On Sun, Apr 20, 2014 at 5:06 PM, Dirk Engling erdge...@erdgeist.org wrote:
Dear openbsd devs,
I've just put on my rubber gloves to help with your heroic efforts on
OpenSSL. I started to dive into OpenSSL's ASN.1 implementation and now
wonder how to share my findings, patches and requests
Not quite, because now you avoid the potential double free and instead leak
ret itself because of how ASN1_STRING_free works.. You need to
do this slightly differently.
On Sun, Apr 20, 2014 at 9:37 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 21.04.14 04:56, Ted Unangst wrote:
Also, can
I don't think we want to do this yet. RAND_bytes and
RAND_pseudo_bytes will not be going away.
On Mon, Apr 21, 2014 at 9:24 PM, Jean-Philippe Ouellet
jean-phili...@ouellet.biz wrote:
Here's another pass.
This replaces RAND_{,pseudo_}bytes() calls with equivelant arc4random_buf(3)
calls for
My bad Dirk - you're right with that one.
I'll take a look at this when I get home, and either apply your fix or
disentangle this in a hopefully more obvious way.
On Mon, Apr 21, 2014 at 1:53 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 21.04.14 19:01, Bob Beck wrote:
Not quite, because
Post diffs one per message per thing you're trying to do - example
fix leak in foo.c - etc.
You may have slow replies for a few days, people are travelling
On Tue, Apr 22, 2014 at 12:12 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 22.04.14 19:16, Bob Beck wrote:
I'll take a look
Note you can often have this problem if you cut and paste your diff
into a mail message
Normally best to use something that allows you to just include the
diff from a file inline.
To check it, mail *yourself* the diff. If you can save the email
message raw and apply the
diff just by running
Thanks ted. now I don't have to do it :)
Send more diffs Dirk :)
On Tue, Apr 22, 2014 at 2:38 PM, Ted Unangst t...@tedunangst.com wrote:
On Mon, Apr 21, 2014 at 05:37, Dirk Engling wrote:
On 21.04.14 04:56, Ted Unangst wrote:
Also, can you include diffs inline please? One diff per email.
I will be a minute reading this. The comment from the context at the
bottom of the diff has
me laughing and crying again...
On Tue, Apr 22, 2014 at 5:43 PM, Dirk Engling erdge...@erdgeist.org wrote:
remove M_ASN1_New_Malloc, M_ASN1_New, M_ASN1_New_Error marcos, they hide
a malloc and are only
I hate the amount of useless garbage API this thing exposes
externally, that we then have to wonder WTF out there might use
it G.
Dirk the right way to do this is leave the macros for now (ick) but
change the internals of all our stuff to use intrinsics
without the use of the macros. We
can use! I must use it!
On Tue, Apr 22, 2014 at 6:23 PM, Bob Beck b...@obtuse.com wrote:
I hate the amount of useless garbage API this thing exposes
externally, that we then have to wonder WTF out there might use
it G.
Dirk the right way to do this is leave the macros for now (ick
Nope. One of those things is not like the other..
On Tue, Apr 22, 2014 at 7:05 PM, Michael W. Bombardieri m...@ii.net wrote:
Hi tech@,
Sending this patch for comment...
CRYPTO_memcmp() is different to memcmp() because it can only check
for equality, not greater-than/less-than.
If we check
Looks good, but if you chase something like this, it's ok to send a
diff that kills all of them at once in the same file, like this. which
replaces everywhere the original author didn't know about sizeof(buf)
:)
-Bob
Index: n_pkey.c
Yes, ok
committed
On Wed, Apr 23, 2014 at 03:55:19AM +0200, Dirk Engling wrote:
Index: x_x509.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_x509.c,v
retrieving revision 1.12
diff -u -r1.12 x_x509.c
--- x_x509.c 18
On Wed, Apr 23, 2014 at 04:39:01AM +, Miod Vallat wrote:
+ while (n-- 0)
+ x |= a[n] ^ b[n];
Won't compare the bytes at [0].
Uh? It will, n gets decremented after the test but before the x |=
statement.
Heh. you're right. And both Ted and I were dumbasses. I have
tied
Now is not the time for this diff
Please wait a week or so till the ports mysteries are sorted
Patch updated.
ok?
Index: nfsd.c
===
RCS file: /cvs/src/sbin/nfsd/nfsd.c,v
retrieving revision 1.32
diff -u -p -u -r1.32 nfsd.c
---
This is probably the simplest way to solve the problem for now.
if we want to mess with sys/queue we can do that separately.
On Wed, Apr 30, 2014 at 8:55 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
From: Mike Belopuhov m...@belopuhov.com
Date: Wed, 30 Apr 2014 16:00:45 +0200
On 30
If I had to guess at this point - SRP may have a future.
I'm betting kssl does not, and this should probably go away.
On Tue, Apr 29, 2014 at 4:06 PM, Stefan Fritsch s...@sfritsch.de wrote:
Am Montag, 28. April 2014, 21:40:30 schrieb Ted Unangst:
Also note that I'm not really interested in
From http://www.openbsd.org/errata55.html:
untrusted comment: signature from openbsd 5.5 base secret key
RWRGy8gxk9N9321DQnPP+9IApvSKgX2JT78ZuEZ9HWNUESOfE91CMPQIevj7Yrafs1Zc/KNELplMHCwmFTL8CBjPjuXfEG9y+gU=
OpenBSD 5.5 errata 5, May 1, 2014: An attacker can trigger generation
of an SSL alert
because it's better than one.
frankly, it's a starting point. if 8 or 42 is better we can tune from there.
or replace it with something that's better to do the same thing - if
that can be come up with. Do you have a better suggestion?
On Thu, May 1, 2014 at 12:52 PM, Marc Espie es...@nerim.net
Honestly folks, I'm sick of the attitude of The future is nigh, the
mystic portal awaits! V6 is coming! as an excuse for
we *MUST* change things related to this.
We've been hearing the mystic portal awaits for 15 years - and yet
MANY of us in MANY parts of the world still can not
get reasonable
, and
the burden is on the v6 diff submitter to prove it, not tell everyone
else it's the way and they should prove otherwise.
On Fri, May 2, 2014 at 11:39 AM, Kenneth Westerback
kwesterb...@gmail.com wrote:
On 2 May 2014 13:24, Bob Beck b...@obtuse.com wrote:
Honestly folks, I'm sick
What's their hangup with %n? We normally don't like polluting the world
with #ifdef OPENSSL_NO_PERCENT_N... We normally nuke stuff like that
On 2 May 2014 16:19, enh e...@google.com wrote:
i maintain Android's C library which, as you may know, contains a lot
of OpenBSD code. i've been working
I actually agree that it might not be a bad thing.
However, as we've seen with lots of things that touch vfs it's pretty easy
to get to 80 or 90 percent
functionality and then the last 10% is a royal red pain in the butt, with
possibly awful crashing bugs.
So I'm certainly not averse to someone
Yes, that's true. you *WILL* have awful crashing or hanging bugs to chase ;)
Welcome to the midlayer. Wine bottles are optional but highly recommended.
On Fri, May 30, 2014 at 2:55 PM, Theo de Raadt dera...@cvs.openbsd.org
wrote:
However, as we've seen with lots of things that touch vfs it's
Most VFS hackers would say there is a third purpose. but don't scare him
away yet...
On Fri, May 30, 2014 at 3:01 PM, Theo de Raadt dera...@cvs.openbsd.org
wrote:
Yes, that's true. you *WILL* have awful crashing or hanging bugs to
chase ;)
Welcome to the midlayer. Wine bottles are
You pick. But before you do think about how to test it.
On 30 May 2014 19:19, M Farkas-Dyck strake...@gmail.com wrote:
Stefan Fritsch s...@sfritsch.de wrote:
[1] https://bitbucket.org/iru/o9fs/overview
Thanks for the link; this could be useful.
Bob Beck b...@obtuse.com wrote:
So I'm
Done. Thanks for the giggle. I needed it today.
-Bob
On Sat, May 31, 2014 at 07:20:56PM +0200, D. Spindel wrote:
a short plea from someone who just had to dig through OpenSSL code and
figuring out why I was getting T.61 strings instead of UTF8Strings.
Would you _please_ and kindly change
You should change this so it doesnt check for null before the free. free
handles NULL.
On 31 May 2014 16:39, Brent Cook bust...@gmail.com wrote:
---
ecdh/ecdhtest.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ecdh/ecdhtest.c b/ecdh/ecdhtest.c
index
abort? are you insane? no no no no...
On Sun, Jun 1, 2014 at 8:28 PM, Brent Cook bust...@gmail.com wrote:
Check for errors on write. Since SIGPIPE is ignored, play nicely with
pipelines by aborting on EPIPE.
---
src/apps/s_server.c | 7 +--
1 file changed, 5 insertions(+), 2
We are not on a linux distros mailing list, because we are not a linux
distribution. And this private mailing list is not really an
acknowledged conduit for vulnerability release.
I was asked by someone privately if *I* would be on that mailing list
on June 2nd.
I said I would consider it, but
I may also remind people that those lists are acknowledged right at the top
as experimental. They also do not allow for non personal subscriptions, so
they aren't very practical for this. What if I was away for a day or
three.. Or more.. Essentially this is a nice experiment, but not really a
If you or someone you love runs an anoncvs server, they need to see this.
We recently added commitid support to our cvs repo. all works fine with
cvs and this.
However, we ran into a problem with cvsync in ports. Most mirror
maintianers use cvsync to fetch the repository from anoncvs.ca - it
had
Yeah. Sorry folks I screwed this up on the fanout machine while starting
and stopping daemons and cron jobs chasing the cvsync commitid issue. My
bad.
On 8 Jun 2014 14:20, Stuart Henderson st...@openbsd.org wrote:
On 2014/06/08 20:58, Stuart Henderson wrote:
On 2014/06/08 11:49, Loganaden
On 17 Jun 2014 18:22, Kenneth Westerback kwesterb...@gmail.com wrote:
On 17 June 2014 17:43, Tobias Stoeckmann tob...@stoeckmann.org wrote:
On Mon, Jun 16, 2014 at 04:43:02PM -0700, John-Mark Gurney wrote:
FreeBSD fixed this by increasing the malloc size:
OMFG..
Ingo you just made my morning. I'm laughing so hard.
And I needed the laugh
-Bob
On Fri, Jun 20, 2014 at 04:54:15PM +0200, Ingo Schwarze wrote:
Hi Theo,
Theo de Raadt wrote on Thu, Jun 19, 2014 at 09:58:01PM -0600:
It could be argued that the bcmp manual page does a poor job
If you or someone you love runs an anoncvs server, they need to see this.
As you know we recently added commitid support to cvs, and we had
you update your cvsync binary.
Unfortunately, the fix wasn't quite right. We ran into problems
with the synching of commitid files. naddy managed to cook
a
yes please.
On Fri, Jul 11, 2014 at 3:32 AM, Ted Unangst t...@tedunangst.com wrote:
I think the proposal rampaging went one algorithm too far. sha1 is the
best algorithm supported by many clients and it's still pretty secure.
without it, a lot of clients have stopped working. temporarily
The first release of LibreSSL portable has been released. LibreSSL
can be found in the LibreSSL directory of your favorite OpenBSD mirror.
http://ftp.openbsd.org/pub/OpenBSD/LibreSSL has it, and other mirrors
will soon.
libressl-2.0.0.tar.gz has been tested to build on various versions of
Linux,
It's already fixed, so will be on the next tarball roll
On Fri, Jul 11, 2014 at 3:07 PM, Piotr Sikora piotr.sik...@frickle.com wrote:
Hello,
libressl-2.0.0.tar.gz has been tested to build on various versions of
Linux, Solaris, Mac OSX, and FreeBSD.
This is intended as an initial release to
PM, Stuart Henderson s...@spacehopper.org wrote:
On 2014/07/11 15:21, Bob Beck wrote:
CVSROOT: /cvs
Module name: src
Changes by: b...@cvs.openbsd.org2014/07/11 15:21:59
Modified files:
lib/libssl/src/crypto: opensslv.h
Log message:
Provide LIBRESSL_VERSION_NUMBER
Dempsky matt...@dempsky.org wrote:
On Fri, Jul 11, 2014 at 3:41 PM, Bob Beck b...@obtuse.com wrote:
The OPENSSL_VERSION number is a guarantee for a certain version of the
ABI. As we dont' provide that (in fact much
of the ABI in LIbreSSL is beyond 1.0.1g, it is not accurate to use
the old
You need a more recent OpenSSH. The old versions of OpenSSH did a
foolish thing with their portable arc4random, and
called RAND_BYTES.
New OpenSSH does not do this.
On Fri, Jul 11, 2014 at 6:07 PM, Hanno Böck ha...@hboeck.de wrote:
Hi,
I just noted that when I recompiled openssh against
PM, Hanno Böck ha...@hboeck.de wrote:
On Fri, 11 Jul 2014 18:12:49 -0600
Bob Beck b...@obtuse.com wrote:
You need a more recent OpenSSH. The old versions of OpenSSH did a
foolish thing with their portable arc4random, and
called RAND_BYTES.
New OpenSSH does not do this.
I use 6.6p1 which
On Fri, Jul 11, 2014 at 9:52 PM, tekk t...@parlementum.net wrote:
Thanks Bob and all the other LibreSSL hackers.
Thanks - While I seem to have been quasi defaulted into the public
face for this thing (probably due to size and volume) I hope you can
emphasize the all the other hackers. Yes, I've
We have released an update, LibreSSL 2.0.1
This release includes a number of portability fixes based on the
initial feedback
we have received from the community. This includes among other things
two new configure options to set OPENSSLDIR and ENGINESDIR. We have
removed a few hardcoded compiler
Also starting with this release the directory includes SHA256
signatures which are signed using signify.
The signify public key for libressl is:
untrusted comment: LibreSSL Portable public key
RWQg/nutTVqCUVUw8OhyHt9n51IC8mdQRd1b93dOyVrwtIXmMI+dtGFe
On Sun, Jul 13, 2014 at 5:07 AM, Bob Beck b
I would like this.
On Sun, Jul 13, 2014 at 8:06 AM, Ted Unangst t...@tedunangst.com wrote:
for reference, i use this. faster query interval and when not idle, slam
high immediately.
Index: apmd.c
===
RCS file:
Hi hanno, we've been discussing it extensively here. It's been out
and back in and out and back in ;)
the problem is there are multiple pieces of software, all of which
test for this stuff rather badly. and either
way we do it seems to break things.
On Mon, Jul 14, 2014 at 6:55 AM, Hanno Böck
What problem are you trying to solve here.
On Mon, Jul 14, 2014 at 12:28 PM, Jan Engelhardt jeng...@inai.de wrote:
On Monday 2014-07-14 20:16, Toni Mueller wrote:
Hi Jan,
On Sun, Jul 13, 2014 at 08:30:38PM +0200, Jan Engelhardt wrote:
On Sunday 2014-07-13 13:07, Bob Beck wrote:
We have
To answer a number of questions about this all at once. No. we don't sign
releases with GnuPG or OpenPGP.
GnuPG alone is a compressed tarball of 4.2 MB of code I have occasionally
had to glance at. I do not have enough
energy in my life to clean up two poorly written crypto code bases. The
world
It's also here :)
8--
untrusted comment: LibreSSL Portable public key
RWQg/nutTVqCUVUw8OhyHt9n51IC8mdQRd1b93dOyVrwtIXmMI+dtGFe
On Mon, Jul 14, 2014 at 8:52 PM, Bob Beck b...@obtuse.com wrote:
Once we are back in North America where we can do it (the master signature
box is airgapped
We have release an update, LibreSSL 2.0.2
This release addresses the Linux forking and pid wrap issue reported recently in
the press.
As noted before, we welcome feedback from the broader community.
Enjoy
-Bob
please commit that mark
On Wed, Jul 16, 2014 at 3:14 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
Date: Wed, 16 Jul 2014 11:03:12 +0200
From: Martin Hecht he...@hlrs.de
On 07/16/2014 05:40 AM, Bob Beck wrote:
We have release an update, LibreSSL 2.0.2
This release addresses
yep - running it now, it takes a few minutes
On Wed, Jul 16, 2014 at 8:28 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
From: Bob Beck b...@openbsd.org
Date: Wed, 16 Jul 2014 07:55:16 -0600
please commit that mark
committed to cvs (with HAVE_GETAUXVAL instead of HAVE_AUXVAL)
guess
I've disabled it due to persistant DOS attacks. It may come back later.
On Wed, Jul 16, 2014 at 12:11 PM, Rafael Neves rafaelne...@gmail.com wrote:
Hi Beck,
Probably you already know http://www.openbsd.org/cgi-bin/cvsweb/ is
returning HTTP 403 Forbidden. This is recent, maybe two or three
Hi Jonas,
While you make a few good points and they will be considered, but
really, custom hobby os is not really on our radar
right now. We have our hands full enough with portable dealing with
the major distros and libc's, and fending off all the haters.
On Wed, Jul 16, 2014 at 4:02 PM, Jonas
Steve, sorry, but GNU/kFreeBSD is not going to happen right now. We
are too busy with other things.
On Wed, Jul 16, 2014 at 6:26 PM, Steven Chamberlain ste...@pyro.eu.org wrote:
Hi,
On 16/07/14 23:02, Jonas 'Sortie' Termansen wrote:
* Consider using _DEFAULT_SOURCE or _ALL_SOURCE as feature
ftp -o - http://ftp.openbsd.org/pub/OpenBSD/snapshots/ftplist | some
script, or maybe your eyes and pick one.
On Fri, Jul 18, 2014 at 4:29 PM, Ville Valkonen weezeld...@gmail.com wrote:
On 17 July 2014 00:10, Stuart Henderson st...@openbsd.org wrote:
On 2014/07/16 16:00, Jean-Philippe Ouellet
We have released an update, LibreSSL 2.0.3 - which should
be arriving in the LibreSSL directory of an OpenBSD mirror near
you very soon.
This release includes a number of portability fixes based on the
the feedback
An interesting thought Hanno - do we know what other implementations
(Polar, GnuTLS, etc.) do by default?
I'm inclined to agree that it never should have been done. Having said
that, before we nuke it we kind of
need to know if this is has become de-facto standard behaviour thanks
to OpenSSL
I think we can consider removing it, but I think it might be best to
wait until after the forthcoming OpenBSD release.
On Wed, Jul 23, 2014 at 8:01 AM, Brent Cook bust...@gmail.com wrote:
On Jul 23, 2014, at 8:04 AM, Bob Beck b...@obtuse.com wrote:
An interesting thought Hanno - do we know
Security problems: CRIME, BREACH, and other crud. Compression was
slapped into TLS without any thought to the consequences or side
effects. - effecively doing this in TLS should not be considered a
mature protocol, and nobody who takes security seriously should
use that until it is - if ever.
On
We have released LibreSSL 2.0.4, which should be arriving n the
LibreSSL directory of an OpenBSD mirror near you very soon.
This version includes more portability changes, as well as other work.
most noticable may be the deletion of the of the SRP code (which has
not been enabled in any LibreSSL
Oops. Derp derp...
On 3 Aug 2014 17:53, Philip Guenther guent...@gmail.com wrote:
On Sun, Aug 3, 2014 at 11:07 AM, Bob Beck b...@obtuse.com wrote:
Security problems: CRIME, BREACH, and other crud. Compression was
slapped into TLS without any thought to the consequences or side
effects
We have released LibreSSL 2.1.0 - which should be arriving in the
LIbreSSL directory of an OpenBSD mirror near you very soon.
This release continues on with further work from after OpenBSD 5.6
code freeze. Our intention is to finalize LibreSSL 2.1 with OpenBSD
5.7
As noted before, we welcome
normally tech@openbsd.org would be the place to start contributing. If
you have fixes, post diffs there.
On Sun, Oct 12, 2014 at 9:26 PM, Jiri Navratil j...@navratil.cz wrote:
Sun, Oct 12, 2014 at 07:36:02PM CEST, b...@openbsd.org napsal(a):
We have released LibreSSL 2.1.0 - which should be
We have released LibreSSL 2.1.1- which should be arriving in the
LIbreSSL directory of an OpenBSD mirror near you very soon.
This release includes:
* Address POODLE attack by disabling SSLv3 by default
* Fix Eliptical Curve cipher selection bug
We have and will continue to publicly state that we will welcome
implementations of government-mandated ciphers as long as the
implementations
are clean and they are appropriately licensed, and everyone does *not*
need to use them. This is the reason, for example, that we include the
french
And that has nothing do to with what I said Alexey. Go troll somewhere else..
On Thu, Nov 6, 2014 at 2:05 PM, Alexey Suslikov
alexey.susli...@gmail.com wrote:
Bob Beck beck at openbsd.org writes:
1) It can't mess up the code base for everyone.
2) Everyone should not need to eat the dog food
likely from when I killed your process. Have you thought of trying a
mirror lately..
On Mon, Jun 24, 2013 at 5:38 AM, Ian McWilliam kaosa...@tpg.com.au wrote:
Anybody else seeing this updating ports via cvs?
CVSROOT anon...@anoncvs1.ca.openbsd.org:/cvs
cvs update: ignoring
I think this would be the way to go.
On Wed, Aug 21, 2013 at 9:14 AM, Todd C. Miller
todd.mil...@courtesan.com wrote:
Speaking of spamd, I've been running the following diff for five
months or so. It removes the use of time_t in the greylist db file
and provides backwards compat for 32-bit
I'm inclined to agree with marc here - we bump minors on api additions
- and yes, it was stubbed there before so it's not really an
addition but it was stubbed to fail and had to be worked around -
bump the minor - not like it's a big deal.
On Tue, Nov 19, 2013 at 12:02 AM, Marc Espie
An emphatic ok from me for this one.
On Wed, Nov 20, 2013 at 3:21 AM, David Gwynne da...@gwynne.id.au wrote:
the subject says it all really. this is sort of inspired by 5d2ecd5224
in bitrig except this brings all the architectures and device drivers
forward (i didnt get to delete any to
I'm happy to announce the OpenBSD foundation can now accept donations
to assist in funding project activities in BTC.
We are using BitPay.com to host our BitCoin donations, which are converted
to CAD for use by the project.
If you have been interested in making donations in BitCoin, please visit
Just to bring this issue back to the forefront.
In light of shrinking funding, we do need to look for a source to
cover project expenses. If need be the OpenBSD Foundation can be
involved in receiving donations to cover project electrical costs.
But the fact is right now, OpenBSD will shut
, and often, you (the people
who use it and work with it) need to make the case to them that their
support is important - far better that
explanation comes from you rather than someone they don't know.
-Bob
On Tue, Jan 14, 2014 at 1:03 PM, Bob Beck b...@openbsdfoundation.org wrote:
Just to bring
an idea we'd probably
like to put up - as it gets that crowdsourcing type
interest going. But in this case it would likely not be 20K, more like
a 150K yearly goal would be best.
On Tue, Jan 14, 2014 at 2:16 PM, Kirill Bychkov ki...@linklevel.net wrote:
On Wed, January 15, 2014 00:03, Bob Beck wrote
Greetings All,
About a week ago I warned you all that the OpenBSD project did not
have the funds to cover our bills for the past year (especially the
ability to handle the electricity) and that our funding sources were
not sustainable.
As most of you know the news of our predicament has been
Greetings All,
About a week ago I warned you all that the OpenBSD project did not
have the funds to cover our bills for the past year (especially the
ability to handle the electricity) and that our funding sources were
not sustainable.
As most of you know the news of our predicament has been
Yeah. Ok mister chicken before egg.. We should validate this thing
shipped in a release using dnssec with a root of trust depending on root
certs shipped with the release...Love that idea.. But maybe I'll just
buy a CD.
On 22 Jan 2014 05:13, Jiri B ji...@devio.us wrote:
On Wed, Jan 22,
OpenBSD Foundation
funding campaign by suggesting that you're not actually not real
people, but a helpful-suggestions-posting-bot sponsored by the NSA..
Or maybe it's that they've infiltrated our educational systems...
Please get our your tinfoil hats kids.
On Wed, Jan 22, 2014 at 5:39 AM, Bob Beck
I think I'll make sure to advertise the next OpenBSD Foundation
funding campaign by suggesting that you're not actually not real
people, but a helpful-suggestions-posting-bot sponsored by the NSA..
Or maybe it's that they've infiltrated our educational systems...
Please get our your tinfoil
On Wed, Feb 5, 2014 at 3:17 PM, Ted Unangst t...@tedunangst.com wrote:
We are missing back pressure channels from uvm to the buf cache. The
buf cache will happily sit on 9000 free pages while uvm churns around
trying to scavenge up one more page.
Indeed, those are it's minimums (I presume in
talked about :) I think
we can make that a lot better with some NOCACHE..
On Wed, Feb 5, 2014 at 9:03 PM, Ted Unangst t...@tedunangst.com wrote:
On Wed, Feb 05, 2014 at 17:53, Bob Beck wrote:
On Wed, Feb 5, 2014 at 3:17 PM, Ted Unangst t...@tedunangst.com wrote:
We are missing back pressure
together with students to
accomplish things that may become useful to the community at large.
This will be our first year doing this, so we hope to learn from the
experience and see if it will work out in future years.
-Bob Beck - The OpenBSD Foundation.
If you're using windows bootloader, you need to re-get the openbsd.pbr
file to the windows side like you did in the first place
according to the instructions here:
http://www.openbsd.org/faq/faq4.html#Multibooting
Someone really needs to put it in the multiboot FAQ that if you're
booting with
Meaning that the pbr must be updated with the new location.
It doesn't just tend to move around (ie. tend == prone to move).
It moves every time, since it is using mkstemp to create a new file.
Hmm.. yeah that'll be fun to deal with in multi-boot setups.
No, because moving it means that you have to manually redo it every
time you install a snap. which is really a pita.
On Fri, Mar 7, 2014 at 9:44 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
From: Theo de Raadt dera...@cvs.openbsd.org
Date: Fri, 07 Mar 2014 09:24:13 -0700
Whereas new
, Mar 7, 2014 at 9:49 AM, Bob Beck b...@obtuse.com wrote:
No, because moving it means that you have to manually redo it every
time you install a snap. which is really a pita.
On Fri, Mar 7, 2014 at 9:44 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
From: Theo de Raadt dera
actually more painful than having to boot windows is to always have
something handy to boot the snap from in order to dd the bootblock off
in case you forget to do it before rebooting, or you're fucked.
On Fri, Mar 7, 2014 at 9:50 AM, Bob Beck b...@obtuse.com wrote:
before it was just that you
It will affect everyone who needs windows on a laptop for work - or
filling out pdf forms for foundations, things like that.
It is a good way to ensure snaps get tested less on real hardware.
On Fri, Mar 7, 2014 at 10:13 AM, Theo de Raadt dera...@cvs.openbsd.org wrote:
actually more painful
Message-
From: owner-t...@openbsd.org [mailto:owner-t...@openbsd.org] On Behalf Of
Bob Beck
Sent: Friday, March 07, 2014 12:15 PM
To: Theo de Raadt
Cc: Mark Kettenis; Stuart Henderson; Jean-Philippe Luiggi; OpenBSD
technical list
Subject: Re: 5.5 and dual-boot
It will affect everyone
a batch fie
to activate partition *3* on disk 0 with diskpart :)
I might even buy them a beer or 13 for it.
On Fri, Mar 7, 2014 at 11:43 AM, Bob Beck b...@obtuse.com wrote:
Why I hadn't thought of going back to that I don't know.. It actually
works better for me since I don't then normally have
...@meridium.com wrote:
Put the following in a txt file then: diskpart /s c:\openbsd_me.txt
Untested, but that's the idea.
And yep in windows world the disks starts at 0 and the partitions at 1
Select disk 0
Select part 3
Active
Exit
-Original Message-
From: Bob Beck [mailto:b
Does your proxy do http?
no ftp protocol in new installers - we're killing it with fire.
On Fri, Mar 28, 2014 at 9:30 AM, Michael W. Lucas
mwlu...@michaelwlucas.com wrote:
Hi,
Trying to upgrade to $SUBJECT. Have done so on this same host many
times before.
Boot bsd.rd. Type U, enter x 5.
On Wed, Apr 09, 2014 at 02:49:21PM -0600, Devin Reade wrote:
Quoting Theo de Raadt dera...@cvs.openbsd.org:
If tomorrow Damien or I had to announce a major OpenSSH hole, how
screwed would the Internet be?
Would you mind clarifying this a bit? Was the post strictly a
(justified) comment
The OpenBSD Foundation is happy to report that the $150,000 goal of the 2014
fundraising campaign has been reached.
We wish to thank our contributors large and small. We will continue
our fundraising efforts both in the current year and next year.
The success of this year's effort has allowed
On 9 Apr 2014 15:46, Bob Beck b...@obtuse.com wrote:
On Wed, Apr 09, 2014 at 02:49:21PM -0600, Devin Reade wrote:
Quoting Theo de Raadt dera...@cvs.openbsd.org:
If tomorrow Damien or I had to announce a major OpenSSH hole, how
screwed would the Internet be?
Would you mind clarifying
Wonderful - so why are you on this mailing list. Go troll somewhere else.
On Fri, Apr 11, 2014 at 12:21 PM, Sascha Mester sascha.mes...@gmx.de
wrote:
Exactly as I said - no real good reasons. Security through Obscurity is a
reason for me for never trying out the related Operating System - so I
On Fri, Apr 11, 2014 at 6:09 PM, Reyk Floeter r...@openbsd.org wrote:
I did some testing with apache bench (ab) and it shows a negative
performance impact when running with multiple preforked relays and
concurrent requests. But this is expected because all processes have
to wait for the
1 - 100 of 445 matches
Mail list logo
