[00:11:41] --- dev-zero@jabber.org has left [00:16:08] --- dragos.tatulea has become available [00:16:17] Good morning. [00:16:58] it's morning, anyway [00:17:02] I haven't slept yet [00:18:24] :) [00:18:27] What's up? [00:18:45] writing a short story, in short-long form [00:18:56] not quite sure what that means, but I'm just going for i [00:18:58] for it* [00:19:08] short-lomg form? [00:19:18] a longish short story [00:28:30] oh [00:28:45] like I said, not really sure what it means [00:31:24] yeah, too late for me to think more. I'm mostly done, I think. I'm going to bed [00:54:10] --- dev-zero@jabber.org has become available [01:24:46] --- dragos.tatulea has left [03:03:49] --- dragos.tatulea has become available [03:04:12] Is it normal to block outgoing cvs connections? [03:04:16] In a network? [03:07:32] I'm trying to login to cvs.openafs.org but it seems that the connection is blocked. [05:14:00] it's not very usual [05:14:07] but if they only open a few ports it could happen [05:14:21] in austria we had like 4 open ports. cvs was not one. nor afs or ssh [05:34:30] shadow - yes [05:37:27] ok [05:46:04] grr [05:46:13] tunnel it? [05:46:27] with what? [05:46:29] http? [05:46:32] can I do that? [05:48:18] i'd use ssh [05:56:33] But you have admin rights...you can use ssh. [05:56:42] um. what? [05:56:42] can I use anonymous account for ssh? [05:56:54] dude. [05:57:11] ssh -L2401:cvs.openafs.org:2401 some.machine.you.control [05:57:32] then, tell cvs that your CVSROOT is at localhost instead of cvs.openafs.org [05:57:37] anonymous has nothing to do with it [05:58:01] and "control" just means "you can ssh to it and it has non-useless network" [05:58:15] hmmm [05:58:21] niice [06:00:27] it gets more fun when you start using reverse tunneling. which i once did to let someone do builds on my laptop while i was driving. [06:00:52] i gave them a well-known host/port they could use by reverse-tunneling a port back to my attached-to-mobile-net laptop [06:01:20] Oh reverse tunelling. I love that. I wanted to do my own vpn for work with that. [06:01:48] s/for work/for my work computer [06:02:30] but they eventually gave me vpn access and told me that that's "against the rules" [06:05:20] Hmm....I can do the same thing with afs ports.... [06:05:21] yaay [06:05:42] no [06:05:52] not unless you get a udp tunnel "accessory" [06:06:20] oh yeah, udp [06:06:37] http://zarb.org/~gc/html/udp-in-ssh-tunneling.html [06:06:46] (done with netcat and a fifo. ugly) [06:07:10] thx [06:08:54] or [06:08:56] http://www1.cs.columbia.edu/~lennox/udptunnel/ [06:14:11] summatusmentis still around? [06:16:58] I think he went to sleep. [06:17:07] So, how was the hackathon? [06:36:20] hackathon was less productive than i would have liked [07:22:36] How's the git repo going on? [07:23:26] the people who i gave the pile of patches to haven't given them back yet. [08:33:06] What do you mean? [08:34:09] the git work done at the hackathon is at /afs/sinenomine.net/public/openfs/git_work [08:45:19] corrected path appears to be /afs/sinenomine.net/public/openafs/git_work [09:14:10] --- dmontuori has become available [09:40:50] --- stevenjenkins has become available [09:52:45] --- dragos.tatulea has left [10:01:17] --- matt has become available [10:06:18] --- reuteras has left [10:19:06] --- stevenjenkins has left [10:20:57] --- wollman has become available [10:21:21] --- wollman has left [10:26:49] --- dev-zero@jabber.org has left [10:33:56] --- stevenjenkins has become available [10:40:58] --- dragos.tatulea has become available [10:47:31] --- Russ has become available [10:51:51] --- Peter.Kelemen has become available [11:01:00] --- Peter.Kelemen has left [12:03:07] derrick, you pinged me this morning [12:03:41] I was sleeping, I am now available for whatever you request [12:04:08] i did. i guess you know the elders will in fact be paying you to do the web site :) [12:04:22] Jeff told me earlier also :) [12:05:02] I'm excited for it, I enjoy web dev stuff (mostly) [12:05:15] --- dev-zero@jabber.org has become available [12:09:58] oh, derrick. I bought an iPod Touch, and the UI is addicting. I can see where you were coming from now in your "iPhone is win" claims :-D [12:11:05] it's a shame the app sandboxing works like it does. but it's unclear what afs on the device would get you at this point. perhaps as the platform continues to develop that will change. [12:11:14] but yes, the UI ruined me [12:11:48] I was actually wondering about afs [12:11:58] afs on it would get you the same thing afs on the n8x0 series would [12:12:02] presumably [12:12:32] no. on n810 currently it is a kernel filesystem, and could become a gnome vfs plugin. on iphone there's no analogous concept [12:13:31] oh, I suppose so. The iPhone is running a kernel, obviously, is it the filesystem stuff that's not similar? [12:13:58] I wonder if there is someway would could add ukernel to webkit and then afs paths would simply be accessed via afs:/cellname/path/... [12:14:21] apps presumably don't get access to the real filesystem, and so wouldn't get access to AFS, either. [12:14:27] the's a file browser, I'm not sure how it works though [12:14:37] the iPhone's kernel has the kext support basically crippled away [12:14:51] and we can't flash a kernel [12:14:56] yes we can [12:15:01] we just can't build one [12:15:17] why? [12:15:18] people who spend more time on this can't build one yet [12:15:23] oh [12:15:24] rapple doesn't give you all the bits [12:18:43] hmm... intriguing [12:20:10] the firmware you get from apple in an ipsw is "packed" as an img3 file. the people who first hacked the AppleTV developed tools for unpacking it. you can use the pwnage libraries to build your own hacked firmware. [12:20:17] the issues are [12:20:53] 1) no code injection (that could probably be fixed by emacsing their kernel if you knew what you were looking for) [12:20:59] 2) no /dev/kmem [12:22:13] (so no dkload-like hack) [12:22:29] 3) the needed symbol files you need to just kextload aren't there [12:22:36] and it may be that [12:22:59] not familiar with apple kernel structures to know what /dev/kmem is, but ok :) Is it remotely feasible that this will change at some point? [12:24:03] 4) istr but can't find now that the actual interface kextload uses is stubbed out [12:24:17] /dev/kmem is not apple-specific [12:26:45] You've probably never heard of kload, either [12:28:08] I never have, but I'm not that familiar with kernel stuff [12:31:41] --- dev-zero@jabber.org has left: Replaced by new connection [12:31:43] --- dev-zero@jabber.org has become available [12:58:26] --- Simon Wilkinson has become available [13:11:52] --- dragos.tatulea has left [13:13:10] --- Simon Wilkinson has left [13:13:36] --- Simon Wilkinson has become available [13:33:14] --- Simon Wilkinson has left [13:33:54] --- Simon Wilkinson has become available [13:40:51] I'm increasingly convinced that the future is ukernel for embedded devices. [13:41:34] yes, it does seem like it [13:41:34] Mobile phone manufacturers just don't like you playing near their radio or network stacks. [13:41:39] i also want it badly for unit tests [13:42:03] I almost had it building on Windows and got distracted [13:42:22] The trick will be to do ukernel in away that means you can have a single cache manager per user. [13:42:35] ukernel is userspace? [13:42:38] yes [13:42:50] (or possibly, per host) [13:43:05] ukernel is the userspace cache manager. [13:43:26] I see [13:43:36] In effect, it's an API, and a load of VFS-like stubs which, in theory, produce a library that contains an AFS cache manager. [13:43:41] "In theory", because it hasn't worked for a while. [13:43:46] one CM per PAG [13:44:06] Yuck. No shared cache. [13:44:53] depends on how the cache is stored [13:44:54] I'd still like to see a way of having the shared cache. Admittedly there's probably no application there for mobile devices, but it would be nice. [13:45:57] --- summatusmentis has left [13:46:13] no shared cache means some security issues go away [13:46:18] and for a portable device, i don't care [13:46:29] Well, yes. But I'd rather have the existing CM code take care of locking and cache contention, rather than having to do it all from scratch between multiple competing CMs. [13:46:29] The big issue, AFAICS, is how to do it and make it fast. [13:46:30] You don't have many of the tricks that were available to an in-kernel cache manager, in terms of memory mapping pages. [13:46:40] true [13:47:00] Actually, you do get some of those back if you don't care about shared cache as much. [13:48:52] I should beat the UKERNEL code with my cleanup stick some more. Just getting its pointers sorted will probably help a lot with the working-ness. [13:49:42] did you get the src/auth directory cleaned up while stuck at LAX? [13:50:12] Not entirely. My power adaptor exploded at SJC. [13:50:27] So I spent the day stuck at LAX finding an Apple store ... [13:50:32] man that was a painful trip for you [13:50:52] Yup. [13:51:08] People who hear the story are now refusing to fly with me, in case my luck rubs off on them. [13:51:30] I wonder why the cops have the 95th st exit from the west side hwy closed off [13:51:40] But, I do have a fixed auth directory now. I just need to write some test case before I let you guys have it. [13:52:25] I added linked cell support to the windows cm. Windows of course does not use that directory for its CellServDB parsing. [13:53:30] One change I didn't make, is that instead of sscanfing for %d.%d.%d.%d, and then manipulating a bit string, we should probably just use inet_aton() to parse the server address. [13:53:42] agreed [13:53:58] I didn't make that change, because it changes behaviour - it allows different IP representations from dotted quads. [13:54:12] Does anyone here have any thoughts on that? [13:54:34] Like what? [13:54:59] make the change [13:55:20] Oh, one example is that it apparently interprets the fields as dotted C integer literals. That means the meaning of, say, 128.002.010.002 changes [13:55:29] actually, are there thread issues with that? [13:55:31] --- summatusmentis has become available [13:55:33] According to my manpage, hex and octal and 1, 1.2, 1.2.3, [13:55:54] Yup - if you had that, you'd lose. [13:56:01] That is a backward-incompatible change we may want to avoid. inet_ntoa has thread issues. inet_aton should not. [13:57:20] Jeff: Does Windows use inet_aton for its CellServDB parsing? [13:58:48] no. it uses sscanf() on the input buffer. [13:58:56] Okay. [13:59:23] it would be an easy change to make [14:00:18] How much do we care about sites that have IP addresses in the form jhutz mentioned? [14:00:18] Can we break them with 1.6? [14:00:35] the current code says that if the sscanf(buf, "%d.%d.%d.%d) does not return 4 the value is invalid. It doesn't check to make sure that each component is a value between 0 and 255 [14:01:19] Yup. So, if the value is >255, it will get the top bits lopped off when its stuffed into the char[4] array that's used to build the address. [14:01:45] yeah [14:02:37] there is no security issue with using sscanf() the way it is being used. there is no overwhelming need to risk the behavioral change. [14:02:47] Indeed. Other than neatness. [14:03:07] I hate gratuitous backward-incompatible changes. Calling inet_aton just because it's there seems gratuitous. Why replace something that does what we need with something that doesn't? [14:03:24] we should add the code to check for invalid components and otherwise leave it as is. We will need to make incompatibility changes for IPv6. I think we should deal with it then. [14:03:34] By that argument, you could replace it with a call to strlen(), which would also be neat and would also not do what we need. [14:03:39] Agreed. [14:03:44] I'll add something that checks for components >4 [14:04:12] >255, even. [14:04:24] I don't think we need to make incompatible changes for ipv6. Or at least, not backward-incompatible changes, and certainly not for people who are not actually using ipv6 [14:04:37] jhutz: Errmm, inet_ntoa does (more than) we need. strlen() doesn't. [14:06:46] It does not do what we need. We need to parse dotted-quad syntax, reject invalid input, and for valid input produce the network-order IP address which the input represents. inet_ntoa fails to reject some invalid input and for some valid input produces an IP address other than that which the input represents. [14:07:32] The sscanf also fails to reject some invalid input, but we can fix that. We can't work around inet_aton's problems without parsing the input ourselves, at which point, why call it? [14:07:39] er, s/ntoa/aton/ [14:08:26] BTW, the sscanf also fails to reject input with garbage at the end. That should be fairly easy to fix; just add a %c at the end of the pattern, a pointer to a dummy char, and check that the return value is exactly 4 [14:10:42] incidentally, this release is happening. sure would be nice if we had a new cellservdb [14:11:23] I'm not sure what you mean about input with garbage on the end. We actually do a sscanf for either [%d.%d.%d.%d] #%s [14:11:31] or %d.%d.%d.%d #%s [14:11:44] --- dmontuori has left [14:11:50] --- dmontuori has become available [14:12:56] Ah, but I see now. [14:13:16] Yeah, I'm waiting on a reply related to one of the pending requests, but I guess i'll punt soon. [14:13:17] Garbage at the end of the %s won't get found. So people who use that as a comment, rather than a hostname don't get found out at present. [14:13:27] from who? [14:13:38] Oh, nevermind then. [14:14:25] If you're using the IP address, then to you the %s is a comment. It's not like you're going to do a lookup to see if it's a valid name. [14:25:23] --- Simon Wilkinson has left [14:39:45] --- Simon Wilkinson has become available [14:48:42] --- manfred furuholmen has become available [14:49:32] --- summatusmentis has left [14:50:28] I just tried to update the windows aklog to make use of the linkedCell field of the afsconf_cell structure. More specifically. Tried to be polite and clean it up. Can't do so. The malloc() used to allocate the C string is a static C RTL version and aklog of course uses the dll version. [14:51:19] Yuck. [14:51:44] why couldn't they just make the linkedCell field an [] instead of a malloc'd C string [14:53:39] Then how big would it be? [14:54:48] --- Simon Wilkinson has left [14:55:32] same as the name[] field [14:56:35] --- Simon Wilkinson has become available [14:56:43] Are you overloading linkedcell to mean more than one thing? [14:59:38] struct afsconf_cell { char name[MAXCELLCHARS]; /*Cell name */ short numServers; /*Num active servers for the cell */ short flags; /* useful flags */ struct sockaddr_in hostAddr[MAXHOSTSPERCELL]; /*IP addresses for cell's servers */ char hostName[MAXHOSTSPERCELL][MAXHOSTCHARS]; /*Names for cell's servers */ char *linkedCell; /* Linked cell name, if any */ int timeout; /* Data timeout, if non-zero */ }; [15:00:34] Yeah, so, the linked cell is the one you look in when evaluating a mount point if you can't find the volume in this cell. The only use aklog ought to be making of that is, perhaps, automatically getting tokens for a linked cell. [15:00:52] That's exactly the use aklog makes of it. [15:00:55] the value to linkedCell is only set if the cell entry in CellServDB is >cell linked-cell #Description [15:01:51] Do you really care about freeing the memory, given that aklog won't be around for long? [15:01:55] (ducks) [15:01:58] aklog provides an afsconf_cell struct on the stack and then leaks the C string pointed to by linkedCell [15:02:23] I'm just trying to be neat. I don't care in aklog. I do care in NIM [15:02:30] --- manfred furuholmen has left [15:02:37] aklog is just what I'm working on at the moment [15:03:07] It does seem a little backwards that linkedCell is dynamically allocated, when everything else is static buffers. [15:03:13] Why are there two versions of C standard library functions visible? [15:03:30] Sure; it should probably all be dynamic [15:03:40] --- summatusmentis has become available [15:03:55] Unix has the same problem, if it's any consolation. [15:04:16] wait, you want the 'name' field in afsconf_cell to be a char * ? [15:04:55] it would be fine if there was a destroy me function for the allocated object [15:05:28] that is what I should do. add a function to cleanup an afsconf_cell structure in the library and then call it [15:06:22] Arguably, the caller shouldn't be providing storage for that at all. But, one problem at a time. [15:08:14] --- Simon Wilkinson has left [15:08:58] --- Simon Wilkinson has become available [15:10:52] --- dev-zero@jabber.org has left [15:10:58] --- Brandon Allbery has become available [15:11:05] it's snowing :( [15:11:22] It does that [15:11:43] it was 57 degrees here at 11pm last night, and now it's a heavy snow [15:11:55] I was not prepared for this [15:17:04] oh this is more hideous than I thought. Unix should be fine. The Windows code is freaky [15:17:53] the frightening bit of code is GetCellInfo() in src/WINNT/aklog/aklog.c. I will fix it when I get home. [15:17:54] Out of interest, other than a desire to make our codebase as big as possible, why do we need different code paths to parse CellServDB on Windows and Unix? [15:18:21] We don't. the Windows aklog uses the Unix CellServDB parsing functions. [15:18:33] Ah. Okay. [15:18:40] The CM has its own routines but that is a separate story [15:19:00] So, if you add a cleanup function, then it will be there for both. Cool. [15:19:19] Or you could try the assigning an RT ticket game again. I'm on a train quite a lot over the next few weeks... [15:20:01] What game? [15:20:29] a cleanup function is not necessary. the unix aklog should be calling afsconf_Close() and that will clean up the pointer. The linkedCell allocation is only valid before afsconf_Close() is called. [15:20:44] Jeff finds a bug. He doesn't have time to fix it. He opens an RT ticket and assigns it to me. Sometimes, I fix it. [15:20:47] the game is assigning a ticket to simon in RT [15:21:08] it doesn't always work. about as good as my 3PT shooting in basketball [15:21:11] GONE [15:21:27] If it always worked, it would just get overused. [15:26:54] --- Simon Wilkinson has left [15:29:38] --- Simon Wilkinson has become available [15:31:44] --- Simon Wilkinson has left [15:36:37] --- Simon Wilkinson has become available [15:40:55] --- edgester has become available [15:41:08] hi edgester [15:41:36] --- Simon Wilkinson has left [15:41:41] hi [15:42:50] --- Simon Wilkinson has become available [15:46:15] --- Simon Wilkinson has left [15:46:23] simon, what happened to the maemo changes that you mentioned? [15:48:18] --- Simon Wilkinson has become available [15:48:44] --- marc.c.dionne has become available [15:54:59] --- Simon Wilkinson has left [16:00:29] --- thomas.kula@gmail.com has left [16:07:26] --- dmontuori has left [16:25:11] --- matt has left [17:23:20] --- kula has become available [17:34:50] --- Russ has left: Disconnected [18:11:41] --- Brandon Allbery has left [18:13:57] --- Brandon Allbery has become available [18:34:45] --- edgester has left [18:51:22] --- Brandon Allbery has left [18:53:04] --- Brandon Allbery has become available [18:58:39] --- Brandon Allbery has left [19:00:39] --- Brandon Allbery has become available [19:02:04] --- marc.c.dionne has left [19:24:32] --- Brandon Allbery has left [19:26:17] --- Brandon Allbery has become available [20:08:21] --- Brandon Allbery has left [20:09:23] --- Brandon Allbery has become available [20:51:24] --- Brandon Allbery has left [20:52:32] --- Brandon Allbery has become available [20:55:43] --- Brandon Allbery has left [21:27:06] --- SecureEndpoints has left [21:42:12] --- SecureEndpoints has become available [21:46:49] following up on the earlier discussion regarding the afsconf_cell structure. when afsconf_GetCellInfo() populates the provided "struct afsconf_cell ** acell" it does so using "*acell = *bcell". In other words, it performs a structure copy. the linkedCell field therefore has the pointer value copied. When afsconf_Close() is called, bcell->linkedCell and bcell are freed. acell->linkedCell is now pointed at freed memory. [22:37:22] --- summatusmentis has left [22:45:52] --- dev-zero@jabber.org has become available [22:52:04] --- floh has become available [22:54:54] --- reuteras has become available [22:55:33] --- floh has left [22:55:38] --- floh has become available [23:02:18] --- floh has left [23:02:20] --- floh has become available [23:17:59] --- summatusmentis has become available [23:49:01] --- manfred furuholmen has become available