add DSA and ECDSA to relayd ca engine

Hi, Two diffs below. The first moves ecdsa_method declaration from ecs_locl.h to ecdsa.h, as ecs_locl.h is not installed in /usr/include/openssl/. The second one adds DSA and ECDSA capabilities to relayd ca engine, and also checks that when using a DSA certificate, we have enabled EDH in the

Re: Request for Funding our Electricity

On Wed, Jan 15, 2014 at 06:25:53PM +0200, MJ wrote: I have long held the opinion that Theo is probably the best coder on this planet. That?s not any sort of ass-kissing, either, it?s my objective, unbiased opinion. And I know Henning personally, as in ?live and worked together with him -

iked control process crash at startup

Hi tech@, I've been using iked for some weeks to tunnel my laptop to home over 3G. Sunday I upgraded my laptop to the latest snapshot; previous upgrade was about 2 or 3 weeks ago. When I started iked, it crashed randomly, as in one time it runs just fine and completes the handshake, the other it

Re: PATCH: NAT on IPSec

On Thu, Jan 15, 2015 at 04:00:20PM +0100, Vincent Gross wrote: Hello folks, This patch brings nat capabilites into iked, the same way that mpf@ did with isakmpd about 6 years ago. Comments ? bumpity bump bump. Any comments on this ? Tested with the following setup, with icmp, udp

PATCH: NAT on IPSec

Hello folks, This patch brings nat capabilites into iked, the same way that mpf@ did with isakmpd about 6 years ago. Comments ? Tested with the following setup, with icmp, udp and tcp: Local pf.conf: table homev4 { 172.23.0.0/23 } set skip on lo match out on enc0 from ! homev4 to homev4

Re: PATCH: clarifying iked.conf man

On Mon, Apr 20, 2015 at 07:35:58PM +0059, Jason McIntyre wrote: On Wed, Apr 15, 2015 at 05:13:13PM +0200, Vincent Gross wrote: Hello, iked.conf's man page is a bit fuzzy on how local and peer ip defaults are set. This patch below attempts to fix that. if you can specify one

PATCH: iked SA cleanup on shutdown

Hi folks, this patch makes iked clean its SAs on shutdown: for each existing IKE SA, all of their Child SAs will be removed from the kernel, and a IKE DELETE notification payload will be sent to the peer. Comments ? Cheers, -- Vincent / dermiste Index: iked.h

PATCH: bring crypto(9) up to speed with crypto/cryptodev.h

Hi folks, crypto(9) describes functions and constants that are not part of crypto/cryptodev.h anymore (see 1.58 - 1.60), this patch fixes that. Cheers, -- Vincent / dermiste Index: crypto.9 === RCS file:

PATCH: clarifying iked.conf man

Hello, iked.conf's man page is a bit fuzzy on how local and peer ip defaults are set. This patch below attempts to fix that. Also, can you take a look at my previous nat-on-ipsec-on-iked patchset ? see http://marc.info/?l=openbsd-techm=142662971007779w=2 Cheers, Index: iked.conf.5

Re: autoinstall(8) tweaks

to run a handful of shell commands over ssh ? Cheers, -- Vincent Gross

rewrite if_ifwithaddr() to use rtalloc(9)

regress/sys/net/rdomains still passes with this diff. Ok ? Index: net/if.c === RCS file: /cvs/src/sys/net/if.c,v retrieving revision 1.398 diff -u -p -r1.398 if.c --- net/if.c25 Oct 2015 21:58:04 - 1.398 +++ net/if.c

Re: kill struct inpcbtable's inpt_lastport

On 09/12/15 22:10, Claudio Jeker wrote: > On Sat, Sep 12, 2015 at 02:40:59PM +0200, Vincent Gross wrote: >> inpt_lastport is never read without being written before, and only >> in_pcbbind() >> and in6_pcbsetport() are using it. This diff removes inpt_lastport from >>

Re: kill struct inpcbtable's inpt_lastport

On 09/13/15 10:37, Claudio Jeker wrote: > On Sun, Sep 13, 2015 at 12:18:10AM +0200, Vincent Gross wrote: >> On 09/12/15 22:10, Claudio Jeker wrote: >>> On Sat, Sep 12, 2015 at 02:40:59PM +0200, Vincent Gross wrote: >>>> inpt_lastport is never read without

kill struct inpcbtable's inpt_lastport

inpt_lastport is never read without being written before, and only in_pcbbind() and in6_pcbsetport() are using it. This diff removes inpt_lastport from struct inpcbtable and turns it into a local variable where it is used. Ok ? -- Vincent Index: sys/netinet/in_pcb.c

dedup in_pcbbind() port scan loop

hanges right now or should ipv4 be validated first ? -- Vincent Gross Index: netinet/in_pcb.c === RCS file: /cvs/src/sys/netinet/in_pcb.c,v retrieving revision 1.180 diff -u -p -r1.180 in_pcb.c --- netinet/in_pcb.c22 Sep 2015

Re: kill struct inpcbtable's inpt_lastport

h remarks are true, but I think it is better to keep a more extensive refactoring in a separate diff, refactoring that shall get rid of this yucky code duplication. -- Vincent Gross

Re: kill struct inpcbtable's inpt_lastport

On 09/13/15 11:49, Vincent Gross wrote: > On 09/13/15 10:37, Claudio Jeker wrote: >> On Sun, Sep 13, 2015 at 12:18:10AM +0200, Vincent Gross wrote: >>> On 09/12/15 22:10, Claudio Jeker wrote: >>>> On Sat, Sep 12, 2015 at 02:40:59PM +0200, Vincent Gross wrote: >

Re: kill struct inpcbtable's inpt_lastport

On 09/18/15 23:39, David Hill wrote: > On Fri, Sep 18, 2015 at 11:05:55PM +0200, Vincent Gross wrote: >> On 09/18/15 15:18, David Hill wrote: >>> Is this 'if (count)' statement needed? We know first > last, so count >>> will always be positive. lastport will

explicitly check broadcast addresses on some ifa_ifwithaddr() uses

When fed a broadcast address, ifa_ifwitaddr() returns the unicast ifa whose broadcast address match the input. This is used mainly to select ifa, and there can be trouble when you have 2 ifas on the same range (e.g. 10.0.0.1/24@em0 & 10.0.0.20/24@em1) : netinet/ip_mroute.c:814 net/route.c:785

Re: explicitly check broadcast addresses on some ifa_ifwithaddr() uses

On 12/02/15 20:06, Martin Pieuchot wrote: > On 02/12/15(Wed) 16:18, Vincent Gross wrote: >> When fed a broadcast address, ifa_ifwitaddr() returns the unicast ifa >> whose broadcast address match the input. This is used mainly to select >> ifa, and there can be trouble

Re: explicitly check broadcast addresses on some ifa_ifwithaddr() uses

On 12/03/15 10:21, Vincent Gross wrote: > On 12/02/15 20:06, Martin Pieuchot wrote: >> On 02/12/15(Wed) 16:18, Vincent Gross wrote: >>> When fed a broadcast address, ifa_ifwitaddr() returns the unicast ifa >>> whose broadcast address match the input. This is us

Add SO_REUSEADDR when binding SO_REUSEPORT socket to multicast address

in_pcbbind and in6_pcbbind both extends SO_REUSEADDR for multicast addresses so that it turns into a SO_REUSEPORT. But the check is done in such a way that you cannot bind a SO_REUSEPORT-enabled socket to a multicast address *after* you bound a SO_REUSEADDR-enabled socket to the same address.

simplify in6_selectsrc() logic

in6_selectsrc() uses two different rtalloc calls depending on whether or not the destination address is multicast or not, but there is nothing to explain why. I dug a bit and found this commit from itojun@ : diff -u -r1.6 -r1.7 --- src/sys/netinet6/in6_src.c 2000/06/18 04:49:32 1.6 +++

Re: Do not pass NULL to rtdeletemsg()

On 12/07/15 14:57, Martin Pieuchot wrote: > If the interface is gone that means you're dealing with a cached route > so there's no need to try to remove it from the table. > > Better be explicit and do that before calling rtdeletemsg() rather than > inside. > > ok? ok vgross@ > > Index:

Re: "Adding" the same IPv6 address twice

On 12/21/15 11:36, Martin Pieuchot wrote: > Currently if you try to configure the same IPv6 address twice via the > SIOCAIFADDR_IN6 ioctl(2) the kernel will return EEXIST and the address > will be unset: > > # ifconfig vether0 inet6 2001::1 > # ifconfig vether0 inet6 2001::1 > ifconfig:

merge in_ and in6_pcbbind(), introduce in(6)_pcbaddrisavail()

in_pcbbind and in6_pcbbind have a lot in common, the only meaningful differences are in the checks done to ensure a sockaddr is available. This diff splits theses checks in their own functions, and merge the remaining code in one single function. Aside from being easier to read, it also makes it

Re: Set prio when bypassing pf(4)

On Wed, 8 Jun 2016 15:12:23 +0200 Martin Pieuchot <m...@openbsd.org> wrote: > On 07/06/16(Tue) 22:02, Stuart Henderson wrote: > > On 2016/06/07 21:49, Vincent Gross wrote: > > > > > > It's how henning@ set things up when integrating the new qu

Re: Set prio when bypassing pf(4)

Le Tue, 7 Jun 2016 10:48:22 +0200, Martin Pieuchot <m...@openbsd.org> a écrit : > On 06/06/16(Mon) 23:52, Vincent Gross wrote: > > On Mon, 6 Jun 2016 17:33:36 +0100 > > Stuart Henderson <s...@spacehopper.org> wrote: > > > > > On 2016/06/06 16:15, Vince

Set prio when bypassing pf(4)

When sending ARP requests, or when writing to a bpf handle (as when sending DHCP Discover), we bypass pf(4) so we have no way to define the priority (m->m_pkthdr.pf.prio) of the outgoing packets. My ISP runs two vlans to separate the delivery of general-purpose internet and TV/phone over fiber;

Re: IP_SENDSRCADDR [1/2] : move cmsg handling code

On Sun, 12 Jun 2016 15:00:14 +0200 Vincent Gross <vgr...@openbsd.org> wrote: Damn you autowrap ! get off my diff ! (thanks jca@ for spotting) > This diff moves the cmsg handling code on top of udp_output(). I split > the whole IP_SENDSRCADDR thung in two chunks so that it's easie

IP_SENDSRCADDR [1/2] : move cmsg handling code

This diff moves the cmsg handling code on top of udp_output(). I split the whole IP_SENDSRCADDR thung in two chunks so that it's easier to audit. ok ? diff --git a/sys/netinet/udp_usrreq.c b/sys/netinet/udp_usrreq.c index 2db5998..1feea11 100644 --- a/sys/netinet/udp_usrreq.c +++

IP_SENDSRCADDR [2/2] : add cmsg support

This diff adds support for IP_SENDSRCADDR cmsg on UDP sockets. As for udp6_output(), we check that the source address+port is available only if inp_laddr != * Ok ? diff --git a/share/man/man4/ip.4 b/share/man/man4/ip.4 index 111432b..154b0d1 100644 --- a/share/man/man4/ip.4 +++

Re: IP_SENDSRCADDR [2/2] : add cmsg support

On Sun, 12 Jun 2016 15:29:32 +0200 (CEST) Mark Kettenis <mark.kette...@xs4all.nl> wrote: > > Date: Sun, 12 Jun 2016 14:59:55 +0200 > > From: Vincent Gross <vgr...@openbsd.org> > > > > This diff adds support for IP_SENDSRCADDR cmsg on UDP sockets

Re: IP_SENDSRCADDR [2/2] : add cmsg support

Le Mon, 13 Jun 2016 07:35:16 +0200, j...@wxcvbn.org (Jérémie Courrèges-Anglas) a écrit : > j...@wxcvbn.org (Jeremie Courreges-Anglas) writes: > > > cc'ing sthen since he also has interest in IP_SENDSRCADDR > > > > Jeremie Courreges-Anglas <j...@wxcvbn.org> writes:

Re: IP_SENDSRCADDR [2/2] : add cmsg support

On Mon, 13 Jun 2016 19:57:15 +0200 Jeremie Courreges-Anglas <j...@wxcvbn.org> wrote: > Vincent Gross <vgr...@openbsd.org> writes: > > > Le Mon, 13 Jun 2016 07:35:16 +0200, > > j...@wxcvbn.org (Jeremie Courreges-Anglas) a écrit : > > > >> j...

Re: Set prio when bypassing pf(4)

On Mon, 6 Jun 2016 17:33:36 +0100 Stuart Henderson <s...@spacehopper.org> wrote: > On 2016/06/06 16:15, Vincent Gross wrote: > > When sending ARP requests, or when writing to a bpf handle (as when > > sending DHCP Discover), we bypass pf(4) so we have no way to defin

Re: ifa_ifwithroute() fix

On Tue, 31 May 2016 09:51:10 +0200 Martin Pieuchot wrote: > On 19/04/16(Tue) 10:43, Martin Pieuchot wrote: > > Mart Tõnso reported [0] a weird case related to the use of > > ifa_ifwithnet(). > > > > The problem is that ifa_ifwithroute() does not always use route > > entries

Re: IP_SENDSRCADDR [2/2] : add cmsg support

On Mon, 13 Jun 2016 16:49:01 +0200 Vincent Gross <vgr...@openbsd.org> wrote: > > While validating source address inside selection functions is the > right direction, I don't think it would be a good thing to extend > further in_selectsrc() prototype. However it is easy to a

move "privileged port" check out of in(6)_pcbaddrisavail()

Hello, This diff moves the "are we binding to a privileged port while not being root ?" check from in(6)_pcbaddrisavail() to in_pcbbind(). This way we have a cleaner separation between "is the resource available ?" and "am I allowed to access the resource ?" (which may or may not get its own

Simplify in_pcblookup()

in_pcblookup() is always called with *:0 for the remote side. Remove the useless bits, shuffle the tests around and it's much easier to audit. Ok ? Index: netinet/in_pcb.c === RCS file: /cvs/src/sys/netinet/in_pcb.c,v retrieving

Remove long-dead and confusing code on rip6_ctlinput()

When using raw ip6 socket, one can connect(2) then send(2), or just sendto(2). The code below would try to find the non-connected raw ip6 socket corresponding to an incoming icmp6 message, to deliver the failure. This code has been disabled ever since it has been put in-tree, justifiably so

use fast lookup in in6_pcbconnect()

The current use of in_pcblookup() in in6_pcbconnect() is suboptimal : all of the addresses and ports are defined, we are only interested in exact matches, and its v4 cousin in_pcbconnect() already uses in_pcbhashlookup(). Ok ? Index: sys/netinet6/in6_pcb.c

new diff for reserved ports checks [2/2] Was: Re: move "privileged port" check out of in(6)_pcbaddrisavail()

On 03/31/16 14:07, Alexander Bluhm wrote: > On Wed, Mar 30, 2016 at 10:44:14PM +0200, Vincent Gross wrote: >> This diff moves the "are we binding to a privileged port while not being >> root ?" >> check from in(6)_pcbaddrisavail() to in_pcbbind(). > >> ---

new diff for reserved ports checks [1/2] Was: Re: move "privileged port" check out of in(6)_pcbaddrisavail()

On 03/31/16 14:07, Alexander Bluhm wrote: > On Wed, Mar 30, 2016 at 10:44:14PM +0200, Vincent Gross wrote: >> This diff moves the "are we binding to a privileged port while not being >> root ?" >> check from in(6)_pcbaddrisavail() to in_pcbbind(). > >> ---

Preserve DiffServ when fragmenting ipv4

When fragmenting ipv4, we do not preserve DiffServ/ToS field. Here is how to observe this : [obsd1](vlan10) (vlan10)[obsd2](vlan20) --mtu600-- (vlan20)[obsd3] root@obsd2 # sysctl net.inet.ip.forwarding=1 root@obsd2 # tcpdump -ni $VLAN20DEV user@obsd3 $ nc -4ul root@obsd1 $ echo "pass

Re: arm: new FDT-enabled mainbus

On Sun, 1 May 2016 13:27:29 +0200 Patrick Wildt wrote: > Hi, > > I updated the diff with the feedback received. This basically adds > a tree-like topology by making mainbus FDT aware and implementing > a simplebus that can span the tree's roots into more branches. > > Next

Re: split in6_selectsrc() for saner prototypes

On Wed, 20 Jul 2016 12:36:45 +0200 Vincent Gross <vgr...@openbsd.org> wrote: > This is a completely mechanical diff to get rid of the 7-params > madness in in6_selectsrc(). > > I also apply the same treatment to in_selectsrc() for consistency. > > Ok? ... and of cours

split in6_selectsrc() for saner prototypes

This is a completely mechanical diff to get rid of the 7-params madness in in6_selectsrc(). I also apply the same treatment to in_selectsrc() for consistency. Ok? Index: sys/netinet/in_pcb.c === RCS file:

Re: IP_SENDSRCADDR [2/2] : add cmsg support

d the diff with fixes, enhancements and regression tests. All manners of testing and feedback are welcome ! -- Vincent Gross

Drop IPSec traffic that should be encapsulated but is not

Our IPSec stack rejects UDP-encapsulated traffic using a non encapsulating SA, but not the other way around. This diff adds the missing check and the corresponding stat counter. Ok ? Index: sys/netinet/ip_esp.h === RCS file:

NAT-on-enc on iked(8)

This diff adds the missing bits to support NAT-on-enc in iked(8). See OUTGOING NETWORK ADDRESS TRANSLATION in iked.conf(5), and also http://undeadly.org/cgi?action=article=20090127205841. Ok ? diff --git sbin/iked/iked.h sbin/iked/iked.h index aa40d70..dfa04ad 100644 --- sbin/iked/iked.h +++

Re: Let iked specify its source address when sending

Objections anyone ? On Wed, 31 Aug 2016 15:57:45 +0200 Vincent Gross <vgr...@openbsd.org> wrote: > On Wed, 31 Aug 2016 15:26:53 +0200 > Vincent Gross <vgr...@openbsd.org> wrote: > > > On Thu, 11 Aug 2016 16:57:27 +0100 > > Stuart Henderson <s...@spacehopper

in6_selectroute should never get AF_INET filled struct route *

in6_selectroute() checks whether the struct route it received contains a valid route whose AF is not AF_INET6, "in case the cache is shared". Well, is this cache shared or not ? There's only two ways to get to in6_selectroute() 1) in6_pcbselsrc() -> in6_selectif() -> in6_selectroute() It is

Re: Drop IPSec traffic that should be encapsulated but is not

present when opening NAT-T tunnels with iked ? Cheers > Would you mind looking at this issue also? :) > > Thanks! > > Claer > > On Thu, Sep 01 2016 at 31:10, Vincent Gross wrote: > > > Our IPSec stack rejects UDP-encapsulated traffic using a non > > enc

Re: Let iked specify its source address when sending

On Wed, 31 Aug 2016 15:26:53 +0200 Vincent Gross <vgr...@openbsd.org> wrote: > On Thu, 11 Aug 2016 16:57:27 +0100 > Stuart Henderson <s...@spacehopper.org> wrote: > > > On 2016/06/27 13:00, Jérémie Courrèges-Anglas wrote: > [...] > > > > > > I

Let iked specify its source address when sending

On Thu, 11 Aug 2016 16:57:27 +0100 Stuart Henderson wrote: > On 2016/06/27 13:00, Jérémie Courrèges-Anglas wrote: [...] > > > > I also gave my ok to vgross by IM. > > > > I know that some concerns have been exposed privately, I was not > > Cc'd, thus I have no idea what

Re: Let iked specify its source address when sending

On Wed, 31 Aug 2016 16:09:30 +0200 Reyk Floeter <r...@openbsd.org> wrote: > On Wed, Aug 31, 2016 at 03:26:53PM +0200, Vincent Gross wrote: > > On Thu, 11 Aug 2016 16:57:27 +0100 > > Stuart Henderson <s...@spacehopper.org> wrote: > > > > > On 2016/0

Re: rwsleep(9)

On Mon, 12 Sep 2016 10:49:03 +0200 Martin Pieuchot wrote: > I'd like to use a write lock to serialize accesses to ip_output(). > This will be used to guarantee that atomic code sections in the > socket layer stay atomic when the input/forwarding path won't run > under

Re: ip6_setpktopt: dead code & param

On Tue, 13 Sep 2016 14:19:24 +0200 j...@wxcvbn.org (Jeremie Courreges-Anglas) wrote: > Since it has been introduced, ip6_setpktopt has only been called with > (sticky=1, cmsg=0) or (sticky=0, cmsg=1). Let's simplify this code. Ok vgross@ > > > Index: ip6_output.c >

Re: rwsleep(9)

On Tue, 13 Sep 2016 10:08:13 +0200 Martin Pieuchot <m...@openbsd.org> wrote: > On 12/09/16(Mon) 12:12, Vincent Gross wrote: > > On Mon, 12 Sep 2016 10:49:03 +0200 > > Martin Pieuchot <m...@openbsd.org> wrote: > > > > > I'd like to use a wri

add in6 multicast support to vxlan(4) ; question on mbufs

Hi, As said in Subject:. I would like to get comments on the m_adj/m_pullup dance at the end of vxlan_lookup() ; I do this because ether_input() access the ethernet header with mtod(), and under some conditions the mbuf handled would have its first data chunk empty (mh_len == 0). What is the

Re: iked recvfromto flags

On Mon, 26 Sep 2016 18:33:43 +0200 j...@wxcvbn.org (Jeremie Courreges-Anglas) wrote: > Don't ignore the "flags" argument passed to recvfromto. Doesn't > matter for now in iked (0 is passed), but this kind of code tends to > be copied. > > ok? > ok vgross@ > > Index: util.c >

Re: timeout_set_proc(9)

On Thu, 15 Sep 2016 16:29:45 +0200 Martin Pieuchot wrote: > After discussing with a few people about a new "timed task" API I came > to the conclusion that mixing timeouts and tasks will result in: > > - always including a 'struct timeout' in a 'struct task', or the > other

Re: add in6 multicast support to vxlan(4) ; question on mbufs

On Sat, 24 Sep 2016 10:58:10 +0200 Vincent Gross <vgr...@openbsd.org> wrote: > Hi, > [snip] > > Aside from the mbuf issue, is this Ok ? I will go back on the mbuff stuff later. Diff rebased, ok anyone ? Ind

Re: Kill ifa_ifwithnet()

On Fri, 4 Nov 2016 12:01:58 +0100 Martin Pieuchot wrote: > Rather than trying to keep this old routing table like function alive > by reimplementing rn_refines(), let's get rid of it. > > ok? > > Index: net/route.c >

Re: [PATCH] iked: Bugfixes for IKE rekeying

On Wed, 9 Nov 2016 13:16:46 + Thomas Klute wrote: > Hi tech@, > > this patch contains fixes for two bugs that break IKE rekeying > initiated by iked. Please review, and apply or let me know what has to > be changed! Both bugs are fixed by initializing the respective

Re: add in6 multicast support to vxlan(4), take 4

On Sat, 5 Nov 2016 12:41:39 +0100 Vincent Gross <vgr...@openbsd.org> wrote: > Updated diff, I reworked the logic to handle the if_get/if_put dance > in vxlan_multicast_join(), and fixed an uninitialized variable. > > Ok ? Anyone to comment or ok ? this blocks the submissio

add in6 multicast support to vxlan(4), take 4

Updated diff, I reworked the logic to handle the if_get/if_put dance in vxlan_multicast_join(), and fixed an uninitialized variable. Ok ? Index: net/if_vxlan.c === RCS file: /cvs/src/sys/net/if_vxlan.c,v retrieving revision 1.51

Re: Kill ifa_ifwithnet()

On Mon, 7 Nov 2016 08:59:53 +0100 Martin Pieuchot <m...@openbsd.org> wrote: > On 04/11/16(Fri) 21:33, Vincent Gross wrote: > > [...] > > Why are you killing Strict Source Route Record ? Just as you did > > with rtredirect(), you can check whether RTF_GATEW

Re: add in6 multicast support to vxlan(4), take 4

On Thu, 10 Nov 2016 22:16:55 +0100 Vincent Gross <vgr...@openbsd.org> wrote: > On Sat, 5 Nov 2016 12:41:39 +0100 > Vincent Gross <vgr...@openbsd.org> wrote: > > > Updated diff, I reworked the logic to handle the if_get/if_put dance > > in vxlan_multicast_j

Re: add in6 multicast support to vxlan(4) ; question on mbufs

On Tue, 4 Oct 2016 01:07:51 +0200 Vincent Gross <vgr...@openbsd.org> wrote: > On Sat, 24 Sep 2016 10:58:10 +0200 > Vincent Gross <vgr...@openbsd.org> wrote: > > > Hi, > > > [snip] > > > > Aside from the mbuf issue, is this Ok ? > &

Re: add in6 multicast support to vxlan(4) ; question on mbufs

On Tue, 1 Nov 2016 18:51:08 +0100 Mike Belopuhov <m...@belopuhov.com> wrote: > On 1 November 2016 at 18:23, Vincent Gross <vincent.gr...@kilob.yt> > wrote: > > On Tue, 4 Oct 2016 01:07:51 +0200 > > Vincent Gross <vgr...@openbsd.org> wrote: > >

sys/net/if.c, leftovers from r1.442

up is never set in ifioctl(). Ok ? Index: net/if.c === RCS file: /cvs/src/sys/net/if.c,v retrieving revision 1.463 diff -u -p -r1.463 if.c --- net/if.c28 Nov 2016 11:18:02 - 1.463 +++ net/if.c1 Dec 2016 20:31:27

Re: add in6 multicast support to vxlan(4), take 4

On Tue, 29 Nov 2016 15:13:16 +0100 Alexander Bluhm <alexander.bl...@gmx.net> wrote: > On Sat, Nov 05, 2016 at 12:41:39PM +0100, Vincent Gross wrote: > > Updated diff, I reworked the logic to handle the if_get/if_put > > dance in vxlan_multicast_join(), and fixed an unini

vxlan bug wrt IN6_ANY as source Was: Re: tweak in6_selectsrc()

On Tue, 29 Nov 2016 17:03:44 +0100 Martin Pieuchot wrote: > Diff below removes the 'struct route_in6' argument from > in6_selectsrc(). > > It is only used by in6_pcbselsrc() so move the code there. This > reduces differences with IPv4 and help me to get rid of 'struct >

IP_SENDSRCADDR cmsg_len and dnsmasq

So a while back Alexander Markert sent a bug report regarding sendmsg() behaviour with IP_SENDSRCADDR : https://marc.info/?l=openbsd-tech=149276833923905=2 This impacts our dnsmasq port : https://marc.info/?l=openbsd-tech=149234052220818=2 Alexander Markert shows in the first thread the

Re: IP_SENDSRCADDR cmsg_len and dnsmasq

On Thu, 12 Jul 2018 19:54:26 +0200 Alexander Bluhm wrote: > > If it is a temporary problem, that will go away when the content > of the socket buffer is sent away, we should block or return > EWOULDBLOCK. For a permanent problem return EMSGSIZE. Non atomic > operations can be split in smaller

uvm_fault when setting ddb breakpoint on armv7 -current

Hello, I am investigating a usb issue on my imx6-based novena, and I tried to set a breakpoint to inspect the backtrace when the issue occurs. The problem is, when resuming execution out of ddb, I get a uvm_fault and then the only way forward is to reboot the system. Am I missing a step ? or is