Tiny correction to sshd_config.5

There's an 's' missing in PermitEmptyPasswords. Index: usr.bin/ssh/sshd_config.5 === RCS file: /home/cvsync/openbsd/src/usr.bin/ssh/sshd_config.5,v retrieving revision 1.265 diff -u -p -u -r1.265 sshd_config.5 ---

Re: [patch] rtl8188eu support for urtwn(4)

Just wanted to report that this works with my TL-WN723N v3.0. With both patches applied the adapter is able to saturate my DSL connection. Brendan MacDonell On Sun, Apr 26, 2015 at 4:46 PM, Mikhail mp39...@gmail.com wrote: On 21:22 26-Apr 2015 Mikhail wrote: On 20:20 26-Apr 2015 Stefan

Re: LibreSSL: is there any reason to keep opaque_prf_input?

Miod Vallat m...@online.fr writes: You're right. What about the following diff? (major bump for libssl) Looks OK to me. There's also a few tendrils in regress: Index: ssl/ssltest.c === RCS file:

Re: [PATCH] Use mkstemp instead of mktemp.

On Tue, Jun 10, 2014 at 7:32 PM, Dan Albert danalb...@google.com wrote: mktemp was removed from POSIX 2008 for security reasons. --- usr.bin/nc/netcat.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c index a034bba..d9e4ab4

Patch: fix run(4) support for rt5592 devices

RT5592 devices have a larger TXWI and RXWI than other adapters supported by run(4). The following patch adds the offset adjustments that were overlooked in r1.98. Using the patch, I can connect to 11g and 11b APs, though there's still one nit: after scanning channels in the 5GHz range, the

LibreSSL: is there any reason to keep opaque_prf_input?

on arrival and implemented post-mortem, I wouldn't be surprised to discover that opaque_prf_input has as many users as big-endian amd64 support. Brendan MacDonell [1] http://tools.ietf.org/html/draft-rescorla-tls-opaque-prf-input-00 [2] https://github.com/openssl/openssl/commit

libcrypto: plug some x509 leaks

X509_TRUST_add() and X509_PURPOSE_add() leak memory or corrupt existing entries when they fail (ie. when memory is exhausted, or the name / sname argument to BUF_strdup is NULL.) This seems like an unlikely error to hit, but we may as well handle it correctly. Brendan Index:

Re: [PATCH 4/7] use BIO_write instead of an unchecked write()

On Sat, May 31, 2014 at 8:02 PM, Brent Cook bust...@gmail.com wrote: I totally agree in the general case. BIO is a big pain, and it does seem crazy to use it for stdio. However, in this specific case, this file already calls BIO_printf, BIO_puts and BIO_write to stdout and stderr, in an

Re: [PATCH] libssl:Remove NULL checks before calling free()

I think this can be extended to expressions, not just identifiers: @@ expression x; @@ -if (x) { free(x); } +free(x); This catches another 47 instances. A patch against CVS follows. diff -u -p a/src/apps/s_server.c b/src/apps/s_server.c --- a/src/apps/s_server.c +++

Re: libcrypto: stop some ASN.1 bleeding

Miod Vallat m...@online.fr writes: As promised, here is a new diff. Bob Beck suggested introducing wrappers to the time-related functions, so that the error path becomes easier to understand; this makes the diff to these functions much simpler indeed. That's helpful. It definitely makes it

Re: libcrypto: stop some ASN.1 bleeding

OK, the latest diff looks good to me.