Re: Clustering.

[Guillem Jover]

Hi!

On Wed, 2014-07-09 at 22:03:22 +0100, Steven Chamberlain wrote:
 On 08/07/14 13:58, Thomas Martin wrote:
  NB: output of cluster-glue's compilation (I delete iproute and
  iputils-ping from build-depends):
  ipcsocket.c: In function 'socket_verify_auth':
  ipcsocket.c:2569:3: error: #error No credential type found!

 We don't have FreeBSD's getpeereid because that's implemented in their
 libc.  We do have ucred capabilities though, which have been used in the
 past, see http://people.debian.org/~jcristau/kbsd-peercred.diff

We do have getpeereid() on all Debian ports by way of libbsd, along
many other BSD-native APIs, as I've mentioned in the past.

Thanks,
Guillem


-- 
To UNSUBSCRIBE, email to debian-bsd-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140711155509.ga25...@pulsar.hadrons.org

Re: Bug#754513: ITP: libressl -- SSL library, forked from OpenSSL

[Steven Chamberlain]

This is good to see already :)

I expect it builds fine on GNU/Linux, with GCC and Clang, unless
hardening options are used, then these warnings would be treated as errors:

 In file included from md5/md5_locl.h:98:0,
  from md5/md5_dgst.c:60:
 md5/md5_dgst.c: In function 'md5_block_data_order':
 ./md32_common.h:237:66: warning: right-hand operand of comma expression has 
 no effect [-Wunused-value]
  #  define HOST_c2l(c,l) ((l)=*((const unsigned int *)(c)), (c)+=4, l)
   ^
 md5/md5_dgst.c:107:2: note: in expansion of macro 'HOST_c2l'
   HOST_c2l(data,l); X( 0)=l;  HOST_c2l(data,l); X( 1)=l;
   ^

 ./md32_common.h:213:41: warning: right-hand operand of comma expression has 
 no effect [-Wunused-value]
  l|=(((unsigned long)(*((c)++)))),  \
  ^
 sha/sha256.c:245:3: note: in expansion of macro 'HOST_c2l'
HOST_c2l(data,l); T1 = X[0] = l;  ROUND_00_15(0,a,b,c,d,e,f,g,h);
^

We'd want to configure with --disable-silent-rules, if debhelper scripts
don't already do that.

Compiling on GNU/kFreeBSD is possible (and potentially GNU/Hurd) but
requires the attached patch *and* a solution for getentropy:

1. try to use getentropy_linux.c - but would have to disable use of
Linux-specific sysctls and headers;  it is dangerous to rely on only
/dev/random, so we should implement replacement sysctls to use on
FreeBSD - that could be a bit messy

2. create a new getentropy_freebsd.c - but seems silly as FreeBSD itself
does not need it (see solution 3);  also does not help GNU/Hurd

3. (my preference) link with libbsd, which already provides a
arc4random_buf and so getentropy is not needed at all - WARNING: the
libbsd arc4random implementation still uses RC4 at the moment (as on
FreeBSD), but OpenBSD has already changed it to use ChaCha20 (see Bug
#747671);  we'd also want to make sure libbsd's entropy gathering is at
least as robust as in getentropy_linux.c

Regards,
-- 
Steven Chamberlain
ste...@pyro.eu.org
--- configure.orig	2014-07-11 18:42:02.0 +0100
+++ configure	2014-07-12 01:26:15.064409115 +0100
@@ -2915,7 +2915,7 @@
 		TARGET_OS=darwin;
 		LDFLAGS=$LDFLAGS -Qunused-arguments
 		;;
-	*linux*)
+	*linux* | *gnu*)
 		TARGET_OS=linux;
 		CFLAGS=$CFLAGS -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE
 		;;