On Mon, Nov 11 2019, Stuart Henderson wrote:
> On 2019/11/11 18:07, Jeremie Courreges-Anglas wrote:
>>
>> More and more people seem to reject HTTP/1.0 clients, to avoid log spam,
>> vulnerability scanners, etc. Some MASTER_SITES in ports started doing
>> this (eg https://download.samba.org).
>>
Renaud Allard wrote:
> +.It Fl d Ar directory
> +Choose the
> +.Ar directory
> +in which the sets will be downloaded.
> +Default is
> +.Pa /home/_sysupgrade .
...
> + d) SETSDIR=${OPTARG};;
...
> -rm -f /home/_sysupgrade/{${CLEAN}}
> +rm -f ${SETSDIR}/{${CLEAN}}
Renaud, please test
On Tue, Nov 12, 2019 at 08:06:52AM +0100, Renaud Allard wrote:
>
>
> On 09/11/2019 12:52, Klemens Nanni wrote:
> > On Fri, Nov 08, 2019 at 11:59:20AM +, Stuart Henderson wrote:
> >>> Given the amount of people which encrypt /home directory on their servers,
> >>> it might be useful to be able
On 09/11/2019 12:52, Klemens Nanni wrote:
On Fri, Nov 08, 2019 at 11:59:20AM +, Stuart Henderson wrote:
Given the amount of people which encrypt /home directory on their servers,
it might be useful to be able to define another directory for the sets in
sysupgrade as /home_sysupgrade will n
On Mon, Nov 11, 2019 at 06:33:39PM +0200, Stefan Sperling wrote:
>
> On Mon, Nov 11, 2019 at 10:19:12AM +0800, Kevin Lo wrote:
> > On Sat, Nov 09, 2019 at 01:01:39PM +0200, Stefan Sperling wrote:
> > >
> > > This diff makes 3168 devices actually work with iwm(4).
> > > These devices have never wo
On 2019/11/11 18:07, Jeremie Courreges-Anglas wrote:
>
> More and more people seem to reject HTTP/1.0 clients, to avoid log spam,
> vulnerability scanners, etc. Some MASTER_SITES in ports started doing
> this (eg https://download.samba.org).
>
> The diff below implements HTTP/1.1 support in ftp(
On Mon, Nov 11, 2019 at 03:34:03PM +0100, Tobias Heider wrote:
> Currently iked does not provide an option to configure extended sequence
> numbers
> (ESN) for child SAs, but always proposes/accepts both options.
> This diff adds a new optional "esn on/off" config option to explicitly enable
> or
On Sun, Nov 10, 2019 at 05:03:02PM -0700, Theo de Raadt wrote:
> The ntpd options -s and -S are going to be removed soon and at startup
> with print:
>
> -s option no longer works and will be removed soon.
> Please reconfigure to use constraints or trusted servers.
>
> Probably after 6.7
Hello,
the change looks OK to me.
thanks and
regards
sashan
With IKEv2 message fragmentation a message is split into several fragments,
which all have the same sequence number. In the original commit this was
handled with an explicit exception to accept the same sequence number as
before, in case the number of stored fragments is not 0.
Another recent fix
Hello,
On Mon, Nov 11, 2019 at 04:48:43PM +0100, Martin Pieuchot wrote:
> On 11/11/19(Mon) 12:07, Alexandr Nedvedicky wrote:
> > Hello,
> >
> >
> > On Sun, Nov 10, 2019 at 04:11:55PM +0100, Martin Pieuchot wrote:
> > > rw_assert_unlocked(9) should check if the current thread is holding
> > > the
On Mon, Nov 11, 2019 at 10:19:12AM +0800, Kevin Lo wrote:
> On Sat, Nov 09, 2019 at 01:01:39PM +0200, Stefan Sperling wrote:
> >
> > This diff makes 3168 devices actually work with iwm(4).
> > These devices have never worked right since the driver just threw
> > errors when trying to load firmware
More and more people seem to reject HTTP/1.0 clients, to avoid log spam,
vulnerability scanners, etc. Some MASTER_SITES in ports started doing
this (eg https://download.samba.org).
The diff below implements HTTP/1.1 support in ftp(1). The main concern
is the "chunked" Transfer-Encoding (mandat
On 11/11/19(Mon) 12:07, Alexandr Nedvedicky wrote:
> Hello,
>
>
> On Sun, Nov 10, 2019 at 04:11:55PM +0100, Martin Pieuchot wrote:
> > rw_assert_unlocked(9) should check if the current thread is holding
> > the lock, not if the lock is held by anyone else. The general check
> > is racy and I can
Sure, I have a crypto device that only supports SAs with ESN.
For it to be used I have to force iked to only negotiate SAs with ESP support.
Another one is high-speed network cards:
Accepting a policy with ESN disabled can throttle my throughput because it
exhausts the sequence number space forcing
On Mon, 11 Nov 2019 at 16:08, Tobias Heider wrote:
> Hi Mike,
>
> the default behaviour is the same as before. I ran into cases where it is
> necessary for me to enforce ESN to be enabled/disabled, which is not
> possible
> currently.
>
Can you please describe those cases where you had to enforc
Hi Mike,
the default behaviour is the same as before. I ran into cases where it is
necessary for me to enforce ESN to be enabled/disabled, which is not possible
currently.
On Mon, Nov 11, 2019 at 04:01:32PM +0100, Mike Belopuhov wrote:
> On Mon, 11 Nov 2019 at 15:47, Tobias Heider wrote:
>
> >
On Mon, 11 Nov 2019 at 15:47, Tobias Heider wrote:
> Currently iked does not provide an option to configure extended sequence
> numbers
> (ESN) for child SAs, but always proposes/accepts both options.
> This diff adds a new optional "esn on/off" config option to explicitly
> enable
> or disable e
Currently iked does not provide an option to configure extended sequence numbers
(ESN) for child SAs, but always proposes/accepts both options.
This diff adds a new optional "esn on/off" config option to explicitly enable
or disable esn.
ok?
Index: iked.conf.5
Hi Ben,
To my best awareness, Power9 support is underway. No idea about date.
Maybe usable in 4-12mo?
Joseph
On Wednesday, 6 November 2019 12:49, Ben Crowhurst
wrote:
> I've seen a few threads discussing OpenBSD on IBM Power Systems.
> http://openbsd-archive.7691.n7.nabble.com/What-about-the-
Hello,
On Sun, Nov 10, 2019 at 04:11:55PM +0100, Martin Pieuchot wrote:
> rw_assert_unlocked(9) should check if the current thread is holding
> the lock, not if the lock is held by anyone else. The general check
> is racy and I cannot think of any safe way to use it.
looks ok. just one nit,
Since that time various people tried various things -- for reference see
ppc@
but personally most closest thing of running OpenBSD on POWER I've seen
so far was OpenBSD in amd64/qemu which was kind of PITA performance
wise. OpenBSD/macppc is not working in qemu at all and although
netbsd/macp
22 matches
Mail list logo
