OK florian@
On Mon, Oct 15, 2018 at 12:38:56AM -0600, Anthony J. Bentley wrote:
> Florian Obser writes:
> > On Sun, Oct 14, 2018 at 07:36:18PM -0600, Anthony J. Bentley wrote:
> > > Hi,
> > >
> > > RFC 6797 says:
> > >
> > >An HSTS Host MUST NOT include the STS header field in HTTP responses
Florian Obser writes:
> On Sun, Oct 14, 2018 at 07:36:18PM -0600, Anthony J. Bentley wrote:
> > Hi,
> >
> > RFC 6797 says:
> >
> >An HSTS Host MUST NOT include the STS header field in HTTP responses
> >conveyed over non-secure transport.
> >
> > Is this the correct check? With this I get
Neeraj Pal(neerajpa...@gmail.com) on 2018.10.15 10:36:16 +0530:
> Hi there,
>
> Yesterday I installed OpenBSD 6.3-stable then upgraded it to OpenBSD
> -current by downloading and copying bsd.rd file into /
> Then, after that, I am trying to update the userland but it is
> throwing an error but it
On Mon, Oct 15, 2018 at 07:33:52AM +0200, Bruno Flueckiger wrote:
> On 14.10.18 19:36, Anthony J. Bentley wrote:
> > Hi,
> >
> > RFC 6797 says:
> >
> >An HSTS Host MUST NOT include the STS header field in HTTP responses
> >conveyed over non-secure transport.
> >
> > Is this the correct c
On Sun, Oct 14, 2018 at 07:36:18PM -0600, Anthony J. Bentley wrote:
> Hi,
>
> RFC 6797 says:
>
>An HSTS Host MUST NOT include the STS header field in HTTP responses
>conveyed over non-secure transport.
>
> Is this the correct check? With this I get what I expect: HSTS headers
please use
Bruno Flueckiger writes:
> If you don't want to send HSTS headers then don't set the option hsts in
> httpd.conf(5). Why would you provide an option for the admin to choose
> but restrict it to only encrypted connections?
Because it's possible to specify both "listen on * tls port 443" and
"liste
On 14.10.18 19:36, Anthony J. Bentley wrote:
> Hi,
>
> RFC 6797 says:
>
>An HSTS Host MUST NOT include the STS header field in HTTP responses
>conveyed over non-secure transport.
>
> Is this the correct check? With this I get what I expect: HSTS headers
> over TLS, and no HSTS headers ov
Hi there,
Yesterday I installed OpenBSD 6.3-stable then upgraded it to OpenBSD
-current by downloading and copying bsd.rd file into /
Then, after that, I am trying to update the userland but it is
throwing an error but it was working fine previously like one or two
days before because I have done
On Sat, 13 Oct 2018 21:16:10 -0600, "Todd C. Miller" wrote:
> I think it is safest to use user_from_uid, uid_from_user, group_from_gid
> and gid_from_group in all places where the return value of getpw*
> and getgr* is unused.
Updated diff that adds wrapper functions for improved readability.
It'
Hi,
RFC 6797 says:
An HSTS Host MUST NOT include the STS header field in HTTP responses
conveyed over non-secure transport.
Is this the correct check? With this I get what I expect: HSTS headers
over TLS, and no HSTS headers over unencrypted HTTP.
Index: server_fcgi.c
Hi,
When the "a" designated sender mechanism is used in an spf txt record,
both v4 and v6 addresses are matched according to [1], so let `smtpctl
spf walk` resolve both A and records.
Current output:
$ echo netsend.nl | smtpctl spf walk
80.127.135.115
80.127.98.234
Expected output:
$ ec
Now that I'm running OpenBSD 6.4 (GENERIC.MP) #362: Thu Oct 11 04:53:41 MDT
2018, I can start debugging again. I just observed an interesting tidbit
which I failed to notice before. Namely, there are also hanging vmctl
processes trying to stop those spinning VMs. So, I tried to reproduce this
mysel
Klemens Nanni(k...@openbsd.org) on 2018.10.14 21:23:30 +0200:
> These were left behind in
>
> revision 1.225
> date: 2018/04/11 16:03:58; author: zhuk; state: Exp; lines: +4 -4;
> commitid: 3LTLgJehHSWyW63G;
> Two fixes in ping:
>
> 1. Stop telling our PID to th
These were left behind in
revision 1.225
date: 2018/04/11 16:03:58; author: zhuk; state: Exp; lines: +4 -4;
commitid: 3LTLgJehHSWyW63G;
Two fixes in ping:
1. Stop telling our PID to the world: the ident values could overlap
anyway since PID
David Gwynne(da...@gwynne.id.au) on 2018.10.14 07:59:21 +1000:
> pretty straightforward...
>
> ok?
ok
> Index: if_gre.c
> ===
> RCS file: /cvs/src/sys/net/if_gre.c,v
> retrieving revision 1.124
> diff -u -p -r1.124 if_gre.c
> --- i
On Sun, Oct 14, 2018 at 11:00:38AM +0200, Florian Obser wrote:
> I went through the tree and found these uneeded checks.
> They are unneeded because either:
>
> - we are asking getaddrinfo for a specific AF and shove the result
> into the right sized sockaddr_in{,6}
> - we are asking for AF_UNSP
Hello Rivo,
Im not sure what benefit if any this would be,
I have seen both tagged and untagged frames on ports in"general" mode
would it not be better to have the priority set on the DSCP / TOS
ie determining the priority against a field that you know exists...as opposed
as opposed to making pri
I went through the tree and found these uneeded checks.
They are unneeded because either:
- we are asking getaddrinfo for a specific AF and shove the result
into the right sized sockaddr_in{,6}
- we are asking for AF_UNSPEC and switch on the returned ai_family
- we stuff the result into sockaddr
On Sat, Oct 13, 2018 at 08:29:34PM +0200, Klemens Nanni wrote:
> After calling getaddrinfo(3) we check the size of the returned socket
> address to match for AF-specific cases, but I fail to see how this is
> even possible.
>
> `hints.ai_family' is set appropiately and `res->ai_family' is checked,
19 matches
Mail list logo
