there was tiny error I created.
-Luke
On Wed, Jun 3, 2020 at 2:24 PM Luke Small wrote:
> There! It doesn't use an unveil list. It has 2 dry runs as proposed.
> It could just have a dry run to see if it goes into interactive mode
> and then unveil as we go! but I like to see all the unveil calls
There! It doesn't use an unveil list. It has 2 dry runs as proposed.
It could just have a dry run to see if it goes into interactive mode
and then unveil as we go! but I like to see all the unveil calls before
the ftp output statements myself!
-Luke
On Wed, Jun 3, 2020 at 11:30 AM Luke Small wro
On Tue, Jun 02, 2020 at 01:48:33PM +, RT wrote:
> I have already gone through the autoinstall man page but I didn't understand
> how to do that using local(offline without the TFTP server) file(do I need to
> write rewrite the bsd.rd and include the install.conf file? from
> https://marc.in
TJ wrote:
> I'm migrating my system configs from one OpenBSD machine (Pentium 4) to
> another (Core 2 Duo).
>
> I noticed unpredictable crashes of the Privoxy package when run and used
> on the C2D computer. These crashes don't occur on the P4 at all, with
> the same traffic.
I tried to reprodu
On Wed, Jun 03, 2020 at 02:07:52PM -0400, Sonic wrote:
> On Wed, Jun 3, 2020 at 1:49 PM Tobias Heider wrote:
> > It does. /etc/iked/pubkeys/fqdn/server2.domain is where the peer's public
> > key
> > should be.
>
> The peers public key is there, the peer, as far as I can tell is
> server1.domain
On Wed, Jun 3, 2020 at 1:49 PM Tobias Heider wrote:
> It does. /etc/iked/pubkeys/fqdn/server2.domain is where the peer's public key
> should be.
The peers public key is there, the peer, as far as I can tell is
server1.domain, yet the example shows server2.domain.
On Wed, Jun 03, 2020 at 01:09:02PM -0400, Sonic wrote:
> Following the FAQ at https://www.openbsd.org/faq/faq17.html I ran into
> the following problem with the server2 example:
> ===
> ikev2 'server2_rsa' active esp \
> from 10.0.2.0/24 to 10.0.1.0/24 \
> pe
Following the FAQ at https://www.openbsd.org/faq/faq17.html I ran into
the following problem with the server2 example:
===
ikev2 'server2_rsa' active esp \
from 10.0.2.0/24 to 10.0.1.0/24 \
peer 192.0.2.1 \
dstid server2.domain
===
Or you could have 2 dry runs. One to merely see that it won't head into
interactive mode
and a second one to start the unveiling directly in fetch.c. Unless unveil
itself will
have too many entries!
-Luke
On Wed, Jun 3, 2020 at 11:12 AM Luke Small wrote:
> I figure if it took up that much stack
I figure if it took up that much stack space from before, it'd start
needing to
dang near run the stack into on-disk virtual memory anyway. At that point,
it'd perhaps be a better design choice to break up your ftp calls into
slightly
smaller chunks to avoid massively poor performance, yeah? LOL
I
On Wed, Jun 03, 2020 at 12:27:00AM +0100, Chris Narkiewicz wrote:
[...]
> My setup consist of OpenBSD 6.7 with full drive encryption using
> softraid, configured as described in FAQ:
>
> /dev/sd0a - encrypted volume
> /dev/sd1 - decrypted
>
> I have additional need to mount an encrypted /var vol
You really don't get it.
+ unveil_list = calloc(2 * argc, sizeof(char*));
Imagine argc is 1.
+ for (i = 2 * argc - 2; i >= 0; i -= 2) {
+ if (unveil_list[i]) {
+ if (unveil(unveil_
I’ll be the first to admit that I don’t completely understand the power
that is the ftp client. but what I do understand of it, from the
perspective of noninteractive commandline execution, it seems to fit the
bill. For file and http(s) transfers. I didn’t see any buffer overflows and
I’m sure that
I mean it is amusing, because this is never going to fly.
This increase in complexity is completely unacceptable, what I see is
completely amateurish, and I also see overflows, a lack of testing
for edge conditions, and a lack of attention to how unveil works.
Luke Small wrote:
> You're welcom
You're welcome! I figured you might not want a “massive” diff to cap off
your day to make a program that you apparently feel is secure enough, but I
made good that I got off my ass and did something anyway. I’m surprised
that you even went to the trouble of pledging it myself. It only took 2 or
3 d
Thank you for the laugh.
Luke Small wrote:
> I think I'm done tinkering. try these out in ftp folder. I left in some
> fprintf(ttyout,...) in main.c
> to show what is being unveiled. It resolves shortcuts in SSL_CAFILE
> and SSL_PATH variables.
> It leaves in place the functionality of the orig
I think I'm done tinkering. try these out in ftp folder. I left in some
fprintf(ttyout,...) in main.c
to show what is being unveiled. It resolves shortcuts in SSL_CAFILE
and SSL_PATH variables.
It leaves in place the functionality of the original functions, but adds
the availability to perform
a dr
On 2020-06-02 23:27, Chris Narkiewicz wrote:
> Somebody on StackOverflow advised on modifying /etc/rc
> and run bioctl before disks are mounted, but I'm not sure
> if this is a right approach, especially that attaching
> more disks might change the /dev/sd* numberign.
That would cause yourself mai
I think I'm done tinkering. try these out in ftp folder. I left in some
fprintf(ttyout,...) in main.c
to show what is being unveiled. It resolves shortcuts in SSL_CAFILE
and SSL_PATH variables.
It leaves in place the functionality of the original functions, but adds
the availability to perform
a dr
19 matches
Mail list logo