Re: NEW: security/dicepassc

2017-03-02 Thread Stuart Henderson 
On 2017/03/02 16:37, Andre Stoebe wrote:
> On 02.03.2017 03:52, Crescent Arnoux wrote:
> > You can obtain a diceware passphrase using tools already in base.
> 
> Yes, of course you can. It'll likely get messier the more you try to
> imitate dicepassc's behaviour, for example multiple passphrases:
> 
> $ time sort -R diceware.asc | head -6 | cut -f2 >/dev/null
> 0m00.47s real 0m00.45s user 0m00.02s system
> 
> $ time dicepassc -d 1024 >/dev/null
> 0m00.03s real 0m00.02s user 0m00.02s system
> 
> Plus you get a tight pledge and explicit_bzero.
> 
> I wrote it because I don't want to use physical dice, dont trust some
> app written in another scripting language, and wanted to use the OpenBSD
> libc.
> 
> My intention was also to contribute a little to the OpenBSD ports
> ecosystem especially by using pledge etc., but I see there are
> reservations to committing it.

That's not what reservations look like ;)

Thanks for the port - committed.

Re: NEW: security/dicepassc

2017-03-02 Thread Andre Stoebe 
On 02.03.2017 03:52, Crescent Arnoux wrote:
> You can obtain a diceware passphrase using tools already in base.

Yes, of course you can. It'll likely get messier the more you try to
imitate dicepassc's behaviour, for example multiple passphrases:

$ time sort -R diceware.asc | head -6 | cut -f2 >/dev/null
0m00.47s real 0m00.45s user 0m00.02s system

$ time dicepassc -d 1024 >/dev/null
0m00.03s real 0m00.02s user 0m00.02s system

Plus you get a tight pledge and explicit_bzero.

I wrote it because I don't want to use physical dice, dont trust some
app written in another scripting language, and wanted to use the OpenBSD
libc.

My intention was also to contribute a little to the OpenBSD ports
ecosystem especially by using pledge etc., but I see there are
reservations to committing it.

> P.S. The real fun with diceware is using some quality casino dice.

Have fun then.

Regards
André

Re: NEW: security/dicepassc

2017-03-01 Thread Crescent Arnoux 
You can obtain a diceware passphrase using tools already in base.

$ sort -R diceware.asc | head -6 | cut -f2

P.S. The real fun with diceware is using some quality casino dice.

On Mar 01 22:32, Mikolaj Kucharski wrote:
> On Sat, Feb 25, 2017 at 09:52:09PM +, Mikolaj Kucharski wrote:
> > > Can you add 
> > > # uses pledge()
> > > just before WANTLIB?
> > > 
> > > With that, ok danj@ if someone wants to import it.
> > 
> > Updated port attached.
> 
> Ping.
> 
> https://marc.info/?l=openbsd-ports=148805954307219=2
> 
> -- 
> best regards
> q#
> 

-- 
Crescent Arnoux 
D59B 9AEA C09B 1EB6 1AF1  97CA 8750 F5B2 5C10 49F4
http://pastebin.com/rENiaPLq

Re: NEW: security/dicepassc

2017-03-01 Thread Mikolaj Kucharski 
On Sat, Feb 25, 2017 at 09:52:09PM +, Mikolaj Kucharski wrote:
> > Can you add 
> > # uses pledge()
> > just before WANTLIB?
> > 
> > With that, ok danj@ if someone wants to import it.
> 
> Updated port attached.

Ping.

https://marc.info/?l=openbsd-ports=148805954307219=2

-- 
best regards
q#

Re: NEW: security/dicepassc

2017-02-25 Thread Daniel Jakots 
On Wed, 15 Feb 2017 22:03:30 +, Mikolaj Kucharski
 wrote:

> On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote:
> > attached is dicepassc, a small utility I wrote.
> > 
> > Comment:
> > passphrase generator based on Diceware and EFF wordlists
> > 
> > Homepage:
> > https://www.nul.space/dicepassc/
 
> Updated port which respects PREFIX based on Andre's earlier
> submission.
> 

Can you add 
# uses pledge()
just before WANTLIB?

With that, ok danj@ if someone wants to import it.

Re: NEW: security/dicepassc

2017-02-24 Thread Mikolaj Kucharski 
On Fri, Feb 17, 2017 at 11:24:22PM +, Mikolaj Kucharski wrote:
> On Wed, Feb 15, 2017 at 10:03:30PM +, Mikolaj Kucharski wrote:
> > On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote:
> > > Hi,
> > > 
> > > attached is dicepassc, a small utility I wrote.
> > > 
> > > Comment:
> > > passphrase generator based on Diceware and EFF wordlists
> > > 
> > > Homepage:
> > > https://www.nul.space/dicepassc/
> > > 
> > > Regards
> > > Andre
> > 
> > 
> > Updated port which respects PREFIX based on Andre's earlier submission.
> > 
> 
> Any other feedback? Would it be possible to commit this to the tree?
> 
> https://marc.info/?l=openbsd-ports=148719622528886=2
> 

Kind reminder.

-- 
best regards
q#

Re: NEW: security/dicepassc

2017-02-17 Thread Mikolaj Kucharski 
On Wed, Feb 15, 2017 at 10:03:30PM +, Mikolaj Kucharski wrote:
> On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote:
> > Hi,
> > 
> > attached is dicepassc, a small utility I wrote.
> > 
> > Comment:
> > passphrase generator based on Diceware and EFF wordlists
> > 
> > Homepage:
> > https://www.nul.space/dicepassc/
> > 
> > Regards
> > Andre
> 
> 
> Updated port which respects PREFIX based on Andre's earlier submission.
> 

Any other feedback? Would it be possible to commit this to the tree?

https://marc.info/?l=openbsd-ports=148719622528886=2

-- 
best regards
q#

Re: NEW: security/dicepassc

2017-02-15 Thread Mikolaj Kucharski 
On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote:
> Hi,
> 
> attached is dicepassc, a small utility I wrote.
> 
> Comment:
> passphrase generator based on Diceware and EFF wordlists
> 
> Homepage:
> https://www.nul.space/dicepassc/
> 
> Regards
> Andre


Updated port which respects PREFIX based on Andre's earlier submission.

-- 
best regards
q#


dicepassc.port-v2.tar.gz
Description: application/tar-gz

Re: NEW: security/dicepassc

2017-02-14 Thread Mikolaj Kucharski 
On Mon, Feb 13, 2017 at 11:06:12PM +0100, Andre Stoebe wrote:
> On 12.02.2017 20:34, Mikolaj Kucharski wrote:
> > portcheck didn't complain, make lib-depends-check is happy too.
> > 
> > However I see that in sources of the app you hardcode `/usr/local`
> > path. I think it would be better to add to the ports Makefile something
> > as follows:
> > 
> > 
> > --- MakefileThu Feb  9 10:32:39 2017
> > +++ Makefile.newSun Feb 12 19:30:38 2017
> > @@ -19,4 +19,8 @@
> >  
> >  NO_TEST =  Yes
> >  
> > +pre-configure:
> > +   sed -i -e "s,/usr/local,${PREFIX},g;" \
> > +   ${WRKSRC}/Makefile ${WRKSRC}/dicepassc.c ${WRKSRC}/dicepassc.1
> > +
> >  .include 
> 
> Hi,
> 
> thanks for the feedback.
> 
> You're right, PREFIX isn't honored at all which bothers me too, now
> that I understand a bit better. I'm actually quite inexperienced with
> make and thankful that bsd.prog.mk does most of the work for me...
> 
> Would it be better to handle it in the sources? I did some tests with
> sed (for the manual) and a preprocessor define (for the c file) to set
> the paths based on PREFIX. But I wonder if that's overkill... After
> all it's an OpenBSD-only application.
> 
> Regards
> Andre
> 
> Something like this:
> 
> PROG= dicepassc
> SRCS= ${PROG}.c
> MAN=  ${PROG}.1
> MDOC= ${PROG}.mdoc
> 
> PREFIX?=  /usr/local
> BINDIR=   ${PREFIX}/bin
> MANDIR=   ${PREFIX}/man/man
> SHAREDIR= ${PREFIX}/share
> WORDLISTDIR=  ${SHAREDIR}/${PROG}
> 
> CFLAGS+=  -g -W -Wall -Werror
> CFLAGS+=  -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations
> CFLAGS+=  -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare
> CFLAGS+=  -DWORDLISTDIR=${WORDLISTDIR}
> 
> CLEANFILES+=  ${MAN}
> 
> ${MAN}: ${MDOC}
>   sed -e "s,WORDLISTDIR,${WORDLISTDIR},g" ${MDOC} >${MAN}
> 
> afterinstall:
>   ${INSTALL} -d -o${SHAREOWN} -g${SHAREGRP} -m${DIRMODE} \
>   ${DESTDIR}${WORDLISTDIR}
>   ${INSTALL} ${INSTALL_COPY} -o${SHAREOWN} -g${SHAREGRP} -m${SHAREMODE} \
>   wordlists/diceware.wordlist \
>   wordlists/eff_large.wordlist \
>   wordlists/eff_short_1.wordlist \
>   ${DESTDIR}${WORDLISTDIR}
> 
> .include 

This seems reasonable to me, even though it may be an overkill, if you
are targeting only OpenBSD.

-- 
best regards
q#

Re: NEW: security/dicepassc

2017-02-13 Thread Andre Stoebe 
On 12.02.2017 20:34, Mikolaj Kucharski wrote:
> portcheck didn't complain, make lib-depends-check is happy too.
> 
> However I see that in sources of the app you hardcode `/usr/local`
> path. I think it would be better to add to the ports Makefile something
> as follows:
> 
> 
> --- Makefile  Thu Feb  9 10:32:39 2017
> +++ Makefile.new  Sun Feb 12 19:30:38 2017
> @@ -19,4 +19,8 @@
>  
>  NO_TEST =Yes
>  
> +pre-configure:
> + sed -i -e "s,/usr/local,${PREFIX},g;" \
> + ${WRKSRC}/Makefile ${WRKSRC}/dicepassc.c ${WRKSRC}/dicepassc.1
> +
>  .include 

Hi,

thanks for the feedback.

You're right, PREFIX isn't honored at all which bothers me too, now
that I understand a bit better. I'm actually quite inexperienced with
make and thankful that bsd.prog.mk does most of the work for me...

Would it be better to handle it in the sources? I did some tests with
sed (for the manual) and a preprocessor define (for the c file) to set
the paths based on PREFIX. But I wonder if that's overkill... After
all it's an OpenBSD-only application.

Regards
Andre

Something like this:

PROG=   dicepassc
SRCS=   ${PROG}.c
MAN=${PROG}.1
MDOC=   ${PROG}.mdoc

PREFIX?=/usr/local
BINDIR= ${PREFIX}/bin
MANDIR= ${PREFIX}/man/man
SHAREDIR=   ${PREFIX}/share
WORDLISTDIR=${SHAREDIR}/${PROG}

CFLAGS+=-g -W -Wall -Werror
CFLAGS+=-Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations
CFLAGS+=-Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare
CFLAGS+=-DWORDLISTDIR=${WORDLISTDIR}

CLEANFILES+=${MAN}

${MAN}: ${MDOC}
sed -e "s,WORDLISTDIR,${WORDLISTDIR},g" ${MDOC} >${MAN}

afterinstall:
${INSTALL} -d -o${SHAREOWN} -g${SHAREGRP} -m${DIRMODE} \
${DESTDIR}${WORDLISTDIR}
${INSTALL} ${INSTALL_COPY} -o${SHAREOWN} -g${SHAREGRP} -m${SHAREMODE} \
wordlists/diceware.wordlist \
wordlists/eff_large.wordlist \
wordlists/eff_short_1.wordlist \
${DESTDIR}${WORDLISTDIR}

.include

Re: NEW: security/dicepassc

2017-02-12 Thread Mikolaj Kucharski 
On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote:
> Hi,
> 
> attached is dicepassc, a small utility I wrote.
> 
> Comment:
> passphrase generator based on Diceware and EFF wordlists
> 
> Homepage:
> https://www.nul.space/dicepassc/
> 
> Regards
> Andre

portcheck didn't complain, make lib-depends-check is happy too.

However I see that in sources of the app you hardcode `/usr/local`
path. I think it would be better to add to the ports Makefile something
as follows:


--- MakefileThu Feb  9 10:32:39 2017
+++ Makefile.newSun Feb 12 19:30:38 2017
@@ -19,4 +19,8 @@
 
 NO_TEST =  Yes
 
+pre-configure:
+   sed -i -e "s,/usr/local,${PREFIX},g;" \
+   ${WRKSRC}/Makefile ${WRKSRC}/dicepassc.c ${WRKSRC}/dicepassc.1
+
 .include 


-- 
best regards
q#

NEW: security/dicepassc

2017-02-09 Thread Andre Stoebe 
Hi,

attached is dicepassc, a small utility I wrote.

Comment:
passphrase generator based on Diceware and EFF wordlists

Homepage:
https://www.nul.space/dicepassc/

Regards
Andre


dicepassc-1.0.tar.gz
Description: GNU Zip compressed data