On 22/02/2020 20:09, Steffen Nurpmeso wrote:
Hey, just so, because i posted to such a thing the last time.
Pedro Giffuni wrote in
<ed430f6a-e612-5fdb-2d70-058da5c04...@freebsd.org>:
|On 22/02/2020 11:18, Florian Smeets wrote:
|> On 20.02.20 04:54, Pedro F. Giffuni wrote:
|>> Author: pfg
|>> Date: Thu Feb 20 03:54:07 2020
|>> New Revision: 358153
|>> URL: https://svnweb.freebsd.org/changeset/base/358153
|>>
|>> Log:
|>> /etc/services: attempt bring the database to this century.
|>>
|>> -smtps 465/tcp #smtp protocol over TLS/SSL (was ssmtp)
|>> -smtps 465/udp #smtp protocol over TLS/SSL (was ssmtp)
|> I'm not sure how removals of services have been handled in the past.
|> This change broke loading of my pf rule set, as I had smtps in there.
|
|Excellent!
|
|Not that the change broke something but that since we had to revert it
|we get a second chance to review such things.
|
|> I'm not saying that this change is wrong, but I think removing entries
|> from services can break all kinds of stuff. Not just firewall rule sets,
|> also scripts and thinking more about it, it will most certainly also
|> break postfix as it also uses smtps as an alias for port 465 in its
|> master.cnf
|
|According to latest IANA registy:
...
kpasswd 464/udp # kpasswd (Theodore Ts o)
urd 465/tcp # URL Rendezvous Directory for SSM (Toerless
Eckert)
submissions 465/tcp # Message Submission over TLS protocol (IESG,
IETF Chair, rfc8314) [2017-12-12]
igmpv3lite 465/udp # IGMP over UDP for SSM (Toerless Eckert)
digital-vrc 466/tcp # digital-vrc (Peter Higginson)
Oh yes, they finally managed to overcome the SMTPS problems.
The RFC has a nice reading on that (as i seem to remember), yay IETF.
I am really happy. (I never understood why POP3S and IMAPS where
done but SMTPS was not.)
Hmm .. I quoted the IANA list but I hadn't read the RFC. Interesting but
I don't know if it solves Florian's issue.
|Anything that can be done upstream to sort this out?
|
|> I guess this needs to be at least mentioned in the release notes, and
|> maybe smtps kept as an alias, and check all the others that were removed?
|
|For the time being, we can absolutely keep the legacy value with a
|conflict note. I wish the services list were a bit easier to maintain
|for such situations.
Doesn't it just search until it finds the string?
Btw. i can only offer the simple awk script that i have for
updating services and protocols again, after the critics last time
i have evolved it from its ArchLinux base, and added a verbose
mode, as you can see above. (That Theodore Ts'o missspelling is
IANA rooted.) Whereas it made it more complicated, 139 lines for
download and preparation is not that much.
Interesting. There's also
https://reviews.freebsd.org/D17115
Where I made some comments.
Currently services_mkdb doesn't scale (which is why the patch was
reverted), but beyond that the real problem is that we shouldn't just
take the entries blindly. Many people abuse the registry for their
startups and licensing services and then never de-register them. In the
case of NetBSD's services file, it currently has 21838 lines, which is
bigger that the official IANA file.
Additions could simply be echoed?
I expect we maintain a relatively short list and have people send PRs
for new entries (assuming they are registered).
BTW, we should probably go ahead and register our lockd in IANA as the
port number already collides with something else and our use is
propagating to other OSs (namely illumos).
Pedro.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
