| Age | Commit message (Collapse) | Author |
|---|
|
|
|
installboot(8) runs newfs(8) and fsck(8) via system(3) but only checks
failures of the function itself, always returning zero no matter what the
programs/shell returned.
This is bad for regress tests relying on correct return codes.
create_filesystem() itself must not exit as write_filesystem() calls it and
cleans up temporary files upon failure.
Make it return -1 if the script returned non-zero so write_filesystem()
handles it as error, cleans up and makes installboot exit 1.
Stop ignoring create_filesystem()'s return code in md_prepareboot() and
exit the same way.
Here's the change in behaviour on arm64 (newfs fails because of the
vnd/disklabel race, see "Race in disk_attach_callback?" on tech@):
# installboot -vp vnd0 ; echo $?
newfsing 6694ae5b0d7596ed.i
newfs_msdos: /dev/r6694ae5b0d7596ed.i: No such file or directory
0
# ./obj/installboot -vp vnd0 ; echo $?
newfsing 6694ae5b0d7596ed.i
newfs_msdos: /dev/r6694ae5b0d7596ed.i: No such file or directory
1
Tested on amd64 arm64 macppc octeon powerpc64 sparc64
OK millert
|
|
prefixlen. Even for IPv6 this is much faster than a full table walk.
OK tb@
|
|
|
|
Add an extra state to distinguish in between chunks CRLF handling from
the last chunk which can optionally have some trailer fields included.
rpki-client ignores these trailer header fields (they are also not common
it seems).
Also remove the empty line handling in http_parse_chunked() for explicit
checks in http_read(). Because of the extra state the switch back to
non-chunked mode can now be delayed until the transfer is over.
OK tb@
|
|
In many places the HTTP allows for extra spaces which need to be ignored.
Similar the chunked encoding extensions are separated from the chunk size
by a ':' but the spec also allows for bad whitespaces in all shapes and
forms. Adjust the logic in http_parse_chunked() to stop when the first
space, tab or ':' is seen. There is no need to check for newlines since
those are stripped by http_get_line().
OK tb@
|
|
RFC9112 allows any amount of space/tabs between the ':' and the value.
Until now this code required exactly one space which works most of the
time but is not RFC compliant.
Problem reported by Ties de Kock (tdekock (at) ripe.net)
OK tb@
|
|
Every platform ought to set `stages', `stage1' and optionally `stage2'
in md_init(), otherwise passing explicit files results won't work as
`stages' is zero-initialised and no default path is set:
# installboot -v sd0 /root/BOOTAA64.EFI
usage: installboot [-npv] [-r root] disk [stage1]
This is correct synopsis and ought to work, but efi_installboot.c has an
empty md_init(). Set stage bits to fix this:
# ./obj/installboot -nv sd0 /root/BOOTAA64.EFI
Using / as root
would install bootstrap on /dev/rsd0c
using first-stage /root/BOOTAA64.EFI
would copy /root/BOOTAA64.EFI to /tmp/installboot.2bGhLGT1eF/efi/boot/bootaa64.efi
would write /tmp/installboot.2bGhLGT1eF/efi/boot/startup.nsh
This makes regress/usr.sbin/installboot pass on armv7, arm64 and riscv64
(while being lucky or carrying miod's fix for the kernel disklabel race
manifesting on vnd).
|
|
OK tb@
|
|
|
|
If a providerAS sets an afiLimit, subsequent providerAS that don't set it
would erroneously inherit that limit. Zero out the provider at the top of
the loop to avoid this problem.
ok job
|
|
ok job
|
|
Running installboot(8) on softraid(4) volumes means installing stages on
every softraid chunk.
The overall idea is the same, but MD implementations differ.
sparc64_softraid.c's sr_install_bootblk() reuses sparc64_installboot.c's
md_installboot() for this.
For sparc64, md_installboot() does the copy of stage 2, usually
/usr/mdec/ofwboot to /ofwboot, so when `-r root' is passed, it prefixes the
file path with "root".
For single-disk installations (plain-disk and single-chunk softraid) this is
fine, but as soon as multiple chunks are used, md_installboot() currently
prefixes the path each time, obviously resulting in invalid paths starting
with the second run.
Other architectures do reuse md_installboot() as well but either don't do
such a copy or implement the prefixing differently -- plus they must support
softraid in the firt place to be able to hit this type of bug.
With this fixed, regress/usr.sbin/installboot finally passes on sparc64 and
installboot no longer fails at the end of a fresh installation onto softraid
with multiple chunks.
"looks correct" miod
|
|
OK claudio@
|
|
children to just before. That way the parent disasociates from its
controling terminal and shell, but not from its children.
Remove the dup2() bits that were copied from daemon() to solve the
problem that the children still had the stdio fds open. This is now
done in the parent earlier.
Remove the setsid() and setpgid(). It is unclear what their intent
was, but they dont seem to make sense, as daemon() covers this as well
and there seems to be no reason the cildren procs need to do that.
ok claudio@ bluhm@
|
|
Every platform ought to set `stages', `stage1' and optionally `stage2'
in md_init(), otherwise passing explicit files results won't work as
`stages' is zero-initialised and no default path is set:
# installboot -nv wd0 ./ofwboot
usage: installboot [-nv] [-r root] disk [stage1]
installboot [-nv] -p disk
This is correct synopsis and ought to work, but macppc_installboot.c
(others, too) has an empty md_init(). Set stage bits to fix this:
# ./obj/installboot -nv wd0 ./ofwboot
Using / as root
would install bootstrap on /dev/rwd0c
using first-stage ./ofwboot
would copy ./ofwboot to /tmp/installboot.Ymmm6QU8OJ/ofwboot
Using `stage1' leads to a bit more cleanup since early MI installboot.c
handles `-r', i.e. write_filesystem() no longer has needs to do the
fileprefix() dance itself.
This makes regress/usr.sbin/installboot pass on macppc (while being lucky
or carrying miod's fix for the kernel disklabel race manifesting on vnd).
OK gkoehler
|
|
|
|
elements
The RSC ASN.1 templates make it impossible to pass an RFC3779-style inherit option
because of the use of ConstrainedIPAddressFamily and ConstrainedASIdentifiers.
OK tb@
|
|
Unify conformance checking of Trust Anchors, ROAs, ASPAs, RSCs - none of which
may have any 'inherit' elements in the RFC 3779 IP/AS Resources extension of
the X509 certificate.
OK tb@
|
|
to track the parent repository id of a publication point.
Nomenclature is confusing but not much we can do here.
OK tb@ job@
|
|
While currently everyone only uses a single location, the spec allows for
multiple locations ordered by preference. While rpki-client does not
support more than one location this should not be a fatal error. Instead,
pick the first location and warn if there are more than one.
ok job
|
|
ok claudio job (as part of a larger diff)
|
|
|
|
OK tb@
|
|
With this rpki-client has a chance to still finish and produce an output
even when a CA is excessivly slow and holds back progress.
With and OK benno@ tb@ and job@
|
|
The intent of the i8254 read-back command is (most likely) to permit
simultaneously latching two or three counters at once along with their
statuses.
To simulate this, we should compute olatch from one timestamp per
read-back command, not one timestamp per counter.
Improved with a tweak by dv@.
Link: https://marc.info/?l=openbsd-tech&m=166213670605453&w=2
ok dv@ mlarkin@
|
|
OK tb@ job@
|
|
then just failing the repo fetch but leaving the backends running.
OK tb@
|
|
The abort is done in a way that waits for any inflight files or http
requests to finish before removing the rrdp state and before sending
the rrdp done message indicating failure.
OK tb@ and benno@
|
|
The only caller does nothing with it.
with/ok claudio
|
|
|
|
directories in -n mode
OK claudio@
|
|
the limit on that queue instead of stopping to read new messages.
This is needed to implement an abort request.
"There is not enough RB_TREE in this diff" tb@
|
|
Patch from Ben Fuller <ben -AT- bvnf -DOT- space>,
helped along by florian@
ok florian@ and some mumblings from claudio who does not want okays in httpd.
|
|
deprecated in 6.6
|
|
Simplify things by sending any io exits from IN/OUT instructions
to userland instead of trying to emulate anything in the kernel.
vmm was sending most pertinent exits to vmd anyways, so this
functionally changes little.
An added benefit is this solves an issue reported by tb@ where i386
OpenBSD guests would probe for a pc keyboard repeatedly and cause
excessive vm exits. (The emulation in vmm was not properly handling
these port reads.)
While here, make the assignment of the VEI_DIR_{IN,OUT} enum values
not assume the underlying integer the compiler may assign.
ok mlarkin@
|
|
|
|
ok mestre@ martijn@
|
|
This uses the just imported snmpd_metrics as a new (agentx-based) backend.
Snmpd(8) executes all files in /usr/libexec/snmpd and treats regions
registered by these binaries as authorative, so that no other agentx
backends can overwrite them. The snmpe process is now pledged
"stdio recvfd inet unix".
This removes quite a few entries from the sysORTable, but the current
entries are non-compliant anyway and should be completely revisisted at a
later time.
Reduces the time for a full walk by about a factor of 4, bringing us close
to the original speed before application.c was introduced.
General design discussed with claudio@
Tested by and OK sthen
Release build test and OK tb@
|
|
Only the RDE used a hashtable for lookups while the session engine
switched from a list to RB tree some time ago.
Use peer_foreach() in the mrt code instead of passing the peer list
as an argument.
OK benno@ tb@
|
|
prototypes and members that were not removed in the previous RB tree
conversions.
OK benno@ tb@
|
|
A few adjustments will be done in the next days (like disabling this action if
there's no specific rc_configtest function defined).
e.g.
/etc/rc.d/sshd configtest
rcctl configtest sshd
idea from naddy@
|
|
msdos".
Add some missing spaces after "=".
Constify the static strings.
Prodded a while ago by deraadt@, tweaks from kn@, ok kn@
|
|
Another step towards more consistent behaviour across platforms.
This leaves only hppa and landisk **not** logging such copies,
but I can't test on those.
OK miod
|
|
case install the first level bootstrap at the beginning of the of the wd0a
filesystem, rather than at the beginning of the disk.
Both locations work but the previous behaviour overwriting an existing MBR
is a violation of POLA.
tweaks & ok krw@
|
|
Only has one return value and it's never checked.
ok martijn@, tb@
|
|
longer used. Also cleanup some hash sizes which are also no longer used.
OK tb@
|
|
imsgs.
OK tb@
|
|
OK benno@ tb@
|
|
|
