Re: NEW: security/dicepassc
On 2017/03/02 16:37, Andre Stoebe wrote: > On 02.03.2017 03:52, Crescent Arnoux wrote: > > You can obtain a diceware passphrase using tools already in base. > > Yes, of course you can. It'll likely get messier the more you try to > imitate dicepassc's behaviour, for example multiple passphrases: > > $ time sort -R diceware.asc | head -6 | cut -f2 >/dev/null > 0m00.47s real 0m00.45s user 0m00.02s system > > $ time dicepassc -d 1024 >/dev/null > 0m00.03s real 0m00.02s user 0m00.02s system > > Plus you get a tight pledge and explicit_bzero. > > I wrote it because I don't want to use physical dice, dont trust some > app written in another scripting language, and wanted to use the OpenBSD > libc. > > My intention was also to contribute a little to the OpenBSD ports > ecosystem especially by using pledge etc., but I see there are > reservations to committing it. That's not what reservations look like ;) Thanks for the port - committed.
Re: NEW: security/dicepassc
On 02.03.2017 03:52, Crescent Arnoux wrote: > You can obtain a diceware passphrase using tools already in base. Yes, of course you can. It'll likely get messier the more you try to imitate dicepassc's behaviour, for example multiple passphrases: $ time sort -R diceware.asc | head -6 | cut -f2 >/dev/null 0m00.47s real 0m00.45s user 0m00.02s system $ time dicepassc -d 1024 >/dev/null 0m00.03s real 0m00.02s user 0m00.02s system Plus you get a tight pledge and explicit_bzero. I wrote it because I don't want to use physical dice, dont trust some app written in another scripting language, and wanted to use the OpenBSD libc. My intention was also to contribute a little to the OpenBSD ports ecosystem especially by using pledge etc., but I see there are reservations to committing it. > P.S. The real fun with diceware is using some quality casino dice. Have fun then. Regards André
Re: NEW: security/dicepassc
You can obtain a diceware passphrase using tools already in base. $ sort -R diceware.asc | head -6 | cut -f2 P.S. The real fun with diceware is using some quality casino dice. On Mar 01 22:32, Mikolaj Kucharski wrote: > On Sat, Feb 25, 2017 at 09:52:09PM +, Mikolaj Kucharski wrote: > > > Can you add > > > # uses pledge() > > > just before WANTLIB? > > > > > > With that, ok danj@ if someone wants to import it. > > > > Updated port attached. > > Ping. > > https://marc.info/?l=openbsd-ports&m=148805954307219&w=2 > > -- > best regards > q# > -- Crescent Arnoux D59B 9AEA C09B 1EB6 1AF1 97CA 8750 F5B2 5C10 49F4 http://pastebin.com/rENiaPLq
Re: NEW: security/dicepassc
On Sat, Feb 25, 2017 at 09:52:09PM +, Mikolaj Kucharski wrote: > > Can you add > > # uses pledge() > > just before WANTLIB? > > > > With that, ok danj@ if someone wants to import it. > > Updated port attached. Ping. https://marc.info/?l=openbsd-ports&m=148805954307219&w=2 -- best regards q#
Re: NEW: security/dicepassc
Hi, On Sat, Feb 25, 2017 at 11:07:48AM -0500, Daniel Jakots wrote: > On Wed, 15 Feb 2017 22:03:30 +, Mikolaj Kucharski > wrote: > > > On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote: > > > attached is dicepassc, a small utility I wrote. > > > > > > Comment: > > > passphrase generator based on Diceware and EFF wordlists > > > > > > Homepage: > > > https://www.nul.space/dicepassc/ > > > Updated port which respects PREFIX based on Andre's earlier > > submission. > > > > Can you add > # uses pledge() > just before WANTLIB? > > With that, ok danj@ if someone wants to import it. Updated port attached. -- best regards q# dicepassc.port-v3.tar.gz Description: application/tar-gz
Re: NEW: security/dicepassc
On Wed, 15 Feb 2017 22:03:30 +, Mikolaj Kucharski wrote: > On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote: > > attached is dicepassc, a small utility I wrote. > > > > Comment: > > passphrase generator based on Diceware and EFF wordlists > > > > Homepage: > > https://www.nul.space/dicepassc/ > Updated port which respects PREFIX based on Andre's earlier > submission. > Can you add # uses pledge() just before WANTLIB? With that, ok danj@ if someone wants to import it.
Re: NEW: security/dicepassc
On Fri, Feb 17, 2017 at 11:24:22PM +, Mikolaj Kucharski wrote: > On Wed, Feb 15, 2017 at 10:03:30PM +, Mikolaj Kucharski wrote: > > On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote: > > > Hi, > > > > > > attached is dicepassc, a small utility I wrote. > > > > > > Comment: > > > passphrase generator based on Diceware and EFF wordlists > > > > > > Homepage: > > > https://www.nul.space/dicepassc/ > > > > > > Regards > > > Andre > > > > > > Updated port which respects PREFIX based on Andre's earlier submission. > > > > Any other feedback? Would it be possible to commit this to the tree? > > https://marc.info/?l=openbsd-ports&m=148719622528886&w=2 > Kind reminder. -- best regards q#
Re: NEW: security/dicepassc
On Wed, Feb 15, 2017 at 10:03:30PM +, Mikolaj Kucharski wrote: > On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote: > > Hi, > > > > attached is dicepassc, a small utility I wrote. > > > > Comment: > > passphrase generator based on Diceware and EFF wordlists > > > > Homepage: > > https://www.nul.space/dicepassc/ > > > > Regards > > Andre > > > Updated port which respects PREFIX based on Andre's earlier submission. > Any other feedback? Would it be possible to commit this to the tree? https://marc.info/?l=openbsd-ports&m=148719622528886&w=2 -- best regards q#
Re: NEW: security/dicepassc
On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote: > Hi, > > attached is dicepassc, a small utility I wrote. > > Comment: > passphrase generator based on Diceware and EFF wordlists > > Homepage: > https://www.nul.space/dicepassc/ > > Regards > Andre Updated port which respects PREFIX based on Andre's earlier submission. -- best regards q# dicepassc.port-v2.tar.gz Description: application/tar-gz
Re: NEW: security/dicepassc
On Mon, Feb 13, 2017 at 11:06:12PM +0100, Andre Stoebe wrote: > On 12.02.2017 20:34, Mikolaj Kucharski wrote: > > portcheck didn't complain, make lib-depends-check is happy too. > > > > However I see that in sources of the app you hardcode `/usr/local` > > path. I think it would be better to add to the ports Makefile something > > as follows: > > > > > > --- MakefileThu Feb 9 10:32:39 2017 > > +++ Makefile.newSun Feb 12 19:30:38 2017 > > @@ -19,4 +19,8 @@ > > > > NO_TEST = Yes > > > > +pre-configure: > > + sed -i -e "s,/usr/local,${PREFIX},g;" \ > > + ${WRKSRC}/Makefile ${WRKSRC}/dicepassc.c ${WRKSRC}/dicepassc.1 > > + > > .include > > Hi, > > thanks for the feedback. > > You're right, PREFIX isn't honored at all which bothers me too, now > that I understand a bit better. I'm actually quite inexperienced with > make and thankful that bsd.prog.mk does most of the work for me... > > Would it be better to handle it in the sources? I did some tests with > sed (for the manual) and a preprocessor define (for the c file) to set > the paths based on PREFIX. But I wonder if that's overkill... After > all it's an OpenBSD-only application. > > Regards > Andre > > Something like this: > > PROG= dicepassc > SRCS= ${PROG}.c > MAN= ${PROG}.1 > MDOC= ${PROG}.mdoc > > PREFIX?= /usr/local > BINDIR= ${PREFIX}/bin > MANDIR= ${PREFIX}/man/man > SHAREDIR= ${PREFIX}/share > WORDLISTDIR= ${SHAREDIR}/${PROG} > > CFLAGS+= -g -W -Wall -Werror > CFLAGS+= -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations > CFLAGS+= -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare > CFLAGS+= -DWORDLISTDIR=${WORDLISTDIR} > > CLEANFILES+= ${MAN} > > ${MAN}: ${MDOC} > sed -e "s,WORDLISTDIR,${WORDLISTDIR},g" ${MDOC} >${MAN} > > afterinstall: > ${INSTALL} -d -o${SHAREOWN} -g${SHAREGRP} -m${DIRMODE} \ > ${DESTDIR}${WORDLISTDIR} > ${INSTALL} ${INSTALL_COPY} -o${SHAREOWN} -g${SHAREGRP} -m${SHAREMODE} \ > wordlists/diceware.wordlist \ > wordlists/eff_large.wordlist \ > wordlists/eff_short_1.wordlist \ > ${DESTDIR}${WORDLISTDIR} > > .include This seems reasonable to me, even though it may be an overkill, if you are targeting only OpenBSD. -- best regards q#
Re: NEW: security/dicepassc
On 12.02.2017 20:34, Mikolaj Kucharski wrote: > portcheck didn't complain, make lib-depends-check is happy too. > > However I see that in sources of the app you hardcode `/usr/local` > path. I think it would be better to add to the ports Makefile something > as follows: > > > --- Makefile Thu Feb 9 10:32:39 2017 > +++ Makefile.new Sun Feb 12 19:30:38 2017 > @@ -19,4 +19,8 @@ > > NO_TEST =Yes > > +pre-configure: > + sed -i -e "s,/usr/local,${PREFIX},g;" \ > + ${WRKSRC}/Makefile ${WRKSRC}/dicepassc.c ${WRKSRC}/dicepassc.1 > + > .include Hi, thanks for the feedback. You're right, PREFIX isn't honored at all which bothers me too, now that I understand a bit better. I'm actually quite inexperienced with make and thankful that bsd.prog.mk does most of the work for me... Would it be better to handle it in the sources? I did some tests with sed (for the manual) and a preprocessor define (for the c file) to set the paths based on PREFIX. But I wonder if that's overkill... After all it's an OpenBSD-only application. Regards Andre Something like this: PROG= dicepassc SRCS= ${PROG}.c MAN=${PROG}.1 MDOC= ${PROG}.mdoc PREFIX?=/usr/local BINDIR= ${PREFIX}/bin MANDIR= ${PREFIX}/man/man SHAREDIR= ${PREFIX}/share WORDLISTDIR=${SHAREDIR}/${PROG} CFLAGS+=-g -W -Wall -Werror CFLAGS+=-Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations CFLAGS+=-Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare CFLAGS+=-DWORDLISTDIR=${WORDLISTDIR} CLEANFILES+=${MAN} ${MAN}: ${MDOC} sed -e "s,WORDLISTDIR,${WORDLISTDIR},g" ${MDOC} >${MAN} afterinstall: ${INSTALL} -d -o${SHAREOWN} -g${SHAREGRP} -m${DIRMODE} \ ${DESTDIR}${WORDLISTDIR} ${INSTALL} ${INSTALL_COPY} -o${SHAREOWN} -g${SHAREGRP} -m${SHAREMODE} \ wordlists/diceware.wordlist \ wordlists/eff_large.wordlist \ wordlists/eff_short_1.wordlist \ ${DESTDIR}${WORDLISTDIR} .include
Re: NEW: security/dicepassc
On Thu, Feb 09, 2017 at 02:50:12PM +0100, Andre Stoebe wrote: > Hi, > > attached is dicepassc, a small utility I wrote. > > Comment: > passphrase generator based on Diceware and EFF wordlists > > Homepage: > https://www.nul.space/dicepassc/ > > Regards > Andre portcheck didn't complain, make lib-depends-check is happy too. However I see that in sources of the app you hardcode `/usr/local` path. I think it would be better to add to the ports Makefile something as follows: --- MakefileThu Feb 9 10:32:39 2017 +++ Makefile.newSun Feb 12 19:30:38 2017 @@ -19,4 +19,8 @@ NO_TEST = Yes +pre-configure: + sed -i -e "s,/usr/local,${PREFIX},g;" \ + ${WRKSRC}/Makefile ${WRKSRC}/dicepassc.c ${WRKSRC}/dicepassc.1 + .include -- best regards q#
NEW: security/dicepassc
Hi, attached is dicepassc, a small utility I wrote. Comment: passphrase generator based on Diceware and EFF wordlists Homepage: https://www.nul.space/dicepassc/ Regards Andre dicepassc-1.0.tar.gz Description: GNU Zip compressed data