relayd(8) TLSv1.3 diff

Dear all, After compiling/upgrading to the latest source with TLSv1.3 server code enabled, I've got Firefox SSL_ERROR_RX_MALFORMED_SERVER_HELLO when tried to access http serviced by relayd. Please find the diff for relayd(8) attached. Qualys SSL report for the box: https://www.ssllabs.com/ssltest

Re: calendars typo

On Tue, May 12, 2020 at 10:07:43PM +0200, f.holop wrote: > A very minor typo: > fixed, thanks. jmc > > diff --git usr.bin/calendar/calendars/calendar.music > usr.bin/calendar/calendars/calendar.music > index e05c1b023..2118a658f 100644 > --- usr.bin/calendar/calendars/calendar.music > +++ usr.

calendars typo

A very minor typo: diff --git usr.bin/calendar/calendars/calendar.music usr.bin/calendar/calendars/calendar.music index e05c1b023..2118a658f 100644 --- usr.bin/calendar/calendars/calendar.music +++ usr.bin/calendar/calendars/calendar.music @@ -199,7 +199,7 @@ 05/11 Max Reger dies in Leipzig, G

Donation of Power PC Based boards RB800 I have 5x if they are any use for training / testing

Hello does any OpenBSD Developer want some Power PC SBC the specs Product code RB800 CPU MPC8533EVTALF CPU core count 1 CPU nominal frequency800 MHz RAM 256MB onboard NAND stora

Re: WireGuard patchset for OpenBSD

Hi Matt, Matt Dunwoodie wrote on Wed, May 13, 2020 at 01:56:51AM +1000: > On Tue, 12 May 2020 17:36:15 +0200 > Ingo Schwarze wrote: >> I feel somewhat concerned that you recommend the openssl(1) command >> for production use. As far as i understand, the LibreSSL developers >> consider openssl(1

Re: WireGuard patchset for OpenBSD

Hi Matt, again, documentation is not critical for the initial commit, but why not provide feedback right away. As we already have an ifconfig(8) manual page, i decided to simply send an updated version of the ifconfig.8 part of the diff because sending around diffs of diffs feels awkward, and you

Re: WireGuard patchset for OpenBSD

On Tue, 12 May 2020 17:36:15 +0200 Ingo Schwarze wrote: > Hi Matt, > > thanks for doing all this work. Note that i cannot provide feedback > on the code or concepts, and also note that when the code is ready, > a developer can commit it even if there are still issues to sort out > with the docu

Re: WireGuard patchset for OpenBSD

Hi Matt, thanks for doing all this work. Note that i cannot provide feedback on the code or concepts, and also note that when the code is ready, a developer can commit it even if there are still issues to sort out with the documentation. We do value good documentation, but the exact point in tim

Re: WireGuard patchset for OpenBSD

Matt Dunwoodie wrote: > +.Ek > +.nr nS 0 > +.Pp Ask schwarze@ about that. > +Unlike the other commands, the following command receives input from > +stdin. This allows very fast configuration with a large number of > +peers. > + > +.Bl -tag -width Ds New sentence, new line. And no blank lines.

Re: WireGuard patchset for OpenBSD

On Tue, 12 May 2020 14:44:45 +0200 Tobias Heider wrote: > Hi, > > thanks for the diff! > > > SipHash and ChaCha20Poly1305 are already available in the kernel. > > The only modification here is add the short and simple chapoly AEAD > > construction alongside the existing AE one. > > At first

Re: Broken links to the usb.org document library

Hi, clematis wrote on Tue, May 12, 2020 at 03:06:40AM +0200: > - Should we update those links? For the manual pages, that seems clear: if some document is worth linking to (which i assume it is unless told otherwise, if a link is currently present in a manual page), then we should provide the be

Re: WireGuard patchset for OpenBSD

Hi, thanks for the diff! > SipHash and ChaCha20Poly1305 are already available in the kernel. The > only modification here is add the short and simple chapoly AEAD > construction alongside the existing AE one. At first glance, I think you could use the crypto framework implementation for the chac

Re: bgpctl parser cleanup

Claudio Jeker(cje...@diehard.n-r-g.com) on 2020.05.12 12:42:36 +0200: > Minimal cleanup of things not used in the bgpctl parser. > Bulk is not used and the ADDRESS / PREFIX tokens no longer overwrite the > action since a while. ok benno@ > > -- > :wq Claudio > > Index: parser.c > =

Re: WireGuard patchset for OpenBSD

On 2020-05-12 10:00, Jason A. Donenfeld wrote: > Djb has a nice post on chacha performance in > this context: . I shall leave this to the wireguard folks to explore but I'm not totally convinced. It is not just about speed. Perhaps Int

Re: bgpctl parser cleanup

On Tue, May 12, 2020 at 12:42:36PM +0200, Claudio Jeker wrote: > Minimal cleanup of things not used in the bgpctl parser. > Bulk is not used and the ADDRESS / PREFIX tokens no longer overwrite the > action since a while. OK kn

bgpctl parser cleanup

Minimal cleanup of things not used in the bgpctl parser. Bulk is not used and the ADDRESS / PREFIX tokens no longer overwrite the action since a while. -- :wq Claudio Index: parser.c === RCS file: /cvs/src/usr.sbin/bgpctl/parser.c,v

Re: WireGuard patchset for OpenBSD

On Tue, May 12, 2020 at 3:48 AM Kevin Chadwick wrote: > > On 2020-05-12 06:05, Matt Dunwoodie wrote: > > I don't want to put misleading numbers out there and every use case > >is different, therefore you should perform your own tests. In my > >environment (tcbbench between two Lenovo x230

Re: WireGuard patchset for OpenBSD

On 2020-05-12 06:05, Matt Dunwoodie wrote: > I don't want to put misleading numbers out there and every use case >is different, therefore you should perform your own tests. In my >environment (tcbbench between two Lenovo x230 (i5-3320m), em(4) >ethernet) I was seeing 750mbit/s. This wa

Re: Removing old video drivers

On Mon, May 11, 2020 at 09:40:30AM -0700, Dirk Praet wrote: > Hi Matthieu, > > It would seem I'm a bit (too) late to this party. In short: I'm running a > high security environment leveraging the combined power of contemporary > OpenBSD and ancient i386 hardware stuffed with RAM, but untouched by