Re: typo security.8

2014-04-22 Thread Franco Fichtner
On 22 Apr 2014, at 18:32, Henning Brauer lists-openbsdt...@bsws.de wrote: the binary has been trojan horsed. Not sure if urban dictionary should be a terminology pool for manual pages. Also, there's clearly a hyphen missing: ``trojan-horsed''. No capital T obviously since the term is common

Re: (int)sizeof in smtpd

2014-05-08 Thread Franco Fichtner
On 08 May 2014, at 18:43, Alexandre Ratchov a...@caoua.org wrote: On Thu, May 08, 2014 at 12:35:56PM -0400, Ted Unangst wrote: This is wrong in several ways. Never cast sizeof down, always cast the comparison variable up. I'll specifically call out this change: -if (snprintf(buf,

Re: Removing -Wno-format from kernel makefiles, 07/16

2013-07-04 Thread Franco Fichtner
On Jul 4, 2013, at 6:43 PM, Stefan Fritsch s...@sfritsch.de wrote: fix: %x instead of %p for int --- sys/dev/pci/musycc_obsd.c |2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git sys/dev/pci/musycc_obsd.c sys/dev/pci/musycc_obsd.c index 25a58d8..0844136 100644 ---

Re: Static variables

2013-07-08 Thread Franco Fichtner
Hi Maxime, On Jul 8, 2013, at 10:40 AM, Maxime Villard rusty...@gmx.fr wrote: the static variables are not initialized? Static variables are always zeroed when not specified otherwise. Regards, Franco

Re: linebuffering diff for tr(1)

2013-11-20 Thread Franco Fichtner
On 20 Nov 2013, at 21:40, Theo de Raadt dera...@cvs.openbsd.org wrote: FreeBSD and Dragonfly BSD have this option in tr. So, this actually improves portability. It's just spreading the disease. portable means it works everywhere. Increasing the number of people who can write nonportable

Re: amd64: Check cpu_vendor instead of using CPUID.

2012-04-22 Thread Franco Fichtner
Just being paranoid... strncmp? And how about consolidating style while at it? ! vs. == 0 - see code bits below change. Franco On 22.04.2012, at 15:12, Christiano F. Haesbaert haesba...@openbsd.org wrote: There's no need for doing that somewhat strange comparison, the rest of the code already

Re: amd64: Check cpu_vendor instead of using CPUID.

2012-04-22 Thread Franco Fichtner
On Apr 22, 2012, at 7:58 PM, Christiano F. Haesbaert wrote: On Sun, Apr 22, 2012 at 06:36:41PM +0200, Franco Fichtner wrote: Just being paranoid... strncmp? Why ? It's a terminated string vs a string literal, what do you wanna use as the third argument: strlen(AuthenticAmd) ? . 100

Re: amd64: Check cpu_vendor instead of using CPUID.

2012-04-22 Thread Franco Fichtner
On Apr 22, 2012, at 9:32 PM, Christiano F. Haesbaert wrote: On Sun, Apr 22, 2012 at 09:16:57PM +0200, Franco Fichtner wrote: On Apr 22, 2012, at 7:58 PM, Christiano F. Haesbaert wrote: On Sun, Apr 22, 2012 at 06:36:41PM +0200, Franco Fichtner wrote: Just being paranoid... strncmp? Why

Re: ##@!#@# gnu tools

2012-11-15 Thread Franco Fichtner
On Nov 15, 2012, at 5:53 PM, Reyk Floeter r...@openbsd.org wrote: On Thu, Nov 15, 2012 at 5:11 PM, Marc Espie es...@nerim.net wrote: external people regularly ask but why you don't want to use GNU/m4 GNU/make GNU/whatever ? External people seem to ask weird questions. I just had to

Re: hostname.if(5) clarification

2012-11-27 Thread Franco Fichtner
On Nov 26, 2012, at 9:44 PM, Christian Weisgerber na...@mips.inka.de wrote: Todd T. Fries t...@fries.net wrote: If there are desires to improve this (I hear Naddy grumbling!) then the stomach to break backwards compat must be present, or suggestions on how to do it without breaking

add missing semicolon to tree(3) example code

2013-02-17 Thread Franco Fichtner
Hi all, found this still lingering in my tree. Still trying to figure out the best workflow for sending patches. Not sure if this adheres to the standards. Thanks, Franco --- share/man/man3/tree.3 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/share/man/man3/tree.3

Re: add missing semicolon to tree(3) example code

2013-02-17 Thread Franco Fichtner
On Feb 17, 2013, at 6:45 PM, Otto Moerbeek o...@drijf.net wrote: On Sun, Feb 17, 2013 at 03:59:41PM +0100, Franco Fichtner wrote: Hi all, found this still lingering in my tree. Still trying to figure out the best workflow for sending patches. Not sure if this adheres to the standards

Re: goodbye to some isa devices

2013-03-26 Thread Franco Fichtner
On Mar 26, 2013, at 6:26 PM, Creamy cre...@nocrater.com wrote: but I honestly question the utility of any of these ISA network and SCSI drivers. Perhaps somebody who is new to coding might be able to learn something from them? There is such a vast amount of code in the different BSD

Re: goodbye to some isa devices

2013-03-26 Thread Franco Fichtner
On Mar 26, 2013, at 10:06 PM, Creamy cre...@nocrater.com wrote: Looking to the future, when are we going to drop 486 support, anyway? Now, that's a more interesting thing ask. How much of the hardware survives now, anyway? I mean at least the old Vaxen were, (and are), maintainable. 486

Re: goodbye to some isa devices

2013-03-26 Thread Franco Fichtner
On Mar 26, 2013, at 11:11 PM, Creamy cre...@nocrater.com wrote: On Tue, Mar 26, 2013 at 10:50:40PM +0400, Franco Fichtner wrote: Nobody in their right mind would have such a system as mission critical infrastructure. :) What, like using a Honeywell 316 as a nuclear power station reactor

Re: goodbye to some isa devices

2013-03-28 Thread Franco Fichtner
On 28.03.2013, at 13:17, Daniel Bolgheroni dan...@bolgh.eng.br wrote: On Thu, Mar 28, 2013 at 05:46:30AM +, Miod Vallat wrote: You can't say in substance it's a pity OpenBSD doesn't support the VAX 11/780 anymore in one mail, you guys really ought to ditch floppy installation media in

Re: rm(1) static addition

2013-04-27 Thread Franco Fichtner
On Apr 27, 2013, at 7:36 PM, Ted Unangst t...@tedunangst.com wrote: On Sat, Apr 27, 2013 at 08:10, Otto Moerbeek wrote: On Sat, Apr 27, 2013 at 01:08:06AM -0400, Eitan Adler wrote: Adding static to internal function allows the compiler to better detect dead code (functions, variables, etc)

Re: rm(1) static addition

2013-04-27 Thread Franco Fichtner
On Apr 27, 2013, at 9:28 PM, Joerg Sonnenberger jo...@britannica.bec.de wrote: On Sat, Apr 27, 2013 at 09:09:25PM +0200, Franco Fichtner wrote: On backtrace(3) (which is a GNU thing, I know), static functions don't show up with their respective names even though they are in the binary. That's

DPI for pf(4)

2013-04-30 Thread Franco Fichtner
Hi misc@, so I have been working on a BSD licensed DPI engine. It's a very lightweight, non-intrusive approach and I know that teasers are boring, but I'd like to know if it's worth the time to work on inclusion for pf(4). So far I have about 25 supported applications and the necessary hooks

Re: DPI for pf(4)

2013-05-01 Thread Franco Fichtner
Hi Stuart, On May 1, 2013, at 1:11 AM, Stuart Henderson st...@openbsd.org wrote: On 2013/05/01 00:16, Franco Fichtner wrote: Yes, I am proposing a lightweight approach: hard-wired regex-like code, no allocations, no reassembly or state machines. I've seen far worse things being put

Re: DPI for pf(4)

2013-05-01 Thread Franco Fichtner
Hi Ted, On May 1, 2013, at 1:14 AM, Ted Unangst t...@tedunangst.com wrote: On Wed, May 01, 2013 at 00:16, Franco Fichtner wrote: Yes, I am proposing a lightweight approach: hard-wired regex-like code, no allocations, no reassembly or state machines. I've seen far worse things being put

Re: DPI for pf(4)

2013-05-01 Thread Franco Fichtner
On May 1, 2013, at 9:41 AM, Stuart Henderson st...@openbsd.org wrote: I should have expanded the acronum to make it clear - osfp i.e. the OS fingerprinting code (pf_osfp.c). oh, sorry, my mistake. This I can comment on. :) The idea is the same. I'd say at this stage osfp has more complexity

Re: DPI for pf(4)

2013-05-02 Thread Franco Fichtner
Hi Damien, On May 2, 2013, at 10:03 AM, Damien Miller d...@mindrot.org wrote: On Wed, 1 May 2013, Franco Fichtner wrote: Not sure if that's a fitting comparison; and I know too little OSPF to answer. Let me try another route. The logic consists of an array of application detection

Re: DPI for pf(4)

2013-05-02 Thread Franco Fichtner
On May 2, 2013, at 10:45 AM, Damien Miller d...@mindrot.org wrote: On Thu, 2 May 2013, Franco Fichtner wrote: as stated before, breaking down complexity to the bare minimum is my requirement for this to be happening at all. You all get to be the judges. I'm just trying to work

Re: DPI for pf(4)

2013-05-02 Thread Franco Fichtner
On May 2, 2013, at 1:23 PM, Damien Miller d...@mindrot.org wrote: On Thu, 2 May 2013, Franco Fichtner wrote: Well, bare minimum complexity per-protocol * large_number_of_protocols = a lot of complexity. The incentive is always going to be to add more protocols and never retire them. I

Re: DPI for pf(4)

2013-05-02 Thread Franco Fichtner
On May 2, 2013, at 2:40 PM, Damien Miller d...@mindrot.org wrote: On Thu, 2 May 2013, Franco Fichtner wrote: Moving implementations to user space does not necessarily make them better or less of a problem. The big difference is that its possible to sandbox a userspace implementation so

Re: DPI for pf(4)

2013-05-02 Thread Franco Fichtner
On May 2, 2013, at 3:20 PM, Damien Miller d...@mindrot.org wrote: On Thu, 2 May 2013, Franco Fichtner wrote: OK, the implementation only pulls a couple of bytes from the packet's payload. It will never pull bytes that are not verified. It will never allocate anything. It will never test

fix guard define

2013-06-09 Thread Franco Fichtner
Hi, found this while reading up on recent changes to -current. Genuine cvs diff this time. ;) Regards, Franco Index: octeonreg.h === RCS file: /cvs/src/sys/arch/octeon/include/octeonreg.h,v retrieving revision 1.1 diff -u -r1.1

enable cmp macro for rb-trees in sys/tree.h

2013-06-09 Thread Franco Fichtner
Hi, I've had this patch in my tree for a while. It's just a consistency fix so that cmp can be a plain macro for rb-trees, too. Regards, Franco Index: tree.h === RCS file: /OpenBSD/src/sys/sys/tree.h,v retrieving revision 1.13

Re: DPI for pf(4)

2013-06-10 Thread Franco Fichtner
Hi all, adhering to the basic rule of not reinventing the wheel has sort of crippled the efforts to come up with an elegant solution for the topic at hand. Two approaches have been proposed earlier, so let's go through them: (1) Diverting traffic to userspace That's generally a good idea, but

Re: enable cmp macro for rb-trees in sys/tree.h

2013-06-10 Thread Franco Fichtner
You are right, my mistake. The previous patch was the consistency patch, but this one actually does what the subject says. The motivation behind it was the fact that rb trees *almost* support this and I can't see any harm. The same could be done for splay trees, but I found this too intrusive

Hyper-V protection fault trap on i386 with 5.9

2016-07-22 Thread Franco Fichtner
Hi, With a client we're running into the following boot panic since upgrading from 5.7 to 5.9 on a specific Hyper-V guest: cpu0: Intel(R) Xeon(R) CPU E5420 @ 2.50GHz ("GenuineIntel" 686-class) 1.65 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CF

Re: Hyper-V protection fault trap on i386 with 5.9

2016-07-25 Thread Franco Fichtner
> On 22 Jul 2016, at 7:58 PM, Mike Larkin wrote: > > What is your Hyper-V server host environment? Server 2012 R2? And I > need a full dmesg from when this worked, please. It's a Windows Server 2012 Datacenter Hyper-V failover cluster, controlled by System Center 2012

Re: vndcompress et al import?

2017-01-06 Thread Franco Fichtner
Hi Ted, Thanks, this is very helpful. Don't mind exploring other routes as long as they are sustainable within OpenBSD, e.g. if kernel changes are needed that they are provided by the standard kernel eventually. > On 3 Jan 2017, at 9:44 PM, Ted Unangst wrote: > > Timo

snmpd improvements

2016-12-21 Thread Franco Fichtner
Hi, Switching from net-snmp to OpenBSD's snmpd raised two issues and I'd like to know if they make sense to address: A pid file is missing. Would a patch for this be accepted? The snmpd.conf can contain static values. If these values are rewritten/changed over time by rewriting the config,

vndcompress et al import?

2016-12-21 Thread Franco Fichtner
Hi, Is anyone aware or interested in porting vndcompress et al from NetBSD to OpenBSD? Is there any technical reason against inclusion? We have a budget for this. If anyone is interested please let me know. Cheers, Franco

Re: regarding OpenSSL License change

2017-03-24 Thread Franco Fichtner
> On 24 Mar 2017, at 3:51 AM, Theo de Raadt wrote: > > it is great that someone found a way to convert between licenses. > > AGPL -> GPL -> ISC -> PD pfSense went through with this, being a 2-Clause BSD fork of m0n0wall, going through a 6-Clause ESF and CLA (all your

Re: openssl(1) not error exiting on full file system

2017-04-11 Thread Franco Fichtner
> On 11. Apr 2017, at 4:09 PM, Ingo Schwarze wrote: > > Index: sysexits.3 > === > RCS file: /cvs/src/share/man/man3/sysexits.3,v > retrieving revision 1.12 > diff -u -r1.12 sysexits.3 > --- sysexits.330

VCard and VCalendar MIME types

2017-04-13 Thread Franco Fichtner
Hi, Apologies for not posting this inline for fear of mail client whitespace mangling. https://github.com/fichtner/openbsd/commit/05ab4bd.patch ok? Cheers, Franco

Re: www/61.html reallocarray(1) typo

2017-03-10 Thread Franco Fichtner
> On 10 Mar 2017, at 4:43 PM, Otto Moerbeek wrote: > > On Fri, Mar 10, 2017 at 04:26:24PM +0100, Hiltjo Posthuma wrote: > >> I think a small typo slipped in the 6.1 notes. Patch below: > > Nope, the actual new functions is called recallocarray... Yup, and still a typo in one

Re: systemd compat for doas

2017-07-03 Thread Franco Fichtner
> On 2. Jul 2017, at 8:59 PM, Ted Unangst wrote: > > If the username starts with a digit, but isn't a number, treat it like root. I question the simplicity of this patch due to the fact that it leaves no head room for further security-related regressions. Maybe more

Re: [PATCH] mv -P

2018-05-06 Thread Franco Fichtner
> On 5. May 2018, at 11:12 PM, Theo de Raadt wrote: > > A better answer would have been "Really sorry Theo and everyone, but I > always come off as a dick..." A double-standard is never a good idea. ;) Cheers, Franco

Kernel size beyond 16 MB on amd64

2018-03-12 Thread Franco Fichtner
Hi, With regard to a commit[1] by Theo in 2013, several questions in the years before and a partial lift of the limitation on i386 a while back (2015?) I'd like to ask what the future plans are for OpenBSD. Peeking at NetBSD, where the amd64 was bootstrapped, they are at 48 MB kernel size at the

Re: Kernel size beyond 16 MB on amd64

2018-03-13 Thread Franco Fichtner
> On 13. Mar 2018, at 4:04 PM, Ted Unangst <t...@tedunangst.com> wrote: > > Franco Fichtner wrote: >> What can we do to help? > > Write smaller code... Fair enough. ;) On a more serious note, I'm referring to: https://marc.info/?l=openbsd-tech=112152576800634=2

Re: Kernel size beyond 16 MB on amd64

2018-04-17 Thread Franco Fichtner
Hi Stuart et al., Sorry for the delay. Meanwhile, I've been reproducing the issue on 6.3 by adding device rd and increasing MINIROOTSIZE to grow the non-gdb amd64 kernel beyond 16 MB. The kernel simply fails to boot. > If the kernel should grow to a point where we run past some limit, we'll

Re: OpenBSD Errata: March 1st, 2018 (meltdown)

2018-03-02 Thread Franco Fichtner
Hi, Thanks for making this happen! > On 28. Feb 2018, at 11:09 PM, T.J. Townsend wrote: > > Errata patches for a speculative execution flaw in Intel CPUs have been > released for OpenBSD 6.2 and 6.1. [...] > Binary updates for the amd64 platform are available via the