALL) != 0)
+ tls_protocols) != 0)
log_warnx("set client TLS protocols: %s",
tls_config_error(client_config));
if (tls_config_set_ciphers(client_config, "all") != 0)
@@ -695,7 +701,7 @@ main(int argc, char *argv[])
tls_config_verify_client(server_config);
}
if (tls_config_set_protocols(server_config,
- TLS_PROTOCOLS_ALL) != 0)
+ tls_protocols) != 0)
log_warnx("set server TLS protocols: %s",
tls_config_error(server_config));
if (tls_config_set_ciphers(server_config, "compat") != 0)
Re: More pchgpio(4)
> Date: Sat, 9 Oct 2021 20:55:10 +0200 (CEST)
> From: Mark Kettenis
>
> This time adding support for Sunrisepoint-H and Sunrisepoint-LP.
> Because of all the failed attempts by Intel to get their 10nm process
> under control, this may cover Intel Mobile CPUs marketed as 6th, 7th,
> 8th, 9th and 10th generation. So if you have a Laptop that isn't at
> least 5 years old, give this a try if pchgpio(4) doesn't attach. This
> may fix all sorts of issues with keyboards, touchpads or
> suspend/resume.
>
> ok?
Updated diff that masks unhandled interrupts like we do in amdgpio(4).
Index: dev/acpi/pchgpio.c
===
RCS file: /cvs/src/sys/dev/acpi/pchgpio.c,v
retrieving revision 1.8
diff -u -p -r1.8 pchgpio.c
--- dev/acpi/pchgpio.c 29 Sep 2021 22:03:33 - 1.8
+++ dev/acpi/pchgpio.c 9 Oct 2021 20:27:01 -
@@ -107,13 +107,76 @@ struct cfdriver pchgpio_cd = {
};
const char *pchgpio_hids[] = {
+ "INT344B",
"INT3450",
+ "INT3451",
+ "INT345D",
"INT34BB",
"INT34C5",
"INT34C6",
NULL
};
+/* Sunrisepoint-LP */
+
+const struct pchgpio_group spt_lp_groups[] =
+{
+ /* Community 0 */
+ { 0, 0, 0, 23, 0 }, /* GPP_A */
+ { 0, 1, 24, 47, 24 }, /* GPP_B */
+
+ /* Community 1 */
+ { 1, 0, 48, 71, 48 }, /* GPP_C */
+ { 1, 1, 72, 95, 72 }, /* GPP_D */
+ { 1, 2, 96, 119, 96 }, /* GPP_E */
+
+ /* Community 3 */
+ { 2, 3, 120, 143, 120 },/* GPP_F */
+ { 2, 4, 144, 151, 144 },/* GPP_G */
+};
+
+const struct pchgpio_device spt_lp_device =
+{
+ .pad_size = 16,
+ .gpi_is = 0x100,
+ .gpi_ie = 0x120,
+ .groups = spt_lp_groups,
+ .ngroups = nitems(spt_lp_groups),
+ .npins = 176,
+};
+
+/* Sunrisepoint-H */
+
+const struct pchgpio_group spt_h_groups[] =
+{
+ /* Community 0 */
+ { 0, 0, 0, 23, 0 }, /* GPP_A */
+ { 0, 1, 24, 47, 24 }, /* GPP_B */
+
+ /* Community 1 */
+ { 1, 0, 48, 71, 48 }, /* GPP_C */
+ { 1, 1, 72, 95, 72 }, /* GPP_D */
+ { 1, 2, 96, 108, 96 }, /* GPP_E */
+ { 1, 3, 109, 132, 120 },/* GPP_F */
+ { 1, 4, 133, 156, 144 },/* GPP_G */
+ { 1, 5, 157, 180, 168 },/* GPP_H */
+
+ /* Community 3 */
+ { 2, 0, 181, 191, 192 },/* GPP_I */
+};
+
+const struct pchgpio_device spt_h_device =
+{
+ .pad_size = 16,
+ .gpi_is = 0x100,
+ .gpi_ie = 0x120,
+ .groups = spt_h_groups,
+ .ngroups = nitems(spt_h_groups),
+ .npins = 224,
+};
+
+/* Cannon Lake-H */
+
const struct pchgpio_group cnl_h_groups[] =
{
/* Community 0 */
@@ -146,6 +209,8 @@ const struct pchgpio_device cnl_h_device
.npins = 384,
};
+/* Cannon Lake-LP */
+
const struct pchgpio_group cnl_lp_groups[] =
{
/* Community 0 */
@@ -173,6 +238,8 @@ const struct pchgpio_device cnl_lp_devic
.npins = 320,
};
+/* Tiger Lake-LP */
+
const struct pchgpio_group tgl_lp_groups[] =
{
/* Community 0 */
@@ -205,6 +272,8 @@ const struct pchgpio_device tgl_lp_devic
.npins = 360,
};
+/* Tiger Lake-H */
+
const struct pchgpio_group tgl_h_groups[] =
{
/* Community 0 */
@@ -242,7 +311,10 @@ const struct pchgpio_device tgl_h_device
};
struct pchgpio_match pchgpio_devices[] = {
+ { "INT344B", _lp_device },
{ "INT3450", _h_device },
+ { "INT3451", _h_device },
+ { "INT345D", _h_device },
{ "INT34BB", _lp_device },
{ "INT34C5", _lp_device },
{ "INT34C6", _h_device },
@@ -473,11 +545,38 @@ pchgpio_intr_establish(void *cookie, int
}
int
+pchgpio_intr_handle(struct pchgpio_softc *sc, int group, int bit)
+{
+ uint32_t enable;
+ int gpiobase, pin, handled = 0;
+ uint8_t bank, bar;
+
+ bar = sc->sc_device->groups[group].bar;
+ bank = sc->sc_device->groups[group].bank;
+ gpiobase = sc->sc_device->groups[group].gpiobase;
+
+ pin = gpiobase + bit;
+ if (sc->sc_pin_ih[pin].ih_func) {
+ sc->sc_pin_ih[pin].ih_func(sc->sc_pin_ih[pin].ih_arg);
+ handled = 1;
+ } else {
+ /* Mask unhandled interrupt. */
+ enable = bus_space_read_4(sc->sc_memt[bar], sc->sc_memh[bar],
+ sc->sc_device->gpi_ie + bank * 4);
+ enable &= ~(1 << bit);
+ bus_space_write_4(sc->sc_memt[bar], sc->sc_memh[bar],
+ sc->sc_device->gpi_ie + bank * 4, enable);
+ }
+
+ return handled;
+}
+
+int
pchgpio_intr(void *arg)
{
struct pchgpio_softc *sc = arg;
uint32_t status, enable;
- int gpiobase, group, bit, pin, handled = 0;
+ int group, bit, handled = 0;
uint16_t base, limit;
uint8_t bank, bar;
@@ -486,7 +585,6 @@
More pchgpio(4)
This time adding support for Sunrisepoint-H and Sunrisepoint-LP.
Because of all the failed attempts by Intel to get their 10nm process
under control, this may cover Intel Mobile CPUs marketed as 6th, 7th,
8th, 9th and 10th generation. So if you have a Laptop that isn't at
least 5 years old, give this a try if pchgpio(4) doesn't attach. This
may fix all sorts of issues with keyboards, touchpads or
suspend/resume.
ok?
Index: dev/acpi/pchgpio.c
===
RCS file: /cvs/src/sys/dev/acpi/pchgpio.c,v
retrieving revision 1.8
diff -u -p -r1.8 pchgpio.c
--- dev/acpi/pchgpio.c 29 Sep 2021 22:03:33 - 1.8
+++ dev/acpi/pchgpio.c 9 Oct 2021 18:54:41 -
@@ -107,13 +107,76 @@ struct cfdriver pchgpio_cd = {
};
const char *pchgpio_hids[] = {
+ "INT344B",
"INT3450",
+ "INT3451",
+ "INT345D",
"INT34BB",
"INT34C5",
"INT34C6",
NULL
};
+/* Sunrisepoint-LP */
+
+const struct pchgpio_group spt_lp_groups[] =
+{
+ /* Community 0 */
+ { 0, 0, 0, 23, 0 }, /* GPP_A */
+ { 0, 1, 24, 47, 24 }, /* GPP_B */
+
+ /* Community 1 */
+ { 1, 0, 48, 71, 48 }, /* GPP_C */
+ { 1, 1, 72, 95, 72 }, /* GPP_D */
+ { 1, 2, 96, 119, 96 }, /* GPP_E */
+
+ /* Community 3 */
+ { 2, 3, 120, 143, 120 },/* GPP_F */
+ { 2, 4, 144, 151, 144 },/* GPP_G */
+};
+
+const struct pchgpio_device spt_lp_device =
+{
+ .pad_size = 16,
+ .gpi_is = 0x100,
+ .gpi_ie = 0x120,
+ .groups = spt_lp_groups,
+ .ngroups = nitems(spt_lp_groups),
+ .npins = 176,
+};
+
+/* Sunrisepoint-H */
+
+const struct pchgpio_group spt_h_groups[] =
+{
+ /* Community 0 */
+ { 0, 0, 0, 23, 0 }, /* GPP_A */
+ { 0, 1, 24, 47, 24 }, /* GPP_B */
+
+ /* Community 1 */
+ { 1, 0, 48, 71, 48 }, /* GPP_C */
+ { 1, 1, 72, 95, 72 }, /* GPP_D */
+ { 1, 2, 96, 108, 96 }, /* GPP_E */
+ { 1, 3, 109, 132, 120 },/* GPP_F */
+ { 1, 4, 133, 156, 144 },/* GPP_G */
+ { 1, 5, 157, 180, 168 },/* GPP_H */
+
+ /* Community 3 */
+ { 2, 0, 181, 191, 192 },/* GPP_I */
+};
+
+const struct pchgpio_device spt_h_device =
+{
+ .pad_size = 16,
+ .gpi_is = 0x100,
+ .gpi_ie = 0x120,
+ .groups = spt_h_groups,
+ .ngroups = nitems(spt_h_groups),
+ .npins = 224,
+};
+
+/* Cannon Lake-H */
+
const struct pchgpio_group cnl_h_groups[] =
{
/* Community 0 */
@@ -146,6 +209,8 @@ const struct pchgpio_device cnl_h_device
.npins = 384,
};
+/* Cannon Lake-LP */
+
const struct pchgpio_group cnl_lp_groups[] =
{
/* Community 0 */
@@ -173,6 +238,8 @@ const struct pchgpio_device cnl_lp_devic
.npins = 320,
};
+/* Tiger Lake-LP */
+
const struct pchgpio_group tgl_lp_groups[] =
{
/* Community 0 */
@@ -205,6 +272,8 @@ const struct pchgpio_device tgl_lp_devic
.npins = 360,
};
+/* Tiger Lake-H */
+
const struct pchgpio_group tgl_h_groups[] =
{
/* Community 0 */
@@ -242,7 +311,10 @@ const struct pchgpio_device tgl_h_device
};
struct pchgpio_match pchgpio_devices[] = {
+ { "INT344B", _lp_device },
{ "INT3450", _h_device },
+ { "INT3451", _h_device },
+ { "INT345D", _h_device },
{ "INT34BB", _lp_device },
{ "INT34C5", _lp_device },
{ "INT34C6", _h_device },
Re: less: merge upstream bugfixes
On Sat, 09 Oct 2021 13:15:39 +0200, Tobias Stoeckmann wrote: > this merges latest bugfixes from upstream to our version of less. > No new features introduced. Upstream commits and issues are linked as > references. OK millert@ - todd
etc/syslog.conf: adjust comment for log host sample config
The comments in etc/syslog.conf describe partially log-client setup and partially log-host setup and use UDP. I think it would be better to focus on "loghost-client" setup in the default config, the server options needed seem better described in syslogd(8) than in comments in syslog.conf. Since we have nice TLS features I think it makes sense to advertise them here too, and remove the mention of ISDN which makes it seem dated. any comments? OK? Index: syslog.conf === RCS file: /cvs/src/etc/syslog.conf,v retrieving revision 1.20 diff -u -p -r1.20 syslog.conf --- syslog.conf 27 Dec 2016 13:38:14 - 1.20 +++ syslog.conf 9 Oct 2021 11:48:35 - @@ -22,13 +22,10 @@ mail.info /var/log/maillog # Everyone gets emergency messages. #*.emerg * -# Uncomment to log to a central host named "loghost". You need to run -# syslogd with the -u option on the remote host if you are using this. -# (This is also required to log info from things like routers and -# ISDN-equipment). If you run -u, you are vulnerable to syslog bombing, -# and should consider blocking external syslog packets. -#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @loghost -#auth,daemon,syslog,user.info;authpriv,kern.debug @loghost +# Uncomment to log to a central host named "loghost" using syslog-tls. +# Other protocols are available, see syslogd(8). +#*.notice;auth,authpriv,cron,ftp,kern,lpr,mail,user.none @tls://loghost +#auth,daemon,syslog,user.info;authpriv,kern.debug @tls://loghost # Uncomment to log messages from doas(1) to its own log file. Matches are done # based on the program name.
less: merge upstream bugfixes
Hi,
this merges latest bugfixes from upstream to our version of less.
No new features introduced. Upstream commits and issues are linked as
references.
brac.c:
Signed integer overflow with huge files.
https://github.com/gwsw/less/pull/210
https://github.com/gwsw/less/commit/e6eb4c8ddd7f4e7135facad6c30d80886148ca70
command.c:
A prompt should not be shown if explicitly requested to not show one.
Reproducible by entering "-+e" within less. This should
not yield any status output (CTRL + SHIFT + P suppresses the prompt).
https://github.com/gwsw/less/commit/93fee11541b6837a0063e728e60c50da7929924b
decode.c:
Out of boundary accesses and endless loop with user-specified lesskey file
possible (-k option).
https://github.com/gwsw/less/pull/199
https://github.com/gwsw/less/pull/203
https://github.com/gwsw/less/commit/7318ae5ce310fe8a8784a8b0c80132099b11862c
https://github.com/gwsw/less/commit/d07da7152ecc2086809965646e1b8b7a95b6452c
optfunc.c, http to https:
Upstream changed URL to https, we should do the same.
https://github.com/gwsw/less/commit/a8b4980c8403f6f41ef5e534e6b8ad3b919604a3
optfunc.c:
Increase buffer to stay compatible with upstream. Our TABSTOP_MAX is large
enough to prevent overflow of the buffer already, but keep it in sync in
case we reduce TABSTOP_MAX to 32 just like upstream does by default.
https://github.com/gwsw/less/commit/6a860ee977eea7bfa065789ea4319ecab5af703c
option.c:
prchar has a larger buffer than propt uses internally. This does not lead to
an overflow, we could just truncate custom formatter outputs.
https://github.com/gwsw/less/commit/1d95a137938f347c78bdefa91bde6d7e3678bba0
Okay?
Tobias
Index: brac.c
===
RCS file: /cvs/src/usr.bin/less/brac.c,v
retrieving revision 1.9
diff -u -p -u -p -r1.9 brac.c
--- brac.c 9 Nov 2015 16:39:13 - 1.9
+++ brac.c 9 Oct 2021 10:58:27 -
@@ -75,6 +75,8 @@ match_brac(int obrac, int cbrac, int for
nest = 0;
while ((c = (*chget)()) != EOI) {
if (c == obrac) {
+ if (nest == INT_MAX)
+ break;
nest++;
} else if (c == cbrac && --nest < 0) {
/*
Index: command.c
===
RCS file: /cvs/src/usr.bin/less/command.c,v
retrieving revision 1.32
diff -u -p -u -p -r1.32 command.c
--- command.c 3 Sep 2019 23:08:42 - 1.32
+++ command.c 9 Oct 2021 10:58:28 -
@@ -264,6 +264,7 @@ is_erase_char(int c)
static int
mca_opt_first_char(int c)
{
+ int no_prompt = (optflag & OPT_NO_PROMPT);
int flag = (optflag & ~OPT_NO_PROMPT);
if (flag == OPT_NO_TOGGLE) {
switch (c) {
@@ -277,12 +278,14 @@ mca_opt_first_char(int c)
switch (c) {
case '+':
/* "-+" = UNSET. */
- optflag = (flag == OPT_UNSET) ? OPT_TOGGLE : OPT_UNSET;
+ optflag = no_prompt |
+ ((flag == OPT_UNSET) ? OPT_TOGGLE : OPT_UNSET);
mca_opt_toggle();
return (MCA_MORE);
case '!':
/* "-!" = SET */
- optflag = (flag == OPT_SET) ? OPT_TOGGLE : OPT_SET;
+ optflag = no_prompt |
+ ((flag == OPT_SET) ? OPT_TOGGLE : OPT_SET);
mca_opt_toggle();
return (MCA_MORE);
case CONTROL('P'):
Index: decode.c
===
RCS file: /cvs/src/usr.bin/less/decode.c,v
retrieving revision 1.19
diff -u -p -u -p -r1.19 decode.c
--- decode.c28 Jun 2019 13:35:01 - 1.19
+++ decode.c9 Oct 2021 10:58:28 -
@@ -563,6 +563,7 @@ static int
new_lesskey(char *buf, int len, int sysvar)
{
char *p;
+ char *end;
int c;
int n;
@@ -575,21 +576,28 @@ new_lesskey(char *buf, int len, int sysv
buf[len-1] != C2_END_LESSKEY_MAGIC)
return (-1);
p = buf + 4;
+ end = buf + len;
for (;;) {
c = *p++;
switch (c) {
case CMD_SECTION:
n = gint();
+ if (n < 0 || p + n >= end)
+ return (-1);
add_fcmd_table(p, n);
p += n;
break;
case EDIT_SECTION:
n = gint();
+ if (n < 0 || p + n >= end)
+ return (-1);
add_ecmd_table(p, n);
p += n;
break;
case VAR_SECTION:
n = gint();
+ if (n < 0 || p + n >= end)
+
[Patch] Fix a few typos (etc.) in 70.html
Hope these are right! Ross Index: 70.html === RCS file: /cvs/www/70.html,v retrieving revision 1.83 diff -u -p -r1.83 70.html --- 70.html 8 Oct 2021 16:31:36 - 1.83 +++ 70.html 9 Oct 2021 11:04:41 - @@ -483,7 +483,7 @@ to 7.0. In https://man.openbsd.org/bgpctl.8;>bgpctl(8) print out both the sent "Neighbor capabilities" and the "Negotiated capabilities" for a session. Print timestamps both as a formatted and a pure time in seconds - filed in various JSON objects. + field in various JSON objects. Fixed a bug, where during https://man.openbsd.org/bgpd.8;>bgpd(8) config reloads prefixes of the wrong address family could leak to peers resulting in session resets. Added support for RFC 7313 - Enhanced Route Refresh @@ -501,7 +501,7 @@ to 7.0. Implemented receive side of RFC 7911 - Advertisement of Multiple Paths in BGP. OpenBGPD is currently not able to send multiple paths out. Improved checks of VRPs loaded via RTR or from the roa-set table. - Allowed to optionally specify an expiry time for roa-set entries to + Allowed optionally specifying an expiry time for roa-set entries to mitigate BGP route decision making based on outdated RPKI data. OpenBGPD's companion rpki-client(8) produces roa-sets with the new 'expires' property @@ -542,10 +542,10 @@ to 7.0. and CRL validity times. The 'expires' value can be used to avoid route selection based on stale data when generating VRP sets, when faced with loss of communication between consumer and validator, or - validator and CA repository, + validator and CA repository. Made the runtime timeout (-s option) also trigger in - child proecesses. - Improved RRDP support and make RRDP as default protocol for + child processes. + Improved RRDP support and make RRDP the default protocol for synchronizing the RPKI repository data, with https://man.openbsd.org/openrsync.1;>openrsync(1) used as secondary. At startup, warn if the filesystem containing the cache directory
[Possible patch] httpd and HEAD requests to CGI scripts
This relates to the earlier messages I sent to bugs@ in:
https://marc.info/?t=16330937691=1=2
RFC 7231 [HTTP/1.1] section 4.3.2. "HEAD" states:
The HEAD method is identical to GET except that the server MUST NOT
send a message body in the response (i.e., the response terminates at
the end of the header section).
RFC 3875 [The Common Gateway Interface (CGI) Version 1.1] in
section 4.3.2 HEAD states:
The HEAD method requests the script to do sufficient processing to
return the response header fields, without providing a response
message-body. The script MUST NOT provide a response message-body
for a HEAD request. If it does, then the server MUST discard the
message-body when reading the response from the script.
Therefore, a CGI script which sends a message body is violation of the CGI
specification, but so is the server if it fails to elide the body.
With httpd, we see (for example):
$ printf "HEAD /cgi-bin/ftplist.cgi?dbversion=1
HTTP/1.0\r\nHost:ftp.openbsd.org\r\n\r\n" \
| nc -c ftp.openbsd.org https
HTTP/1.0 200 OK
Connection: close
Content-type: text/plain
Date: Fri, 01 Oct 2021 12:50:59 GMT
Server: OpenBSD httpd
https://mirror.aarnet.edu.au/pub/OpenBSD Canberra, Australia
https://cdn.openbsd.org/pub/OpenBSD Fastly (CDN)
https://cloudflare.cdn.openbsd.org/pub/OpenBSD Cloudflare (CDN)
...
RND_BYTES=0xfe9832a3...
So httpd isn't behaving correctly.
The patch below is offered in the hope that it is a starting point for
a proper solution. Whilst it solves the problem in a simple test case,
I'm insufficiently familiar with the httpd code to know whether this is
correct or sufficient!
Ross
Index: server_fcgi.c
===
RCS file: /cvs/src/usr.sbin/httpd/server_fcgi.c,v
retrieving revision 1.88
diff -u -p -r1.88 server_fcgi.c
--- server_fcgi.c 20 May 2021 15:12:10 - 1.88
+++ server_fcgi.c 9 Oct 2021 10:18:55 -
@@ -559,6 +559,11 @@ server_fcgi_read(struct bufferevent *bev
return;
}
}
+ if (clt->clt_fcgi.headerssent &&
+ ((struct http_descriptor *)
+ clt->clt_descreq)->http_method
+ == HTTP_METHOD_HEAD)
+ return;
if (server_fcgi_writechunk(clt) == -1) {
server_abort_http(clt, 500,
"encoding error");
Re: iwm: initial 40Mhz channel support
Hi Stefan, * Stefan Sperling wrote: > This patch adds initial support for 40Mhz channels to the iwm driver. > > There are a few changes in net80211 to support this feature in RA and > when parsing beacons. The work for net80211 is not yet complete but > more can be done incrementally later. What is missing in particular > is integration with ifconfig to display the use of a 40 MHz channel. > > And there is no way to force 40 MHz off at the client side yet. > If the AP announces support for 40MHz we will always use it. Whether or > not we'll need an override to handle some edge case remains to be seen. > > Please test this on any supported iwm(4) device. Thanks! Running this diff on iwm0 at pci2 dev 0 function 0 "Intel Dual Band Wireless-AC 8265" rev 0x78, msi iwm0: hw rev 0x230, fw ver 36.ca7b901d.0, address 7c:2a:31:4d:1c:b9 and noticed no regression so far. I checked with tcpdump -n -i iwm0 -v -y IEEE802_11_RADIO -s 4096 type mgt and subtype beacon and I am on a 20MHz channel. According to my Fritzbox all 2.4Ghz clients are on 20Mhz and the 11ac clients are on 80Mhz. Cheers Matthias
Re: hostctl does not work on Xen
From: Brian Brombacher Date: Fri, 8 Oct 2021 11:22:23 -0400 > I can see from the Ubuntu dmesg that it’s Xen 4.11.4. What mode are you > running the OpenBSD vm in (PVH or HVM)? Provide your config file for the vm > to help answer that. I was used following command when install OpenBDS. $ sudo virt-install \ --name=obsd69 \ --memory=2048,maxmemory=4096 \ --vcpus=4,maxvcpus=6 \ --cpu host \ --os-variant=openbsd6.6 \ --cdrom=/home/asou/Downloads/install69.iso \ --network=bridge=virbr0,model=virtio \ --graphics=vnc \ --disk path=/var/lib/libvirt/images/obsd69.qcow2,size=32,bus=virtio,format=qcow2 -- ASOU Masato > >> On Oct 8, 2021, at 12:41 AM, Masato Asou wrote: >> >> Attached obsd69-dmesg.txt and ubuntu-dmesg.txt. >> >> regards. >> -- >> ASOU Masato >> >> From: Brian Brombacher >> Date: Thu, 7 Oct 2021 23:21:59 -0400 >> > On Oct 7, 2021, at 9:46 PM, Masato Asou wrote: How can I use the hostctl command on Xen virtual machine? The hostctl command doesn't work on my Ubuntu (bear metal PC) + Xen + OpenBSD 6.9 release as follows: $ hostctl device hostctl: open: /dev/pvbus0: Operation not supported by device $ doas hostctl device doas (a...@obsd69.my.domain) password: hostctl: open: /dev/pvbus0: Operation not supported by device $ ls -l /dev/pvbus0 crw-r- 1 root wheel 95, 0 Oct 7 04:21 /dev/pvbus0 $ Could not found pvbus as follows: $ dmesg | grep pvbus $ On the other hand, hostctl command works correctly for OpenBSD 6.9 release on ESXi and Hyper-V. On ESXi as follows: $ hostctl guestinfo.ip 192.168.10.113 $ dmesg | egrep '(pvbus|vmt)' pvbus0 at mainbus0: VMware vmt0 at pvbus0 $ On Hyper-V as follows: $ hostctl GUest/Parameters/HostName DESKTOP-4AL1JIR $ dmesg | egrep '(pvbus|hyperv)' pvbus0 at mainbus0: Hyper-V 10.0 hyperv0 at pvbus0: protocol 4.0, features 0x2e7f hyperv0: heartbeat, kvp, shutdown, timesync hvs0 at hyperv0 channel 2: ide, protocol 6.2 hvs1 at hyperv0 channel 15: scsi, protocol 6.2 hvn0 at hyperv0 channel 14: NVS 5.0 NDIS 6.30, address 00:15:5d:0a:80:00 $ -- ASOU Masato >>> >>> Provide a dmesg >>> >> >> OpenBSD 6.9 (GENERIC.MP) #473: Mon Apr 19 10:40:28 MDT 2021 >>dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP >> real mem = 4278026240 (4079MB) >> avail mem = 4132995072 (3941MB) >> random: good seed from bootblocks >> mpath0 at root >> scsibus0 at mpath0: 256 targets >> mainbus0 at root >> bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xbd80 (13 entries) >> bios0: vendor SeaBIOS version "1.13.0-1ubuntu1.1" date 04/01/2014 >> bios0: QEMU Standard PC (i440FX + PIIX, 1996) >> acpi0 at bios0: ACPI 1.0 >> acpi0: sleep states S5 >> acpi0: tables DSDT FACP APIC >> acpi0: wakeup devices >> acpitimer0 at acpi0: 3579545 Hz, 24 bits >> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat >> cpu0 at mainbus0: apid 0 (boot processor) >> cpu0: AMD EPYC Processor, 3194.29 MHz, 17-01-02 >> cpu0: >> FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,RDRAND,HV,NXE,MMXX,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,SVM,AMCR8,ABM,SSE4A,FSGSBASE,BMI1,SMEP,BMI2,ERMS,MPX,ADX,SMAP,PCOMMIT,CLFLUSHOPT,CLWB,PKU,XSAVEOPT,XGETBV1 >> cpu0: 64KB 64b/line 4-way I-cache, 32KB 64b/line 8-way D-cache, 512KB >> 64b/line 8-way L2 cache >> cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped >> cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped >> cpu0: smt 0, core 0, package 0 >> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges >> cpu0: apic clock running at 999MHz >> cpu0: mwait min=0, max=0, IBE (bogus) >> cpu1 at mainbus0: apid 1 (application processor) >> cpu1: AMD EPYC Processor, 3194.40 MHz, 17-01-02 >> cpu1: >> FPU,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,ACPI,MMX,FXSR,SSE,SSE2,SS,SSE3,PCLMUL,MWAIT,SSSE3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,RDRAND,HV,NXE,MMXX,PAGE1GB,RDTSCP,LONG,3DNOW2,3DNOW,LAHF,SVM,AMCR8,ABM,SSE4A,FSGSBASE,BMI1,SMEP,BMI2,ERMS,MPX,ADX,SMAP,PCOMMIT,CLFLUSHOPT,CLWB,PKU,XSAVEOPT,XGETBV1 >> cpu1: 64KB 64b/line 4-way I-cache, 32KB 64b/line 8-way D-cache, 512KB >> 64b/line 8-way L2 cache >> cpu1: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped >> cpu1: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped >> cpu1: disabling user TSC (skew=-23997) >> cpu1: smt 0, core 0, package 1 >> cpu2 at mainbus0: apid 2 (application processor) >> cpu2: AMD EPYC Processor, 3192.81 MHz, 17-01-02 >> cpu2: >>
