On Thu, 8 Jul 1999, David O'Brien wrote:
> > todays current breaks in build of libgcc
>
> Since libgcc/Makefile hasn't been touched since April, me thinks
> something else is going on in your environment.
>
> > ===> gnu/lib/libgcc
> > c++ -O2 -mpentium -fpcc-struct-return -ffast-math -fno-stre
On Sun, 11 Jul 1999, Jordan K. Hubbard wrote:
> > Q: I want to use this cool piece of software that's in the FreeBSD
> > ports system. But I can't build it on my 3.x-stable system.
> >
> > Why not?
>
> A. Likely because someone running only on a -current box last committed
>a cha
On Mon, 19 Jul 1999, Nik Clayton wrote:
> docs/7791 is of the opinion that ipf(1) should be moved to ipf(8), to
> (among other things) be consistent with ipfw(8).
>
> Anyone care to comment one way or the other?
Definitely.
Kris
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscri
I've got myself two processes which can't be gotten rid of by SIGKILL:
kkenn 92724 32.0 0.8 5736 356 ?? RN6:25PM 136:52.96 kvt -T Terminal -
kkenn 1103 0.0 0.0 5740 388 ?? TWN - 0:00.00 (kvt)
(kvt is the KDE 1.1.1 xterm)
I am able to trigger this by attempting to past
On Sat, 24 Jul 1999, Kevin Day wrote:
> For one, do another 'ps' with the 'l' option, so you can see what it's stuck
> on.
UID PID PPID CPU PRI NI VSZ RSS WCHAN STAT TT TIME COMMAND
1000 1103 1086 29 75 20 5740 384 - TWN ??0:00.00 (kvt)
1000 1109 1103 0 4
On Sat, 24 Jul 1999, Kevin Day wrote:
> > > For one, do another 'ps' with the 'l' option, so you can see what it's stuck
> > > on.
> >
> > UID PID PPID CPU PRI NI VSZ RSS WCHAN STAT TT TIME COMMAND
> > 1000 1103 1086 29 75 20 5740 384 - TWN ??0:00.00 (kvt)
> >
On Sun, 25 Jul 1999, Greg Lehey wrote:
> > The tcsh listed below that is a zombie of the running kvt.
>
> There aren't any zombies here.
Right, they'd show up as 'Z' in the state field, I'd guess.
> > This seems to be more of a kvt bug than a freebsd bug. :)
>
> I don't see that either. T
On Sun, 25 Jul 1999, Amancio Hasty wrote:
> while you are at it try to compile a kernel with symbols ...
I already have (this is my standard practice). What should I do with it
here?
Kris
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the mes
On Fri, 20 Aug 1999, Mete Balci wrote:
> I have some questions for distribution. I have started to download freebsd
> 3.2-current via ftp but it seems to be huge. I think it will be 2 CD.
> First, how do I have to split it to 2 CDs ? which dirs will going to first
> and which to second CD ? Secon
On Mon, 27 Dec 1999, Emre wrote:
> Not really. All my other boxes (NetBSD/OpenBSD) run -current so I'm
> used to be on the "bleeding edge" I figured it would be enabled
> by default, since FreeBSD promises to be _the_ Server O/S.
Please see http://www.freebsd.org/handbook/cutting-edge.html#CUR
On Sun, 26 Dec 1999, Randy Bush wrote:
> mkdep -f .depend -a
>-I/usr/src/kerberosIV/lib/libkadm/../../../crypto/kerberosIV/include
>-I/usr/obj/usr/src/kerberosIV/lib/libkadm/../../include
>-I/usr/src/kerberosIV/lib/libkadm/../../../crypto/kerberosIV/lib/krb
>-I/usr/src/kerberosIV/lib/libka
On Mon, 3 Jan 2000, Andrew Sherrod wrote:
> Do you know which version is shipping with FreeBSD 3.4?
http://www.freebsd.org/ports/mail.html
says elm-2.4ME+61
Kris
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
On Tue, 4 Jan 2000, Matthew Dillon wrote:
> genassym is now in /usr/src/usr.bin/genassym, compile and install that
> then try your make again. The one in the local compile directory is
> still being used for other things (and not compatible with the one
> in /usr/src/usr.bin/ )
One of my Western Digital Caviars doesn't work under the new ATA driver:
upon trying to access the disk (via swapon or mount during boot) it gives
the famous "lost contact with disk" message and falls back to PIO mode.
Interestingly, my two older WDCs work fine - although I notice that ad1
and ad2
On Wed, 5 Jan 2000, Soren Schmidt wrote:
> The disk probably has problems with DMA mode (lots of older WD disks
> has that). You only get WDMA2 mode since you controller is an older
> Intel PIIX that can't do UDMA...
Hmm..This disk was bought in about March 99..you're sure that's the
reason?
Kr
Tomorrow I plan to remove the support for SHA1 passwords from libcrypt:
this was (re-)added silently by Mark Murray a few months ago as part of a
cleanup/re-merging of the libcrypt code, and he's already okayed the
re-removal.
The reason I want to remove this is because I intend to reimplement
li
As warned yesterday, I've just removed the ability for libcrypt to
understand SHA-1 passwords. This was present but undocumented in the tree
for the past few months and was removed so it can be reimplemented
properly as part of a revamped libcrypt at a later date. Anyone who was
actually making us
On Fri, 7 Jan 2000, Etienne De Bruin wrote:
> When compiling 3.4-RELEASE I find that whilst linking in src/bin/csh,
> the linker complains about not finding the following symbols:
And this has exactly what to do with FreeBSD 4.0-CURRENT?
Kris
To Unsubscribe: send mail to [EMAIL PROTECTED]
wi
On Thu, 6 Jan 2000, Boozy wrote:
> How are the implementation of IPv6 in FreeBSD 4.0? Is it available? Is it
> stable?
It's in the process of being integrated, and is therefore still
incomplete. It's hoped that by the time of 4.0-RELEASE (not long away) it
will be fully functional. If you need a
On Sun, 9 Jan 2000, Leif Neland wrote:
> Kernel build stops with "Don't know how to make sha1.c".
> sha was removed a few days ago, a "heads up" said.
Different instance - that was just SHA1-format passwords.
Kris
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-curr
On Mon, 10 Jan 2000, Marcel Moolenaar wrote:
> The format used for mkstemp has been changed (4 chars. longer). Does the
> following patch work?
Sorry, but FWIW I did test the change by recompiling cvs (which uses yacc)
before I committed it :( I guess it was just the gods of stack which
allowed
In addition to my lost contact problems with the ATA driver and one of my
WDC drives, my CDROM no longer works properly under the new
drivers. Accessing the drive causes excessive pauses and seems to chew
lots of CPU in the kernel: the system becomes very sluggish with about 4
or 5 seconds to resp
On Tue, 11 Jan 2000 [EMAIL PROTECTED] wrote:
> At least from the January 9 after 'cvsup',
> 'make buildworld','make installworld', 'make & install kernel'
> I can't 'kldload linux'. 'Kldload" says:
Probably one of these is not up to date, or is out of sync. I had this
problem yesterday whe
On Tue, 11 Jan 2000, Donn Miller wrote:
> I figured I'd address these two issues in one posting here. First of
> all, does anyone work with Mozilla by checking out the source code by
> anon cvs? One of the build stages does a "cvs co" when you do gmake
They should use cvs -R to do it read-only
On Fri, 14 Jan 2000, Vladimir B. Grebeschikov wrote:
> while I am do 'mount_cd9660 /dev/acd0c /m/cd'
> system compleatly holds, no core, no panic - hold (may be deadloop in
> kernel mode ?)
Does it freeze completely, or just for a long time? I see something very
similar, but mine unwedges after
On Sat, 15 Jan 2000, Kris Kennaway wrote:
> Support RSA via RSAref. This autodetects the RSAref package, and if it
> is not found, compiles without RSA.
Openssl should now be fully functional for both US and international users
- please report any problems you have in using it to m
Bruce tells me there were good reasons why patch won't be upgraded
("downgraded") from 2.1 to 2.5 - it was already tried once and reverted.
Should we blow away /usr/src/contrib/patch if it's never going to be used?
Kris
"How many roads must a man walk down?"
"Eight!"
"That was a rhetorical
In order to know whether or not to build the patent-restricted RSA code,
the openssl build needs to look at the value of USA_RESIDENT, which isn't
set by default. If this value is unset, or anything other than 'NO'[*], it
assumes the user is in the USA and doesn't build the RSA code (or uses
RSAre
On 17 Jan 2000, Satoshi - Ports Wraith - Asami wrote:
> Should I add some stuff to handle the differences in bsd.port.mk (like
> we did with perl5)?
It may be useful - although there are a lot of inconsistencies in how the
openssl ports look for it. Dirk Froemberg was going to help with this -
I
On Mon, 17 Jan 2000, Robert C. Noland III wrote:
> You have a libcrypto in /usr/local/lib which was not compiled with
> rsaref. When it reaches out to get rsaref, it also picks up the
> libcrypto and libssl from /usr/local/lib rather than the build tree.
> Move them out of the way...
I figured
On Mon, 17 Jan 2000, Jim Bloom wrote:
> Add lynx-ssl to the list of ports which are broken on current. This was
> as of Jan. 16 at 14:00 EST cvsup of ports and source followed by a make
> world.
Well, that makes a list of one. Can you provide more information (e.g. a
transcript?) Are you using
Unless anyone objects I'm going to bump OSVERSION tonight to provide a
cutoff for whether or not openssl is available in the base system. Ports
need to behave differently in either case..
Kris
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical
[Cross-posting to -current because I would like some feedback about the
last paragraph - namely how to test for RSA capability]
How about the following:
1) I bump OSVERSION due to the (potential) presence of openssl in the base
system.
2) We add a USE_OPENSSL knob to bsd.port.mk which tests for
On Mon, 17 Jan 2000, David O'Brien wrote:
> Due to the concequence involved, you really do need to check for 'NO',
> 'YES', and "other". Rather than combining 'YES' and "other".
You're suggesting not building openssl at all if they don't have a boolean
value?
Kris
"How many roads must a
On Mon, 17 Jan 2000, John Polstra wrote:
> You mean "__FreeBSD_version" (in src/sys/sys/param.h), right?
Right, sorry. OSVERSION is what bsd.port.mk calls it.
Kris
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"Oh..then, seven
On Tue, 18 Jan 2000, Leif Neland wrote:
> If somebody _really_ want to ping forever, let them use -t0, and
> defend the rest of us from our blunders of forgetting a ping, keeping
> the line open infinitely.
I use ping for precisely this purpose. Yes, I could change my setup,
but so could you :-)
The simplest way to test whether OpenSSL can do RSA is to write a file at
install-time, like the following patch. Any objections?
Kris
Index: Makefile
===
RCS file: /home/ncvs/src/secure/lib/libcrypto/Makefile,v
retrieving revision
On Mon, 17 Jan 2000, Kris Kennaway wrote:
> + rm -f /etc/ssl/openssl_hasrsa
Doh, I meant /bin/rm
Kris
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"Oh..then, seven!" -- Ho
On Tue, 18 Jan 2000, jack wrote:
> On Jan 17 Kris Kennaway wrote:
>
> > > + rm -f /etc/ssl/openssl_hasrsa
> >
> > Doh, I meant /bin/rm
>
> No, you meant ${RM}
I couldn't find this defined in /usr/share/mk/* - it's only in
bsd.port.mk, AFAICT.
Kris
On Tue, 18 Jan 2000, Chuck Robey wrote:
> > > No, you meant ${RM}
> >
> > I couldn't find this defined in /usr/share/mk/* - it's only in
> > bsd.port.mk, AFAICT.
>
> I'm note sure mine's up to date, where the definition is on line 876 of
> bsd.port.mk ... but I'm *sure* it's in there, it has be
On Tue, 18 Jan 2000, Sheldon Hearn wrote:
> On Mon, 17 Jan 2000 21:53:10 PST, Kris Kennaway wrote:
>
> > +.if defined(WITH_RSA) && ${WITH_RSA} == YES
> > + /usr/bin/touch /etc/ssl/openssl_hasrsa
>
> Um, are you sure you want that hard path, /etc/ssl ? Shou
On Tue, 18 Jan 2000, Sheldon Hearn wrote:
> Does sysinstall set this one? If not, it should. Then we can stop
> worrying about it. :-)
Not yet, but it should. If someone can help me out here it would be
greatly appreciated.
Kris
"How many roads must a man walk down, before you call him
On Tue, 18 Jan 2000, Peter Wemm wrote:
> Yes, This should most definately have ${DESTDIR} for this sort of thing, but
> even then I'm not sure this is a good change.. We have got to find a better
> way than this.
I've said this a couple of times in private, but will repeat it again for
the list
On Tue, 18 Jan 2000, Patrick Bihan-Faou wrote:
> If we are changing the meaning of "USA_RESIDENT", could we replace it by
We're not. It's just that until now it hasn't really mattered if it
wasn't set (the cases where it did matter, like whether or not to fetch a
crypto port from a US site, it w
On Tue, 18 Jan 2000, Warner Losh wrote:
> In message <[EMAIL PROTECTED]> Satoshi - Ports Wraith - Asami
>writes:
> : Won't people get into legal trouble (technically) if they build the
> : wrong version?
>
> RESIDENT=
> CITIZEN=
What about us dual citizens? :-)
Kris
"How many roads must
On Tue, 18 Jan 2000, Taavi Talvik wrote:
> Maybe we should extend meaning of USA_RESIDENT or introduce new variable
> indicating contry. After doing netfork install, subsecuent fetces for
> ports/packages/distfiles from nearest
> ftp.xx.freebsd.org/cvsup.xx.freebsd.org is really handy. Specially
On Tue, 18 Jan 2000, Patrick Bihan-Faou wrote:
> cc -O -pipe -DMONOLITH -DNO_IDEA -I/usr/src-freebsd-4.x/secure/usr.bin/opens
> sl -DRSAref -I/usr/obj/usr/src-freebsd-4.x/i386/usr/include -o openssl
> apps.o asn1pars.o ca.o ciphers.o crl.o crl2p7.o dgst.o dh.o dsa.o dsaparam.o
> enc.o errstr.o
On Tue, 18 Jan 2000, David O'Brien wrote:
> I think this is the only way to properly handle it. As Garrett pointed
> out, some people in the USA actually do have a licence to use the "good"
> version of RSA.
Is this the same Garrett who persuaded me not to include the RSA code at
all in the fre
On Tue, 18 Jan 2000, Garrett Wollman wrote:
> No, this is the same Garrett who persuaded you not to include the RSA
> code at all in the freefall repository so that I could continue to
> maintain a mirror without getting into trouble with the Technology
The upshot of all of which is that people
On Tue, 18 Jan 2000, FreeBSD mailing list wrote:
> speed.o(.text+0x60a): undefined reference to `RSA_PKCS1_RSAref'
> /usr/local/lib/libcrypto.so: undefined reference to `ERR_load_RSAREF_strings'
Please pay attention to the mailing list. I'm testing the fix for this now
with a make world of both
On Wed, 19 Jan 2000, Stephan van Beerschoten wrote:
> cc -O -pipe -DMONOLITH -DNO_IDEA
>-I/mnt/archive/CVS/4.0-CURRENT/src/secure/usr.bin/openssl -DRSAref
>-I/usr/obj/mnt/archive/CVS/4.0-CURRENT/src/i386/usr/include -o openssl apps.o
>asn1pars.o ca.o ciphers.o crl.o crl2p7.o dgst.o dh.o dsa
On Wed, 19 Jan 2000, Charles Anderson wrote:
> be successful. But my last question still remains, why is it looking at
> anything outside of the /usr/src, /usr/obj world?
It was supposed to just pick up the rsaref library so you can use RSA
crypto in openssl, but was also picking up the stale l
On Wed, 19 Jan 2000, Terje Elde wrote:
> Because of copyright issues OpenSSL is being built with -DNO_IDEA. IMHO
> it's bad to do this for all systems, as it's only limited in some
> countries.
>
> What I'm wondering if we could do is to add a COUNTRY=whatever, which
> could be used to look up a
On Fri, 21 Jan 2000, Brian Hechinger wrote:
> rebooted, tried to log in and couldn't. not as root, not as my regular user.
Sounds like you clobbered your DES libcrypt libraries with non-DES ones,
and now you can't use your DES passwords.
Kris
"How many roads must a man walk down, before
On Sun, 23 Jan 2000, Douglas Kuntz wrote:
> -c functions/mcrypt.c -o functions/mcrypt.o
> functions/mcrypt.c:172: #error Please update your mcrypt library
> *** Error code 1
>
> Is this a ports problem, or a current problem?
Ports. Looks like it's trying to use the library from security/mcrypt.
Since the most recent round of ATA updates, my CDROM is no longer even
probed at boot time.
device ata0
device atadisk0
device atapicd0
options ATA_STATIC_ID
Copyright (c) 1992-2000 The FreeBSD Project.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Reg
Okay, so I finally decided to take the plunge and check out ipfilter. ipf
seemed to load my ruleset with no problems, but ipfstat dies with:
ioctl(SIOCGETFS): Invalid argument
I have remade the 'ipl' target in MAKEDEV, and my kernel and userland are
in sync. I have options IPFILTER and options I
On Mon, 24 Jan 2000, Jordan K. Hubbard wrote:
> On the 29th of January, I'll be freezing the -current branch (well,
> OK, the trunk). That means NO commits without my review first and I
Hmm. What does this mean for the ATA driver? I know Soren has some more
updates in the wings, and I'm gratefu
On Mon, 24 Jan 2000, Soren Schmidt wrote:
> Huh, you have only told me about the missing CDROM (should be fixed
> with the commit I just did), what else seems to be a problem ??
My WDC drive falling back to PIO mode..see the dmesg in the previous
message.
Kris
"How many roads must a man w
Can people please review this for style and content, for inclusion in
the FAQ? I'll also need someone to mark it up once it's ready since SGML
is currently not among my abilities :-)
Thanks,
Kris
As of FreeBSD 4.0, the OpenSSL toolkit is a part of the base
system. OpenSSL [http://www.openss
On Tue, 25 Jan 2000, Nik Clayton wrote:
> Is this FAQ material, or better off in the installation section of the
> Handbook? I'd veer towards the Handbook myself.
Seemed like a potential Frequently Asked Question to me, is all. I defer
to your superior knowledge of our documentation standards :
On Tue, 25 Jan 2000, the Webslave wrote:
> > Okay, so I finally decided to take the plunge and check out ipfilter. ipf
> > seemed to load my ruleset with no problems, but ipfstat dies with:
> >
> > ioctl(SIOCGETFS): Invalid argument
>
> And what would that ruleset be?
>
# Default to deny
bloc
On Thu, 27 Jan 2000, Alexandr Listopad wrote:
> there no tools/ dir in /usr/src - why?
Because you didn't download it?
> doc-all
> src-base
> src-bin
> src-contrib
> src-etc
> src-gnu
> src-include
> src-lib
> src-libexec
> src-release
> src-sbin
> src-share
> src-sys
src-tools
> src-usrbin
> s
/home/kris/tmp/world/obj/.amd_mnt/freefall/host/c/users/kris/tmp/world/src/alpha/.amd_mnt/freefall/host/c/users/kris/tmp/world/src/gnu/usr.bin/cc/cpp/../cc_int/libcc_int.a(choose-temp.o):
In function `choose_temp_base':
choose-temp.c(.text+0x218): warning: mktemp() possibly used
unsafely; consider
On Wed, 19 Jan 2000, Kris Kennaway wrote:
> Modified files:
> secure/usr.bin/openssl Makefile
> Log:
> Don't search for libraries in ${LOCALBASE}. This should fix the problems
> people were seeing with conflicts with the openssl port.
I tried to test all of the
I get this whenever I try and build a kernel (with or without IPFIREWALL):
linking kernel.debug
ip6_fw.o: In function `ip6_fw_init':
/sys/compile/MORDEN/../../netinet6/ip6_fw.c(.text+0x18a4): undefined reference to
`ip6_fw_chk_ptr'
/sys/compile/MORDEN/../../netinet6/ip6_fw.c(.text+0x18ae): undef
I'm hearing precious little feedback about this, guys. I need to know if
this works properly on your 3.x and 4.0 systems so I can get it into the
tree in time for the ports freeze.
This version fixes rsaref support for non-4.0 systems and has a different
hack for the CFLAGS problem if we don't us
Ack, this was meant for ports, although the additional testing would
certainly be welcome :) Sorry..
Kris
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"Oh..then, seven!" -- Homer Simpson
To Unsubscribe: send mail to [EMAIL P
On Sat, 29 Jan 2000, Jim Bloom wrote:
> The problem here is that ip6_fw.c is dependent upon INET6 instead of
> IPv6FIREWALL. I sent mail to shin a little while ago about the
> problem. If you want to compile a kernel in the interim, change the
> line for ip6_fw.c in sys/conf/files to
>
> netin
This commit causes my P5 to panic at boot:
kato2000/01/28 23:49:03 PST
Modified files:
sys/i386/i386identcpu.c
Log:
Simplify messages of Pentium II, Pentium II Xeon, Celeron, Pentium III
and Pentium III Xeon CPUs. If a CPU is one of Pentium II, Pentium II
Xeon and
My CDROM still refuses to work with cdcontrol, although the 30-seconds of
kernel spinning is now fixed.
Trying to play a track gives:
acd0: PLAY_BIG - ILLEGAL REQUEST asc=21 ascq=00 error=04
One of my WDC's still falls back to PIO mode at boot time (see previous
messages, nothing has changed).
On Sun, 30 Jan 2000, Soren Schmidt wrote:
> > Trying to play a track gives:
> >
> > acd0: PLAY_BIG - ILLEGAL REQUEST asc=21 ascq=00 error=04
>
> I'll bet this drive doesn't support PLAY_BIG but only PLAY_MSF.
> The problem here is that PLAY_MSF's parameters are either in
> binary or in BCD, but
On Sun, 30 Jan 2000, KATO Takenori wrote:
> It sounds strange. I didn't modify any P5 stuff.
>
> I attached the patch from 1.79 to 1.80 diff in this mail.
>
> - Could you try to this patch with the -R option?
Yes, when I back out this revision (& nothing else) I can boot fine :-)
> - Ple
On Mon, 31 Jan 2000, Greg Childers wrote:
> A panic also occurred on my Pentium (P54C) 66MHz, but backing identcpu.c
> to 1.79 didn't stop the panic. Here is the panic info, copied by hand. (I
> hope there are no typos!)
Well, I rebuilt a kernel with 1.80 of identcpu.c and it booted fine this
On Tue, 1 Feb 2000, Guido van Rooij wrote:
> ipfstat and its friends (ipf, ipnat and ipmon) now live in /sbin
> It might be you are using an old version (these programs used to live in
> /usr/sbin but are moved to /sbin to be able to use them early atr
> system startup).
Aha! This looks to be th
On Tue, 1 Feb 2000, Andreas Klemm wrote:
> One additional question... What would be the best time to update
> /etc after an update from 3.4-STABLE to 4.0-current ?
>
> - prior or
> - after booting freshly compiled updated system ?
Before, because (in general) it may not boot to multiuser mode a
On Tue, 1 Feb 1900, I am not any sort of Fluffy wrote:
Please fix your mailer. It is over 100 years old.
Kris
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"Oh..then, seven!" -- Homer Simpson
To Unsubscribe: send mail to [EM
On Wed, 2 Feb 2000, Maxim Sobolev wrote:
> What happed with much-advertised by Polstra cvsup8.freebsd.org cvsup mirror?
He advertised shortly thereafter that it had died :-)
Kris
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetorical question!"
"
On Thu, 3 Feb 2000, Anders Andersson wrote:
> I add a new user, and with 'vipw' I notices that this user now gets a
> DES based passwd. (we only use MD5 passwords around). Then I looked in
> /usr/lib and noticed that libcrypt now is symlinked to libdescrypt:
AFAIK this has always been the way it
On Thu, 3 Feb 2000, bush doctor wrote:
> I'm a bit confused about the libcrypto situation and need some clarification :)
> I'm running -current and rebuilt the apache13-php3 port recently. The port
> depends on /usr/local/lib/libcrypto.so.1, however when starting the ssl version
> I get the foll
On Sat, 5 Feb 2000, Klaus Herrmann wrote:
> options ATA_ENABLE_ATAPI_DMA#Enable DMA on ATAPI devices
Try removing this. According to the warning in LINT, this breaks many
CDROMs.
Kris
"How many roads must a man walk down, before you call him a man?"
"Eight!"
"That was a rhetoric
On Fri, 11 Feb 2000, Mark Huizer wrote:
> I installed a fresh 4.0 release candidate this morning, including the
> crypto stuff (des, kerberos...). Tried to install openssh from ports
> tree as well, but couldn't. It was looking for
> /usr/include/openssl/rsa.h which was not there, and I couldn't
On Sat, 12 Feb 2000, Motoyuki Konno wrote:
> Related question:
>
> Are there any plan to distribute USA_RESIDENT=NO version of
> des binary distribution?
>
> If not, non-USA users must rebuilt the crypto libraries from
> source to use international-crypto packages.
>
> The des distribution (de
On Sat, 12 Feb 2000, John Hay wrote:
> and to me it looks like rsa.h is included:
>
> internat:/home/ftp/pub/FreeBSD/releases/i386/4.0-2211-SNAP/des > cat des.?? |
>tar -tzvf - | grep rsa
> -r--r--r-- root/wheel12208 Feb 12 07:09 2000 usr/include/openssl/rsa.h
>
> Or is there somethin
On Sat, 12 Feb 2000, Poul-Henning Kamp wrote:
> Could somebody send a short overview of the "crypto in FreeBSD"
> situation ? I bet there are more people than me who have lost
> track of what is in, what is out and what USA_RESIDENT changes...
See the new chapter 6.5 in the handbook for an exp
On Sat, 12 Feb 2000, Adrian Steinmann wrote:
> cd /usr/ports/security/openssl
> make -V FORBIDDEN
> "OpenSSL is already in the base system"
> yet it doesn't appear to be.
Yes it is :-) Install the crypto sources from internat.
> This causes openssh to fail likewise because it depend
On Sat, 12 Feb 2000, Daniel Robbins wrote:
> URL above, and it seemed to work ok. You *can expect* problems and
> challenges integrating 2.95.2 into FreeBSD -- it's like a whole new
> compiler. And it *will* cause new compile errors that were not
> flagged before. That's just the nature of the
I'm in the process of uploading the i386 and alpha packages for the two US
versions of openssl (NORSA & RSAref). As described in chapter 6.5 of the
handbook, you can pkg_add these instead of having to do a source-recompile
of the openssl stuff (the NORSA package is what you get by default,
actuall
On Thu, 10 Feb 2000, Christopher Masto wrote:
> I've often thought that it might be better if each port were a single
> tar file or something instead of the 30+ files that many of them now
> contain. From there, it seems like a straightforward step to not keep
> the tar files on your machine, mu
On Thu, 24 Feb 2000, Jeffrey J. Mountin wrote:
> So when is this event scheduled to end, so we can go for a test drive?
>
> 57^H^H61 commits to -current and counting...
The last message to show up in the series said Mark was finished and about
to collapse unconscious, so I guess that means "let
On Fri, 25 Feb 2000, Ollivier Robert wrote:
> I just saw that openssh (thanks Mark!) is using /etc/ for its configuration
> file. As the author of the "--with-etcdir" option of SSH (back in '96) and
> for the sake of consistency, I'd like to create a /etc/ssh directory and
> move everything there
On Sat, 26 Feb 2000, Munehiro Matsuda wrote:
> Hi all,
>
> Buildworld failed due to crypto related changes in libpam.
> With following patch, buildworld and installworld went successful for me.
This patch looks correct to me, with one change. However I think the
pam_ssh module needs to go under
On Fri, 25 Feb 2000, Alfred Perlstein wrote:
> Can anyone working on the recent sshd black magic linkage stuff please
> step up and explain?
>
> Or shall i move it to network_pass4?
Please just let mark fix it..don't want the too many cooks problem :-)
Kris
"How many roads must a man wal
Does this patch fix the problems people are seeing? It also generates the
hostkey if it doesnt exist.
Oops, the NO_DESCRYPT line in the /etc/defaults/make.conf patch shouldn't
be committed yet..I'm still testing that one.
Index: rc
yOn Sat, 26 Feb 2000, Jordan K. Hubbard wrote:
> > +# Generate SSH host key, if it doesnt exist. Both sshd and ssh need it
> > +# so we do it unconditionally on sshd_enable.
>
> Are you sure ssh requires a host key? I could have sworn this was
> entirely related to sshd and could thus be lumped
On Sat, 26 Feb 2000 [EMAIL PROTECTED] wrote:
> But this means that ssh must be setuid root. Some of us insist on *not*
> using rsa-rhosts authentication, and install ssh without any privileges.
>
> Looks to me like we need a couple of alternatives here.
If you want to tinker with the file permi
On 26 Feb 2000, Bjoern Groenvall wrote:
> Right, the code does not lie (if ssh is setuid root). But, if the host
> key has not yet been created, then no host can have the public key and
> thus rsa-rhosts authentication won't work anyways. It is not required
> to run ssh-keygen to make ssh work, S
On Sat, 26 Feb 2000 [EMAIL PROTECTED] wrote:
> > If you want to tinker with the file permissions, can't you deal with the
> > fact that the startup scripts will create a host key for you the first
> > time you boot with it installed?
>
> As long as there is an easy way of running ssh without any
On Sat, 26 Feb 2000, Ben Smithurst wrote:
> William Woods wrote:
>
> > Grr..cant say I like that idea, I would like to have them both...
>
> Oh. You *have* cvsup'ed the cvs-crypto collection, right? I think that's
> the one you need.
You need:
src-crypto
src-secure
Are you still having t
This is something which has been requested a fair bit..it will disable the
building of the DES CRYPT libraries even if you have the crypto sources
installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with
the pitfalls of libdescrypt. It seems to work fine for me..if I hear any
oth
1 - 100 of 1570 matches
Mail list logo