what approach for TRNG?

2015-11-29 Thread Devin Reade
A while ago a posted a dmesg for a TRNG USB device (the MoonBase Otago OneRNG) per . I'm looking at adding support for this device but haven't splunked too much into the OpenBSD kernel bef

ignore inflight messages in daily output

2016-01-02 Thread Devin Reade
If mail is in the process of being sent (rather than sitting in the queue) we probably shouldn't complain about it. If something like daily.local causes mail to be sent this can end up with a lot of false positives. (False in the sense that nothing is actually wrong, so the system should be quite

Re: ignore inflight messages in daily output

2016-01-03 Thread Devin Reade
--On Sunday, January 03, 2016 01:22:34 PM + Stuart Henderson wrote: On 2016/01/02 18:05, Devin Reade wrote: If mail is in the process of being sent (rather than sitting in the queue) we probably shouldn't complain about it. If something like daily.local causes mail to be sent thi

onerng(4): new TRNG device

2016-01-04 Thread Devin Reade
/null 1 Jan 1970 00:00:00 - +++ sys/dev/usb/onerng.c4 Jan 2016 17:14:14 - @@ -0,0 +1,547 @@ +/* $OpenBSD$ */ +/* + * Copyright (C) 2015 Devin Reade + * Copyright (C) 2015 Sean Levy + * Copyright (c) 2007 Marc Balmer + * Copyright (c) 2006 Alexander Yurchenko + * Copyright (c)

Re: onerng(4): new TRNG device

2016-01-04 Thread Devin Reade
Thanks for your feedback, Martin. See below. --On Monday, January 04, 2016 08:02:34 PM +0100 Martin Pieuchot wrote: On 04/01/16(Mon) 10:34, Devin Reade wrote: This patch adds kernel support for the OneRNG hardware random number generator, which is similar to ualea(4). onerng(4) is

Re: onerng(4): new TRNG device

2016-01-06 Thread Devin Reade
--- /dev/null 1 Jan 1970 00:00:00 - +++ sys/dev/usb/onerng.c7 Jan 2016 04:58:58 - @@ -0,0 +1,470 @@ +/* $OpenBSD$ */ +/* + * Copyright (C) 2015 Devin Reade + * Copyright (C) 2015 Sean Levy + * Copyright (c) 2007 Marc Balmer + * Copyright (c) 2006 Alexander Yurchenko + * Copyright

Re: onerng(4): new TRNG device

2016-01-07 Thread Devin Reade
v/usb/uonerng.c === RCS file: sys/dev/usb/uonerng.c diff -N sys/dev/usb/uonerng.c --- /dev/null 1 Jan 1970 00:00:00 - +++ sys/dev/usb/uonerng.c 8 Jan 2016 02:56:08 - @@ -0,0 +1,452 @@ +/* $OpenBSD$ */ +/* + * Copyright (C) 2015 Devin Reade + * Copyright (C) 2015 Sean Levy

Re: Get PCI resources from ACPI

2016-01-08 Thread Devin Reade
dmesg diff, followed by full dmesg with 2nd patch applied. No panic, at least in the time it took to grab the dmesg and reboot. Devin 1c1 < OpenBSD 5.9-beta (GENERIC.MP) #10: Fri Jan 8 09:00:37 MST 2016 --- OpenBSD 5.9-beta (GENERIC.MP) #11: Fri Jan 8 10:37:00 MST 2016 18c18 < cpu0: Intel(R

acme-client missing man-page bug item?

2017-03-07 Thread Devin Reade
I'm testing a git-based version of acme-client on OpenBSD 6.0 at the moment and visually comparing source with that in CVS, but this is relevant to OpenBSD 6.1 so bear with me here. In the git version in revokeproc.c about line 237 we see the following comment following the "Parse the SAN line" t

acme-client -t switch?

2017-03-07 Thread Devin Reade
So I was looking to use acme-client's "-t" switch to orchestrate the creation of certificates for non-HTTPS use and off-machine use. However I see that it was removed in main.c version 1.15 in the OpenBSD source tree. (I'm currently testing acme-client via git on OpenBSD 6.0.) Would folks be ame

Re: acme-client -t switch?

2017-03-07 Thread Devin Reade
Expanding on my previous email, it looks like the git version of acme-client has a different implementation than what was implemented in the version first committed (and later removed) from the OpenBSD CVS sources. The latter (CVS) version was calling "doas sh ..." whereas the former (git) versio

Re: acme-client -t switch?

2017-03-10 Thread Devin Reade
--On Thursday, March 09, 2017 06:13:38 PM +0100 Sebastian Benoit wrote: Stuart Henderson(s...@spacehopper.org) on 2017.03.07 21:56:56 +: Since this came up.. what does anyone think about adding the original version back to ports? (personally, I could do with moving things away from the

Re: OpenSSH hole, April 9

2014-04-09 Thread Devin Reade
Quoting Theo de Raadt : If tomorrow Damien or I had to announce a major OpenSSH hole, how screwed would the Internet be? Would you mind clarifying this a bit? Was the post strictly a (justified) comment about the lack of funding, or should we be anticipating another announcement in addition t

Re: OpenSSH hole, April 9

2014-04-09 Thread Devin Reade
Thanks for the clarification. I would also like to thank whomever for the extra descriptive text on the openssl patch issued the other day. Having the clarification on the (non)impact on OpenSSH right in the patch was good ... Devin