[PATCH] change diff return value on xcalloc failure

[Daniel Dickman]

The diff(1) man page (and posix) specify the following as exit values:

   0   No differences were found.
   1   Differences were found.
   1  An error occurred.

So I think the patch below is needed.



Index: xmalloc.c
===
RCS file: /usr/cvs/src/usr.bin/diff/xmalloc.c,v
retrieving revision 1.2
diff -u -r1.2 xmalloc.c
--- xmalloc.c   7 Jun 2009 08:39:13 -   1.2
+++ xmalloc.c   16 Jul 2010 08:22:29 -
@@ -41,12 +41,12 @@
void *ptr;
 
if (size == 0 || nmemb == 0)
-   errx(1, xcalloc: zero size);
+   errx(2, xcalloc: zero size);
if (SIZE_MAX / nmemb  size)
-   errx(1, xcalloc: nmemb * size  SIZE_MAX);
+   errx(2, xcalloc: nmemb * size  SIZE_MAX);
ptr = calloc(nmemb, size);
if (ptr == NULL)
-   errx(1, xcalloc: out of memory (allocating %lu bytes),
+   errx(2, xcalloc: out of memory (allocating %lu bytes),
(u_long)(size * nmemb));
return ptr;
 }

Re: Adding support for Camellia on OpenSSH.

[Dries Schellekens]

2010/7/18 Yoshisato YANAGISAWA yanagis...@csg.is.titech.ac.jp:

 other people use it shows that the algorithm is well-tested.
 I know AES is also approved cipher of NESSIE.  However, I see some reasons
 to believe Camellia is better than AES.
 - Full spec. Camellia 128bits, 192bits, and 256bits are not broken yet.
  While, AES-192 is logically broken. [1]

All these related key attacks against AES are rather irrelevant in
practice. OpenSSH does not use a contrived scheme to derive a new
session key from the previous session keys.

 - More compact hardware implementation. [2]
 - Run faster under small amount of memory. [2]

A lot of platforms have hardware acceleration for AES, but not for
Camellia. A good recent example is Intel AES-NI.


Best regards,

Dries

Re: Adding support for Camellia on OpenSSH.

[Damien Miller]

On Mon, 19 Jul 2010, Yoshisato YANAGISAWA wrote:

 OpenBSD has already included Camellia source code as a part of OpenSSL.  It is
 disabled by default, though.
 At the time OpenSSL included Camellia, NTT had shown following news release:
 http://www.ntt.co.jp/news/news01e/0104/010417.html
 
 NTT also announced that their Camellia implementation also becomes open source
 distributed under BSDL, GPL, and so on:
 http://www.ntt.co.jp/news/news06e/0604/060413a.html
 
 Are there any problems?

We won't add Camellia until we update OpenSSL (no point in having multiple
library version cranks), I'll take a look at it then.

-d

Meet.Learn.Grow. - Cincinnati - TOMORROW

[AddressTwo]

Meet.Learn.Grow. Cincinnati.  July 20th, 9:00 - 11:00 AM


Last Chance to Register! 
Tickets are free, but pre-registration is required.
Meet.Learn.Grow - Cincinnati is a business networking event being held on July 
20th from 9-11 AM at Champps Americana in West Chester.  If you are a business 
owner in the Cincinnati-area, don't miss this opportunity to meet other 
professionals, learn The Influence of Marketing from our featured speaker 
Nick Carter, and grow both personally and professionally. 



Featured Speaker:
Nick Carter, President  CEO of AddressTwo
Nick Carter is the creator and president of AddressTwo, a software company that 
provides small businesses with tools and processes to manage their sales and 
marketing. Nick will present a simple methodology for deepening your influence 
via marketing and sales tactics.
What is Meet.Learn.Grow. All About?
Meet.Learn.Grow. is the mission of Rainmakers.  Founded in Indianapolis in 
2002, Rainmakers is a business-to-business professional networking organization 
committed to helping people connect, develop and grow.  As the nations fastest 
growing business networking organization with over 1500 members, Rainmakers has 
doubled in size every year for the past 8 years. So come grow with us!
 

More Details  http://www.ne16.com/t/12972853/645243910/54106477/0/  |  Register 
to Attend  http://www.ne16.com/t/12972853/645243910/54106478/0/
When: July 20th, 9-11 AM
Where: Champps Americana
  9424 Civic Centre Blvd
  West Chester, OH 45069
Cost: FREE OF CHARGE
Reserve Your Ticket Today:
  http://www.ne16.com/t/12972853/645243910/54106478/0/
Tickets are FREE, but space is limited, so be sure to reserve your seat.

Presented By:
 
  http://www.ne16.com/t/12972853/645243910/44693/0/
Rainmakers Marketing Group | 7208 N. Dobson, Indianapolis, IN 46268





This email was sent to t...@openbsd.org. To stop receiving emails from this 
user, Powered By:   
'http://www.ne16.com/u?id=645243910.e106bd26ed5c7b838114b1b3c3083897n=Tl=a2-ncarter-m51y2008m8-m51y2008m8o=12972853'unsubscribe.

Re: DNSSEC and OpenBSD default BIND

[Thordur I Bjornsson]

On Sun, Jul 18, 2010 at 07:45:28PM +0200, Denis Fondras wrote:
 Hello all,
 
 I'm doing some testing with DNSSEC now that root are signed but it
 seems BIND-9.4.2-P2 (provided with OpenBSD 4.7) is not able to load
 the trust-anchor :
 
 Jul 18 19:35:22 rb600a named[11605]: loading configuration from
 '/etc/named.conf'
 Jul 18 19:35:22 rb600a named[11605]: /etc/named.conf:38: configuring
 trusted key for '.': algorithm is unsupported
 Jul 18 19:35:22 rb600a named[11605]: reloading configuration failed: failure
 
 And if I use the DLV anchor, domains under .org TLD are not
 reachable (because, if I understand correctly, the key is signed
 with RSASHA1-NSEC3-SHA1 and Bind-9.4 doesn't support it).
Whoopsy!

 Is there any plan to upgrade BIND in the next release ?
Generally, in OpenBSD things are not planned like this, it so happens
that someone, finds the time and does the update, then he tests, and
tests, and well tests some more; hopefully, otherwise well, err. things
don't work and a certain canadian starts screaming his head off [My ears
are ringing right now, as I didn't test enough! so don't take my advise
very seriously :].

Then it gets reviewed, and then hopefully commited.

 Or should I get used to the idea of upgrading all my existing and
 future servers with a newer version manually ?
Hey! What about this: If you are able to do that, you must be one smart
kid so how about you do the heavy lifting of merging the next release
into what is now in OpenBSD's base system, preserving the local changes
and generally being carefull.

Then you can test it.

Then you can use the power of cvs log, figure out what guys and gals have
been dabbling in that area, then send them the diff, then you push, prodd
cry and scream; then it gets reviewed, then hopefully someone, maybe you
who knows gets it commited and we'll all be happy for a while. Until it
has to be done all over again.

The source is out there, fresh on an anoncvs near you (well, fresh; It
used to stink a whole bunch more, but tedu removed some of the more rancid
bits. Think of it like a hot dog, its damn tasty but you seriosuly do not
want know whats in it).

Vi, patch, diff and friends don't cost you a dime; I'm waiting for a diff,
as I'd love to run with DNSSEC as it is totally leet.

Have fun!
thib.

Re: DNSSEC and OpenBSD default BIND

[Martin Pelikán]

 And if I use the DLV anchor, domains under .org TLD are not
 reachable (because, if I understand correctly, the key is signed
 with RSASHA1-NSEC3-SHA1 and Bind-9.4 doesn't support it).

You're lucky that an error raised for you. I had to stop using DNSSEC
because of misinterpretation NSEC3 too, but it took us about day of
debugging to find the actual cause why was it trying to resolve some
weird md5 hashes :)

If you write the diff, it will be highly appreciated (I gave up for
lack of time).

-- 
Martin Pelikan

右腦圖像學習法讓你屬價學會只要1600元http://urloid.com/yahoo29, check out this site!

[Math.com]

Hello e3heee-8g?f3h.d= 
e1,e9e-8fe*h
1600ehttp://urloid.com/yahoo29, 



I found free information on undefined at Math.com. Check it out!

The URL is: 1

E-Mail me at jdi...@yahoo.com and let me know what you think.

- e3heeh(f6f3g62g+



**Please Note**

This email was sent by e3heeh(f6f3g62g+ jdi...@yahoo.com while 
visiting the Math.com website. If this email was sent in error, we apologize. 
Your email address will not be used for marketing purposes.

Math.com - The World of Math Online (http://www.math.com)

Free math homework help, free math lessons, math formulas, cool interactive 
math and more. Find math books, software and classroom materials at the 
Math.com Store.

Re: Adding support for Camellia on OpenSSH.

[Theo de Raadt]

 Free software you can't modify is not free software.

This is totally true.  We've been here before.

Please get this situation resolved.

Re: Adding support for Camellia on OpenSSH.

[STeve Andre']

On Monday 19 July 2010 18:26:15 Ted Unangst wrote:
 On Sun, Jul 18, 2010 at 11:14 AM, Yoshisato YANAGISAWA

 yanagis...@csg.is.titech.ac.jp wrote:
  Not to mention there are software patent claims againt camellia. That's
  a no go right there.
 
  OpenBSD has already included Camellia source code as a part of OpenSSL. 
  It is disabled by default, though.
  At the time OpenSSL included Camellia, NTT had shown following news

 release:
  http://www.ntt.co.jp/news/news01e/0104/010417.html
 
  NTT also announced that their Camellia implementation also becomes open
  source distributed under BSDL, GPL, and so on:
  http://www.ntt.co.jp/news/news06e/0604/060413a.html
 
  Are there any problems?

 The first link says Caution: This statement is valid only for
 implementing Camellia, EPOC, PSEC, and ESIGN, respectively, as is, and
 does not permit modification of said algorithms.

 The second link says you no longer need to apply to get a license, but
 still restricts it to only people using Camellia.

 Free software you can't modify is not free software.

That's especially galling for software where there are real security
considerations: suppose you find a flaw in the algorithm--you can't
fix it?

Gag.

-- 
STeve Andre'
Disease Control Warden
Dept. of Political Science
Michigan State University

A day without Windows is like a day without a nuclear incident.

Re: Adding support for Camellia on OpenSSH.

[Ted Unangst]

On Mon, Jul 19, 2010 at 8:22 PM, Joerg Sonnenberger
jo...@britannica.bec.de wrote:
 On Mon, Jul 19, 2010 at 06:37:21PM -0400, STeve Andre' wrote:
 On Monday 19 July 2010 18:26:15 Ted Unangst wrote:
  Free software you can't modify is not free software.

 Algorithm != implementation (== software).

 That's especially galling for software where there are real security
 considerations: suppose you find a flaw in the algorithm--you can't
 fix it?

 You mean like Debian fixed the usage of uninitialized variables in
 OpenSSL? In the cryptographic community the need to fix an algorithm
 is generally considered a good sign to stay away from the algorithm
 completely. Can you name a case where an algorithm was fixed and the
 result was actually a stronger algorithm? Avoiding weak keys for example
 is not a modification of an algorithm, it is just a more specific choice
 of choosing random keys. I am talking about actually modifying the
 encryption algorithm.

 Side note: the complain is also pointless because a modified algorithm
 wouldn't be interoperable anyway, making the point mood as well.

Bullshit.  If blowfish had come with such retarded no-modification
terms, we wouldn't have the bcrypt password hashing scheme we use
today.

Re: Adding support for Camellia on OpenSSH.

[Joerg Sonnenberger]

On Mon, Jul 19, 2010 at 09:02:35PM -0400, Ted Unangst wrote:
 On Mon, Jul 19, 2010 at 8:22 PM, Joerg Sonnenberger
 jo...@britannica.bec.de wrote:
  On Mon, Jul 19, 2010 at 06:37:21PM -0400, STeve Andre' wrote:
  On Monday 19 July 2010 18:26:15 Ted Unangst wrote:
   Free software you can't modify is not free software.
 
  Algorithm != implementation (== software).
 
  That's especially galling for software where there are real security
  considerations: suppose you find a flaw in the algorithm--you can't
  fix it?
 
  You mean like Debian fixed the usage of uninitialized variables in
  OpenSSL? In the cryptographic community the need to fix an algorithm
  is generally considered a good sign to stay away from the algorithm
  completely. Can you name a case where an algorithm was fixed and the
  result was actually a stronger algorithm? Avoiding weak keys for example
  is not a modification of an algorithm, it is just a more specific choice
  of choosing random keys. I am talking about actually modifying the
  encryption algorithm.
 
  Side note: the complain is also pointless because a modified algorithm
  wouldn't be interoperable anyway, making the point mood as well.
 
 Bullshit.  If blowfish had come with such retarded no-modification
 terms, we wouldn't have the bcrypt password hashing scheme we use
 today.

And where excatly does bcrypt modify the Blowfish algorithm? Of course,
it greatly helps to prove your point that the description of the
algorithm in the source is generic for any ECB algorithm...

Joerg

création de l'application entreprise

[Antoine LAURENT - AM Groupe]

 Vous pouvez aussi remplir le formulaire de prise de contact en cliquant ICI







  Toutes les marques cities sont diposies par leurs propriitaires respectifs,
AM Entertainment Groupe n'agit pas pour le nom ou pour le compte des iditeurs
ou fabriquants mais pour son propre compte.