.\" .\" Copyright (c) 2015 Ingo Schwarze .\" .\" Permission to use, copy, modify, and distribute this presentation for any .\" purpose with or without fee is hereby granted, provided that the above .\" copyright notice and this permission notice appear in all copies. .\" .\" THE PRESENTATION IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL .\" WARRANTIES WITH REGARD TO THIS PRESENTATION INCLUDING ALL IMPLIED .\" WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE .\" AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL .\" DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA .\" OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER .\" TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR .\" PERFORMANCE OF THIS PRESENTATION. .\" .\" -------------------------------------------------------------------- .\" .\" These slides use the mm and gpresent groff macros. .\" For example, on OpenBSD, install these ports: .\" groff, gpresent, ghostscript. .\" Build instructions: .\" groff -mm -mpresent bsdcan15-mandoc.roff > talk.pps .\" presentps -l talk.pps > talk.ps .\" ps2pdf talk.ps .\" .\" -------------------------------------------------------------------- .\" .\" --- global mm configuration settings ------------------------------- .nr Pi 3 .\" --- global gpresent configuration settings ------------------------- .DEFCOLOR Kea1 0 0.8 0.48 .DEFCOLOR Kea2 0 0.5 0.3 .TITLECOLOR Kea1 .SUBTITLEFORMAT C .SUBTITLECOLOR Kea2 .FOOTERSIZE 2 .\" We don't want a header line for the title page, .\" so we have to start it before setting up headers. .TITLE "mandoc: becoming the main BSD manual toolbox" .\" === gpresent header setup ========================================== .\" --- define gpresent extension registers ---------------------------- .nr gpe_page_tot 1 .nr gpe_page_sec 0 .af gpe_page_sec I .nr gpe_time_tsec 16*60+17*60 .nr gpe_time_hour 16 .nr gpe_time_min 17 .af gpe_time_min 02 .nr gpe_time_sec 0 .af gpe_time_sec 02 . .\" --- macro to start a new section ----------------------------------- .de GPE_SECTION .ds gpe_title_sec \\$1 .nr gpe_page_sec 0 .. .\" --- macro to prepare a new page ------------------------------------ .de GPE_NEXT .ds gpe_next \\$1 .SK .. .\" --- gpresent page header callback ---------------------------------- .de HEADER .nr gpe_page_tot +1 .nr gpe_page_sec +1 .sp 0.5v .ds gpe_middle page \\n[gpe_page_tot]: \\*[gpe_title_sec] \\n[gpe_page_sec] .tl 'Ingo Schwarze: mandoc'\\*[gpe_middle]'BSDCan 2015, June 13, Ottawa' .sp -0.5v .\" horizontal line below the page header \l'\\n(.lu'\h'-\\n(.lu' .br .. .\" --- initialize the first section before completing the title page -- .GPE_SECTION INTRO .\" === define some gpresent extension macros ========================== .\" --- two-column mode (for images) ----------------------------------- .\" 1st arg: width of first column .\" 2nd arg: move second column up by this amout (default 0.5v) .\" switch column with normal .MULN, end with normal .MULE .de GPE_MULB .nr gpe_colwr \\n(.l-\\$1-1n .ie \\n[.$]>1 .ds gpe_vsp \\$2 .el .ds gpe_vsp 0.5v .sp -\\*[gpe_vsp] .MULB \\$1 1n \\n[gpe_colwr]u .sp \\*[gpe_vsp] .. .\" --- emphasis ------------------------------------------------------- .\" arg: text .de GPE_EM .COLOR red \\$1 .COLOR P .. .\" --- small text ----------------------------------------------------- .\" arg: text .de GPE_SM .S -4 .ce \\$1 .S P .. .\" --- title page ----------------------------------------------------- .\" The main title line has already been printed. .SUBTITLE "BSDCan 2015, June 13, Ottawa" .SUBTITLE "Ingo Schwarze " .PSPIC Images/CynthiaLivingstonBe2013.eps 14cm .GPE_SM "Cynthia Livingston's OTTB \(lqBedifferent\(rq \ (c) 2013 C. Livingston (with permission)" .\" === gpresent footer setup ========================================== .\" We dont want a footer line for the title page, .\" so we have to set it up after completing the title page. .SK .\" --- macros to start a new page ------------------------------------- .\" arg: time for this page in seconds .de GPE_TIME .nr gpe_time_tsec +\\$1 .nr gpe_time_hour \\n[gpe_time_tsec]/3600 .nr gpe_time_min \\n[gpe_time_tsec]%3600/60 .nr gpe_time_sec \\n[gpe_time_tsec]%60 .ds gpe_source \\$2 .. .\" --- gpresent page footer callback ---------------------------------- .de FOOTER .ps 18 .vs 20 .sp -2v \l'\\n(.lu'\h'-\\n(.lu' .br .tl '\s-6\\n[gpe_time_hour]:\\n[gpe_time_min]:\s-2\\n[gpe_time_sec]\ \\*[gpe_source]\s+8''\\m[Kea2]\\*[gpe_next]\ \ \(->\\m[]' .ps .vs .. .\" The INTRO section was already started in header.roff. .TITLE "Brief history of UNIX documentation" .BL .LI The key point: All documentation in one place and one format. .br Easy to find, uniform and easy to read and write. Be correct, complete, concise. .LI 1964: RUNOFF/roff markup syntax by Jerome H. Saltzer, MIT. .br Unobtrusive, diff(1)-friendly, easy to hand-edit, simple tools, high quality output. .LI 1971: Basic manual structure by Ken Thompson and Dennis Ritchie .br for the AT&T Version 1 UNIX manuals, Bell Labs. .LI 1979: man(7) physical markup language for AT&T Version 7 UNIX. .LE .sp .GPE_MULB 16.5c .BL .LI 1989: .GPE_EM "mdoc(7) semantic markup by Cynthia Livingston" .br for 4.3BSD-Reno. Powerful, self-contained, portable. .LI 1989: GNU troff by James Clarke. .LI 2001: mdoc(7) rewrite by Werner Lemberg .br and Ruslan Ermilov for groff-1.17. .LI 2008: mandoc(1) started by Kristaps Dzonsons. .LI 2010: mandoc(1) is the only documentation formatter .br in the OpenBSD base system. .LE .MULN .PSPIC Images/BSDBeastie.eps .MULE .BL .LI 2014: mandoc(1) used by default in OpenBSD, FreeBSD, NetBSD, illumos. .LE .GPE_TIME 150 .GPE_NEXT "What is the mandoc toolbox?" .TITLE "What is the mandoc toolbox?" .SUBTITLE "User perspective: man(1), the manual viewer" One comprehensive tool! .br Normal operation always proceeds in three steps: .AL .LI .B Find one or more manuals in the file system or using a database .br by manual name \(em .B man(1) \(em .br or by search query \(em .B apropos(1) = man -k .br The result of this step can be printed out with man -w. .LI .B Format the manual page. .br This step can be accessed individually with .B mandoc(1) = man -l. .LI .B Display the formatted text. .br On a terminal device, use a pager unless -c is given. .LE .SUBTITLE "Progress since last year" .BL .LI In 2014, man(1) was still out of scope; now we have a unified user interface. .LI Much simplified man.conf(5) configuration file. .LE .GPE_TIME 90 .GPE_NEXT "What else is in the toolbox?" .TITLE "Auxiliary components in the toolbox" .BL .LI makewhatis(8) database generation and maintenance .LI mandoc(1) -Tlint syntax checker .LI mandoc(1) -Thtml polyglot HTML5 generator .LI mandoc(1) -Tpdf and -Tps formatters .LI mandoc(1) -Tman format converter .LI mandoc(1) -Ttree parse tree debugger .LI soelim(1) file inclusion resolver .LI \&... .LE .PSPIC Images/MacArmstrongKingEstate.eps 8c .GPE_SM "Moorside Cottage, Mackenzie King Estate, Gatineau Park\ \(co 2009 Mac Armstrong @flickr (CC)" .GPE_TIME 30 .GPE_NEXT "Topics of this talk" .TITLE "Which are the topics of this talk?" .AL .LI Unified user interface: man(1) and man.conf(5). .LI More powerful search on the web: man.cgi(8). .LI Better formatting of equations: eqn(7). .LI No more options required for UTF-8 support. .LI Eradicating bugs with afl(1), the American Fuzzy Lop. .LI Detect use of unsupported features: -Wunsupp. .LI Help LibreSSL documentation with pod2mdoc(1). .LI Status in various operating systems and future directions. .LE .PSPIC Images/LezumbalaberenjenaBlackLake.eps .GPE_SM "Black Lake near King Mountain, Gatineau Park, Quebec\ \(co 2012 Lezumbalaberenjena@flickr (CC)" .GPE_TIME 120 .\" .\" What needed to be done to replace man(1) in OpenBSD, .\" what the advantages are, and what the price is. .\" .GPE_SECTION MAN(1) .GPE_NEXT "What happened to man(1)?" .TITLE "Replacing the manual viewer" .BL .LI OpenBSD no longer uses the traditional BSD man(1) manual viewer, .br but an implementation of man(1) integrated in mandoc. .LI Traditional setup: .br man(1) finds the files in the file system and forks and executes .br the formatter (groff, mandoc) and the pager (more, less). .LI New setup: .br man(1) integrated in mandoc finds the files in the database or the file system .br and runs the formatter without forking, then forks and executes the pager. .LE .GPE_MULB 11c .sp 2v .BL .LI First portable release 1.13.2 .br on December 13, 2014 .LI Switched on in OpenBSD .br on December 14, 2014 .LE .MULN .PSPIC Images/LezumbalaberenjenaMasham.eps .GPE_SM "Paroisse Sainte C\('ecile de Masham, Quebec" .GPE_SM "\(co 2013 Lezumbalaberenjena@flickr (CC)" .MULE .GPE_TIME 50 .GPE_NEXT "Which steps were needed?" .TITLE "Steps to replace the manual viewer" .sp -1v .SUBTITLE "Preliminaries (Kristaps Dzonsons)" .BL .LI Concept of a manual page search database (April 2, 2011) .LI Create it: Implementation of makewhatis(8) (release 1.11.2, May 12, 2011) .LI Use it: Implementation of apropos(1) (release 1.12.0, October 8, 2011) .LI Port to SQLite3 (June 8, 2012) .LE .SUBTITLE "Main steps (Ingo Schwarze)" .BL .LI Polishing the SQLite3 implementation (t2k13 hackathon, June 2013) .LI Support compressed manuals (makewhatis(8): March 26, man(1): September 3, .so: November 26, 2014) .LI Switch makewhatis(8)/apropos(1) to mandoc in OpenBSD (April 18, 2014) .LI First portable release with SQLite3 (1.13.1, August 10, 2014) .LI Unified user interface and main program (August 16-26, 2014) .LI Options man(1) -l and -h (August 30, September 3, 2014) .LI File system lookup (January 13, 2015) .LI portable: man(1) even without database support (February 3, 2015) .LE .GPE_TIME 50 .GPE_NEXT "Why was man(1) replaced?" .TITLE "A better manual viewer" .GPE_MULB 15c .SUBTITLE "Current advantages" .BL .LI Unified interfaces: .br man can use: -W -T -O -I from mandoc(1) .br apropos can use: -w -h -a from man(1) .ig man -Tlint crypt_checkpass # check an installed manual man -Thtml lynx | lynx -stdin # pager overkill man -Tps gv | gv - # even more pager overkill .. .LI Allow much simpler man.conf(5) format \(-> next slides .LI database priority now overrides section priority .LI Use additional names from .Dt/.TH and NAME .Nm (250 new entries in OpenBSD, compared to 10200 existing ones) .LI One less userland program to maintain .br (that had rather old code) .LE .MULN .PSPIC Images/DougKerrEganville.eps .GPE_SM "Bonnechere Museum, Eganville" .GPE_SM "\(co 2011 Doug Kerr @flickr (CC)" .MULE .SUBTITLE "Possible future advantages" .BL .LI Possibility to get rid of multiple ln(1) links to the same manual .LI Possibility to implement an interactive chooser (-i) .LE .GPE_TIME 120 .GPE_NEXT "What is the price?" .TITLE "A better manual viewer (2)" .SUBTITLE "Prices to pay" .GPE_MULB 9c Database lookup is slightly slower .br than file system lookup: .br Ten milliseconds additional delay .br for displaying a manual .br on my notebook. .sp After installing new manuals, .br makewhatis(8) is required .br for full database support. .br However, pkg_add(1) .br does that automatically .br and man(1) works even without it. .MULN .PSPIC Images/OpeongoRoad.eps .GPE_SM "Opeongo Road, historic colonization road" .GPE_SM "\(co 2008 P199@wikimedia (CC)" .MULE .SUBTITLE "Very little downsides, if any!" .GPE_TIME 60 .GPE_NEXT "What was wrong with man.conf(5)?" .TITLE "Undesirable features of the old man.conf(5) format" .BL .LI Shell globbing for directory tree names .LI Different directory trees for man(1) and apropos(1) .LI Different directory tree search order for man(1) and apropos(1) .LI Custom file names for mandoc.db(5) files in individual directory trees .LI Custom subdirectory names not of the form man+section or cat+section .LI Default search: Additional directories outside all sections .LI Default search: Exclusion of certain sections in certain directory trees .LI Section-specific search: Additional directories outside any configured trees .LI Section-specific search: Exclusion of some directories configured by default .LI Different search order for different sections .LI Different decompression filters for different sections .LI Custom file name suffixes not of the form *.section, with globbing .LI Custom file name suffix for preformatted pages instead of .0, with globbing .LI Configuration file versioning .LE .SUBTITLE "So complicated that everybody hated it and almost nobody used it" .GPE_TIME 50 .GPE_NEXT "What about the new man.conf(5)?" .TITLE "Current features of the new man.conf(5) format" .BL .LI .B manpath .I directory \(em configure a tree .br automatically consistent across man(1), apropos(1), makewhatis(8) .LI .B output .I options \(em for example: .BL .LI for the terminal: output width 104 .LI for HTML: output style /man.css .LI for ps/pdf: output paper a4 .LE .LE .SUBTITLE "Very easy to use, needs almost no learning" .PSPIC Images/WilnoOntario.eps 12c .GPE_SM "Wilno, Renfrew County, Ontario \(co 2009 P199@wikimedia (CC)" .GPE_TIME 30 .GPE_NEXT "Is more needed?" .TITLE "man.conf(5) features to be implemented on demand" .BL .LI .B alias .I "aliasname dirname" \(em make a tree accessible with -s .LI .B sections .I "name name name" \&... \(em section names and search order .LI .B filter .I "suffix command" \(em custom filters, in particular for decompression .LI .B pager .I command \(em configure a default pager .LI .B input .I "option value" \(em for example input os name .LE .SUBTITLE "So far, there is no noticeable demand -> KISS." .PSPIC Images/WhitneyMadawaskaRiver.eps 10c .GPE_SM "Madawaska River at Whitney \(co 2006 P199@wikimedia (PD)" .GPE_TIME 40 .\" .\" What needed to be done to replace man.cgi(8) in OpenBSD, .\" what the advantages are, and what the price is. .\" .GPE_SECTION MAN.CGI(8) .GPE_NEXT "What happened on the web?" .TITLE "The new man.cgi(8) for manual pages on the web" .BL .LI OpenBSD no longer uses the traditional man.cgi Perl script .br by Wolfram Schneider (wosch@FreeBSD) .br but a man.cgi(8) implementation included in the mandoc toolkit. .LI Traditional setup: The man.cgi Perl script forks and executes the system's man(1) or apropos(1) commands, parses the output, and converts it to HTML. .LI Traditionally, the spawned man(1) in turn forked and executed groff, .br then later \(em about since 2012 \(em mandoc, but not in HTML mode. .LI New setup: man.cgi(8) is a C program linked against the mandoc parsers, .br the mandoc.db(5) database client code, and the mandoc HTML formatter. .LE .PSPIC Images/GaryWegeCommonLoons.eps 10c .GPE_SM "Common Loons \(co 2009 Gary J. Wege @USFWS (CC)" .GPE_TIME 60 .GPE_NEXT "Which steps were needed?" .TITLE "Steps to replace the web manual viewer" .sp -1v .GPE_MULB 12c .SUBTITLE Preliminaries .BL .LI Everything needed for man(1) .LI Berkeley-db based man.cgi(8) by Kristaps Dzonsons (developed since Nov 9, 2011; first release 1.12.1, March 23, 2012) .LI New makewhatis(8)/apropos(1) based on SQLite3 in OpenBSD since April 18, 2014 .LE .SUBTITLE "Main steps" .MULN .PSPIC Images/PtrbnsnAlgonquinCacheLake.eps .GPE_SM "Cache Lake, Algonquin Park" .GPE_SM "\(co 2005 Ptrbnsn@wikimedia (CC)" .MULE .BL .LI OpenBSD g2k14 general hackathon in Ljubljana, July 8-14 .LI Convert to SQLite3, polish, then switch over on July 12 .LI A some additional functional fixes on July 13-25 .LI Security audit by Sebastien Marie on July 18-23 .LI First portable release: 1.13.1 on August 10 .LI Release with HTML5 output: 1.13.2 on December 13 .LI All by Ingo Schwarze, 2014 .LE .GPE_TIME 30 .GPE_NEXT "What was polished?" .TITLE "Polishing the web manual viewer" Even though all underlying functionality was already quite mature when i started, there were surprisingly many things to polish in many distinct components: .BL .LI Configuration: Let manpath.conf be a plain text list of the directories to use. .br Do almost all other configuration at compile time, avoid run-time configuration .br to reduce the attack surface. .LI HTTP parser: make HTTP decode linear in time (tedu@) .LE .GPE_MULB 10c .BL .LI Query parser: .br Various backward-compatibility features to not break existing links in static pages around the web. Support backslash-escaping of white space in the query expression (reported: Marcus Merighi, Sep 14) .LI Page selection: .br Distinguish between man(1) and apropos(1) mode. Even when there are multiple pages, show one of them. .LE .MULN .PSPIC Images/TomThomsonAprilInAlgonquin.eps 10c .GPE_SM "April in Algonquin Park \(co 1917 Tom Thomson (PD)" .GPE_SM "Memorial Art Gallery, Owen Sound, Georgian Triangle" .MULE .GPE_TIME 50 .GPE_NEXT "What else was polished?" .sp -0.5v .TITLE "Polishing the web manual viewer (2)" .BL .LI Start page: section and architecture dropdowns, the latter with a default of "All Architectures", and some additional polishing. .LI HTTP output: HTTP headers must end lines with CRLF (tedu@) .LI Query printer: include manpath=, omit empty parameters, preserve manpath and arch in .Xr links .LI HTML output: use manroot as the default for .Os .br and start moving towards polyglot HTML5 (completed Sep 27) .LI Error handling: make it clear, the code readable, and avoid information leakage .LI Documentation: full rewrite of the man.cgi(8) manual .LI Internals: namespace cleanups, in particular of global variables .LE .P Various features were developed for man.cgi(8) that can be useful elsewehere, too: .BL .LI The mandoc -Ios option to handle multiple OS versions in parallel by a single installation (already on May 24, 2012) .LI The MANSEARCH_MAN internal mode in mansearch.c, reused for man(1) .LI Sort result pages first by section number, then by name; that's also nice for command-line apropos(1). .LI Unify console and CGI section titles (August 26) .LE .GPE_TIME 30 .GPE_NEXT "What about security?" .TITLE "Security issues of the web manual viewer" .BL .LI Basic problem: turning untrusted input into harmful processing or output .LI Sources of untrusted input: PATH_INFO, QUERY_STRING, manual page content .LI Harmful processing or output: Information leakage, resource exhaustion, misleading or dangerous HTTP headers or HTML content .LI Relevant modules: CGI steering program (cgi.c) and HTML formatter (html.c) .LE .SUBTITLE "Auditing approaches" .BL .LI Start with all untrusted input, trace forward, and check how it is used. .LI Locate all output statements (printf, puts, putchar...), trace backward, and check where the data comes from. .LI Locate all interfaces between the steering program and the HTML formatter, identify the data passed through the interface, and trace backward and forward to see where it comes from and what is done with it. .LE .P Almost all security issues were initially reported by Sebastien Marie, but i did the full audit described above to make sure nothing was missed. I also started an infrastructure for regression tests of HTML output (October 27). .GPE_TIME 130 .GPE_NEXT "Which vulnerabilities were found?" .TITLE "Security issues found in the web manual viewer" .sp -1v .nr Lsp_save \n[Lsp] .nr Lsp 0.1v .BL .LI Invalid configuration \(-> segfault: .br Fix: When there is no MAN_DIR or manpath.conf, log and exit. .LI Unvalidated PATH_INFO \(-> access to unrelated files, information disclosure: .br Fix: Reject absolute paths and ascenscion to the parent directory. .LI Unvalidated QUERY_STRING manpath \(-> info disclosure in error message: .br Fix: Validate the manpath up front using a whitelist. .LI Invalid characters in QUERY_STRING \(-> XSS: .br Fix: Restrict the character set of strings passed into html_alloc(). .LI Roff escape sequences and quotes in manuals \(-> XSS: .br Fix: HTML-encode quotes and rendered escape sequences. .LI Choosing the right encoding is a tricky business... .br Some output needs HTML encoding, some URI encoding, some both. .\" July 25 .LI Crafted expensive regular expressions \(-> REDoS attacks: .br No full fix possible. Mitigate by limiting CGI process execution time. .\" August 21 .LE .nr Lsp \n[Lsp_save] .GPE_MULB 18c .in 1c .PSPIC Images/RyanTirMaggieLake.eps 17c .MULN .sp 2v .S -4 .DS Maggie Lake Algonquin Park .sp \(co 2011 Ryan Tir @flickr (CC) .DE .S P .MULE .GPE_TIME 150 .\" .\" How the new eqn(7) MathML output works .\" and in which respects the newly improved eqn(7) terminal output .\" is now better than in groff(1). .\" .GPE_SECTION EQN(7) .GPE_NEXT "What about equations?" .TITLE "Equations in manual pages" .BVL 1c .LI "Relevance of the eqn(7) language:" Used less than mdoc(7), man(7), and tbl(7); but: X.org! .LI "Problem was: parsing works well, formatting was ugly..." Representing mathematical formula on the terminal is hard. .LI "Kristaps mostly completed the parser in 2011." (started Feb 6, released 1.10.10 Mar 20, mostly complete in 1.11.5 on July 24). .LE .SUBTITLE "The parser is quite straightforward, just over 1000 lines." .GPE_MULB 8.5c .sp Main loop: .BL .LI Parse a token. .LI Generate a syntax tree node. .LI If the token is binary, .br relink the preceding subtree. .LE .MULN .PSPIC Images/SeanMarshallMidland.eps .GPE_SM "Archer Daniels Midland \(co 2013 Sean Marshall @flickr (CC)" .MULE .GPE_TIME 60 .GPE_NEXT "What was improved?" .TITLE "Better formatting of equations" .BL .LI .B "HTML output:" rewrite to generate MathML (Kristaps Dzonsons, Oct 10) .br straightforward, 1:1 translation of the syntax tree, less than 200 lines of code .br quite beautiful in a graphical browser .LI .B "Terminal output:" .BL .LI GNU eqn: moves elements up and down to the previous or next line and draws bars out of ASCII characters \(em results are unintelligible .LI mandoc output rewrite (Ingo Schwarze, Oct 12): .br linear textual representation, showing fractions like (a + b)/(c + d), .br matrices like ((a_11 a_12)(b_21 b_22)), and roots like sqrt(x) .LI certainly not pretty, but at least you can figure out what the formulas mean .LI merely 125 lines of very straightforward code .LE .LI I added support for in-line equations (Oct 16). That helps a lot to not lose mathematical symbols embedded in the middle of the text, in various manuals. .LI mandoc eqn now much better than GNU eqn for both terminal and HTML .br PostScript/PDF is still the domain of GNU eqn: mandoc just does the same as on the terminal. .LE .P All that was first released together with HTML5 output in 1.13.2 on Dec 13, 2014. .GPE_TIME 90 .\" .\" How the new transparent UTF-8 input and output works .\" without requiring the user to specify any options. .\" .GPE_SECTION UTF .GPE_NEXT "What about UTF-8?" .TITLE "Multibyte character support" .sp -0.5v .BVL 1c .LI "Non-english manuals:" rare \(em hard to maintain \(em worse than nothing when outdated... .LI "But the tools must not hinder reading them!" That would only aggravate the problem. .LI "Hence, early basic UTF-8 support (Kristaps Dzonsons, May 20-26, 2011):" Like groff, use a preconv(1) preprocessor: UTF-8 \(-> roff escape sequences .br and -Tutf8 and -Tlocale terminal output modes. .LE .SUBTITLE "Improvements in 2014" .\" 2013 Oct 5 release 1.12.2: fix -Tutf8 and more (Ingo Schwarze) .GPE_MULB 9cm .BL .LI integrate preconv(1): .br direct UTF-8 input (Oct 25) .LI default to -Tlocale (Dec 2) .br (formerly -Tascii) .LI No more options needed! .LI released with 1.13.2 (Dec 13) .LI rewrite UTF-8 parser (Dec 19) .LI all by Ingo Schwarze .LE .MULN .PSPIC Images/JoeMabelWasaga.eps 10.5c .GPE_SM "Wasaga Beach, L. Huron \(co 2013 Joe Mabel @wikimedia (CC)" .MULE .GPE_TIME 110 .\" .\" Which types of errors were found by Jonathan Gray .\" with the American Fuzzy Lop (afl), .\" and what lessons are to be learned from that exercise. .\" .GPE_SECTION AFL .GPE_NEXT "What's teh fuzz all about?" .TITLE "American Fuzzy Lop inspecting mandoc" .SUBTITLE "Fuzzer: Try to crash or hang a program by feeding it varying input." .P .GPE_MULB 8c http://lcamtuf.coredump.cx/afl/ .P "Compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states." .P Goal: Full functional coverage. .P For mandoc, afl can be seeded with the extensive test suite. .P For mandoc, full functional coverage requires running afl continuously for several days on modern PC hardware. .MULN .PSPIC Images/LithoniusAmericanFuzzyLop.eps .GPE_SM "American Fuzzy Lop \(co 2008 Lithonius@wikimedia (PD)" .MULE .SUBTITLE "Run by Jonathan Gray (jsg@) repeatedly since November 21, 2014." .ce 45 issues grand total \(-> Quantitative (but not statistical) analysis. .GPE_TIME 90 .GPE_NEXT "What caused bugs?" .TITLE "Root causes of bugs found with afl" .BL .LI 15/45 logic errors arising from complexity .br 9/15 excessive complexity in language design (badly nested blocks) .br 6/15 excessive complexity in the implementation of macro rewinding .LE .GPE_MULB 12c .BL .LI 14/45 exceptions from invariants .br 6/14 from supposedly generic invariants .br 8/14 from macro-specific invariants .sp .LI 6/45 missing elementary input validation .br (too large; too small; zero; negative; .br invalid byte in binary data) .LI 5/45 buffer overflows: .br string parser passes terminating \e0 .sp .LI 3/45 use after free of an allocated pointer .LI 1/45 abuse of assert() for input validation .LI 1/45 excessive power of roff(7) language: .br user input requests infinite recursion .LE .MULN .PSPIC Images/TudorCostacheBarrieSpiritcatcher.eps 7c .GPE_SM "Spiritcatcher by Ron Baird (1986) in Barrie" .GPE_SM "\(co 2009 Tudor Costache @wikimedia (CC)" .MULE .GPE_TIME 150 .GPE_NEXT "How severe were these bugs?" .TITLE "Severity of bugs found with afl" .sp -1v .BL .LI 2 write buffer overruns (both advancing a pointer past \e0 and returning it) .LI 3 read buffer overruns (all advancing a pointer past \e0 without returning it) .LI 2 use after free (both free a pointer, keep a copy, and use it) .LI 2 unsigned integer underflows (by unchecked subtraction and unvalidated input) .LI 2 cases of effectively infinite output (by not checking input for large numbers) .LI 2 infinite loops (one by user input, one by complicated internal logic) .LI 1 division by zero (by unvalidated user input) .LI 11 NULL pointer accessess .LI 20 assertion failures .LE .SUBTITLE "Here: The easier to avoid, the more dangerous the failure." .sp -0.5v .GPE_SM "Not guaranteed for other projects,\ but still, the following are likely to pay off:" .AL .LI Be particularly careful when passing around parse pointers. .LI Make sure you don't parse beyond \e0. .LI Watch out for use after free. .LI Don't forget to validate any input. .LI Be careful with arithmetic operations (/, *, -, +, etc.) .LE .GPE_TIME 120 .GPE_NEXT "What are the conclusions?" .TITLE "Conclusions from bug-hunting with afl" .sp -0.5v .BL .LI Largest numbers of bugs in most complex code \(-> avoid complexity. .LI Distribution across modules consistent with flat distribution \(-> keep code small. .LI Even mature open source projects have bugs. .br Not unusual: about 0.5 to 3 serious bugs per 1000 lines of C code. .LI Aggravating factors in this case: No formal language definitions, languages not designed according to any strict paradigm, languages evolved historically, parser requirements and design goals discovered piece-meal, again and again breaking existing logic and existing invariants. .LI If you can afford to spend the effort, explicitly specify the invariants you intend to guarantee, audit all your code changing data structures to make sure these are actually maintained, and audit all your code using data structures to make sure no other assumptions are made. That may catch a substantial fraction of severe bugs even without fuzzing, about one third in the case of mandoc. .LE .PSPIC Images/JliuBarrieWaterfront.eps .GPE_SM "Barrie across Kempenfelt Bay, Lake Simcoe, Ontario\ \(co 2010 Jliu@wikimedia (CC)" .GPE_TIME 120 .\" .\" How the new -Wunsupp option is going to simplify porting of software .\" and improve manual page formatting quality in FreeBSD ports. .\" .GPE_SECTION UNSUPP .GPE_NEXT "What about error handling?" .TITLE "Three message levels" .AL .LI Warnings: Tell manual authors that the quality of the code can be improved. .LI Errors: Tell manual authors that the intent of the code is unclear. .br \(-> Likely information loss or seriously bad formatting. .LI Unsupported: Tell porters that a manual page uses features not (yet) supported by mandoc and groff should better be used instead of mandoc. .LI The former fatal level no longer exists: .br It meant that mandoc(1) was unable to produce any output at all. .br That can no longer happen (since January 15, 2015). .LE .GPE_MULB 9c .sp 2v Several major cleanups .br of messages and levels in mandoc: .DS July 2009, May 2010, August 2010, October 2010, January 2011, March 2011, July 2014, January 2015, ... .DE .MULN .PSPIC Images/PaulBicaTorontoSunset.eps 10c .GPE_SM "Toronto \(co 2008 Paul Bica @flickr (CC)" .MULE .GPE_TIME 70 .GPE_NEXT "How do we handle manual pages in ports?" .TITLE "Manual pages in ports" .ce By now, 95% of ports manuals just work with mandoc. .SUBTITLE "The OpenBSD way" .BL .LI Mark those that don't work individually with USE_GROFF (about 200 remain). .LI Preformat these manuals at port build time with groff, .br package the preformatted versions of the manuals. .LE .GPE_MULB 9c .sp 2v Advantage: .br Perfect manuals for every port. .sp 2v Inconveniences: .br Needs support in the .br ports infrastructure .br (written by Marc Espie@), .sp 0.5v and manual maintenance .br of the USE_GROFF variable. .MULN .PSPIC Images/PaulBicaHumberBridge.eps 12c .GPE_SM "Humber Bay Bridge, Toronto \(co 2010 Paul Bica @flickr (CC)" .MULE .GPE_TIME 60 .GPE_NEXT "How does FreeBSD do it?" .TITLE "Manual pages in ports (2)" .BL .LI The FreeBSD way: .BL .LI Inside man(1), try mandoc -Tlint -Wunsupp and let mandoc itself decide whether it accepts the job. If so, use mandoc, otherwise groff. .LI Advantage: No manual checking of ports required. .LI Inconveniences: Double parsing at man(1) call time. .br False negatives: mandoc doesn't realize it's unfit for the job .br \(-> user gets incomplete or misformatted manual .br False positives: mandoc feels shy even though its output is fine .br \(-> time wasted for running groff .LE .LE .GPE_MULB 10c 1.5v .BL .LI The NetBSD way: .BL .LI Just ignore the whole problem (if i understand correctly). .LI Seems to be good enough for them, i don't hear any complaints regarding those about 5% broken ports manuals in NetBSD. .LE .LE .MULN .PSPIC Images/PaulBicaBloorViaduct.eps 9.5c .GPE_SM "Bloor Viaduct, Don Valley, Toronto" .GPE_SM "\(co 2013 Paul Bica @flickr (CC)" .MULE .GPE_TIME 70 .GPE_NEXT "Where to go from here?" .TITLE "Possible future directions for ports manuals" .BL .LI For the OpenBSD way: Improve low-level roff(7) support in mandoc(1) reducing the number of USE_GROFFs required. .BL .LI Chances aren't bad, there are some big classes of problems it might be possible to solve, so we can certainly get below 200. .LI But, at some point, there will be diminishing returns... .LI naddy@ eventually wants to get rid of USE_GROFF altogether. .LI Not yet quite sure how it will be done. .LE .LI For the FreeBSD way: Improve -Wunsupp logic. .BL .LI Detection can certainly be improved in some typical situations. .LI But we will run into diminishing returns, too; .br the number of ways to abuse low-level roff in manuals is boundless. .LI Not yet sure how good it can become. .LE .LE .GPE_MULB 16c .in 2 .PSPIC Images/KirilStraxTorontoThompsonPark.eps 14c .MULN .S -4 .sp 1.5v .DS Tommy Thompson Park Toronto, Ontario .sp 0.5v \(co 2008 Kiril Strax @flickr (CC) .DE .S P .MULE .GPE_TIME 60 .\" .\" What Anthony Bentley did with pod2mdoc(1) on LibreSSL documentation, .\" and which future possibilities exist in the vicinity. .\" .GPE_SECTION POD2MDOC(1) .GPE_NEXT "What about LibreSSL?" .TITLE "Getting started with pod2mdoc(1)" .BL .LI perlpod(1): maybe the third most important documentation format after mdoc(7) and man(7); used by Perl and many other projects, for example OpenSSL .LI usually converted to man(7) with pod2man(1) written in Perl .LI downsides: no semantic searching, LibreSSL developers have to cope with a second (and less useful) documentation language, consumes time during the build, pod2man(1) man(7) output contains ugly low-level roff(7) and keeps getting worse, the pod2man(1) utility itself is hackish and ugly .LI Hence we are working on pod2mdoc(1), a conversion tool from perlpod(1) to mdoc(7) format. .LI During g2k14 in Ljubljana (July 2014), Anthony Bentley started to convert the LibreSSL libssl manuals from perlpod(1) to mdoc(7) with pod2mdoc(1), mostly based on the version Kristaps developed in March/April 2014, containing only minor fixes on my part (versions 0.0.12 on July 11 and 0.0.13 on July 19). .LI With those versions of pod2mdoc(1), considerable manual postprocessing was still required. .LI The completed work was finally committed on October 12. .LI One important benefit: An extensive list of bug reports and feature requests. .LE .GPE_TIME 120 .GPE_NEXT "What was improved?" .TITLE "Improvements of pod2mdoc(1)" In February 2015, i started work on LibreSSL libcrypto, improving pod2mdoc(1) in parallel, using Anthony's list and my own observations. .GPE_MULB 11c .BL .LI whitespace improvements .BL .LI preserve blank lines inside .br literal displays (Feb 19) .LI re-wrap text lines (Feb 23) .LI new sentence, new line (Feb 14) .LI print whitespace before words, .br never after (Feb 13) .LI horizontal spacing fixes (Feb 20) .LE .LI handle all closing punctuation (Feb 19) .LI escape literal double quotes at the start of macro arguments (Feb 19) .LE .MULN .PSPIC Images/CanteausKingstonTheologicalHall.eps .GPE_SM "Theological Hall, Queen's University, Kingston" .GPE_SM "\(co 2011 Canteaus@wikimedia (CC)" .MULE .SUBTITLE "Such polishing may seem minor but is actually important:" .br The goal is to commit the converted manuals. .br So the generated code must be clean and maintainable. .br Cleaning it up by hand is very tedious. .GPE_TIME 60 .GPE_NEXT "Which new concepts?" .TITLE "New concepts in pod2mdoc(1)" .BL .LI SYNOPSIS rendering for library manuals: .BL .LI function prototypes -> .Ft/.Fo/.Fa/.Fc (Oct 22, version 0.1) .LI render preprocessor lines with .Fd (Feb 13) .LE .LE .GPE_MULB 9c .BL .LI ohash-driven markup .BL .LI function names with .Fn .br (Feb 13) .LI function args with .Fa .br (Feb 13 and 23) .LI type names with .Vt .br (Feb 13) .LI #defined names: .Dv or .Fn .br (Feb 19) .LE .LI foreign function names: .Xr .br (Feb 14) .LE .MULN .PSPIC Images/MkooimanKingstonCityHall.eps 10c .GPE_SM "Kingston City Hall \(co 2013 Mkooiman@wikimedia (CC)" .MULE .P .ce All released with pod2mdoc-0.2 on May 19, 2015. .SUBTITLE "Similar logic is needed for legacy man(7) manuals." .GPE_TIME 120 .\" .\" Which operating systems now use mandoc, .\" what the recommended next steps are for these systems, .\" and in which directions i'm planning to continue mandoc development. .\" .\" Since my talk at BSDCan 2014, FreeBSD and illumos (formerly OpenSolaris) .\" have switched to use mandoc as the default manual page formatter. .\" .GPE_SECTION STATUS .GPE_NEXT "What is the status in various systems?" .TITLE "Status in OpenBSD" .SUBTITLE "Status last year, at BSDCan 2014" .GPE_MULB 17.5c 4v .BL 3n 1 .LI Kristaps@ developed mandoc(1) since November 22, 2008. .LI Schwarze@ maintaining it since June 14, 2009. .LI Base system manuals built with mandoc(1) since April 3, 2010. .LE .MULN .PSPIC Images/OpenBSD.eps .MULE .BL 3n 1 .LI Releases fully rely on mandoc(1) since OpenBSD 4.8, November 1, 2010. .LI Groff disconnected from base build since October 18, 2010: .br .GPE_EM "mandoc(1) is the only documentation formatter in base\ for almost five years." .LI No stable releases contain groff since OpenBSD 4.9, May 1, 2011. .LI Install manual sources, not preformatted manuals since June 23, 2011. .LI SQLite-based code in the source tree since December 30, 2013. .LI .GPE_EM "makewhatis(8)/apropos(1) using mandoc" since April 18, 2014 (rel. with 5.6). .LE .SUBTITLE "New since last year" .BL .LI New man.cgi(8) online on www.openbsd.org since July 12, 2014. .LI Unified interface for mandoc(1) and apropos(1) since August 26, 2014. .LI .GPE_EM "man(1) switched to the mandoc implementation" on December 14, 2014. .LI All released with OpenBSD 5.7 on May 1, 2015. .LE .GPE_TIME 20 .GPE_NEXT "What got done in FreeBSD?" .TITLE "Status in FreeBSD" .SUBTITLE "Status last year, at BSDCan 2014" .GPE_MULB 17.5c 5v .BL .LI An mdocml port by Ulrich Sp\(:orlein exists since March 9, 2009. .LE .MULN .PSPIC Images/FreeBSD.eps .MULE .BL .LI Source code in the base repo and installed by default since October 19, 2012. .LI .GPE_EM "First released with FreeBSD 10.0 on January 20, 2014." .LE .SUBTITLE "New since last year" .BL .LI All work done by Baptiste Daroussin (bapt@). .LI .GPE_EM "mandoc(1) is the default formatter" since November 23, 2014. .LI Using -Wunsupp since March 2, 2015. .LI .GPE_EM "apropos(1)/makewhatis(8) default to the mandoc versions" since May 30, 2015 .LI Code is up to date using the portable stable release mandoc-1.13.3. .LI To be released with FreeBSD 11 in the future. .LI Still using the man(1) implementation written as a sh(1) script. .LE .GPE_TIME 60 .GPE_NEXT "Any progress in DragonFly and NetBSD?" .TITLE "Status in NetBSD" .BL .LI pkgsrc version well maintained by Thomas Klausner (wiz@) and up to date. .LE .GPE_MULB 17.5c .BL .LI Apart from that, no progress since last year. mandoc(1) version is outdated (1.12.3, released 2013, no reaction to the three newer versions of mandoc released after that). .LI Installing source manuals. .LE .MULN .PSPIC Images/NetBSD.eps .MULE .BL .LI Using mandoc(1) as the run-time manual formatter since February 7, 2012. .LI NetBSD-only apropos(1)/makemandb(8) featuring full-text search but no semantic search. .LE .TITLE "Status in DragonFly BSD" .GPE_MULB 17.5c .BL .LI No progress since last year. mandoc version in base is outdated (1.13.1, released in August 2014, no reaction to the two versions of mandoc released after that). .LI mandoc(1) is installed, but not used. .LI Semantic searching is not yet supported, not even as an option. .LE .MULN .PSPIC Images/DragonFly.eps .MULE .GPE_TIME 20 .GPE_NEXT illumos .TITLE "What happened in illumos?" .BL .LI Mandoc is contained in the base system .br .GPE_EM "and used by default for formatting manuals" .br since July 21, 2014 (Garrett D'Amore). .LI The first non-BSD system to accomplish this, and the third system grand total. .LI Have decided to gradually upgrade their man(7) pages to mdoc(7) format. .LI Using the same old version as NetBSD (1.12.3, released in 2013). .LI Still using their own apropos(1)/catman(8), no support for semantic searching. .LE .PSPIC Images/illumos.eps 4c .GPE_TIME 60 .GPE_NEXT "How many Linuxes use mandoc?" .TITLE "Status in Linux" .BL .LI Two Linux distributions have mandoc fully enabled by default: .LI Alpine Linux: mandoc(1) since June 12, 2011; .br man(1), apropos(1), makewhatis(8) since December 29, 2014 .LI Void Linux: mandoc(1) since September 23, 2014; .br man(1), apropos(1), makewhatis(8) since March 14, 2015 .LI Both using the latest stable portable mandoc (1.13.3) .LI Alpine Linux was the first non-BSD system ever to use the mandoc-based man(1), apropos(1), and makewhatis(8). .LI Apart from OpenBSD, i know of no other operating systems that rely more heavily on mandoc right now than these two. .LE .GPE_MULB 14c .BL .LI Definitely, these prove that fully switching a Linux distribution to use the complete mandoc suite is feasible. .LI Arch Linux has an official port, Slackware and Crux unofficial ones, no major Linuxes have followed so far, even though mandoc is known to work on Debian and Ubuntu, Fedora and RHEL and CentOs, OpenSuSE and SLES. .LE .MULN .PSPIC Images/FlagstaffBluePenguin.eps .GPE_SM "Little Blue Penguin \(co 2009 .GPE_SM "Flagstaffotos @wikimedia (CC)" .MULE .GPE_TIME 50 .GPE_NEXT "Any other systems?" .TITLE "Status in other operating systems" .BVL 1c .LI "Minix 3" Source code in the base repo since June 26, 2010 (Ben Gras). .br Completely apathetic, still using a version that is more than five years old. .LE .GPE_MULB 16c .nr Lsp_save \n[Lsp] .nr Lsp 1v .BVL 1c .LI "Mac OS X" 1.13.2 available on Homebrew .br 1.13.1 available on MacPorts .LI "Microsoft Windows" 1.13.1 package available built with MinGW .br 1.12.2 only an outdated package for Cygwin .LI "IBM AIX" Outdated unofficial 1.12.0 port .LE .nr Lsp \n[Lsp_save] .MULN .PSPIC Images/MacOSX.eps .MULE .SUBTITLE "Periodically updated information:" .ce http://mdocml.bsd.lv/ports.html .GPE_TIME 50 .GPE_NEXT "Let's summarize the status..." .TITLE "Status summary" .sp -1.5v .BVL 1c .LI "Fully integrated (mandoc, man, apropos, makewhatis)" OpenBSD, Alpine Linux, Void Linux .LI "Almost fully integrated (including apropos but without man)" FreeBSD-current .LI "Default formatter (but less powerful implementations of man and apropos)" NetBSD, illumos .LI "In the base system (but not used by default)" FreeBSD 10, DragonFly BSD, Minix 3 .LI "Official packages exist" FreeBSD 9, Arch Linux, pkgsrc .LI "Unofficial packages of useful versions exist" Slackware, Crux Linux, Mac OS X, MinGW .LI "Outdated packages only, probably easy to update" Debian, SUSE, Redhat and derivatives; IBM AIX, Cygwin .LE .sp -0.5v .PSPIC Images/GBaranskiOttawaPanorama.eps .GPE_SM "Ottawa (Ontario) seen from Gatineau (Quebec)\ \(co 2009 G. Baranski @wikimedia (CC)" .GPE_TIME 70 .GPE_NEXT "Which goals were reached?" .TITLE "Which goals were reached?" .SUBTITLE "Goals presented during BSDCan 2011" .BL .LI Install manual sources, not preformatted manuals. .COLOR darkred DONE June 23, 2011 .COLOR P .LI Implement -mdoc -Tman. .COLOR darkred DONE November 19, 2012 .COLOR P .LI Rewrite apropos(1) and makewhatis(8) to use mandoc. .COLOR darkred DONE April 14, 2014 .COLOR P .LE .GPE_MULB 13c .BL .LI Replace man.cgi on the OpenBSD website. .br .GPE_EM "DONE July 12, 2014" .LE .SUBTITLE "Goals presented in 2014" .BL .LI Integrate preconv(1) into mandoc(1) .br for better UTF-8 handling. .br .GPE_EM "DONE October 30, 2014" .LI Switch the default output mode .br from \-Tascii to \-Tlocale . .br .GPE_EM "DONE December 2, 2014" .LI Replace man(1) in OpenBSD. .br .GPE_EM "DONE December 14, 2014" .LE .MULN .PSPIC Images/WladyslawOttawaLibraryOfParliament.eps .GPE_SM "Library of Parliament, Ottawa" .GPE_SM "\(co 2009 Wladyslaw@wikimedia (CC)" .MULE .GPE_TIME 30 .GPE_NEXT "What shall we do in the future?" .TITLE "Possible future directions" .sp -1.5v .SUBTITLE "Work in progress" .BL .LI Improve pod2mdoc(1) and use it for LibreSSL (first mentioned: BSDCan 2011) .LI Unify parsers aiming for better roff(7) support (first mentioned: BSDCan 2014) .LI Automatically detect unsupported source code (-Wunsupp) (NEW) .LI Delete most ln(1) links to manual pages (NEW) .LI texi2mdoc(1) to convert texinfo(1) documentation to mdoc(7) (NEW) .LI Help with man(7) to mdoc(7) conversions (first mentioned: BSDCan 2011); docbook2mdoc(1) (first mentioned: BSDCan 2014) .LE .GPE_MULB 12c .SUBTITLE "Not yet started" .BL .LI Support automatic semantic enrichment .br of Perl manuals with pod2mdoc(1). .br (first mentioned: EuroBSDCon 2014) .LI Use less(1) tag functionality .br for repositioning text on the screen. .br (NEW idea by Kristaps Dzonsons) .LE .MULN .PSPIC Images/WladyslawGatineauMuseumOfHistory.eps .GPE_SM "Canadian Museum of History, Gatineau" .GPE_SM "\(co 2009 Wladyslaw@wikimedia (CC)" .MULE .GPE_TIME 80 .GPE_SECTION THANKS .GPE_NEXT "Who made this happen?" .TITLE Thanks! .sp -1v This list only mentions contributions since BSDCan 2014. .br For earlier contributions, see last year's talk. .BVL 1c .LI "Kristaps Dzonsons (bsd.lv)" for rewriting the eqn(7) parser, implementing HTML5 and MathML output, and various other code contributions .LI "Jonathan Gray (OpenBSD)" for extensive testing with afl resulting in many bug reports .LI "Baptiste Daroussin (FreeBSD)" for extensive FreeBSD system integration work and for source code patches, bug reports, and useful discussions .LI "Christian Weisgerber (OpenBSD)" for removing USE_GROFF from many ports, analyzing the remaining ones, many bug reports and useful discussions .LI "Thomas Klausner (NetBSD)" for excellent pkgsrc maintenance, reliable release testing, and several bug reports and useful discussions .LI "Natanael Copa (Alpine Linux)" for Alpine Linux integration and maintenance .LI "Paul Onyschuk (Alpine Linux)" for suggesting to include an implementation of man(1) into the mandoc toolkit .LE .GPE_TIME 40 .GPE_NEXT "Who contributed?" .SUBTITLE "Thanks for source code patches" Anthony Bentley, Daniel Dickman, Doug Hogan, Jason McIntyre, Ted Unangst, Theo de Raadt (OpenBSD), Martin Natano .GPE_MULB 12c 1v .P Thanks for bug reports, release testing, .br and/or useful suggestions and discussions: .P Antoine Jacoutot, Giovanni Becchis, J\('er\('emie Courr\(`eges-Anglas, Juan Francisco Cantero Hurtado, Marc Espie, Matthew Dempsky, Pascal Stumpf, Stuart Henderson, Todd Miller (OpenBSD), .br Abhinav Upadhyay, Havard Eidnes, Joerg Sonnenberger, Matthias Scheler (NetBSD), Pedro Giffuni, Ulrich Sp\(:orlein (FreeBSD), Garrett D'Amore (illumos), Jonathan Perkin (SmartOS), Daniel Levai (Slackware), Svyatoslav Mishyn (Crux Linux), Carsten Kunze (Heirloom troff), Alexis Hildebrandt (Homebrew), Alessandro de Laurenzis, Andreas V\(:ogele, Jan Stary, Justin Haynes, Marcus Merighi, Patrick Keshishian, S\('ebastien Marie, Steffen Nurpmeso, Theo B\(:uhler .MULN .PSPIC Images/CatherineBulinskiOttawaPeaceTower.eps .GPE_SM "Tulip Festival, Peace Tower, Ottawa" .GPE_SM "\(co 2007 Catherine Bulinski @flickr (CC)" .MULE .GPE_TIME 10 .GPE_NEXT "Where did the images come from?" .SUBTITLE "Thanks for sharing your pictures!" .S -9 .DS Cynthia Livingston's off-track thoroughbred "Bedifferent"\ (private communication, used with permission) https://www.flickr.com/photos/reiver/3821502286/\ Mac Armstrong: Moorside cottage, Mackenzie King Estate,\ Gatineau Park, Quebec (by-sa) https://www.flickr.com/photos/14020964@N02/7373733864/\ Lezumbalaberenjena: Black Lake, Gatineau Park, Quebec (by-nc-nd) https://www.flickr.com/photos/14020964@N02/14719822932/\ Lezumbalaberenjena: Paroisse Sainte C\('ecile de Masham, Quebec (by-nc-nd) https://www.flickr.com/photos/dougtone/5806473660/\ Doug Kerr: Bonnechere Museum, Eganville, Renfrew County, Ontario (by-sa) http://commons.wikimedia.org/wiki/File:Opeongo_Road_farm.jpg\ P199: Opeongo Road, Renfrew County, Ontario (by-sa) http://commons.wikimedia.org/wiki/File:Wilno_Ontario.JPG\ P199: Wilno, Renfrew County, Ontario (by-sa) http://commons.wikimedia.org/wiki/File:Madawaska_River_Whitney.JPG\ P199: Madawaska River at Whitney, Ontario (pd) https://www.flickr.com/photos/usfwsmidwest/4514433523/\ Gary J. Wege: Common Loons (by) http://commons.wikimedia.org/wiki/File:Algonquin_Cache_Lake_Lookout.JPG\ Ptrbnsn: Cache Lake, Algonquin Park, Ontario (by-sa) http://commons.wikimedia.org/wiki/File:Tom_Thomson,1917,_April_in_Algonquin_Park,21_x_26,5_cm,_Tom_Thomson_Memorial_Art_Gallery.jpg Tom Thomson: April in Algonquin Park (copyright expired) https://www.flickr.com/photos/ryan_tir/6232749531/\ Ryan Tir: Maggie Lake, Algonquin Park, Ontario (by) https://www.flickr.com/photos/7119320@N05/9439437967/\ Sean Marshall: Archer Daniels Midland, Simcoe County, Ontario (by-nc) http://commons.wikimedia.org/wiki/File:Aerial_-_Wasaga_Beach,_Ontario_from_SW_01_-_white_balanced_%289656223451%29.jpg\ Joe Mabel: Wasaga Beach (by-sa) http://commons.wikimedia.org/wiki/File:Rabbit_american_fuzzy_lop_buck_white.jpg Lithonius: American Fuzzy Lop rabbit (pd) http://commons.wikimedia.org/wiki/File:Spiritcatcher_barrie_wide.jpg\ Tudor Costache: Spiritcatcher by Ron Baird, Barrie, Ontario (by) http://commons.wikimedia.org/wiki/File:Barrie_Waterfront.jpg\ Jliu: Barrie Waterfront, Lake Simcoe, Ontario (by-sa) https://www.flickr.com/photos/dexxus/2497070861/\ Paul Bica: Toronto Sunset (by) https://www.flickr.com/photos/dexxus/5003010775/\ Paul Bica: Humber Bridge, Toronto, Ontario (by) https://www.flickr.com/photos/dexxus/2967568397/\ Paul Bica: Bloor Viaduct, Don Valley, Toronto, Ontario (by) https://www.flickr.com/photos/thru_the_night/3659236370/\ Kiril Strax: Tommy Thompson Park, Toronto, Ontario (by-nc-sa) http://commons.wikimedia.org/wiki/File:Kingstonhall.JPG\ Canteaus: Theological Hall, Kingston, Ontario (by-sa) http://commons.wikimedia.org/wiki/File:Kingston_on_city_hall.jpg\ Mkooiman: Kingston City Hall, Ontario (by-sa) http://commons.wikimedia.org/wiki/File:Little_Penguin_Feb09.jpg\ Fir0002/Flagstaffotos: Little Penguin (by-nc) http://commons.wikimedia.org/wiki/File:Canada_Ottawa_Panorama.jpg\ G. Baranski: Ottawa Panorama (by-sa) http://commons.wikimedia.org/wiki/File:Ottawa_-_ON_-_Library_of_Parliament.jpg\ Wladyslaw: Library of Parliament, Ottawa (by-sa) http://commons.wikimedia.org/wiki/File:Gatineau_-_QC_-_Museum_of_Civilisation.jpg\ Wladyslaw: Canadian Museum of History, Gatineau (by-sa) https://www.flickr.com/photos/kasiaflickr/489246505/\ Catherine Bulinski: Tulip Festival, Peace Tower, Ottawa (by-nd) http://commons.wikimedia.org/wiki/File:Algonquin_Sunset_Panorama.jpg\ Raul Heinrich: North Tea Lake, Algonquin Park, Ontario (by-sa) .DE .S P .PSPIC Images/RaulHeinrichAlgonquinTeaLake.eps .GPE_SM "North Tea Lake, Algonquin Provincial Park\ \(co 2008 Raul Heinrich @wikimedia (CC)" .GPE_TIME 10 .ds gpe_next What would you like to ask? ¡®Yes, sir. I felt sure you understood that. She said she had told you.¡¯ "Why, eh,--I--I don't know that my movements need have anything to do with his. Yours, of course,--" "Ah, but if it saved your life!" "No, I'm not," grumbled the Doctor, "I've had enough of this wild-goose chase. And besides, it's nearly dinner time." "I am coming to that," Lawrence said, lighting a fresh cigarette. "As soon as Bruce was in trouble and the plot began to reel off I saw that it was mine. Of course there were large varyings in the details, but the scheme was mine. It was even laid on the same spot as my skeleton story. When I grasped that, I knew quite well that somebody must have stolen my plot." Judy In a coach-house, through which we passed on our way to see the prince's favourite horses with the state carriages¡ªquite commonplace and comfortable, and made at Palitana¡ªwas a chigram,[Pg 68] off which its silk cover was lifted; it was painted bright red and spangled with twinkling copper nails. This carriage, which is hermetically closed when the Ranee goes out in it, was lined with cloth-of-gold patterned with Gohel Sheri's initials within a horseshoe: a little hand-glass on one of the cushions, two boxes of chased silver, the curtains and hangings redolent of otto of roses. "Are you certain of it? You have seen so very little of him, and you may be mistaken." "And your wife?" "I drawed on my man's bundle o' wood," said Gid, "and then dropped a little, so's to git him where he was biggest and make sure o' him." HoME²¨¶àÒ°½áÒÂ×óÏßÊÓƵ ENTER NUMBET 0016iuzkjx.com.cn
www.ebcfc.com.cn
meepao.com.cn
lcchain.com.cn
www.mlsfs.com.cn
www.ohpkus.com.cn
naisibo.com.cn
www.owhuhf.com.cn
oldjohn.com.cn
whjy365.org.cn
欧美西方美女艺术图片 美女掰b图片 外国操逼成人片 肏屄蓝魔mp5官网 骚穴骚影网址 藤冲有关的电视剧 偷拍包厢内少男少女激情狂欢 大中华色露脸对话 黄片俄罗斯大学校园 久久炮图 类似狠狠鲁的网站 台湾大佬自拍偷拍网 人于兽性爱小说 美女上厕所刚出炉图 来插妹妹的小穴 美红换交 丝袜女女舔足 性爱换妻乱伦故事 女同性恋热吻优酷视频 苍井空裸阴毛 日本美女百濑图片 成人毛片快播高清影视 宫藤新一的性福生活 成人小妹 少女金频双艳 人与shuo 武汉教室做爱吉吉 人体艺术黑木耳西西 射极品空姐超碰 骚女自慰照片 江西公安局政委用枪逼儿媳妇通奸 浅川花里子 粉嫩逼贴图 一进大门观四方 诱奷表妹 和大姨子肏屄之续 日本 大胆人体艺术图片 松岛枫 中国女裸名单 美女露体没有马赛克 国产强奸乱伦加电影yingyinxianfeng 熟女人妻15p 诱奸 少妇 小说 天使的眼泪黄色群 伦理 偷拍 皮皮 骚女浪妇乱伦爱爱 幼幼性交比赛 魔王av亚洲无码bt 就要在线撸电影站 快播欧美荡妇聚会 影音先锋韩国女主 亚洲 性交图 看黄片不用要播放器 猪猪影院百度影音艺术片 人性交电影 妹妹看黄色片 浙江真实乱伦迅雷 一个最真实 的我 一个 的我 的我 歌曲 成人爱爱在线观看 色妹妹天天撸 插妹妹成人电影院在线观看 风间由美熟女人妻黑丝商务交会种子 男性大鸡巴被操的故事 人之初性本善 致橡树原文 神经系统体格检查 狠狠撸操干妈图片大全 中国成人电影小说 日姥姥性爱淫乱三从四德群交30p 爱爱jj发综合网 黑木香一经典番号 黄蓉与刘老汉 大黑鸡大吧操妈妈 印尼大胆人体艺术 草别人媳妇 人体艺体肉欲 互联网jiqingwuyue 白虎穴尿尿艺术图片 操操淫乱穴 寡妇自拍 三级色逼一片 林心如两腿分开 人与动物三客优 金伟哥vga说明书 日本av女优馒头逼图片 十九摸 儿子和母亲激情性交 有快播可以上的色网址 幼幼色色 ribenchengrenxiaoshuo 外国性爱网站 欧美美女人穴 性爱小说撸啊撸 呕美操逼图 女人的屄照片 人体艺体阴部插图片 百度云照烧铁板 我的八年性情史 淫香淫色插逼图 有黄的的qq号 欧美色亲片 zuixinmuziluanlunxiaoshuohetupian 杜比影院最佳座位 白雪公主摸乳干 美女露屄毛的图片 绫川まどか在线先锋 影音先锋操大奶妹 手机动漫成人电影网 强奸女护士 亚洲陈丽佳人体艺术 欧美经典七夕电影 WWWANGOULECOM 我和村嫂乱伦 母子通奸网 亚州色图就射 www777影音先锋 邓紫棋图片亚洲色图偷拍自拍 白嫩美女做爱爽图36p 瑶瑶的淫叫声 大树梨纱 人体私处大胆艺术图 母子插逼视频 母子淫水 狠狠干五色天 换妻17p 性之图吧偷拍自拍亚洲色图 激情性爱动漫欧美 WWW53AVCOM 启东操逼 艳母峰臀 欧美激情裸体艺术图片 激情明星狠狠碰 欧美强奸少女图 孟十朵 妻子玲儿 黑大炮群交内射白虎视频 西西人体艺术大胆人体艺术亚洲 白领穿丝被干视频 亚洲电影第10 归乡义母种子 骚丝袜老师 性爱亚洲色图大鸡巴 长谷川美红母 2014uuucom 神马影院未来电影在线 强奸少妇图片乱伦小说 我与妈妈做爱抽插操逼 ss5678 美丽的丝袜老师妈妈4 樱井知香裸体照 摸女人大胸图片 丁香社操逼 操美女av 久久热无码在线视频 去去去电影 女性尿道口真人版图片无衣 liaozaiyantan成人免费电影网站 超碰视频网友自拍第一页 色波波影院 迅雷下载 诱色天使香香裤高腰款 熟妇张柏芝丝袜 2015最新操 酒鬼电影院会员 秋露伦理Av 咪咪色色老师小说 i嘿片网 AV换妻电影 风间由美club 奶子大骚Pmsewuyecom 自拍爱色综合社区 手机看片操女优 av丝袜教师手机天堂 16668伪C0m 花俏小姨子mp4 久久撸久久肏开心五月 搜索sexinsexnet 厨房干同学妈妈的屁眼wwwwanren8netmwanren8net 日本小金井 美国十次啦老熟女 www色色网络com 天堂网妞赶 插蝴蝶逼 青青3p luanlun爱 小姐的的性感生活作爱片 激情短篇小学 牛牛超碰免费公开在线视频 日夜色先锋资源站 在线网站AV黑人wwwgzyunhecom 手机av受美国法律保护 性感老师校园春色 天天啪夜夜操www9eyycom 洪爷小说幼女交换 美女洞毛电影 雪白的古典武侠 三级片三级片的坏的视频播放 小说专区乱伦小说目录99 色第四色wwwav565com色就是色 舔岳母的小穴 肥佬能用的三级片网站 淫荡的肉弹美女教师 熟女香蕉无a在线视频 美女操逼黄色大片 www1111r80s 欧美色图迷人的骚女15P 哥哥干av成人社区男人天堂 武藤蓝av 搜索炼狱岛 精液降头 偷拍女厕所自慰图片 xxoo成人影院熟女 freefronvideos人母 卡通图片另类变态 春药潮吹痉挛视频 2017最新www超碰com 最新kkbokk 欧美露大乳图 激情电影乱伦小说 邻家丰满少妇 绑架调教性感丝袜性奴女 风流情哥哥网站 激情小说加多撸 欧美性虐哥哥射 变态淫荡 seyuyue 人体穴鲍图 伊人在线视频变身6 中国十大禁书黄小说 国产自拍秀mp4 性交口交天天撸 裸体摄影优果网 少妇人妻自拍图区 久草在线新时代3wwwczyzxcnzxzy8com 最大胆一千美女 大几把骚逼 全国最大三级图文 干了校长的骚穴 与妻侄女 户田惠梨香av片 家庭乱伦之人妻 淫贱孝姨 干美女狗趴 变态孕妇母乳片 sss480 偷拍穴毛 yazhouxingjiaosetu 明日花绮罗京都不伦妻 se牛牛视频网址 婶婶的原味内内 偷拍自拍做爱操逼 天天瑟瑟天天撸 蕾丝兔宝宝图片 华为网盘饭岛爱 天天鲁鲁天天在线 岳母与女婿性爱故事 2016年的小萝莉网站 狐狸色成人AV网站 18岁女主播直播自慰 qinglouscom 农夫激情基地 免费小萝莉自慰在线直播 wwwmmtt11me 性交透明内衣美女乳头无遮挡 亚州av潮吹视频 高跟熟女性奴 淫秽黄色啪啪手机视频 幼同志 怡红院更新前的主页 青青草肛交灌肠视频在线播放 搜索100avcom 老熟女下一篇7p 国语对白AV在线观看wwwyaob111com 成人动漫在线免费 11ppdd页面访问升级 189df、com wwwsesoucom 舞会电影台湾 www550ai30in 伊人情人网综合wwwggsao58info 都市淫秽 朋友妻子穿着丝袜让我舔 激情网址五月天 奶大妞女 兽皇英国 老熟女喷水小说 淫淫撸 偷拍影音先锋电影网 网上聊操逼 www路ppp7cnm 色色成人Cy视频 性吧春暖花开性吧有你旧版 丝袜制服人妻交换 鬼父第十七集番号 映像av加勒比先锋影音 wwwtutu10cnM 欧美乱伦18p 大香蕉超 国产看片点我 日本女穴 阿v手机天堂 稻田淫 wwwyouijzzsmcnm 我的办公室老婆三邦年 郑重声明我们立足于52avav xingnuchuanqi 黄色电影露阴毛 黄色录像番金莲 AV91 影音先锋强奸影片 亚洲在线a手机 曰本女优在线www5sdlcom 帮帮鲁色老汉 在线成人小视频下载 黄色网站都有那些 大胆人体露阴艺术 浅田美姬 草榴免费视频 捷克??机 丝袜美女被性侵 日日性 丝袜人体艺术偷拍 凹凸视频在线av 情欲超市小说 西西里大胆艺 黄片免费网址 东方a∨在线亚州色图狠狠撸 苍井空超短裙丝袜诱惑图片 奇米成人影视色和尚、色尼姑 ckck爱情电影 恋爱记录短片分享 局长成长史686 AV成人播放器免费的 纯洁的玛利亚邪恶漫画 五月激情综合狠狠色 wwwbbb552cm 性插网页 美女丝袜撸撸五月天 色色泡泡影院 一部女生被插jj的完整黄片 wwwadcrrr222con 秋霞伦理片在线播放 教室调教老师 亚洲色图日本AV 很很艹 日骚妇内射在线视频观看 ya亚洲麒麟色影影院 qqb66666 亚洲色图欧美色图美腿丝袜 曰一日 农村少妇电影magnet 移动成人你射精 20158韩国女演员激情视频合集 酒店小姐裸体艺术照 足浴小姐做爱过程 av女教师自慰动态图 AV影音先锋影院 123红色播放 女友自拍偷拍刺激 wwwseebimei 123CTCTCOM 婷婷xx youjuzz小说专区 一级黄色wangzhan 男人体摄影 裸体两性 欧美精品超碰 强奸小村花千骨 幼少女肏屄视频18 五月婷婷婷婷五月丁香 色魔在线 国产父女乱伦小说 KTKX089 www454HUcom 在线手机播放器 偷拍自拍32 成人激情图片,电影mmmnn7777 ww777rvvom WWW9itKcom 美国名模啪啪啪 用力的操狠狠的干 小浪穴妹妹亚洲色图 525zzzcom 乱伦妈妈15p 唐伯虎点秋香不是三级片 最大色牛牛 欧美色kuaibo 手机在线tokyo 欧美幼女网mp4 760yycom 少妇干净迷人鲍优优 绳艺magnet 身穿民族服饰的中国少数民族漂亮美女大胆人体艺术7国内 www47escomxz34 Www2222magnet 色偷怕自拍视频 丁香五月天拍拍播放` 青苹果影院噜噜妈妈 公然妄想露出在线 图片区偷窥自拍亚洲色图欧美色图动漫图片美腿丝袜清纯唯美乱伦图区电 黄色三级片77天天撸 美国女孩成人网站 东京热亚洲色色 超碰av大帝在线视频 西瓜成人资源网 一级片城年5 孝姨大阴唇 pp529com 青青色草在线 504hu迅雷下载 殴州1314 母子乱论视频 微信自拍成人视频在线观看 www44cim 东方av官方 297Pmp4 骚av老师 小明看看成人永久免费视频在钱imgcctuocom 越南人体艺术露鲍 两个女人用道具做爱 影音先锋制服丝袜偷拍 爱搞搞爱撸撸爱色堂 闹洞房就去干 男根的诱惑系列 樱井亚莉偷拍自拍 色dogcom 里中结衣在线观看 特大鸡巴碰上大波霸 躶体狂插相片 熟女撒尿视频 国产成人在线视频网站 武汉18中教师门 刘亦菲阴道毛多吗 操b网址大全 欧美性生活色图 母子尾交 图 操山村老大妈 淫母之穴 00后人体图片少女无毛掰开图片 6655人体艺术果果人体艺术波谷人体艺术 刘嘉大胆人体艺术 欧美色图 成人动漫第一页 淋浴做爱av 骚逼yaoyao 9115视频在线资源sss 黑屌做爱爽片 女优性交免费电影 欧美熟肥女图片 韩国女主播朴妮唛的黄色小说 撸哇哽播 在线自拍干幼女 高清晰自拍偷拍图色色网 去哦v大 欧美父女性爱 淫秽网站肥女视频 666亚洲无码 最新日韩乱伦小说网站 操少妇游戏 日本少妇11p图片 什么片好黄 多人合集9部 河合优衣ed2k 狠狠撸美女手掰穴图片 女儿交换乱轮 欧美妈妈和她的大屌儿子 富婆和年轻帅男性交 夫妻居家性爱自拍 色色偶性爱自拍 强奸模特小说 少年与熟妇爱图 体操美女之性生活 色骚逼在线高清播放 www1314xxx 韩国三级片一对男女在大学教师xxoo后来女的怀孕了男女结婚后女的跑了男的和 夫妻坐爱一级片 成人男女做爱视频 人体艺术图片绘狗网 入江辉美在线电影 鲁av影院 动漫同志片 风间由美爱爱网站 乱伦3p生活 最美妙的骚逼 王梦溪迅雷种子下载 我姐尻屁片 亚洲色图人妻p 日本人体艺术波之轩 偷拍黄色照片 汤加l丽裸照 伦理片日本家庭教师 操逼撸撸撸吧影院 WWW_BB152_COM 保险知识 左边杨丞琳 女人淫乱图 穿挺屄裤子的图片 色色公公与好儿媳 苍井空完全服从 色姐姐乱依 人妻乱伦星野绫香 熟女的角色扮演性爱快播 快播奸少女阴道电影 都市激情撸情 女人小穴很很日 狠狠肏老婆 亚欧人体摄影 中华医药艾叶作用在线视频 美女粉乳头10p 俩根大吊插一个美眉 品色堂俺去也 l少女luluse 模逼图片 山下智久柚木提娜种子ed2k 桃色播播激情五月天 沙绪里与狗 橹二哥影院影视先锋 小说快播综合网 12306影院第一页 巨乳无码xfplay 萩原舞电影 学生逼逼电影 欧美群交欧美色图 操少妇的逼短片 韩国主播吉吉影音 影音先锋厕所偷拍片 欧美熟女系列 鹿鼎淫记 3p性感尤物内射她的小骚穴 国产强奸幼幼逼 屌配屄毛 美女做热爱性交口交 女主人的人体厕所 顶级黄色图片可看到阴道口 无码少妇在线色 美女吹萧爽吗 黄色网站是多少翱 妹妹视 人体模特毛婷人体艺术 佐藤爱理番号 开心宝贝色播网 大屌巨乳系列 重温陈冠希图片做爱 美女豪乳50p 黑网袜性爱 操熟女老师 日韩av逍遥社区 安装香港恋夜场秀 美女制服诱惑男女 亚洲人妻岛国线播放 色小说色图色电影 日韩美女映画网 成人动漫转帖区 www狠狠射c 露脸绝对领域 妻子地铁失身 淫老婆电影第一页 中文字幕都市激情家庭乱伦亚洲色图 日本美女特大胆裸体露逼 口工教师av 色色999偷拍自拍日韩美女 www968ddcnmagnet jjjhhh1com日本 老王社区lw78cc ed2kyounv 美女口交舔逼小说 类似古丽阁网站 帅男同的鸡鸡ed2k 少妇的小骚玩 av黄鳝自慰小说 经点乱系列 百度久久做爱视频 a狼电影网成人 干小嫩b10Pwwwneihan8com 原国产母子做爱乱伦 美国十四拉人体艺术 老公我要插深点快点啊 涩涩乱伦小说 波霸暴露 994yyccm 美国女人和动物zzzwww 后入式微拍 中国国模03150p 色色色乱伦熟女图片 欧美大胆嫩肉穴爽大片 这个经典的给你吧rr123win 老婆乱伦片 另类少妇AV 巨乳俏女医漫画 WWWSWWWMITAOCOM 糖糖激情操逼 男屁眼被曰小说 yinsezonghewang 爆操人妻熟女15P 福利脱衣麻将 久久热偷偷撸黑丝袜免费经典视频 电影三级mp4黄色电影 超级黑人巨屌操白妇 人妻偷拍自拍强奸 男男激情小说肉文 韩日女优大奶视频 杀神有声小说 有声性小说mp3mp3 天春色图片 春色龙 樱井莉亚口才 日本成人 求h网导航 h网游游戏 有没有免费的黄网 设置加www 开心网 五月天 的五月天 qvod东京热图片 东京热n0383.rmvb 皮皮看黄片 沙发看黄片 黄色小说短篇 大色鱼情迷 风月阁论坛 日韩色姐姐 色兔子成人 师傅搞综合 18人体艺术 amod在线 大M成人综合 我爱弟弟影院 给力QVOD色 最纯洁少女做爱 無双帝國谁有E谁有G adultbig影院 日日顺 久久爱 歪歪小说网 九型人格分析 分分操导航 2017 一本道va手机在线 youjizzⅹⅹx 婷影院 一楼一凤影院欧美首页 猫蛋蛋很黄 shenyifuli ssni 049bt下载 另类图片-色爱 汤姆影院atom55 五月丁香深爱基地 皮特成人影院 gay pornhub video chitu x77223 色色ev 客车偷拍图片大全 动漫av ftp 青青草免费线观综合网 兄嫁はいじっぱり认证补丁 人妻少妇视频系列 小林瞳电车痴汉代码 秋霞短片福利 青娱乐视频盛会 日韩成人午夜视屏 影音先锋 熟女系列 在线观看皇片你的懂的 原千岁全集协和影视 日本一级性交视频 日本人性交视频 又黄又色的影剧院 大型AV 好屌色狼 早乙女由依 最佳专辑 尹人影院大香蕉禄现 吉泽明步私处流出资源大 伦理战场 情欲影院云播 bestfornmc0m 搭讪 mgnet 玩农村小姑娘裂缝电子书 日本AⅤ无码在线观看 伦理聚合高请无码在线播放 b里香视频在线2白色爽 有个妮可舍宾怎么找她视频 妇女磁力下载 凹凸視頻免賛在線 caosaobi在线观看免费 东方影库300 wwwxyc123con ipz862在线观看 武则天一级全黄视频 迅雷下载 亚洲在线一区 丰满女人多毛 思思热在线色视频 噜死你们资源站 mum骑兵在线播放 欧美色图狠狠插 邪恶插阴口动态图 风月影院黄视频 黄片VX 厕所偷窥视频 ay电影院 wwwkp99 木村都那厕所无码 good电影神马小丢 黑人和中国人群交视频 色色网址在线 九月婷婷在线 久草在线首页老司机 500dh com福利 杀戮都市里番在线 电影天堂在线福利 淫色视频网 苍木玛娜教师链接 97人妻C○m piczz漫画 橘梨纱作品Bd播放 激情按摩胸部无码 yy6080最稳定的资源 shtv123 日本成人影片 magnet 里番姐弟的关系3 超级碰av公开在线 thzvip 草帽国产综合网 日本色木木 dv1456 老色哥第四色 亚洲av欧美av电影av视频 日日夜夜插天天插 桃花影院今日新鲜事 A片网主名字 大屁股啪啪无码高清视频 东方阿v视频在线最新 xxoo淫交视频 电击女神asia fox在线 东北可爱小骚妻又一次3p娇小身材力战大屌-9 扒开双腿拳交 给我来个娘们操逼的黄片黄片 日本黄色枧频 j鸡巴小視频 叛客与雷鬼高清 迅雷 下载 美女自慰流淫水 在线 人妻小悠福利在线 巨乳王瑞儿在线视频 啪啪肉捧往哪叉?视频 劲暴欧美 一本道 东京热 自拍 国产 无码 黑丝自拍做爱 538prom久久日逼 www骚逼 XXXWWWUUU 求个一本道的资源 杨幂醉酒视完正版视频在线观看 日本女用胸为客人性按摩影院 仲村里绪 影音先锋女主播视频网站 vtt944 国产自拍福利社视频 18v韩国主播 在线翘臀福利 校园多女一男类番号 微福利吃精 香坂里奈 热舞福利120 538porm在线插放视频 wwwtaosetvcom 日本三级天堂网无码 韩国歪歪漫画官网进入 欧美图片亚洲色理论电影 欧美AVmm625 爱色影分类 56popo体验区 www奔驰宝马成人网站 射丝袜足 在线影院 kanmitao1视频 巨乳女教师の诱惑电影 欧洲老女人肏屄 ygyg66怼粉逼 热带夜中文字幕mp4 洁泽明步 m3u8人妻 蛇精脸网红主播小兔兔现场啪啪大秀 mmavtv少妇 萝莉小妹妹av 免费做爱视频网站免费 AISS模特索菲 在线福利视频 多毛龟 66ffff视频 佐伯雪菜在线av先锋 51zhiyuan 播播影院免费A片 av5685 真人下体抽插下阴喷水视频 色喜 王丹 美女动态图张又黄又色 www,O3ⅩXX,Cm 国内在线自拍人人澡人人看 BT 冲田杏梨巨乳女教师の诱惑 神马影院午夜伦dy888mmm 大香蕉亚洲人妻小说 丝袜自慰视频在线观看 涩播音频 popo福利网盘2018 性污秽小视频 想上你日你视频 享悦国产在线 校园禁断介护 校花在浴池被强视频 香港十大禁片黄e 小苹果性交影院 老湿影院未成年人 Xxxxx161116骆驼祥子 熟女papa视频 亚州影院午夜-一 97jibayingyuan 色欲直播 处女中出视频 爱爱福利区 鸡巴操逼的黄片 500夜趣福利免费 亚州香焦视频 porn在线播放制服丝袜 91c仔内裤哥在线观看 wwwz9k6com 偷拍美女浴室伦理电影 4438x3全国最大情人网站 速看网在线观看 新妈妈 ftp 亚洲国际成人综合 4455qu类似的网站 水菜丽无码粪便av连接 wwwabc300wom 唐朝TV360 国产AV,亚洲AV 采桑洗浴中心 波多结野衣与无码观看 比比琼斯作品合集磁力 山谷两日 thunder 日本高清凌辱免费三级片 magnet 欧美虐性 av无码 中文字幕 迅雷 樱井步禁断介护在线 四房色播av 织田真子113在线观看 罗马狼窝影院 插进去拔出来综合网 台湾R级在线 SOD时间禁止器 s跳蛋调教视频 WANQUEYINGYUAN 超级碰夜色猫视频 成人日日夜拍拍 RCTD mp4 v ip eeusssvv 求手机能看哪种视频的网站 欧美激情第一页在线观看 俺去也看免费视频 视频小姐中出 三七影视成人福利播放器 伦理无料 日韩SM高清 赫敏被强奸视频 泄欲哥导航为什么看不了了 1啪啪啪视频app 色无极亚洲影院东京热 黄色福利1000 要要橹福利 乱伦1视频 岛田阳子拍了多少AV片 正在播放肛交视频 萝莉无码小视频 本田英里子MP4迅雷种子 厕所偷拍无修。 北京彪哥真皮大床激战学院派 苍井空在线毛钱 波波兔 磁力 操奶子视频 波多野结衣与狗激情直接视频 久久干视频 ftp 橹先生成人影片 色妻视频观看 暴力插美女屁眼视频 48号缚师绑美女 草榴影院女同 空姐不愿意拍视频被男友强干到高潮的视频 sskanzyz新资源 小岛南无码链接magnet 小草草大黄瓜在线观看 renrencaome 虐阴漫画 国产第一页天天拍 wwwsesw 优酷 解放军在巴黎 18禁自拍偷拍 韩国肛交视频播放 美女做爱磁力连接 捆绑天海翼 5xsq四虎 美国十次啦福利视频 射精丝袜的视频 美女被人舔阴帝视频 乱伦香蕉色视频 色狐免费无码电影 美国成人性爱电影 六月丁香手机在线观看 教练和学生作爱视频 加勒比在线视频网 强奸乱伦1 骑士美女AV视频 去火涩 成人av视 ed2k 婷婷基地色色网 五月婷综合官网 撸必撸 足交鸣人漫画 gvg567 黑丝FJ 菲菲去网站 如果电话亭 avi rhj-073 黄片日屄视频 shiwaizhipaizhao 偷偷撸电影院 手机看片永久免费在线观看国产频道 国产另类自拍亚洲 天堂国产手机a 自拍视频在线观看 teen萝莉 不打码木叶性处理医院 风月海棠空姐 3d hy工房 在线观看 femmina在线观看 陈冠希艳照1300张阿娇 黄色网站在线视频 黄色综合网站 好看的中文字幕色拍拍噜 哦哦弟弟 黄色A片直播 后人动态图 qplayer在线播放网址 www第四色 野战情线国产视频在线观看 偷拍自拍在线赌博 护士无码视频 鬼佬 在线 云播 桃乃木香奈在线三上悠亚在线 ipx247在线观看 天降艳福不是福绝版在线看 一本道0588视频 日本无码光谍区 尻屄AV 老太太h类在线视频 国产3P自拍偷拍 伦理视频黄片大全 91小青蛙红杏出墙3p 内藤幸恵 你懂的 国产在线观啪啪啪网站 国产自拍、欧美 呦呦禁处 福利国产成人强奸少女50集 玉狼影院 国产偷拍自拍中文对白在线 阴道内窥镜凌辱女友 嘿嘿嘿影院永久 可知子 无码 成人在线黄色电影 快播八戒网 我要干色和尚 大胸美女一级黄色毛片 日本绣惑电影 yingyinxianfeng ziyuang 露脸操白妹国语 日本女性爱视频在线观看 成人狂欢福利网 91偷拍视频在线观看 操同事的小女友爱剪辑 粗暴轮奸视频 国产自自拍永久免费 天天干b天天插 国产25P 凹凸视频线观看免费 不雅视频磁力链接下载 香蕉影院超频在线视频 新加坡人美国艳星口交视频 肛塞自慰视频 8338磁力链接 成人色色网美国av幼女 把鸡巴插入妈妈的阴道 24美图野战 我和老师做爱漫画 淫乱肛胶美女 日撸神 清纯漂亮的嫩妹女孩与男友在家激情做爱流出高清视频mp4 阿姨熟女丝袜 黑丝袜电影院 色图网大全 丝袜阿姨的淫荡生活 日本乱伦变态 熟妇性交视频女人色网站 1234qec0m 六年级学生屄 波谷桐原 爆操巨乳妈妈 阿v天堂2012关于苍井空的视频 淫秽的我 官场艳情纪莜竹 少妇性交图25p