On Wed, Aug 24, 2022 at 11:05:30PM -0500, Scott Cheloha wrote:
> On Wed, Aug 24, 2022 at 05:51:14PM +1000, Jonathan Gray wrote:
> > On Tue, Aug 23, 2022 at 12:20:39PM -0500, Scott Cheloha wrote:
> > > > Hyper-V generation 1 VMs are bios boot with emulation of the usual
> > > > devices. 32-bit and
On Wed, Aug 24, 2022 at 08:02:03PM -0600, Todd C. Miller wrote:
> On Wed, 24 Aug 2022 20:06:00 -, Klemens Nanni wrote:
>
> > Feedback? Am I missing anything?
>
> If fstat(2) fails you should not try to access sb. Perhaps:
>
> if (((dflags & OPENDEV_BLCK) && ...
>
> should be an "else
On Wed, Aug 24, 2022 at 05:51:14PM +1000, Jonathan Gray wrote:
> On Tue, Aug 23, 2022 at 12:20:39PM -0500, Scott Cheloha wrote:
> > > Hyper-V generation 1 VMs are bios boot with emulation of the usual
> > > devices. 32-bit and 64-bit guests.
> > >
> > > Hyper-V generation 2 VMs are 64-bit uefi
On Tue, Aug 23, 2022 at 11:06:05AM +0200, Claudio Jeker wrote:
> The RDE does some magic dance around connected networks and their gateway
> which should be done in kroute.c instead. At least then both functions doing
> gateway lookups do this magic in the same .c file.
> It also makes the RDE
On Wed, 24 Aug 2022 20:06:00 -, Klemens Nanni wrote:
> Feedback? Am I missing anything?
If fstat(2) fails you should not try to access sb. Perhaps:
if (((dflags & OPENDEV_BLCK) && ...
should be an "else if (..."
Otherwise looks OK to me.
- todd
Theo Buehler wrote:
> > > + if (pemmode) {
> > > + if (pledge("stdio rpath", NULL) == -1)
> > > + err(1, "pledge");
> > > +
> > > + if (argc > 1)
> > > + goto usage;
> >
> > This should be argc > 0 to match your synopsis.
>
> Ugh. I confused
> > + if (pemmode) {
> > + if (pledge("stdio rpath", NULL) == -1)
> > + err(1, "pledge");
> > +
> > + if (argc > 1)
> > + goto usage;
>
> This should be argc > 0 to match your synopsis.
Ugh. I confused myself here, it was actually correct
On Wed, Aug 24, 2022 at 06:41:12PM -0600, Theo de Raadt wrote:
> argv += optind;
> argc -= optind;
>
> + if (pemmode) {
> + if (pledge("stdio rpath", NULL) == -1)
> + err(1, "pledge");
> +
>
>
> rpki-client is starting to develop quite a
On Wed, Aug 24, 2022 at 11:35:01PM +, Job Snijders wrote:
> Hi all,
>
> Scratching an itch: When debugging RPKI things, I've grown tired of
> typing stuff like the below 2 commands to get to the CMS encapsulated
> DER encoded EE certificate in RPKI Signed Objects.
>
> $ openssl cms
argv += optind;
argc -= optind;
+ if (pemmode) {
+ if (pledge("stdio rpath", NULL) == -1)
+ err(1, "pledge");
+
rpki-client is starting to develop quite a number of run-time "modes".
I think it is time to add some checks (right around
Hi all,
Scratching an itch: When debugging RPKI things, I've grown tired of
typing stuff like the below 2 commands to get to the CMS encapsulated
DER encoded EE certificate in RPKI Signed Objects.
$ openssl cms -verify -noverify -inform DER -signer signer.pem \
-in
Makefile.inc sets NOMAN=1 and MAN= to the empty string, so all
definitions in program Makefiles are useless and misleading.
disklabel and fdisk certainly won't embed the manual in size constrained
install media, so also remove the logic around NOMAN.
No functional change.
OK?
Index:
On Mon, Aug 22, 2022 at 10:38:29AM +, Klemens Nanni wrote:
> The real problem seems to be that opendev(3) happily opens a regular
> file as device, but only if the argument contains a slash:
>
> # installboot -v ./biosboot
> Using / as root
> installing bootstrap on
Le Tue, Aug 23, 2022 at 06:28:12PM +0200, Claudio Jeker a écrit :
> I noticed that the "connection from non-peer" message can fill the log and
> be so chatty that it is hard to see the other messages. The system I see
> this on is a bit special since it gets hammered by incorrectly configured
>
Anyone want to test this?
Any OKs?
The CVEs mentioned are these:
=== CVE-2022-30698
Unbound prior to 1.16.2 allows malicious users to trigger continued
resolvability of malicious domain names, even after their revocation
from the parent zone, via a novel type of the "ghost domain names"
attack
On Tue, Aug 23, 2022 at 12:20:39PM -0500, Scott Cheloha wrote:
> > Hyper-V generation 1 VMs are bios boot with emulation of the usual
> > devices. 32-bit and 64-bit guests.
> >
> > Hyper-V generation 2 VMs are 64-bit uefi with paravirtualised devices.
> > 64-bit guests only.
> >
> > There is no
On Wed, 24 Aug 2022, Damien Miller wrote:
> Hi,
>
> https://www.mindrot.org/misc/libfido2-1.11.0.diff contains an update
> for src/libfido2 from 1.8 to 1.11 (about 10 months of upstream
> development).
>
> I've tested it with OpenSSH, which is the only thing in src/ that
> uses it as well as
Hi,
https://www.mindrot.org/misc/libfido2-1.11.0.diff contains an update
for src/libfido2 from 1.8 to 1.11 (about 10 months of upstream
development).
I've tested it with OpenSSH, which is the only thing in src/ that
uses it as well as compiling www/chromium and performing a FIDO login
with it.
18 matches
Mail list logo