Re: pf_pull_hdr af switch

2017-05-22 Thread Claudio Jeker
On Tue, May 23, 2017 at 03:00:57AM +0200, Alexander Bluhm wrote: > Hi, > > I would like to move the common length check in pf_pull_hdr() after > the address family switch. This makes the specific calculation > more obvious. > > ok? OK > bluhm > > Index: net/pf.c > ===

pf_pull_hdr af switch

2017-05-22 Thread Alexander Bluhm
Hi, I would like to move the common length check in pf_pull_hdr() after the address family switch. This makes the specific calculation more obvious. ok? bluhm Index: net/pf.c === RCS file: /data/mirror/openbsd/cvs/src/sys/net/pf.c

Fix yacc(1) warnings

2017-05-22 Thread Brian Callahan
Hi tech -- I attemped to build a DEBUG version of yacc. gcc gave warnings and clang errored out, so I turned on WARNINGS=yes and fixed all the warnings. OpenBSD seems to be upstream for this version of byacc, as the other BSDs follow Thomas Dickey's byacc. ~Brian Index: closure.c ==

Re: IPsec ours policy check in IPv6 input

2017-05-22 Thread Mike Belopuhov
On 22 May 2017 at 21:02, Alexander Bluhm wrote: > > Hi, > > In the IPv4 input path the IPsec policy is checked by > ip_input_ipsec_ours_check(). This is missing in the IPv6 case. So > call this function also from ip6_local(). > > ok? > > bluhm > This looks good, but please consider moving these

Re: qsort: store the partition value out of line

2017-05-22 Thread Todd C. Miller
On Sat, 20 May 2017 15:27:06 -0600, "Todd C. Miller" wrote: > One optimization implemented in the sample code from "Engineering > a Sort Function" that our qsort lacks is storing the partition value > out of line when convenient. Currently, we swap the partition value > into a[0], but this can si

IPsec ours policy check in IPv6 input

2017-05-22 Thread Alexander Bluhm
Hi, In the IPv4 input path the IPsec policy is checked by ip_input_ipsec_ours_check(). This is missing in the IPv6 case. So call this function also from ip6_local(). ok? bluhm Index: netinet/ip_input.c === RCS file: /data/mirror/

Re: qsort: store the partition value out of line

2017-05-22 Thread Todd C. Miller
On Sat, 20 May 2017 15:27:06 -0600, "Todd C. Miller" wrote: > One optimization implemented in the sample code from "Engineering > a Sort Function" that our qsort lacks is storing the partition value > out of line when convenient. Currently, we swap the partition value > into a[0], but this can si

[patch/openbgpd] remove unused argument from community_ext_*

2017-05-22 Thread Denis Fondras
Hello, Here is a patch to remove "u_int16_t neighas", an unused arguments from community_ext_* functions. Index: parse.y === RCS file: /cvs/src/usr.sbin/bgpd/parse.y,v retrieving revision 1.298 diff -u -p -r1.298 parse.y --- parse.y

Re: kern.allowkmem in examples?

2017-05-22 Thread Theo de Raadt
Yes, that is a lot better. The command could even suggest so upon runttime failure ... > > On Mon, May 22, 2017 at 02:00:51PM +0200, Jan Stary wrote: > > > acpidump(8) wants kern.allowkmem. > > > Does it make sense to put that into examples sysctl.conf? > > On May 22 09:06:51, dera...@openbsd.or

Re: kern.allowkmem in examples?

2017-05-22 Thread Jan Stary
> On Mon, May 22, 2017 at 02:00:51PM +0200, Jan Stary wrote: > > acpidump(8) wants kern.allowkmem. > > Does it make sense to put that into examples sysctl.conf? On May 22 09:06:51, dera...@openbsd.org wrote: > No, in fact I want to kill that sysctl eventually, perhaps couple this > with secureleve

Re: kern.allowkmem in examples?

2017-05-22 Thread Theo de Raadt
No, in fact I want to kill that sysctl eventually, perhaps couple this with securelevel=0, and never allow it otherwise. The days of kernel memory snooping are OVER. > acpidump(8) wants kern.allowkmem. > Does it make sense to put that into examples sysctl.conf? > > Jan > > Index: sysctl.c

Re: ksh(1): don't output invalid UTF-8 characters

2017-05-22 Thread Boudewijn Dijkstra
Op Fri, 19 May 2017 15:17:55 +0200 schreef Anton Lindqvist : On Fri, May 19, 2017 at 09:33:33AM -0300, Lucas Gabriel Vuotto wrote: On 19/05/17 03:42, Anton Lindqvist wrote: > > +static int > +u8len(unsigned char c) > +{ > + switch (c & 0xF0) { > + case 0xF0: > + return 4; > + case 0

Re: fix warnings in netcat

2017-05-22 Thread Alexander Bluhm
On Wed, May 10, 2017 at 03:16:45PM +0200, Alexander Bluhm wrote: > When compiling netcat with WARNINGS=yes, gcc produces a bunch of > warnings. > > /crypt/home/bluhm/openbsd/cvs/src/usr.bin/nc/netcat.c:1348: warning: no > previous prototype for 'strtoport' > /crypt/home/bluhm/openbsd/cvs/src/usr.

Re: kern.allowkmem in examples?

2017-05-22 Thread Mark Kettenis
> Date: Mon, 22 May 2017 14:00:51 +0200 > From: Jan Stary > > acpidump(8) wants kern.allowkmem. > Does it make sense to put that into examples sysctl.conf? I'm not necessaily against adding and kern.allowkmem entry, but acpidump is a bit of a bad example. The bootscript already runs acpidump ad

Re: kern.allowkmem in examples?

2017-05-22 Thread Sebastien Marie
On Mon, May 22, 2017 at 02:00:51PM +0200, Jan Stary wrote: > acpidump(8) wants kern.allowkmem. > Does it make sense to put that into examples sysctl.conf? > It should be rare to need to run acpidump(8) post-boot. The system already runs it at startup and stock files under /var/db/acpi. -- Sebas

kern.allowkmem in examples?

2017-05-22 Thread Jan Stary
acpidump(8) wants kern.allowkmem. Does it make sense to put that into examples sysctl.conf? Jan Index: sysctl.conf === RCS file: /cvs/src/etc/examples/sysctl.conf,v retrieving revision 1.4 diff -u -p -r1.4 sysctl.conf --- sys

Re: [patch] Avoid system(3) in ikectl

2017-05-22 Thread Jonathan Gray
On Fri, May 19, 2017 at 09:56:14AM +0100, Stuart Henderson wrote: > On 2017/05/19 00:32, Matthew Martin wrote: > > ikectl errors in a number of situations where shell special characters > > are used. For example: > > > > % doas ikectl ca test create password \' > > [...] > > subject=/C=DE/ST=Lower