Re: NEW: security/hitch (pledged)

2018-04-28 Thread Klemens Nanni
On Sat, Apr 28, 2018 at 10:59:36PM +0200, Jeremie Courreges-Anglas wrote: > On Sat, Apr 28 2018, Klemens Nanni wrote: > > Take three with updated pledge diff also fixing an actual bug in the > > reloading logic when the `ocsp-dir' parameter has changed. > > > > It's already

Re: NEW: security/hitch (pledged)

2018-04-28 Thread Jeremie Courreges-Anglas
On Sat, Apr 28 2018, Klemens Nanni wrote: > Take three with updated pledge diff also fixing an actual bug in the > reloading logic when the `ocsp-dir' parameter has changed. > > It's already reported upstream, I discovered this while playing around > to reduce pledge promises.

Re: NEW: security/hitch (pledged)

2018-04-28 Thread Klemens Nanni
Take three with updated pledge diff also fixing an actual bug in the reloading logic when the `ocsp-dir' parameter has changed. It's already reported upstream, I discovered this while playing around to reduce pledge promises. hitch3.tgz Description: Binary data

Re: NEW: security/hitch (pledged)

2018-04-27 Thread Klemens Nanni
Updated tarball with a proper hitch.rc this time. The main process is now pledged only if hitch doesn't chroot(2). I cannot simply hoist the call yet. hitch2.tgz Description: Binary data

NEW: security/hitch (pledged)

2018-04-27 Thread Klemens Nanni
I've been working on hitch every now and then for the last few months, upstream has merged all my (OpenBSD related) fixes so it's time for a port: $ pi hitch Information for inst:hitch-1.4.8 Comment: libev-based high performance TLS proxy Description: