19 September 2014

Puffy

Undeadly :: BSDNow Episode 055: The Promised WLAN

In this episode of BSDNow, Kris and Allan go over the week's BSD odds and ends, including mention of an interesting article about using a Linux rescue image to bootstrap a headless OpenBSD installation on remote machines. Headlining is an interview with the FreeBSD wireless stack maintainer, Adrian Chadd.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

16 September 2014

Puffy

Undeadly :: Heads Up: Sendmail Removed from Base

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

In the first of several commits, Matthieu Herrb (matthieu@) has removed sendmail from the release:

CVSROOT:	/cvs
Module name:	src
Changes by:	matthieu@cvs.openbsd.org	2014/09/15 16:25:57

Modified files:
	gnu/usr.sbin   : Makefile 

Log message:
Unlink sendmail from the build. ok krw@ ajacoutot@

Users of OpenSMTPd can rejoice in having no work to do; others will have to install sendmail from packages.

12 September 2014

Puffy

Undeadly :: BSDNow Episode 054: Luminary Environment

In this week's episode, the BSDNow crew discusses the week's dealings in the world of BSD, with a decent focus on OpenBSD's systemd-shim GSoC project, OpenBSD's versioning schemes, and the OpenBSD port of portscout.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

Undeadly :: GSoC 2014: Systemd replacement utilities (systembsd)

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Ian Kremlin wrote in with this report on the GSoC he was involved in:
This summer I, along with my mentors Landry Breuil and Antoine Jacoutot, worked on systemd shim-like replacements for four D-Bus daemons systemd provides, namely hostnamed, localed, timedated, and logind.
Read more...

05 September 2014

Puffy

Undeadly :: 2Q Buffer Cache in OpenBSD

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Ted Unangst (tedu@) wrote a blog post about his replacement of the simple LRU buffer cache algorithm with a 2Q-ish one:

Since the dawn of time, the OpenBSD buffer cache replacement algorithm has been LRU. It’s not always ideal, but it often comes close enough and it’s simple enough to implement that it’s remained the tried and true classic for a long time. I just changed the algorithm to one modelled somewhat after the 2Q algorithm by Johnson and Shasha. (PDF)
Read more...

04 September 2014

Puffy

Undeadly :: Persist tmux environment across system restarts

Nagy Gábor writes in with a tip:
Tmux is great, except when you have to restart the computer. You lose all the running programs, working directories, pane layouts etc. There are helpful management tools out there, but they require initial configuration and continuous updates as your workflow evolves or you start new projects.
Read more...

29 August 2014

Puffy

Undeadly :: BSDNow Episode 052: Reverse Takeover

This week on BSDNow, in addition to the week's BSD-flavored odds and ends, Kris and Allan headline with an interview with Shawn Webb about ASLR and PIE on FreeBSD.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

27 August 2014

Puffy

Undeadly :: Heads Up: Nginx Removed From Base

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } With this commit, Robert Nagy (robert@) removed nginx(8) from base:
Log message:
remove nginx from the base system in favor of OpenBSD's own httpd(8)
Read more...

23 August 2014

Puffy

Undeadly :: Heads Up: BIND Disabled in Base

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

After many years of being the default DNS server, BIND has been disabled in OpenBSD base:

Read more...

22 August 2014

Puffy

Undeadly :: BSDNow Episode 051: Engineering Nginx

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

This week the hosts set up SSL on nginx and an interview about the FreeBSD community and utilisation in the commercial server space, along with the week's BSD-world odds and ends.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

Undeadly :: syslogd(8) Now IPv6-Capable

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

With the penultimate in a series of commits, Alexander Bluhm (bluhm@) has added IPv6 support to syslogd(8):

CVSROOT:	/cvs
Module name:	src
Changes by:	bluhm@cvs.openbsd.org	2014/08/21 11:00:34

Modified files:
	usr.sbin/syslogd: privsep.c syslogd.c 

Log message:
Send and receive UDP syslog packets on the IPv6 socket.
OK henning@

20 August 2014

Puffy

Undeadly :: Google offers 5 EuroBSDCon 2014 travel grants for female computer scientists

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Via the EuroBSDCon 2014 organizers comes the news that Google will be sponsoring 5 female computer scientists to attend the EuroBSDCon 2014 conference. The announcement follows:

Google EMEA Women in Tech Conference and Travel grants for female computer scientists

As part of Google's ongoing commitment to encourage women to excel in computing and technology, Google is pleased to offer Women in Tech Travel and Conference Grants to attend the EuroBSDcon 2014 conference.

5 grants, are offered which include:

  • Free registration for the conference
  • Up to 1000 EUR towards travel costs (to be paid after the conference)

Read more...

19 August 2014

Puffy

Undeadly :: Heads up: rcctl(8) the rc.conf.local management tool landing in base soon

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Antoine Jacoutot (ajacoutot@) has just committed committed a tool for managing rc.conf.local(8), in order to make it simpler for automated management systems such as Puppet or Ansible to interface with the operating system configuration:

CVSROOT:	/cvs
Module name:	src
Changes by:	ajacoutot@cvs.openbsd.org	2014/08/19 08:08:20

Added files:
	usr.sbin/rcctl : Makefile rcctl.8 rcctl.sh 

Log message:
Introduce rcctl(8), a simple utility for maintaining rc.conf.local(8).

# rcctl
usage: rcctl enable|disable|status|action [service [flags [...]]]

Lots of man page improvement from the usual suspects (jmc@ and schwarze@)
not hooked up yet but committing now so work can continue in-tree
agreed by several

18 August 2014

Puffy

Undeadly :: Early bird rates for EuroBSDCon 2014 have been extended

As seen on Twitter, the Early Bird rates have been extended until August 25th. As you can tell, there are quite a few delightful talks and tutorials scheduled. Some of your trustworthy Undeadly Editors have already registered, come join us!

EuroBSDCon 2014 Registration

15 August 2014

Puffy

Undeadly :: BSDNow Episode 050: VPN, My Dear Watson

This week the fellas dish interview Robert Watson of FreeBSD, and present a tutorial for getting OpenVPN working, in addition to the weekly odds and ends of the BSD world.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

10 August 2014

Puffy

Undeadly :: mandoc 1.13.1 Released

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Ingo Schwarze writes in with the news of a new and better mandoc release:

after more than seven months of active development including two hackathons, i have just released mandoc = mdocml 1.13.1 on <http://mdocml.bsd.lv/>.

Read more...

Undeadly :: g2k14: Antoine Jacoutot on GNOME, rc(8) and /etc cleanup

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Antoine Jacoutot writes in with this report from the g2k14 hackathon:

Finally a hackathon where I did not have to spend 90% of my time under ports/x11/gnome \o/ (but of course, I had to cd into it anyway...). Besides some regular tweaks and updates in there, I worked on the gnome.port.mk MODULE to make it more generic and allow non-GNOME ports to benefit from some of its goodies (like xdg triggers and such) without ending up with unneeded build dependencies or things being only relevant to GNOME.
Read more...

08 August 2014

Puffy

Undeadly :: LibreSSL 2.0.5 released

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Brent Cook (bcook@) has announced the release of LibreSSL 2.0.5:

We have released LibreSSL 2.0.5, which should be arriving in the LibreSSL directory of an OpenBSD mirror near you.

This version forward-ports security fixes from OpenSSL 1.0.1i, including fixes for the following CVEs:

CVE-2014-3506
CVE-2014-3507
CVE-2014-3508 (partially vulnerable)
CVE-2014-3509
CVE-2014-3510
CVE-2014-3511

LibreSSL 2.0.4 was not found vulnerable to the following CVEs:

CVE-2014-5139
CVE-2014-3512
CVE-2014-3505

We welcome feedback and support from the community as we continue to work on LibreSSL.

Thank you,

Brent

Undeadly :: BSDNow Episode 049: Episode 049: The PC-BSD Tour

On this week's episode of BSDNow, the gang takes us on a whirlwind tour of the GUI tools for PC-BSD, in addition to the usual weekly roundup of rumours and hearsay!

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

07 August 2014

Puffy

Undeadly :: phessler: emergency g2k14 hackathon

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Longtime Undeadly editor, Peter Hessler (phessler@) writes in:
With the g2k14 hackathon starting on tuesday, I saw the commits and chatter from the hackathon. sadly, my original plan was to stay at work mostly since I am out of vacation days for the year. Thursday morning, I see that not only were a few more hackathon shirts being printed for attendees that wanted more, but also last-minute flights to Ljubljana were actually affordable. I nudged claudio@, who works at the desk next to me "hey, want to go to the hackathon for the weekend?"
Read more...

05 August 2014

Puffy

Undeadly :: OpenBSD product distribution will move

After many years of faithfully serving the OpenBSD community, Austin Hook (austin@) will be retiring from mailing you your delicious Puffy-flavored merch. As such, the old stock (CDs, tshirts, baby mulchers) will become unavailable. Order now before they go extinct!

03 August 2014

Puffy

Undeadly :: g2k14: Christian Weisgerber on Package Building without sudo

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Christian Weisgerber wrote in with this report from g2k14:

I updated the gettext port, of course. What'd you think I'd do at a hackathon?

The most interesting thing I worked on at g2k14 started out with a question: Why exactly do we run the fake step as root? (Hint: FreeBSD's corresponding stage infrastructure does not.)

Read more...

01 August 2014

Puffy

Undeadly :: BSDNow Episode 048: Liberating SSL

On this week's episode, the BSDNow crew gabs about the BSD tribe, continues the recursive Undeadly mentions, interviews LibreSSL portable maintainer Brent Cook (bcook@), and Bob Beck (beck@) writes in to let the hosts know about arc4random-related FreeBSD porting issues.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

31 July 2014

Puffy

Undeadly :: Using ifstated to monitor links and dynamically adjust PF config on event

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Sevan Janiyan writes:

It’s possible to misuse NAT to load balance outbound traffic across multiple internet connections from different service providers,see the Load Balance Outgoing Traffic section of PF FAQ.

The shortfall with this configuration is when implemented alongside unstable links, forwarding will continue to be attempted over the links which are down, this will cause issues such as long hangs for users behind the NAT while connections time out. To mitigate this, ifstated can be used to smooth things over.

Read the rest at geeklan.co.uk, Sevan's blog site.

29 July 2014

Puffy

Undeadly :: Call for Testers: radeondrm(4) updates

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Jonathan Gray (jsg@) posted a call for testers for radeondrm(4) updates:

I'm looking for a few people to test some additional radeondrm fixes from the recently released Linux 3.8.13.27: https://lkml.org/lkml/2014/7/25/621

In particular on newer asics with displayport/eDP as I can only test on r100/lvds at the moment.

Undeadly :: g2k14: Ted Unangst on the Art of the Tedu

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Ted Unangst (tedu@) talks about teduing a goodly amount of code, among other things:

Despite being in the same room as many other LibreSSL developers for the first time (since the beginning of LibreSSL at least), I didn't do too much work on that front. I did remove the compression feature (as made famous by the CRIME attack; not all protocols or deployments are vulnerable, but we're also aiming for a simpler feature set overall) and made a few other cleanups. While it's very helpful to be in the same room as other hackers to exchange ideas, having everyone pounding on the source at the same time is a little troublesome so I elected to stay out of the way.

Read more...

28 July 2014

Puffy

Undeadly :: Ingo Schwarze Interviewed on BSDTalk

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

The latest episode of BSDTalk involves our very own Ingo Schwarze (schwarze@):

bsdtalk243 - mandoc with Ingo Schwarze

Interview about mandoc with Ingo Schwarze. The project webpage describes mandoc as "a suite of tools compiling mdoc, the roff macro language of choice for BSD manual pages, and man, the predominant historical language for UNIX manuals."

Recorded at BSDCan 2014.

25 July 2014

Puffy

Undeadly :: BSDNow Episode 047: DES Challenge IV

On this week's episode, BSDNow interviews FreeBSD Security Officer Dag-Erling Smørgrav, links back to Undeadly g2k14 hackathon reports, and discusses the week's BSD news and hearsay.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

24 July 2014

Puffy

Undeadly :: g2k14: Landry Breuil on Taming Mozilla

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

As is now an habit, i had made zero plans for this hackathon, i had some unfinished stuff lying around, and no real big task ahead. Firefox 31 betas were already working for me, and only needed actual testing.

Read more...

Undeadly :: Minimalist HTTP Daemon Activated in Base

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Reyk Flöter (reyk@) recently committed the rc(8) glue to make his forked-from-relayd http server usable:

CVSROOT:	/cvs
Module name:	src
Changes by:	reyk@cvs.openbsd.org	2014/07/22 11:37:16

Modified files:
	usr.sbin       : Makefile 
	etc            : Makefile changelist rc.conf 
Added files:
	etc/rc.d       : httpd 

Log message:
Enable httpd(8) in the builds to get more testing, feedback and
improvements.  It is not "finished" but serves static files.

ok deraadt@
Read more...

Undeadly :: Interview: Brent Cook Talks About Porting LibreSSL

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Undeadly was able to get a few minutes of time with Brent Cook (bcook@), who worked on the official LibreSSL port:

Undeadly: Tell us about yourself; who are you, and how did you get involved with the LibreSSL porting effort?

bcook@: My name is Brent Cook. I'm a generalist programmer by day, mostly working on low-level system stuff. I'm also a code performance junky, and I also play piano and saxophone, gigging occasionally around Austin, TX.

Read more...

23 July 2014

Puffy

Undeadly :: g2k14: Matthieu Herrb on Bringing X Forward

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Matthieu Herrb (matthieu@), who is the mad Frenchman who maintains Xenocara, writes in to share his g2k14 experience:

My main projects (multitouch, dhcpv6) didn't make any progress as I was distracted into X sets tweaks at the request of a few other hackers.

Read more...

22 July 2014

Puffy

Undeadly :: LibreSSL 2.0.3 Released

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Bob Beck (beck@) has announced the release of LibreSSL 2.0.3:

We have released an update, LibreSSL 2.0.3 - which should
be arriving in the LibreSSL directory of an OpenBSD mirror near
you very soon. 
                                                                                
This release includes a number of portability fixes based on the
the feedback we have received from the community. It also includes
some improvements to the fork detection support. 
                                                                                
As noted before, we welcome feedback from the broader community.                
                                                                                
Enjoy,                                                                          
                                                                                
-Bob 

21 July 2014

Puffy

Undeadly :: g2k14: Ken Westerback on DHCP and dump(8)

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }
Having missed Ljubljana 1, I looked forward to Ljubljana 2 with great expectations. I was not disappointed! Mitja ran a great hackathon with a nice site and an excellent city around it.
Read more...

Undeadly :: g2k14: Stefan Sperling on wireless drivers

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }
I spent most of this hackathon looking at problems in wifi drivers.

I wasn't exactly sure in advance which problems I wanted to work on. So I packed a bunch of hardware, including several USB wifi adapters, (rsu(4), 2x run(4), rum(4), urtwn(4), zyd(4)), some miniPCIe cards (an unsupported cousin of urtwn(4) named Realtek 8188CE, unsupported athn(4) AR9485, bwi(4)), two laptops, and an access point. This left me with more than enough toys for a week.
Read more...

Undeadly :: g2k14: Florian Obser in IPv6 land

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }
I arrived in Ljubljana somewhat tired so I started the first day off with some light ping(8) and ping6(8) hacking. Some unifdef(1) application for
#ifdef FEATURE_THAT_EXISTS_SINCE_FOREVER_BUT_MAYBE_WE_DONT_HAVE_IT and some cleanup by hand. The idea is to have ping(8) and ping6(8) be the same binary like traceroute(8) and traceroute6(8).
Read more...

Undeadly :: g2k14: Ingo Schwarze on manly stuff

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }
In the week right before the hackathon, I have done quite a bit of work cleaning up mandoc(1) warning and error messages. The goal is to provide more, more precise, and more readily understandable information to the user, in particular mentioning in the messages which section titles, macro names, and arguments each individual message is related to, and which workaround or fallback mandoc(1) has chosen, if any.
Read more...

19 July 2014

Puffy

Undeadly :: g2k14: Sebastian Benoit on chasing down annoyances

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0; pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Sebastian Benoit (benno@) lets us know what he did to make his life easier at g2k14:

For me the hackathon started before arriving in Ljubljana. On my trip I noticed that there was something wrong with my ssh connections: some did not work. So I started debugging in Munich Airport and the result was a quick fix for a recent bug in ssh-add.

Read more...

Undeadly :: g2k14: Jasper Lievisse Adriaanse on bootloader hacking

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

This hackathon started out for me with my usual routine of fixing some bugs in Puppet, add more facts to Facter and dig into pkg-config.

Read more...

Undeadly :: g2k14: Jonathan Gray on driver improvements for X

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Jonathan Gray (jsg@) writes in to let us know why he spent 30 hours in coach to be with us:

One of the first things I did at g2k14 was import the Mesa update I've been working on for some time now. I've been tracking the Mesa git for a few months and submitting patches to reduce the amount of pain involved and given the local diff isn't too large anymore it seemed like a decent time to update. Shortly before the hackathon I ran into a problem getting Mesa to build on i386 however. It turns out there is an i386 only codepath that does a sysctl to check if SSE is enabled. This turned out to be a problem because sysctl.h pulls in uvm_extern.h which then pulls in a bunch of kernel headers including mutex.h which meant that Mesa's mtx_init() collided with the kernel's mtx_init(). Theo spent some time cleaning up the sysctl and uvm headers so they wouldn't include anywhere near as many definitions, and that work had already been committed when I arrived at the hackathon.

Read more...

18 July 2014

Puffy

Undeadly :: g2k14: Paul Irofti on the long road to octhci(4)

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

I came to the hackathon with a single goal: working on the driver for the USB host controller interface found on the octeon machines.

Read more...

Undeadly :: BSDNow Episode 046: Network Iodometry

In this week's episode of BSDNow, they interview Brian Drury of FreeBSD, talk about Allan Jude's trip to Cambridge on BSD grounds, and teach you how to DNS your way out of a restrictive network.

[ MP3 | OGG | Video | HD Video | HD Torrent Feed ]

Undeadly :: g2k14: Brent Cook on the portable LibreSSL

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } A new developer with the OpenBSD project, Brent Cook (bcook@) writes in:

As unusual as it sounds for someone working with the OpenBSD project, I'm not primarily an OpenBSD user. I actually use a Mac and Linux equally, and even do fair amount of Windows development. Some might say my involvement was more of a survival of the fittest.

Read more...

Undeadly :: g2k14: Miod Vallat on LibreSSL

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Long time listener, many time caller, Miod Vallat (miod@) writes in:

There are two kinds of hackathons.

Those were you pack your headphones, and don't use them. And those where you forget to pack them, and wish you hadn't.

As a veteran hackathon attendee, I packed my headphones, of course. And I was more than happy to keep them packed, as the pace of the hackathon was so hectic it was better to relax by talking to people than to relax by listening to music.

Read more...

15 July 2014

Puffy

Undeadly :: g2k14: Theo de Raadt on security and configurations

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } OpenBSD project leader Theo de Raadt (deraadt@) writes in from g2k14:

In the two weeks leading up to Slovenia I worked with Bob Beck on the replacement functions that would be needed to emulate getentropy(2). During the start of the hackathon there was a final bit of work to ensure Bob and Brent Cook were on their way with that.
Read more...

Undeadly :: g2k14: Martin Pelikan on ext4, filesystems in general

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Martin Pelikan writes in with this report from g2k14:

My initial plan was to bring our base to a state where LLVM's libcpp could be compiled, giving us C++11 support. After I read up on the latest POSIX locale additions, other developers made it clear that more library version cranks will be necessary in order not to break ports. After the first diff was ready, I set up a base system build to check if it breaks. And then my life has changed...

Read more...

Undeadly :: g2k14: World of KDE4, Vadim Zhukov (zhuk@)

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Hot on the heels of a successful hackathon, Vadim Zhukov (zhuk@) wrote in with this report on his efforts:

I came to hackathon with a short but heavy TODO list:

1. Finish KDE 4.13.2 and prepare 4.13.3 (official announce to be done Jul 15);
2. Import at least some stuff from semi-official openbsd-wip ports repository to official CVS;
3. Fix the long-standing issue with kded4 constantly eating CPU;
4. Continue hacking on Samba 4.x;
5. Enable ext2fs in RAMDISK_CD for amd64.
6. Put in CVS some stuff under ports/infrastructure/ I've developed for last months.
7. Put in CVS the man-pages-posix port.

Read more...

14 July 2014

Puffy

Undeadly :: g2k14: Marc Espie on ports and packages

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } Yet another report from the recently completed g2k14 hackathon, this time from Marc Espie (espie@) who writes

First time in Slovenia. Took a few hours off to see the city, managing to escape the thunderstorms. Somewhat interesting mix, never seen that mixture of eastern european, southern europe, and tourist places.
Read more...

Undeadly :: g2k14: Henning Brauer on IPv6, bpf, vlan surgery

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Our second g2k14 report comes from Henning Brauer (henning@), who writes:

g2k14 has been weird: I, for the most part, wrote IPv6 code. No, that doesn't mean I'd suddenly think inet6 is any good. But let's start from the beginning.

Read more...

13 July 2014

Puffy

Undeadly :: g2k14: Bob Beck on LibReSSL

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Bob Beck (beck@) was the first developer to submit a report from the just concluded g2k14 hackathon:

Well, this was certainly not the hackathon I would have predicted several months ago for me. Had you asked me in January what I'd be doing here it would have been wading into uvm, kernel lock, buffer cache, and other such things in the kernel.

Then LibreSSL happened.

Read more...

Undeadly :: Second Release of LibreSSL Portable Available

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Bob Beck (beck@) announced the second release of LibreSSL-portable:

We have released an update, LibreSSL 2.0.1

This release includes a number of portability fixes based on the
initial feedback we have received from the community.  This includes
among other things two new configure options to set OPENSSLDIR and
ENGINESDIR. We have removed a few hardcoded compiler options that
were problematic on some systems as well as -Werror. We have also
re-synced with the latest OpenBSD sources as a number of issues
were fixed upstream. This release also includes pkg-config support.

As noted before, we welcome feedback from the broader community.

Enjoy,
-Bob
Bob also writes:
Also starting with this release the directory includes SHA256
signatures which are signed using signify.

The signify public key for libressl is:

untrusted comment: LibreSSL Portable public key
RWQg/nutTVqCUVUw8OhyHt9n51IC8mdQRd1b93dOyVrwtIXmMI+dtGFe   

11 July 2014

Puffy

Undeadly :: First Release of LibreSSL Portable Available

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Bob Beck (beck@) announced the release of LibreSSL-portable:

The first release of LibreSSL portable has been released. LibreSSL
can be found in the LibreSSL directory of your favorite OpenBSD mirror.

http://ftp.openbsd.org/pub/OpenBSD/LibreSSL has it, and other mirrors
will soon.

libressl-2.0.0.tar.gz has been tested to build on various versions of
Linux, Solaris, Mac OSX, and FreeBSD.

This is intended as an initial release to allow the community to start
using and providing feedback. We will be adding support for
other platforms as time and resources permit.

As always, donations (http://www.openbsdfoundation.org/donations.html)
are appreciated to assist in our efforts.

Enjoy,

-Bob

09 July 2014

Puffy

Undeadly :: g2k14 headsup: relayd(8) filtering language changed

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } From the in-progress g2k14 hackathon in Ljubljana, Slovenia comes early news of what we'll see in upcoming OpenBSD releases. The relayd(8) filtering language has been replaced, with a more readable and flexible grammar inspired by pf(4).

The commit by Reyk Floeter (reyk@) has a CVS log message that reads:

Read more...

01 July 2014

Puffy

Undeadly :: BSDNow Episode 043: Package Design

BSDNow interviews OpenBSD's own Marc Espie about his work on the ports and package system.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube | Show Notes ]

18 June 2014

Puffy

Undeadly :: PF Tutorial Rolls Past 200,000 Unique Visitors

As you may have heard via Twitter, the PF tutorial by Peter N. M. Hansteen -- a BSD conferences favorite and the predecessor of The Book of PF (with the third edition soon to be in "early access" availability) -- just saw its 200,000th unique visitor and has had somewhat in excess of 3 million page views.

Author Peter Hansteen comments, "It's good to see that the thing is still widely read and referenced. I'll keep working on that and the book for as long at is makes sense.", and continues, "But please do remember that I would have had noting to write about without a vital OpenBSD project producing high quality stuff. Please remember to not just buy the book, but also donate to the project to help keep it running."

You heard the man, now go ahead, read and donate!

13 June 2014

Puffy

Undeadly :: BSDNow Episode 041: Commit This Bit

The folks at BSDNow interview Benedict Reuschling of FreeBSD and provide their take on the week's BSD news.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

05 June 2014

Puffy

Undeadly :: sendmail(8) Patch In -stable Fixes Local Snooping Vulnerability

For those of you who are still using sendmail(8) on OpenBSD 5.4 or 5.5, it's patch and update time.

The vulnerability known as CVE-2014-3956 could allow local users to interfere with open SMTP connections, and it is strongly advised that any sendmail users out there patch their systems without undue delay.

Patches are available for OpenBSD 5.4 and OpenBSD 5.5 as patch 011 and patch 007 respectively.

It is worth noting that from OpenBSD 5.6 onwards (to be released November 1st, 2014), OpenSD's own OpenSMTPD will be the default MTA.

03 June 2014

Puffy

Undeadly :: Call for Testing: ld.so Malloc Improvements

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

Otto Moerbeek (otto@) continues his mastery of all things memory allocation, extending some of the libc malloc features to ld.so(1):

ld.so has a very basic malloc. This diff changes it to use a (somewhat stripped) libc malloc with all the randomization and other goodness.

Read more...

30 May 2014

Puffy

Undeadly :: BSDNow Episode 039: The Friendly Sandbox

In this week's episode of BSDNow, the fellas interview John Anderson about capsicum sandboxing, present a tutorial about securing DNS lookups, and go over the weeks' news and events.

[ Video | HD Video | MP3 Audio | OGG Audio | Torrent ]

27 May 2014

Puffy

Undeadly :: Theo de Raadt and Bob Beck to Present at the Calgary UUG

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; }

A bit late ourselves on a late announcement, but Theo de Raadt (deraadt@) and Bob Beck (beck@) will be giving a presentation in Calgary:

I'm sorry for the late public announcement...

Tomorrow (Tuesday) Bob Beck will be hurtling down the Highway from Edmonton to Calgary.

Then in the evening, he and I will present at the local calgary unix group meeting about recent changes in LibreSSL, OpenBSD, and how the OpenBSD Foundation fits into this.

http://www.cuug.ab.ca/

Anyone in the area who is able to attend probably should.

26 May 2014

Puffy

Undeadly :: Preventing the next Heartbleed

An Anonymous Coward writes in to tell us about sightings of secrets-related privsep in the wild:

The developer known by the pseudonym insane coder, who authored the popular pro-LibreSSL review LibreSSL: The good and the bad, has presented a solution for preventing common coding mistakes resulting in another Heartbleed:

To protect against exploiting such bugs, one should ensure that buffer overflows do not have access to memory containing private data. The memory containing private keys and similar kinds of data should be protected, meaning nothing should be allowed to read from them, not even the web server itself.

He then talks about using memory protection and process separation to isolate a server's private keys from anything which can be exploited to send them over the network.

This technique has already been utilized in an stunnel-like server, and it remains to be seen when others will follow.

Thanks for the tip, Anonymous Coward!

Astute readers will note that this technique has already been utilized in relayd(8) and smtpd(8).

Undeadly :: 5.5 Errata #006: X Font Service Protocol Erratum

td>p,td>ul,td>blockquote,td>font {margin-left:0.5ex;} a:visited {color:#303030!important;} p {margin-top:1ex;margin-bottom:0;} blockquote>p:first-child {margin-top:0;} blockquote>p:last-child {margin-bottom:0;} blockquote { background-color:#e0e0e0; padding:0.5ex 0.5ex 0.5ex 0.5ex; margin:0 0 0 3ex !important; } p+ul,p>ul {margin:0.5ex 0 0 0;} pre {margin:0;} tt {background-color:#f0f0f0; padding:0px; font-weight:500;} .bqcode { background-color: #ffffff; border:1px solid #999; padding: 0px; padding-left: 1em; } As described in an email from Errata-meister Tedu on OpenBSD-Announce, from http://www.openbsd.org/errata55.html:

X Font Service Protocol & Font metadata file handling issues in libXfont
    CVE-2014-0209: integer overflow of allocations in font metadata file parsing
    CVE-2014-0210: unvalidated length fields when parsing xfs protocol replies
    CVE-2014-0211: integer overflows calculating memory needs for xfs replies

Please see the advisory for more information.
http://lists.x.org/archives/xorg-announce/2014-May/002431.html
Check out the build details after the break. Read more...