Re: mg: have Insert key toggle overwrite mode by default

2017-12-17 Thread Florian Obser
OK On Sat, Dec 16, 2017 at 10:06:59PM +, Lari Rasku wrote: > There's a fairly strong convention among text editors that the Insert > key should toggle overwrite mode. This is admittedly far more common > among GUI editors, but could mg adopt it as a default anyway? > > diff --git

slaacd(8): Move privileged initialization from frontend to main process.

2017-11-29 Thread Florian Obser
Move privileged initialization from frontend to main process. Needed for future work where we will spin up children via fork - privdrop - exec. OK? diff --git control.c control.c index 76b0f3b15ea..96a6206c874 100644 --- control.c +++ control.c @@ -85,9 +85,7 @@ control_init(char *path)

Re: [PATCH] amd64/bsd.rd: add growfs(8)

2017-11-08 Thread Florian Obser
On Tue, Nov 07, 2017 at 06:15:09PM +, Job Snijders wrote: > On Mon, Nov 06, 2017 at 04:14:48PM -0700, Theo de Raadt wrote: > > I agree on that. So please put it into the correct lists files for > > all the unlimited ramdisks. > > > > Job, the situation is a little nit-picky but try to do it

Re: convert frag6 to mutex

2017-11-05 Thread Florian Obser
please ignore this one, mpi points out that visa has a more comprehensive diff for this that I missed. -- I'm not entirely sure you are real.

finish off pr_drain functions

2017-11-04 Thread Florian Obser
... they haven't been used since 2006. OK? (This is on top of "convert frag6 to mutex", but the order doesn't matter, the conflict is trivial) diff --git netinet/in_proto.c netinet/in_proto.c index 6efbac7da5c..2667bba6124 100644 --- netinet/in_proto.c +++ netinet/in_proto.c @@ -179,7 +179,6 @@

convert frag6 to mutex

2017-11-04 Thread Florian Obser
replace hand rolled LOCK/UNLOCK macros with a mutex like in the v4 case. While here remove the NET_LOCK. OK? diff --git frag6.c frag6.c index a5b8ae261be..390115106c5 100644 --- frag6.c +++ frag6.c @@ -34,6 +34,7 @@ #include #include #include +#include #include #include #include @@

Re: merge nd6_rs_input() and nd6_ra_input()

2017-11-03 Thread Florian Obser
On Fri, Nov 03, 2017 at 01:37:40PM +, Martin Pieuchot wrote: > On 02/11/17(Thu) 23:25, Florian Obser wrote: > > We are processing Router Solicitation / Advertisement messages only > > for the Source Link-layer Address Options. > > Merge nd6_rs_input() and nd6_ra_inp

free sizes for pfkeyv2 and rtsock

2017-11-03 Thread Florian Obser
After inlining of raw_detach we know the sizes for free; pointed out by mpi. OK? diff --git pfkeyv2.c pfkeyv2.c index d0ae384aaa2..dcb66c06fe5 100644 --- pfkeyv2.c +++ pfkeyv2.c @@ -284,7 +284,7 @@ pfkeyv2_detach(struct socket *so) so->so_pcb = NULL; sofree(so); -

Re: if_ioctl & netinet{,6}

2017-11-03 Thread Florian Obser
On Fri, Nov 03, 2017 at 12:31:42PM +, Martin Pieuchot wrote: > On 03/11/17(Fri) 13:23, Florian Obser wrote: > > On Wed, Nov 01, 2017 at 06:03:26PM +, Martin Pieuchot wrote: > > > ifioctl() contains two fallthrough paths that end up in ifp->if_ioctl(). > > &

Re: if_ioctl & netinet{,6}

2017-11-03 Thread Florian Obser
On Wed, Nov 01, 2017 at 06:03:26PM +, Martin Pieuchot wrote: > ifioctl() contains two fallthrough paths that end up in ifp->if_ioctl(). > The diff below merges them. > > But instead of calling ifp->if_ioctl() from inside in{,6}_ioctl(), I > changed the logic to return EOPNOTSUPP. The idea is

slaacd(8) install default routes with mpath flag

2017-11-03 Thread Florian Obser
It is possible to have multiple routers sending router advertisements, so mark the default route mpath. Comments, OKs? diff --git slaacd.c slaacd.c index 5e00cdb123c..06c11b241d5 100644 --- slaacd.c +++ slaacd.c @@ -737,7 +737,7 @@ configure_gateway(struct imsg_configure_dfr *dfr, uint8_t

merge nd6_rs_input() and nd6_ra_input()

2017-11-02 Thread Florian Obser
We are processing Router Solicitation / Advertisement messages only for the Source Link-layer Address Options. Merge nd6_rs_input() and nd6_ra_input() into one generic function. OK? diff --git netinet6/icmp6.c netinet6/icmp6.c index 421280690c9..b5e12169584 100644 --- netinet6/icmp6.c +++

tedu raw_cb.c

2017-11-02 Thread Florian Obser
This inlines all the trivial functions in the various places. OK? diff --git sys/conf/files sys/conf/files index 03b4a0e24cc..2771b6f4446 100644 --- sys/conf/files +++ sys/conf/files @@ -788,7 +788,6 @@ file net/switchctl.cswitch file net/switchofp.c

tedu raw_disconnect()

2017-11-02 Thread Florian Obser
There is no way SS_NOFDREF is set on a raw socket in raw_usrreq for PRU_DISCONNECT or PRU_ABORT. So raw_disconnect() and sofree() return immediately so remove the dead code. Also the following call to soisdisconnected() would be a use after free. This removes the last calls to raw_disconnect()

move PRU_DETACH out of pr_usrreq

2017-11-02 Thread Florian Obser
this moves PRU_DETACH out of pr_usrreq into per proto pr_detach functions, like what claudio did to pr_attach. Intentionally mostly mechanical. There might be some cleanup here and there in the functions themselves. OK? diff --git kern/uipc_proto.c kern/uipc_proto.c index

nsd(8): make ip-transparent option work on OpenBSD

2017-11-01 Thread Florian Obser
OK? diff --git server.c server.c index c0835ce8c11..fe74f9a1b56 100644 --- server.c +++ server.c @@ -567,7 +567,7 @@ server_init_ifs(struct nsd *nsd, size_t from, size_t to, int* reuseport_works) { struct addrinfo* addr; size_t i; -#if defined(SO_REUSEPORT) ||

unbound(8): make ip-transparent option work on OpenBSD

2017-11-01 Thread Florian Obser
This is useful on systems where IP addresses are dynamically configured (dhclient(8), slaacd(8)) and are not yet up when unbound starts. To quote the man page: ip-transparent: If yes, then use IP_TRANSPARENT socket option on sockets where unbound is listening

remove NET_LOCK from ip_slowtimo()

2017-10-29 Thread Florian Obser
on top of previous... OK? diff --git netinet/ip_input.c netinet/ip_input.c index dc1bb9d8ec1..95c9194efcb 100644 --- netinet/ip_input.c +++ netinet/ip_input.c @@ -1028,7 +1028,6 @@ ip_slowtimo(void) { struct ipq *fp, *nfp; - NET_LOCK(); mtx_enter(_mutex);

move NET_LOCK into pr_{slow,fast}timo() functions

2017-10-29 Thread Florian Obser
intentionally (mostly) mechanical OK? diff --git kern/uipc_domain.c kern/uipc_domain.c index 4cfbe5de4ff..0f4d05f7492 100644 --- kern/uipc_domain.c +++ kern/uipc_domain.c @@ -238,13 +238,11 @@ pfslowtimo(void *arg) struct protosw *pr; int i; - NET_LOCK(); for (i =

Re: Kill deprecated IPv6 ioctl(2)s

2017-10-25 Thread Florian Obser
OK florian@ On Wed, Oct 25, 2017 at 10:20:45AM +, Martin Pieuchot wrote: > Diff below remove some more deprecated ioctl(2). The first group below > correspond to features now deprecated by slaacd(8): > > SIOCSIFINFO_FLAGS, SIOCSNDFLUSH_IN6, SIOCSPFXFLUSH_IN6, SIOCSRTRFLUSH_IN6 > >

Re: Kill deprecated IPv6 ioctl(2)s

2017-10-25 Thread Florian Obser
On Wed, Oct 25, 2017 at 10:56:40AM +, Martin Pieuchot wrote: > On 25/10/17(Wed) 21:53, Jonathan Gray wrote: > > On Wed, Oct 25, 2017 at 12:20:45PM +0200, Martin Pieuchot wrote: > > > Diff below remove some more deprecated ioctl(2). The first group below > > > correspond to features now

Re: fix memory handling in acme-client config parser

2017-10-19 Thread Florian Obser
OK florian@ On Thu, Oct 19, 2017 at 05:33:35AM +, Jonathan Gray wrote: > Use after free and a memory leak. > > Index: parse.y > === > RCS file: /cvs/src/usr.sbin/acme-client/parse.y,v > retrieving revision 1.17 > diff -u -p -U4

Re: KAME ioctl leftovers

2017-10-18 Thread Florian Obser
On Wed, Oct 18, 2017 at 11:34:27AM +, Martin Pieuchot wrote: > Kill ioctl(2) added with original KAME import that have never been used. > FreeBSD also stopped supporting them in 2013. usr.sbin/bind is looking at SIOCGLIFADDR, but it looks like it's properly guarded by #ifdef. debian

Re: mg: fgetln -> getline

2017-10-12 Thread Florian Obser
commited, thanks! On Thu, Oct 12, 2017 at 04:17:10AM +, Scott Cheloha wrote: > > On Oct 11, 2017, at 2:36 AM, Florian Obser <flor...@openbsd.org> wrote: > > > > On Sun, Sep 17, 2017 at 02:56:32AM +, Scott Cheloha wrote: > >> > >> > >&g

Re: mg: fgetln -> getline

2017-10-12 Thread Florian Obser
OK florian@ or if someone gives me an OK I'll commit it. On Thu, Oct 12, 2017 at 04:17:10AM +, Scott Cheloha wrote: > > On Oct 11, 2017, at 2:36 AM, Florian Obser <flor...@openbsd.org> wrote: > > > > On Sun, Sep 17, 2017 at 02:56:32AM +, Scott Cheloha wrote: >

Re: mg: fgetln -> getline

2017-10-11 Thread Florian Obser
On Sun, Sep 17, 2017 at 02:56:32AM +, Scott Cheloha wrote: > Hi, > > This will make mg(1) ever so slightly more portable: downstream > will appreciate it. And fgetln(3) was recently deprecated. > > Misc. comments: > > The comments about NUL and "the last line problem" aren't per se >

Re: make get_last_resort_ifid() truely random

2017-09-01 Thread Florian Obser
On Fri, Sep 01, 2017 at 03:49:47PM +0200, Stefan Sperling wrote: > On Fri, Sep 01, 2017 at 01:21:31PM +0000, Florian Obser wrote: > > *prod* > > As author of in6_get_rand_ifid(), I approve. > Your diff shall be blessed. > > Even more blessed if get_last_resort_ifid() were

Re: make get_last_resort_ifid() truely random

2017-09-01 Thread Florian Obser
*prod* On Tue, Aug 15, 2017 at 09:31:26AM +, Florian Obser wrote: > > Rename in6_get_rand_ifi() to get_last_resort_ifid() and delete the old > get_last_resort_ifid() function because eww. > Also if your system is so constraint that you end up in > get_last_resort_ifid() yo

Re: i386 zzz broken, Was: CVS: cvs.openbsd.org: src

2017-08-30 Thread Florian Obser
On Tue, Aug 29, 2017 at 07:25:33PM -0700, Chris Cappuccio wrote: > li...@wrant.com [li...@wrant.com] wrote: > > > > Please let me know if you want me to generate some dumps or similar, but > > unfortunately, I can't yet test patches or handle compilation on my own. > > I realise my info on this

Re: make get_last_resort_ifid() truely random

2017-08-20 Thread Florian Obser
anyone? On Tue, Aug 15, 2017 at 09:31:26AM +, Florian Obser wrote: > > Rename in6_get_rand_ifi() to get_last_resort_ifid() and delete the old > get_last_resort_ifid() function because eww. > Also if your system is so constraint that you end up in > get_last_resort_ifid() yo

make get_last_resort_ifid() truely random

2017-08-15 Thread Florian Obser
Rename in6_get_rand_ifi() to get_last_resort_ifid() and delete the old get_last_resort_ifid() function because eww. Also if your system is so constraint that you end up in get_last_resort_ifid() you don't deserve a random ifid that stays stable over reboots. Simplify code a bit since get_ifid()

Re: rtadvd: no longer decrement lifetimes in real time

2017-08-14 Thread Florian Obser
On Mon, Aug 14, 2017 at 07:12:03PM -0400, Jeremie Courreges-Anglas wrote: > > This one fell through the cracks... > > On Sat, Aug 12 2017, Florian Obser <flor...@openbsd.org> wrote: > > Stop supporting prefix lifetimes that decrement in real time. > > It complicates

remove in6_are_prefix_equal()

2017-08-14 Thread Florian Obser
After we stopped processing router advertisements in the kernel sppp_update_ip6_addr() became the last user of n6_are_prefix_equal(). Since it compares /128 prefixes it doesn't need all the bells and whistles and can be converted to a memcmp. Remove the new unused n6_are_prefix_equal(). OK?

Re: rtadvd: no longer decrement lifetimes in real time

2017-08-13 Thread Florian Obser
*prod*, while t2k17 is still on... On Sat, Aug 12, 2017 at 06:26:44PM +, Florian Obser wrote: > > Stop supporting prefix lifetimes that decrement in real time. > It complicates the code, it's off by default and RFC 4861 section > 6.2.1 lists it as MAY. > After this we can st

rtadvd: no longer decrement lifetimes in real time

2017-08-12 Thread Florian Obser
Stop supporting prefix lifetimes that decrement in real time. It complicates the code, it's off by default and RFC 4861 section 6.2.1 lists it as MAY. After this we can stop regenerating the RA packets everytime we send them. Also I'm not convinced that this has a use case. I think it comes from

Re: unbound 1.6.4

2017-08-12 Thread Florian Obser
On Sat, Aug 12, 2017 at 10:04:25AM +0100, Stuart Henderson wrote: > On 2017/06/29 10:03, Stuart Henderson wrote: > > On 2017/06/27 14:58, Stuart Henderson wrote: > > > If anyone's interested in newer unbound, I have an initial diff, it's > > > 750K all-in (we are currently on 1.6.1 so there are a

Re: pfctl -N: no dns resolution

2017-08-11 Thread Florian Obser
On Fri, Aug 11, 2017 at 06:05:09PM +0200, Sebastian Benoit wrote: > Hi, > > this adds a -N option to pfctl that turns of dns resolution for all the > things where a dns entry is a possible thing, i.e. in rules ("pass in from > www.openbsd.org") or table entries. > > Its usefull to make sure the

slaacd: simplify route message handling

2017-08-11 Thread Florian Obser
When read(2)'ing from the routing socket only one message is returned. Clue provided by jca and claudio. OK? diff --git frontend.c frontend.c index f78c9802292..4193517e37b 100644 --- frontend.c +++ frontend.c @@ -536,11 +536,9 @@ route_receive(int fd, short events, void *arg) { static

rtadvd: open ioctl socket up front

2017-08-10 Thread Florian Obser
No need to constantly re-open a socket. Just open it up front and keep it around. diff --git if.c if.c index 9c6acd0e049..e04b6027fae 100644 --- if.c +++ if.c @@ -65,6 +65,8 @@ static void get_iflist(char **buf, size_t *size); static void parse_iflist(struct if_msghdr ***ifmlist_p, char *buf,

Re: rtadvd: simplify route message handling

2017-08-10 Thread Florian Obser
On Thu, Aug 10, 2017 at 11:04:10AM -0400, Jeremie Courreges-Anglas wrote: > On Thu, Aug 10 2017, Florian Obser <flor...@openbsd.org> wrote: > > On Tue, Aug 08, 2017 at 11:08:14AM +0200, Jeremie Courreges-Anglas wrote: > >> > >> So rtadvd has this complex code tha

Re: rtadvd: simplify route message handling

2017-08-10 Thread Florian Obser
On Tue, Aug 08, 2017 at 11:08:14AM +0200, Jeremie Courreges-Anglas wrote: > > So rtadvd has this complex code that tries to parse multiple routing > messages, when it actually reads only one message at a time from the > routing socket. The diff below attempts to acknowledge this and tries > to

remove useless knob and always to neighbor unreachable detection

2017-08-09 Thread Florian Obser
As a bonus this reduces the ndp option parsing insanity. OK? diff --git sys/netinet6/nd6.c sys/netinet6/nd6.c index 7fd647c115a..f4af6632b4b 100644 --- sys/netinet6/nd6.c +++ sys/netinet6/nd6.c @@ -139,7 +139,6 @@ nd6_ifattach(struct ifnet *ifp) nd->reachable =

accept_rtadv doesn't do anything

2017-08-08 Thread Florian Obser
OK? diff --git sys/netinet6/nd6.c sys/netinet6/nd6.c index 77bcd1c5fda..7fd647c115a 100644 --- sys/netinet6/nd6.c +++ sys/netinet6/nd6.c @@ -139,7 +139,7 @@ nd6_ifattach(struct ifnet *ifp) nd->reachable = ND_COMPUTE_RTIME(nd->basereachable); nd->retrans = RETRANS_TIMER; /*

we are no longer generating privacy addresses in the kernel

2017-08-08 Thread Florian Obser
OK? diff --git sys/netinet6/nd6.c sys/netinet6/nd6.c index 245b64c6155..77bcd1c5fda 100644 --- sys/netinet6/nd6.c +++ sys/netinet6/nd6.c @@ -969,9 +969,6 @@ nd6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp) switch (cmd) { case SIOCGIFINFO_IN6: ndi->ndi =

nd6_rtr.c no longer needs nd6_recalc_reachtm_interval

2017-08-08 Thread Florian Obser
OK? diff --git sys/netinet6/nd6_rtr.c sys/netinet6/nd6_rtr.c index 886436ae863..3542964215d 100644 --- sys/netinet6/nd6_rtr.c +++ sys/netinet6/nd6_rtr.c @@ -59,8 +59,6 @@ int rt6_deleteroute(struct rtentry *, void *, unsigned int); -extern int nd6_recalc_reachtm_interval; - /* * Receive

Re: rtadvd: reschedule timer when a new prefix is added

2017-08-08 Thread Florian Obser
OK florian@ On Tue, Aug 08, 2017 at 03:12:14AM +0200, Jeremie Courreges-Anglas wrote: > > ra_timer_update() just updates rai->timer.tm, we need to call > evtimer_add(3) for the new timeout to be scheduled. I missed > this one when converting rtadvd to libevent. ok? > > > Index: config.c >

Re: run nd6_expire when needed

2017-08-08 Thread Florian Obser
On Mon, Aug 07, 2017 at 06:29:25PM +0200, Alexander Bluhm wrote: > On Mon, Aug 07, 2017 at 02:30:19PM +0000, Florian Obser wrote: > > On Mon, Aug 07, 2017 at 03:51:00PM +0200, Alexander Bluhm wrote: > > > On Mon, Aug 07, 2017 at 08:07:33AM +0000, Florian Obser wrote: > &g

Re: run nd6_expire when needed

2017-08-07 Thread Florian Obser
On Mon, Aug 07, 2017 at 03:51:00PM +0200, Alexander Bluhm wrote: > On Mon, Aug 07, 2017 at 08:07:33AM +0000, Florian Obser wrote: > > index cafdd9fe36f..7796af6191c 100644 > > --- sys/netinet6/in6.c > > +++ sys/netinet6/in6.c > > @@ -686,6 +686,10 @@ in6_update_if

Re: Enable kprintf format attribute in clang

2017-08-07 Thread Florian Obser
On Sun, Aug 06, 2017 at 10:01:53PM +0200, Mark Kettenis wrote: > This makes clang actually do something for kprintf. This is a minimal > diff that actually allows some FreeBSD-specific kprintf type > specifiers. But I'd prefer to do a proper overhaul of this code > upstream first and keep the

Re: fix format warning

2017-08-07 Thread Florian Obser
OK florian@ On Mon, Aug 07, 2017 at 11:53:13AM +0200, Mark Kettenis wrote: > > Date: Mon, 7 Aug 2017 11:32:55 +0200 (CEST) > > From: Mark Kettenis > > > > > Date: Mon, 7 Aug 2017 11:04:51 +0200 (CEST) > > > From: Markus Hennecke > >

Re: run nd6_expire when needed

2017-08-07 Thread Florian Obser
On Sun, Aug 06, 2017 at 01:56:08PM -0400, Martin Pieuchot wrote: > On 06/08/17(Sun) 17:04, Florian Obser wrote: > > On Sun, Aug 06, 2017 at 10:29:09AM -0400, Martin Pieuchot wrote: > > > On 03/08/17(Thu) 09:13, Florian Obser wrote: > > > > > > > > as

Re: run nd6_expire when needed

2017-08-06 Thread Florian Obser
On Sun, Aug 06, 2017 at 10:29:09AM -0400, Martin Pieuchot wrote: > On 03/08/17(Thu) 09:13, Florian Obser wrote: > > > > as mpi pointed out in "nd6 address expiration & NET_LOCK() contention" > > we run nd6_expire every second. That seems a bit silly considering

in6_leavegroup can't fail

2017-08-05 Thread Florian Obser
OK? diff --git netinet6/in6.c netinet6/in6.c index 45a28663d65..f0db346d116 100644 --- netinet6/in6.c +++ netinet6/in6.c @@ -1350,14 +1350,13 @@ in6_joingroup(struct ifnet *ifp, struct in6_addr *addr, int *errorp) return imm; } -int +void in6_leavegroup(struct in6_multi_mship *imm)

Re: cleanup nd6_free next pointer

2017-08-04 Thread Florian Obser
OK florian@ On Fri, Aug 04, 2017 at 09:21:31PM +0200, Alexander Bluhm wrote: > Hi, > > Since we have TAILQ_FOREACH_SAFE in nd6_purge() it is not necessary > that nd6_free() advances the next pointer itself. Make nd6_free() > a void function and remove unused parameter gc. > > ok? > > bluhm >

Re: inform userland on ifconfig $if -inet6

2017-08-04 Thread Florian Obser
On Fri, Aug 04, 2017 at 06:04:26PM +0200, Alexander Bluhm wrote: > On Fri, Aug 04, 2017 at 03:38:40PM +0000, Florian Obser wrote: > > When we disable INET6 on an interface that also removes the autoconf6 > > flag. Notify userland about this via the route socket, otherwise > >

inform userland on ifconfig $if -inet6

2017-08-04 Thread Florian Obser
When we disable INET6 on an interface that also removes the autoconf6 flag. Notify userland about this via the route socket, otherwise slaacd gets confused about the state the interface is in. OK? diff --git netinet6/in6_ifattach.c netinet6/in6_ifattach.c index 89acde9c6a4..65eac6dfa56 100644

SO_TIMESTAMP

2017-08-04 Thread Florian Obser
We do have SO_TIMESTAMP since some time and there is other code in the kernel that uses it without the #ifdef guard. OK? diff --git netinet/ip_input.c netinet/ip_input.c index ee74eeadc4c..30fa3597fbb 100644 --- netinet/ip_input.c +++ netinet/ip_input.c @@ -1711,7 +1711,6 @@ void

nsd 4.1.17

2017-08-03 Thread Florian Obser
lightly tested by me Tests, OKs? diff --git Makefile.in Makefile.in index 3391cd0d4b2..495160c0826 100644 --- Makefile.in +++ Makefile.in @@ -169,8 +169,11 @@ cutest:$(CUTEST_OBJ) $(LIBOBJS) udb-inspect: udb-inspect.o $(COMMON_OBJ) $(LIBOBJS) $(LINK) -o $@ udb-inspect.o

Re: mtrace: are you still running mrouted 3.6 on little-endian machines?

2017-08-03 Thread Florian Obser
is it a lack of mrouted 3.6 or the lack of little endian machines that's holding y'all back? On Fri, Jul 28, 2017 at 12:31:44PM +, Florian Obser wrote: > this can probably go. I wandered in there because clang says: > > /usr/src/usr.sbin/mtrace/mtrace.c:949:12: warning: taking the

Re: delete ICMP6_DST_UNREACH_NOTNEIGHBOR

2017-08-03 Thread Florian Obser
sthen did a code search for me, thanks! nothing in ports uses this. On Thu, Aug 03, 2017 at 01:35:10PM +, Florian Obser wrote: > since nearly 20 years the correct spelling is > ICMP6_DST_UNREACH_BEYONDSCOPE. > > OK? > > (I'll do a current.html eintry for pf.conf, but s

delete ICMP6_DST_UNREACH_NOTNEIGHBOR

2017-08-03 Thread Florian Obser
since nearly 20 years the correct spelling is ICMP6_DST_UNREACH_BEYONDSCOPE. OK? (I'll do a current.html eintry for pf.conf, but seriously, this has been obsoleted years before pf even existed.) diff --git sbin/pfctl/pfctl_parser.c sbin/pfctl/pfctl_parser.c index ff88383aed7..6373a3c095d 100644

delete rfc 1885 compat

2017-08-03 Thread Florian Obser
RFC 1885 was obsoleted nearly 20 years ago by 2463 which was obsoleted over 10 years ago. We are probably not going back. OK? diff --git netinet6/icmp6.c netinet6/icmp6.c index f998bfa0c18..82bc60fad1b 100644 --- netinet6/icmp6.c +++ netinet6/icmp6.c @@ -467,16 +467,10 @@ icmp6_input(struct

run nd6_expire when needed

2017-08-03 Thread Florian Obser
as mpi pointed out in "nd6 address expiration & NET_LOCK() contention" we run nd6_expire every second. That seems a bit silly considering that we normally have a pltime of a day. With a bit of math we can work out when the timer should fire when we set pltime/vltime and when we walk the list in

Re: [patch] httpd: don't add date header if already set

2017-07-31 Thread Florian Obser
On Sun, Jul 30, 2017 at 09:43:09PM -0400, Ted Unangst wrote: > Florian Obser wrote: > > OK florian@ > > > > p.s. whoever commits this please add extra ( ) around the && term, > > Apparently clang no longer supports operator precedence *sigh*. > > > &g

Re: mg: print default choice before colon in echo line prompts

2017-07-30 Thread Florian Obser
OK florian@ On Sat, Jul 29, 2017 at 04:23:24PM -0500, Scott Cheloha wrote: > Hi, > > GNU Emacs always, or very nearly always, prints the default > choice before the colon in any given prompt. For example, > you'll see > > "Kill buffer (default foo): " > > not > > "Kill buffer:

Re: [patch] httpd: don't add date header if already set

2017-07-30 Thread Florian Obser
OK florian@ p.s. whoever commits this please add extra ( ) around the && term, Apparently clang no longer supports operator precedence *sigh*. I'm wondering if it also warns for a * b + c /usr/src/usr.sbin/httpd/server_fcgi.c:665:56: warning: '&&' within '||' [-Wlogical-op-parentheses]

Re: systat: return for non-void function

2017-07-29 Thread Florian Obser
On Fri, Jul 28, 2017 at 02:31:02PM +, Florian Obser wrote: > > pointed out by clang > > OK? > comon, don't be shy, this is an easy one... maybe with a bit more context? This is an error return: diff --git usr.bin/systat/pool.c usr.bin/systat/pool.c index b6691ae0da6..3b2

libform remove extra parentheses

2017-07-28 Thread Florian Obser
same for libform as previous diff for mopd. OK? diff --git frm_driver.c frm_driver.c index de06cdaf8a4..0e8ca3b88a5 100644 --- frm_driver.c +++ frm_driver.c @@ -1285,7 +1285,7 @@ _nc_Synchronize_Options(FIELD *field, Field_Options newopts) if (form->status & _POSTED) { -

mopd: remove extra parentheses

2017-07-28 Thread Florian Obser
this silences cc -O2 -pipe -I/usr/src/usr.sbin/mopd/mopd -I/usr/src/usr.sbin/mopd/mopd/.. -I/usr/src/usr.sbin/mopd/mopd/../common -Werror-implicit-function-declaration -MD -MP -c /usr/src/usr.sbin/mopd/mopd/process.c /usr/src/usr.sbin/mopd/mopd/process.c:139:17: warning: equality comparison

Re: amd(8): plog format string should be literal

2017-07-28 Thread Florian Obser
On Fri, Jul 28, 2017 at 09:34:29PM +0200, Frederic Cambus wrote: > Hi tech@, > > plog format string should be literal. > > Comments? OK? OK while you are in there, can you add format attributes to plog like our log.h has (see usr.sbin/bgpd/log.h for example) > > Index:

systat: return for non-void function

2017-07-28 Thread Florian Obser
pointed out by clang OK? diff --git pool.c pool.c index b6691ae0da6..3b289446522 100644 --- pool.c +++ pool.c @@ -496,6 +496,7 @@ unalloc: pc = _caches[--i]; free(pc->cache_cpus); } + return (-1); } void -- I'm not entirely sure you are real.

snmpd: engine id is just a binary string?

2017-07-28 Thread Florian Obser
Not sure about this one, a quick glance at RFC 3411 suggests this is just a binary string, so uint8_t is more appropriate. Any snmp nerds around? clang complained about this: /usr/src/usr.sbin/snmpd/snmpd.c:349:47: warning: implicit conversion from 'int' to 'char' changes value from 128 to

snmpd: format string for yyerror

2017-07-28 Thread Florian Obser
not really a problem, errstr are just various static strings, but still... pointed out by clang, OK? diff --git snmpd/parse.y snmpd/parse.y index efd1159c3ab..cc3d4194556 100644 --- snmpd/parse.y +++ snmpd/parse.y @@ -273,14 +273,14 @@ main : LISTEN ON STRING {

route6d: use correct size for strlcat

2017-07-28 Thread Florian Obser
clang... OK? diff --git route6d/log.c route6d/log.c index 3dd3aefe558..efaba6900e5 100644 --- route6d/log.c +++ route6d/log.c @@ -93,7 +93,7 @@ vlog(int pri, const char *fmt, va_list ap) (void)vsnprintf(tmpbuf, sizeof(tmpbuf), fmt, ap); (void)strlcpy(logbuf, logqueue,

ripctl: remove unused variables

2017-07-28 Thread Florian Obser
clang... OK? diff --git ripctl/parser.c ripctl/parser.c index e82045f0eb7..08a7e88e71a 100644 --- ripctl/parser.c +++ ripctl/parser.c @@ -54,8 +54,6 @@ static const struct token t_main[]; static const struct token t_fib[]; static const struct token t_show[]; static const struct token

mtrace: are you still running mrouted 3.6 on little-endian machines?

2017-07-28 Thread Florian Obser
this can probably go. I wandered in there because clang says: /usr/src/usr.sbin/mtrace/mtrace.c:949:12: warning: taking the absolute value of unsigned type 'unsigned int' has no effect [-Wabsolute-value] if (*s || abs(ntohl(n->tr_vifout) - ntohl(p->tr_vifout)) > 10) {

ldapd: one negation is enough

2017-07-28 Thread Florian Obser
this made my head hurt, pointed out by clang. "logical not is only applied to the left hand side of this comparison [-Wlogical-not-parentheses]" OK? diff --git ldapd/modify.c ldapd/modify.c index f5d9007faaa..485d0fcfba9 100644 --- ldapd/modify.c +++ ldapd/modify.c @@ -132,7 +132,7 @@

dvmrpctl: remove unused variable

2017-07-28 Thread Florian Obser
... pointed out by clang OK? diff --git dvmrpctl/parser.c dvmrpctl/parser.c index ffbf7c05a1e..17ec5fbb33a 100644 --- dvmrpctl/parser.c +++ dvmrpctl/parser.c @@ -54,7 +54,6 @@ static const struct token t_show_iface[]; static const struct token t_show_nbr[]; static const struct token

bgplg: an array is never NULL

2017-07-27 Thread Florian Obser
... pointed out by clang OK? diff --git usr.bin/bgplg/misc.c usr.bin/bgplg/misc.c index 38837cc88c8..1834f38fa0d 100644 --- usr.bin/bgplg/misc.c +++ usr.bin/bgplg/misc.c @@ -51,7 +51,7 @@ lg_checkperm(struct cmd *cmd) struct stat stbuf; /* No external command to execute, this

nsd: prototypes for __b64_pton and __b64_ntop

2017-07-27 Thread Florian Obser
... to silence clang warnings, it kinda has a point... e.g.: /usr/src/usr.sbin/nsd/zonec.c:642:6: warning: implicit declaration of function '__b64_pton' is invalid in C99 [-Wimplicit-function-declaration] i = __b64_pton(b64, buffer, B64BUFSIZE);

netstat: uint32_t is never < 0

2017-07-27 Thread Florian Obser
/usr/src/usr.bin/netstat/inet.c:342:19: warning: comparison of unsigned expression < 0 is always false [-Wtautological-compare] if (kf->t_state < 0 || kf->t_state >= TCP_NSTATES) ~~~ ^ ~ t_state is uint32_t, I was toying with the

Re: ifstated: no need for ioctl(SIOCGIFDATA)

2017-07-21 Thread Florian Obser
shiny! OK florian@ On Fri, Jul 21, 2017 at 04:25:58PM +0200, Jeremie Courreges-Anglas wrote: > > getifaddrs(3) can already give us access to the link state of the > interface, no need for an additional ioctl(2) call. > > Bonus: getifaddrs(3) and its underlying syscalls can be allowed by >

Re: RFC 7217: random but stable addresses (take 3)

2017-07-19 Thread Florian Obser
I'm withdrawing the diff, it's not going to happen -- I'm not entirely sure you are real.

Re: RFC 7217: changelist & mtree [5/8]

2017-07-15 Thread Florian Obser
less typo, pointed out by tb@, thanks! diff --git etc/changelist etc/changelist index 756927e29c6..9aed3f2a782 100644 --- etc/changelist +++ etc/changelist @@ -115,6 +115,7 @@ /etc/services /etc/shells /etc/snmpd.conf ++/etc/soii.key +/etc/spwd.db /etc/ssh/ssh_config

RFC 7217: installer support [8/8]

2017-07-15 Thread Florian Obser
OK? diff --git distrib/miniroot/install.sub distrib/miniroot/install.sub index 26cecd81cbc..52360686b38 100644 --- distrib/miniroot/install.sub +++ distrib/miniroot/install.sub @@ -2988,6 +2988,9 @@ do_upgrade() { hostname $(stripcom /tmp/i/myname) THESETS="$THESETS

RFC 7217: slaacd support [7/8]

2017-07-15 Thread Florian Obser
OK? diff --git sbin/slaacd/engine.c sbin/slaacd/engine.c index 394df48eeb6..5fecf6e8779 100644 --- sbin/slaacd/engine.c +++ sbin/slaacd/engine.c @@ -64,6 +64,8 @@ #include #include +#include + #include #include #include @@ -180,6 +182,7 @@ struct address_proposal { uint8_t

RFC 7217: link local addresses [6/8]

2017-07-15 Thread Florian Obser
first thing that actually changes addresses: link local addresses - generate new link local address if soiikey changes - honour NOSOII flag when generating link local address - regen link local address if NOSOII flag changes OK? diff --git sys/net/if.c sys/net/if.c index

RFC 7217: changelist & mtree [5/8]

2017-07-15 Thread Florian Obser
suggested by semarie@ & craig skinner OK? diff --git etc/changelist etc/changelist index 756927e29c6..9aed3f2a782 100644 --- etc/changelist +++ etc/changelist @@ -115,6 +115,7 @@ /etc/services /etc/shells /etc/snmpd.conf ++/etc/soii.key +/etc/spwd.db /etc/ssh/ssh_config

RFC 7217: /etc/{rc,netstart} [4/8]

2017-07-15 Thread Florian Obser
netstart & simplification suggested by naddy OK? diff --git etc/netstart etc/netstart index 71890bc7a5b..047eef1ab83 100644 --- etc/netstart +++ etc/netstart @@ -190,6 +190,8 @@ if $PRINT_ONLY && (($# == 0)); then exit 1 fi +$PRINT_ONLY || sysctl -q "net.inet6.ip6.soiikey=$( 0)); then

RFC 7217: ifconfig [3/8]

2017-07-15 Thread Florian Obser
ifconfig bits to set nosoii flag OK? diff --git sbin/ifconfig/brconfig.h sbin/ifconfig/brconfig.h index ee68feb411b..09c871b352b 100644 --- sbin/ifconfig/brconfig.h +++ sbin/ifconfig/brconfig.h @@ -73,7 +73,7 @@ void switch_portno(const char *, const char *);

RFC 7217: interface flag [2/8]

2017-07-15 Thread Florian Obser
we need an interface flag to disable RFC 7217 processing, like autoconfprivacy it's on by default. OK? diff --git sys/net/if.h sys/net/if.h index 89867eac340..370c7928492 100644 --- sys/net/if.h +++ sys/net/if.h @@ -212,6 +212,7 @@ struct if_status_description { #defineIFXF_MPLS

RFC 7217: sysctl [1/8]

2017-07-15 Thread Florian Obser
I didn't not hear any objections to RFC 7217 support, so I guess it's time to get this thing in to get some operational experience with it before 6.2 is cut. Also the big diff gets a bit unwieldy, further improvement can happen in-tree. This is the sysctl part for "net.inet6.ip6.soiikey", written

Re: RFC 7217: random but stable addresses (take 3)

2017-07-15 Thread Florian Obser
On Fri, Jul 14, 2017 at 07:42:53PM -, Christian Weisgerber wrote: > On 2017-07-14, Florian Obser <flor...@openbsd.org> wrote: > > > --- etc/rc > > +++ etc/rc > > @@ -47,6 +47,14 @@ update_limit() { > > done > > } > > > > +# Apply

Re: RFC 7217: random but stable addresses (take 3)

2017-07-15 Thread Florian Obser
On Sat, Jul 15, 2017 at 11:47:28AM +0100, Craig Skinner wrote: > On Sat, 15 Jul 2017 06:58:40 +0200 Sebastien Marie wrote: > > Could /etc/soii.key be added to /etc/changelist too please ? > > + /etc/mtree/special? > yes, thanks -- I'm not entirely sure you are real.

Re: RFC 7217: random but stable addresses (take 3)

2017-07-15 Thread Florian Obser
On Sat, Jul 15, 2017 at 06:58:40AM +0200, Sebastien Marie wrote: > On Fri, Jul 14, 2017 at 11:56:02AM +0000, Florian Obser wrote: > > next try > > - sha512 > > - fixed key size > > - /etc/soii.key > > - man page tweaks from sthen & jmc and rewording by me t

RFC 7217 installer bits

2017-07-14 Thread Florian Obser
diff --git distrib/miniroot/install.sub distrib/miniroot/install.sub index 26cecd81cbc..bf6c562c882 100644 --- distrib/miniroot/install.sub +++ distrib/miniroot/install.sub @@ -2988,6 +2988,9 @@ do_upgrade() { hostname $(stripcom /tmp/i/myname) THESETS="$THESETS

RFC 7217: random but stable addresses (take 3)

2017-07-14 Thread Florian Obser
next try - sha512 - fixed key size - /etc/soii.key - man page tweaks from sthen & jmc and rewording by me to get rid of 48 bits - link local address is updated when soii flag is toggled If this is the final version I can cut up the diff and send parts if people prefer. But I also take OKs for the

Re: RFC 7217: random but stable addresses (take 2)

2017-07-14 Thread Florian Obser
On Fri, Jul 14, 2017 at 11:06:49AM +1000, David Gwynne wrote: > > > On 14 Jul 2017, at 06:30, Christian Weisgerber <na...@mips.inka.de> wrote: > > > > On 2017-07-13, Florian Obser <flor...@openbsd.org> wrote: > > > >> It switches the hash funct

Re: RFC 7217: random but stable addresses (take 2)

2017-07-14 Thread Florian Obser
On Thu, Jul 13, 2017 at 08:30:55PM -, Christian Weisgerber wrote: > On 2017-07-13, Florian Obser <flor...@openbsd.org> wrote: [...] > > +# Apply soiikey.conf settings. > > +soiikey_conf() { > > + stripcom /etc/soiikey.conf | > > + while read _line; do >

Re: RFC 7217: random but stable addresses (take 2)

2017-07-13 Thread Florian Obser
On Thu, Jul 13, 2017 at 05:59:24PM +0200, Alexander Bluhm wrote: > On Thu, Jul 13, 2017 at 03:43:50PM +0000, Florian Obser wrote: > > It switches the hash function to SipHash24 from sha512 as suggested by dlg > > Is is performance critical? Then siphash

  1   2   3   4   >