Still planning to replace wgconfig(8) and wg-keygen(8) by one wg(8)
tool compatible with wireguard-tools; update wg(4) for the minor
changes from the 2018-06-30 spec to the 2020-06-01 spec; &c. This just
clarifies the current state of affairs as it exists in the development
tree for now.
Mark the man page EXPERIMENTAL for extra clarity.
The test has been extended by ensuring that the shuffled words are still
the same. Comparing two shuffled lists is probabilistic, but comparing
their sorted results is not, therefore that's completely sensible to do.
When writing this test, by coincidence I discovered how to generate the
"Undefined variable" error message. Unfortunately, the error message is
wrong since the variable NUMBERS is defined at that point. In summary,
that error message is shown when it shouldn't, and when it should it is
not shown. Still, I'm glad that I finally found it.
The test for the different escaping has been adjusted to actually show
the different parsing results in the test output. To do this, it had to
get its own file since it needs the -dv debug flag and specialized
post-processing.
The test names have been derived from the current manual page.
All these tests are dummies right now, and the code from the existing
tests will be moved into the new tests step by step.
This is done to prevent modmisc, escape, varmod-edge and varmisc from
growing without any bounds, and to reduce the side-effects of one test
to the others.
The old boot_ustar had many hard coding and was small(<1KB).
The new xxboot_ustarfs is a part of integrated larger(<8KB) xxboot.
We had to maintain three similar but not the same bootloaders, but
now we have two!
Three ways to call:
getrandom(p, n, 0) Blocks at boot until full entropy.
Returns up to n bytes at p; guarantees
up to 256 bytes even if interrupted
after blocking. getrandom(0,0,0)
serves as an entropy barrier: return
only after system has full entropy.
getrandom(p, n, GRND_INSECURE) Never blocks. Guarantees up to 256
bytes even if interrupted. Equivalent
to /dev/urandom. Safe only after
successful getrandom(...,0),
getrandom(...,GRND_RANDOM), or read
from /dev/random.
getrandom(p, n, GRND_RANDOM) May block at any time. Returns up to n
bytes at p, but no guarantees about how
many -- may return as short as 1 byte.
Equivalent to /dev/random. Legacy.
Provided only for source compatibility
with Linux.
Can also use flags|GRND_NONBLOCK to fail with EWOULDBLOCK/EAGAIN
without producing any output instead of blocking.
- The combination GRND_INSECURE|GRND_NONBLOCK is the same as
GRND_INSECURE, since GRND_INSECURE never blocks anyway.
- The combinations GRND_INSECURE|GRND_RANDOM and
GRND_INSECURE|GRND_RANDOM|GRND_NONBLOCK are nonsensical and fail
with EINVAL.
As proposed on tech-userlevel, tech-crypto, tech-security, and
tech-kern, and subsequently adopted by core (minus the getentropy part
of the proposal, because other operating systems and participants in
the discussion couldn't come to an agreement about getentropy and
blocking semantics):
https://mail-index.netbsd.org/tech-userlevel/2020/05/02/msg012333.html
The comment at DirExpandCurly says something about "recursively", but the
nested braces don't work.
The manual page only mentions that "{} may be used", but it keeps quiet
about the exact meaning and also doesn't mention any nesting.
The whole code in arch.c had been uncovered by tests before.
The code coverage shows that neither the archive name nor the member
contain any $, even though archive.mk looks like it. It could be
necessary to place the variable assignments below the dependency line,
to force late evaluation.
