What's their hangup with %n? We normally don't like polluting the world
with #ifdef OPENSSL_NO_PERCENT_N... We normally nuke stuff like that
On 2 May 2014 16:19, enh e...@google.com wrote:
i maintain Android's C library which, as you may know, contains a lot
of OpenBSD code. i've been working
From http://www.openbsd.org/errata55.html:
untrusted comment: signature from openbsd 5.5 base secret key
RWRGy8gxk9N9321DQnPP+9IApvSKgX2JT78ZuEZ9HWNUESOfE91CMPQIevj7Yrafs1Zc/KNELplMHCwmFTL8CBjPjuXfEG9y+gU=
OpenBSD 5.5 errata 5, May 1, 2014: An attacker can trigger generation
of an SSL alert
because it's better than one.
frankly, it's a starting point. if 8 or 42 is better we can tune from there.
or replace it with something that's better to do the same thing - if
that can be come up with. Do you have a better suggestion?
On Thu, May 1, 2014 at 12:52 PM, Marc Espie es...@nerim.net
This is probably the simplest way to solve the problem for now.
if we want to mess with sys/queue we can do that separately.
On Wed, Apr 30, 2014 at 8:55 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
From: Mike Belopuhov m...@belopuhov.com
Date: Wed, 30 Apr 2014 16:00:45 +0200
On 30
If I had to guess at this point - SRP may have a future.
I'm betting kssl does not, and this should probably go away.
On Tue, Apr 29, 2014 at 4:06 PM, Stefan Fritsch s...@sfritsch.de wrote:
Am Montag, 28. April 2014, 21:40:30 schrieb Ted Unangst:
Also note that I'm not really interested in
Now is not the time for this diff
Please wait a week or so till the ports mysteries are sorted
Patch updated.
ok?
Index: nfsd.c
===
RCS file: /cvs/src/sbin/nfsd/nfsd.c,v
retrieving revision 1.32
diff -u -p -u -r1.32 nfsd.c
---
I don't think we want to do this yet. RAND_bytes and
RAND_pseudo_bytes will not be going away.
On Mon, Apr 21, 2014 at 9:24 PM, Jean-Philippe Ouellet
jean-phili...@ouellet.biz wrote:
Here's another pass.
This replaces RAND_{,pseudo_}bytes() calls with equivelant arc4random_buf(3)
calls for
My bad Dirk - you're right with that one.
I'll take a look at this when I get home, and either apply your fix or
disentangle this in a hopefully more obvious way.
On Mon, Apr 21, 2014 at 1:53 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 21.04.14 19:01, Bob Beck wrote:
Not quite, because
Post diffs one per message per thing you're trying to do - example
fix leak in foo.c - etc.
You may have slow replies for a few days, people are travelling
On Tue, Apr 22, 2014 at 12:12 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 22.04.14 19:16, Bob Beck wrote:
I'll take a look
Note you can often have this problem if you cut and paste your diff
into a mail message
Normally best to use something that allows you to just include the
diff from a file inline.
To check it, mail *yourself* the diff. If you can save the email
message raw and apply the
diff just by running
Thanks ted. now I don't have to do it :)
Send more diffs Dirk :)
On Tue, Apr 22, 2014 at 2:38 PM, Ted Unangst t...@tedunangst.com wrote:
On Mon, Apr 21, 2014 at 05:37, Dirk Engling wrote:
On 21.04.14 04:56, Ted Unangst wrote:
Also, can you include diffs inline please? One diff per email.
I will be a minute reading this. The comment from the context at the
bottom of the diff has
me laughing and crying again...
On Tue, Apr 22, 2014 at 5:43 PM, Dirk Engling erdge...@erdgeist.org wrote:
remove M_ASN1_New_Malloc, M_ASN1_New, M_ASN1_New_Error marcos, they hide
a malloc and are only
I hate the amount of useless garbage API this thing exposes
externally, that we then have to wonder WTF out there might use
it G.
Dirk the right way to do this is leave the macros for now (ick) but
change the internals of all our stuff to use intrinsics
without the use of the macros. We
can use! I must use it!
On Tue, Apr 22, 2014 at 6:23 PM, Bob Beck b...@obtuse.com wrote:
I hate the amount of useless garbage API this thing exposes
externally, that we then have to wonder WTF out there might use
it G.
Dirk the right way to do this is leave the macros for now (ick
Nope. One of those things is not like the other..
On Tue, Apr 22, 2014 at 7:05 PM, Michael W. Bombardieri m...@ii.net wrote:
Hi tech@,
Sending this patch for comment...
CRYPTO_memcmp() is different to memcmp() because it can only check
for equality, not greater-than/less-than.
If we check
Looks good, but if you chase something like this, it's ok to send a
diff that kills all of them at once in the same file, like this. which
replaces everywhere the original author didn't know about sizeof(buf)
:)
-Bob
Index: n_pkey.c
Yes, ok
committed
On Wed, Apr 23, 2014 at 03:55:19AM +0200, Dirk Engling wrote:
Index: x_x509.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/asn1/x_x509.c,v
retrieving revision 1.12
diff -u -r1.12 x_x509.c
--- x_x509.c 18
On Wed, Apr 23, 2014 at 04:39:01AM +, Miod Vallat wrote:
+ while (n-- 0)
+ x |= a[n] ^ b[n];
Won't compare the bytes at [0].
Uh? It will, n gets decremented after the test but before the x |=
statement.
Heh. you're right. And both Ted and I were dumbasses. I have
tied
Not quite, because now you avoid the potential double free and instead leak
ret itself because of how ASN1_STRING_free works.. You need to
do this slightly differently.
On Sun, Apr 20, 2014 at 9:37 PM, Dirk Engling erdge...@erdgeist.org wrote:
On 21.04.14 04:56, Ted Unangst wrote:
Also, can
On Sun, Apr 20, 2014 at 5:06 PM, Dirk Engling erdge...@erdgeist.org wrote:
Dear openbsd devs,
I've just put on my rubber gloves to help with your heroic efforts on
OpenSSL. I started to dive into OpenSSL's ASN.1 implementation and now
wonder how to share my findings, patches and requests
On Fri, Apr 18, 2014 at 05:19:15PM -0700, Claus Assmann wrote:
Seems it is ok to use strlcat/strlcpy that way in some cases:
$ cat src/usr.sbin/smtpd/*.c | egrep -c ' strlc(at|py)\('
249
If your only goal is ensuring you don't have a non-nul terminated
string, sure, that's great. and the way
not quite, because your diff was mangled, but I think
you had it right anyway.. fix committed by miod, thanks for
telling us.
On Wed, Apr 16, 2014 at 03:39:03PM +1000, Ian McWilliam wrote:
Hoope the attached diff is a correct fix. Hit me with the cluebat if
not.
cc -O2 -pipe ??-Wall
In the interests of full disclosure, do you work for the government or
sell to the government?
And in the interests of full disclosure, please note, It's absolutely
not political. We just deleted all the FIPS junk too.
the right way to add GOST if you need it is not as an engine, but as a
On Mon, Apr 14, 2014 at 11:39 AM, Ted Unangst t...@tedunangst.com wrote:
Small tweak. Use a union, instead of casts. There's still casting for
the call to insert(), but I think this is a little better. Also use
the correct type for the insert() parameter.
Index: stdlib/malloc.c
Wonderful - so why are you on this mailing list. Go troll somewhere else.
On Fri, Apr 11, 2014 at 12:21 PM, Sascha Mester sascha.mes...@gmx.de
wrote:
Exactly as I said - no real good reasons. Security through Obscurity is a
reason for me for never trying out the related Operating System - so I
On Fri, Apr 11, 2014 at 6:09 PM, Reyk Floeter r...@openbsd.org wrote:
I did some testing with apache bench (ab) and it shows a negative
performance impact when running with multiple preforked relays and
concurrent requests. But this is expected because all processes have
to wait for the
The OpenBSD Foundation is happy to report that the $150,000 goal of the 2014
fundraising campaign has been reached.
We wish to thank our contributors large and small. We will continue
our fundraising efforts both in the current year and next year.
The success of this year's effort has allowed
On 9 Apr 2014 15:46, Bob Beck b...@obtuse.com wrote:
On Wed, Apr 09, 2014 at 02:49:21PM -0600, Devin Reade wrote:
Quoting Theo de Raadt dera...@cvs.openbsd.org:
If tomorrow Damien or I had to announce a major OpenSSH hole, how
screwed would the Internet be?
Would you mind clarifying
On Wed, Apr 09, 2014 at 02:49:21PM -0600, Devin Reade wrote:
Quoting Theo de Raadt dera...@cvs.openbsd.org:
If tomorrow Damien or I had to announce a major OpenSSH hole, how
screwed would the Internet be?
Would you mind clarifying this a bit? Was the post strictly a
(justified) comment
Does your proxy do http?
no ftp protocol in new installers - we're killing it with fire.
On Fri, Mar 28, 2014 at 9:30 AM, Michael W. Lucas
mwlu...@michaelwlucas.com wrote:
Hi,
Trying to upgrade to $SUBJECT. Have done so on this same host many
times before.
Boot bsd.rd. Type U, enter x 5.
If you're using windows bootloader, you need to re-get the openbsd.pbr
file to the windows side like you did in the first place
according to the instructions here:
http://www.openbsd.org/faq/faq4.html#Multibooting
Someone really needs to put it in the multiboot FAQ that if you're
booting with
Meaning that the pbr must be updated with the new location.
It doesn't just tend to move around (ie. tend == prone to move).
It moves every time, since it is using mkstemp to create a new file.
Hmm.. yeah that'll be fun to deal with in multi-boot setups.
No, because moving it means that you have to manually redo it every
time you install a snap. which is really a pita.
On Fri, Mar 7, 2014 at 9:44 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
From: Theo de Raadt dera...@cvs.openbsd.org
Date: Fri, 07 Mar 2014 09:24:13 -0700
Whereas new
, Mar 7, 2014 at 9:49 AM, Bob Beck b...@obtuse.com wrote:
No, because moving it means that you have to manually redo it every
time you install a snap. which is really a pita.
On Fri, Mar 7, 2014 at 9:44 AM, Mark Kettenis mark.kette...@xs4all.nl wrote:
From: Theo de Raadt dera
actually more painful than having to boot windows is to always have
something handy to boot the snap from in order to dd the bootblock off
in case you forget to do it before rebooting, or you're fucked.
On Fri, Mar 7, 2014 at 9:50 AM, Bob Beck b...@obtuse.com wrote:
before it was just that you
It will affect everyone who needs windows on a laptop for work - or
filling out pdf forms for foundations, things like that.
It is a good way to ensure snaps get tested less on real hardware.
On Fri, Mar 7, 2014 at 10:13 AM, Theo de Raadt dera...@cvs.openbsd.org wrote:
actually more painful
Message-
From: owner-t...@openbsd.org [mailto:owner-t...@openbsd.org] On Behalf Of
Bob Beck
Sent: Friday, March 07, 2014 12:15 PM
To: Theo de Raadt
Cc: Mark Kettenis; Stuart Henderson; Jean-Philippe Luiggi; OpenBSD
technical list
Subject: Re: 5.5 and dual-boot
It will affect everyone
a batch fie
to activate partition *3* on disk 0 with diskpart :)
I might even buy them a beer or 13 for it.
On Fri, Mar 7, 2014 at 11:43 AM, Bob Beck b...@obtuse.com wrote:
Why I hadn't thought of going back to that I don't know.. It actually
works better for me since I don't then normally have
...@meridium.com wrote:
Put the following in a txt file then: diskpart /s c:\openbsd_me.txt
Untested, but that's the idea.
And yep in windows world the disks starts at 0 and the partitions at 1
Select disk 0
Select part 3
Active
Exit
-Original Message-
From: Bob Beck [mailto:b
together with students to
accomplish things that may become useful to the community at large.
This will be our first year doing this, so we hope to learn from the
experience and see if it will work out in future years.
-Bob Beck - The OpenBSD Foundation.
On Wed, Feb 5, 2014 at 3:17 PM, Ted Unangst t...@tedunangst.com wrote:
We are missing back pressure channels from uvm to the buf cache. The
buf cache will happily sit on 9000 free pages while uvm churns around
trying to scavenge up one more page.
Indeed, those are it's minimums (I presume in
talked about :) I think
we can make that a lot better with some NOCACHE..
On Wed, Feb 5, 2014 at 9:03 PM, Ted Unangst t...@tedunangst.com wrote:
On Wed, Feb 05, 2014 at 17:53, Bob Beck wrote:
On Wed, Feb 5, 2014 at 3:17 PM, Ted Unangst t...@tedunangst.com wrote:
We are missing back pressure
Yeah. Ok mister chicken before egg.. We should validate this thing
shipped in a release using dnssec with a root of trust depending on root
certs shipped with the release...Love that idea.. But maybe I'll just
buy a CD.
On 22 Jan 2014 05:13, Jiri B ji...@devio.us wrote:
On Wed, Jan 22,
OpenBSD Foundation
funding campaign by suggesting that you're not actually not real
people, but a helpful-suggestions-posting-bot sponsored by the NSA..
Or maybe it's that they've infiltrated our educational systems...
Please get our your tinfoil hats kids.
On Wed, Jan 22, 2014 at 5:39 AM, Bob Beck
I think I'll make sure to advertise the next OpenBSD Foundation
funding campaign by suggesting that you're not actually not real
people, but a helpful-suggestions-posting-bot sponsored by the NSA..
Or maybe it's that they've infiltrated our educational systems...
Please get our your tinfoil
Greetings All,
About a week ago I warned you all that the OpenBSD project did not
have the funds to cover our bills for the past year (especially the
ability to handle the electricity) and that our funding sources were
not sustainable.
As most of you know the news of our predicament has been
Greetings All,
About a week ago I warned you all that the OpenBSD project did not
have the funds to cover our bills for the past year (especially the
ability to handle the electricity) and that our funding sources were
not sustainable.
As most of you know the news of our predicament has been
Just to bring this issue back to the forefront.
In light of shrinking funding, we do need to look for a source to
cover project expenses. If need be the OpenBSD Foundation can be
involved in receiving donations to cover project electrical costs.
But the fact is right now, OpenBSD will shut
, and often, you (the people
who use it and work with it) need to make the case to them that their
support is important - far better that
explanation comes from you rather than someone they don't know.
-Bob
On Tue, Jan 14, 2014 at 1:03 PM, Bob Beck b...@openbsdfoundation.org wrote:
Just to bring
an idea we'd probably
like to put up - as it gets that crowdsourcing type
interest going. But in this case it would likely not be 20K, more like
a 150K yearly goal would be best.
On Tue, Jan 14, 2014 at 2:16 PM, Kirill Bychkov ki...@linklevel.net wrote:
On Wed, January 15, 2014 00:03, Bob Beck wrote
I'm happy to announce the OpenBSD foundation can now accept donations
to assist in funding project activities in BTC.
We are using BitPay.com to host our BitCoin donations, which are converted
to CAD for use by the project.
If you have been interested in making donations in BitCoin, please visit
An emphatic ok from me for this one.
On Wed, Nov 20, 2013 at 3:21 AM, David Gwynne da...@gwynne.id.au wrote:
the subject says it all really. this is sort of inspired by 5d2ecd5224
in bitrig except this brings all the architectures and device drivers
forward (i didnt get to delete any to
I'm inclined to agree with marc here - we bump minors on api additions
- and yes, it was stubbed there before so it's not really an
addition but it was stubbed to fail and had to be worked around -
bump the minor - not like it's a big deal.
On Tue, Nov 19, 2013 at 12:02 AM, Marc Espie
I think this would be the way to go.
On Wed, Aug 21, 2013 at 9:14 AM, Todd C. Miller
todd.mil...@courtesan.com wrote:
Speaking of spamd, I've been running the following diff for five
months or so. It removes the use of time_t in the greylist db file
and provides backwards compat for 32-bit
likely from when I killed your process. Have you thought of trying a
mirror lately..
On Mon, Jun 24, 2013 at 5:38 AM, Ian McWilliam kaosa...@tpg.com.au wrote:
Anybody else seeing this updating ports via cvs?
CVSROOT anon...@anoncvs1.ca.openbsd.org:/cvs
cvs update: ignoring
No issues so far!
At 101% of last port (chromium) on bufferflipper crashing laptop.
Such a nasty name for a laptop that just happened to run a version of
my diff with a bug :)
I'm still looking for 1U servers in western canada. we have an
opportunity to build a better build infrastructure for ports but need
the gear to do it with.
I would be keenly interested in
1) Workable semi-modern amd64 capable intel hardware, 1U - 4 GB of ram
or more is nice, One disk drive.
this on multiple arches and on my nfs servers feeding them.
-Bob
On Mon, Jun 03, 2013 at 09:20:08AM -0600, Bob Beck wrote:
Here's a new version of the buffer flipper that fixes
a problem found by krw@. - All comments from before still apply:
You too can have a GIANT buffer cache etc. etc
I'm ok with this.
On Wed, Jun 05, 2013 at 02:12:36PM -0400, Ted Unangst wrote:
On Wed, Jun 05, 2013 at 14:13, Alexandre Ratchov wrote:
On Tue, Jun 04, 2013 at 11:33:12PM -0400, Ted Unangst wrote:
Instead of using a fixed size hash table for procs, use an rb tree.
Makes thread/process
1.23
+++ sys/kern/vfs_biomem.c 3 Jun 2013 14:51:14 -
@@ -1,6 +1,7 @@
/* $OpenBSD: vfs_biomem.c,v 1.23 2013/01/18 10:07:37 beck Exp $ */
/*
* Copyright (c) 2007 Artur Grabowski a...@openbsd.org
+ * Copyright (c) 2012,2013 Bob Beck b...@openbsd.org
*
* Permission to use, copy
Some of you may be aware of the recent developments in current that
have brought us Intel KMS Support. With this we get proper
accellerated X on current and future Intel graphics hardware. There
are a few other nice side benefits to this work:
- We gain the ability to use the kernel
My two cents on this is that it should be possible (or the default) to
have it logging the IP address.
Having said that ted, yes, DNS is not reliable in some sense - on
the other hand the reverse lookup *is* information that can be useful,
and in the case of dynamic DNS it may contain information
On Tue, Mar 26, 2013 at 1:51 AM, Ted Unangst t...@tedunangst.com wrote:
uvm_pagefree calls atomic_clearbits_int too many times.
Is there some sort of evidence that this is a problem - performace or
stability wise?
Just
accumulate the flags we need to zap, then do it once.
I get what you're
On Tue, Mar 26, 2013 at 10:55 AM, Miod Vallat m...@online.fr wrote:
uvm_pagefree calls atomic_clearbits_int too many times.
Is there some sort of evidence that this is a problem - performace or
stability wise?
Platforms which can't do ll/sc style atomic operations usually wrap
these
Well, you're right about one thing - the comment there says that it should
just return EINVAL for nfs v2 - and I think it should - but that code returns
EINVAL for v3 - and that's wrong. We have server side support for this in v3
and what we should probably be doing is actually doing the rpc call
On Tue, Mar 26, 2013 at 11:58 AM, Theo de Raadt dera...@cvs.openbsd.org wrote:
and doing EINVAL in the v2 case.
Which won't solve the problem described in his mail.
Of course it will - in the NFS v3 case, and in theory you'll be
getting what the server supports.
I don't think we should go
Let me explain my philosophy towards pathconf. It's like those
configure scripts that check to see if you have a working version of
strcpy. If you don't, you are so utterly boned you'll find out soon
enough. If the nfs server isn't going to let you create a 255
character name, you'll find out
I've certainly done the same with this.. congratulations - it panics.
it's not helpful - the issue is not when it goes negative. the issue is
missed increments in one of the many nfs cases, and a kassert in this
case doesn't help you find that. We've fixed it several times and then
something gets
The project is looking for some modern i386/amd64 machines in
edmonton, AB. They need to be relatively recent, and rack mountable. Ideally
they should have rails, or the ability to find rack mount rails for them.
1U is best, ideally something that runs OpenBSD well.
On Thu, Mar 7, 2013 at 6:16 AM, Gilles Chehade gil...@poolp.org wrote:
On Thu, Mar 07, 2013 at 01:10:48PM +0100, Jonathan Armani wrote:
On Tue, Mar 05, 2013 at 03:24:06PM +0100, Sylvestre Gallon wrote:
I am not quite sure but I think that only libfuse and sshfs are GPL
licenced. The
Using puffs will induce a rewrite of all the kernel code, because the
internals are completely different (and I think a little bit more
complex, but this is a personal opinion...).
I might share that opinon :)
For a libfuse support in basesystem we will need to do a librefuse
like
Show me your pf.conf please - I'd like to address your problem
in the documentation or another way.. I don't like a knob like
this.
On Thu, Mar 07, 2013 at 12:04:22PM -0800, Constantine A. Murenin wrote:
On 2013-W10-3 15:46 -0700, Bob Beck wrote:
Yes, one could log stuff into different
I think this should not only be addressed in the documentation (for
pcap-filter, spamd -M / spamlogd, pf.conf log/rdr-to / pflogd,
tcpdump), but in the actual spamlogd code changes, too -- it should
be smart enough to not automatically whitelist the connections that
are rewritten to the
So, you do agree this is not something that should be happening, right?
No, I figure you should not log the connections you're sending to
spamd. But we can figure some way to make this a bit clearer.
, this would also prevent the case of double-whitelisting the
connections that are logged and whitelisted through other rules, without any
adverse side effects or unexpected behaviour.
Patch attached inline.
C.
On 2013-W10-3 13:47 -0700, Bob Beck wrote:
No constantine - the solution is to simply
Indeed, this is what I typically do.
and make sure I only log the real mailserver connections to pflog1,
and point spamlogd at that.
On Wed, Mar 6, 2013 at 2:14 PM, Stuart Henderson s...@spacehopper.org wrote:
On 2013/03/06 13:47, Bob Beck wrote:
No constantine - the solution is to simply
Yes, one could log stuff into different pflog interfaces, but I don't
understand why pf.conf `pass in ... log ... port smtp ...` is effectively
redefined to mean `add spamd-white` when spamlogd is running,
http://www.openbsd.org/cgi-bin/man.cgi?query=spamlogd
and RTFM for the first two
Sylvestre, one of the problems with fuse itself is that it's GPL
licensed, and not appropriate
for inclusion in base. If you've got interets and talent in this area,
you might want to consider
having a peek at puffs (and refuse) from netbsd which has a workable
license and could
be included in
You too can have a GIANT buffer cache etc. etc...
After much bug fighting in the midlayer and now uvm over the last 6
months in a number of places, I think it's about time to shop this
around again.
This will only make a difference on amd64 - if you have 4 GB or more
of RAM. What it does
Yes. absolutely.. ok
On Thu, Feb 14, 2013 at 1:38 PM, Miod Vallat m...@online.fr wrote:
This is what happens when install(1) is used to install files on a
read-only filesystem:
# mount -u -o ro /usr
# cd /usr/src
# make build
cd /usr/src/share/mk exec make install
install -c -o root -g
I'd reccomend
http://www.openbsd.org/books.html#book8
It's a very good way to learn pf enough to deal with it.
On Thu, Feb 14, 2013 at 4:20 PM, Daniel Bertrand
danieljamesbertr...@me.com wrote:
Hello,
Thanks for providing such great software. It really is much appreciated.
I was
On Mon, Feb 11, 2013 at 05:00:08PM +0100, Mark Kettenis wrote:
Date: Mon, 11 Feb 2013 00:05:29 -0600
From: Todd T. Fries t...@fries.net
In light of nat64 in pf(4), what purpose does faithd(8) serve anymore?
I played with it a bit over a decade ago, but don't recall having any use
Appears not to break my alix...
On Thu, Feb 7, 2013 at 10:41 AM, Stuart Henderson s...@spacehopper.org wrote:
At least the following vr(4) devices can be configured to permit
larger MTUs.
vr0 at pci0 dev 18 function 0 VIA RhineII-2 rev 0x51: irq 11, address
00:40:63:c0:5d:27
vr1 at pci2
No, I normally install all the X sets, I just do not run X on the console.
So I don't like this.
On Wed, Jan 9, 2013 at 3:43 PM, Gleydson Soares gsoa...@trusted.com.brwrote:
the diff below changes src/distrib/miniroot/install.sub to by default skip
x* sets if someone do not expect to run X
Do
Hello tech@.
I just committed some significant fixes to the buffer cache in -current.
(you want to look for version 1.139 of vfs_bio.c)
If you have such a current kernel, you may wish to try the following
diff - it is a backout of a previous commit that emasculated softdep
in order to make is
Just a followon for tech people - if you do use this and
hit a problem, I would very much appreciate your dmesg,
as well as from ddb, ps trace show bcstats and show uvm.
-Bob
On Wed, Nov 07, 2012 at 10:35:03AM -0800, Mike Larkin wrote:
On Wed, Nov 07, 2012 at 11:25:55AM -0700, Bob Beck
Anyways, since in my case, I only need a read-only export, I can also go with
sharing the files via http.
Both networks that are separated with the firewall, have about the same trust
level.
So now someone could argue, why the hell a firewall in there at all, but
that's a different topic
Gregor you would perhaps get better feedback if it were easier to discern
where your patches are and what each one is doing. If you can't be
inclined to keep the subjects matching the diffs and are sending stuff out
with subjects like scheduler improvement diff X instead of something like
reduce
Hi Folks,
The main web, ftp, and anoncvs servers are going to be down for a
short period today while they move from data center to data center at
the University of Alberta. The University has been so kind as to
offer the project space in two racks in their new state of the art
data centre in a
Gilles, I'm actually wondering - should there even be a difference?
Every practical implementation of 587 I've ever seen requires auth. Is there
any sane reason to have enable auth not actually require it? I.E. what
I'm asking is is enable (without require) simply a silly knob that
we're putting
On Tue, Oct 9, 2012 at 9:25 AM, Gilles Chehade gil...@poolp.org wrote:
I agree with you that people will probably not want port 587 without auth
turned on so on a practical point of view, we could make it implicit.
There's a syntax issue though because, users will likely be less surprised
I think Bob's point is that then you use 587 (with auth) for yourselves and
25 (without auth) for mail from the rest of the intertubes.
Yes, that's my point :)
Then what about the opposite ?
listen on fxp0 [...] auth # 99% case
listen on fxp0 [...] auth-optional # 1% case
Better, as long as we're sure there's real use for auth-optional
Then what about the opposite ?
listen on fxp0 [...] auth # 99% case
listen on fxp0 [...] auth-optional # 1% case
I'd say this is at least less surprising, and will likely cause less admins
to open a backdoor for locally destinated mail, bypassing spam
I don't want to be in the business of adding 20 different interpreters
to base. If I did, it'd be lua first by a mile.
That said, tinyscheme is designed to be directly embedded. If it
turns out people are dying to add scheme support to top and systat, we
can talk about a shared library, but
of the software.
Our developers are:
Alexander Bluhm, Alexander Hall, Alexander Schrijver,
Alexander Yurchenko, Alexandr Shadchin, Alexandre Ratchov,
Anil Madhavapeddy, Anthony J. Bentley, Antoine Jacoutot,
Ariane van der Steldt, Austin Hook, Benoit Lecocq, Bernd Ahlers,
Bob
OpenBSD's building infrastructure has a need for such things. if you
are in the process of rewhacking your network, I would love to hear
from you if you have such beasts that might be sent our way.
We are looking to get these things in Calgary, Canada.
Mark kettenis found an issue with the cleaner on the previous diff I sent out.
This diff fixes his issue, replaces the earlier diff.
Previous comments apply, please test in lots of places.
Index: kern/kern_sysctl.c
===
(apologies for the earlier oops.)
Want more buffer cache? please have a try with this.
This diff breaks the buffer cache into the dma'able region, and the
above dma-able region of memory. buffers are always allocated in
the dma'able region, and as they age they are moved above the dma'able
I'm all for killing the ksh autoswitch feature. Whenever I end up on a
system with EDITOR set to vi and ksh as shell I'm lost. If people like to
use a specific mode they should add it to .profile.
I'm not, I use ksh and like the fact that it makes my history
keystrokes appropriate
for my
301 - 400 of 445 matches
Mail list logo