Re: httpd: proposed patch to add TLS client certificate support

2017-03-30 Thread Jan Klemkow
Hi Jack, I'm not a developer (just a contributor), but I worked on httpd client certs a year ago, too. (https://marc.info/?t=14528592613=1=2) I got a private response from a developer, who had an own similar diff in preparation. He told me that is better to name configuration option

Re: sync root.mail

2017-03-30 Thread Jeremie Courreges-Anglas
Marc Espie writes: > On Wed, Mar 29, 2017 at 09:40:32PM +0200, Christian Weisgerber wrote: >> Antoine Jacoutot: >> >> > Why not just: >> > >> > # pkg_add -v rsync chromium emacs--no_x11 >> > >> > So we don't have to change it each release? >> >> Because people won't let

httpd/libtls: TLS client certificate revocation checking

2017-03-30 Thread Jack Burton
Earlier this evening I proposed a patch that adds support for requiring/verifying TLS client certificates to httpd. See my last post. But that only solves half the problem (checking that the client cert was issued by a locally-trusted CA and has not yet expired). The other (and in my opinion

httpd: proposed patch to add TLS client certificate support

2017-03-30 Thread Jack Burton
One of our sites has a need to require/verify TLS client certs, without the overhead & complexity of apache / nginx, etc. OpenBSD's httpd seemed the obvious candidate, and I figured that the feature would be useful to others too -- see attached diff for an initial implementation. Of course,

Re: sync root.mail

2017-03-30 Thread Marc Espie
On Wed, Mar 29, 2017 at 09:40:32PM +0200, Christian Weisgerber wrote: > Antoine Jacoutot: > > > Why not just: > > > > # pkg_add -v rsync chromium emacs--no_x11 > > > > So we don't have to change it each release? > > Because people won't let Emacs 21 die. > > Ambiguous: choose package for

Re: sync root.mail

2017-03-30 Thread Martijn van Duren
On 03/30/17 08:55, Otto Moerbeek wrote: > On Thu, Mar 30, 2017 at 06:44:37AM +, Miod Vallat wrote: > > Ambiguous: choose package for emacs--no_x11 > a 0: > 1: emacs-21.4p37-no_x11 > 2: emacs-25.1p3-no_x11 > Your choice: Time to choose

Re: sync root.mail

2017-03-30 Thread Otto Moerbeek
On Thu, Mar 30, 2017 at 06:44:37AM +, Miod Vallat wrote: > >> > Ambiguous: choose package for emacs--no_x11 > >> > a 0: > >> > 1: emacs-21.4p37-no_x11 > >> > 2: emacs-25.1p3-no_x11 > >> > Your choice: > >> > >> Time to choose another package? > > > > I think in this

Re: sync root.mail

2017-03-30 Thread Miod Vallat
>> > Ambiguous: choose package for emacs--no_x11 >> > a 0: >> > 1: emacs-21.4p37-no_x11 >> > 2: emacs-25.1p3-no_x11 >> > Your choice: >> >> Time to choose another package? > > I think in this case choice is good. Indeed, but why aren't vim-no_x11 packages listed as