iwn: fix off-by-one in antenna calibration for iwn5000

[Holger Mikolon]

I came across this by reading the code if_iwn.c and DPRINTFs on
a kernel with IWN_DEBUG.

IWN_LSB() returns an index starting with 1, however the arrays used
later on (noise and gain in iwn5000_set_gains()) start with 0. The
current code accounts for this difference when setting the antenna
gain by accessing cmd.gain[i - 1]. However the noise array is accessed
with noise[i], the chainmask is as well checked against i and more
importantly the overall for() loop iterates wrongly over the antennas by
always starting with i=2 (the third antenna). One consequence is, that
gain calibration never happens in case of only two antennas.

Secondly, the final DPRINTF in iwn5000_set_gains() assumes a two-antenna
setup. In my case three antennas are connected. I don't know if there
are iwn setups with one antenna, but the DPRINTF wouldn't make sense
there at all. Hence I propose to move this DPRINTF up where it makes
more sense (and adjust it to the new place).

My diff below fixes the said off-by-one and DPRINTF. Additionally
it adds another DPRINTF which I felt useful while debugging and
it extends a comment - those additions may be skipped of course.

Here is few details of my laptop (cvs updated and kernel built today):

$ dmesg | grep iwn0
iwn0 at pci2 dev 0 function 0 "Intel WiFi Link 5300" rev 0x00: msi, MIMO 3T3R, 
MoW, address 00:21:6a:56:2b:36

$ sysctl hw | grep -e machine -e model -e vendor -e product
hw.machine=amd64
hw.model=Intel(R) Core(TM)2 Duo CPU P8600 @ 2.40GHz
hw.vendor=Dell Inc.
hw.product=Studio 1555

Let me know if you need a full dmesg or anything else.

Regards
Holger


Index: if_iwn.c
===
RCS file: /cvs/src/sys/dev/pci/if_iwn.c,v
retrieving revision 1.234
diff -u -p -u -r1.234 if_iwn.c
--- if_iwn.c10 Jul 2020 13:22:20 -  1.234
+++ if_iwn.c17 Jul 2020 10:44:14 -
@@ -4596,22 +4596,27 @@ iwn5000_set_gains(struct iwn_softc *sc)
cmd.code = sc->noise_gain;
cmd.ngroups = 1;
cmd.isvalid = 1;
-   /* Get first available RX antenna as referential. */
-   ant = IWN_LSB(sc->rxchainmask);
+   /* Get first available RX antenna as referential.
+* IWN_LSB() return values start with 1, but
+* antenna gain array cmd.gain[] and noise array
+* calib->noise[] start with 0. */
+   ant = IWN_LSB(sc->rxchainmask) - 1;
+
/* Set differential gains for other antennas. */
for (i = ant + 1; i < 3; i++) {
if (sc->chainmask & (1 << i)) {
/* The delta is relative to antenna "ant". */
delta = ((int32_t)calib->noise[ant] -
(int32_t)calib->noise[i]) / div;
+   DPRINTF(("Ant[%d] vs. Ant[%d]: delta %d\n", ant, i, 
delta));
/* Limit to [-4.5dB,+4.5dB]. */
-   cmd.gain[i - 1] = MIN(abs(delta), 3);
+   cmd.gain[i] = MIN(abs(delta), 3);
if (delta < 0)
-   cmd.gain[i - 1] |= 1 << 2;  /* sign bit */
+   cmd.gain[i] |= 1 << 2;  /* sign bit */
+   DPRINTF(("Setting differential gains for antenna %d: 
%x\n",
+   i, cmd.gain[i]));
}
}
-   DPRINTF(("setting differential gains: %x/%x (%x)\n",
-   cmd.gain[0], cmd.gain[1], sc->chainmask));
return iwn_cmd(sc, IWN_CMD_PHY_CALIB, , sizeof cmd, 1);
 }
 

Re: fix tcpdump localtime caching

[Holger Mikolon]

> The variables could have more meaningful names, also the reuse of
> variable "gt" looks hackish, but the current code looks correct to me.
> 
> Does the diff below make things clearer?

It does. After reading the current code again a few times, it is
as well clear. Incredible how I couldn't see it before.
My apologies! And many thanks for the helpful replies to you and Otto!

Holger

> 
> --- privsep.c.~1.53.~ Sat May 11 14:17:40 2019
> +++ privsep.c Sat May 11 14:20:30 2019
> @@ -724,10 +724,12 @@ struct  tm *
>  priv_localtime(const time_t *t)
>  {
>   static struct tm lt, gt0;
> - static struct tm *gt = NULL;
>   static char zone[PATH_MAX];
> + static int cached = 0;
>  
> - if (gt != NULL) {
> + if (cached) {
> + struct tm *gt;
> +
>   gt = gmtime(t);
>   gt0.tm_sec = gt->tm_sec;
>   gt0.tm_zone = gt->tm_zone;
> @@ -749,7 +751,7 @@ priv_localtime(const time_t *t)
>   lt.tm_zone = NULL;
>  
>   gt0.tm_zone = NULL;
> - gt = 
> + cached = 1;
>  
>   return 
>  }
> 
> -- 
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

fix tcpdump localtime caching

[Holger Mikolon]

The comment above priv_localtime() says, the obtained localtime (from the 
privileged process) is cached for about one minute. However, since the 
according if statement compares the wrong variable, the caching doesn't 
happen. This bug is there since the very first file version (from 15+ 
years ago).

Regards
Holger


Index: usr.sbin/tcpdump/privsep.c
===
RCS file: /cvs/src/usr.sbin/tcpdump/privsep.c,v
retrieving revision 1.53
diff -u -p -u -r1.53 privsep.c
--- usr.sbin/tcpdump/privsep.c  18 Mar 2019 00:09:22 -  1.53
+++ usr.sbin/tcpdump/privsep.c  10 May 2019 13:17:42 -
@@ -727,7 +727,7 @@ priv_localtime(const time_t *t)
static struct tm *gt = NULL;
static char zone[PATH_MAX];
 
-   if (gt != NULL) {
+   if (t != NULL) {
gt = gmtime(t);
gt0.tm_sec = gt->tm_sec;
gt0.tm_zone = gt->tm_zone;

Re: libcrypto: INTEGER_cmp vs. STRING_cmp

[Holger Mikolon]

> Date: Wed, 6 Mar 2019 06:31:17
> From: Theo Buehler 

(snip)

> If you're up for it, it would probably be a good idea to look at the
> changes introduced by the commit you mentioned and see what else looks
> suspicious and needs fixing.

(snip)

I went through the files affected by said commit and focused on INTEGER 
vs. STRING mixup only (mostly related to serialNumber, once related to 
zone). Then I greped through the rest of libcrypto sources and found just 
x_crl.c to have a mixup.

I did not touch asn1/a_strnid.c, where the serialNumber is listed as
B_ASN1_PRINTABLESTRING. I don't know enough here, so I better leave
this for the experts.

Holger  


Index: asn1/x_crl.c
===
RCS file: /cvs/src/lib/libcrypto/asn1/x_crl.c,v
retrieving revision 1.33
diff -u -p -u -r1.33 x_crl.c
--- asn1/x_crl.c24 Aug 2018 19:55:58 -  1.33
+++ asn1/x_crl.c6 Mar 2019 21:46:52 -
@@ -527,9 +527,7 @@ X509_CRL_dup(X509_CRL *x)
 static int
 X509_REVOKED_cmp(const X509_REVOKED * const *a, const X509_REVOKED * const *b)
 {
-   return(ASN1_STRING_cmp(
-   (ASN1_STRING *)(*a)->serialNumber,
-   (ASN1_STRING *)(*b)->serialNumber));
+   return(ASN1_INTEGER_cmp((*a)->serialNumber, (*b)->serialNumber));
 }
 
 int
Index: pkcs7/pk7_doit.c
===
RCS file: /cvs/src/lib/libcrypto/pkcs7/pk7_doit.c,v
retrieving revision 1.42
diff -u -p -u -r1.42 pk7_doit.c
--- pkcs7/pk7_doit.c2 May 2017 03:59:45 -   1.42
+++ pkcs7/pk7_doit.c6 Mar 2019 21:46:52 -
@@ -410,7 +410,7 @@ pkcs7_cmp_ri(PKCS7_RECIP_INFO *ri, X509 
pcert->cert_info->issuer);
if (ret)
return ret;
-   return ASN1_STRING_cmp(pcert->cert_info->serialNumber,
+   return ASN1_INTEGER_cmp(pcert->cert_info->serialNumber,
ri->issuer_and_serial->serial);
 }
 
Index: pkcs7/pk7_lib.c
===
RCS file: /cvs/src/lib/libcrypto/pkcs7/pk7_lib.c,v
retrieving revision 1.19
diff -u -p -u -r1.19 pk7_lib.c
--- pkcs7/pk7_lib.c 29 Jan 2017 17:49:23 -  1.19
+++ pkcs7/pk7_lib.c 6 Mar 2019 21:46:53 -
@@ -374,7 +374,7 @@ PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO 
 * things the ugly way. */
ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
if (!(p7i->issuer_and_serial->serial =
-   ASN1_STRING_dup(X509_get_serialNumber(x509
+   ASN1_INTEGER_dup(X509_get_serialNumber(x509
goto err;
 
/* lets keep the pkey around for a while */
@@ -534,7 +534,7 @@ PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p
 
ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
if (!(p7i->issuer_and_serial->serial =
-   ASN1_STRING_dup(X509_get_serialNumber(x509
+   ASN1_INTEGER_dup(X509_get_serialNumber(x509
return 0;
 
pkey = X509_get_pubkey(x509);
Index: x509/x509_cmp.c
===
RCS file: /cvs/src/lib/libcrypto/x509/x509_cmp.c,v
retrieving revision 1.34
diff -u -p -u -r1.34 x509_cmp.c
--- x509/x509_cmp.c 24 Aug 2018 19:59:32 -  1.34
+++ x509/x509_cmp.c 6 Mar 2019 21:46:53 -
@@ -76,7 +76,7 @@ X509_issuer_and_serial_cmp(const X509 *a
 
ai = a->cert_info;
bi = b->cert_info;
-   i = ASN1_STRING_cmp(ai->serialNumber, bi->serialNumber);
+   i = ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber);
if (i)
return (i);
return (X509_NAME_cmp(ai->issuer, bi->issuer));
Index: x509v3/v3_sxnet.c
===
RCS file: /cvs/src/lib/libcrypto/x509v3/v3_sxnet.c,v
retrieving revision 1.21
diff -u -p -u -r1.21 v3_sxnet.c
--- x509v3/v3_sxnet.c   13 May 2018 15:03:01 -  1.21
+++ x509v3/v3_sxnet.c   6 Mar 2019 21:46:53 -
@@ -376,7 +376,7 @@ SXNET_get_id_INTEGER(SXNET *sx, ASN1_INT
 
for (i = 0; i < sk_SXNETID_num(sx->ids); i++) {
id = sk_SXNETID_value(sx->ids, i);
-   if (!ASN1_STRING_cmp(id->zone, zone))
+   if (!ASN1_INTEGER_cmp(id->zone, zone))
return id->user;
}
return NULL;

libcrypto: typo in comment

[Holger Mikolon]

Index: x509_vfy.c
===
RCS file: /cvs/src/lib/libcrypto/x509/x509_vfy.c,v
retrieving revision 1.71
diff -u -p -u -r1.71 x509_vfy.c
--- x509_vfy.c  19 Aug 2018 20:19:31 -  1.71
+++ x509_vfy.c  5 Mar 2019 22:19:46 -
@@ -159,7 +159,7 @@ x509_subject_cmp(X509 **a, X509 **b)
 }
 #endif
 
-/* Return 1 is a certificate is self signed */
+/* Return 1 if a certificate is self signed */
 static int
 cert_self_signed(X509 *x)
 {

libcrypto: INTEGER_cmp vs. STRING_cmp

[Holger Mikolon]

Hi,

while debugging an unusual openssl use case, I tried reading and
understanding libcrypto x509 code and came across the comparison
of serialNumbers (of type ASN1_INTEGER*) with a string comparison
function. Below patch fixes the comparison to use ASN1_INTEGER_cmp.

The man page (ASN1_STRING_cmp(3)) contains the following unambiguous
advice:

  "These functions should not be used to examine or modify ASN1_INTEGER
  or ASN1_ENUMERATED types: the relevant INTEGER or ENUMERATED utility
  functions should be used instead."

Revision 1.26 introduced the use of ASN1_STRING_cmp for the serialNumber
with the commit message "Expand obsolete M_ASN1.*(cmp|dup|print|set)
macros ..." So it seems to have been an intentional change, even though
it contradicts the man page.

Thoughts?

Best regards
Holger



Index: x509_cmp.c
===
RCS file: /cvs/src/lib/libcrypto/x509/x509_cmp.c,v
retrieving revision 1.34
diff -u -p -u -r1.34 x509_cmp.c
--- x509_cmp.c  24 Aug 2018 19:59:32 -  1.34
+++ x509_cmp.c  5 Mar 2019 22:19:34 -
@@ -76,7 +76,7 @@ X509_issuer_and_serial_cmp(const X509 *a
 
ai = a->cert_info;
bi = b->cert_info;
-   i = ASN1_STRING_cmp(ai->serialNumber, bi->serialNumber);
+   i = ASN1_INTEGER_cmp(ai->serialNumber, bi->serialNumber);
if (i)
return (i);
return (X509_NAME_cmp(ai->issuer, bi->issuer));

[DIFF] sys/net/bridgectl.c

[Holger Mikolon]

Hi tech@,

I tried to understand the output of "ifconfig bridge0 addr", especially
the "magic number" after the interface name. Apparently it indicates
the aging of the entry (the value is only ever 0 or 1). Eventually I
looked at the aging cycle code in bridge_rtage() and wondered why there
are 3 different cases (if/else-if/else). Finally I came up with below
diff to make the code easier to understand and shorter (no functional
change intended): Either the conditions are met to remove the entry, or
else the value of brt_age is set to 0.

The current code (with the 3 if-cases) was introduced in if_bridge.c in rev
1.6 - almost 20 years ago. In said rev the aging code was extended by a
3rd case to take into account static entries. However, the same thing
can be achieved with just 2 if-cases.

I tested this on i386 for a couple of weeks.

Regards
Holger


Index: bridgectl.c
===
RCS file: /cvs/src/sys/net/bridgectl.c,v
retrieving revision 1.13
diff -u -p -u -r1.13 bridgectl.c
--- bridgectl.c 12 Dec 2018 14:19:15 -  1.13
+++ bridgectl.c 25 Dec 2018 21:53:06 -
@@ -329,20 +329,17 @@ bridge_rtage(void *vsc)
for (i = 0; i < BRIDGE_RTABLE_SIZE; i++) {
n = LIST_FIRST(>sc_rts[i]);
while (n != NULL) {
-   if ((n->brt_flags & IFBAF_TYPEMASK) == IFBAF_STATIC) {
-   n->brt_age = !n->brt_age;
-   if (n->brt_age)
-   n->brt_age = 0;
-   n = LIST_NEXT(n, brt_next);
-   } else if (n->brt_age) {
-   n->brt_age = 0;
-   n = LIST_NEXT(n, brt_next);
-   } else {
+   if ((n->brt_flags & IFBAF_TYPEMASK) != IFBAF_STATIC
+   && n->brt_age == 0) {
+   // remove non-static aged entries
p = LIST_NEXT(n, brt_next);
LIST_REMOVE(n, brt_next);
sc->sc_brtcnt--;
free(n, M_DEVBUF, sizeof *n);
n = p;
+   } else {
+   n->brt_age = 0;
+   n = LIST_NEXT(n, brt_next);
}
}
}

Re: openssl.1 diff

[Holger Mikolon]

> > > Index: openssl.1
> > > ===
> > > RCS file: /cvs/src/usr.bin/openssl/openssl.1,v
> > > retrieving revision 1.87
> > > diff -u -r1.87 openssl.1
> > > --- openssl.1 18 Feb 2018 07:43:55 -  1.87
> > > +++ openssl.1 27 Feb 2018 21:38:06 -
> > > @@ -360,8 +360,8 @@
> > >  The number of days to certify the certificate for.
> > >  .It Fl enddate Ar date
> > >  Set the expiry date.
> > > -The format of the date is YYMMDDHHMMSSZ
> > > -.Pq the same as an ASN.1 UTCTime structure .
> > > +The format of the date is [YY]YYMMDDHHMMSSZ,
> > > +with all four year digits required for dates after 2050.
> > 
> > "dates after 2050" reads like "2051 and later" to me, which would be wrong.
> > It should rather be "dates after 31 Dec 2049". In other words:
> > You must specify 2049 as 49 and 2050 as 2050.
> > 
> 
> so dates *from* 2050, rather than after?
> 
> but..."you *must* specify 2049 as 49": "2049" is valid, right?
> 
> jmc

I did some experiments today; you're right, "2049" works just like "49".
Sorry for the wrong claim - it's been obviously too late yesterday  :- )

Specifying "2050", however, is not equal to "50" (==1950).
So the wording "from 2050" or "after 2049" would both work. With that
exception your above diff reads correct to me. And I checked that
-startdate and -enddate behave equally.

However (and I don't know if that's relevant to someone) the ASN.1
structure used for dates before 2050 is always "UTCTime", no matter if the
 or YY format was provided on command line. I checked it by parsing a
certifciate with "openssl asn1parse". As already said, I don't see a value
in documenting that structure. Others might.

Holger

Re: openssl.1 diff

[Holger Mikolon]

> hi.
> 
> i wonder whether we could more simply just use the date format [YY]YY,
> explain the 2050 cutoff, and forget about mentioning asn.1 time
> structures.
> 
> or do you think there is a practical reason why the user would need to
> know it? i suspect not.

Actually the mentioning of the asn.1 time structure helped me to identify
the RFC 5280 and finally helped solve my parameter usage. If the man page
was fixed, I couldn't anymore think of a practical reason to mention the 
structure. 

> 
> there is also "startdate" for openssl ca. we should probably do the same
> for that, assuming it applies.

I have not checked startdate yet due to lack of time - and I did not
want to blindly assume whether it applies. I could spend some effort
on this next days.

One remark to your diff below.

Regards
Holger

> 
> so sth like the diff below.
> jmc
> 
> Index: openssl.1
> ===
> RCS file: /cvs/src/usr.bin/openssl/openssl.1,v
> retrieving revision 1.87
> diff -u -r1.87 openssl.1
> --- openssl.1 18 Feb 2018 07:43:55 -  1.87
> +++ openssl.1 27 Feb 2018 21:38:06 -
> @@ -360,8 +360,8 @@
>  The number of days to certify the certificate for.
>  .It Fl enddate Ar date
>  Set the expiry date.
> -The format of the date is YYMMDDHHMMSSZ
> -.Pq the same as an ASN.1 UTCTime structure .
> +The format of the date is [YY]YYMMDDHHMMSSZ,
> +with all four year digits required for dates after 2050.

"dates after 2050" reads like "2051 and later" to me, which would be wrong.
It should rather be "dates after 31 Dec 2049". In other words:
You must specify 2049 as 49 and 2050 as 2050.

>  .It Fl extensions Ar section
>  The section of the configuration file containing certificate extensions
>  to be added when a certificate is issued (defaults to
> @@ -492,8 +492,8 @@
>  A single self-signed certificate to be signed by the CA.
>  .It Fl startdate Ar date
>  Set the start date.
> -The format of the date is YYMMDDHHMMSSZ
> -.Pq the same as an ASN.1 UTCTime structure .
> +The format of the date is [YY]YYMMDDHHMMSSZ,
> +with all four year digits required for dates after 2050.
>  .It Fl status Ar serial
>  Show the status of the certificate with serial number
>  .Ar serial .
> 
> 

openssl.1 diff

[Holger Mikolon]

When playing with "openssl ca" with various validity end dates I could
not manage end dates of 2050 or later - until I started reading code and
the RFC 5280. As far as I understand it now (and is confirmed by various
tests), the openssl parameter "-enddate" expects one of two date/time
formats - depending on whether the date is before 2050 or not. This is far
from obvious, hence I'd like to propose below change to the man page.

Regards
Holger


--- ./usr.bin/openssl/openssl.1
+++ ./usr.bin/openssl/openssl.1
@@ -361,7 +361,11 @@ The number of days to certify the certif
.It Fl enddate Ar date
Set the expiry date.
The format of the date is YYMMDDHHMMSSZ
-.Pq the same as an ASN.1 UTCTime structure .
+.Pq the same as an ASN.1 UTCTime structure
+for dates before 2050.
+The format of the date is MMDDHHMMSSZ
+.Pq the same as an ASN.1 GeneralizedTime structure
+for 2050 and later (see RFC 5280).
.It Fl extensions Ar section
The section of the configuration file containing certificate extensions
to be added when a certificate is issued (defaults to

[PATCH] dhclient.c

[Holger Mikolon]

Hi tech@,

I'm following -current and recently observed that my laptop
startup hangs at execution of netstart (when dhclient is called).
Apparently, this is because I use the following dhclient.conf
(since a couple of OpenBSD releases - so the issue is not in the config):

interface "bge0" {
link-timeout 0;
}

I attempted to read/understand some of the dhclient code to track
the issue down. I'm still not entirely sure but I thought I share
the follwing patch with you - it solves the link-timeout 0 
case for me. As well it matches how "tickstart" is setup at other
places in the same file.

Regards
Holger



Index: dhclient.c
===
RCS file: /cvs/src/sbin/dhclient/dhclient.c,v
retrieving revision 1.561
diff -u -p -u -r1.561 dhclient.c
--- dhclient.c  8 Feb 2018 08:22:31 -   1.561
+++ dhclient.c  8 Feb 2018 22:52:38 -
@@ -694,7 +694,7 @@ state_preboot(struct interface_info *ifi
 
time(_time);
 
-   tickstart = ifi->startup_time + 3;
+   tickstart = ifi->first_sending + 3;
tickstop = ifi->startup_time + config->link_timeout;
 
ifi->linkstat = interface_status(ifi->name);

Re: diff for ssh/sftp/scp -j

[Holger Mikolon]

> Date: Sun, 26 Nov 2017 02:09:13
> From: Sebastian Benoit <be...@openbsd.org>
> To: Holger Mikolon <hol...@mikolon.com>
> Cc: tech@openbsd.org
> Subject: Re: diff for ssh/sftp/scp -j
> 
> Holger Mikolon(hol...@mikolon.com) on 2017.11.25 23:16:54 +0100:
> > Hi tech@
> > 
> > at work I can ssh (hence cvs) to public servers only via a ProxyCommand
> > specified in /etc/ssh/ssh_config.
> > 
> > However, with the ProxyCommand set I cannot ssh into servers in the
> > internal network. So I end up changing ssh_config depending on my
> > use case over and over. This bothered me enough to come up with the
> > following simple diff. It adds a command line option -j to ssh/sftp/scp
> > for ignoring the ProxyCommand. Of course "-j" can be changed to any
> > other free letter.
> > 
> > Anyone else finding this useful? Comments?
> 
> well, you could also just have two config files and use
> 
>   ssh -F $HOME/.ssh/config_with_proxy
> 
> and since thats too long to type
> 
>   alias sshp="ssh -F $HOME/.ssh/config_with_proxy"
> 
> imho not worth yet another option.
> 
> /Benno

Thanks Benno, Stuart and Jiri for your responses.

An alias doesn't work with cvs over ssh, at least not when I do:
   $ alias sshp="ssh -F $HOME/.ssh/config_with_proxy"
   $ export CVS_RSH=sshp"
   $ cvs up 

CVS_RSH doesn't like flags/parameters either. I haven't figured out
a way to pass ssh flags to cvs (via CVS_RSH), except by creating a
simple script /usr/local/bin/sshp which calls ssh with my favorite
flags.

I have used various ssh_config setups with and without domain specific
blocks but never came to a config that worked everywhere (likely my
fault). On top of that I use my OpenBSD laptop at work (proxy needed)
and as well at home (no proxy needed for the exact same destination).

So I will continue with custom scripts (or aliases for the non-cvs 
cases). No big deal.

Regards,
Holger
;-se

diff for ssh/sftp/scp -j

[Holger Mikolon]

Hi tech@

at work I can ssh (hence cvs) to public servers only via a ProxyCommand
specified in /etc/ssh/ssh_config.

However, with the ProxyCommand set I cannot ssh into servers in the
internal network. So I end up changing ssh_config depending on my
use case over and over. This bothered me enough to come up with the
following simple diff. It adds a command line option -j to ssh/sftp/scp
for ignoring the ProxyCommand. Of course "-j" can be changed to any
other free letter.

Anyone else finding this useful? Comments?

Regards
Holger
;-se


Index: usr.bin/ssh/scp.c
===
RCS file: /cvs/src/usr.bin/ssh/scp.c,v
retrieving revision 1.193
diff -u -p -u -r1.193 scp.c
--- usr.bin/ssh/scp.c   21 Oct 2017 23:06:24 -  1.193
+++ usr.bin/ssh/scp.c   25 Nov 2017 21:59:05 -
@@ -400,7 +400,7 @@ main(int argc, char **argv)
addargs(, "-oClearAllForwardings=yes");
 
fflag = tflag = 0;
-   while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q12346S:o:F:")) != -1)
+   while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:jP:q12346S:o:F:")) != -1)
switch (ch) {
/* User-visible flags. */
case '1':
@@ -426,6 +426,9 @@ main(int argc, char **argv)
addargs(_remote_args, "%s", optarg);
addargs(, "-%c", ch);
addargs(, "%s", optarg);
+   break;
+   case 'j':
+   addargs(, "-j");
break;
case 'P':
sshport = a2port(optarg);
Index: usr.bin/ssh/sftp.c
===
RCS file: /cvs/src/usr.bin/ssh/sftp.c,v
retrieving revision 1.182
diff -u -p -u -r1.182 sftp.c
--- usr.bin/ssh/sftp.c  3 Nov 2017 03:46:52 -   1.182
+++ usr.bin/ssh/sftp.c  25 Nov 2017 21:59:05 -
@@ -2303,7 +2303,7 @@ main(int argc, char **argv)
infile = stdin;
 
while ((ch = getopt(argc, argv,
-   "1246afhpqrvCc:D:i:l:o:s:S:b:B:F:P:R:")) != -1) {
+   "1246afhpqrvCc:D:i:jl:o:s:S:b:B:F:P:R:")) != -1) {
switch (ch) {
/* Passed through to ssh(1) */
case '4':
@@ -2318,6 +2318,9 @@ main(int argc, char **argv)
case 'o':
addargs(, "-%c", ch);
addargs(, "%s", optarg);
+   break;
+   case 'j':
+   addargs(, "-j");
break;
case 'q':
ll = SYSLOG_LEVEL_ERROR;
Index: usr.bin/ssh/ssh.c
===
RCS file: /cvs/src/usr.bin/ssh/ssh.c,v
retrieving revision 1.469
diff -u -p -u -r1.469 ssh.c
--- usr.bin/ssh/ssh.c   1 Nov 2017 00:04:15 -   1.469
+++ usr.bin/ssh/ssh.c   25 Nov 2017 21:59:05 -
@@ -583,7 +583,7 @@ main(int ac, char **av)
argv0 = av[0];
 
  again:
-   while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx"
+   while ((opt = getopt(ac, av, "1246ab:c:e:fgi:jkl:m:no:p:qstvx"
"ACD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) {
switch (opt) {
case '1':
@@ -626,6 +626,9 @@ main(int ac, char **av)
break;
case 'g':
options.fwd_opts.gateway_ports = 1;
+   break;
+   case 'j':
+   options.proxy_command = xstrdup("none");
break;
case 'O':
if (options.stdio_forward_host != NULL)

/etc/netstart diff

[Holger Mikolon]

The veriable $HN_DIR is set in /etc/netstart on line 166 but used only
once (line 78). The diff below makes use of $HN_DIR in the other cases
where netstart cares of ip address configuration.

With below change I can maintain different sets (think "profiles") of
hostname.if(5) files in separate directories and use them e.g. like this:
"env HN_DIR=/etc/myprofile sh /etc/netstart"

Even without such use case it's at least a consistency fix.

Regards
Holger
;-se


Index: etc/netstart
===
RCS file: /cvs/src/etc/netstart,v
retrieving revision 1.186
diff -u -p -u -r1.186 netstart
--- etc/netstart25 Jul 2017 21:17:11 -  1.186
+++ etc/netstart7 Nov 2017 15:36:25 -
@@ -129,8 +129,8 @@ ifmstart() {
local _sifs=$1 _xifs=$2 _hn _if _sif _xif
 
for _sif in ${_sifs:-ALL}; do
-   for _hn in /etc/hostname.*; do
-   _if=${_hn#/etc/hostname.}
+   for _hn in $HN_DIR/hostname.*; do
+   _if=${_hn#$HN_DIR/hostname.}
[[ $_if == '*' ]] && continue
 
# Skip unwanted ifs.
@@ -147,12 +147,12 @@ ifmstart() {
 # Parse /etc/mygate and add default routes for IPv4 and IPv6
 # Usage: defaultroute
 defaultroute() {
-   ! $V4_DHCPCONF && stripcom /etc/mygate |
+   ! $V4_DHCPCONF && stripcom $HN_DIR/mygate |
while read gw; do
[[ $gw == @(*:*) ]] && continue
route -qn add -host default $gw && break
done
-   ! $V6_AUTOCONF && stripcom /etc/mygate |
+   ! $V6_AUTOCONF && stripcom $HN_DIR/mygate |
while read gw; do
[[ $gw == !(*:*) ]] && continue
route -qn add -host -inet6 default $gw && break

ocspcheck typos

[Holger Mikolon]

Hi,

below are two minor typo fixes: s/OSCP/OCSP/

Holger
;-se


Index: ocspcheck.8
===
RCS file: /cvs/src/usr.sbin/ocspcheck/ocspcheck.8,v
retrieving revision 1.5
diff -u -p -u -r1.5 ocspcheck.8
--- ocspcheck.8 24 Jan 2017 12:00:19 -  1.5
+++ ocspcheck.8 26 Jan 2017 22:11:08 -
@@ -19,7 +19,7 @@
 .Os
 .Sh NAME
 .Nm ocspcheck
-.Nd check a certificate for validity against its OSCP responder
+.Nd check a certificate for validity against its OCSP responder
 .Sh SYNOPSIS
 .Nm
 .Op Fl Nv
Index: ocspcheck.c
===
RCS file: /cvs/src/usr.sbin/ocspcheck/ocspcheck.c,v
retrieving revision 1.13
diff -u -p -u -r1.13 ocspcheck.c
--- ocspcheck.c 26 Jan 2017 00:58:32 -  1.13
+++ ocspcheck.c 26 Jan 2017 22:11:08 -
@@ -556,7 +556,7 @@ main(int argc, char **argv)
 
/*
 * Load our certificate and keystore, and build up an
-* OSCP request based on the full certificate chain
+* OCSP request based on the full certificate chain
 * we have been given to check.
 */
if ((castore = read_cacerts(cafile)) == NULL)

patch for sysctl.8

[Holger Mikolon]

See below man page fix - one of the given examples
in sysctl.8 doesn't work:

# sysctl net.inet.tcp.baddynamic=+748,6000-6999 
sysctl: cannot mix +/- with full list

Holger


Index: sbin/sysctl/sysctl.8
===
RCS file: /cvs/src/sbin/sysctl/sysctl.8,v
retrieving revision 1.203
diff -u -p -u -r1.203 sysctl.8
--- sbin/sysctl/sysctl.820 Jul 2016 09:15:28 -  1.203
+++ sbin/sysctl/sysctl.827 Jul 2016 20:28:50 -
@@ -496,7 +496,7 @@ a hyphen may be used to specify a range 
 .Pp
 It is also possible to add or remove ports from the current list:
 .Bd -literal -offset indent
-# sysctl net.inet.tcp.baddynamic=+748,6000-6999
+# sysctl net.inet.tcp.baddynamic=+748,+6000-6999
 # sysctl net.inet.tcp.baddynamic=-871
 .Ed
 .Pp

Re: dhclient/bpf.c

[Holger Mikolon]

I played with different bpf filters and came up with the below patch. It
compares the interface's LLADDR with the the respective address in the
bootp structure instead of the ether header. I don't know if this is the
right way to fix my regression and at the same time retain the original
intent of the change in version 1.41 (i.e. having a more "narrow" filter).
So any feedback is welcome.

By the way, the comment in bpf.c explaining the exact "tcpdump -d ..."
parameters doesn't work as is. tcpdump requires the keyword "and" before
"dst port 67".

Regards
Holger


Index: bpf.c
===
RCS file: /cvs/src/sbin/dhclient/bpf.c,v
retrieving revision 1.41
diff -u -p -u -r1.41 bpf.c
--- bpf.c   19 Jul 2016 17:23:20 -  1.41
+++ bpf.c   22 Jul 2016 21:39:19 -
@@ -117,7 +117,8 @@ if_register_send(void)
  *
  * Adapted from script shown by
  *
- * tcpdump -d 'ether dst 00:00:00:00:00:00 ip proto \udp dst port 67'
+ * tcpdump -d 'ip and udp dst port 67 and \
+ *   udp[36:2] = 0x and udp[38:4] = 0x'
  *
  * NOTE: tcpdump shows absolute jumps and relative jumps are required here!
  */
@@ -130,29 +131,32 @@ struct bpf_insn dhcp_bpf_filter[] = {
 * NOTE: MAC value must be patched in!
 */
 
-   BPF_STMT(BPF_LD + BPF_W + BPF_ABS, 2),
-   BPF_JUMP(BPF_JMP + BPF_JEQ +  BPF_K, 0x, 0, 12), /* patch */
-   BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 0),
-   BPF_JUMP(BPF_JMP + BPF_JEQ +  BPF_K, 0x, 0, 10), /* patch */
-
/* Make sure this is an IP packet. */
BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 12),
-   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 8),
+   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 12),
 
/* Make sure it's a UDP packet. */
BPF_STMT(BPF_LD + BPF_B + BPF_ABS, 23),
-   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 0, 6),
+   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 0, 10),
 
/* Make sure this isn't a fragment. */
BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 20),
-   BPF_JUMP(BPF_JMP + BPF_JSET + BPF_K, 0x1fff, 4, 0),
+   BPF_JUMP(BPF_JMP + BPF_JSET + BPF_K, 0x1fff, 8, 0),
 
/* Get the IP header length. */
BPF_STMT(BPF_LDX + BPF_B + BPF_MSH, 14),
 
/* Make sure it's to the right port. */
BPF_STMT(BPF_LD + BPF_H + BPF_IND, 16),
-   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 67, 0, 1),  /* patch */
+   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 67, 0, 5),  /* patch */
+
+   /* check bootp.hw.addr 2 bytes */
+   BPF_STMT(BPF_LD + BPF_H + BPF_IND, 50),
+   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0x, 0, 3),  /* 
patch */
+
+   /* check bootp.hw.addr 4 bytes */
+   BPF_STMT(BPF_LD + BPF_W + BPF_IND, 52),
+   BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0x, 0, 1),  /* 
patch */
 
/* If we passed all the tests, ask for the whole packet. */
BPF_STMT(BPF_RET+BPF_K, (u_int)-1),
@@ -257,12 +261,12 @@ if_register_receive(void)
 * insn number(s) used below!
 */
memcpy(, ((uint8_t *)>hw_address) + 2, sizeof(bits));
-   dhcp_bpf_filter[1].k = ntohl(bits);
+   dhcp_bpf_filter[12].k = ntohl(bits);
 
memcpy(, ((uint8_t *)>hw_address), sizeof(bits16));
-   dhcp_bpf_filter[3].k = ntohs(bits16);
+   dhcp_bpf_filter[10].k = ntohs(bits16);
 
-   dhcp_bpf_filter[12].k = LOCAL_PORT;
+   dhcp_bpf_filter[8].k = LOCAL_PORT;
 
if (ioctl(ifi->bfdesc, BIOCSETF, ) < 0)
error("Can't install packet filter program: %s",



> Date: Fri, 22 Jul 2016 00:56:59
> From: Holger Mikolon <hol...@mikolon.com>
> To: tech@openbsd.org
> Subject: dhclient/bpf.c
> 
> Hi,
> 
> I'm following -current and see a regression in dhclient on my machine:
> It seems to be related to version 1.41 of sbin/dhclient/bpf.c.
> Since then dhclient doesn't recognize the recieved lease. 
> 
> tcpdump shows this:
> 00:21:6a:56:2b:36 ff:ff:ff:ff:ff:ff 342: 192.168.1.7.68 > 255.255.255.255.67: 
> udp 300 [tos 0x10]
> 00:15:0c:01:a7:47 ff:ff:ff:ff:ff:ff 590: 192.168.1.1.67 > 255.255.255.255.68: 
> udp 548
> 
> However dhclient does not recognize the response.
> Reverting back to version 1.40 fixes the issue for me.
> 
> Holger

dhclient/bpf.c

[Holger Mikolon]

Hi,

I'm following -current and see a regression in dhclient on my machine:
It seems to be related to version 1.41 of sbin/dhclient/bpf.c.
Since then dhclient doesn't recognize the recieved lease. 

tcpdump shows this:
00:21:6a:56:2b:36 ff:ff:ff:ff:ff:ff 342: 192.168.1.7.68 > 255.255.255.255.67: 
udp 300 [tos 0x10]
00:15:0c:01:a7:47 ff:ff:ff:ff:ff:ff 590: 192.168.1.1.67 > 255.255.255.255.68: 
udp 548

However dhclient does not recognize the response.
Reverting back to version 1.40 fixes the issue for me.

Holger



--- bpf.c   Fri Jul 22 00:51:11 2016
+++ bpf.c   Fri Jul 22 00:51:26 2016
@@ -1,4 +1,4 @@
-/* $OpenBSD: bpf.c,v 1.41 2016/07/19 17:23:20 krw Exp $*/
+/* $OpenBSD: bpf.c,v 1.40 2016/05/08 08:20:50 natano Exp $ */
 
 /* BPF socket interface code, originally contributed by Archie Cobbs. */
 
@@ -114,27 +114,8 @@
  *
  * XXX: Changes to the filter program may require changes to the
  * constant offsets used in if_register_receive to patch the BPF program!
- *
- * Adapted from script shown by
- *
- * tcpdump -d 'ether dst 00:00:00:00:00:00 ip proto \udp dst port 67'
- *
- * NOTE: tcpdump shows absolute jumps and relative jumps are required here!
  */
 struct bpf_insn dhcp_bpf_filter[] = {
-   /*
-* Make sure this is directed to our MAC.
-* a) compare last 4 octets
-* b) compare first 2 octets
-*
-* NOTE: MAC value must be patched in!
-*/
-
-   BPF_STMT(BPF_LD + BPF_W + BPF_ABS, 2),
-   BPF_JUMP(BPF_JMP + BPF_JEQ +  BPF_K, 0x, 0, 12), /* patch */
-   BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 0),
-   BPF_JUMP(BPF_JMP + BPF_JEQ +  BPF_K, 0x, 0, 10), /* patch */
-
/* Make sure this is an IP packet. */
BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 12),
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 8),
@@ -209,8 +190,6 @@
struct bpf_version v;
struct bpf_program p;
int flag = 1, sz;
-   uint32_t bits;
-   uint16_t bits16;
 
/* Open a BPF device and hang it on this interface. */
ifi->bfdesc = if_register_bpf();
@@ -256,13 +235,7 @@
 * XXX: changes to filter program may require changes to the
 * insn number(s) used below!
 */
-   memcpy(, ((uint8_t *)>hw_address) + 2, sizeof(bits));
-   dhcp_bpf_filter[1].k = ntohl(bits);
-
-   memcpy(, ((uint8_t *)>hw_address), sizeof(bits16));
-   dhcp_bpf_filter[3].k = ntohs(bits16);
-
-   dhcp_bpf_filter[12].k = LOCAL_PORT;
+   dhcp_bpf_filter[8].k = LOCAL_PORT;
 
if (ioctl(ifi->bfdesc, BIOCSETF, ) < 0)
error("Can't install packet filter program: %s",

Re: initial 11n support for iwn (n, not m)

[Holger Mikolon]

Works without issues on my Dell Studio 1555 since a day now.

$ ifconfig iwn0 | grep media
media: IEEE802.11 autoselect (HT-MCS7 mode 11n)

$ dmesg | grep iwn
iwn0 at pci2 dev 0 function 0 "Intel WiFi Link 5300" rev 0x00: msi, MIMO 3T3R, 
MoW, address 00:21:6a:56:2b:36

$ sysctl hw.product
hw.product=Studio 1555

Thanks!

Holger

> Date: Sun, 20 Dec 2015 19:59:19
> From: Stefan Sperling 
> To: tech@openbsd.org
> Subject: Re: initial 11n support for iwn (n, not m)
> 
> On Sat, Dec 19, 2015 at 01:08:26PM +0100, Stefan Sperling wrote:
> > On Fri, Dec 18, 2015 at 05:40:39PM -0500, David Hill wrote:
> > > With sthen@'s patch I can associate, dhcp, and use net.
> > 
> > Here's an updated iwn diff with a better approach for Stuart's fix.
> > 
> > Thanks for helping, Stuart, and to everyone who sent beacons which
> > allowed us to narrow this problem down to protection settings being
> > set up the wrong way in iwn_run().
> 
> And another update (hopefully) fixing some reported issues, with some
> uncommitted net80211 changes included.
> 
> I haven't put these diffs in yet because I'm still hearing about regressions
> in some form or another. Sometimes it's unclear what people are running,
> so I hope this version will linger for a bit and get tested.
> Thanks for all the help so far from more people than I expected!

Re: ahci.c: intel_3400_4 needs same flags as intel_3400_1 to avoid a 30 sec boot hang

[Holger Mikolon]

Hi,

this fix (adapted for PCI_PRODUCT_INTEL_82801I_AHCI_3)  works on my Dell Studio 
1550:

ahci0 at pci0 dev 31 function 2 Intel 82801I AHCI rev 0x03: msi, AHCI 1.2

Regards,
Holger

 Hi
 
 A similar patch also prevents the hang on my Toshiba NB200 (with
 PCI_PRODUCT_INTEL_82801GBM_AHCI):
 
 Index: ahci.c
 ===
 RCS file: /cvs/src/sys/dev/pci/ahci.c,v
 retrieving revision 1.180
 diff -u -r1.180 ahci.c
 --- ahci.c  14 Jun 2011 10:40:14 -  1.180
 +++ ahci.c  23 Jun 2011 14:05:54 -
 @@ -482,6 +482,10 @@
 
 { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_3400_AHCI_1,
 NULL,   ahci_intel_3400_1_attach },
 +   { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_3400_AHCI_4,
 +   NULL,   ahci_intel_3400_1_attach },
 +   { PCI_VENDOR_INTEL, PCI_PRODUCT_INTEL_82801GBM_AHCI,
 +   NULL,   ahci_intel_3400_1_attach },
 
 { PCI_VENDOR_NVIDIA,PCI_PRODUCT_NVIDIA_MCP65_AHCI_2,
 NULL,   ahci_nvidia_mcp_attach },
 
 In the case of PCI_PRODUCT_INTEL_82801GBM_AHCI would it be worth duplicating
 the function or alternatively would making the function name more generic be
 better?
 
 Cheers
 Tom
 
 OpenBSD 4.9-current (GENERIC.MP) #10: Thu Jun 23 15:09:41 BST 2011
 tom@laptop.FIXNETIX:/usr/src/sys/arch/i386/compile/GENERIC.MP
 cpu0: Intel(R) Atom(TM) CPU N280 @ 1.66GHz (GenuineIntel 686-class) 1.67
 GHz
 cpu0:
 FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWA
 IT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE
 real mem  = 1063645184 (1014MB)
 avail mem = 1036029952 (988MB)
 mainbus0 at root
 bios0 at mainbus0: AT/286+ BIOS, date 09/02/09, BIOS32 rev. 0 @ 0xfdbc0,
 SMBIOS rev. 2.4 @ 0xdc010 (22 entries)
 bios0: vendor TOSHIBA version V1.60 date 09/02/2009
 bios0: TOSHIBA TOSHIBA NB200
 acpi0 at bios0: rev 2
 acpi0: sleep states S0 S3 S4 S5
 acpi0: tables DSDT FACP APIC HPET MCFG TCPA TMOR SLIC APIC BOOT SSDT SSDT
 SSDT SSDT
 acpi0: wakeup devices HDEF(S4) PXS1(S4) PXS2(S4) PXS3(S4) PXS4(S4) PXS5(S4)
 PXS6(S4) USB1(S3) USB2(S3) USB4(S3) USB7(S3) MODM(S
 4)
 acpitimer0 at acpi0: 3579545 Hz, 24 bits
 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
 cpu0 at mainbus0: apid 0 (boot processor)
 cpu0: apic clock running at 166MHz
 cpu1 at mainbus0: apid 1 (application processor)
 cpu1: Intel(R) Atom(TM) CPU N280 @ 1.66GHz (GenuineIntel 686-class) 1.67
 GHz
 cpu1:
 FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,SBF,SSE3,MWA
 IT,DS-CPL,EST,TM2,SSSE3,xTPR,PDCM,MOVBE
 ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
 ioapic0: misconfigured as apic 2, remapped to apid 1
 acpihpet0 at acpi0: 14318179 Hz
 acpimcfg0 at acpi0 addr 0xe000, bus 0-255
 acpiprt0 at acpi0: bus 0 (PCI0)
 acpiprt1 at acpi0: bus 2 (RP01)
 acpiprt2 at acpi0: bus 3 (RP02)
 acpiprt3 at acpi0: bus 4 (RP03)
 acpiprt4 at acpi0: bus 5 (RP04)
 acpiprt5 at acpi0: bus -1 (RP05)
 acpiprt6 at acpi0: bus -1 (RP06)
 acpiprt7 at acpi0: bus 6 (PCIB)
 acpiec0 at acpi0
 acpicpu0 at acpi0: C3, C2, C1, PSS
 acpicpu1 at acpi0: C3, C2, C1, PSS
 acpibtn0 at acpi0: LID0
 acpibtn1 at acpi0: PWRB
 acpiac0 at acpi0: AC unit online
 acpibat0 at acpi0: BAT1 model PA3734U-1BRS serial 41167 type Li-Ion oem
 TOSHIBA
 acpivideo0 at acpi0: GFX0
 acpivout0 at acpivideo0: LCD_
 bios0: ROM list: 0xc/0xec00! 0xcf000/0x1000 0xdc000/0x4000!
 0xe/0x1800!
 cpu0: Enhanced SpeedStep 1663 MHz: speeds: 1667, 1333, 1000 MHz
 pci0 at mainbus0 bus 0: configuration mode 1 (bios)
 pchb0 at pci0 dev 0 function 0 Intel 82945GME Host rev 0x03
 vga1 at pci0 dev 2 function 0 Intel 82945GME Video rev 0x03
 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
 wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
 intagp0 at vga1
 agp0 at intagp0: aperture at 0xd000, size 0x1000
 inteldrm0 at vga1: apic 1 int 16
 drm0 at inteldrm0
 Intel 82945GM Video rev 0x03 at pci0 dev 2 function 1 not configured
 azalia0 at pci0 dev 27 function 0 Intel 82801GB HD Audio rev 0x02: msi
 azalia0: codecs: Realtek ALC272
 audio0 at azalia0
 ppb0 at pci0 dev 28 function 0 Intel 82801GB PCIE rev 0x02: apic 1 int 17
 pci1 at ppb0 bus 2
 ppb1 at pci0 dev 28 function 1 Intel 82801GB PCIE rev 0x02: apic 1 int 16
 pci2 at ppb1 bus 3
 athn0 at pci2 dev 0 function 0 Atheros AR9285 rev 0x01: apic 1 int 17
 athn0: AR9285 rev 2 (1T1R), ROM rev 13, address 00:23:08:db:1c:27
 ppb2 at pci0 dev 28 function 2 Intel 82801GB PCIE rev 0x02: apic 1 int 18
 pci3 at ppb2 bus 4
 re0 at pci3 dev 0 function 0 Realtek 8101E rev 0x02: RTL8102EL (0x2480),
 apic 1 int 18, address 00:26:22:40:15:51
 rlphy0 at re0 phy 7: RTL8201L 10/100 PHY, rev. 1
 ppb3 at pci0 dev 28 function 3 Intel 82801GB PCIE rev 0x02: apic 1 int 19
 pci4 at ppb3 bus 5
 uhci0 at pci0 dev 29 function 0 Intel 82801GB USB rev 0x02: apic 1 int 23
 uhci1 at 

apmd action scripts

[Holger Mikolon]

Hi tech@ !

A couple of times now I didn't notice when my laptop battery reached the 0% 
remaining capacity. I am not aware of any tool in base that could issue
a beep or nice sound in case of critical battery.

Currently, apmd reports battery and power events to syslog.
Below is a patch to let apmd report battery state, battery life and
power state as parameters to an action script (/etc/apm/powerchange).
This makes the powerup and powerdown scripts obsolete.
I also included my powerchange script as an example.

Any feedback is welcome.

Holger
;-se


Index: apmd.8
===
RCS file: /cvs/src/usr.sbin/apmd/apmd.8,v
retrieving revision 1.43
diff -u -r1.43 apmd.8
--- apmd.8  28 Oct 2010 18:21:20 -  1.43
+++ apmd.8  1 Dec 2010 21:55:38 -
@@ -153,32 +153,29 @@
 in the requested state after running the configuration script and
 flushing the buffer cache.
 .Pp
-Actions can be configured for the following five transitions:
+Actions can be configured for the following four transitions:
 suspend,
 standby,
 resume,
-powerup,
 and
-powerdown.
+powerchange.
 The suspend and standby actions are run prior to
 .Nm
 performing any other actions (such as disk syncs) and entering the new
 state.
-The resume program is run after resuming from a stand-by or
-suspended state.
-The powerup and powerdown programs are run after the power status (AC
-connected or not) changes, as well as after a resume (if the power
-status changed in the mean time).
+The resume action is run after resuming from a stand-by or suspended state.
+The powerchange action is run after a change of the power status (AC
+connected or not) or the battery status (remaining capacity),
+as well as after a resume (if the power status changed in the mean time).
 .Sh FILES
-.Bl -tag -width /etc/apm/powerdownXX -compact
+.Bl -tag -width /etc/apm/powerchangeXX -compact
 .It /dev/apmctl
 Default device used to control the APM kernel driver.
 .Pp
 .It /etc/apm/suspend
 .It /etc/apm/standby
 .It /etc/apm/resume
-.It /etc/apm/powerup
-.It /etc/apm/powerdown
+.It /etc/apm/powerchange
 These files contain the host's customized actions.
 Each file must be an executable binary or shell script.
 A single program or script can be used to control all transitions
@@ -187,9 +184,13 @@
 suspend,
 standby,
 resume,
-powerup,
 or
-powerdown.
+powerchange.
+.Nm
+passes three arguments (numeric values) to the powerchange script:
+the battery state (0=high, 1=low, 2=critical, 4=abscent),
+remaining battery life (0-100 in %)
+and power state (0=AC disconnected, 1=AC connected).
 .Pp
 .It /var/run/apmdev
 Default
Index: apmd.c
===
RCS file: /cvs/src/usr.sbin/apmd/apmd.c,v
retrieving revision 1.56
diff -u -r1.56 apmd.c
--- apmd.c  2 Apr 2010 04:12:46 -   1.56
+++ apmd.c  1 Dec 2010 21:55:38 -
@@ -81,7 +81,7 @@
 void stand_by(int ctl_fd);
 void setperf(int new_perf);
 void sigexit(int signo);
-void do_etc_file(const char *file);
+void do_etc_file(const char *file, struct apm_power_info *pinfo);
 void sockunlink(void);
 
 /* ARGSUSED */
@@ -472,7 +472,7 @@
 void
 suspend(int ctl_fd)
 {
-   do_etc_file(_PATH_APM_ETC_SUSPEND);
+   do_etc_file(_PATH_APM_ETC_SUSPEND,NULL);
sync();
sleep(1);
ioctl(ctl_fd, APM_IOC_SUSPEND, 0);
@@ -481,7 +481,7 @@
 void
 stand_by(int ctl_fd)
 {
-   do_etc_file(_PATH_APM_ETC_STANDBY);
+   do_etc_file(_PATH_APM_ETC_STANDBY,NULL);
sync();
sleep(1);
ioctl(ctl_fd, APM_IOC_STANDBY, 0);
@@ -495,7 +495,8 @@
const char *fname = apmdev;
int ctl_fd, sock_fd, ch, suspends, standbys, resumes;
int statonly = 0;
-   int powerstatus = 0, powerbak = 0, powerchange = 0;
+   int powerstatus = 0, powerstatus_old = 0;
+   int batstatus = 0, batstatus_old = 0;
int noacsleep = 0;
struct timespec ts = {TIMO, 0}, sts = {0, 0};
struct apm_power_info pinfo;
@@ -636,11 +637,8 @@
apmtimeout = 0;
 
/* wakeup for timeout: take status */
-   powerbak = power_status(ctl_fd, 0, pinfo);
-   if (powerstatus != powerbak) {
-   powerstatus = powerbak;
-   powerchange = 1;
-   }
+   powerstatus_old = power_status(ctl_fd, 0, pinfo);
+   batstatus_old = pinfo.battery_life;
}
 
if (!rv)
@@ -653,10 +651,13 @@
APM_EVENT_INDEX(ev-data));
 
switch (APM_EVENT_TYPE(ev-data)) {
+   case APM_BATTERY_LOW:
+   batstatus_old = pinfo.battery_life;
+   break;
case APM_SUSPEND_REQ:
case APM_USER_SUSPEND_REQ:
 

if_em.c diff

[Holger Mikolon]

In if_em.c rev. 1.239 the hw.revision_id assignment was moved
to after call to em_set_mac_type(). However, em_set_mac_type()
depends on hw.revision_id being set (is used in a switch statement).
Possible fix below.

Holger
;-se

Index: if_em.c
===
RCS file: /cvs/src/sys/dev/pci/if_em.c,v
retrieving revision 1.243
diff -u -r1.243 if_em.c
--- if_em.c 4 Aug 2010 17:10:34 -   1.243
+++ if_em.c 7 Aug 2010 21:59:29 -
@@ -1539,16 +1539,15 @@
sc-hw.subsystem_vendor_id = PCI_VENDOR(reg);
sc-hw.subsystem_id = PCI_PRODUCT(reg);

+   reg = pci_conf_read(pa-pa_pc, pa-pa_tag, PCI_CLASS_REG);
+   sc-hw.revision_id = PCI_REVISION(reg);
+
/* Identify the MAC */
if (em_set_mac_type(sc-hw))
printf(%s: Unknown MAC Type\n, sc-sc_dv.dv_xname);

if (sc-hw.mac_type == em_pchlan)
sc-hw.revision_id = PCI_PRODUCT(pa-pa_id)  0x0f;
-   else {
-   reg = pci_conf_read(pa-pa_pc, pa-pa_tag, PCI_CLASS_REG);
-   sc-hw.revision_id = PCI_REVISION(reg);
-   }

if (sc-hw.mac_type == em_82541 ||
sc-hw.mac_type == em_82541_rev_2 ||

cwm autogroup fix

[Holger Mikolon]

Hi tech@,

the autogroup code in xenocara/app/cwm/group.c mixes up windowname and 
windowclass.
At least the code doesn't match the man page cwmrc(5).

Below is a proposed fix. I hope that alpine doesn't eat the tabs ...

Regards,
Holger


Index: group.c
===
RCS file: /cvs/xenocara/app/cwm/group.c,v
retrieving revision 1.44
diff -u -r1.44 group.c
--- group.c 11 Apr 2010 16:51:26 -  1.44
+++ group.c 27 Jun 2010 17:17:01 -
@@ -188,12 +188,11 @@

if ((p = strchr(class, ',')) == NULL) {
aw-name = NULL;
-   aw-class = xstrdup(class);
} else {
*(p++) = '\0';
-   aw-name = xstrdup(class);
-   aw-class = xstrdup(p);
+   aw-name = xstrdup(p);
}
+   aw-class = xstrdup(class);
aw-num = no;

TAILQ_INSERT_TAIL(conf-autogroupq, aw, entry);

tiny typo

[Holger Mikolon]

Index: frag6.c
===
RCS file: /cvs/src/sys/netinet6/frag6.c,v
retrieving revision 1.27
diff -u frag6.c
--- frag6.c 23 Nov 2008 13:30:59 -  1.27
+++ frag6.c 27 Dec 2009 18:30:04 -
@@ -640,7 +640,7 @@
/* adjust pointer */
ip6 = mtod(m, struct ip6_hdr *);

-   /* restoure source and destination addresses */
+   /* restore source and destination addresses */
ip6-ip6_src = q6-ip6q_src;
ip6-ip6_dst = q6-ip6q_dst;

in6.c: typo in comment

[Holger Mikolon]

Index: in6.c
===
RCS file: /cvs/src/sys/netinet6/in6.c,v
retrieving revision 1.82
diff -u in6.c
--- in6.c   4 Jun 2009 19:07:21 -   1.82
+++ in6.c   21 Dec 2009 23:22:14 -
@@ -273,7 +273,7 @@
 * route surely exists.  With this check, we can avoid to
 * delete an interface direct route whose destination is same
 * as the address being removed.  This can happen when removing
-* a subnet-router anycast address on an interface attahced
+* a subnet-router anycast address on an interface attached
 * to a shared medium.
 */
rt = rtalloc1(ifa-ifa_addr, 0, 0);