Re: rdist/rdistd: use mode_t for file modes

2016-03-31 Thread Philip Guenther
On Wed, Mar 30, 2016 at 1:57 PM, Todd C. Miller wrote: > The file mode is passed from client to server as a printf string > formatted with %04o (unsigned) so use strtoul() not strtol() to > parse it. Error out on modes > 0. > > There is no way that the mode can ever be -1 so remove those chec

Re: [patch] login_yubikey: delete keys

2016-03-31 Thread fritjof
On Thu, Mar 31, 2016 at 10:17:45PM +0200, Sebastian Benoit wrote: > Hi Fritjof, > > frit...@alokat.org(frit...@alokat.org) on 2016.03.31 11:43:58 +0200: > > Wipe out the key from "user.key". > > > > --f. > > > The while loop above has return(AUTH_FAILED) so you dont zero in those > cases. Can yo

Re: [patch] login_yubikey: delete keys

2016-03-31 Thread Sebastian Benoit
Hi Fritjof, frit...@alokat.org(frit...@alokat.org) on 2016.03.31 11:43:58 +0200: > Wipe out the key from "user.key". > > --f. > > Index: login_yubikey.c > === > RCS file: /cvs/src/libexec/login_yubikey/login_yubikey.c,v > retrieving

Re: [PATCH] Proposal to remove -f for arp(8) and ndp(8)

2016-03-31 Thread Sebastian Benoit
ok Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2016.03.31 19:16:14 +0200: > Jeremie Courreges-Anglas writes: > > > Mike Belopuhov writes: > > > >> Good day, Dimitris. > >> > >> Long time ago in a galaxy far far away I've been using this > >> alongside the -F option that I've added. While mana

Re: [PATCH] Proposal to remove -f for arp(8) and ndp(8)

2016-03-31 Thread Jeremie Courreges-Anglas
Jeremie Courreges-Anglas writes: > Mike Belopuhov writes: > >> Good day, Dimitris. >> >> Long time ago in a galaxy far far away I've been using this >> alongside the -F option that I've added. While managed >> switches are becoming cheaper, I don't see a reason for a >> working feature to go aw

Re: Aq macro replacements

2016-03-31 Thread Ingo Schwarze
Hi Christian, Christian Heckendorf wrote on Sun, Mar 27, 2016 at 11:03:02PM -0400: > - spamd-setup(8) is referring to pf tables. syslogd(8) and tcpdump(8) >use Aq to format program I/O examples. None of these instances use >mathematical unicode symbols in practice. Fixed differently. I

Re: increase v_specbitmap size (allow more cloned devices)

2016-03-31 Thread Todd C. Miller
On Thu, 31 Mar 2016 16:37:35 +0200, Martin Natano wrote: > Sure; see the updated patch below. Ok? OK millert@ - todd

Re: increase v_specbitmap size (allow more cloned devices)

2016-03-31 Thread Mike Belopuhov
On 31 March 2016 at 16:37, Martin Natano wrote: > On Thu, Mar 31, 2016 at 06:02:07AM -0600, Todd C. Miller wrote: >> On Thu, 31 Mar 2016 09:34:32 +0200, Martin Natano wrote: >> >> > Thank you all for the input. Allocatig the bitmap via malloc() really >> > seems like the way to go, so we don't was

Re: increase v_specbitmap size (allow more cloned devices)

2016-03-31 Thread Martin Natano
On Thu, Mar 31, 2016 at 06:02:07AM -0600, Todd C. Miller wrote: > On Thu, 31 Mar 2016 09:34:32 +0200, Martin Natano wrote: > > > Thank you all for the input. Allocatig the bitmap via malloc() really > > seems like the way to go, so we don't waste space for non-cloning > > devices. See updated patc

Re: increase v_specbitmap size (allow more cloned devices)

2016-03-31 Thread Martin Natano
On Thu, Mar 31, 2016 at 12:31:14PM +, Miod Vallat wrote: > > > Thank you all for the input. Allocatig the bitmap via malloc() really > > seems like the way to go, so we don't waste space for non-cloning > > devices. See updated patch below. > > > > Would it make sense to move the (rdev == VCHR

Re: increase v_specbitmap size (allow more cloned devices)

2016-03-31 Thread Miod Vallat
> Thank you all for the input. Allocatig the bitmap via malloc() really > seems like the way to go, so we don't waste space for non-cloning > devices. See updated patch below. > > Would it make sense to move the (rdev == VCHR && ...) condition to a > macro in ? I figured it's only used twice, so I

Re: increase v_specbitmap size (allow more cloned devices)

2016-03-31 Thread Todd C. Miller
On Thu, 31 Mar 2016 09:34:32 +0200, Martin Natano wrote: > Thank you all for the input. Allocatig the bitmap via malloc() really > seems like the way to go, so we don't waste space for non-cloning > devices. See updated patch below. > > Would it make sense to move the (rdev == VCHR && ...) condit

Re: move "privileged port" check out of in(6)_pcbaddrisavail()

2016-03-31 Thread Alexander Bluhm
On Wed, Mar 30, 2016 at 10:44:14PM +0200, Vincent Gross wrote: > This diff moves the "are we binding to a privileged port while not being root > ?" > check from in(6)_pcbaddrisavail() to in_pcbbind(). > --- sys/netinet/in_pcb.c 26 Mar 2016 21:56:04 - 1.198 > +++ sys/netinet/in_pcb.c

bgpd: dispatch_rtmsg_addr[change] mpath route not found

2016-03-31 Thread Peter Hessler
We see occasional bgpd deaths during boot. This is apparently caused by a race with ospfd starting up. The underlying problem is we are reciving a CHANGE route message for an MPATH path, where the gateway doesn't match the route message. In our case, the prefix is assigned to a Connected (and Ba

[patch] login_yubikey: delete keys

2016-03-31 Thread fritjof
Wipe out the key from "user.key". --f. Index: login_yubikey.c === RCS file: /cvs/src/libexec/login_yubikey/login_yubikey.c,v retrieving revision 1.10 diff -u -p -u -r1.10 login_yubikey.c --- login_yubikey.c 16 Jan 2015 06:39:50 -

Re: remove PPPOE_SERVER codepaths

2016-03-31 Thread Mike Belopuhov
On 31 March 2016 at 08:49, Jonathan Gray wrote: > if_spppsubr.c has: > > revision 1.29 > date: 2005/03/24 16:37:52; author: claudio; state: Exp; lines: +15 -9; > Unbreak tree, mono_time may no longer be used because of timecounters. > Use getmicrouptime() instead. Found by grange@ and henning@.

Re: move "privileged port" check out of in(6)_pcbaddrisavail()

2016-03-31 Thread Mike Belopuhov
On 31 March 2016 at 09:55, Martin Pieuchot wrote: > On 30/03/16(Wed) 22:44, Vincent Gross wrote: >> Hello, >> >> This diff moves the "are we binding to a privileged port while not being >> root ?" >> check from in(6)_pcbaddrisavail() to in_pcbbind(). >> >> This way we have a cleaner separation be

Re: [patch] Fix carp(4) with balancing ip / ip-stealth

2016-03-31 Thread Martin Pieuchot
On 30/03/16(Wed) 18:04, Florian Riehm wrote: > On 03/01/16 23:03, Martin Pieuchot wrote: > > On 18/02/16(Thu) 16:46, Florian Riehm wrote: > >> On 02/16/16 11:23, Martin Pieuchot wrote: > >>> On 12/02/16(Fri) 16:33, Florian Riehm wrote: > Hi Tech, > > I have noticed that CARP IP-Balan

Re: move "privileged port" check out of in(6)_pcbaddrisavail()

2016-03-31 Thread Martin Pieuchot
On 30/03/16(Wed) 22:44, Vincent Gross wrote: > Hello, > > This diff moves the "are we binding to a privileged port while not being root > ?" > check from in(6)_pcbaddrisavail() to in_pcbbind(). > > This way we have a cleaner separation between "is the resource available ?" > and "am I allowed to

Re: increase v_specbitmap size (allow more cloned devices)

2016-03-31 Thread Martin Natano
Thank you all for the input. Allocatig the bitmap via malloc() really seems like the way to go, so we don't waste space for non-cloning devices. See updated patch below. Would it make sense to move the (rdev == VCHR && ...) condition to a macro in ? I figured it's only used twice, so I inlined it.