Re: signify shrink

2014-01-07 Thread Ted Unangst
Now with even more shrinkify. The largest object file in signify is the ge25519.o because of a quite large table of constants. We don't need this table for any of the computations used for verification. A VERIFYONLY build of signify is then much, much smaller. This adds modified ed25519.c and ge

Re: Install log from OpenBSD Automatic Installation

2014-01-07 Thread Theo de Raadt
> Am 08-01-2014 02:50, schrieb Theo de Raadt: > > > >> I have of course some questions after the successful installation. > >> > >> 1.) How can I custom the disk layout? > > > > At the moment, you cannot. I have asked Alexander and Uwe to look at > > a clever way of solving this problem, but it

Re: Install log from OpenBSD Automatic Installation

2014-01-07 Thread Aleksandar Lazic
Am 08-01-2014 02:50, schrieb Theo de Raadt: I have of course some questions after the successful installation. 1.) How can I custom the disk layout? At the moment, you cannot. I have asked Alexander and Uwe to look at a clever way of solving this problem, but it will take some time. Than

Re: Install log from OpenBSD Automatic Installation

2014-01-07 Thread Theo de Raadt
> Due to the fact that this is my first post to this list I kindly ask > what the preferred way on this list is to send the install log. We are not really interested in the install log. We are more interested to find out if the procedure pleases people. This is the time in the development chang

Install log from OpenBSD Automatic Installation

2014-01-07 Thread Aleksandar Lazic
Hi dear list members. Today I have read the post http://undeadly.org/cgi?action=article&sid=20140106055302 Call For Testing Of OpenBSD Automatic Installation on http://undeadly.org/ Due to the fact that this is my first post to this list I kindly ask what the preferred way on this list is t

Re: Add Intel Centrino Wireless-N 2230 support in iwn(4)

2014-01-07 Thread Fabian Raetz
On Tue, Jan 07, 2014 at 12:08:02PM +0100, Martin Pieuchot wrote: > On 03/01/14(Fri) 14:24, Fabian Raetz wrote: > > Hi tech@, > > > > here is an updated patch. > > > > it seems like Intel Centrino Wireless-N 2030 and > > Intel Centrino Wireless-N 2230 have the same pciids... > > > > this makes pa

signify shrink

2014-01-07 Thread Ted Unangst
signify contains some substantial duplication of existing libc code, picked up via nacl. we can provide a thin api wrapper around our own code to make it smaller. this only affects signify for now, not ssh. Index: Makefile === RCS fi

Re: signify untrusted comments

2014-01-07 Thread Marc Espie
On Tue, Jan 07, 2014 at 01:17:12PM -0500, Ted Unangst wrote: > On Tue, Jan 07, 2014 at 16:54, Christian Weisgerber wrote: > > Ted Unangst wrote: > > > >> To that end, I think the comment should be marked as untrusted, and > >> signify should even check that it says untrusted. Hopefully this makes

Re: signify untrusted comments

2014-01-07 Thread Ted Unangst
On Tue, Jan 07, 2014 at 16:54, Christian Weisgerber wrote: > Ted Unangst wrote: > >> To that end, I think the comment should be marked as untrusted, and >> signify should even check that it says untrusted. Hopefully this makes >> it a little harder to con somebody into believing the comment actua

Re: signify untrusted comments

2014-01-07 Thread Marc Espie
On Tue, Jan 07, 2014 at 04:54:59PM +, Christian Weisgerber wrote: > > (I'm also open to reconsidering whether keys should include > > identifiers. Perhaps a random id created during key generation? Just > > enough to say "you're using the wrong key.") > > I'm in favor. Yeah, looks like a good

Re: signify untrusted comments

2014-01-07 Thread Christian Weisgerber
Ted Unangst wrote: > To that end, I think the comment should be marked as untrusted, and > signify should even check that it says untrusted. Hopefully this makes > it a little harder to con somebody into believing the comment actually > should be trusted. I think somebody who can be conned into

signify untrusted comments

2014-01-07 Thread Ted Unangst
A little background: Among the many ways a signature can fail to verify is the user trying to verify with the wrong public key. In a setup like signify where users may be expected (required) at times to specify the public key, I expect this to be one of the leading failure modes. (Somewhere on this

mail(1): new ~i to ignore message headers unconditionally

2014-01-07 Thread Sunil Nimmagadda
There isn't a way to reply to a message without pulling in message headers as part of the body. This diff introduces a new tilde escape to ignore all the message headers regardless of ignore, retain commands. Comments? Index: collect.c =

Re: Use per-interface list in IFP_TO_IA()

2014-01-07 Thread Mike Belopuhov
On 7 January 2014 11:31, Martin Pieuchot wrote: > Now that joining an IPv4 multicast group does not require a > pre-configured address, we can safely convert this macro to > iterate over the local list of addresses. > > I already got oks from bluhm@ and henning@ in the past, but > this diff was br

Use per-interface list in IFP_TO_IA()

2014-01-07 Thread Martin Pieuchot
Now that joining an IPv4 multicast group does not require a pre-configured address, we can safely convert this macro to iterate over the local list of addresses. I already got oks from bluhm@ and henning@ in the past, but this diff was breaking some carp setups, so I appreciate any new tests and o

Patch for FTDI FT-X USB devices

2014-01-07 Thread Chris Hettrick
Hi tech@ This adds support for the new FTDI FT-X series serial chips. They are USB serial to I2C, SPI, etc bridge chips and attach as ucom. Tested with an FT201X on macppc and i386, but should also work for the FT200XD, FT220X, FT221X, FT230X, FT231X, FT234XD, and FT240X. They all have the same V