On Thu, May 10, 2018 at 9:44 AM, Gary E. Miller via devel
wrote:
> Yo Udo!
>
> On Thu, 10 May 2018 17:30:05 +0200
> Udo van den Heuvel via devel wrote:
>
> > I built ntpsec 1.1.0 for the first time on the Feddora 28 platform.
> > I noticed that they want to
On Wed, May 30, 2018, 1:05 PM Hal Murray via devel wrote:
> One of the key areas that I'm missing is the plans for deployment. Are we
> intending to use the normal certificate distribution mechanism as used by
> the
> web? That depends on time. Is there a way around that? Do we need our
>
On Jan 6, 2018 1:27 AM, "Hal Murray via devel" wrote:
after waf has built it.
And/or where should I look to find that info?
'man man' or 'pinfo pinfo' reaveals that the respective programs have
command line options -l and -f
___
On Jan 3, 2018 5:23 AM, "Ian Bruene via devel" wrote:
>
> We are on track to merging the solution in !615, if you have objections
> please state them *soon*, together with a patch that fixes the problem. We
> are rapidly approaching the planned mid-January 1.1 date.
>
> To snip
On Wed, Feb 14, 2018 at 12:46 PM, Hal Murray via devel
wrote:
> I think we answer mode 0 as a client mode. It's probably some legacy
> stuff.
>
IIRC there never was a mode 0. In NTP0 those bits were reserved and set to
0.
Mode bits did not show up until NTP1. Before that the
On Feb 17, 2018 10:49 PM, "Hal Murray via devel" wrote:
What do people recommend for a GUI package to use with python?
I want to plot a graph of something and update it in real time by scrolling
all the old data to make room for the new samples as they arrive.
Google suggests
a patch that seems to resolve it on my system. presumably, it also
reintroduces 'the Unicode issue'. Also, it does not document the change.
Also I need to work on my mailing list nettiqutte.
0001.patch
Description: Binary data
___
devel mailing list
On Thu, Aug 9, 2018, 5:55 AM Udo van den Heuvel via devel
wrote:
> Hello,
>
> Why is NTP in uppercase?
>
> statistics directory /var/NTP/ does not exist or is unwriteable, error
> No such file or directory
>
Probably because someone typod it wrong in another commit.
'NTP' is contained in neither
It looks like that particular section of code dates back at least 19 years.
It's in ntpd/ntp_util.c:54 grep also reveals that it is in the
documentation for ntpd.
___
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
On Sun, Aug 12, 2018 at 5:50 PM Gary E. Miller via devel
wrote:
> I'll be happy if we can get a copy of his code.
>
old(?) kernel (etc) patches for linux:
https://gitlab.cs.fau.de/snippets/28/raw?inline=false
& freebsd: https://gitlab.cs.fau.de/snippets/29/raw?inline=false
incompatible refclock
On Fri, Aug 24, 2018, 5:11 PM Hal Murray via devel wrote:
> > Did the history rewriting trash the notes or something?
>
> Thanks. That's the hint I needed.
>
> I think I created a note (whatever they are) ages ago when I was trying to
> fix
> a typo in a commit comment.
>
>
> I had skipped the
On Thu, Nov 1, 2018 at 8:29 AM Udo van den Heuvel via devel <
devel@ntpsec.org> wrote:
> Hello,
>
> After the recent commits I get:
>
> [259/261] Processing build/main/tests/test_libparse
> [260/261] Processing build/main/tests/test_ntpd
> [261/261] Processing build/main/tests/test_libntp
> a2x:
Temporarily fixed in !831 until IERS breaks it again. The cause was not
printf as I supposed in #512 but instead the sed on the preceding line.
JamesB192
On Tue, Oct 30, 2018 at 5:23 PM Michael Simpson via devel
wrote:
> Hi Folks,
>
> got this output from latest ntpleapfetch with the newly
On Mon, Nov 5, 2018 at 9:38 PM Hal Murray via devel
wrote:
>
> fallenpega...@gmail.com said:
> > The distros have gotten used to pushing tzdata every 6 months.
> > If we could get the leapsecond data into that package, it would be
> ideal.
>
> It's already in the package they send to IANA and on
On Sun, Nov 4, 2018, 2:47 PM Hal Murray via devel
> "function" seems not to work in sh scripts.
>
> I doubt if ntpleapfetch ever worked. I don't use it. This showed up with
> the
> bin_check addition. (Thanks!)
>
> Anybody recognize this?
>
> FreeBSD:
>
> [murray@ted3 ~/ntpsec/play]$
On Fri, Sep 28, 2018 at 3:42 PM Hal Murray via devel
wrote:
>
> The recent ftp=>https change to ntpleapfetch also changed the host from
> NIST
> to IETF.
>
> -LEAPSRC="ftp://ftp.nist.gov/pub/time/leap-seconds.list;
> +LEAPSRC="https://www.ietf.org/timezones/data/leap-seconds.list;
>
> The IETF
On Fri, Sep 21, 2018, 1:07 AM Sanjeev Gupta via devel
wrote:
> Paul,
>
> Personally, I find 25kg, 50ppm, 3m, more readable; but that is neither
> here nor there.
>
> My concern is that the space between "25" and "kg" should be
> non-breaking. Else, readability suffers badly. How do you do this
Ian Bruene via devel :
> I'm told that there is a document written by the resident crypto expert
> describing NTS. Does anyone have it? We might need to see it if we are
> planning on implementing what is in it you know...
The latest draft I see is at
On 1/18/19, Eric S. Raymond via devel wrote:
> While I think I get exactly why JamesB192 unleashed ditaa on the flow
> diagram in nts.adoc, I think it's overkill for this use. One of the
> possible futures for this document includes large parts of it becoming
> the header comment in a file named
I have an HTML/SVG render of a modified devel/nts.adoc at:
http://www.jamesb192.com:8001/james/nts.html
The source in in MR !894 at:
https://gitlab.com/NTPsec/ntpsec/merge_requests/894
I would appreciate it if people would look at it and provide constructive
criticism about the content. The
On Mon, Jan 14, 2019, 12:30 PM Gary E. Miller via devel Yo Hal!
>
> On Mon, 14 Jan 2019 12:19:09 -0800
> Hal Murray via devel wrote:
>
> > When the NTP server is returning new cookies to the client, they are
> > encrypted so that a spy can't track the client if it moves to a new
> > IP Address
On Mon, Jan 21, 2019, 9:20 AM Achim Gratz via devel Hal Murray via devel writes:
> >> My thought about how to enable NTS for the pool would involve requiring
> a SRV
> >> record lookup for NTS-KE
> >
> > That SRV lookup could return multiple names. Each would point to a
> separate
> > NTS-KE
On Wed, Jan 23, 2019, 12:18 PM Hal Murray via devel
> Gary said:
> > I'm getting an odd build error on one of my hosts. Ideas?
>
> I asked about the same quirk yesterday evening. No responses.
>
> What OS/Distro are you using?
>
> I've seen it on NetBSD and FreeBSD. I thought I had one on
On Thu, Jan 17, 2019, 5:54 PM Hal Murray via devel
> Ian Bruene said:
> > NTS-KE needs cookie generation because it has to render onto the client
> the
> > initial cookie stock.
>
> Right. But it doesn't actually have to generate them itself. It could
> also
> get them from the NTP-server.
>
>
On Sat, Jan 19, 2019, 2:50 PM Richard Laager via devel
> neither is set:
>
> For a pool, behave as "nonts" (because the common pool case is a public
> pool with volunteer servers that will not be able to present a valid
> certificate for the pool).
Actually, I think I came up with a way to NTS
On Sat, Jan 19, 2019, 5:35 PM Hal Murray via devel
> > My thought about how to enable NTS for the pool would involve requiring
> a SRV
> > record lookup for NTS-KE
>
> That SRV lookup could return multiple names. Each would point to a
> separate
> NTS-KE server.
>
> An alternative approach would
On Sat, Jan 19, 2019, 4:30 PM Hal Murray via devel
> > The NTS-KE servers would have to share NTS master keys (and cookie
> formats!)
> > with volunteer NTP servers.
>
> If you are interested in security, sharing a master key with many servers
> seems like a bad idea - too many opportunities for
On Wed, Jan 23, 2019, 3:07 AM Hal Murray via devel
> I'm thinking of updating INSTALL and/or devel/hacking.adoc to say
> something
> about pthreads and OpenSSL.
>
> If we did away with shared key authentication, we could potentially do
> away
> with needing libcrypto. Aside from authentication,
On Tue, Dec 11, 2018, 3:00 AM Hal Murray via devel
> I don't know why I didn't figure this out ages ago, but ...
>
> It's in a separate package rather than the main python package.
>
> Should we rip out the test for python curses? That makes curses a
> requirement
> for a clean build.
>
> Or are
On Mon, Dec 17, 2018, 12:48 PM Hal Murray via devel
> I noticed another example.
>
> When we fixed install to skip ntpmon when it couldn't find curses, the
> previous ntpmon was left installed.
>
> After installing curses, the old ntpmon --version would happily print out
> the
> current version
On Fri, Nov 30, 2018 at 11:09 AM Hal Murray via devel
wrote:
> It works if I change function foo to foo ()
>
> Who is working on ntpleapfetch? Can I push a fix without stepping on WIP?
>
I was in !831, haven't worked on it for a while now as I think I had it
ready for merge.
On Sun, Dec 9, 2018, 10:27 PM Hal Murray via devel
> The only ntp-ism I can find is the version string. (and the name)
>
>
> Context is an error message on a system that doesn't have gpsd installed.
> It's not in our bin-check, but is in one of my old scripts.
>
I think because it started out
On Mon, Sep 17, 2018, 10:34 AM Eric S. Raymond via devel
wrote:
> Apologies for the daelay on this. Blame it on the Venusian Death Flu.
>
> We have several tasks in front of us on NTPsec. I want to get some
> consensus from the tech team, and a strategy call from Mark, on how to
>
On 1/27/19, Eric S. Raymond via devel wrote:
> I expect this module to be used by ntpd and a small ntske server
> daemon. Because I don't believe incremental code is coing to be an
> issue in any of our deployments, I've chosen an organization that
> minimizes the exposed API and keeps both
On Sun, Mar 31, 2019, 4:47 PM Richard Laager via devel
wrote:
> On 3/31/19 5:07 AM, Achim Gratz via devel wrote:
> > So yes, injecting the trust anchor(s) to use for a specific set of
> > NTS-KE would be the easier option.
>
> How about this:
>
> 1) Add a root=file (or dir?) option. This
On 4/2/19, Gary E. Miller via devel wrote:
> And in the case of ostfalia, I only could get their root cert becuase I
> was talking to the guy. Much more common case is I just have the end
> cert.
so, the file http://nts1-e.ostfalia.de/homePi/CLIENT/rootCaBundle.pem
is not it then. I thought
On Wed, Mar 20, 2019 at 6:30 PM Gary E. Miller via devel
wrote:
> Yo All!
>
> Something recently broke in NTPsec when using Python 3.6:
I thought I got that bug with a4453ee5a4 "Fix polyglot library for Python3
on NetBSD".
Where did you see that? I tried to repro on Gentoo and could not.
It
On Wed, Mar 6, 2019, 10:15 AM Achim Gratz via devel
wrote:
> In a nutshell, SIGHUP is already taken, but USR1 and USR2 are still
> available. Thte idea is that one of these does the equivalent of
> re-configuring via ntpq or a restart without loss of internal state (as
> far as possible).
>
On Sat, Mar 16, 2019 at 11:33 AM Achim Gratz via devel
wrote:
>
> As already briefly mentioned on IRC, the way the mode 6 messaging was
> changed to do no filtering at all anymore doesn't really work nicely.
> To wit here are two otherwise identical systems, one with and the other
> without
On 3/6/19, Hal Murray via devel wrote:
>
> Where should we put the file used to store the key used to make cookies? It
>
> gets read at startup and updated daily.
>
> Fedora and Debian put things like that in /var/lib/ntp/
> NetBSD and FreeBSD put them in /var/db/ntp/
>
> There used to be a
I had a reason for structuring nts_lib the way I did. It was mostly
because I have the wrong ideas about what I am doing. Most of the
variables that could reasonably be needed and some that are are in the
structs. I was trying (incorrectly) to make the code thread-safe.
Anyway, not that I seem to
On 2/8/19, Hal Murray via devel wrote:
> OpenSSL doesn't support what we need yet.
>
> Daniel has code that does.
> https://github.com/dfoxfranke/libaes_siv
> It doesn't build on NetBSD and gets warnings on FreeBSD.
It gets warnings on Linux as well. But I'm guessing the variables 'block'
of
On 2/16/19, Hal Murray via devel wrote:
> This is the can't find library problem when run with Python 3.
>
::snip::
> File "/home/murray/ntpsec/play/wafhelpers/bin_test.py", line 74, in run
> addLog("PINK", "Expected: " + breg)
> TypeError: can only concatenate str (not "bytes") to str
It
On 2/9/19, Hal Murray via devel wrote:
>>> IANA maintains one. That's what we use on the wire. It's started in
>>> RFC 5116. RFC 5297 covers the case we want. The magic number is 15.
>
>> I don't want magic numbnbers in config files.
>
> Then please write some code that translates
On Wed, Feb 13, 2019, 2:30 PM Hal Murray via devel Amy reason to allow or prohibit them?
>
I think allowing them would simplify the pool case I proposed a while back,
but it is less likely to be a problem due to letsencrypt.
JamesB192
>
___
devel
On 2/13/19, Gary E. Miller via devel wrote:
> Yo James!
>
> On Wed, 13 Feb 2019 14:36:38 -0800
> James Browning via devel wrote:
>
>> On Wed, Feb 13, 2019, 2:30 PM Hal Murray via devel > wrote:
>>
>> > Amy reason to allow or prohibit them?
>> >
>
On Thu, Feb 14, 2019, 2:24 PM Eric S. Raymond via devel Daniel Franke :
> > You probably don't want to auto-pull the latest HEAD every time it gets
> an
> > update; only releases get the full battery of QA. Note I'll probably be
> > stamping a release this weekend since the last release from two
On 2/5/19, Eric S. Raymond via devel wrote:
> Hal Murray :
>>
>> > 2. Put together client-side NTS support. This mainly means filling in
>> >ntpd/nts.c, as I have already written required the hooks into the
>> >protocol machine.
>>
>> We need code to generate cookies. And test code to
On 2/19/19, Eric S. Raymond via devel wrote:
> Hal Murray :
>> The thing that gripes me about ntp_control is that for each of the tables
>>
>> mentioned above, there are actually 3 parallel tables and they are a long
>> way
>> apart so a pain to update. Maybe if we just interlaces the #defines
On 1/29/19, Gary E. Miller via devel wrote:
> Yo Hal!
>
> On Tue, 29 Jan 2019 02:38:26 -0800
> Hal Murray via devel wrote:
>
>> The complicated case is when we want to specify the IP Address. How
>> about: server ntp.example.com nts 1.2.3.4
>> or
>> server ntp.example.com nts bob.example.com
On 1/30/19, Hal Murray via devel wrote:
>
> Gary said:
>> Great, the python library mismatch code works:
>> Library/Binary version mismatch
>> Binary: ntpsec-1.1.3+ 2019-01-30T21:25:37Z (git rev ab0ea27cf)
>> Library: ntpsec-1.1.3+ 2019-01-30T21:20:27Z (git rev ab0ea27cf)
>
> What did
On 1/31/19, Gary E. Miller via devel wrote:
> Yes. But not done. It likely broke the current Gentoo NTPsec ebuild
> for git head.
I have a patch for that.
--- a/net-misc/ntpsec/ntpsec-1.1.2.ebuild
+++ b/net-misc/ntpsec/ntpsec-1.1.2.ebuild
@@ -28,11 +28,11 @@ NTPSEC_REFCLOCK=(
shm pps
On 2/2/19, Gary E. Miller via devel wrote:
> Yo James!
>
> On Sat, 2 Feb 2019 13:04:25 -0800
> James Browning via devel wrote:
>
>> > > But if no packets are lost, C2S and S2C will be used forever.
>> >
>> > Yeah, bad.
>>
>>
>> W
On Sat, Feb 2, 2019, 12:46 PM Gary E. Miller via devel Yo Hal!
>
> On Sat, 02 Feb 2019 12:36:10 -0800
> Hal Murray via devel wrote:
>
> > But there is another pair of keys: C2S and S2C. They are used to
> > authenticate and encrypt traffic between client and server. There is
> > no explicit
On 2/2/19, Gary E. Miller via devel wrote:
> Yo James!
>
> On Sat, 2 Feb 2019 13:44:12 -0800
> James Browning via devel wrote:
>
>> >> What you almost need is a cookie extension to trigger a rekeying
>> >> periodically.
>> >
>> > Ye
On 1/30/19, Gary E. Miller via devel wrote:
> Yo James!
>
> On Wed, 30 Jan 2019 14:57:15 -0800
> James Browning via devel wrote:
>
>> as of commit 88430fb7d1 "raise SystemExit(1) on version mismatch" this
>> is what happens when you have multiple version
On Wed, Apr 10, 2019, 4:47 PM Hal Murray via devel wrote:
>
> I just updated the NTS code to include a Copyright, copied from another
> module.
>
> If this isn't appropriate, please tell me what it should be.
>
> /*
> * nts_cookie.c - Network Time Security (NTS) cookie processing
> * Copyright
On Wed, Apr 10, 2019, 3:01 PM Hal Murray via devel wrote:
>
> g...@rellim.com said:
> > I would go further and say that order matters not at all. What matters
> is to
> > start both as root. Depending on whether I am working on gpsd of ntpd I
> will
> > just keep restarting the one I am
On Thu, Jul 11, 2019, 1:19 PM Hal Murray via devel wrote:
>
> Description : flatpak is a system for building, distributing and running
> : sandboxed desktop applications on Linux. See
> : https://wiki.gnome.org/Projects/SandboxedApps for more
> :
On Sat, Jun 29, 2019, 2:06 PM Hal Murray wrote:
>
> jamesb.f...@gmail.com said:
> > It builds on the Windows Subsystem for Linux but does not currently run,
> > something about missing adjtimex support. I can't say anything definite
> about
> > mingsys, cygwin or native.
>
> Thanks.
>
> Does
On Wed, Aug 14, 2019 at 7:56 PM Mark Atwood, Project Manager via devel <
devel@ntpsec.org> wrote:
> Can OnCore be supported by gpsd?
>
Probably, it was discussed a bit in bug 608 on the tracker before the
discussion moved here.
And while I also like removing code, we've removed a lot, and I'm
On Thu, Aug 15, 2019 at 9:14 AM Eric S. Raymond wrote:
> James Browning via devel :
> > And while I also like removing code, we've removed a lot, and I'm not
> > > instantly adverse to giving the hobbyests a command option to handle
> > > wraparound on their old hardwa
On Mon, Aug 19, 2019 at 6:49 PM Gary E. Miller via devel
wrote:
> Yo Matthew!
>
> On Tue, 20 Aug 2019 01:42:50 +
> Matthew Selsky wrote:
>
> > I'm not sure why Dan's fork of the repo doesn't have jobs enabled...
>
> Every MR I have looked at on gpsd and ntpsec.
>
I am not a member of
On Sun, Aug 18, 2019 at 5:27 PM Hal Murray via devel
wrote:
>
> e...@thyrsus.com said:
> > That's covered. In the page on NTPsec changes:
> > * Broadcast- and multicast modes, which are impossible to
> > secure, have been removed.
>
> I was looking for more information. Why can't we secure
On Tue, Aug 20, 2019 at 11:43 AM James Browning
wrote:
> On Tue, Aug 20, 2019 at 10:55 AM Gary E. Miller via devel <
> devel@ntpsec.org> wrote:
>
>> Yo Achim!
>>
>> On Tue, 20 Aug 2019 19:52:07 +0200
>> Achim Gratz via devel wrote:
>>
>> > Gary E. Miller via devel writes:
>> > > I just pushed
On Fri, Aug 23, 2019 at 9:11 PM Hal Murray via devel
wrote:
>
> > Has anybody seen anything like this before?
> > Assuming "no", I'll try bisecting tomorrow.
>
> My attempt at bisecting hit a brick wall. I backed up many months and it
> still fails.
>
> I guessed that something strange had
On Mon, Aug 26, 2019, 8:02 PM Hal Murray via devel wrote:
>
> How do I tell waf to fail on warnings?
>
> I'm trying to use this to detect which API I'm getting.
>
> STRERROR_FRAG = """
> #include
> int main(void) {
> char buf [100];
> const char *foo = strerror_r(6, buf, sizeof(buf));
>
On Sun, Aug 25, 2019 at 3:49 PM Hal Murray via devel
wrote:
> I think it should be fixed for the release, but I don't know how to do it.
>
> There used to be code in the msyslog processing that handled %m if it
> wasn't
> included in the local printf. I'm guessing it was removed to eliminate
>
On Fri, Aug 23, 2019 at 9:43 AM Sanjeev Gupta via devel
wrote:
> We need a point release. Significant things that have happened recently:
>
>
>- The g and G suffixes
>- Removal of neoclock4x
>- Some doc changes
>- The ALPN change
>
> The last is critical, it throws into doubt all
On Fri, Aug 23, 2019, 9:43 AM Sanjeev Gupta via devel
wrote:
> We need a point release. Significant things that have happened recently:
>
>
>- The g and G suffixes
>- Removal of neoclock4x
>- Some doc changes
>- The ALPN change
>
> The last is critical, it throws into doubt all
On Fri, Aug 23, 2019 at 12:41 PM Eric S. Raymond wrote:
> James Browning via devel :
> > AFAICT issues 599 and 566 still affect FreeBSD.
>
> Not urgent, IMO. In particular, I'm now fweeking more pressure to get
> the NTS fix out.
>
Then they can wait. Sanjeev pointed ou
On Mon, Sep 2, 2019 at 4:11 AM Hal Murray via devel
wrote:
>
> I missed some uses of strerror_r() in the ISC routines.
>
> I think all uses of UNEXPECTED_ERROR should switch to msyslog
> Then we can delete include/isc_error.h and libntp/isc_error.c
>
It is done (badly) in merge request !1029
On Wed, Aug 28, 2019 at 5:24 PM Eric S. Raymond via devel
wrote:
> Sanjeev Gupta :
> > Eric, there is a incompatibility break, so could we do 1.2.0 , please?
>
> Mark's call. I beliecew he's considering shipping 1.2.0 shortly after.
My impression is that he is waiting for the IETF and IANA to
On Wed, Sep 11, 2019 at 7:43 PM Hal Murray via devel
wrote:
>
> Any openssl command line wizards?
>
Probably, not me though.
> What do I type to find out when my certificate expires? We should make a
> script that can be called from cron.
>
generally something like the following works
-- Forwarded message -
From: James Browning
Date: Mon, Sep 16, 2019 at 4:07 PM
Subject: Re: Future directions
To: Mark Atwood
On Mon, Sep 16, 2019 at 3:24 PM Mark Atwood via devel
wrote:
> On Mon, Sep 16, 2019, at 14:09, Hal Murray via devel wrote:
> > I think we should put
While working on a script[1], I stumbled across this issue. the cmd.Cmd
class does not call its precmd function from its onecmd function in
either Python 2.7 or 3.6. I see several possible paths forward.
1. Ignore the issue and hope it goes away.
2. Report it upstream.
3. Change over to
On Tue, Sep 17, 2019 at 1:23 PM Richard Laager wrote:
> On 9/16/19 6:08 PM, James Browning via devel wrote:
> > - additions to the DNS code to allow non-A/ pools. (cname/srv
> probably)
>
> Is it not following CNAMEs already? I haven't checked.
>
No, it seems not
I have set up a branch replacing the current Python version-specific
ntp.ntpc with a language-agnostic foreign function interface stub point
and a version agnostic Python ntp.ntpc using cytpes.
On build, it produces a single shared library 'libntp.so' in the ntpd
sub^n-directory and a now neat
On Mon, Jul 15, 2019, 5:15 PM Hal Murray via devel wrote:
>
> tenterl...@gmail.com said:
> > I come from a scientific background, where we compare results somewhat as
> > analog values. If the test result is off the expected by 1000%, that's
> bad.
> > If it's off 1%, better. If the error is
On Sat, Sep 21, 2019, 12:55 PM Paul Theodoropoulos via devel <
devel@ntpsec.org> wrote:
> Just a quick note, as I'm vetting all my installations - after running
> './waf configure --refclock=all', followed by './waf install', all of the
> applications in main/ntpclients are installed - except
On Mon, Nov 4, 2019, at 5:23 PM Richard Laager via devel
wrote:
> Each of these names (N.debian.pool.ntp.org) resolves to only 4 IPs.* The
> four of them resolve to (mostly) non-overlapping IPs. In other words, if
> I resolve only one name, I get 4 IPs, but if I resolve all four names, I
> get
After looking at devel/HACKING, I do not see a policy on including
external python modules.
The came up because I have a merge request (!1044), which adds support
for RIPEMD160, SHA-1, and AES128CMAC. The CMAC implementation currently
requires the pycryptodome[1] module.
If external modules are
On Mon, Dec 9, 2019, 11:35 AM Hal Murray via devel wrote:
>
> I haven't seen that mail recently.
>
I do not know. Quick bit of googling found
https://docs.gitlab.com/ee/user/project/integrations/emails_on_push.html
which might be related.
>
___
devel
On Sat, Oct 26, 2019, at 8:24 PM Hal Murray wrote:
>
> > I do not have access to a copy of POSIX and the SuSv2 seems to have SHM
> > support.
>
> You can probably get what you need from man pages. Try man shm_overview
There are links in the documentation that I should have read before
The length of the SHM construct appears to date back to 1997 at that
time according to Wikipedia only four processor architectures had
64-bit address spaces. I have no information on the prevalence of
64-bit processors. However, I think it is reasonable to assume that
the integers of that time
On Sun, Nov 24, 2019, at 12:12 AM Hal Murray via devel
wrote:
>
> Mark Atwood said:
> > On the other other other hand, can we have a Python binding on the C
> crypto
> > routines that ntpd uses?
>
I'd probably prefer a generic FFI module with a ctypes wrapper
but yes probably.
> The ntpd code
On Sun, Nov 24, 2019, 6:08 AM Udo van den Heuvel via devel
wrote:
> On 24-11-2019 15:01, Eric S. Raymond wrote:
> > Udo van den Heuvel :
> >> I have an M8N on order, would that be compatible enough to this driver?
> >> If so: I could help test etc.
> >
> > That can't hurt - they speak the same
On Mon, Nov 25, 2019 at 3:15 PM Sanjeev Gupta via devel
wrote:
> From: docs/driver_shm.adoc
>
> Is the first paragraph still required, if it doesn't apply to current
> nrpsec?
>
> And I cant parse the second paragraph, especially the first line. What
> should I use? Not the ancient method,
On Wed, Sep 25, 2019, at 3:22 AM Richard Laager via devel
wrote:
> At work, I have two NTP servers. They are part of the pool, with both
> IPv4 and IPv6.
>
> Internally, my systems use my NTP servers (marked with prefer) and the
> pool to provide additional sources. As is typical, ntpd prefers
On Tue, Feb 25, 2020, at 1:37 PM Eric S. Raymond wrote:
>
> James Browning via devel :
> > Is there anything preventing the possibility of an early looser
> > seccomp setup and then tightening it later possibly with a knob
> > to generate terse or verbose w
On Fri, Feb 28, 2020 at 3:26 AM Hal Murray via devel wrote:
>
> Lots of handwaving here.
:::snip:::
> Can we break the current ntpd blob into smaller chunks? How about:
> NTP server
> NTP client
> NTS-KE server
> ntpq client
I think you mean mode 6/7 server there. It might also be a
On Sat, Jan 11, 2020, at 1:03 AM Hal Murray wrote:
> > The current symmetric auth scheme requires a not-an-extension which is
> > (formerly 10) 20 or 24 bytes of an essentially unidentifiable binary blob.
> > to
> > check for it, you either need a length for the authenticated stream or walk
> >
On Sun, Feb 2, 2020, at 3:49 PM Gary E. Miller via devel
wrote:
>
> Yo Jason!
>
> On Sun, 02 Feb 2020 16:44:25 -0500
> Jason Azze via devel wrote:
>
> > It looks like the --enable-doc waf configuration option was removed
> > in the commit "Add support for other asciidoc processors". Was there
>
On Sun, Feb 2, 2020 at 7:27 PM Eric S. Raymond via devel
wrote:
> Richard Laager via devel :
> > On 2/2/20 3:44 PM, Jason Azze via devel wrote:
> > > It looks like the --enable-doc waf configuration option was removed in
> > > the commit "Add support for other asciidoc processors". Was there any
On Mon, Feb 17, 2020 at 5:02 PM Hal Murray via devel wrote:
> See issue #642
> https://gitlab.com/NTPsec/ntpsec/issues/642
As handwaved the patch.
From b0b7f7b6016076c7204468cd15888eb1085782b0 Mon Sep 17 00:00:00 2001
From: James Browning
Date: Tue, 18 Feb 2020 10:32:53 -0800
Subject: [PATCH]
On Sat, Feb 22, 2020, at 6:40 PM Hal Murray wrote:
>
> Looks like the second test is backwards. It's printing the message on a
> system where pipefail works.
>
> if (set -o pipefail) 2>/dev/null
> then
> echo "### Old sh - no pipefail"
> echo "### We can't test for errors during build"
>
On Mon, Jan 13, 2020 at 10:40 PM Hal Murray wrote:
:::snip:::
> > Any particular distro anyone wants it to run on? j/k
>
> The idea is NOT to run it as part of a normal checkin, but have something in
> addition that could be triggered manually or by the equivalent of a cron job.
> I'm thinking of
The current symmetric auth scheme requires a not-an-extension which is
(formerly 10) 20 or 24 bytes of an essentially unidentifiable binary
blob. to check for it, you either need a length for the authenticated
stream or walk backward in the packet to see if the text matches a
symmetric
On Mon, Jan 13, 2020 at 5:58 PM Eric S. Raymond via devel
wrote:
>
> Hal Murray via devel :
> > A year or 2 ago, I put together a script to test as many build time options
> > as
> > I thought reasonable. It's in ./tests/option-tester.sh
> >
> > Does anybody other than me use it?
>
> I've run
Not much. Every distro seems to have its' tool. Most in Linux space
seem to use iptables although nftables is IMO better.
On Fri, Dec 27, 2019, at 12:31 AM Hal Murray via devel wrote:
> I recently setup a new system (Fedora) to replace a box that had died and
> thought it was working OK. Then I
1 - 100 of 250 matches
Mail list logo