Re: specify curves via ecdhe statement in httpd.conf

On 02/05/17 11:13, Andreas Bartelt wrote: ... The following combinations were tested: server httpd with ecdhe "secp384r1" & server nginx with ssl_ecdh_curve secp384r1; (identical results) connect via openssl [secp384r1]: fails connect via eopenssl [secp384r1]: fails replying to

man.cgi(8): add unique HTML titles

Here's a proposal to add unique HTML titles to man-pages served using man.cgi. The name of the man-page is used as a title prefix (inspired by NetBSD's adoption of mandoc). There might be a more elegant way to produce the title given the filename. Index: cgi.c

add empty /root/.ssh/authorized_keys to mtree/sets ?

Hi, when installing 'throwaway' VMs (manually, not always using autoinstall for $REASONS) i've often found myself having to do right after the install: install -d -m 700 /root/.ssh install -m 600 /dev/null /root/.ssh/authorized_keys (or touch /root/.ssh/authorized_keys && chmod 600

Re: specify curves via ecdhe statement in httpd.conf

On 02/05/17 07:41, Joel Sing wrote: On Saturday 04 February 2017 15:51:02 Andreas Bartelt wrote: On 02/04/17 05:26, Joel Sing wrote: On Wednesday 01 February 2017 15:41:29 Andreas Bartelt wrote: Hello, after reading the LibreSSL accouncement from today, I assumed that specifying ecdhe "auto"

Re: stop building arm64 kernels with -mcpu=cortex-a57

On Sun, Feb 05, 2017 at 09:57:13PM +1100, Jonathan Gray wrote: > Ask for a generic armv8-a encoding rather than one based on and tuned > for cortex-a57. If that works for you, sure, ok patrick@. > > Index: Makefile.arm64 > === >

Re: add empty /root/.ssh/authorized_keys to mtree/sets ?

On Sun, Feb 05, 2017 at 10:46:41AM +0100, Landry Breuil wrote: > Hi, > > when installing 'throwaway' VMs (manually, not always using autoinstall for > $REASONS) i've often found myself having to do right after the install: > install -d -m 700 /root/.ssh > install -m 600 /dev/null

stop building arm64 kernels with -mcpu=cortex-a57

Ask for a generic armv8-a encoding rather than one based on and tuned for cortex-a57. Index: Makefile.arm64 === RCS file: /cvs/src/sys/arch/arm64/conf/Makefile.arm64,v retrieving revision 1.4 diff -u -p -r1.4 Makefile.arm64 ---

Re: specify curves via ecdhe statement in httpd.conf

On Sunday 05 February 2017 11:13:16 Andreas Bartelt wrote: > On 02/05/17 07:41, Joel Sing wrote: > > You can just specify X25519 as a group - it will not appear in `openssl > > ecparam -list_curves' since it is not a standard EC curve. > > thanks - I didn't notice that capitalization is important

Re: add empty /root/.ssh/authorized_keys to mtree/sets ?

On 2017/02/05 09:53, Robert Peichaer wrote: > On Sun, Feb 05, 2017 at 10:46:41AM +0100, Landry Breuil wrote: > > Hi, > > > > when installing 'throwaway' VMs (manually, not always using autoinstall for > > $REASONS) i've often found myself having to do right after the install: > > install -d -m

Re: specify curves via ecdhe statement in httpd.conf

On 02/05/17 15:41, Joel Sing wrote: On Sunday 05 February 2017 11:13:16 Andreas Bartelt wrote: On 02/05/17 07:41, Joel Sing wrote: You can just specify X25519 as a group - it will not appear in `openssl ecparam -list_curves' since it is not a standard EC curve. thanks - I didn't notice that

Implement fork1_to_pid(). It's fork1(), but with pid as argument

init(8) is wanted to have process ID 1. It's also the only process which is assigned non-random PID (well, there's also swapper as PID 0). This patch renames fork1() to fork1_to_pid() and introduces new argument "pid" which can be used to select PID for new process. When pid is 0, random PID is

Re: mount(8): some code shuffling to avoid a pledge problem

ping On Sat, Jan 28, 2017 at 03:25:53PM +0100, Theo Buehler wrote: > The problem: > > $ mount /dev/tty /tmp > Abort trap (core dumped) > > The relevant kdump snippet: > > 45441 mountCALL open(0x7f7eb580,0x1) > 45441 mountNAMI "/dev/tty" > 45441 mount

ldpad(8): fix deletion of individual attribute values

TL;DR: OpenBSD's ldapd(8) has issues when deleting individual attribute values. Patch below. ZHANG Huangbin reported a misbehaviour in ldapd(8)'s MOD_DELETE operation when connecting to ldapd(8) with the python-ldap library. In ldapd(8) The MOD_DELETE operation always deletes all values of an

Re: Implement fork1_to_pid(). It's fork1(), but with pid as argument

On Sun, 5 Feb 2017, Ossi Herrala wrote: > init(8) is wanted to have process ID 1. It's also the only process which > is assigned non-random PID (well, there's also swapper as PID 0). > > This patch renames fork1() to fork1_to_pid() and introduces new argument > "pid" which can be used to select

Password corruption in adduser

Hi all, I've noticed something strange in adduser -- when attempting to add a user completely though command line argument it seems to corrupt the entry in /etc/master.passwd. Example: $ echo "HorseBatteryStaple" | encrypt $2b$09$ssZSLC6laHsTS7O2FwJ4Mufw6mSS/FGXw.9oNjr3BLTS7DJp5n4M2 # adduser

Re: Password corruption in adduser

ok beck@ On Sun, Feb 5, 2017 at 22:53 Theo Buehler wrote: > On Sun, Feb 05, 2017 at 09:47:35PM -0800, Philip Guenther wrote: > > On Sun, 5 Feb 2017, John McGuigan wrote: > > > I've noticed something strange in adduser -- when attempting to add a > > > user completely though