Re: question about man starttls and linking to cert.pem
Thanks, that had me confused when I read it, so I just ignored it. Glad to know I did, as in didn't, do what it suggested except once. Chris Bennett
Re: question about man starttls and linking to cert.pem
freda_bundc...@nym.hush.com wrote: > Description: > man starttls says one can link a new certificate to cert.pem with > ln -s /etc/ssl/mail.example.com.crt /etc/ssl/cert.pem if one does not > intend That entire section seems dumb and outdated. I would prefer we simply not give any advice here. Users can figure out what they need to do. Installing the public cert needs to be done on many other machines, not just the one where it's generated. Index: starttls.8 === RCS file: /home/cvs/src/share/man/man8/starttls.8,v retrieving revision 1.26 diff -u -p -r1.26 starttls.8 --- starttls.8 27 Jun 2018 05:39:02 - 1.26 +++ starttls.8 11 Aug 2019 02:20:01 - @@ -102,18 +102,6 @@ with the following command: .Pp .Dl # openssl x509 -in /etc/ssl/mail.example.com.crt -text .Pp -If you don't intend to use TLS for authentication (and if you are using -self-signed certificates you probably don't) you can simply link -your new certificate to -.Pa cert.pem : -.Pp -.Dl # ln -s /etc/ssl/mail.example.com.crt /etc/ssl/cert.pem -.Pp -If, on the other hand, you intend to use TLS for authentication -you should add your certificate authority bundle to -.Pa /etc/ssl/cert.pem -(or whatever your software expects). -.Pp Because the private key files are unencrypted, MTAs can be picky about using tight permissions on those files. The certificate directory and the files therein should be
question about man starttls and linking to cert.pem
Synopsis:man starttls linking new certificate to cert.pem problem Category:documentation Environment: System : OpenBSD 6.5 Details : OpenBSD 6.5-current (GENERIC.MP) #184: Wed Aug 7 21:37:16 MDT 2019 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP Architecture: OpenBSD.amd64 Machine : amd64 Description: man starttls says one can link a new certificate to cert.pem with ln -s /etc/ssl/mail.example.com.crt /etc/ssl/cert.pem if one does not intend but link will fail since /etc/ssl/cert.pem exists already How-To-Repeat: man starttls I apologize, maybe it's not an error at all, so I'm writing to misc instead of bugs. I don't understand why one create this link, and I haven't been able to find an explanation on the lists or elsewhere. Any explanation would be greatly appreciated. The reason I am asking about it is that I am forwarding all mail from one server to another using starttls and opensmtpd, and it works fine with tls no-verify without creating the link to cert.pem. Also, if one does create the link (perhaps backing up cert.pem first) then sysupgrade will fail since it expects the original cert.pem. Also if running unbound, one would need to use the original cert.pem (or whatever it was renamed to) if using tls-bundle and DNS-over-TLS, I think.
Re: USB speakers, no sound
On Sat, Aug 10, 2019 at 07:58:14PM +, Doug Moss wrote: > no sound from USB speakers > > dmesg: > azalia0 at pci0 dev 27 function 0 "Intel 6 Series HD Audio" rev 0x05: msi > azalia0: codecs: Realtek ALC888, Intel/0x2805, using Realtek ALC888 > audio0 at azalia0 > ... > uhub5 at uhub3 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" > rev 2.00/0.00 addr 2 > uaudio0 at uhub5 port 7 configuration 1 interface 1 "Ten X Technology, Inc. > USB AUDIO" rev 1.10/1.87 addr 3 > uaudio0: class v1, full-speed, sync, channels: 2 play, 0 rec, 3 ctls > audio1 at uaudio0 > uhidev1 at uhub5 port 7 configuration 1 interface 2 "Ten X Technology, Inc. > USB AUDIO" rev 1.10/1.87 addr 3 > uhidev1: iclass 3/0 > uhid0 at uhidev1: input=1, output=0, feature=0 > > > configuration: > /etc/rc.conf.local: > sndiod_flags="-m play -f rsnd/1 -f rsnd/0" > > > audioctl -f /dev/audioctl0: > name=azalia0 > mode=play,record > pause=0 > active=0 > nblks=2 > blksz=4416 > rate=44100 > encoding=s16le > play.channels=2 > play.bytes=0 > play.errors=0 > record.channels=2 > record.bytes=0 > record.errors=0 > > > audioctl -f /dev/audioctl1: > name=uaudio0 > mode= > pause=0 > active=0 > nblks=2 > blksz=960 > rate=48000 > encoding=s16le > play.channels=2 > play.bytes=0 > play.errors=0 > record.channels=2 > record.bytes=0 > record.errors=0 > > aucat -f rsnd/0 -i song.wav > plays fine > > aucat -f rsnd/1 -i song.wav > generates nothing > Hi, Does it exit or it just plays silence? If it plays silence, while it's playing could you do: audioctl -f /dev/audioctl1; sleep 1; audioctl -f /dev/audioctl1 and send me the output. Then could you send me the output of: mixerctl -f /dev/mixer1
USB speakers, no sound
no sound from USB speakers dmesg: azalia0 at pci0 dev 27 function 0 "Intel 6 Series HD Audio" rev 0x05: msi azalia0: codecs: Realtek ALC888, Intel/0x2805, using Realtek ALC888 audio0 at azalia0 ... uhub5 at uhub3 port 1 configuration 1 interface 0 "Intel Rate Matching Hub" rev 2.00/0.00 addr 2 uaudio0 at uhub5 port 7 configuration 1 interface 1 "Ten X Technology, Inc. USB AUDIO" rev 1.10/1.87 addr 3 uaudio0: class v1, full-speed, sync, channels: 2 play, 0 rec, 3 ctls audio1 at uaudio0 uhidev1 at uhub5 port 7 configuration 1 interface 2 "Ten X Technology, Inc. USB AUDIO" rev 1.10/1.87 addr 3 uhidev1: iclass 3/0 uhid0 at uhidev1: input=1, output=0, feature=0 configuration: /etc/rc.conf.local: sndiod_flags="-m play -f rsnd/1 -f rsnd/0" audioctl -f /dev/audioctl0: name=azalia0 mode=play,record pause=0 active=0 nblks=2 blksz=4416 rate=44100 encoding=s16le play.channels=2 play.bytes=0 play.errors=0 record.channels=2 record.bytes=0 record.errors=0 audioctl -f /dev/audioctl1: name=uaudio0 mode= pause=0 active=0 nblks=2 blksz=960 rate=48000 encoding=s16le play.channels=2 play.bytes=0 play.errors=0 record.channels=2 record.bytes=0 record.errors=0 aucat -f rsnd/0 -i song.wav plays fine aucat -f rsnd/1 -i song.wav generates nothing Any thoughts/advice are welcome Thanks
Re: Question regarding wi-fi card support
Thanks for the headsup. I am aware of the limitations and the manpage/Network FAQ gave me a lot of needed info. But I wanted the "best" possible experience for the few times where I really need wi-fi to work. And while the FAQ lists all the supported drivers my experience is, that the drivers change so often from model to model that I lose track most of the time. So when I can get some first hand experience I am glady taking it. As a sidenot, this is the first ever Thinkpad that didn´t work "out of the box" with OpenBSD. Only thing left for the E485 now is the lid closed -> wakeup "problem" but that´s something I can dig into by myself and if everything fails, I wait for Theo to get it working on his one. have a nice weekend and thanks for all the replies, Fabian ___ Always exit with 42 to return the answer. ‐‐‐ Original Message ‐‐‐ On Saturday, August 10, 2019 11:50 AM, Tony Boston wrote: > keep in mind that iwm(4) doesn’t have 802.11ac functionality > > from the manpage: > The iwm driver does not support any of the 802.11ac capabilities offered > by the adapters. Support for 802.11n 40MHz channels and Tx aggregation > is not yet implemented. Additional work is required in ieee80211(9) > before those features can be supported. > > just so you know > > I stumbled upon this when I installed OpenBSD on a few thinkpads with those > chips built-in and was wondering why I couldn’t connect to my 2nd home network > > -- > > Tony > > GPG-FP: 49CC8250 CDCF2183 6209C1AE 625677C1 F7783D5F > Threema: DN8PJX4Z > > > On 9. Aug 2019, at 15:32, Timothy Brown tbr...@freeshell.org wrote: > > On Thu, Aug 08, 2019 at 09:30:20PM +, flauenroth wrote: > > > > > I am in the need for a proper wi-fi solution for my Lenovo E485. > > > > I've replaced the original one in my work Dell XPS13 with: > > iwm0 at pci2 dev 0 function 0 "Intel Dual Band Wireless AC 8260" rev 0x3a, > > msi > > iwm0: hw rev 0x200, fw ver 16.242414.0, > > It's M.2 card, works well. > > Tim signature.asc Description: OpenPGP digital signature
Re: SIGBUS in flightgear / qt / libexpat
Apologies, it turns out that flightgear is in ports. I'm afraid i didn't think to check as i'd never seen mention of OpenBSD in the various flightgear lists. Thanks to Bodie and Zé for emailing me about this, and apologies again for the noise. I'm going to have a look at the ports build, flightgear-2016.3.1p4, and see whether i can make it build a later flightgear. Thanks, - Jules On Sat, 10 Aug 2019 13:55:54 +0100 Julian Smith wrote: > I've been trying to build and run the open source flight simulator > flightgear (https://flightgear.org) on OpenBSD. > > Slightly to my surprise, getting it to build wasn't too difficult. > > But i'm getting a SIGBUS at early on at runtime in code called by Qt. > > I'm unsure how to go about investigating this, so i wonder whether > anyone here might have come across something similar? > > Here's some info from gdb: > > Backtrace: > > Program received signal SIGBUS, Bus error. > [Switching to thread 412399] > 0x07f0523be1a4 in __llvm_retpoline_r11 () from /usr/lib/libexpat.so.12.0 > Current language: auto; currently minimal > (gdb) bt > #0 0x07f0523be1a4 in __llvm_retpoline_r11 () from > /usr/lib/libexpat.so.12.0 > #1 0xfffaf8fe in ?? () > #2 0x07f0523c1241 in XML_ParseBuffer (parser=Variable "parser" is not > available. > ) at /usr/src/lib/libexpat/lib/xmlparse.c:1740 > #3 0x07f0ee63c4ba in IA__FcConfigParseAndLoad (config=0x7f073cbbe00, > name=0x0, complain=1) > at > /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fcxml.c:3350 > #4 0x07f0ee641497 in FcInitLoadOwnConfig (config=0x7f073cbbe00) at > /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fcinit.c:80 > #5 0x07f0ee641730 in IA__FcInitLoadConfigAndFonts () at > /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fcinit.c:160 > #6 0x07f0ee635edc in FcConfigInit () at > /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fccfg.c:46 > #7 0x07f0c4c82891 in QFontconfigDatabase::populateFontDatabase () from > /usr/local/lib/qt5/libQt5XcbQpa.so.1.2 > #8 0x07f107348bc5 in _ZL12initializeDbv () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #9 0x07f107349821 in QFontDatabase::findFont () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #10 0x07f10734ae74 in QFontDatabase::load () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #11 0x07f10730ae65 in QFontPrivate::engineForScript () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #12 0x07f10733f75f in QFontMetricsF::leading () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #13 0x07f10752c843 in qt_format_text () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #14 0x07f10752fb3d in qt_format_text () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #15 0x07f10733eab6 in QFontMetrics::boundingRect () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #16 0x07f10733eb83 in QFontMetrics::size () from > /usr/local/lib/qt5/./libQt5Gui.so.2.2 > #17 0x07f056f07b3e in QPushButton::sizeHint () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #18 0x07f056ca1c4e in QWidgetItemV2::updateCacheIfNecessary () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #19 0x07f056ca2319 in QWidgetItemV2::maximumSize () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #20 0x07f056c892df in QBoxLayoutPrivate::setupGeom () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #21 0x07f056c8a6c7 in QBoxLayout::sizeHint () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #22 0x07f056c8a726 in non-virtual thunk to QBoxLayout::sizeHint() const > () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #23 0x07f056c9ac2c in QLayout::totalSizeHint () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #24 0x07f056cc7438 in QWidget::sizeHint () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #25 0x07f056ca1c4e in QWidgetItemV2::updateCacheIfNecessary () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #26 0x07f056ca2259 in QWidgetItemV2::minimumSize () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #27 0x07f056c962ac in QGridBox::minimumSize () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #28 0x07f056c904cc in QGridLayoutPrivate::setupLayoutData () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #29 0x07f056c914e0 in QGridLayoutPrivate::findSize () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #30 0x07f056c91853 in QGridLayoutPrivate::minimumSize () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #31 0x07f056c93fbe in QGridLayout::minimumSize () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #32 0x07f056c9aae6 in QLayout::totalMinimumSize () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #33 0x07f056c9a440 in QLayout::activate () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #34 0x07f056cc6c90 in QWidget::setVisible () from > /usr/local/lib/qt5/./libQt5Widgets.so.2.2 > #35 0x07f056f99e70 in QDialog::setVisible () from > /usr/loca
SIGBUS in flightgear / qt / libexpat
I've been trying to build and run the open source flight simulator flightgear (https://flightgear.org) on OpenBSD. Slightly to my surprise, getting it to build wasn't too difficult. But i'm getting a SIGBUS at early on at runtime in code called by Qt. I'm unsure how to go about investigating this, so i wonder whether anyone here might have come across something similar? Here's some info from gdb: Backtrace: Program received signal SIGBUS, Bus error. [Switching to thread 412399] 0x07f0523be1a4 in __llvm_retpoline_r11 () from /usr/lib/libexpat.so.12.0 Current language: auto; currently minimal (gdb) bt #0 0x07f0523be1a4 in __llvm_retpoline_r11 () from /usr/lib/libexpat.so.12.0 #1 0xfffaf8fe in ?? () #2 0x07f0523c1241 in XML_ParseBuffer (parser=Variable "parser" is not available. ) at /usr/src/lib/libexpat/lib/xmlparse.c:1740 #3 0x07f0ee63c4ba in IA__FcConfigParseAndLoad (config=0x7f073cbbe00, name=0x0, complain=1) at /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fcxml.c:3350 #4 0x07f0ee641497 in FcInitLoadOwnConfig (config=0x7f073cbbe00) at /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fcinit.c:80 #5 0x07f0ee641730 in IA__FcInitLoadConfigAndFonts () at /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fcinit.c:160 #6 0x07f0ee635edc in FcConfigInit () at /usr/xenocara/lib/fontconfig/src/../../../dist/fontconfig/src/fccfg.c:46 #7 0x07f0c4c82891 in QFontconfigDatabase::populateFontDatabase () from /usr/local/lib/qt5/libQt5XcbQpa.so.1.2 #8 0x07f107348bc5 in _ZL12initializeDbv () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #9 0x07f107349821 in QFontDatabase::findFont () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #10 0x07f10734ae74 in QFontDatabase::load () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #11 0x07f10730ae65 in QFontPrivate::engineForScript () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #12 0x07f10733f75f in QFontMetricsF::leading () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #13 0x07f10752c843 in qt_format_text () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #14 0x07f10752fb3d in qt_format_text () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #15 0x07f10733eab6 in QFontMetrics::boundingRect () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #16 0x07f10733eb83 in QFontMetrics::size () from /usr/local/lib/qt5/./libQt5Gui.so.2.2 #17 0x07f056f07b3e in QPushButton::sizeHint () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #18 0x07f056ca1c4e in QWidgetItemV2::updateCacheIfNecessary () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #19 0x07f056ca2319 in QWidgetItemV2::maximumSize () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #20 0x07f056c892df in QBoxLayoutPrivate::setupGeom () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #21 0x07f056c8a6c7 in QBoxLayout::sizeHint () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #22 0x07f056c8a726 in non-virtual thunk to QBoxLayout::sizeHint() const () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #23 0x07f056c9ac2c in QLayout::totalSizeHint () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #24 0x07f056cc7438 in QWidget::sizeHint () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #25 0x07f056ca1c4e in QWidgetItemV2::updateCacheIfNecessary () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #26 0x07f056ca2259 in QWidgetItemV2::minimumSize () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #27 0x07f056c962ac in QGridBox::minimumSize () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #28 0x07f056c904cc in QGridLayoutPrivate::setupLayoutData () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #29 0x07f056c914e0 in QGridLayoutPrivate::findSize () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #30 0x07f056c91853 in QGridLayoutPrivate::minimumSize () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #31 0x07f056c93fbe in QGridLayout::minimumSize () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #32 0x07f056c9aae6 in QLayout::totalMinimumSize () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #33 0x07f056c9a440 in QLayout::activate () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #34 0x07f056cc6c90 in QWidget::setVisible () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #35 0x07f056f99e70 in QDialog::setVisible () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #36 0x07f056cc5bb4 in QWidget::show () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 #37 0x07f056f9919f in QDialog::exec () from /usr/local/lib/qt5/./libQt5Widgets.so.2.2 Die: DW_TAG_ (abbrev = 96, offset = 86893594) has children: FALSE attributes: DW_AT_type (DW_FORM_ref4) constant ref: 86886052 (adjusted) Dwarf Error: Cannot find type of die [in module /home/jules/flightgear/download_and_compile1/install/flightgear/bin/fgfs] (gdb) Threads: (gdb) info threads 7 thread 164008 futex () at -:3 6 thread 558994 futex () at -:3 5 thread 487113 _
Re: Question regarding wi-fi card support
keep in mind that iwm(4) doesn’t have 802.11ac functionality from the manpage: The iwm driver does not support any of the 802.11ac capabilities offered by the adapters. Support for 802.11n 40MHz channels and Tx aggregation is not yet implemented. Additional work is required in ieee80211(9) before those features can be supported. just so you know I stumbled upon this when I installed OpenBSD on a few thinkpads with those chips built-in and was wondering why I couldn’t connect to my 2nd home network -- Tony GPG-FP: 49CC8250 CDCF2183 6209C1AE 625677C1 F7783D5F Threema: DN8PJX4Z > On 9. Aug 2019, at 15:32, Timothy Brown wrote: > > On Thu, Aug 08, 2019 at 09:30:20PM +, flauenroth wrote: >> I am in the need for a proper wi-fi solution for my Lenovo E485. > > I've replaced the original one in my work Dell XPS13 with: > > iwm0 at pci2 dev 0 function 0 "Intel Dual Band Wireless AC 8260" rev 0x3a, msi > iwm0: hw rev 0x200, fw ver 16.242414.0, > > It's M.2 card, works well. > > Tim >
httpd not logging tls handshake failed if 'tls client ca ' used
Hi, I was playing with CloudFlare Authenticated Origin Pulls, ie. httpd configured with 'client ca "/etc/ssl/cloudflare_origin_pull.crt"' (ie. to allow only tls request from specific tls client) and I see httpd is not logging anything by default into either access.log or error.log. (But the feature itself works ok.) But it's logging if run in debug mode 'httpd -d -': ---%>--- server_tls_handshake: tls handshake failed - handshake failed: error:140360C7:SSL routines:ACCEPT_SR_CERT:peer did not return a certificate server tls_default, client 1 (1 active), 199.195.251.62:18922 -> 176.74.139.218:443, tls handshake failed ---%<--- Is this expected behavior? # sysctl kern.version kern.version=OpenBSD 6.5-current (GENERIC) #176: Thu Aug 8 21:28:09 MDT 2019 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
