Re: lladdr support for netstart/hostname.if

2022-11-24 Thread Stuart Henderson
On 2022/11/24 14:36, Vitaliy Makkoveev wrote: > On Wed, Nov 23, 2022 at 09:36:28PM -0700, Theo de Raadt wrote: > > Theo de Raadt wrote: > > > > > > The other, that if both exist, > > > > /etc/hostname.$if will override /etc/hostname.$lladdr. > > > > > > We do need to decide which one is

Re: lladdr support for netstart/hostname.if

2022-11-22 Thread Stuart Henderson
Need to query (and set $if, which might be used in route commands etc) I think. -- Sent from a phone, apologies for poor formatting. On 22 November 2022 08:37:05 Florian Obser wrote: On 2022-11-22 18:06 +10, David Gwynne wrote: There are a few things to keep in mind if we're going to use

Re: xenodm: save ~/.xesssion to ~/.xsession.old

2022-11-14 Thread Stuart Henderson
On 2022/11/14 16:50, Klemens Nanni wrote: > X segfaulted when I opened a window, Xorg.log.old only showed the > address without anything specific, no core dump was created and > xenodm automatically restarted. > > After I logged in I checked ~/.xsession for possible indications, but > that file

Re: mount_ntfs.8: Fix swapped -g user and -u group

2022-11-14 Thread Stuart Henderson
ha, good catch. committed, thanks.

route(8) example for "out of prefix" default gateway

2022-11-08 Thread Stuart Henderson
Seems some hosting providers have annoying "out of prefix" default gateways whuch are painful to configure (https://marc.info/?t=16678224225=1=2), should we give a pointer in route(8)? Index: route.8 === RCS file:

Re: rc(8): reorder_libs(): print names of relinked libraries

2022-11-08 Thread Stuart Henderson
On 2022/11/07 23:54, Theo de Raadt wrote: > Klemens Nanni wrote: > > > > I know this makes rc(8) a bit noisier but it really does improve my > > > (for want of a better term) "user experience" as I wait for my machine > > > to boot. > > > > I like this and it doesn't add more **lines** to the

Re: Questions about the code review process in OpenBSD

2022-11-07 Thread Stuart Henderson
On 2022/11/04 23:32, i...@tutanota.com wrote: > I am trying to understand how the code review process is conducted in > OpenBSD. I can see all the OK's in the commit log, but not every commit > has the OK. > > On FreeBSD there where a serious problem with a developer who was hired > to by Netgear

Re: ssh-keygen(1): by default generate ed25519 key (instead of rsa)

2022-11-07 Thread Stuart Henderson
On 2022/11/07 12:02, Solène Rapenne wrote: > Le Sun, 6 Nov 2022 18:41:50 +0400, > Loganaden Velvindron a écrit : > > > On Sun, 6 Nov 2022 at 18:31, Job Snijders wrote: > > > > > > Dear all, > > > > > > Support for using Ed25519 for server and user authentication was > > > introduced in 2014. I

Re: 7.2 miniroot pointed to /pub/OpenBSD/snapshots for sets

2022-10-20 Thread Stuart Henderson
On 2022/10/20 09:44, Heppler, J. Scott wrote: > I was testing the full setup for a lightweight desktop I posted on > https://daemonforums.org/showpost.php?p=67677=1 > > My downloaded miniroot: > -rw-r--r--1 jsh jsh 5832704 Oct 20 08:51 miniroot72.img > > The system had previously been

Re: 7.2 miniroot pointed to /pub/OpenBSD/snapshots for sets

2022-10-20 Thread Stuart Henderson
On 2022/10/20 09:05, Heppler, J. Scott wrote: > Using the miniroot img from https://cdn.openbsd.org/pub/OpenBSD/7.2, the > set retrival still points to snapshots. You (or someone else using the same IP) must have done an install from a full URL previously rather than picking a mirror from the

Re: em(4) IPv4, TCP, UDP checksum offloading

2022-10-11 Thread Stuart Henderson
On 2022/10/11 15:03, Moritz Buhl wrote: > Here is a new diff for checksum offloading (ipv4, udp, tcp) for em(4). > > The previous diff didn't implement hardware vlan tagging for >em82578 > which should result in variable ethernet header lengths and thus > wrong checksums inserted at wrong places.

Re: sysupgrade: exit 1 instead of exit 0 when ending early

2022-10-11 Thread Stuart Henderson
On 2022/10/11 03:44, Mikolaj Kucharski wrote: > On Mon, Oct 10, 2022 at 11:17:32AM -0600, Theo de Raadt wrote: > > > Any non-zero value indicates an error, that would include 2. You are > > marking this as an error, when it isn't. > > > > You think this will help your scripting. Do you not

Re: snmp: Add support for PF_LIMIT_ANCHORS

2022-10-06 Thread Stuart Henderson
On 2022/10/06 18:20, Martijn van Duren wrote: > Just before lock mbuhl pointed out a new limit placed in pf, not > exported yet over snmp. Here's a diff to add support for > PF_LIMIT_ANCHORS. > > the OPENBSD-PF-MIB.txt DESCRIPTION is adapted from pfLimitMaxTables. > The snmp{,d} parts are there

Re: tftpd: add -R for read-only mode/reduced pledges

2022-10-04 Thread Stuart Henderson
On 2022/10/04 10:36, David Gwynne wrote: > On Sun, Oct 02, 2022 at 06:32:04PM +, Klemens Nanni wrote: > > diskless(8) just needs tftpd(8) to deliver files, none of the possibly > > untrusted clients are supposed to ever write anything. > > > > Either way, even when run without -c, a single

Re: Remove some unnecessary setproctitle(3) format strings

2022-09-27 Thread Stuart Henderson
These programs seem OK as-is, they are following the advice in https://man.openbsd.org/setproctitle.3#CAVEATS On 2022/09/26 18:06, Josiah Frentsos wrote: > Index: sbin/dhcpleased/engine.c > === > RCS file:

unbound 1.16.3

2022-09-21 Thread Stuart Henderson
Released today so I haven't been able to give it much testing yet... Index: doc/Changelog === RCS file: /cvs/src/usr.sbin/unbound/doc/Changelog,v retrieving revision 1.45 diff -u -p -r1.45 Changelog --- doc/Changelog 29 Aug

Re: iked problems with Apple clients in 7.1

2022-09-21 Thread Stuart Henderson
On 2022/05/21 17:04, Tobias Heider wrote: > On Sat, May 21, 2022 at 12:51:19PM +0100, Stuart Henderson wrote: > > On 2022/05/21 13:44, Tobias Heider wrote: > > > On Fri, May 20, 2022 at 03:41:12PM +0100, Stuart Henderson wrote: > > > > I ran into problems with Ap

Re: ftp(1) connection timeouts and hostnames with multiple addresses

2022-09-13 Thread Stuart Henderson
On 2022/09/13 13:25, Todd C. Miller wrote: > On Tue, 13 Sep 2022 20:21:58 +0100, Stuart Henderson wrote: > > > Oh great, that works very nicely for this use case, thank you. Connecting > > via a proxy also still works as I'd expect. I'm basically OK with that > > diff

Re: ftp(1) connection timeouts and hostnames with multiple addresses

2022-09-13 Thread Stuart Henderson
On 2022/09/13 10:57, Todd C. Miller wrote: > On Sat, 09 Jul 2022 12:53:17 +0100, Stuart Henderson wrote: > > > I'm trying to teach ftp(1) to do something like gui web browsers do > > and reduce the HTTP/HTTPS connection timeout from the default (75 seconds) > > if ther

Re: ifconfig, wireguard output less verbose, unless -A or

2022-09-07 Thread Stuart Henderson
On 2022/09/07 15:25, Mikolaj Kucharski wrote: > Hi. > > I didn't get a lof of feedback on this on the code level, however > got some intput on manual page changes. At the end of the email is > ifconfig.8 change from jmc@ and ifconfig.c from me. > > > On Sat, Sep 03, 2022 at 04:51:03PM +0100,

Re: Support Wacom One S (CTL-472)

2022-09-03 Thread Stuart Henderson
On 2022/09/03 21:37, Marcus Glocker wrote: > On Sat, Sep 03, 2022 at 05:43:25PM +0200, Caspar Schutijser wrote: > > > Hi, > > > > On Sat, Sep 03, 2022 at 05:00:00PM +0200, Stefan Hagen wrote: > > > This is a better version of an earlier attempt to make my wacom tablet > > > work. I have the

Re: unbound and cannot increase max open fds from 512 to 4152

2022-09-02 Thread Stuart Henderson
On 2022/09/02 11:25, Sebastian Benoit wrote: > > > > Sep 2 06:39:58 x1c unbound: [14264:0] notice: Restart of unbound > > > > 1.16.0. > > > > Sep 2 06:39:58 x1c unbound: [14264:0] notice: init module 0: validator > > > > Sep 2 06:39:58 x1c unbound: [14264:0] notice: init module 1: iterator > >

Re: ps(1): add -d (descendancy) option to display parent/child process relationships

2022-09-01 Thread Stuart Henderson
On 2022/09/01 15:14, Martin Schröder wrote: > Am Do., 1. Sept. 2022 um 05:38 Uhr schrieb Job Snijders : > > Some ps(1) implementations have an '-d' ('descendancy') option. Through > > ASCII art parent/child process relationships are grouped and displayed. > > > > Thoughts? > > gnu ps has > > -d

Re: add sendmmsg and recvmmsg systemcalls

2022-08-30 Thread Stuart Henderson
btw a few ports will likely pick this up: paths/devel/glib2.log:Checking for function "recvmmsg" : NO paths/net/tinc.log:checking for recvmmsg... no paths/net/knot.log:checking for recvmmsg... no paths/net/knot.log:Use recvmmsg: no paths/net/gdnsd.log:checking whether recvmmsg is

Re: unbound update

2022-08-29 Thread Stuart Henderson
On 2022/08/26 17:47, void wrote: > On Wed, Aug 24, 2022 at 03:03:01PM +0100, Stuart Henderson wrote: > > Anyone want to test this? > > > > Any OKs? > > Hello, > > Seemed to patch OK and built OK with a -current made yesterday, on aarch64. > > I'm a

Re: remove net/ofp.h? switch(4) remnant

2022-08-29 Thread Stuart Henderson
It could move to a private header in tcpdump though. -- Sent from a phone, apologies for poor formatting. On 29 August 2022 08:03:30 Klemens Nanni wrote: Scratch that, tcpdump uses it.

Re: libfido2 update

2022-08-28 Thread Stuart Henderson
On 2022/08/24 17:09, Damien Miller wrote: > Hi, > > https://www.mindrot.org/misc/libfido2-1.11.0.diff contains an update > for src/libfido2 from 1.8 to 1.11 (about 10 months of upstream > development). > > I've tested it with OpenSSH, which is the only thing in src/ that > uses it as well as

Re: tetris(6) "Random Generator" and advanced controls

2022-08-28 Thread Stuart Henderson
On 2022/08/27 19:58, Tom MTT. wrote: > Apparently, as some people pointed it out, DMARC doesn't influence spam score. Depends on the mail server doing filtering. > I thought that since my e-mail failed both SPF and DKIM and my DMARC > policy was set to quarantine my mail would've been trashed

Re: [PATCH] Correctly (per POSIX) round up df usage percentage

2022-08-27 Thread Stuart Henderson
On 2022/08/27 15:53, наб wrote: > PROG=df > SRCS=df.c ffs_df.c ext2fs_df.c > -LDADD= -lutil > -DPADD= ${LIBUTIL} > +LDADD= -lutil -lm > +DPADD= ${LIBUTIL} ${LIBM} df is used on the ramdisk, so this would need testing there (at least on the tighter media

Re: struct ifnet: remove unused if_switchport member

2022-08-26 Thread Stuart Henderson
On 2022/08/26 16:50, Klemens Nanni wrote: > Running the packages.txt files through 'sort -u' and 'comm -12' and > filtering for ports we actually have leaves us with > > aircrack-ng > firefox > firefox-esr > gst-plugins-bad1.0 > gst-plugins-bad1.0-contrib >

Re: struct ifnet: remove unused if_switchport member

2022-08-26 Thread Stuart Henderson
On 2022/08/26 09:49, Klemens Nanni wrote: > grep and CVS agree that this is a switch(4) left-over. > > OK? This is exported to userland isn't it? If so, I think all ports using it will need a bump. > Index: if_var.h > === > RCS

Re: bgpd silence "connection from non-peer" unless verbose

2022-08-25 Thread Stuart Henderson
On 2022/08/25 14:38, Claudio Jeker wrote: > On Thu, Aug 25, 2022 at 09:23:01AM +0100, Stuart Henderson wrote: > > On 2022/08/24 18:47, Denis Fondras wrote: > > > Le Tue, Aug 23, 2022 at 06:28:12PM +0200, Claudio Jeker a écrit : > > > > I noticed that the "connect

Re: bgpd silence "connection from non-peer" unless verbose

2022-08-25 Thread Stuart Henderson
On 2022/08/24 18:47, Denis Fondras wrote: > Le Tue, Aug 23, 2022 at 06:28:12PM +0200, Claudio Jeker a écrit : > > I noticed that the "connection from non-peer" message can fill the log and > > be so chatty that it is hard to see the other messages. The system I see > > this on is a bit special

unbound update

2022-08-24 Thread Stuart Henderson
Anyone want to test this? Any OKs? The CVEs mentioned are these: === CVE-2022-30698 Unbound prior to 1.16.2 allows malicious users to trigger continued resolvability of malicious domain names, even after their revocation from the parent zone, via a novel type of the "ghost domain names" attack

Re: [PATCH] Exclude pico-debug from the uhid driver

2022-08-22 Thread Stuart Henderson
On 2022/08/22 20:33, Josuah Demangeon wrote: > The pico-debug [1] is a debug firmware, loaded on a Raspberry Pi RP2040 > microcontroller to provide a standard debug interface. > The host support tool OpenOCD already upstreamed it [2]. > > But it does not work with OpenBSD yet, as uhid(4) takes

Re: mention double quotes for passwords with white spaces

2022-08-22 Thread Stuart Henderson
On 2022/08/22 16:41, Theo de Raadt wrote: > Hi, > > Do you recommend we do the same in the cat manual page, regarding filenames? > > Or for that matter, in hundreds of other manual pages. > > Unix does whitespace-seperated tokenization, nearly everywhere, so I > do not think this needs to be

Re: ifconfig, wireguard output less verbose, unless -A or

2022-08-20 Thread Stuart Henderson
On 2022/07/14 09:37, Mikolaj Kucharski wrote: > Hi, > > Per other thread, Theo expressed dissatisfaction with long ifconfig(8) > for wg(4) interface. Stuart Henderson pointed me at direction, which > below diff makes it work. > > I guess to questions are: > > - Does

Re: bgpd fix nexthop lookup for connected networks

2022-08-19 Thread Stuart Henderson
On 2022/08/19 10:45, Claudio Jeker wrote: > When implementing knexthop_true_nexthop() to do the lookup from BGP > nexthop to the true nexthop used by the FIB I forgot to handle connected > networks properly. > > For connected networks and connected nexthops the BGP exit nexthop is > equal to the

Re: libsoup2/3 conflicts and gstreamer1 [Re: audio/quodlibet & devel/libsoup]

2022-08-11 Thread Stuart Henderson
Moving from ports@. Quick intro: A library (gstreamer1) uses functions from another library (libsoup) which exists in two incompatible versions (libsoup-2.4.so.XX and libsoup-3.0.so.XX). Other software calling gstreamer might use one or other of these two libsoups for its own purposes, so

Re: echo(1): check for stdio errors

2022-08-11 Thread Stuart Henderson
On 2022/08/10 19:37, Scott Cheloha wrote: > On Thu, Aug 11, 2022 at 02:22:08AM +0200, Jeremie Courreges-Anglas wrote: > > On Wed, Aug 10 2022, Scott Cheloha wrote: > > > [...] > > > > > > 1. Our ksh(1) already checks for stdout errors in the echo builtin. > > > > So do any of the scripts in our

Re: [v5] amd64: simplify TSC sync testing

2022-08-02 Thread Stuart Henderson
On 2022/08/02 22:28, Hrvoje Popovski wrote: > > this is report from Dell R7515 with AMD EPYC 7702P 64-Core Processor > > > r7515$ sysctl | grep tsc > kern.timecounter.choice=i8254(0) mcx1(-100) mcx0(-100) tsc(-1000) > acpihpet0(1000) acpitimer0(1000) > machdep.tscfreq=1996246800 >

Re: bgpd force fib sync in fetchtable

2022-08-02 Thread Stuart Henderson
On 2022/08/02 12:34, Claudio Jeker wrote: > On startup we load the routing table in bgpd and at that moment a cleanup > of old bgpd routes should happen. I noticed this is not the case because > fib_sync is not set and so send_rtmsg() just returns. > I think we need to force fib_sync in

Re: interface media without netlock

2022-07-31 Thread Stuart Henderson
On 2022/07/28 13:30, Alexander Bluhm wrote: > Problem is that smtpd(8) periodically checks media status. Really?!

Re: Consistency and cleanup in /share/misc/airport

2022-07-30 Thread Stuart Henderson
On 2022/07/30 22:34, Thomas Wager wrote: > On Fri, 2022-07-29 at 16:09 -0400, Daniel Dickman wrote: > > > I think they’re called Metropolitan Area Airport Codes: > > > > I found a list here: > > Metropolitan Area Airport Codes > > wikitravel.org > > > > > > Do you want to submit a revised

Re: route(8), mention id(1)? [was Re: patch to ksh to show current rdomain]

2022-07-29 Thread Stuart Henderson
On 2022/07/29 14:01, Klemens Nanni wrote: > retrieving revision 1.103 > diff -u -p -r1.103 route.8 > --- sbin/route/route.831 Mar 2022 17:27:20 - 1.103 > +++ sbin/route/route.829 Jul 2022 13:54:26 - > @@ -78,6 +78,9 @@ Suppress all output. > .It Fl T Ar rtable >

Re: [v4] amd64: simplify TSC sync testing

2022-07-28 Thread Stuart Henderson
On 2022/07/28 12:57, Scott Cheloha wrote: > On Thu, Jul 28, 2022 at 07:55:40AM -0400, Dave Voutila wrote: > > > > This is breaking timecounter selection on my x13 Ryzen 5 Pro laptop > > running the latest kernel from snaps. > > Define "breaking". That's clear from the output: : On 2022/07/28

route(8), mention id(1)? [was Re: patch to ksh to show current rdomain]

2022-07-26 Thread Stuart Henderson
from bugs@ On 2022/07/26 13:07, Theo Buehler wrote: > On Tue, Jul 26, 2022 at 11:49:09AM +0100, Stuart Henderson wrote: > > On 2022/07/25 23:41, mgra...@brainfat.net wrote: > > > >Description: > > > This change adds the \% argument to the ksh process of the prompt.

Re:

2022-07-26 Thread Stuart Henderson
On 2022/07/25 20:08, Samuel Venable wrote: > I have a suggestion on how to get the current executable path in OpenBSD that > might be reliable enough and not too costly that it might be accepted for a > future OpenBSD version. > > Even if it won't be accepted, I need a little help completing

Re: include cpuid 0 string in dmesg for fw_update

2022-07-24 Thread Stuart Henderson
On 2022/07/24 10:34, Andrew Hewus Fresh wrote: > On Sun, Jul 24, 2022 at 09:14:30AM -0700, Andrew Hewus Fresh wrote: > > On Sun, Jul 24, 2022 at 10:01:26AM -0600, Theo de Raadt wrote: > > > Jonathan Gray wrote: > > > > > > > On Sun, Jul 24, 2022 at 08:05:26AM -0600, Theo de Raadt wrote: > > > >

Re: Latest sysupgrade (23/07/2022) fails SHA256 check

2022-07-24 Thread Stuart Henderson
On 2022/07/23 21:00, Chris Narkiewicz wrote: > Hi, > > I tried to sysupgade but it fails to check SHA256. Tried multiple times to > exclude random bit flip: > > Verifying sets. > (SHA256) bsd.mp: FAILED > > Sysupgrade on 23/07/2022. > > Best regards, > Chris Narkiewicz > If it persists,

Re: ifconfig description for wireguard peers

2022-07-14 Thread Stuart Henderson
On 2022/07/14 10:57, Claudio Jeker wrote: > On Thu, Jul 14, 2022 at 10:51:42AM +0200, Stefan Sperling wrote: > > On Wed, Jul 13, 2022 at 05:13:49PM +, Mikolaj Kucharski wrote: > > > On Wed, Jul 13, 2022 at 05:43:59PM +0100, Stuart Henderson wrote: > > > > >

Re: ifconfig description for wireguard peers

2022-07-13 Thread Stuart Henderson
On 2022/07/13 16:18, Mikolaj Kucharski wrote: > On Wed, Jul 13, 2022 at 10:02:30AM -0600, Theo de Raadt wrote: > > Mikolaj Kucharski wrote: > > > > > I took the libery and refreshed the patch. What I did so far: > > > > > > - compiled GENERIC.MP on amd64 > > > - compiled new ifconfig, same arch

Re: bgpd document add-path send

2022-07-11 Thread Stuart Henderson
On 2022/07/11 19:12, Claudio Jeker wrote: > This is my try at documenting the just added add-path bits. > > -- > :wq Claudio > > Index: bgpd.8 > === > RCS file: /cvs/src/usr.sbin/bgpd/bgpd.8,v > retrieving revision 1.74 > diff -u

ftp(1) connection timeouts and hostnames with multiple addresses

2022-07-09 Thread Stuart Henderson
I'm trying to teach ftp(1) to do something like gui web browsers do and reduce the HTTP/HTTPS connection timeout from the default (75 seconds) if there are multiple addresses behind a hostname. There's an existing connection timeout mechanism that I thought it might make sense to reuse...

Re: [v3] amd64: simplify TSC sync testing

2022-07-05 Thread Stuart Henderson
On 2022/07/05 11:22, Scott Cheloha wrote: > On Tue, Jul 05, 2022 at 05:47:51PM +0200, Stuart Henderson wrote: > > On 2022/07/04 21:06, Scott Cheloha wrote: > > > 4. OpenBSD VMs on other hypervisors. > > > > KVM on proxmox VE 7.1-12 > > > > I force acpih

Re: [v3] amd64: simplify TSC sync testing

2022-07-05 Thread Stuart Henderson
On 2022/07/04 21:06, Scott Cheloha wrote: > 4. OpenBSD VMs on other hypervisors. KVM on proxmox VE 7.1-12 I force acpihpet0 on this; it defaults to pvclock which results in timekeeping so bad that ntpd can't correct $ sysctl kern.timecounter kern.timecounter.tick=1

Re: [v3] amd64: simplify TSC sync testing

2022-07-05 Thread Stuart Henderson
On 2022/07/04 21:06, Scott Cheloha wrote: > 2. Other multisocket machines. This is from the R620 where I originally discovered the problems with SMP with the previous TSC test: $ dmesg|grep tsc $ sysctl kern.timecounter kern.timecounter.tick=1 kern.timecounter.timestepwarnings=0

Re: amd64 serial console changes

2022-06-30 Thread Stuart Henderson
On 2022/06/30 16:55, Hrvoje Popovski wrote: > On 30.6.2022. 16:48, Hrvoje Popovski wrote: > > On 30.6.2022. 15:14, Anton Lindqvist wrote: > >> On Thu, Jun 30, 2022 at 01:07:46PM +0200, Mark Kettenis wrote: > >>> Ah right. Please commit! > >> Here's the complete diff, ok? > > > > > > Hi, > > >

Re: em(4) multiqueue

2022-06-29 Thread Stuart Henderson
On 2022/06/29 13:19, Stuart Henderson wrote: > On 2022/06/28 23:11, Jonathan Matthew wrote: > > This adds the (not quite) final bits to em(4) to enable multiple rx/tx > > queues. > > Note that desktop/laptop models (I218, I219 etc.) do not support multiple > > queu

install.sub: don't ask about vlan0 unless some other interface exists

2022-06-28 Thread Stuart Henderson
The current handling of network interfaces in the installer is rather confusing when somebody has an unsupported network device - it offers to configure vlan0, but there is no interface on which a vlan can run anyway. Available network interfaces are: vlan0. Which network interface do you wish to

Re: acpitz(4): perform passive cooling only when perfpolicy is AUTO

2022-06-28 Thread Stuart Henderson
On 2022/06/27 17:12, Bryan Steele wrote: > > Shouldn't this also take into consideration hw.power as well? If it > doesn't make sense for perfpolicy=high then it probably doesn't for > perfpolicy=auto when on AC power? Why so? perfpolicy=high says to me, "I want it fast, I don't care about fan

Re: allow HW_USERMEM64 in sysctl pledge

2022-06-21 Thread Stuart Henderson
On 2022/06/21 16:39, Jonathan Gray wrote: > chromium loads vulkan when going to chrome://gpu > on Intel Mesa uses HW_USERMEM64 > > chrome(44801): pledge sysctl 2: 6 20 > chrome[44801]: pledge "", syscall 202 ok with me, it's read-only and low-risk for the new functionality it allows to other

Re: netstart(8): don't lie

2022-06-21 Thread Stuart Henderson
On 2022/06/21 07:15, Jason McIntyre wrote: > On Tue, Jun 21, 2022 at 07:07:25AM +0100, Stuart Henderson wrote: > > any comments? does it need a "does not clear things" caveat? ok? > > > > maybe instead of thinking about it as a caveat, we should just say what

netstart(8): don't lie

2022-06-21 Thread Stuart Henderson
any comments? does it need a "does not clear things" caveat? ok? Index: netstart.8 === RCS file: /cvs/src/share/man/man8/netstart.8,v retrieving revision 1.25 diff -u -p -r1.25 netstart.8 --- netstart.8 29 Nov 2020 20:14:06 -

Re: [v2] amd64: simplify TSC sync testing

2022-06-15 Thread Stuart Henderson
Hi Scott, just installing on another 2-socket machine, could you point me at the latest version of the TSC sync testing diff please?

Re: kernel build error

2022-06-12 Thread Stuart Henderson
On 2022/06/10 18:01, ten wrote: > Hello. > > kernel build was initiated from singleuser mode. > > after crash there was message to provide those files. - in archive. > > thank you. (zip file contains clang crash reproducer sh + c files, which don't fail for me) You don't show the error

Re: LDIF case sensitivity, login_ldap

2022-06-09 Thread Stuart Henderson
[moved from misc to tech] On 2022/06/09 13:26, Martijn van Duren wrote: > On Thu, 2022-06-09 at 07:48 +0000, Stuart Henderson wrote: > > On 2022-06-09, David Diggles wrote: > > > I've just got ldap login working on OpenBSD/7.1 with accounts stored > > > locall

Re: [PATCH] adds -t timeout to slowcgi

2022-06-09 Thread Stuart Henderson
On 2022/06/09 01:36, Alfred Morgan wrote: > I think this got missed on misc@ when I posted on 5/24. I'm now Diffs are definitely likely to get missed on misc@ > reposting here in tech@ with the [PATCH] subject tag. This diff is mangled, tabs have been converted to spaces and it doesn't apply

Re: bgpd: refactor kroute code a fair bit

2022-06-09 Thread Stuart Henderson
On 2022/06/08 22:47, Claudio Jeker wrote: > and here is the updated diff I forgot to include Not sure if it's expected / not, but I lose interface information with this: $ diff -wu old new --- old Thu Jun 9 09:44:37 2022 +++ new Thu Jun 9 09:44:44 2022 @@ -2,18 +2,19 @@ Flags: * = nexthop

Re: unlock pf_purge

2022-06-07 Thread Stuart Henderson
On 2022/06/07 16:58, David Gwynne wrote: > the main change here is to move pf_purge out from under the kernel lock. > > another part of the change is to limit the amount of work the state > purging does to avoid hogging a cpu too much, and to also avoid holding > NET_LOCK for too long. I'm

Re: @extraunexec usage in pkg_add

2022-06-07 Thread Stuart Henderson
On 2022/06/07 09:36, Marc Espie wrote: > I propose eventually replacing them with > @extraglob pattern Very definitely makes sense. So we can avoid surprises if/when we do this, if some developer is using packages from the wrong architecture as part of their workflow please check if those

Re: pkg_add in -current

2022-06-04 Thread Stuart Henderson
On 2022/06/04 15:23, Theo de Raadt wrote: > Stuart Henderson wrote: > > > If you are running -current and have not updated base recently, you > > may run inTO "pkg_add: Unknown option: always-update ". > > To fix it, just update to a newer base

pkg_add in -current

2022-06-04 Thread Stuart Henderson
If you are running -current and have not updated base recently, you may run inTO "pkg_add: Unknown option: always-update ". To fix it, just update to a newer base snapshot.

Re: httpd: add include_dir keyword

2022-06-02 Thread Stuart Henderson
On 2022/06/02 12:53, qorg11 wrote: > > I don't think we want this functionality. > > Some users have been asking for it in the #openbsd IRC channel. there are 20+ programs in base which use a config parser derived from the same source as usr/sbin/httpd's, and generally they are kept in sync as

Re: ix(4): Add support for TCP Large Receive Offloading

2022-05-31 Thread Stuart Henderson
Might need "make obj" -- Sent from a phone, apologies for poor formatting. On 31 May 2022 10:22:46 Hrvoje Popovski wrote: On 27.5.2022. 18:25, Jan Klemkow wrote: Hi, The following diff enables the TCP Large Receive Offloading feature for ix(4) interfaces. It also includes a default off

Re: apmd(8): reconnecting AC, not battery

2022-05-28 Thread Stuart Henderson
On 2022/05/28 06:52, Jason McIntyre wrote: > On Fri, May 27, 2022 at 07:19:37PM +0200, Jan Stary wrote: > > apmd says: > > > > When the power status changes (battery is connected or disconnected), > > apmd fetches the current status and reports it via syslog(3) > > with logging facility

Re: [PATCH] [src] share/man/man8/rc.{d,subr}.8 - normalise markup

2022-05-27 Thread Stuart Henderson
On 2022/05/27 11:43, Raf Czlonka wrote: > Hello, > > daemon_logger was the odd one out in rc.subr(8). I think that is correct. > While there, I did the same in rc.d(8). But that isn't, it is talking about _execdir, _flags, etc where you need to replace the > Regards, > > Raf > > Index:

Re: ntpd trusted servers

2022-05-26 Thread Stuart Henderson
Good catch! OK sthen@ On 2022/05/27 02:20, Nathanael Rensen wrote: > I found the trusted keyword is not respected when using the > servers directive in ntpd.conf(5): > > servers pool.trusted.local trusted > > Nathanael > > Index: ntp.c >

Re: iked problems with Apple clients in 7.1

2022-05-22 Thread Stuart Henderson
On 2022/05/21 17:04, Tobias Heider wrote: > > Oh, makes sense. I think it may still be related to the IDs, so checking if > ikev2_pld_id matches what you expect for srcid might be a good start. > Maybe the apple client is sending something different than > "" > in their

Re: iked problems with Apple clients in 7.1

2022-05-21 Thread Stuart Henderson
On 2022/05/21 13:44, Tobias Heider wrote: > On Fri, May 20, 2022 at 03:41:12PM +0100, Stuart Henderson wrote: > > I ran into problems with Apple clients failing to connect to > > iked after updating a machine to 7.1, introduced by > > https://github.c

iked problems with Apple clients in 7.1

2022-05-20 Thread Stuart Henderson
I ran into problems with Apple clients failing to connect to iked after updating a machine to 7.1, introduced by https://github.com/openbsd/src/commit/e3f5cf2ee26929d75dc2df9e86d97c36b2a94268 spi=0xac3d46687441f957: recv IKE_SA_INIT req 0 peer rrr.rrr.rrr.rr:49436 local lll.ll.lll.lll:500, 308

Re: iked(8): support for intermediate CAs and multiple CERT payloads

2022-05-20 Thread Stuart Henderson
On 2022/05/20 00:39, Loïc Revest wrote: > ()Hello Stuart, > > Thanks for giving it also a try - I was the one bothering Tobias > earlier today with > this use case of a Windows 10 (21H2) client trying to connect to an iked > server > whose CA certificate wasn't self-signed, but signed by a root

Re: iked(8): support for intermediate CAs and multiple CERT payloads

2022-05-19 Thread Stuart Henderson
> > I haven't tested Windows yet, I'll try to locate a machine to test with > > at the weekend. > > > > The certificate arrangement is a little awkward to work with typical > > ACME infrastructure used with standard TLS servers: > > > > For a standard server the root certificate would not

Re: Picky, but much more efficient arc4random_uniform!

2022-05-16 Thread Stuart Henderson
On 2022/05/16 15:13, Luke Small wrote: > If you’re not running a threaded program, my function wouldn’t be “less > safe.” > > I’d imagine that 99% of programs aren’t multithreaded. code is reused in different places. non threaded programs are sometimes turned into threaded programs and when that

Re: Picky, but much more efficient arc4random_uniform!

2022-05-14 Thread Stuart Henderson
On 2022/05/14 06:56, Luke Small wrote: > If I use arc4random_uniform() repeatedly to create a random distribution of > say numbers less than 0x1000 or even something weird like 0x1300 will the > random distribution be better with arc4random_uniform() or with mine? there's no point to have a

changelist: add /etc/login.conf.d/*

2022-05-12 Thread Stuart Henderson
changelist already has /etc/login.conf, but I think files in the .d directory should be checked too, both so we have notification of changes (as it can set environment variables this is a very powerful file), and also so we keep old versions in /var/backup. ok? Index: changelist

Re: [External] : Re: pf.conf(5) clarify ICMP sloppy state handling

2022-05-09 Thread Stuart Henderson
On 2022/05/09 23:16, Alexandr Nedvedicky wrote: > Hello, > > I'm sorry I was too fast with commit. I've just committed > what's been suggested by bluhm@: That's totally ok, my diff is on top and wasn't written until you committed yours :-) > @@ -2186,6 +2186,7 @@ It cannot be used with >

Re: [External] : Re: pf.conf(5) clarify ICMP sloppy state handling

2022-05-09 Thread Stuart Henderson
This is helpful, but because it's so surprising that "pass proto icmp" doesn't pass all icmp traffic, I think it would help to mention it where "proto icmp" is described too. Also, the top of the text about "sloppy" just talks about the sloppy TCP connection tracker, I think perhaps it would be

Re: allow 240/4 in various network daemons

2022-05-05 Thread Stuart Henderson
On 2022/05/05 15:28, Jeroen Massar wrote: > Though they did it with 1.0.0.0/8 (though that is just a huge network > telescope). No this still does not work reliably

Re: Reserved address behavior (alternate broadcast and 240/4)

2022-05-05 Thread Stuart Henderson
On 2022/05/05 08:36, Claudio Jeker wrote: > > Agreed, there is also IN_BADCLASS() which is used by the routing daemons. > IN_EXPERIMENTAL and IN_BADCLASS are the same definition. > > Looking at debian code search IN_EXPERIMENTAL() is still referenced in a > bunch of packages. So I wonder if your

Re: NETGEAR RAX200 support

2022-05-01 Thread Stuart Henderson
On 2022/05/01 13:46, Johannes (krjdev) Krottmayer wrote: > Yes, the information should be correct. I have extracted the vendor > firmware image with binwalk. I have investigated the root Device-Tree > blob. There will be also a modified Linux distribution from OpenWrt > used. But these

Re: NETGEAR RAX200 support

2022-05-01 Thread Stuart Henderson
On 2022/05/01 12:27, Mark Kettenis wrote: > > Date: Sun, 1 May 2022 11:13:13 +0200 > > From: "Johannes (krjdev) Krottmayer" > > > > Hi, > > Hi Johannes, > > > > > Exists there an official support for this router? > > > > Here the official product page: > >

Re: EVFILT_USER and kevent(2)

2022-04-30 Thread Stuart Henderson
On 2022/04/30 13:51, Visa Hankala wrote: > I am in two minds about EVFILT_USER. On the one hand, having it on > OpenBSD might help with ports. No opinion on the addition, but I don't think we ran into this in ports so far. There is software in ports which can use it but it can all work without

bwfm(4): show modulation type for the various chipsets

2022-04-23 Thread Stuart Henderson
saves time if you want to ignore 11n-only devices. ok? Index: share/man/man4/bwfm.4 === RCS file: /cvs/src/share/man/man4/bwfm.4,v retrieving revision 1.16 diff -u -p -r1.16 bwfm.4 --- share/man/man4/bwfm.4 5 Jan 2022 17:39:24

Re: patch: if_iwx.c add support for ax201 with subsystem id 0x0030

2022-04-09 Thread Stuart Henderson
On 2022/04/09 12:47, Sven Wolf wrote: > Hi Stefan, > > sorry, I'm not sure how I can get the sc_hw_rev value. > Hopefully this is the requested value: > > iwx0: hw rev 0x350, fw ver 67.8f59b80b.0 hw rev in this line is masked (sc->sc_hw_rev & IWX_CSR_HW_REV_TYPE_MSK which is 0x000FFF0), the

Re: possible memory leak in ipmi get_sdr

2022-04-07 Thread Stuart Henderson
On 2022/04/07 13:31, Moritz Buhl wrote: > Any insights? > On Mon, Jan 10, 2022 at 03:18:47PM +0100, Moritz Buhl wrote: > > Hi tech@, > > > > The return value of add_child_sensors is returned in add_sdr_sensor, > > which is called by get_sdr. get_sdr mallocs psdr and only frees it > > if

Re: ure(4): add support for RTL8156B

2022-04-02 Thread Stuart Henderson
On 2022/04/02 15:47, Stuart Henderson wrote: > It doesn't, but this fixes it: > > Index: if_ure.c > === > RCS file: /cvs/src/sys/dev/usb/if_ure.c,v > retrieving revision 1.29 > diff -u -p -r1.29 if_ure.c > ---

Re: ure(4): add support for RTL8156B

2022-04-02 Thread Stuart Henderson
On 2022/04/02 18:14, Kevin Lo wrote: > On Fri, Apr 01, 2022 at 06:09:26PM +0100, Stuart Henderson wrote: > > > > On 2022/04/01 17:13, Stuart Henderson wrote: > > > On 2022/04/01 10:26, Gerhard Roth wrote: > > > > On 4/1/22 07:41, Kevin Lo wrote: > &

Re: ure(4): add support for RTL8156B

2022-04-02 Thread Stuart Henderson
Which ic though, just 8153B? I guess it would have worked with some variants or it wouldn't have been enabled originally? -- Sent from a phone, apologies for poor formatting. On 2 April 2022 02:26:05 David Gwynne wrote: On 2 Apr 2022, at 03:09, Stuart Henderson wrote: On 2022/04/01 17:13

Re: ure(4): add support for RTL8156B

2022-04-01 Thread Stuart Henderson
On 2022/04/01 17:13, Stuart Henderson wrote: > On 2022/04/01 10:26, Gerhard Roth wrote: > > On 4/1/22 07:41, Kevin Lo wrote: > > > > > > ure0: RTL8153 (0x5c10), address 00:e0:4c:xx:xx:xx > > > rgephy1 at ure0 phy 0: RTL8251 PHY, rev. 0 > > > &g

  1   2   3   4   5   6   7   8   9   10   >