On Fri, Apr 18, 2014 at 09:41:47PM -0400, Jacob L. Leifman wrote:
Some of the OpenSSL rot crept in slowly as "improvements from upstream".
As for everything else, The source tree is public - if you're
qualified to help, you're qualified to look. If you send a sane diff
we'll look at it.
-Bob
I'm guessing that openssl was incorporated into OpenBSD base without
prior sufficient audit by the OBSD devs because it was presumed to have
better auditing / quality control upstream given its security critical
nature and function. (A number of devs have commented in the past about
the [lack o
On Fri, Apr 18, 2014 at 05:19:15PM -0700, Claus Assmann wrote:
> Seems it is ok to use strlcat/strlcpy that way in some cases:
> $ cat src/usr.sbin/smtpd/*.c | egrep -c ' strlc(at|py)\('
> 249
If your only goal is ensuring you don't have a non-nul terminated
string, sure, that's great. and the wa
Seems it is ok to use strlcat/strlcpy that way in some cases:
$ cat src/usr.sbin/smtpd/*.c | egrep -c ' strlc(at|py)\('
249
On 2014-04-18, Henning Brauer wrote:
> so, what are we doing with this now?
> I still want to hide in_cksum_phdr() and kill in_cksum_addword() so that
> nobody ever uses that sh*t again.
> yes, sk loses is half-baked cksum offload support with this, as
> discussed before.
> as naddy pointed out t
On 2014/04/18 09:50, dera...@cvs.openbsd.org wrote:
> Small demonstration of the kinds of things we'll have to mop up for
> weeks more.
>
> From OpenSSL CHANGES file:
>
> *) Introduce safe string copy and catenation functions
> (BUF_strlcpy() and BUF_strlcat()).
> [Ben Laurie (CHATS)
this one is still open as well. oks?
* Henning Brauer [2014-01-21 03:24]:
> absolutely prevent forwarding carp or NFS/rpc using the shiny new
> received-on any.
>
> can only minimally test that here. need at least one carp and one
> diskless test.
>
> Index: rc
> ==
so, what are we doing with this now?
I still want to hide in_cksum_phdr() and kill in_cksum_addword() so that
nobody ever uses that sh*t again.
yes, sk loses is half-baked cksum offload support with this, as
discussed before.
as naddy pointed out there are (at least) two private copies of
in_cksum_
Bad stuff happens when the ifa lookup tree gets corrupted.
In my case local traffic was suddenly no longer local and was
forwarded to lo0 ad infinitum.
This was caused by the usage of rdomains and destroing pseudo interfaces.
The sadl address was still in rdomain 0, was therefor not found in the
t
Small demonstration of the kinds of things we'll have to mop up for
weeks more.
>From OpenSSL CHANGES file:
*) Introduce safe string copy and catenation functions
(BUF_strlcpy() and BUF_strlcat()).
[Ben Laurie (CHATS) and Richard Levitte]
That's from back in 2002.
These functions wo
On Fri, Apr 18, 2014 at 04:00:28PM +0200, Fritjof Bornebusch wrote:
> Hi guys,
>
> this little diff checks if the chmod call was successful or not.
>
> Regards,
> Fritjof
>
>
> Index: rand/randfile.c
> ===
> RCS file: /cvs/src/lib/
Hi guys,
this little diff checks if the chmod call was successful or not.
Regards,
Fritjof
Index: rand/randfile.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/rand/randfile.c,v
retrieving revision 1.33
diff -u -p -r1.33 randfile.c
FYI tech@, there was a thread on misc@ about
sudo -iu not setting some environment variables:
http://thread.gmane.org/gmane.os.openbsd.misc/211823/
On 2014-04-08 Tue 09:26 AM |, Craig R. Skinner wrote:
> To clarify, there are no ~/. shell dot files.
>
> $PATH & umask are set in /etc/login.conf
>
On Thu, Apr 17, 2014 at 11:58:03PM +0200, Mark Kettenis wrote:
> > Date: Thu, 17 Apr 2014 23:42:26 +0200
> > From: Claudio Jeker
> >
> > Found this in my X240, the following diff makes it work.
> >
> > rtsx0 at pci1 dev 0 function 0 "Realtek RTS5227 Card Reader" rev 0x01: msi
> > sdmmc0 at rtsx0
On Thu, Apr 17, 2014 at 6:37 AM, Alexandr Shadchin
wrote:
> This diff updates less to the latest release 458.
> Tested on amd64 and i386.
>
> Comments ? OK ?
Seems good to me. ok guenther@
15 matches
Mail list logo