OpenBSD Journal

t2k19 Hackathon Report: On rsync, ssh, and ports cruft

Contributed by Peter N. M. Hansteen on from the when Puffy goes east dept.

The stream of t2k19 hackathon reports continues with this from Christian Weisgerber (naddy@):

Discounting an airport layover, this was my first trip to Asia. I guess I picked the right spot. Seeing Taipei felt like stepping into Ghost in the Shell. Awesome. But this isn't the OpenBSD travel blog…

It was to be another hackathon where I didn't have a big project, but simply worked my way through a number of individually small, sometimes outright trivial entries that had accumulated on my to-do list.

If OpenRsync is to become an alternative to the original Rsync, everybody needs to look at how they personally use rsync and add missing pieces. For my part, I started with the trivial and added the option --del as an alias for --delete. I then looked into allowing the combination of connecting to a remote rsync:// server, but over a program specified with -e. In the end, all the code was already there and simply required splitting a function and some rearranging. With this, I could now run my familiar command line with openrsync(1) to update my copy of the OpenBSD CVS repository over SSH…

	$ openrsync -av --del -e 'ssh -Wlocalhost:rsync -lanoncvs' \
	  rsync://anoncvs.spacehopper.org/OpenBSD-CVS/ /cvs

… although sthen@ promptly asked everybody not to do this and to use GPL rsync instead, because openrsync implements an old protocol version that causes outsized memory allocations on the server.

While poking around in OpenRsync, I came across a weirdly formatted line of code:

	} if (...) {

The next day I remembered the OpenBSD way of doing things: When you see a problem, search the tree for more instances of the same. And indeed, a belated grep(1) run turned up some further cases scattered throughout the src tree. Sometimes an else if had been intended; sometimes the if should have been on a new line; mostly the conditions worked out such that there was no bug. Eventually we repaired all lines.

Various options in ssh_config(5) and sshd_config(5) take a list of algorithms. Over time, OpenSSH has grown the syntax to add (+) to a list and to remove (-) entries from it. Oddly, I mostly find myself wanting to do neither, but instead I would like to prefer an algorithm, i.e., move it to the head of the list without dropping any of the alternatives. This proved to be another case where all the code was already in place and merely required some small tweaks to extend the configuration syntax like this:

	HostKeyAlgorithms ^ssh-ed25519
	Ciphers ^aes128-gcm@openssh.com,aes256-gcm@openssh.com

With the scp(1) command you can copy (a) a local source to a remote target, (b) a remote source to local target, and, perhaps less known, (c) a remote source from one host to a remote target on a different host. This third usage has always seemed of questionable usefulness to me, as it requires host1 to initiate an ssh connection to host2 and since scp doesn't allocate a pseudo-terminal, this is impossible unless you happen to have a key without a passphrase lying around on host1. However, I'm used to hop from host to host with ssh and use agent forwarding (-A). Why isn't this available for scp? Well, it is, sort of:

	$ scp -oForwardAgent=yes host1:foo host2:

But that's a handful to type. This will be so much easier:

	$ scp -A host1:foo host2:

A trivial addition. It is a mystery to me why nobody has added this before.

With our OpenSSH developers busy finishing up the OpenSSH 8.0 release, it was a bad time to submit patches, so these changes will have to wait until after OpenBSD 6.5 for consideration.

So much for the base system, onward to ports!

Over the years, the semantics of CONFIGURE_STYLE=automake had been a continuous source of confusion. In particular, it did not actually run automake. Even the most experienced ports developers would shrug and admit that they didn't understand it or what the point was. I finally sat down and removed the last remaining instances from the ports tree, largely replacing them by explicit autotools invocations from the recently added do-gen target. Its last uses gone, I garbage-collected CONFIGURE_STYLE=automake itself. While there, I noticed CONFIGURE_STYLE=autoupdate. Huh? If you don't know what autoupdate does, don't bother. There is no reason to run this in a port. No existing port did. In fact, as far as I can tell from searching over the repository, no port ever used this. Yet another piece of cruft that could be safely deleted.

As the saying goes, nobody pays attention to mere warnings. While I was fiddling with autotools invocations, a persistent spew of

	Unescaped left brace in regex is deprecated here (and will be fatal in Perl 5.30)

finally managed to break through into my consciousness. I grabbed a set of package bulk build logs and tabulated all occurrences of this particular perl(1) warning. While our time in Taipei was winding down, I fixed the most egregious offenders. The rest will be mopped up after the 6.5 release.

Overall, a successful hackathon in a stunning location. I already asked Theo when we can go back there again…

Thanks Christian!

(Comments are closed)


Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]