On Tue, Dec 29, 2020 at 12:46:54PM +0100, Mark Kettenis wrote:
> > Date: Tue, 29 Dec 2020 12:21:25 +0100
> > From: Otto Moerbeek
> >
> > Hi,
> >
> > this is a continuation from the threads on bugs@
> >
> > This version makes it explicit to *only* setup "TLS" (which actually
> > is just a
On Tue, 29 Dec 2020 10:35:08 +, Miod Vallat wrote:
> The following diff constifies the strings in regerror.c and also makes
> use of the strlcpy() return value to avoid a redundant strlen() call.
OK millert@
- todd
reads ok, benno@
Claudio Jeker(cje...@diehard.n-r-g.com) on 2020.12.29 10:33:53 +0100:
> On Thu, Dec 10, 2020 at 02:42:49PM +0100, Claudio Jeker wrote:
> > On Thu, Dec 03, 2020 at 10:59:29PM +0100, Claudio Jeker wrote:
> > > The use of roa-set, prefix-set and as-set is fairly common in bgpd.
> >
On Tue, 29 Dec 2020 09:49:11 +, Miod Vallat wrote:
> The following diff constifies the strings in cnames[]. No functional
> change.
OK millert@
- todd
On Tue, 29 Dec 2020 10:33:26 +, Miod Vallat wrote:
> regcomp.c uses the "start + count < end" idiom to check that there are
> "count" bytes available in an array of char "start" and "end" both point
> to.
>
> This is fine, unless "start + count" goes beyond the last element of the
> array. In
On Fri, Dec 18, 2020 at 11:36:33AM +0100, Claudio Jeker wrote:
> In preparation for RTR support this diff changes the internal
> representation of roa-set to a simple RB tree based on struct roa.
> The big difference is that overlapping roas, e.g.
> 10/8 source-as 3
> 10/8 maxlen
The following diff constifies the strings in cnames[]. No functional
change.
Index: cname.h
===
RCS file: /OpenBSD/src/lib/libc/regex/cname.h,v
retrieving revision 1.5
diff -u -p -r1.5 cname.h
--- cname.h 2 Jun 2003 20:18:36
cclasses[] multis field is always an empty string. Remove it and code
dealing with it. This code was incomplete anyway.
Index: cclass.h
===
RCS file: /OpenBSD/src/lib/libc/regex/cclass.h,v
retrieving revision 1.6
diff -u -p -r1.6
The following diff constifies the strings in regerror.c and also makes
use of the strlcpy() return value to avoid a redundant strlen() call.
Index: regerror.c
===
RCS file: /OpenBSD/src/lib/libc/regex/regerror.c,v
retrieving revision
regcomp.c uses the "start + count < end" idiom to check that there are
"count" bytes available in an array of char "start" and "end" both point
to.
This is fine, unless "start + count" goes beyond the last element of the
array. In this case, pedantic interpretation of the C standard makes
the
> Date: Tue, 29 Dec 2020 12:21:25 +0100
> From: Otto Moerbeek
>
> Hi,
>
> this is a continuation from the threads on bugs@
>
> This version makes it explicit to *only* setup "TLS" (which actually
> is just a pointer to static data) with the data provided if we're
> running single threaded
Claudio Jeker(cje...@diehard.n-r-g.com) on 2020.12.29 10:29:00 +0100:
> On Thu, Dec 17, 2020 at 01:26:09PM +0100, Claudio Jeker wrote:
> > getifaddrs can return a struct ifaddrs entry with a NULL ifa_addr.
> > I think an unnumbered point-to-point interface can trigger this.
> > So better check for
On Tue, 29 Dec 2020 09:50:16 +, Miod Vallat wrote:
> cclasses[] multis field is always an empty string. Remove it and code
> dealing with it. This code was incomplete anyway.
OK millert@
- todd
Theo de Raadt wrote:
> never use nobody for another purpose.
Of course you're right. I regret the suggestion that this was a good
idea, especially in a production environment.
Anyway, FWIW I looked through the code as well and didn't notice any
issues.
Hi,
this is a continuation from the threads on bugs@
This version makes it explicit to *only* setup "TLS" (which actually
is just a pointer to static data) with the data provided if we're
running single threaded (ie.. no -pthread or -pthread but no pthread
function that triggers multi-threaded
On Thu, Dec 17, 2020 at 01:26:09PM +0100, Claudio Jeker wrote:
> getifaddrs can return a struct ifaddrs entry with a NULL ifa_addr.
> I think an unnumbered point-to-point interface can trigger this.
> So better check for it before accessing anything in ifa_addr.
I will commit this later today.
On Thu, Dec 10, 2020 at 02:42:49PM +0100, Claudio Jeker wrote:
> On Thu, Dec 03, 2020 at 10:59:29PM +0100, Claudio Jeker wrote:
> > The use of roa-set, prefix-set and as-set is fairly common in bgpd.
> > Still sometimes it is not exactly clear how old the data in those tables
> > is. This diff is
On Tue, Dec 29, 2020 at 03:42:20PM +0100, Sebastian Benoit wrote:
> Hi,
>
> claudios bgpd diff and florian mentioning rad(8) made me look into usr.sbin/
> for getifaddrs() usage. I think these need a NULL check as well.
>
> ok?
Looks OK to me.
> diff --git usr.sbin/ospf6d/parse.y
On Tue, Dec 29, 2020 at 04:20:04PM +0100, Sebastian Benoit wrote:
>
> More missing checks, outside of usr.sbin.
>
> Missing: isakmpd and ifconfig
> I have not yet looked at libc internal use, libpcap and regress/.
>
> ok?
Looks good to me.
> diff --git sbin/iked/parse.y sbin/iked/parse.y
>
ok.
maybe add a line to current.html so that people are not surprised that their
video is no longer working after upgrade.
/Benno
Marcus Glocker(mar...@nazgul.ch) on 2020.12.28 23:47:54 +0100:
> Since I'm receiving various private queries about documenting the new
> kern.video.record sysctl(2)
On Tue, 29 Dec 2020 14:40:09 +0100
Sebastian Benoit wrote:
> ok.
>
> maybe add a line to current.html so that people are not surprised
> that their video is no longer working after upgrade.
Looks like sthen@ was already there :-)
> /Benno
>
>
> Marcus Glocker(mar...@nazgul.ch) on 2020.12.28
ok.
Claudio Jeker(cje...@diehard.n-r-g.com) on 2020.12.29 10:23:53 +0100:
> On Fri, Dec 18, 2020 at 11:36:33AM +0100, Claudio Jeker wrote:
> > In preparation for RTR support this diff changes the internal
> > representation of roa-set to a simple RB tree based on struct roa.
> > The big
Now that we have a switch in place with kern.video.record which requires
initial root access to enable video recording, I want propose the idea
of making the /dev/video* devices accessible to users who are a member
of the 'video' group:
lrwxr-xr-x 1 root wheel 6 Dec 29 12:38
On Tue, Dec 29, 2020 at 01:42:57PM +0100, Otto Moerbeek wrote:
> On Tue, Dec 29, 2020 at 12:46:54PM +0100, Mark Kettenis wrote:
>
> > > Date: Tue, 29 Dec 2020 12:21:25 +0100
> > > From: Otto Moerbeek
> > >
> > > Hi,
> > >
> > > this is a continuation from the threads on bugs@
> > >
> > >
Hi,
claudios bgpd diff and florian mentioning rad(8) made me look into usr.sbin/
for getifaddrs() usage. I think these need a NULL check as well.
ok?
diff --git usr.sbin/ospf6d/parse.y usr.sbin/ospf6d/parse.y
index f163e24149d..509aa2f2e88 100644
--- usr.sbin/ospf6d/parse.y
+++
More missing checks, outside of usr.sbin.
Missing: isakmpd and ifconfig
I have not yet looked at libc internal use, libpcap and regress/.
ok?
diff --git sbin/iked/parse.y sbin/iked/parse.y
index aedbb74f3fd..b02ff55d4e7 100644
--- sbin/iked/parse.y
+++ sbin/iked/parse.y
@@ -2166,7 +2166,8 @@
> Date: Tue, 29 Dec 2020 16:07:19 +0100
> From: Otto Moerbeek
>
> On Tue, Dec 29, 2020 at 01:42:57PM +0100, Otto Moerbeek wrote:
>
> > On Tue, Dec 29, 2020 at 12:46:54PM +0100, Mark Kettenis wrote:
> >
> > > > Date: Tue, 29 Dec 2020 12:21:25 +0100
> > > > From: Otto Moerbeek
> > > >
> > > >
On Wed, Dec 30, 2020 at 02:09:46AM +0100, Klemens Nanni wrote:
> On Wed, Dec 30, 2020 at 02:02:44AM +0100, Klemens Nanni wrote:
> >default (alias for "secure")
> >legacy (alias for "all")
> without double quotes
>
First time poster, so, Hi!
Been browsing around this TLS topic,
This time pipex(4) related ioctl(2) calls PIPEX{S,G}MODE are pretty
dummy and were kept for backward compatibility reasons. The diff below
removes them.
ok?
Index: share/man/man4/pipex.4
===
RCS file:
Manuals like httpd.conf(5) refer to tls_config_parse_protocols(3) the
list of supported protocols.
Sentences with inlined elements are generally harder to read, especially
in such pages and/or when they contain comments.
Convert to a proper list that looks like this when rendered:
The
On Wed, Dec 30, 2020 at 02:02:44AM +0100, Klemens Nanni wrote:
> Manuals like httpd.conf(5) refer to tls_config_parse_protocols(3) the
> list of supported protocols.
>
> Sentences with inlined elements are generally harder to read, especially
> in such pages and/or when they contain comments.
>
On Tue, Dec 29, 2020 at 11:18:26PM +0100, Claudio Jeker wrote:
> Generally I would prefer to go for direct dispatch and not use netisr.
> This removes a queue and a scheduling point and should help reduce the
> latency in processing pppoe packages.
>
> This does not mean that I'm against this
On Wed, Dec 30, 2020 at 03:21:59AM +0300, Vitaliy Makkoveev wrote:
> pppoe_dispatch_disc_pkt() has `off' argument which is always passed as
> 0. The diff below converts this argument to local variable.
OK kn
auth_mkvalue(3) may return NULL (if no memory is available), but
login_passwd.c and friends use the return value without checking.
$ cd /usr/src/libexec/
$ egrep -B 1 auth_mkval login_*/*.c
login_passwd/login_passwd.c-fprintf(back, BI_VALUE " errormsg %s\n",
pppoe_dispatch_disc_pkt() has `off' argument which is always passed as
0. The diff below converts this argument to local variable.
Also this function breaks style(9) but I'll fix it with separate diff.
ok?
Index: sys/net/if_pppoe.c
On Wed, Dec 30, 2020 at 02:02:44AM +0100, Klemens Nanni wrote:
> default (alias for "secure")
> legacy (alias for "all")
without double quotes
On Wed, Dec 30, 2020 at 07:05:47AM +, Jason McIntyre wrote:
> On Wed, Dec 30, 2020 at 02:02:44AM +0100, Klemens Nanni wrote:
> > Manuals like httpd.conf(5) refer to tls_config_parse_protocols(3) the
> > list of supported protocols.
> >
> > Sentences with inlined elements are generally harder
Another set of NULL checks in programs under usr.sbin/
ok?
diff --git usr.sbin/eigrpd/parse.y usr.sbin/eigrpd/parse.y
index f024e3cf0cd..0ac9431e829 100644
--- usr.sbin/eigrpd/parse.y
+++ usr.sbin/eigrpd/parse.y
@@ -1246,7 +1246,8 @@ get_rtr_id(void)
for (ifa = ifap; ifa; ifa =
Hi,
these last ones are a bit different from the others:
Two cases in libc, two in ifconfig, and one in isakmpd that is a bit tricky.
comments?
ok?
diff --git lib/libc/rpc/get_myaddress.c lib/libc/rpc/get_myaddress.c
index d0ac78f796e..b84968e1807 100644
--- lib/libc/rpc/get_myaddress.c
+++
It seems to me that this call to getifaddrs() is actually not needed.
ok?
diff --git usr.sbin/npppd/pppoe/pppoed.c usr.sbin/npppd/pppoe/pppoed.c
index 5b3f09dccb1..bae41732199 100644
--- usr.sbin/npppd/pppoe/pppoed.c
+++ usr.sbin/npppd/pppoe/pppoed.c
@@ -458,7 +459,6 @@ pppoed_reload(pppoed
Hi.
> On 29 Dec 2020, at 22:48, Klemens Nanni wrote:
>
> Earlier this year `struct pppoe_softc' was annotated with lock comments
> showing no member being protected by KERNEL_LOCK() alone.
>
> After further review of the code paths starting from pppoeintr() I also
> could not find sleeping
> Date: Tue, 29 Dec 2020 15:24:58 +0100
> From: Marcus Glocker
>
> Now that we have a switch in place with kern.video.record which requires
> initial root access to enable video recording, I want propose the idea
> of making the /dev/video* devices accessible to users who are a member
> of the
> On 30 Dec 2020, at 01:08, Sebastian Benoit wrote:
>
> It seems to me that this call to getifaddrs() is actually not needed.
>
> ok?
Indeed it is.
ok mvs
>
> diff --git usr.sbin/npppd/pppoe/pppoed.c usr.sbin/npppd/pppoe/pppoed.c
> index 5b3f09dccb1..bae41732199 100644
> ---
On Tue, Dec 29, 2020 at 08:48:28PM +0100, Klemens Nanni wrote:
> Earlier this year `struct pppoe_softc' was annotated with lock comments
> showing no member being protected by KERNEL_LOCK() alone.
>
> After further review of the code paths starting from pppoeintr() I also
> could not find
On Tue, Dec 29, 2020 at 11:09:44PM +0100, Mark Kettenis wrote:
> > Date: Tue, 29 Dec 2020 15:24:58 +0100
> > From: Marcus Glocker
> >
> > Now that we have a switch in place with kern.video.record which requires
> > initial root access to enable video recording, I want propose the idea
> > of
On Tue, 29 Dec 2020 12:36:22 -0700, Todd C. Miller wrote:
> That looks something like this. I used the FreeBSD macros which
> incorporate STAILQ_NEXT and STAILQ_FIRST but I can inline things
> if someone has a strong opinion on this.
Here is the updated man page. The table doesn't reflect
Hi,
maybe add a hint about the needed check?
comments?
ok?
diff --git lib/libc/net/getifaddrs.3 lib/libc/net/getifaddrs.3
index 26eac493202..946c2d9a9b0 100644
--- lib/libc/net/getifaddrs.3
+++ lib/libc/net/getifaddrs.3
@@ -74,13 +74,13 @@ Contains the interface flags, as set by
References
On Sat, 26 Dec 2020 15:07:36 -0700, "Theo de Raadt" wrote:
> Well in that case this should still be a multistep process.
>
> Add STAILQ
>
> Convert things, including everything in ports
>
> No diff should change a line of code before it's time
That looks something like this. I used the FreeBSD
Earlier this year `struct pppoe_softc' was annotated with lock comments
showing no member being protected by KERNEL_LOCK() alone.
After further review of the code paths starting from pppoeintr() I also
could not find sleeping points, which must be avoided in the sofnet
thread. (As part of this,
49 matches
Mail list logo