Re: update x11/picom
On 2022/11/16 19:29:17 +, Klemens Nanni wrote:
> On Mon, Nov 14, 2022 at 07:41:01PM +0100, Omar Polo wrote:
> > Hello ports,
> >
> > this updates picom to the latest release. I've tested brieflily the
> > previous RCs too, seems to work fine here with the default config.
> >
> > I had to disable the opengl backend because it fails to build due to
> > an undefined symbol glEGLImageTargetTexStorageEXT, no idea about it.
> >
> > this updates also install an autostart. i only use xenodm and cwm,
> > don't know how that works with DEs
>
> ===> Building package for picom-10
> ...
> Error:
> /usr/ports/pobj/picom-10/fake-amd64/usr/local/share/examples/picom/picom.desktop
> does not exist
> pkg_create: can't continue
>
> $ find `make show=WRKINST` -name \*.desktop
> /usr/ports/pobj/picom-10/fake-amd64/etc/xdg/autostart/picom.desktop
>
> /usr/ports/pobj/picom-10/fake-amd64/usr/local/share/applications/picom.desktop
>
> Looks like the port installed it to the fake /etc itself.
yes, with this update it tries to install picom.desktop into
/etc/xdg/autostart. I forgot to 'cvs add' a patch (that also neuters
some pointless git checking) before sending the email, sorry.
I haven't found another way other than patching.
MODMESON_CONFIGURE_ARGS already has --sysconfdir=${SYSCONFDIR} and
meson doesn't like this flag to be provided more than once.
Index: Makefile
===
RCS file: /home/cvs/ports/x11/picom/Makefile,v
retrieving revision 1.7
diff -u -p -r1.7 Makefile
--- Makefile11 Mar 2022 20:16:55 - 1.7
+++ Makefile16 Nov 2022 21:17:15 -
@@ -2,14 +2,14 @@ COMMENT = lightweight compositor for X11
GH_ACCOUNT = yshui
GH_PROJECT = picom
-GH_TAGNAME = v9.1
+GH_TAGNAME = v10
CATEGORIES = x11
# MPL 2.0
PERMIT_PACKAGE = Yes
-WANTLIB += GL X11 X11-xcb c config dbus-1 ev m pcre pixman-1
+WANTLIB += X11 X11-xcb c config dbus-1 ev m pcre pixman-1
WANTLIB += xcb-composite xcb-damage xcb-glx xcb-image xcb-present
WANTLIB += xcb-randr xcb-render-util xcb-render xcb-shape xcb-sync
WANTLIB += xcb-xfixes xcb-xinerama xcb
@@ -34,6 +34,13 @@ LIB_DEPENDS =devel/libconfig \
CONFIGURE_ARGS += -Dwith_docs=true \
-Dunittest=true \
-Dcompton=false
+
+# fails to build with:
+# ld: error: undefined symbol: glEGLImageTargetTexStorageEXT
+# >>> referenced by egl.c
+# >>> src/picom.p/backend_gl_egl.c.o:(egl_bind_pixmap)
+CONFIGURE_ARGS += -Dopengl=false
+
CONFIGURE_ENV += CPPFLAGS="${CPPFLAGS} -I${LOCALBASE}/include" \
LDFLAGS="${LDFLAGS} -L${LOCALBASE}/lib"
Index: distinfo
===
RCS file: /home/cvs/ports/x11/picom/distinfo,v
retrieving revision 1.4
diff -u -p -r1.4 distinfo
--- distinfo14 Feb 2022 13:04:05 - 1.4
+++ distinfo14 Nov 2022 18:31:05 -
@@ -1,2 +1,2 @@
-SHA256 (picom-9.1.tar.gz) = hwCscb1JbJEmLIV24pyzrs8rTvSMBDlKkpUJ08s3uH0=
-SIZE (picom-9.1.tar.gz) = 263924
+SHA256 (picom-10.tar.gz) = 6EAwTDKfB5cgWWMwKJTFXhHXfPUaIsCnIINEzm/Qojg=
+SIZE (picom-10.tar.gz) = 286728
Index: pkg/PLIST
===
RCS file: /home/cvs/ports/x11/picom/pkg/PLIST,v
retrieving revision 1.3
diff -u -p -r1.3 PLIST
--- pkg/PLIST 11 Mar 2022 20:16:55 - 1.3
+++ pkg/PLIST 12 Nov 2022 08:19:37 -
@@ -4,6 +4,8 @@ bin/picom-trans
@man man/man1/picom.1
share/applications/picom.desktop
share/examples/picom/
+share/examples/picom/picom.desktop
+@sample ${SYSCONFDIR}/xdg/autostart/picom.desktop
share/examples/picom/picom.sample.conf
share/icons/hicolor/48x48/apps/picom.png
share/icons/hicolor/scalable/apps/picom.svg
Index: patches/patch-meson_build
===
RCS file: patches/patch-meson_build
diff -N patches/patch-meson_build
--- /dev/null 1 Jan 1970 00:00:00 -
+++ patches/patch-meson_build 16 Nov 2022 21:30:15 -
@@ -0,0 +1,31 @@
+don't look for git
+install picom.desktop in share/examples
+
+Index: meson.build
+--- meson.build.orig
meson.build
+@@ -6,15 +6,6 @@ cc = meson.get_compiler('c')
+ # use project version by default
+ version = 'v'+meson.project_version()
+
+-# use git describe if that's available
+-git = find_program('git', required: false)
+-if git.found()
+- gitv = run_command('git', 'rev-parse', '--short=5', 'HEAD', check:
false)
+- if gitv.returncode() == 0
+- version = 'vgit-'+gitv.stdout().strip()
+- endif
+-endif
+-
+ add_global_arguments('-DPICOM_VERSION="'+version+'"', language: 'c')
+
+ if get_option('buildtype') == 'release'
+@@ -73,7 +64,7 @@ subdir('man')
+
+ install_data('bin/picom-trans', install_dir: get_option('bindir'))
+ install_data('picom.desktop', install_dir: 'share/applications')
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: lan...@cvs.openbsd.org 2022/11/17 00:44:52 Modified files: x11/xfce4/xfce4-places: Makefile distinfo Log message: x11/xfce4/xfce4-places: update to 1.8.3
Re: UPDATE: mpv 0.35.0
Committed, thanks!
On Sat Nov 12, 2022 at 08:12:49PM -0500, Brad Smith wrote:
> Here is an update to mpv 0.35.0 and a patch for minitube due to
> API change in libmpv.
>
> https://raw.githubusercontent.com/mpv-player/mpv/master/RELEASE_NOTES
>
>
> Index: multimedia/mpv/Makefile
> ===
> RCS file: /home/cvs/ports/multimedia/mpv/Makefile,v
> retrieving revision 1.83
> diff -u -p -u -p -r1.83 Makefile
> --- multimedia/mpv/Makefile 5 Nov 2022 17:06:30 - 1.83
> +++ multimedia/mpv/Makefile 13 Nov 2022 00:41:33 -
> @@ -2,17 +2,15 @@ COMMENT = movie player based on MPlayer
>
> GH_ACCOUNT = mpv-player
> GH_PROJECT = mpv
> -GH_TAGNAME = v0.34.1
> +GH_TAGNAME = v0.35.0
>
> -REVISION = 2
> -
> -SHARED_LIBS += mpv 0.2 # 1.109
> +SHARED_LIBS += mpv 1.0 # 2.0
>
> CATEGORIES = multimedia x11
>
> HOMEPAGE = https://mpv.io/
>
> -WAF =${WRKSRC}/waf-2.0.20
> +WAF =${WRKSRC}/waf-2.0.24
> MASTER_SITES0 = https://waf.io/
> DISTFILES = ${GH_DISTFILE} ${WAF:T}:0
> EXTRACT_ONLY = ${DISTNAME}${EXTRACT_SUFX}
> @@ -20,7 +18,7 @@ EXTRACT_ONLY = ${DISTNAME}${EXTRACT_SUF
> # GPLv2+
> PERMIT_PACKAGE = Yes
>
> -WANTLIB += EGL GL SDL2 X11 X11-xcb Xau Xdmcp Xext Xfixes Xinerama
> +WANTLIB += EGL GL SDL2 X11 X11-xcb Xau Xdmcp Xext Xfixes Xinerama Xpresent
> WANTLIB += Xrandr Xrender Xss Xv Xxf86vm archive ass avcodec avdevice
> WANTLIB += avfilter avformat avresample avutil bluray c cdio cdio_cdda
> WANTLIB += cdio_paranoia drm dvdnav dvdread epoxy expat fontconfig
> @@ -77,6 +75,7 @@ CONFIGURE_ARGS =--confloaddir=${SYSCONF
> --disable-rubberband \
> --disable-openal \
> --disable-optimize \
> + --disable-pipewire \
> --disable-pulse \
> --disable-sixel \
> --disable-sdl2-audio \
> @@ -91,11 +90,11 @@ CONFIGURE_ARGS = --confloaddir=${SYSCONF
> --disable-vdpau-gl-x11 \
> --disable-videotoolbox-gl \
> --disable-vulkan \
> - --disable-wayland-scanner \
> - --disable-wayland-protocols
> + --disable-wayland
>
> MAKE_ENV = CPPFLAGS="-I${LOCALBASE}/include -I${X11BASE}/include" \
> - LDFLAGS="-L${LOCALBASE}/lib -L${X11BASE}/lib"
> + LDFLAGS="-L${LOCALBASE}/lib -L${X11BASE}/lib" \
> + LIBmpv_VERSION=${LIBmpv_VERSION}
> MAKE_FLAGS = -o "${WRKBUILD}" -t "${WRKSRC}" --destdir="${DESTDIR}"
>
> NO_TEST =Yes
> @@ -103,15 +102,11 @@ NO_TEST = Yes
> DO_WAF = cd ${WRKSRC} && ${SETENV} ${MAKE_ENV} ${MODPY_BIN} \
> ${WAF} ${MAKE_FLAGS}
>
> -LMAJ = ${LIBmpv_VERSION:R}
> -LMIN = ${LIBmpv_VERSION:E}
> -UPDATE_PLIST_ARGS += -i LMAJ -i LMIN
> -SUBST_VARS +=LMAJ \
> - LMIN
> +SUBST_VARS +=LIBmpv_VERSION
>
> post-patch:
> cp ${DISTDIR}/${WAF:T} ${WAF}
> - ${SUBST_CMD} ${WRKSRC}/libmpv/client.h
> + ${SUBST_CMD} ${WRKSRC}/wscript_build.py
>
> do-configure:
> ${DO_WAF} configure ${CONFIGURE_ARGS}
> Index: multimedia/mpv/distinfo
> ===
> RCS file: /home/cvs/ports/multimedia/mpv/distinfo,v
> retrieving revision 1.28
> diff -u -p -u -p -r1.28 distinfo
> --- multimedia/mpv/distinfo 29 Jan 2022 12:30:14 - 1.28
> +++ multimedia/mpv/distinfo 12 Nov 2022 21:56:02 -
> @@ -1,4 +1,4 @@
> -SHA256 (mpv-0.34.1.tar.gz) = Mt7YwTtjmDEPondnN4GT3B2214sAa3Dby9MSOhRF50Y=
> -SHA256 (waf-2.0.20) = v5cemO3CQUloomLGqmuIVBomw80khonIn0xXNwlV7n8=
> -SIZE (mpv-0.34.1.tar.gz) = 3288356
> -SIZE (waf-2.0.20) = 104725
> +SHA256 (mpv-0.35.0.tar.gz) = 3EEciZpkVIJQwUK/H6GqdSjxtDmKJMhrgWCTmZBJ7AA=
> +SHA256 (waf-2.0.24) = k5CbyoI6Z1+fQK98ZbJIh8OjwO/fQR/xl4uoJxlL3rA=
> +SIZE (mpv-0.35.0.tar.gz) = 3365752
> +SIZE (waf-2.0.24) = 105408
> Index: multimedia/mpv/patches/patch-DOCS_man_ao_rst
> ===
> RCS file: multimedia/mpv/patches/patch-DOCS_man_ao_rst
> diff -N multimedia/mpv/patches/patch-DOCS_man_ao_rst
> --- multimedia/mpv/patches/patch-DOCS_man_ao_rst 11 Mar 2022 19:39:24
> - 1.3
> +++ /dev/null 1 Jan 1970 00:00:00 -
> @@ -1,19 +0,0 @@
> -ao_sndio: add this audio output again
> -
> -https://github.com/mpv-player/mpv/pull/8314
> -
> -Index: DOCS/man/ao.rst
> DOCS/man/ao.rst.orig
> -+++ DOCS/man/ao.rst
> -@@ -219,5 +219,11 @@ Available audio output drivers are:
> -
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:46:53 Modified files: www/minitube : Makefile Added files: www/minitube/patches: patch-lib_media_src_mpv_mpvwidget_cpp Log message: Add patch due to API change in libmpv 0.35.0 >From Brad
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:46:47 Modified files: multimedia/mpv : Makefile distinfo multimedia/mpv/patches: patch-wscript_build_py multimedia/mpv/pkg: PLIST Removed files: multimedia/mpv/patches: patch-DOCS_man_ao_rst patch-audio_out_ao_c patch-audio_out_ao_sndio_c patch-libmpv_client_h patch-wscript Log message: Update mpv to 0.35.0 https://raw.githubusercontent.com/mpv-player/mpv/master/RELEASE_NOTES Update diff from Brad
Re: UPDATE: libdvdread 6.1.3
Committed, thanks Brad!
On Tue Oct 04, 2022 at 11:04:40AM -0400, Brad Smith wrote:
> Here is an update to libdvdread 6.1.3.
>
>
> libdvdread (6.1.3)
> * Improvements for OpenBSD
> * Fix crashes on some DVD (0 PCGI SRP)
> * Misc source fixes and cleanups, including fixes for recent toolchains
>
>
> Index: Makefile
> ===
> RCS file: /home/cvs/ports/devel/libdvdread/Makefile,v
> retrieving revision 1.36
> diff -u -p -u -p -r1.36 Makefile
> --- Makefile 11 Mar 2022 18:50:30 - 1.36
> +++ Makefile 18 Sep 2022 06:02:42 -
> @@ -1,8 +1,7 @@
> COMMENT =accessing DVD files
>
> -VER =6.1.2
> +VER =6.1.3
> DISTNAME = libdvdread-${VER}
> -REVISION = 0
> CATEGORIES = devel
> MASTER_SITES =
> https://download.videolan.org/pub/videolan/libdvdread/${VER}/
> EXTRACT_SUFX = .tar.bz2
> Index: distinfo
> ===
> RCS file: /home/cvs/ports/devel/libdvdread/distinfo,v
> retrieving revision 1.15
> diff -u -p -u -p -r1.15 distinfo
> --- distinfo 11 Oct 2021 06:11:29 - 1.15
> +++ distinfo 18 Sep 2022 05:53:34 -
> @@ -1,2 +1,2 @@
> -SHA256 (libdvdread-6.1.2.tar.bz2) =
> zBkPVTdYztdXGFnjAfgCy0gh8WTQK/rP0yDBSk4Np2M=
> -SIZE (libdvdread-6.1.2.tar.bz2) = 391536
> +SHA256 (libdvdread-6.1.3.tar.bz2) =
> zjVFSZeiCMvlDpEjLw5z+xrDRxllgToTuHMKjxihU2k=
> +SIZE (libdvdread-6.1.3.tar.bz2) = 395439
> Index: patches/patch-src_bitreader_c
> ===
> RCS file: patches/patch-src_bitreader_c
> diff -N patches/patch-src_bitreader_c
> --- patches/patch-src_bitreader_c 11 Mar 2022 18:50:30 - 1.2
> +++ /dev/null 1 Jan 1970 00:00:00 -
> @@ -1,62 +0,0 @@
> -avoid reading the next byte ahead
> -f6774c386f404b49a13d9027567d57e104c5a415
> -
> -Index: src/bitreader.c
> src/bitreader.c.orig
> -+++ src/bitreader.c
> -@@ -26,12 +26,11 @@
> -
> - #include "dvdread/bitreader.h"
> -
> --int dvdread_getbits_init(getbits_state_t *state, uint8_t *start) {
> -+int dvdread_getbits_init(getbits_state_t *state, const uint8_t *start) {
> - if ((state == NULL) || (start == NULL)) return 0;
> - state->start = start;
> - state->bit_position = 0;
> - state->byte_position = 0;
> -- state->byte = start[0];
> - return 1;
> - }
> -
> -@@ -47,37 +46,32 @@ uint32_t dvdread_getbits(getbits_state_t *state, uint3
> -
> - if ((state->bit_position) > 0) { /* Last getbits left us in the middle
> of a byte. */
> - if (number_of_bits > (8-state->bit_position)) { /* this getbits will
> span 2 or more bytes. */
> -- byte = state->byte;
> -+ byte = state->start[state->byte_position] << state->bit_position;
> - byte = byte >> (state->bit_position);
> - result = byte;
> - number_of_bits -= (8-state->bit_position);
> - state->bit_position = 0;
> - state->byte_position++;
> -- state->byte = state->start[state->byte_position];
> - } else {
> -- byte=state->byte;
> -- state->byte = state->byte << number_of_bits;
> -+ byte = state->start[state->byte_position] << state->bit_position;
> - byte = byte >> (8 - number_of_bits);
> - result = byte;
> - state->bit_position += number_of_bits; /* Here it is impossible for
> bit_position > 8 */
> - if (state->bit_position == 8) {
> - state->bit_position = 0;
> - state->byte_position++;
> --state->byte = state->start[state->byte_position];
> - }
> - number_of_bits = 0;
> - }
> - }
> - if ((state->bit_position) == 0) {
> - while (number_of_bits > 7) {
> -- result = (result << 8) + state->byte;
> -+ result = (result << 8) + state->start[state->byte_position];
> - state->byte_position++;
> -- state->byte = state->start[state->byte_position];
> - number_of_bits -= 8;
> - }
> - if (number_of_bits > 0) { /* number_of_bits < 8 */
> -- byte = state->byte;
> -- state->byte = state->byte << number_of_bits;
> -+ byte = state->start[state->byte_position] << state->bit_position;
> - state->bit_position += number_of_bits; /* Here it is impossible for
> bit_position > 7 */
> - byte = byte >> (8 - number_of_bits);
> - result = (result << number_of_bits) + byte;
> Index: patches/patch-src_dvd_input_c
> ===
> RCS file: patches/patch-src_dvd_input_c
> diff -N patches/patch-src_dvd_input_c
> --- patches/patch-src_dvd_input_c 11 Mar 2022 18:50:30 - 1.8
> +++ /dev/null 1 Jan 1970 00:00:00 -
> @@ -1,15 +0,0 @@
> -Use correct name of the libdvdcss shared library on OpenBSD.
> -1c031048907b72c4757926a06f2bc5fac42fba15
> -
> -Index: src/dvd_input.c
> src/dvd_input.c.orig
> -+++ src/dvd_input.c
> -@@ -346,6 +346,8 @@ int dvdinput_setup(void *priv, dvd_logger_cb *logcb)
> -
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:44:30 Modified files: devel/libdvdread: Makefile distinfo devel/libdvdread/pkg: PLIST Removed files: devel/libdvdread/patches: patch-src_bitreader_c patch-src_dvd_input_c patch-src_dvd_reader_c patch-src_dvdread_bitreader_h patch-src_dvdread_ifo_types_h patch-src_ifo_read_c Log message: Update libdvdread to 6.1.3 Update diff from Brad, maintainer timeout
Re: UPDATE: aom 3.5.0
Committed, thanks!
On Tue Oct 04, 2022 at 10:46:47AM -0400, Brad Smith wrote:
> Here is an update to aom 3.5.0.
>
>
> 2022-08-31 v3.5.0
>
> This release is ABI compatible with the last one, including speedup and
> memory
> optimizations, and new APIs and features.
> - New Features
> * Support for frame parallel encode for larger number of threads. --fp-mt
> flag is available for all build configurations.
> * New codec control AV1E_GET_NUM_OPERATING_POINTS
> - Speedup and Memory Optimizations
> * Speed-up multithreaded encoding for good quality mode for larger number
> of
> threads through frame parallel encoding:
> o 30-34% encode time reduction for 1080p, 16 threads, 1x1 tile
> configuration (tile_rows x tile_columns)
> o 18-28% encode time reduction for 1080p, 16 threads, 2x4 tile
> configuration
> o 18-20% encode time reduction for 2160p, 32 threads, 2x4 tile
> configuration
> * 16-20% speed-up for speed=6 to 8 in still-picture encoding mode
> * 5-6% heap memory reduction for speed=6 to 10 in real-time encoding mode
> * Improvements to the speed for speed=7, 8 in real-time encoding mode
> * Improvements to the speed for speed=9, 10 in real-time screen encoding
> mode
> * Optimizations to improve multi-thread efficiency in real-time encoding
> mode
> * 10-15% speed up for SVC with temporal layers
> * SIMD optimizations:
> o Improve av1_quantize_fp_32x32_neon() 1.05x to 1.24x faster
> o Add aom_highbd_quantize_b{,_32x32,_64x64}_adaptive_neon() 3.15x to
> 5.6x
> faster than "C"
> o Improve av1_quantize_fp_64x64_neon() 1.17x to 1.66x faster
> o Add aom_quantize_b_avx2() 1.4x to 1.7x faster than
> aom_quantize_b_avx()
> o Add aom_quantize_b_32x32_avx2() 1.4x to 2.3x faster than
> aom_quantize_b_32x32_avx()
> o Add aom_quantize_b_64x64_avx2() 2.0x to 2.4x faster than
> aom_quantize_b_64x64_ssse3()
> o Add aom_highbd_quantize_b_32x32_avx2() 9.0x to 10.5x faster than
> aom_highbd_quantize_b_32x32_c()
> o Add aom_highbd_quantize_b_64x64_avx2() 7.3x to 9.7x faster than
> aom_highbd_quantize_b_64x64_c()
> o Improve aom_highbd_quantize_b_avx2() 1.07x to 1.20x faster
> o Improve av1_quantize_fp_avx2() 1.13x to 1.49x faster
> o Improve av1_quantize_fp_32x32_avx2() 1.07x to 1.54x faster
> o Improve av1_quantize_fp_64x64_avx2() 1.03x to 1.25x faster
> o Improve av1_quantize_lp_avx2() 1.07x to 1.16x faster
> - Bug fixes including but not limited to
> * aomedia:3206 Assert that skip_width > 0 for deconvolve function
> * aomedia:3278 row_mt enc: Delay top-right sync when intraBC is enabled
> * aomedia:3282 blend_a64_*_neon: fix bus error in armv7
> * aomedia:3283 FRAME_PARALLEL: Propagate border size to all cpis
> * aomedia:3283 RESIZE_MODE: Fix incorrect strides being used for motion
> search
> * aomedia:3286 rtc-svc: Fix to dynamic_enable spatial layers
> * aomedia:3289 rtc-screen: Fix to skipping inter-mode test in nonrd
> * aomedia:3289 rtc-screen: Fix for skip newmv on flat blocks
> * aomedia:3299 Fix build failure with CONFIG_TUNE_VMAF=1
> * aomedia:3296 Fix the conflict --enable-tx-size-search=0 with nonrd mode
> --enable-tx-size-search will be ignored in non-rd pick mode
> * aomedia:3304 Fix off-by-one error of max w/h in validate_config
> * aomedia:3306 Do not use pthread_setname_np on GNU/Hurd
> * aomedia:3325 row-multithreading produces invalid bitstream in some cases
> * chromium:1346938, chromium:1338114
> * compiler_flags.cmake: fix flag detection w/cmake 3.17-3.18.2
> * tools/*.py: update to python3
> * aom_configure.cmake: detect PIE and set CONFIG_PIC
> * test/simd_cmp_impl: use explicit types w/CompareSimd*
> * rtc: Fix to disable segm for aq-mode=3
> * rtc: Fix to color_sensitivity in variance partition
> * rtc-screen: Fix bsize in model rd computation for intra chroma
> * Fixes to ensure the correct behavior of the encoder algorithms (like
> segmentation, computation of statistics, etc.)
>
>
> Index: Makefile
> ===
> RCS file: /home/cvs/ports/multimedia/aom/Makefile,v
> retrieving revision 1.17
> diff -u -p -u -p -r1.17 Makefile
> --- Makefile 7 Aug 2022 10:44:13 - 1.17
> +++ Makefile 24 Sep 2022 04:23:09 -
> @@ -2,7 +2,7 @@ COMMENT= Alliance for Open Media AV1 vid
>
> GH_ACCOUNT= jbeich
> GH_PROJECT= aom
> -GH_TAGNAME= v3.4.0
> +GH_TAGNAME= v3.5.0
> CATEGORIES= multimedia
>
> SHARED_LIBS= aom 4.0
> Index: distinfo
> ===
> RCS file: /home/cvs/ports/multimedia/aom/distinfo,v
> retrieving revision 1.14
> diff -u -p -u -p -r1.14 distinfo
> --- distinfo 7 Aug 2022 10:44:13 - 1.14
> +++
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:24:38 Modified files: multimedia/aom : Makefile distinfo multimedia/aom/patches: patch-CMakeLists_txt patch-build_cmake_aom_configure_cmake Log message: Update aom to 3.5.0 Update diff from Brad
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:20:58 Modified files: math/fftw : Makefile Log message: Switch master sites and homepage to HTTPS
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:20:10 Modified files: math/fftw3 : Makefile Log message: Switch master sites and homepage to HTTPS
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:16:04 Modified files: net/nextcloudclient: Makefile distinfo net/nextcloudclient/patches: patch-src_gui_CMakeLists_txt Log message: Update nextcloudclient to 3.6.2 Update diff from Adriano (maintainer)
Re: [new] databases/rocksdb
On 11/16/2022 9:13 AM, Landry Breuil wrote: Le Tue, Nov 01, 2022 at 02:15:22AM -0400, Brad Smith a écrit : On 10/31/2022 2:15 PM, Landry Breuil wrote: Hi, here's a port of facebook's rocksdb (http://rocksdb.org/), a fork of google's leveldb. I've enabled all the archivers deps because stalwart-jmap apparently uses snappy compress via rocksdb-rs for its index storage. with the shipped ldb binary, i'm able to play/inspect with the internal index, eventually backuping it (cf https://github.com/facebook/rocksdb/wiki/Administration-and-Data-Access-Tool). = RocksDB is an embeddable persistent key-value store for fast storage. It can also be the foundation for a client-server database but the current focus is on embedded workloads. = feedback welcome. I dont really know if this can get picked up by some other ports, from my understanding mariadb can/might use it ? MariaDB uses it's own embedded copy of RocksDB for the DB engine. Looking at what supports RocksDB so far, it's bindings that do not typically come out of the box with the respective languages and we do not have them in the ports tree. So I don't think that's much of an issue. https://github.com/facebook/rocksdb/blob/main/LANGUAGE-BINDINGS.md I pushed a patch to improve arm64 support. https://github.com/facebook/rocksdb/commit/0311956fa44265db45641df94544df72bfc7782f.patch Thanks, integrated it in a new version of the port - is your patch in a PR upstream ? I've just filed https://github.com/facebook/rocksdb/pull/10958 to fix i386. https://github.com/facebook/rocksdb/pull/10902 The forked copy of RocksDB in MariaDB does not support 32-bit or big endian archs. Looking through the change logs it appears as if possibly big endian is supported now, but that would have to be tested.
Re: [update] games/warzone2100
On 11/15/2022 7:21 AM, Pascal Stumpf wrote:
Update to latest version, 4.3.2.
Index: Makefile
===
RCS file: /home/cvs/ports/games/warzone2100/Makefile,v
retrieving revision 1.48
diff -u -p -r1.48 Makefile
--- Makefile18 Oct 2022 00:48:10 - 1.48
+++ Makefile15 Nov 2022 11:51:34 -
@@ -2,34 +2,36 @@ ONLY_FOR_ARCHS= amd64 i386
COMMENT= 3D realtime strategy on a future earth
-V= 4.2.4
+V= 4.3.2
DISTNAME= warzone2100-$V
CATEGORIES= games
MASTER_SITES= https://github.com/Warzone2100/warzone2100/releases/download/$V/
DISTFILES=warzone2100-${V}{warzone2100_src}${EXTRACT_SUFX}
EXTRACT_SUFX= .tar.xz
-REVISION= 2
HOMEPAGE= https://wz2100.net/
# GPLv2+
PERMIT_PACKAGE= Yes
-WANTLIB += ${COMPILER_LIBCXX} SDL2 c curl freetype harfbuzz intl
-WANTLIB += m miniupnpc ogg openal physfs png sodium sqlite3 theoradec
-WANTLIB += vorbis vorbisfile z
+WANTLIB += ${COMPILER_LIBCXX} X11 Xcursor Xext Xfixes Xi Xrandr
+WANTLIB += Xss c curl freetype fribidi harfbuzz intl m miniupnpc
+WANTLIB += ogg openal opus physfs png samplerate sndio sodium
+WANTLIB += sqlite3 theoradec usbhid vorbis vorbisfile z
MODULES= devel/cmake
COMPILER= base-clang ports-gcc
LIB_DEPENDS= audio/libogg \
+ audio/libsamplerate \
audio/libvorbis \
audio/openal>=20110627 \
You can remove >=20110627 for OpenAL.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:00:41 Modified files: devel/jenkins/stable: Makefile distinfo Log message: Update jenkins-stable to 2.361.4
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rsadow...@cvs.openbsd.org 2022/11/16 23:00:15 Modified files: devel/jenkins/devel: Makefile distinfo Log message: Update jenkins-devel to 2.378
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2022/11/16 17:47:03 Modified files: security : Makefile devel/quirks : Makefile devel/quirks/files: Quirks.pm Removed files: security/samdump2: Makefile distinfo security/samdump2/patches: patch-Makefile patch-bkhive_c patch-hive_c patch-samdump2_c security/samdump2/pkg: DESCR PLIST Log message: Remove security/samdump2 Last updated over ten years ago, up-to-date security/ophcrack can do the same and more, linux live CDs and what not offer better service than this port. OK benoit (maintainer)
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: na...@cvs.openbsd.org 2022/11/16 16:15:31 Modified files: editors/nano : Makefile distinfo Removed files: editors/nano/patches: patch-src_Makefile_in Log message: editors/nano: update to 7.0 Improvements: - String binds may contain bindable function names between braces. - Word completion looks for candidates in all open buffers. - Unicode codes can be entered without leading zeroes.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: na...@cvs.openbsd.org 2022/11/16 14:41:44 Modified files: misc/vttest: Makefile distinfo Log message: misc/vttest: update to 2022
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: na...@cvs.openbsd.org 2022/11/16 14:31:34 Modified files: devel/got : Makefile Log message: devel/got: pass SSH_AUTH_SOCK to test environment This allows "ssh 127.0.0.1" to reach the ssh agent when running the regression test suite. ok stsp@
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 14:25:09 Modified files: devel : Makefile Log message: +p5-Devel-MAT
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 14:23:57 Log message: import p5-Devel-MAT 0.49 OK sthen@ Comment: perl memory analysis tool Description: A Devel::MAT instance loads a heapdump file, and provides a container to store analysis tools to work on it. Tools may be provided that conform to the Devel::MAT::Tool API, which can help analyse the data and interact with the explorer user interface by using the methods in Devel::MAT::UI. Status: Vendor Tag: bluhm Release Tags: bluhm_20221116 N ports/devel/p5-Devel-MAT/Makefile N ports/devel/p5-Devel-MAT/distinfo N ports/devel/p5-Devel-MAT/pkg/DESCR N ports/devel/p5-Devel-MAT/pkg/PLIST No conflicts created by this import
new devel/p5-Devel-MAT
Hi, Here is the final port that imports p5-Devel-MAT to dump and analyse the memory of a Perl process. ok to import p5-Devel-MAT 0.49 ? Comment: perl memory analysis tool Description: A Devel::MAT instance loads a heapdump file, and provides a container to store analysis tools to work on it. Tools may be provided that conform to the Devel::MAT::Tool API, which can help analyse the data and interact with the explorer user interface by using the methods in the Devel::MAT::UI package. bluhm p5-Devel-MAT.tgz Description: application/tar-gz
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2022/11/16 13:05:06 Modified files: devel/py-build : Makefile distinfo devel/py-build/pkg: PLIST Log message: update to py3-build-0.9.0 switch to using py-build itself (from WRKDIR) to run the build (with a setuptools backend as a BUILD_DEPENDS) and drop MODPY_SETUPTOOLS, getting rid of the setuptools RUN_DEPENDS.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 12:41:31 Modified files: devel : Makefile Log message: +p5-Feature-Compat-Try
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 12:39:47 Log message: import p5-Feature-Compat-Try 0.05 OK sthen@ Comment: make try/catch syntax available Description: This module makes syntax support for try/catch control flow easily available. Status: Vendor Tag: bluhm Release Tags: bluhm_20221116 N ports/devel/p5-Feature-Compat-Try/Makefile N ports/devel/p5-Feature-Compat-Try/distinfo N ports/devel/p5-Feature-Compat-Try/pkg/DESCR N ports/devel/p5-Feature-Compat-Try/pkg/PLIST No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: t...@cvs.openbsd.org2022/11/16 12:36:06 Modified files: net/ngtcp2 : Makefile distinfo Log message: net/ngtcp2: update to 0.11.0 https://github.com/ngtcp2/ngtcp2/releases/tag/v0.11.0
Re: update x11/picom
On Mon, Nov 14, 2022 at 07:41:01PM +0100, Omar Polo wrote:
> Hello ports,
>
> this updates picom to the latest release. I've tested brieflily the
> previous RCs too, seems to work fine here with the default config.
>
> I had to disable the opengl backend because it fails to build due to
> an undefined symbol glEGLImageTargetTexStorageEXT, no idea about it.
>
> this updates also install an autostart. i only use xenodm and cwm,
> don't know how that works with DEs
===> Building package for picom-10
...
Error:
/usr/ports/pobj/picom-10/fake-amd64/usr/local/share/examples/picom/picom.desktop
does not exist
pkg_create: can't continue
$ find `make show=WRKINST` -name \*.desktop
/usr/ports/pobj/picom-10/fake-amd64/etc/xdg/autostart/picom.desktop
/usr/ports/pobj/picom-10/fake-amd64/usr/local/share/applications/picom.desktop
Looks like the port installed it to the fake /etc itself.
>
> Index: Makefile
> ===
> RCS file: /home/cvs/ports/x11/picom/Makefile,v
> retrieving revision 1.7
> diff -u -p -r1.7 Makefile
> --- Makefile 11 Mar 2022 20:16:55 - 1.7
> +++ Makefile 14 Nov 2022 18:30:50 -
> @@ -2,14 +2,14 @@ COMMENT = lightweight compositor for X11
>
> GH_ACCOUNT = yshui
> GH_PROJECT = picom
> -GH_TAGNAME = v9.1
> +GH_TAGNAME = v10
>
> CATEGORIES = x11
>
> # MPL 2.0
> PERMIT_PACKAGE = Yes
>
> -WANTLIB += GL X11 X11-xcb c config dbus-1 ev m pcre pixman-1
> +WANTLIB += X11 X11-xcb c config dbus-1 ev m pcre pixman-1
> WANTLIB += xcb-composite xcb-damage xcb-glx xcb-image xcb-present
> WANTLIB += xcb-randr xcb-render-util xcb-render xcb-shape xcb-sync
> WANTLIB += xcb-xfixes xcb-xinerama xcb
> @@ -34,6 +34,13 @@ LIB_DEPENDS = devel/libconfig \
> CONFIGURE_ARGS += -Dwith_docs=true \
> -Dunittest=true \
> -Dcompton=false
> +
> +# fails to build with:
> +# ld: error: undefined symbol: glEGLImageTargetTexStorageEXT
> +# >>> referenced by egl.c
> +# >>> src/picom.p/backend_gl_egl.c.o:(egl_bind_pixmap)
> +CONFIGURE_ARGS +=-Dopengl=false
> +
> CONFIGURE_ENV+= CPPFLAGS="${CPPFLAGS} -I${LOCALBASE}/include" \
> LDFLAGS="${LDFLAGS} -L${LOCALBASE}/lib"
>
> Index: distinfo
> ===
> RCS file: /home/cvs/ports/x11/picom/distinfo,v
> retrieving revision 1.4
> diff -u -p -r1.4 distinfo
> --- distinfo 14 Feb 2022 13:04:05 - 1.4
> +++ distinfo 14 Nov 2022 18:31:05 -
> @@ -1,2 +1,2 @@
> -SHA256 (picom-9.1.tar.gz) = hwCscb1JbJEmLIV24pyzrs8rTvSMBDlKkpUJ08s3uH0=
> -SIZE (picom-9.1.tar.gz) = 263924
> +SHA256 (picom-10.tar.gz) = 6EAwTDKfB5cgWWMwKJTFXhHXfPUaIsCnIINEzm/Qojg=
> +SIZE (picom-10.tar.gz) = 286728
> Index: pkg/PLIST
> ===
> RCS file: /home/cvs/ports/x11/picom/pkg/PLIST,v
> retrieving revision 1.3
> diff -u -p -r1.3 PLIST
> --- pkg/PLIST 11 Mar 2022 20:16:55 - 1.3
> +++ pkg/PLIST 12 Nov 2022 08:19:37 -
> @@ -4,6 +4,8 @@ bin/picom-trans
> @man man/man1/picom.1
> share/applications/picom.desktop
> share/examples/picom/
> +share/examples/picom/picom.desktop
> +@sample ${SYSCONFDIR}/xdg/autostart/picom.desktop
> share/examples/picom/picom.sample.conf
> share/icons/hicolor/48x48/apps/picom.png
> share/icons/hicolor/scalable/apps/picom.svg
>
Re: remove broken security/fragroute ?
On Wed, Nov 16, 2022 at 03:44:26PM +, Klemens Nanni wrote: > On Wed, Nov 16, 2022 at 02:52:38PM +, Klemens Nanni wrote: > > Unmaintained upstream, no update since import in 2022, does not work: > *2002, ten years ago *twenty (I think)
Re: Does dovecot on openbsd7.2 -stable support TLSv1.3?
> New, TLSv1/SSLv3, Cipher is TLS_CHACHA20_POLY1305_SHA256 This cipher can only be used with TLSv1.3, so the dovecot instance does speak TLSv1.3. (You could also verify this by using eopenssl11 instead of openssl from base - don't forget to add -CAfile /etc/ssl/cert.pem). > 2022-11-16T16:32:02.837Z obsd4321 dovecot: imap-login: Disconnected: > Connection closed: SSL_accept() failed: error:1402610B:SSL > routines:ACCEPT_SR_CLNT_HELLO:wrong version number (no auth attempts in 0 > secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS handshaking: > SSL_accept() failed: error:1402610B:SSL routines:ACCEPT_SR_CLNT_HELLO:wrong > version number, session= This error can only be hit if the client does not advertise TLSv1.3.
Re: Does dovecot on openbsd7.2 -stable support TLSv1.3?
On 2022/11/16 18:10, Stuart Henderson wrote: > I don't use the google mail app but I do use aquamail on Android and > that only sends a TLSv1.2 client hello (you can feed a file saved from Just tried gmail (2022.10.16.486292356.Release, on Android 12, 1 Oct patch level) and that only sends a 1.2 clienthello. At least it's better than Apple mail which still required TLS1.0 years after it shouldn't have :) > e.g. "tcpdump -s1500 -w somefile port 993" into wireshark which can > differentiate between the two). I suspect it bundles some other TLS ...or termshark makes this easier > library rather than using the system one and it's a bit outdated, > the standard browser on the same phone does get TLSv1.3.
new devel/p5-Feature-Compat-Try
Hi, ok to import p5-Feature-Compat-Try 0.05 ? Comment: make try/catch syntax available Description: This module makes syntax support for try/catch control flow easily available. bluhm p5-Feature-Compat-Try.tgz Description: application/tar-gz
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2022/11/16 11:50:08 Modified files: security : Makefile devel/quirks : Makefile devel/quirks/files: Quirks.pm Removed files: security/slurpie: Makefile distinfo security/slurpie/patches: patch-Makefile patch-src_master_c patch-src_mn_h patch-src_node_c patch-src_shared_c patch-src_slurp_c patch-src_slurpie_c security/slurpie/pkg: DESCR PLIST Log message: Remove security/slurpie Upstream is completely dead, we're the only ones packaging it, never updated since import in 2001, unresponsive maintainer already removed, got some clang fix in 2017, but that's it. There plenty of password cracking tools available, most of which are maintained. OK sthen
Re: aarch64 bulk build report
> makedepend: error: out of space: increase MAXFILES Software that demands infinite resources and will not accept and cope with failure -- including transient and temporary failure -- on shared-resource machines, is utterly offensive. Go back to your one-program-at-time VIC-20 please.
Re: aarch64 bulk build report
These three imake ports were broken by the makedepend 1.0.7 update: > http://build-failures.rhaalovely.net/aarch64/2022-11-14/astro/xephem.log > http://build-failures.rhaalovely.net/aarch64/2022-11-14/productivity/xinvest.log > http://build-failures.rhaalovely.net/aarch64/2022-11-14/productivity/xquote.log Specifically, this part of the makedepend diff https://cvsweb.openbsd.org/cgi-bin/cvsweb/xenocara/util/makedepend/include.c.diff?r1=1.5=1.6 results in an order of magnitude more headers being stored in 'inclistp', so that the MAXFILES limit is hit. Of note: amd64 uses gccmakedep instead of makedepend for some reason I have not tried to track down. > http://build-failures.rhaalovely.net/aarch64/2022-11-14/astro/xephem.log makedepend -f- -- -I../../libastro -I/usr/local/include -I/usr/X11R6/include -DCSRG_BASED -DFUNCPROTO=15 -DNARROWPROTO -DUSE_MAKEDEPEND -- atlas.c bdl.c broadcast.c calmenu.c closemenu.c compiler.c constel.c datamenu.c db.c dbmenu.c earthmap.c earthmenu.c explodegif.c fallbacks.c fits.c formats.c fsmenu.c gsc.c gscnet.c helpmenu.c homeio.c jupmenu.c listmenu.c mainmenu.c marsmenu.c marsmmenu.c moonmenu.c moonnf.c msgmenu.c netmenu.c objmenu.c patchlevel.c plot_aux.c plotmenu.c ppm.c preferences.c progress.c ps.c query.c rotated.c satmenu.c sites.c skyfiltmenu.c skyfits.c skyhist.c skylist.c skyviewmenu.c solsysmenu.c srchmenu.c time.c tips.c trailmenu.c uranusmenu.c usno.c versionmenu.c wcs.c xephem.c xmisc.c > .depend makedepend: error: out of space: increase MAXFILES > http://build-failures.rhaalovely.net/aarch64/2022-11-14/productivity/xinvest.log makedepend -f- -- -I/usr/local/include/X11 -I/usr/local/include -I/usr/X11R6/include -DCSRG_BASED -DFUNCPROTO=15 -DNARROWPROTO -DSHAPE -DUSE_MAKEDEPEND -- account.c askuser.c calendar.c color.c drawing.c edit.c fileXi.c functions.c graph.c help.c nav.c pixmap.c portfolio.c pref.c rate.c remoteXi.c report.c resource.c session.c sessionXi.c status.c tooltips.c trans.c util.c xinvest.c xutil.c > .depend makedepend: error: out of space: increase MAXFILES > http://build-failures.rhaalovely.net/aarch64/2022-11-14/productivity/xquote.log makedepend -f- -- -I/usr/local/include/X11 -I/usr/local/include -I/usr/X11R6/include -DCSRG_BASED -DFUNCPROTO=15 -DNARROWPROTO -DSHAPE -DXQUOTE -DUSE_MAKEDEPEND -- about.c color.c fileXq.c help.c optdetail.c option.c optnet.c opttick.c optupdate.c parse.c pixmap.c remoteXq.c server.c session.csessionXi.c status.c tape.c util.c view.c xquote.c xutil.c > .depend makedepend: error: out of space: increase MAXFILES
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 11:34:07 Modified files: devel : Makefile Log message: +p5-Syntax-Keyword-Defer +p5-Syntax-Keyword-Try
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 11:32:08 Log message: import p5-Syntax-Keyword-Try 0.27 OK sthen@ Comment: try/catch/finally syntax for perl Description: This module provides a syntax plugin that implements exception-handling semantics in a form familiar to users of other languages, being built on a block labeled with the try keyword, followed by at least one of a catch or finally block. Status: Vendor Tag: bluhm Release Tags: bluhm_20221116 N ports/devel/p5-Syntax-Keyword-Try/Makefile N ports/devel/p5-Syntax-Keyword-Try/distinfo N ports/devel/p5-Syntax-Keyword-Try/pkg/DESCR N ports/devel/p5-Syntax-Keyword-Try/pkg/PLIST No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 11:30:16 Log message: import p5-Syntax-Keyword-Defer 0.07 OK sthen@ Comment: execute code when leaving a block Description: This module provides a syntax plugin that implements a block which executes when the containing scope has finished. Status: Vendor Tag: bluhm Release Tags: bluhm_20221116 N ports/devel/p5-Syntax-Keyword-Defer/Makefile N ports/devel/p5-Syntax-Keyword-Defer/distinfo N ports/devel/p5-Syntax-Keyword-Defer/pkg/DESCR N ports/devel/p5-Syntax-Keyword-Defer/pkg/PLIST No conflicts created by this import
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2022/11/16 11:17:37 Modified files: sysutils/accountsservice: Makefile Log message: Fix sparc64 build with the usual c99 dance for base-gcc
Re: update or remove security/clamav-unofficial-sigs ?
On 2022/11/16 17:03, Klemens Nanni wrote:
> On Wed, Nov 16, 2022 at 04:50:57PM +0100, Marcus MERIGHI wrote:
> > Hello,
> >
> > k...@openbsd.org (Klemens Nanni), 2022.11.14 (Mon) 10:40 (CET):
> > > On Sun, Nov 13, 2022 at 10:33:09PM -0500, Johan Huldtgren wrote:
> > > > On 2022-11-13 22:32, Klemens Nanni wrote:
> > > > > We're stuck at a 2014 version while upstream is at 7.2.5 from 2021.
> > > > >
> > > > > Anyone still using this? Does it work with recent clamav?
> > > >
> > > > I have this configured and working on my mailserver (still at 7.1)
> > > > with clamav-0.104.3, from the logs it updates the various configured
> > > > databases. I am uncertain of exactly how effective it is.
> > >
> > > Thanks, so it isn't broken by default or so.
> > >
> > > If you upgrade to a snapshots I can send you a ports update to try the
> > > latest unofficial filters.
> >
> > I use clamav-unofficial-sigs, on 7.2 and 7.1. It works and I'm and ready
> > to test -current, 7.2 and 7.1 (for some time).
>
> Here's the ports diff for the latest version.
> I recreated the config patch from scratch.
>
> There now are /etc/clamav-unofficial-sigs/{master,os,user.conf} where
> os.conf is os.openbsd.conf from upstream.
>
> os and user overwrite master, user overwrites os, you edit user.conf.
sounds like os and master should be somewhere other than /etc then,
and not @sample'd?
> os.openbsd.conf says something requires gsed, so add that as RDEP.
>
> It also says that the config is incompatible to 3.x and 4.x setups.
>
> Installing the new 7.2.5 package, running the script as root once and
> then getting info with `-i' looks sane.
>
> /var/log/clamav-unofficial-sigs.log contains that info, so logs work.
>
> I have no idea what users have to do to their config to make the jump
> from 3/4 to 7.2.5.
>
> Marcus, can you give this a spin and tell us what local steps are
> required to upgrade and/or get it running?
>
> Then we can put this into MESSAGE or README or current.html.
>
>
> Index: Makefile
> ===
> RCS file: /cvs/ports/security/clamav-unofficial-sigs/Makefile,v
> retrieving revision 1.17
> diff -u -p -r1.17 Makefile
> --- Makefile 11 Mar 2022 19:53:19 - 1.17
> +++ Makefile 16 Nov 2022 16:56:33 -
> @@ -1,42 +1,33 @@
> -COMMENT =fetch and update unofficial signatures for ClamAV
> +COMMENT =ClamAV unofficial signatures updater
>
> -V = 4.9.2
> -REVISION = 2
> -DISTNAME = clamav-unofficial-sigs-$V
> -DISTFILES = ${DISTNAME}{$V}.tar.gz
> +GH_ACCOUNT = extremeshok
> +GH_PROJECT = clamav-unofficial-sigs
> +GH_TAGNAME = 7.2.5
>
> CATEGORIES = security mail
>
> -HOMEPAGE = https://github.com/extremeshok/clamav-unofficial-sigs
> -
> # BSD
> PERMIT_PACKAGE = Yes
>
> -MASTER_SITES =
> https://github.com/extremeshok/clamav-unofficial-sigs/archive/
> -
> RUN_DEPENDS =net/curl \
> net/rsync \
> security/clamav \
> security/gnupg \
> - shells/bash
> + shells/bash \
> + textproc/gsed
>
> NO_BUILD = Yes
> NO_TEST =Yes
>
> PKG_ARCH = *
>
> -do-configure:
> - ${SUBST_CMD} ${WRKSRC}/clamav-unofficial-sigs.conf
> - sed -i -e 's,/etc,${SYSCONFDIR},' -e \
> - 's,/usr/local/bin,${LOCALBASE}/bin,' \
> - ${WRKSRC}/clamav-unofficial-sigs.sh
> +EXAMPLES_DIR = ${PREFIX}/share/examples/${GH_PROJECT}
>
> do-install:
> - ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/clamav-unofficial-sigs
> - cd ${WRKSRC}; \
> - ${INSTALL_SCRIPT} clamav-unofficial-sigs.sh ${PREFIX}/bin; \
> - ${INSTALL_DATA} clamav-unofficial-sigs.conf \
> - ${PREFIX}/share/examples/clamav-unofficial-sigs; \
> - ${INSTALL_MAN} clamav-unofficial-sigs.8 ${PREFIX}/man/man8
> + ${INSTALL_SCRIPT} ${WRKSRC}/${GH_PROJECT}.sh ${PREFIX}/bin/
> + ${INSTALL_DATA_DIR} ${EXAMPLES_DIR}
> + ${INSTALL_DATA} ${WRKSRC}/config/{master,user}.conf ${EXAMPLES_DIR}/
> + ${INSTALL_DATA} ${WRKSRC}/config/os/os.openbsd.conf \
> + ${EXAMPLES_DIR}/os.conf
>
> .include
> Index: distinfo
> ===
> RCS file: /cvs/ports/security/clamav-unofficial-sigs/distinfo,v
> retrieving revision 1.6
> diff -u -p -r1.6 distinfo
> --- distinfo 7 Dec 2015 14:11:02 - 1.6
> +++ distinfo 16 Nov 2022 16:04:33 -
> @@ -1,2 +1,2 @@
> -SHA256 (clamav-unofficial-sigs-4.9.2.tar.gz) =
> cOBfY63X4D1a8tumvNMf2phkZXd5jZnmkC5fJkwwLpM=
> -SIZE (clamav-unofficial-sigs-4.9.2.tar.gz) = 40301
> +SHA256 (clamav-unofficial-sigs-7.2.5.tar.gz) =
> 9C+daOER+JK/1xOT6GnlPIBvSJZsdo0hmSXeZlKWDFA=
> +SIZE (clamav-unofficial-sigs-7.2.5.tar.gz) = 68425
> Index: patches/patch-clamav-unofficial-sigs_conf
> ===
> RCS file: patches/patch-clamav-unofficial-sigs_conf
> diff -N
Re: Does dovecot on openbsd7.2 -stable support TLSv1.3?
On 2022/11/16 16:55, Mikolaj Kucharski wrote: > Hi, > > Just making sure I didn't miss anything on my end. I have working > Dovecot setup for few OpenBSD releases now. Today I wanted to bump > minimal TLS version on the Dovecot end: > > -ssl_min_protocol = TLSv1.2 > +ssl_min_protocol = TLSv1.3 > > After restarting Dovecot, I see that I can connect to host:993 via: > > $ openssl s_client -connect imap.example.com:993 -showcerts \ > /dev/null | sed -ne '/^Server certificate/,$p' > Server certificate > subject=/CN=imap.example.com > issuer=/C=US/O=Let's Encrypt/CN=R3 > --- > No client certificate CA names sent > Server Temp Key: ECDH, X25519, 253 bits > --- > SSL handshake has read 4233 bytes and written 374 bytes > --- > New, TLSv1/SSLv3, Cipher is TLS_CHACHA20_POLY1305_SHA256 > Server public key is 384 bit > Secure Renegotiation IS NOT supported > Compression: NONE > Expansion: NONE > No ALPN negotiated > SSL-Session: > Protocol : TLSv1.3 > Cipher: TLS_CHACHA20_POLY1305_SHA256 > Session-ID: > Session-ID-ctx: > Master-Key: > Start Time: 1668617217 > Timeout : 7200 (sec) > Verify return code: 0 (ok) > --- TLSv1.3 in general works for me, here's a report from a server allowing a fairly wide set of ciphers (which I see I can now tighten a bit as all legit TLS <= 1.1 users dropped off) $ zgrep TLSv1 dovecot.?.gz | sed s/.*TLSv/TLSv/ | sort | uniq -c 10 TLSv1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits) 10 TLSv1.1 with cipher ECDHE-RSA-AES128-SHA (128/128 bits) 6 TLSv1.2 with cipher DHE-RSA-AES128-GCM-SHA256 (128/128 bits) 5004 TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) 41595 TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) And here's one from a server with ssl_cipher_list = TLSv1.3:TLSv1.2+AEAD+ECDHE ssl_curve_list = X25519:P-521:P-384 (and no ssl_min_protocol): $ zgrep dovecot.*TLSv1 maillog.?.gz | sed s/.*TLSv/TLSv/ | sort | uniq -c | sort -n 42 TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits) 162 TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) 178 TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) 222 TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits) 414 TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) 2051 TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) 12082 TLSv1.2 with cipher ECDHE-ECDSA-CHACHA20-POLY1305 (256/256 bits) 19374 TLSv1.2 with cipher ECDHE-ECDSA-AES128-GCM-SHA256 (128/128 bits) There's a chance the min protocol version bits might *possibly* be a bit wonky as that's an area of API that changed in newer OpenSSL, though I think it probably is ok in Dovecot. (there were some issues with dsync-over-TLS last time I tried it, but I was only trying that due to laziness rather than setting up ssh, which works fine). > However on Andorid, Google Mail app doesn't connect any more and on the > server I see following lines in maillog: > > 2022-11-16T16:32:02.837Z obsd4321 dovecot: imap-login: Disconnected: > Connection closed: SSL_accept() failed: error:1402610B:SSL > routines:ACCEPT_SR_CLNT_HELLO:wrong version number (no auth attempts in 0 > secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS handshaking: > SSL_accept() failed: error:1402610B:SSL routines:ACCEPT_SR_CLNT_HELLO:wrong > version number, session= > > > No feedback from the Android app that doesn't work, emails are just not > refreshing. Anyway, does anyone have Dovecot with TLSv1.3 as > ssl_min_protocol? I don't use the google mail app but I do use aquamail on Android and that only sends a TLSv1.2 client hello (you can feed a file saved from e.g. "tcpdump -s1500 -w somefile port 993" into wireshark which can differentiate between the two). I suspect it bundles some other TLS library rather than using the system one and it's a bit outdated, the standard browser on the same phone does get TLSv1.3.
Re: sysutils/smartmontools: mailing doesn't work out of the box
On Wed, Nov 16, 2022 at 06:25:16PM +0100, Moviuro wrote:
> Hi all,
>
> I installed smartmontools-7.3 on my new OpenBSD 7.2 system and turned on
> mailing in smartd.conf(5):
>
> DEVICESCAN -m -M exec /usr/local/bin/send_smart_mail \
>-M test -s (S/../.././02|L/../../7/03)
>
> /usr/local/bin/send_smart_mail is a script calling msmtp(1), and which I
> also use on other systems (FreeBSD, Archlinux). It just adds the SMART
> env variables in an email ($SMARTD_MESSAGE, $SMARTD_FULLMESSAGE, etc.).
>
> After finishing up with smartd.conf(5), `rcctl restart smartd` causes
> these messages in the daemon log:
>
> smartd[45007]: Test of /usr/local/bin/send_smart_mail to \
> : failed (32-bit/8-bit exit status: 32512/127)
> smartd[45007]: sh: /etc/smartd_warning.sh: not found
>
> NB: I never call anything else than cat(1) and msmtp(1) in my
> send_smart_mail script; I didn't even know about smartd_warning.sh
> script before today.
>
> So I had to symlink
> /usr/local/share/examples/smartmontools/smartd_warning.sh to /etc;
> restarting the daemon made it all work.
>
> I suggest smartmontools be packaged in a way that the smartd_warning.sh
> code is available to the smartd(8) daemon. FWIW, archlinux and FreeBSD
> package that script respectively:
>
> * in /usr/share/smartmontools/smartd_warning.sh
> * in /usr/local/etc/smartd_warning.sh
>
> Best regards,
>
This does a copy rather than symlink, probably just an oversight.
Feedback? OK?
Index: Makefile
===
RCS file: /cvs/ports/sysutils/smartmontools/Makefile,v
retrieving revision 1.47
diff -u -p -r1.47 Makefile
--- Makefile11 Mar 2022 19:58:02 - 1.47
+++ Makefile16 Nov 2022 17:46:26 -
@@ -3,6 +3,7 @@ COMMENT=control and monitor storage sy
# XXX at update time check whether C++11 is actually needed
DISTNAME= smartmontools-7.3
CATEGORIES=sysutils
+REVISION= 0
HOMEPAGE= https://www.smartmontools.org/
Index: pkg/PLIST
===
RCS file: /cvs/ports/sysutils/smartmontools/pkg/PLIST,v
retrieving revision 1.9
diff -u -p -r1.9 PLIST
--- pkg/PLIST 1 Mar 2022 09:53:01 - 1.9
+++ pkg/PLIST 16 Nov 2022 17:47:21 -
@@ -26,3 +26,4 @@ share/examples/smartmontools/Example7
share/examples/smartmontools/Example8
share/examples/smartmontools/README
share/examples/smartmontools/smartd_warning.sh
+@sample ${SYSCONFDIR}/smartd_warning.sh
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: rob...@cvs.openbsd.org 2022/11/16 10:47:15 Modified files: www/chromium : Makefile www/chromium/pkg: PLIST Log message: revert previous until we fix this
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: es...@cvs.openbsd.org 2022/11/16 10:42:18 Modified files: infrastructure/mk: bsd.port.mk Log message: switch to using "=" for debug pkgspecs (shorthand for "same as default" in current pkg_add
aarch64 bulk build report
bulk build on arm64.ports.openbsd.org started on Mon Nov 14 11:55:24 MST 2022 finished at Wed Nov 16 10:38:28 MST 2022 lasted 1D22h43m done with kern.version=OpenBSD 7.2-current (GENERIC.MP) #1886: Sun Nov 13 22:18:25 MST 2022 built packages:11142 Nov 14:2917 Nov 15:3343 Nov 16:4881 critical path missing pkgs: http://build-failures.rhaalovely.net/aarch64/2022-11-14/summary.log build failures: 5 http://build-failures.rhaalovely.net/aarch64/2022-11-14/astro/xephem.log http://build-failures.rhaalovely.net/aarch64/2022-11-14/devel/py-gobject3,python3.log http://build-failures.rhaalovely.net/aarch64/2022-11-14/productivity/xinvest.log http://build-failures.rhaalovely.net/aarch64/2022-11-14/productivity/xquote.log http://build-failures.rhaalovely.net/aarch64/2022-11-14/www/chromium.log recurrent failures failures/astro/xephem.log failures/productivity/xinvest.log failures/productivity/xquote.log new failures +++ ls-failures Wed Nov 16 10:38:39 2022 +failures/devel/py-gobject3,python3.log +failures/www/chromium.log resolved failures --- ../old/aarch64/last//ls-failuresSun Nov 13 02:14:57 2022 -failures/databases/openldap,aci.log -failures/devel/ruby-arrayfields,ruby30.log -failures/devel/ruby-gettext-setup,ruby27.log -failures/devel/ruby-rb-gsl,ruby30.log -failures/devel/ruby-rgen,ruby27.log -failures/java/jna.log -failures/mail/courier-authlib.log -failures/www/hiawatha.log -failures/www/squid,krb5.log
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2022/11/16 10:27:29 Modified files: databases/postgresql-previous: Makefile Log message: postgresql-previous doesn't need Python; it was copied from the main PostgreSQL port where it's used for building plpython, so remove the build dependency (and as a bonus, it wasn't synced with the py27->py3 switch, so this gets rid of another py27 user).
sysutils/smartmontools: mailing doesn't work out of the box
Hi all, I installed smartmontools-7.3 on my new OpenBSD 7.2 system and turned on mailing in smartd.conf(5): DEVICESCAN -m -M exec /usr/local/bin/send_smart_mail \ -M test -s (S/../.././02|L/../../7/03) /usr/local/bin/send_smart_mail is a script calling msmtp(1), and which I also use on other systems (FreeBSD, Archlinux). It just adds the SMART env variables in an email ($SMARTD_MESSAGE, $SMARTD_FULLMESSAGE, etc.). After finishing up with smartd.conf(5), `rcctl restart smartd` causes these messages in the daemon log: smartd[45007]: Test of /usr/local/bin/send_smart_mail to \ : failed (32-bit/8-bit exit status: 32512/127) smartd[45007]: sh: /etc/smartd_warning.sh: not found NB: I never call anything else than cat(1) and msmtp(1) in my send_smart_mail script; I didn't even know about smartd_warning.sh script before today. So I had to symlink /usr/local/share/examples/smartmontools/smartd_warning.sh to /etc; restarting the daemon made it all work. I suggest smartmontools be packaged in a way that the smartd_warning.sh code is available to the smartd(8) daemon. FWIW, archlinux and FreeBSD package that script respectively: * in /usr/share/smartmontools/smartd_warning.sh * in /usr/local/etc/smartd_warning.sh Best regards,
Re: update or remove security/clamav-unofficial-sigs ?
On Wed, Nov 16, 2022 at 04:50:57PM +0100, Marcus MERIGHI wrote:
> Hello,
>
> k...@openbsd.org (Klemens Nanni), 2022.11.14 (Mon) 10:40 (CET):
> > On Sun, Nov 13, 2022 at 10:33:09PM -0500, Johan Huldtgren wrote:
> > > On 2022-11-13 22:32, Klemens Nanni wrote:
> > > > We're stuck at a 2014 version while upstream is at 7.2.5 from 2021.
> > > >
> > > > Anyone still using this? Does it work with recent clamav?
> > >
> > > I have this configured and working on my mailserver (still at 7.1)
> > > with clamav-0.104.3, from the logs it updates the various configured
> > > databases. I am uncertain of exactly how effective it is.
> >
> > Thanks, so it isn't broken by default or so.
> >
> > If you upgrade to a snapshots I can send you a ports update to try the
> > latest unofficial filters.
>
> I use clamav-unofficial-sigs, on 7.2 and 7.1. It works and I'm and ready
> to test -current, 7.2 and 7.1 (for some time).
Here's the ports diff for the latest version.
I recreated the config patch from scratch.
There now are /etc/clamav-unofficial-sigs/{master,os,user.conf} where
os.conf is os.openbsd.conf from upstream.
os and user overwrite master, user overwrites os, you edit user.conf.
os.openbsd.conf says something requires gsed, so add that as RDEP.
It also says that the config is incompatible to 3.x and 4.x setups.
Installing the new 7.2.5 package, running the script as root once and
then getting info with `-i' looks sane.
/var/log/clamav-unofficial-sigs.log contains that info, so logs work.
I have no idea what users have to do to their config to make the jump
from 3/4 to 7.2.5.
Marcus, can you give this a spin and tell us what local steps are
required to upgrade and/or get it running?
Then we can put this into MESSAGE or README or current.html.
Index: Makefile
===
RCS file: /cvs/ports/security/clamav-unofficial-sigs/Makefile,v
retrieving revision 1.17
diff -u -p -r1.17 Makefile
--- Makefile11 Mar 2022 19:53:19 - 1.17
+++ Makefile16 Nov 2022 16:56:33 -
@@ -1,42 +1,33 @@
-COMMENT = fetch and update unofficial signatures for ClamAV
+COMMENT = ClamAV unofficial signatures updater
-V =4.9.2
-REVISION = 2
-DISTNAME = clamav-unofficial-sigs-$V
-DISTFILES =${DISTNAME}{$V}.tar.gz
+GH_ACCOUNT = extremeshok
+GH_PROJECT = clamav-unofficial-sigs
+GH_TAGNAME = 7.2.5
CATEGORIES = security mail
-HOMEPAGE = https://github.com/extremeshok/clamav-unofficial-sigs
-
# BSD
PERMIT_PACKAGE = Yes
-MASTER_SITES = https://github.com/extremeshok/clamav-unofficial-sigs/archive/
-
RUN_DEPENDS = net/curl \
net/rsync \
security/clamav \
security/gnupg \
- shells/bash
+ shells/bash \
+ textproc/gsed
NO_BUILD = Yes
NO_TEST = Yes
PKG_ARCH = *
-do-configure:
- ${SUBST_CMD} ${WRKSRC}/clamav-unofficial-sigs.conf
- sed -i -e 's,/etc,${SYSCONFDIR},' -e \
- 's,/usr/local/bin,${LOCALBASE}/bin,' \
- ${WRKSRC}/clamav-unofficial-sigs.sh
+EXAMPLES_DIR = ${PREFIX}/share/examples/${GH_PROJECT}
do-install:
- ${INSTALL_DATA_DIR} ${PREFIX}/share/examples/clamav-unofficial-sigs
- cd ${WRKSRC}; \
- ${INSTALL_SCRIPT} clamav-unofficial-sigs.sh ${PREFIX}/bin; \
- ${INSTALL_DATA} clamav-unofficial-sigs.conf \
- ${PREFIX}/share/examples/clamav-unofficial-sigs; \
- ${INSTALL_MAN} clamav-unofficial-sigs.8 ${PREFIX}/man/man8
+ ${INSTALL_SCRIPT} ${WRKSRC}/${GH_PROJECT}.sh ${PREFIX}/bin/
+ ${INSTALL_DATA_DIR} ${EXAMPLES_DIR}
+ ${INSTALL_DATA} ${WRKSRC}/config/{master,user}.conf ${EXAMPLES_DIR}/
+ ${INSTALL_DATA} ${WRKSRC}/config/os/os.openbsd.conf \
+ ${EXAMPLES_DIR}/os.conf
.include
Index: distinfo
===
RCS file: /cvs/ports/security/clamav-unofficial-sigs/distinfo,v
retrieving revision 1.6
diff -u -p -r1.6 distinfo
--- distinfo7 Dec 2015 14:11:02 - 1.6
+++ distinfo16 Nov 2022 16:04:33 -
@@ -1,2 +1,2 @@
-SHA256 (clamav-unofficial-sigs-4.9.2.tar.gz) =
cOBfY63X4D1a8tumvNMf2phkZXd5jZnmkC5fJkwwLpM=
-SIZE (clamav-unofficial-sigs-4.9.2.tar.gz) = 40301
+SHA256 (clamav-unofficial-sigs-7.2.5.tar.gz) =
9C+daOER+JK/1xOT6GnlPIBvSJZsdo0hmSXeZlKWDFA=
+SIZE (clamav-unofficial-sigs-7.2.5.tar.gz) = 68425
Index: patches/patch-clamav-unofficial-sigs_conf
===
RCS file: patches/patch-clamav-unofficial-sigs_conf
diff -N patches/patch-clamav-unofficial-sigs_conf
--- patches/patch-clamav-unofficial-sigs_conf 11 Mar 2022 19:53:19 -
1.12
+++ /dev/null 1 Jan 1970 00:00:00 -
@@ -1,93 +0,0 @@
clamav-unofficial-sigs.conf.orig Wed Dec 2 10:56:35 2015
-+++ clamav-unofficial-sigs.confMon Dec 7 14:04:52 2015
-@@ -24,12 +24,9 @@
- # Set the
Does dovecot on openbsd7.2 -stable support TLSv1.3?
Hi, Just making sure I didn't miss anything on my end. I have working Dovecot setup for few OpenBSD releases now. Today I wanted to bump minimal TLS version on the Dovecot end: -ssl_min_protocol = TLSv1.2 +ssl_min_protocol = TLSv1.3 After restarting Dovecot, I see that I can connect to host:993 via: $ openssl s_client -connect imap.example.com:993 -showcerts \ /dev/null | sed -ne '/^Server certificate/,$p' Server certificate subject=/CN=imap.example.com issuer=/C=US/O=Let's Encrypt/CN=R3 --- No client certificate CA names sent Server Temp Key: ECDH, X25519, 253 bits --- SSL handshake has read 4233 bytes and written 374 bytes --- New, TLSv1/SSLv3, Cipher is TLS_CHACHA20_POLY1305_SHA256 Server public key is 384 bit Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE No ALPN negotiated SSL-Session: Protocol : TLSv1.3 Cipher: TLS_CHACHA20_POLY1305_SHA256 Session-ID: Session-ID-ctx: Master-Key: Start Time: 1668617217 Timeout : 7200 (sec) Verify return code: 0 (ok) --- However on Andorid, Google Mail app doesn't connect any more and on the server I see following lines in maillog: 2022-11-16T16:32:02.837Z obsd4321 dovecot: imap-login: Disconnected: Connection closed: SSL_accept() failed: error:1402610B:SSL routines:ACCEPT_SR_CLNT_HELLO:wrong version number (no auth attempts in 0 secs): user=<>, rip=xxx.xxx.xxx.xxx, lip=xxx.xxx.xxx.xxx, TLS handshaking: SSL_accept() failed: error:1402610B:SSL routines:ACCEPT_SR_CLNT_HELLO:wrong version number, session= No feedback from the Android app that doesn't work, emails are just not refreshing. Anyway, does anyone have Dovecot with TLSv1.3 as ssl_min_protocol? This is on: OpenBSD 7.2 (GENERIC.MP) #0: Wed Oct 26 12:01:47 MDT 2022 r...@syspatch-72-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP $ pkg_info -qI dovecot dovecot-fts-flatcurve dovecot-2.3.19.1p0v0 dovecot-fts-flatcurve-0.3.1 -- Regards, Mikolaj
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2022/11/16 08:52:09 Modified files: security : Makefile devel/quirks : Makefile devel/quirks/files: Quirks.pm Removed files: security/zebedee: Makefile distinfo security/zebedee/patches: patch-Makefile patch-vncviewer_zbd security/zebedee/pkg: DESCR PLIST Log message: Remove security/zebedee HOMEPAGE is dead, last updated in 2014, only BSDs and Arch AUR package it. Use socat(1) or ssh(1) or any other up-to-date tunneling solution. OK benoit (maintainer)
Re: update or remove security/clamav-unofficial-sigs ?
Hello, k...@openbsd.org (Klemens Nanni), 2022.11.14 (Mon) 10:40 (CET): > On Sun, Nov 13, 2022 at 10:33:09PM -0500, Johan Huldtgren wrote: > > On 2022-11-13 22:32, Klemens Nanni wrote: > > > We're stuck at a 2014 version while upstream is at 7.2.5 from 2021. > > > > > > Anyone still using this? Does it work with recent clamav? > > > > I have this configured and working on my mailserver (still at 7.1) > > with clamav-0.104.3, from the logs it updates the various configured > > databases. I am uncertain of exactly how effective it is. > > Thanks, so it isn't broken by default or so. > > If you upgrade to a snapshots I can send you a ports update to try the > latest unofficial filters. I use clamav-unofficial-sigs, on 7.2 and 7.1. It works and I'm and ready to test -current, 7.2 and 7.1 (for some time). Marcus > > > Anyone want to update or even maintain it? > > > > > > If not, can we move it to the attic? > > > --- > > > Information for > > > https://cdn.openbsd.org/pub/OpenBSD/snapshots/packages/amd64/clamav-unofficial-sigs-4.9.2p2.tgz > > > > > > Comment: > > > fetch and update unofficial signatures for ClamAV > > > > > > Description: > > > The clamav-unofficial-sigs script provides a simple way to download, test > > > and update third-party signature databases for ClamAV. Various databases > > > (primarily for email-borne malware/phishing) are available. > > > > > > Maintainer: The OpenBSD ports mailing-list > > > > > > WWW: https://github.com/extremeshok/clamav-unofficial-sigs > > > > > > Install notice: > > > After configuring /etc/clamav-unofficial-sigs.conf you can add the > > > following > > > to root's crontab to update the signatures regularly: > > > > > > 35 * * * * /usr/local/bin/clamav-unofficial-sigs.sh 2>&1 > /dev/null
Re: remove broken security/fragroute ?
On Wed, Nov 16, 2022 at 02:52:38PM +, Klemens Nanni wrote: > Unmaintained upstream, no update since import in 2022, does not work: *2002, ten years ago
remove security/slurpie ?
Upstream is completely dead, we're the only ones packaging it, never updated since import in 2001, unresponsive maintainer already removed, got some clang fix in 2017, but that's it. There plenty of password cracking tools available, most of which are maintained. OK to remove? --- Information for inst:slurpie-2.0bp1 Comment: distributed passwd file cracker Description: Slurpie is a passwd file cracker similar to CrackerJack and John the Ripper except that it can be run in a distributed environment (multiple computers aka nodes). Maintainer: The OpenBSD ports mailing-list WWW: http://www.jps.net/coati/archives/slurpie.html
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2022/11/16 08:27:05 Modified files: security/heimdal: Tag: OPENBSD_7_2 Makefile Log message: Unbreak: needs lang/python.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: j...@cvs.openbsd.org2022/11/16 08:00:50 Modified files: net/samba : Tag: OPENBSD_7_2 Makefile distinfo Log message: SECURITY update to samba-4.16.7 Fixes for: https://www.samba.org/samba/security/CVE-2022-42898.html (32 bits systems only) Release notes: https://www.samba.org/samba/history/samba-4.16.7.html
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: j...@cvs.openbsd.org2022/11/16 07:58:57 Modified files: net/samba : Makefile distinfo Log message: SECURITY update to samba-4.17.3 Fix for (32 bits systems only) https://www.samba.org/samba/security/CVE-2022-42898.html Release notes: https://www.samba.org/samba/history/samba-4.17.3.html
remove broken security/fragroute ?
Unmaintained upstream, no update since import in 2022, does not work: $ fragroute -h Usage: fragroute [-f file] dst Rules: delay first|last|random drop first|last|random dup first|last|random echo ... ip_chaff dup|opt| ip_frag [old|new] ip_opt lsrr|ssrr ... ip_ttl ip_tos order random|reverse print tcp_chaff cksum|null|paws|rexmit|seq|syn| tcp_opt mss|wscale tcp_seg [old|new] $ echo print >test.conf # fragroute -f test.conf 1.1.1.1 Segmentation fault (core dumped) # egdb -q -batch -ex bt fragroute fragroute.core [New process 447575] Core was generated by `fragroute'. Program terminated with signal SIGSEGV, Segmentation fault. #0 event_add (ev=0xaf2e9e54cb8, tv=0x0) at /usr/src/lib/libevent/event.c:661 661 const struct eventop *evsel = base->evsel; #0 event_add (ev=0xaf2e9e54cb8, tv=0x0) at /usr/src/lib/libevent/event.c:661 #1 0x0af2e9e4c351 in ?? () #2 0x0af2e9e4c279 in ?? () #3 0x0af2e9e4c002 in ?? () #4 0x in ?? () Same crash with default /etc/fragroute.conf -- I doubt anyone uses this. OK to remove? --- Information for inst:fragroute-1.2p8 Comment: intercept, modify, and rewrite egress traffic Description: fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behaviour. Maintainer: The OpenBSD ports mailing-list WWW: http://www.monkey.org/~dugsong/fragroute/
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: bl...@cvs.openbsd.org 2022/11/16 07:40:44 Modified files: devel/p5-Devel-NYTProf: Makefile distinfo Log message: update p5-Devel-NYTProf to 6.12
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: lr...@cvs.openbsd.org 2022/11/16 07:26:57 Modified files: www/libreddit : Makefile distinfo crates.inc Log message: www/libreddit: update to 0.24.0 changelog: * Indicate pinned posts on user profiles (close #606) 3f3d9e9 * Fix Replit deployment failure 1b5e9a4 * Fix links visible through markdown spoilers c0e3744 * HTTP compression (Reddit -> Libreddit -> client) by @Daniel-Valentine in #612 * Use permalink offered by Reddit (fixes #613). by @Daniel-Valentine in #614 * Add DoomOne theme, c/o Tildemaster r...@vern.cc by @Daniel-Valentine in #611 * Add support for /comments endpoint 170ea38 * Redirect /:id to canonical URL for post. by @Daniel-Valentine in #617 * Add format_url tests by @sigaloid in #615 * Implement 'posts hidden because of NSFW'. (Resolves #159) by @Daniel-Valentine in #619 * T.: Docs update by @artemislena in #639 ok sthen
Re: [new] databases/rocksdb
Le Tue, Nov 01, 2022 at 02:15:22AM -0400, Brad Smith a écrit : > On 10/31/2022 2:15 PM, Landry Breuil wrote: > > Hi, > > > > here's a port of facebook's rocksdb (http://rocksdb.org/), a fork of > > google's leveldb. I've enabled all the archivers deps because > > stalwart-jmap apparently uses snappy compress via rocksdb-rs for its index > > storage. with the shipped ldb binary, i'm able to play/inspect with the > > internal index, eventually backuping it (cf > > https://github.com/facebook/rocksdb/wiki/Administration-and-Data-Access-Tool). > > > > = > > RocksDB is an embeddable persistent key-value store for fast storage. > > It can also be the foundation for a client-server database but the > > current focus is on embedded workloads. > > = > > > > feedback welcome. I dont really know if this can get picked up by some > > other ports, from my understanding mariadb can/might use it ? > > MariaDB uses it's own embedded copy of RocksDB for the DB engine. > > Looking at what supports RocksDB so far, it's bindings that do not typically > come > out of the box with the respective languages and we do not have them in the > ports > tree. So I don't think that's much of an issue. > > https://github.com/facebook/rocksdb/blob/main/LANGUAGE-BINDINGS.md > > I pushed a patch to improve arm64 support. > > https://github.com/facebook/rocksdb/commit/0311956fa44265db45641df94544df72bfc7782f.patch Thanks, integrated it in a new version of the port - is your patch in a PR upstream ? I've just filed https://github.com/facebook/rocksdb/pull/10958 to fix i386. new version of the port installs ldb for debugging/examine DBs; anyone feeling like okaying it ? Landry rocksdb-7.7.3_2.tgz Description: application/tar-gz
Re: new devel/p5-Syntax-Keyword-Defer and p5-Syntax-Keyword-Try
Sorry for all my Perl ports@ spam. To get p5-Devel-MAT commited, I need four more modules in total. These two were missed by potential reviewers. anyone? bluhm On Thu, Nov 10, 2022 at 07:23:55PM +0100, Alexander Bluhm wrote: > Hi, > > Tests of both modules depend on each other, so I want to add them > together. > > ok to import p5-Syntax-Keyword-Defer 0.07 > > Comment: > execute code when leaving a block > > Description: > This module provides a syntax plugin that implements a block which > executes when the containing scope has finished. > > ok to import p5-Syntax-Keyword-Try 0.27 > > Comment: > try/catch/finally syntax for perl > > Description: > This module provides a syntax plugin that implements exception-handling > semantics in a form familiar to users of other languages, being built > on a block labeled with the try keyword, followed by at least one of a > catch or finally block. > > bluhm p5-Syntax-Keyword-Defer.tgz Description: application/tar-gz p5-Syntax-Keyword-Try.tgz Description: application/tar-gz
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2022/11/16 06:26:16 Modified files: security/heimdal: Makefile Log message: Unbreak, need python to build.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: k...@cvs.openbsd.org2022/11/16 05:53:00 Modified files: security : Makefile devel/quirks : Makefile devel/quirks/files: Quirks.pm Removed files: security/despoof: Makefile distinfo security/despoof/patches: patch-despoof_c security/despoof/pkg: DESCR PLIST Log message: Remove security/despoof Dead upstream, unmaintained since import in 2001, noone else packages it. OK sthen
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2022/11/16 05:47:18 Modified files: devel/spidermonkey102: Makefile distinfo Log message: Update to spidermonkey102-102.5.0.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: ajacou...@cvs.openbsd.org 2022/11/16 05:45:55 Modified files: sysutils/consul: Makefile distinfo Removed files: sysutils/consul/patches: patch-vendor_github_com_shirou_gopsutil_v3_disk_disk_openbsd_go Log message: Update to consul-1.14.0.
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs
Module name:ports
Changes by: rob...@cvs.openbsd.org 2022/11/16 05:27:21
Modified files:
security/heimdal: Tag: OPENBSD_7_2 Makefile distinfo
security/heimdal/pkg: Tag: OPENBSD_7_2 PLIST-devel-docs
PLIST-libs
Removed files:
security/heimdal/patches: Tag: OPENBSD_7_2
patch-lib_hdb_hdb-mitdb_c
Log message:
security update to 7.7.1; fixes multiple CVEs:
CVE-2022-42898 PAC parse integer overflows
CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ
CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2022/11/16 04:25:33 Modified files: astro/py-astropy: Makefile astro/py-erfa : Makefile Log message: bump
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs Module name:ports Changes by: st...@cvs.openbsd.org 2022/11/16 01:48:11 Modified files: mail/dovecot-fts-flatcurve: Makefile distinfo Log message: update to dovecot-fts-flatcurve-0.3.3
CVS: cvs.openbsd.org: ports
CVSROOT:/cvs
Module name:ports
Changes by: rob...@cvs.openbsd.org 2022/11/16 01:47:38
Modified files:
security/heimdal: Makefile distinfo
security/heimdal/patches: patch-lib_hx509_softp11_c
patch-lib_krb5_krb5_h
security/heimdal/pkg: PLIST-devel-docs PLIST-libs
Removed files:
security/heimdal/patches: patch-lib_hdb_hdb-mitdb_c
Log message:
security update to 7.8.0; fixes several CVEs:
CVE-2022-42898 PAC parse integer overflows
CVE-2022-3437 Overflows and non-constant time leaks in DES{,3} and arcfour
CVE-2022-41916 Fix Unicode normalization read of 1 bytes past end of array
CVE-2021-44758 NULL dereference DoS in SPNEGO acceptors
CVE-2021-3671 A null pointer de-reference when handling missing sname in TGS-REQ
CVE-2022-44640 Heimdal KDC: invalid free in ASN.1 codec
ok aja@
