Relayd with TLS and non-TLS backends - bug

2020-06-11 Thread Toyam Cox
Hello Misc, Full config at end of email. I've discussed the below in #openbsd on freenode, and was told to come here. At present, I have a setup where I need multiple unrelated servers under a single IP address. I used relayd to do https interception, read the Host header, and make decisions.

Adding An Authentication Provider

2018-09-21 Thread Toyam Cox
I am trying to hook up a different authentication provider to OpenBSD's auth. At present, I can not find out how to "fake" the passwd database for groups. I know that Linux and NetBSD use nss, with tools such as nslookup and functions such as nsdispatch, but I can't find such things for OpenBSD.

Triggering automatic upgrade (not over network) not working

2016-07-18 Thread Toyam Cox
On my macppc, the presence of /auto_upgrade.conf doesn't actually cause bsd.rd to pretend it's been netbooted. The file is present at the root of my disk, under /dev/wda0. The documentation in autoinstall(8) says that the presence of /auto_{upgrade,install}.conf tells bsd.rd to treat it like an

Re: Iked, ca_getreq: no valid local certificate found

2015-11-05 Thread Toyam Cox
omehow didn't install ikeca.cnf by > default. > > Reyk > >> On 05.11.2015, at 08:28, Toyam Cox <aviator45...@gmail.com> wrote: >> >> Ho misc@, >> >> I have been (loosely) following the guide at >> http://puffysecurity.com/wiki/openikedoffshore.html

Re: Iked, ca_getreq: no valid local certificate found

2015-11-05 Thread Toyam Cox
I'm running 5.8-release. On Thu, Nov 5, 2015 at 8:07 PM, Jonathan Gray <j...@jsg.id.au> wrote: > Which release or snapshot are you running? For the version of the file > Reyk pointed you at you'll need a -current snapshot. > > On Thu, Nov 05, 2015 at 12:58:29PM -050

Iked, ca_getreq: no valid local certificate found

2015-11-04 Thread Toyam Cox
Ho misc@, I have been (loosely) following the guide at http://puffysecurity.com/wiki/openikedoffshore.html and have run into a roadblock. I have packets going between my two hosts on different networks, the configuration files on both are good, and both have the ca installed. However on my

Re: quick question about unbound

2015-11-04 Thread Toyam Cox
The default setting for "do-not-query-localhost" is "yes". You may want to add "do-not-query-localhost: no" to your config in the "server" section. On Wed, Nov 4, 2015 at 11:25 AM, Gregory Edigarov wrote: > Hello, > > Trying to make unbound and nsd co-exist on one server, the