Re: IPv6 Support for umb(4)

On 2020/05/01 20:10, Gerhard Roth wrote: > On 4/30/20 11:07 PM, Stuart Henderson wrote: > > On 2020/04/30 20:32, Gerhard Roth wrote: > > > Hi Theo, > > > > > > is umb really working that differently for a P2P interface? I think it is > > > very simil

Re: iked(8): Removing SHA1 from default transforms

On 2020/05/02 00:23, Stephan Mending wrote: > Hi, > > I actually read your thread. By what I understood you're at the moment > trying to change a few defaults. > > That was the reason I wanted to add SHA1 for removal. I just thought it > deserved a seperate thread. > > I do understand that you'r

Re: iked(8): Removing SHA1 from default transforms

On 2020/05/02 00:43, Stephan Mending wrote: > On 02/05/2020 00:40, Stuart Henderson wrote: > > On 2020/05/02 00:23, Stephan Mending wrote: > > > Hi, > > > > > > I actually read your thread. By what I understood you're at the moment > > > trying t

Re: acpipci(4); derive bus number from _CRS

On 2020/05/02 14:29, Mark Kettenis wrote: > I've always interpreted the bit of code that takes the bus number from > _CRS instead of _BBN, ut allegedly this is not how it works and _BBN > is supposedly only there to make sure we can access PCI config space > of the host bridge from AML code. > > F

ospf6d ls_update segv

Seeing some of these, including in brand new -current. I think it's triggered when another ospf6-speaker in the area restarts. ospf6d[1296]: route decision engine exiting ospf6d[214]: kernel routing table decoupled ospf6d[214]: ospf engine terminated; signal 11 ospf6d[214]: terminating Program te

Re: ospf6d ls_update segv

On 2020/05/02 16:48, Stuart Henderson wrote: > Seeing some of these, including in brand new -current. I think it's triggered > when another ospf6-speaker in the area restarts. > > ospf6d[1296]: route decision engine exiting > ospf6d[214]: kernel routing table decoupled > o

Re: Tighter pledges for ftp(1)

On 2020/05/02 20:19, Demi M. Obenour wrote: > The following patch tightens the pledges for ftp(1). > > This guarantees that ftp(1) cannot spawn child processes when operating > in batch mode, which is a significant security win. It breaks interactive mode (!ls, more somefile, get somefile "|rot13

Re: [PATCH] add ping(1)-like stats to tcpbench(1)

Is it worth triggering this on SIGINFO? I use that often with ping(1). Index: tcpbench.c === RCS file: /cvs/src/usr.bin/tcpbench/tcpbench.c,v retrieving revision 1.62 diff -u -p -r1.62 tcpbench.c --- tcpbench.c 2 May 2020 22:00:29 -0

Re: [PATCH] add ping(1)-like stats to tcpbench(1)

On 2020/05/04 09:23, Richard Procter wrote: > I like it. > > Assuming a mention in tcpbench.1 - ok procter ok like this? text stolen from ping. Index: tcpbench.1 === RCS file: /cvs/src/usr.bin/tcpbench/tcpbench.1,v retrieving revi

Re: JSON support for bgpctl(8)

On 2020/05/07 17:02, Richard Chivers wrote: > Hi, > > Great to hear about the json support for bgpctl. > > Will bgpctl latest work with 6.6 bgpd, so we can compile a bgpctl_latest > with the json support for testing, without upgrading the rest of bgpd on > our boxes? It definitely won't, but if

Re: nsd 4.3.1

On 2020/05/08 06:58, Florian Obser wrote: > I'm running this for about 2 weeks or so. > Tests, OKs? Just off to look at a radio link in a church tower that I suspect a pigeon may have knocked out of alignment, I'll put this on some machines when I get back, just wanted to comment: > - I'm adding

Re: userland clock_gettime proof of concept

Thanks for looking at this Paul! On 2020/05/13 17:15, Robert Nagy wrote: > On 13/05/20 17:05 +0200, Mark Kettenis wrote: > > > The update currently does the work of clock_gettime(), but it can > > > probably be changed to only update the timehands and move the logic > > > elsewhere. Note that if w

Re: 6.7 snaps upgrade went fine - Intel ax200ngw not so much

On 2020/05/13 13:46, sven falempin wrote: > *Please* > advise how to squeeze more information to thwart that problem. If I had a card using a newly developed driver that was doing that, I would remove the card, offer to send it to somebody working on the driver if they want it, and replace it with

Re: bgpctl paged output for show rib

On 2020/05/17 12:02, Claudio Jeker wrote: > On Sun, May 17, 2020 at 11:51:33AM +0200, Denis Fondras wrote: > > > This implements a way to add a limit for bgpctl show rib output. > > > When a limit is set then the output will include a token (at the end) > > > that can be used to get the next batch

Re: Prometheus core metrics for bgpd and ospfd approach ideas

On 2020/05/18 15:31, Richard Chivers wrote: > Hi, > > We could do with exposing certain metrics from bgpd, ospfd and pf. > > I was considering a couple of approaches and really was just > interested in what would make most sense in general. > > Has anyone else considered this at all? > > Would

Re: Removing old video drivers

On 2020/05/19 14:23, Dirk Praet wrote: > A manual xorg config with the vesa driver brought X back to life, but not > until I set machdep.allowaperture=2 in /etc/sysctl.conf . Thanks for your > reply, Matthieu. I do hope 6.7 doesn't come with similar surprises, though Run -current between releases

Re: Remove useless line from daemon class in login.conf

On 2020/05/22 17:06, Daniel Jakots wrote: > Hi, > > We used to have different numbers of blowfish rounds between the > default and daemon classes in login.conf. On Jun 26, 2016, tedu > committed "upgrade selected login.conf to use auto rounds for bcrypt" > for amd64, sparc64, i386, and maccpc [1].

Re: Remove useless line from daemon class in login.conf

On 2020/05/22 16:04, Theo de Raadt wrote: > Stuart Henderson wrote: > > > On 2020/05/22 17:06, Daniel Jakots wrote: > > > Hi, > > > > > > We used to have different numbers of blowfish rounds between the > > > default and daemon classes in l

Re: userland clock_gettime proof of concept

I'm running it here. On 2020/05/28 17:44, Paul Irofti wrote: > diff --git lib/libc/shlib_version lib/libc/shlib_version > index 06f98b01084..5fb0770494f 100644 > --- lib/libc/shlib_version > +++ lib/libc/shlib_version > @@ -1,4 +1,4 @@ > major=96 > -minor=0 > +minor=1 > # note: If changes were m

Re: [RFC] pppd: add pipex(4) L2TP control support

On 2020/05/28 19:42, Jason McIntyre wrote: > On Wed, May 27, 2020 at 08:43:47AM +0200, Martin Pieuchot wrote: > > On 26/05/20(Tue) 10:31, Claudio Jeker wrote: > > > [...] > > > npppd(8) is server only it can not establish a connection. pppd(8) on the > > > other hand is more client side (but I thi

Re: userland clock_gettime proof of concept

On 2020/05/29 13:50, Paul Irofti wrote: > +struct __timekeep { > + uint32_t major; /* version major number */ > + uint32_t minor; /* version minor number */ > + > + u_int64_t th_scale; > + unsigned intth_offset_count; > + struct bintime

Re: official ports vs DEBUG_PACKAGES

On 2020/05/29 18:14, Marc Espie wrote: > In a trace: > > > > > #3 0x15e48c95459e in WebVfx::shutdown () > > > > at /usr/obj/ports/webvfx-1.2.0/webvfx-1.2.0/webvfx/webvfx.cpp:193 > > Now, this is NOT the default location for WRKOBJDIR, but we are shipping > packages with debug informatio

Re: official ports vs DEBUG_PACKAGES

On 2020/05/29 17:25, Bob Beck wrote: > On Fri, May 29, 2020 at 06:14:44PM +0200, Marc Espie wrote: > > In a trace: > > > > > > > #3 0x15e48c95459e in WebVfx::shutdown () > > > > > at /usr/obj/ports/webvfx-1.2.0/webvfx-1.2.0/webvfx/webvfx.cpp:193 > > > > Now, this is NOT the default loca

Re: Xwindows keymap weirdness

On 2020/06/01 15:56, Stéphane Aulery wrote: > Le 01/06/2020 15:46, Matthieu Herrb a écrit : > > On Mon, Jun 01, 2020 at 03:28:52PM +0200, Stéphane Aulery wrote: > > > Le 01/06/2020 14:55, Matthieu Herrb a écrit : > > > > > > > > > > > > > > (I have just tried with a test user with nothing configure

drop addtrust from cert.pem?

OK to drop the expired AddTrust cert from cert.pem? I checked against the firefox set, there are no new/removed certs that work with libressl there. There are now two with GENERALIZEDTIME notAfter dates from before 2050 that don't work though (I only remember seeing one of those when I last looked

Re: drop addtrust from cert.pem?

On 2020/06/02 21:38, Bob Beck wrote: > On Mon, Jun 01, 2020 at 06:04:17PM +0100, Stuart Henderson wrote: > > OK to drop the expired AddTrust cert from cert.pem? > > yes, thanks. > > > > > I checked against the firefox set, there are no new/removed certs that >

Re: top: Fill last character in process line

On 2020/06/03 12:46, Klemens Nanni wrote: > > i_process() prints process lines from the global buffer thisline[MAX_COLS] > which is filed by format_next_process() using snprintf(3), i.e. it is > guaranteed to be NUL terminated. > > display_width is always set to screen_width and capped to

Re: top: Fill last character in process line

On 2020/06/03 14:49, Klemens Nanni wrote: > On Wed, Jun 03, 2020 at 12:45:35PM +0100, Stuart Henderson wrote: > > It should check terminal capabilities for this, see termcap(5). > > If 'am' (auto-margin) is set then it shouldn't write to the final column. > >

Re: Some redundant code lines in sys

On 2020/06/05 13:50, Denis Fondras wrote: > On Fri, Jun 05, 2020 at 12:56:21PM +0200, Prof. Dr. Steffen Wendzel wrote: > > Dear all: > > > > just in case this appears useful to you: I found some redundant code > > lines in the following files. > > > > sys/net/pipex.h: > >struct pipex_session

Re: userland clock_gettime proof of concept

On 2020/06/08 12:59, Paul Irofti wrote: > This iteration of the diff adds bounds checking for tk_user and moves > the usertc.c stub to every arch in libc as recommanded by deraadt@. > It also fixes a gettimeofday issue reported by cheloha@ and tb@. > > The acpihpet stub is still there, but it will

Re: netstat -R: list rdomains with associated ifs and tables

It's useful information, I like it. (I preferred it with the route count, but I agree, it's hard on the system if there's a full DFZ table). One thing though - > twister ..in/netstat$ obj/netstat -R > Rdomain 0 > Interfaces: lo0 iwm0 re0 enc0 pflog0 > Routing tables: 0 6 7 77 When there are

Re: netstat -R: list rdomains with associated ifs and tables

On 2020/06/13 23:29, Sebastian Benoit wrote: > Of course that makes parsing the output more difficult. not really.. netstat -R|awk -F : '/Routing table/ {print $2}'

ddb(4): tr /t 0t

Every time I want to use this I spend several minutes figuring out rhe correct prefix, it would help to add a note. Ok? Index: man4/ddb.4 === RCS file: /cvs/src/share/man/man4/ddb.4,v retrieving revision 1.97 diff -u -p -r1.97 ddb.4

pckbd_enable: command error. anything to worry about?

It doesn't seem to be causing a problem but I've noticed these recently and thought I'd write a mail to at least document it / when it started. 2020-06-17T11:00:52.021Z symphytum /bsd: root on sd1a (2b4432fd9000a5b7.a) swap on sd1b dump on sd1b 2020-06-17T11:00:52.021Z symphytum /bsd: inteldrm0:

Re: userland clock_gettime proof of concept

On 2020/06/19 20:28, Paul Irofti wrote: > On Fri, Jun 19, 2020 at 06:52:40PM +0200, Mark Kettenis wrote: > > I don't expect userland processes to call CLOCK_UPTIME in a loop like > > they tend to do do for CLOCK_MONOTONIC and CLOCK_REALTIME. Linux > > doesn't have it ;). > > I don't care eitherwa

sample unbound.conf tweak

An "uncomment" was left in when we reenabled dnssec by default, and it seems a bit pointless to say "comment out to disable". ok? Index: unbound.conf === RCS file: /cvs/src/etc/unbound.conf,v retrieving revision 1.19 diff -u -p -r1.

Re: lfence for rdtsc

On 2020/06/21 18:46, Paul Irofti wrote: > > > În 21 iunie 2020 16:30:43 EEST, Theo de Raadt a scris: > >Paul Irofti wrote: > > > >> If you change the name to rdtsc_ordered(), OK. > > > >That is a weaker name. > > > >Ordered in what way, at what level; ordered against what? > > > >This is using

Re: sample unbound.conf tweak

On 2020/06/21 18:29, Klemens Nanni wrote: > On Sun, Jun 21, 2020 at 04:47:22PM +0100, Stuart Henderson wrote: > > An "uncomment" was left in when we reenabled dnssec by default, > > and it seems a bit pointless to say "comment out to disable". ok? > Reads be

Re: Blacklist Ericsson F5521GW from umass

On 2020/06/22 14:10, Tobias Heider wrote: > On Mon, Jun 22, 2020 at 02:01:43PM +0200, Tobias Heider wrote: > > Hi, > > > > I noticed that the ramdisk takes ages to boot on my T420. > > It seems that without umodem in the kernel, umass tries to attach to my > > Erricson F5521GW WAN modem and fails

awk FS behaviour change

The Sep 10, 2019 version of awk introduced a change in handling this: ifconfig egress | awk '/inet / {FS="[ .]"; print "host-"$4"-"$5"}' Given a line like inet 10.20.30.40 netmask 0xff00 broadcast 10.20.30.255 it used to return host-30-40, now it returns host-0xfff0-broadcast.

Re: Stuck in Needbuf state, trying to understand (6.7)

On 2020/06/26 15:30, sven falempin wrote: > behavior confirmed on current. > > Once the process stalls, ( could be anything writing to the vnconfig disk, > cp , umount ) > a few other calls like df , or ps, etc may hang, never the same > sp or mp kernel, reproduced on today's snapshots. vnconfig

Re: libressl pc files

[this is re: https://marc.info/?l=openbsd-tech&m=160673147428172&w=2] On 2021/04/12 13:25, Todd C. Miller wrote: > This is a bit of a mess. LibreSSL portable puts the LibreSSL version > number in the pc files. In-tree LibreSSL uses 1.0.0 which is clearly > wrong--using SHLIB_VERSION_NUMBER for t

Re: POSIX_C_SOURCE 200809L, XOPEN_SOURCE 700 and bsd_locale_fallbacks errors

On 2021/04/13 19:36, Rafael Sadowski wrote: > Based on my cmake pull-request(1) to fix the cmake build on OpenBSD, the > following question has arisen which is worth analysing? > > "It seems OpenBSD has a strange behavior because macro _POSIX_C_SOURCE is a > standard! @sizeofvoid What are the err

Re: ugen(4) communication issues with UPS (nut) blazer_usb and nutdrv_qx

On 2021/04/22 22:52, xs wrote: > - I've seen mentions of usb_quirks.c for usbhid driver in > /usr/local/share/doc/pkg-readmes/nut > ``` > The option with fewest side-effects is to add the following entries to > the table in /sys/dev/usb/usb_quirks.c and build a new kernel: > > { USB_VENDOR_APC,

Re: Unlock top part of uvm_fault()

On 2021/04/22 15:38, Martin Pieuchot wrote: > Diff below remove the KERNEL_LOCK()/UNLOCK() dance from uvm_fault() for > both amd64 and sparc64. That means the kernel lock will only be taken > for lower faults and some amap/anon code will now run without it. > > I'd be interested to have this test

Re: enable dt(4)

On 2021/04/26 17:13, Sebastien Marie wrote: > On Mon, Apr 26, 2021 at 12:35:11PM +0200, Patrick Wildt wrote: > > Hi, > > > > as proposed by bluhm@ recently, this is the diff to enable dt(4) in > > GENERIC. The overhead should be small, and I have been using it on > > arm64 to successfully debug i

Re: Respect X-Forwarded-Proto in httpd

On 2021/04/27 10:40, Vincent Lee wrote: > > Hi all, > > Consider the following situation. A reverse proxy which performs TLS > termination is deployed in front of httpd, which listens unencrypted on > localhost. > > There is code in httpd to handle the case where a directory is accessed, > but

Re: Respect X-Forwarded-Proto in httpd

On 2021/04/27 16:23, Raymond E. Pasco wrote: > On Tue Apr 27, 2021 at 3:40 PM EDT, Stuart Henderson wrote: > > How does this work with other web servers? For example, I don't see the > > string X-Forwarded-Proto in nginx or Apache httpd (and the use of other > > X-For

Re: monotonic time going back by wrong skews

On 2021/04/05 09:34, Scott Cheloha wrote: > > On Apr 5, 2021, at 09:07, Stuart Henderson wrote: > > > > I've attached r620-E5_2630v2-2p6c2t.tgz, from Dell PE R620 with E5-2630v2. > > This is a machine which has "disabling user TSC (skew=XXX)" reported fo

Re: Diff for www:FAQ ports/ports

thanks, committed. On 2021/05/02 15:46, b...@stephane-huc.net wrote: > Hi, > > Here a diff for www page: FAQ ports/ports > > Hi, see this typo error on the page. > > Right? > > > Index: faq/ports/ports.html > === > RCS file:

Re: services(5): add default ftps ports

On 2021/05/04 12:07, Jan Klemkow wrote: > Hi, > > Add missing ftps defaults ports to servies(5). > > OK? > > bye, > Jan > > Index: services > === > RCS file: /cvs/src/etc/services,v > retrieving revision 1.99 > diff -u -p -r1.99 se

Re: Time to commit FUSE changes

On 2021/05/07 17:14, Helg wrote: > Hi tech@ > > Now that 6.9 has been released I'd like to commit my changes to replace > libfuse from base with the reference implementation from ports. > > Can I please have an OK? I'll commit the ports changes at the same time > (separate email already sent to p

Re: patch: add support for RTLD_NODELETE

We are due a _SYSTEM_VERSION bump for the clang update, it can ride alongside that -- Sent from a phone, apologies for poor formatting. On 10 May 2021 08:01:18 Sebastien Marie wrote: Hi, The following diff adds support for RTLD_NODELETE in ld.so(1). It helps Qt programs which is using RTLD

Re: iked(8): support for intermediate CAs and multiple CERT payloads

I can't test at the moment, but as you asked for comments too: this is *very* welcome, it's an important missing feature. Thanks! -- Sent from a phone, apologies for poor formatting. On 13 May 2021 06:40:49 Katsuhiro Ueno wrote: Hi, I would be happy if iked(8) supports intermediate CAs and

Re: iked(8): support for intermediate CAs and multiple CERT payloads

On 2021/05/14 21:14, Tobias Heider wrote: > On Thu, May 13, 2021 at 02:39:37PM +0900, Katsuhiro Ueno wrote: > > Hi, > > > > I would be happy if iked(8) supports intermediate CAs and sends the > > entire certificate chain to the clients. The diff attached adds > > supports for intermediate CAs and

Re: [patch] tcpdump: Sync DNS types with IANA

For the love of $deity if we're updating this file can we please change these T_XXX to the ns_t_xxx used by everything else so we don't have to patch everything in ports using them? -- Sent from a phone, apologies for poor formatting. On 19 May 2021 04:24:40 Matthew Martin wrote: Sync the D

Re: Very little patch : ref getrtable in rdomain

System calls are not a stable interface in OpenBSD. And aren't they now blocked except from libc or am I mistaken? The way to do this from Perl is to write an extension in C. You can probably crib from src/gnu/usr.bin/perl/cpan/OpenBSD-Pledge. -- Sent from a phone, apologies for poor formatti

Re: [patch] tcpdump: Sync DNS types with IANA

When I have time (I'm hopeful for next week but not sure yet) I'll see how this goes with a ports bulk build. On 2021/05/19 22:44, Matthew Martin wrote: > On Wed, May 19, 2021 at 08:01:00AM +0100, Stuart Henderson wrote: > > For the love of $deity if we're updating this f

Re: [patch] tcpdump: Sync DNS types with IANA

On 2021/05/20 08:36, Theo Buehler wrote: > On Thu, May 20, 2021 at 07:05:24AM +0100, Stuart Henderson wrote: > > When I have time (I'm hopeful for next week but not sure yet) I'll > > see how this goes with a ports bulk build. > > This diff changes usr.sbin/tcp

Re: bcmintc(4) diff for raspberry pi3

On 2021/05/22 12:06, Mark Kettenis wrote: > Can't find my raspberry pi3 right now. But here is a diff that avoids > spinning with interrupts disabled while trying to grab the kernel lock > for it. I'd appreciate it if somebody could give this a spin for me. > Just checking whether it works normal

Re: [PATCH] [src] sys/dev/usb/usbdevs - add "SHARKOON Technologies GmbH" vendor ID

On 2021/05/24 16:27, Raf Czlonka wrote: > On Mon, May 24, 2021 at 04:10:00PM BST, Theo de Raadt wrote: > > But does it matter? > > Did this[0] matter? > [0] > https://cvsweb.openbsd.org/src/sys/dev/usb/usbdevs.diff?r1=1.698&r2=1.699&sortby=date&f=h Yes, that one is used in a driver.

Re: Pull Request

OpenBSD does not use pull requests. Please send your diff, with explanation, in an email to this mailing list. -- Sent from a phone, apologies for poor formatting. On 31 May 2021 11:56:27 Reuven Plevinsky wrote: https://github.com/reuvenP/src/commit/db909be68a3b03e68787de55d218388f33c4c4c6

ospfd seq out of order in ls_upd floods

Sometimes I see authentication errors from ospfd, mainly (though possibly not entirely always) on a 30 minute cycle, e.g. these log entries 2021-06-03T05:30:04.952Z ospfd[31748]: spf_calc: area 0.0.0.0 calculated 2021-06-03T05:51:43.785Z ospfd[76044]: auth_validate: decreasing seq num, interfac

cert.pem sync

I was just reminded of the Apple cert problem with GeoTrust Global CA and checked and they're using better intermediates for api.push.apple.com now. OK to sync up with Mozilla's CA bundle again, including removal of GeoTrust Global CA? Changes in the list first; diff below: -AC Camerfirma S.A. -

Re: cert.pem sync

On 2021/06/10 13:05, Theo Buehler wrote: > On Thu, Jun 10, 2021 at 11:39:46AM +0100, Stuart Henderson wrote: > > I was just reminded of the Apple cert problem with GeoTrust Global CA > > and checked and they're using better intermediates for api.push.apple.com > > now. OK

Fix unsafe snmpd defaults

By default, snmpd responds to the frequently abused community strings "public" and "private". To prevent this, at present you must either use "seclevel auth" or "seclevel enc" (if you would like to only use SNMPv3), set an explicit string for the read-only community, or set either an explicit stri

Re: Fix unsafe snmpd defaults

On 2021/06/14 19:40, Martijn van Duren wrote: > On Mon, 2021-06-14 at 12:55 +0100, Stuart Henderson wrote: > > By default, snmpd responds to the frequently abused community strings > > "public" and "private". > > > > To prevent this, at present you m

Re: Fix unsafe snmpd defaults

> > > - if the concern is amplification attacks then setting the minlevel to > > >   authpriv is too high, since you'll silently break logins for users > > >   that miss the enckey parameter. > > >   I changed this to always default to seclevel auth. > > > > I do still think enc is the safer defau

Re: Fix unsafe snmpd defaults

On 2021/06/20 12:12, Martijn van Duren wrote: > I didn't change the example, since the example below shows how to set > up snmpv3 and this example's accompanying text is already on the long > side. I did change the text a little to "for SNMPv2c messages only", > so that it's clearer that this does

Re: Fix unsafe snmpd defaults

On 2021/06/20 12:46, Martijn van Duren wrote: > And here's the diff to change the crypto defaults. > > Currently snmp(1) and snmpd(8) don't match up by default since snmp(1) > uses md5/des as per RFC3414 (sha-1 is a should, md5 is a must) and > net-snmpd's defaults, where snmpd(8) uses sha-1/des.

Re: Fix unsafe snmpd defaults

Index: current.html === RCS file: /cvs/www/faq/current.html,v retrieving revision 1.1071 diff -u -p -r1.1071 current.html --- current.html26 May 2021 12:12:58 - 1.1071 +++ current.html20 Jun 2021 11:58:05 -

Re: snmpd(8) Better traphandler flow

On 2021/06/20 22:31, Martijn van Duren wrote: > On Fri, 2021-06-11 at 16:13 +0200, Martijn van Duren wrote: > > any takers? > > > > On Fri, 2021-06-04 at 22:11 +0200, Martijn van Duren wrote: > > > ping > > > > > > On Fri, 2021-05-28 at 08:19 +0200, Martijn van Duren wrote: > > > > As the origina

Re: SiFive Unmatched radeondrm/amdgpu

On 2021/06/25 21:41, Mickael Torres wrote: > Here is a new version of the diff, based on an up-to-date tree, and > (hopefully) with tabs as tabs. Hi, the tabs are fixed now, but it's word-wrapped so still causes indigestion for patch(1). This suggestions a setting which may help: https://www.kerne

Re: systat(1) counter overflow

On 2021/07/02 13:09, Martin Pieuchot wrote: > On 01/07/21(Thu) 13:53, Anindya Mukherjee wrote: > > Hi, > > > > I noticed that if I leave the system running for more than about a month, > > some > > of the counters in the uvm view of systat(1) overflow and become negative. > > This > > is because

Re: systat(1) counter overflow

On 2021/07/02 13:43, Stuart Henderson wrote: > Go has its own translated copy of structs from system headers (e.g. > in golang.org/x/sys/unix/zsysctl_openbsd_*) and these are bundled in > many ports that use go (even core system libraries are not exempt from > "vendoring"

Re: systat(1) counter overflow

On 2021/07/03 01:09, Anindya Mukherjee wrote: > Thanks for the discussion. This has been very illuminating. I have been > digging > around in /usr/src/ and ignoring the atomic architectures (where I got stuck) > it > looks like it should be possible to use uint64_t everywhere. I'm playing with >

Re: xmm(4): WIP diff for Intel XMM7360 LTE modem

Notes so far: > +xmmc*) > + dev=${U%.*} > + func=${U#*.} > + M xmmc$U c 101 $(($(($dev*16))+$func)) 660 > + ;; "sh MAKEDEV xmmc" isn't enough, it needs "sh MAKEDEV xmmc.0" > + ret = EIO; > + syslog(LOG_ERR, "FCC unlock not implemented, yet"); Thus ends my initial experim

Re: xmm(4): WIP diff for Intel XMM7360 LTE modem

On 2021/07/09 16:33, Stuart Henderson wrote: > Notes so far: > > > +xmmc*) > > + dev=${U%.*} > > + func=${U#*.} > > + M xmmc$U c 101 $(($(($dev*16))+$func)) 660 > > + ;; > > "sh MAKEDEV xmmc" isn't enough, it needs "sh MAKE

Re: xmm(4): WIP diff for Intel XMM7360 LTE modem

On 2021/07/09 17:22, Stuart Henderson wrote: > On 2021/07/09 16:33, Stuart Henderson wrote: > > Notes so far: > > > > > +xmmc*) > > > + dev=${U%.*} > > > + func=${U#*.} > > > + M xmmc$U c 101 $(($(($dev*16))+$func)) 660 > > > + ;; > &

Re: dhcpleased: default route with classless static routes option

On 2021/07/17 13:16, Bjorn Ketelaars wrote: > An inconsistency exists between dhclient(8) and dhcpleased(8) when > receiving the Classless Static Routes option: dhcpleased creates a > default route, while dhclient does not. > > If I'm not mistaken, the behaviour of dhclient is correct. From rfc344

Re: ahci(4): Add support for JMicron JMB585 chipset

On 2021/07/25 14:55, Jonathan Matthew wrote: > On Thu, Jul 22, 2021 at 10:45:17PM -0400, Ashton Fagg wrote: > > I have two devices here based on the JMicron JMB585 chipset. This diff > > adds the required pcidev IDs and sets disables native command queuing in > > the driver. FreeBSD does something

Re: ahci(4): Add support for JMicron JMB585 chipset

On 2021/07/25 13:25, Mark Kettenis wrote: > > Date: Sun, 25 Jul 2021 12:08:09 +0100 > > From: Stuart Henderson > > > > On 2021/07/25 14:55, Jonathan Matthew wrote: > > > On Thu, Jul 22, 2021 at 10:45:17PM -0400, Ashton Fagg wrote: > > > > I have

Re: dhcpleased vs gif(4) (and othes like that)

On 2021/08/01 12:57, Gregory Edigarov wrote: > Hello Everybody, > > The very minimal change to make it work correctly: Running configuration twice on all interfaces is not 'very minimal' and could easily cause more problems than it solves. > +# We need to run /etc/netstart two times, first is to

Re: iked(8): Increase the default Child SA data lifetime limit

On 2021/08/03 01:12, Vitaliy Makkoveev wrote: > iked(8) uses 3 hours and 512 megabytes of processed data as default > lifetime hard limits for Child SA. Also it sets 85-95% of these values as > soft limit. iked(8) should perform rekeying before we reach hard limit > otherwise this SA will be killed

Re: iked(8): Increase the default Child SA data lifetime limit

On 2021/08/03 17:02, Vitaliy Makkoveev wrote: > > - a 50% lower limit feels too low to me > > > > Why? The 95% limit is too close to lifetime expiration and as it was > exposed we don't have enough time to perform rekeying. I also had this > problem while tested iked(8) over WIFI connection and t

Re: Fix unsafe snmpd defaults

On 2021/06/15 17:39, Stuart Henderson wrote: > > Then again, I don't get the feeling many people use snmpd at this time > > and maybe it's a good moment to bite the bullet and go for safest > > defaults possible at this time. But if that's the case I would lik

Re: Fix unsafe snmpd defaults

On 2021/08/03 22:07, Martijn van Duren wrote: > On Tue, 2021-08-03 at 18:24 +0100, Stuart Henderson wrote: > > On 2021/06/15 17:39, Stuart Henderson wrote: > > > > Then again, I don't get the feeling many people use snmpd at this time > > > > and maybe it

Re: Add versioned lib to system perl's @INC for non-packaged modules

On 2021/08/04 19:45, Ingo Schwarze wrote: > Hi Andrew, > > Andrew Fresh wrote on Fri, Jul 30, 2021 at 05:34:40PM -0700: > > On Sun, May 16, 2021 at 03:30:39PM -0700, Andrew Hewus Fresh wrote: > > >> There do appear to be some annoyances with still shared directories for > >> man pages, in that if

Re: rpki-client support more http status codes

On 2021/08/04 19:58, Sebastian Benoit wrote: > just as i had looked them up :P My usual quick http status code reference doesn't even have 103 (and the graphical representation of https://http.cat/308 is a bit confusing :)

Re: Fix unsafe snmpd defaults

On 2021/08/03 23:46, Martijn van Duren wrote: > On Tue, 2021-08-03 at 21:58 +0100, Stuart Henderson wrote: > > On 2021/08/03 22:07, Martijn van Duren wrote: > > > On Tue, 2021-08-03 at 18:24 +0100, Stuart Henderson wrote: > > > > On 2021/06/15 17:39, Stuart Henderson

Re: Fix unsafe snmpd defaults

On 2021/08/07 15:17, Martijn van Duren wrote: > Let me give one final pushback, if this doesn't convince you then feel > free to commit sthen's diff without my OK, but make sure it stays in > sync with snmp(1). I was convinced enough to try it, hence okaying your previous diff, but practical exper

Re: Fix unsafe snmpd defaults

On 2021/08/08 10:05, Martijn van Duren wrote: > > +++ etc/examples/snmpd.conf 7 Aug 2021 21:45:44 - > > @@ -1,24 +1,26 @@ > >  # $OpenBSD: snmpd.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $ > >   > > -listen_addr="127.0.0.1" > > +# Default is to listen to all addresses for SNMPv3 only; "lis

Re: dhcpleased(8): ignore servers / parts of lease

On 2021/08/09 15:03, Andras Vinter wrote: > It's probably an overkill for first implementation, but in the future > I think we should support subnet definitions in CIDR notation (e.x.: > 192.168.0.0/24) and IP ranges for fine control (e.x.: > 192.168.0.100-192.168.0.254). dhclient never needed tha

Re: snmpd: tweak listen on

On 2021/08/09 20:55, Martijn van Duren wrote: > Updated diff after my engineid commit. ok > Index: snmpd.conf.5 > === > RCS file: /cvs/src/usr.sbin/snmpd/snmpd.conf.5,v > retrieving revision 1.53 > diff -u -p -r1.53 snmpd.conf.5 > --

Re: CVS: cvs.openbsd.org: src

On 2021/08/09 22:35, Martijn van Duren wrote: > Moving to tech@ > > On Mon, 2021-08-09 at 20:56 +0100, Stuart Henderson wrote: > > On 2021/08/09 12:14, Martijn van Duren wrote: > > > CVSROOT:/cvs > > > Module name:src > > > Changes by: m

Re: snmp(1): Fix unsafe defaults

On 2021/08/11 16:35, Martijn van Duren wrote: > Following snmpd, remove the public default community and move to snmpv3 > by default. This is also what net-snmp does. I originally chose this > default because that's what snmpctl did and it allowed for easier > interoperability with snmpd(8). v3 by

Re: snmp(1): Fix unsafe defaults

On 2021/08/11 19:34, Martijn van Duren wrote: > On Wed, 2021-08-11 at 18:03 +0100, Stuart Henderson wrote: > > On 2021/08/11 16:35, Martijn van Duren wrote: > > > Following snmpd, remove the public default community and move to snmpv3 > > > by default. This is also what

Re: ucc(4): consumer control keyboard device driver

On 2021/08/18 18:48, Martin Pieuchot wrote: > Regarding the introduction of a separate wskbd(4) this can be seen as an > intermediate step. Having this logic in ukbd(4) implies revisiting the > way reportID are mapped to USB drivers, which is still a bit of a hack > when it comes to supporting mul

Re: [patch] traceroute timeouts

On 2021/08/20 10:46, Florian Obser wrote: > Makes sense to me, OK florian I think 1 second by default is still too short.

Re: [patch] traceroute timeouts

Shell aliases are good for that. I think I'd be happy with 3 seconds by default. 2 feels a bit short on overloaded links, GPRS, and some round-the-world packet trips -- Sent from a phone, apologies for poor formatting. On 20 August 2021 16:30:24 Tom Smyth wrote: Hello all,, would it make

<    1   2   3   4   5   6   7   8   9   10   >