On Sat, Jan 22, 2022 at 08:45:21PM +, Job Snijders wrote:
> On Sat, Jan 22, 2022 at 03:09:52PM +0100, Theo Buehler wrote:
> > The diff below would be what we both expect, but it means we diverge
> > from OpenSSL's behavior.
>
> AFAIK the OpenSSL implementation doesn't apply constraints in acco
On Sat, Jan 22, 2022 at 03:09:52PM +0100, Theo Buehler wrote:
> The diff below would be what we both expect, but it means we diverge
> from OpenSSL's behavior.
AFAIK the OpenSSL implementation doesn't apply constraints in accordance
with the procedures referenced in the IANA "SMI Security for PKIX
On Sat, Jan 22, 2022 at 07:08:12PM +0100, Claudio Jeker wrote:
> On Sat, Jan 22, 2022 at 02:21:23PM +0100, Theo Buehler wrote:
> > On Sat, Jan 22, 2022 at 12:42:30PM +0100, Theo Buehler wrote:
> > > On Sat, Jan 22, 2022 at 11:47:17AM +0100, Claudio Jeker wrote:
> > > > The valid_cert() and valid_ro
On Sat, Jan 22, 2022 at 02:21:23PM +0100, Theo Buehler wrote:
> On Sat, Jan 22, 2022 at 12:42:30PM +0100, Theo Buehler wrote:
> > On Sat, Jan 22, 2022 at 11:47:17AM +0100, Claudio Jeker wrote:
> > > The valid_cert() and valid_roa() functions both redo the valid_aki_ski()
> > > call that the callee
Todd C. Miller wrote:
> On Sat, 22 Jan 2022 14:24:17 +0100, =?UTF-8?Q?S=C3=B6ren?= Tempel wrote:
>
> > The patch below fixes this issue by flushing all open output streams
> > before executing the command using system(3). Alternatively, it may also
> > be sufficient to only flush stdout and (may
> Note that this only adds the parsing, the rest of the current behaviour
> of stays the same. I have another diff in the pipeline for allowing the
> hostname in the message.
I object to this process.
You want to add parsing code as a fait accompli. With no justification.
Then later on, spring on
This diff makes ssh-askpass abort on ^C, like on ESC.
At times when ssh-askpass pops up behind the active window, or for some
reason is not visible, while at the same time stealing all input, ^C is
one of the "safe" key combinations that comes to my mind trying to
unlock whatever is locking up my
On Sat, 22 Jan 2022 14:24:17 +0100, =?UTF-8?Q?S=C3=B6ren?= Tempel wrote:
> The patch below fixes this issue by flushing all open output streams
> before executing the command using system(3). Alternatively, it may also
> be sufficient to only flush stdout and (maybe) stderr.
Just flushing everyth
Currently syslogd(8) doesn't support hostname parsing for incoming
messages. This means that if a sender adds a hostname to a message it
will be interpreted as progname. Additionally, when a message is being
relayed, or there's some form of NATting taking place the originator of
the message will be
Hello,
The ed shell escape command currently behaves incorrectly if standard
output isn't line-buffered. As an example, consider the following ed(1)
invocations:
$ cat /tmp/ed-cmd
!echo foo
!!
$ ed < /tmp/ed-cmd
foo
!
echo foo
foo
On Sat, Jan 22, 2022 at 02:49:24PM +0100, Theo Buehler wrote:
> On Sat, Jan 22, 2022 at 01:29:19PM +, Job Snijders wrote:
> > On Sat, Jan 22, 2022 at 11:16:14AM +0100, Theo Buehler wrote:
> > > +The error indicates that this is not the case or that the leaf tries
> > > +to inherit resources tha
On Sat, Jan 22, 2022 at 01:29:19PM +, Job Snijders wrote:
> On Sat, Jan 22, 2022 at 11:16:14AM +0100, Theo Buehler wrote:
> > +The error indicates that this is not the case or that the leaf tries
> > +to inherit resources that the trust anchor itself inherits.
>
> I unable to understand the se
On Sat, Jan 22, 2022 at 11:16:14AM +0100, Theo Buehler wrote:
> +The error indicates that this is not the case or that the leaf tries
> +to inherit resources that the trust anchor itself inherits.
I unable to understand the second part of the sentence: a leaf
inheriting resources that the trust an
On Sat, Jan 22, 2022 at 12:42:30PM +0100, Theo Buehler wrote:
> On Sat, Jan 22, 2022 at 11:47:17AM +0100, Claudio Jeker wrote:
> > The valid_cert() and valid_roa() functions both redo the valid_aki_ski()
> > call that the callee already did. Adjust the functions and skip this
> > redundant call. Al
On Sat, Jan 22, 2022 at 11:47:17AM +0100, Claudio Jeker wrote:
> The valid_cert() and valid_roa() functions both redo the valid_aki_ski()
> call that the callee already did. Adjust the functions and skip this
> redundant call. Also move the place where we set the talid for roa to a
> better place.
On Sat, Jan 22, 2022 at 12:05:40PM +0100, Claudio Jeker wrote:
> On Sat, Jan 22, 2022 at 11:50:34AM +0100, Theo Buehler wrote:
> > On Sat, Jan 22, 2022 at 11:07:36AM +0100, Claudio Jeker wrote:
> > > On Sat, Jan 22, 2022 at 10:22:02AM +0100, Theo Buehler wrote:
> > > > On Sat, Jan 22, 2022 at 10:11
On Sat, Jan 22, 2022 at 11:50:34AM +0100, Theo Buehler wrote:
> On Sat, Jan 22, 2022 at 11:07:36AM +0100, Claudio Jeker wrote:
> > On Sat, Jan 22, 2022 at 10:22:02AM +0100, Theo Buehler wrote:
> > > On Sat, Jan 22, 2022 at 10:11:36AM +0100, Claudio Jeker wrote:
> > > > On Fri, Jan 21, 2022 at 03:22
On Sat, Jan 22, 2022 at 11:07:36AM +0100, Claudio Jeker wrote:
> On Sat, Jan 22, 2022 at 10:22:02AM +0100, Theo Buehler wrote:
> > On Sat, Jan 22, 2022 at 10:11:36AM +0100, Claudio Jeker wrote:
> > > On Fri, Jan 21, 2022 at 03:22:51PM +0100, Claudio Jeker wrote:
> > > > I would like to change -f in
The valid_cert() and valid_roa() functions both redo the valid_aki_ski()
call that the callee already did. Adjust the functions and skip this
redundant call. Also move the place where we set the talid for roa to a
better place.
With RFC3779 support in LibreSSL these functions no longer trigger sin
As pointed out by claudio, like most of the RFC 3779 stuff,
X509_V_ERR_UNNESTED_RESOURCE is missing from our documentation.
Here's a stab at summarizing what this error means.
Index: man/X509_STORE_CTX_get_error.3
===
RCS file: /cvs/s
On Sat, Jan 22, 2022 at 10:22:02AM +0100, Theo Buehler wrote:
> On Sat, Jan 22, 2022 at 10:11:36AM +0100, Claudio Jeker wrote:
> > On Fri, Jan 21, 2022 at 03:22:51PM +0100, Claudio Jeker wrote:
> > > I would like to change -f into a real mode and with that support to
> > > show more then one file a
On Sat, Jan 22, 2022 at 10:11:36AM +0100, Claudio Jeker wrote:
> On Fri, Jan 21, 2022 at 03:22:51PM +0100, Claudio Jeker wrote:
> > I would like to change -f into a real mode and with that support to
> > show more then one file at a time.
> >
> > This is doing most of that. The output may need som
On Fri, Jan 21, 2022 at 03:22:51PM +0100, Claudio Jeker wrote:
> I would like to change -f into a real mode and with that support to
> show more then one file at a time.
>
> This is doing most of that. The output may need some extra fixing but the
> logic itself works.
>
> Yay or nay?
Updated di
On Fri, Jan 21, 2022 at 01:36:30PM -0700, Bob Beck wrote:
>
> I like that.. LGTM
>
> ok beck@
Ditto
>
> On Fri, Jan 21, 2022 at 08:37:27PM +0100, Theo Buehler wrote:
> > > Lets start with that and optimize this in tree. I think we can rename the
> > > function to something like rtype_from_mft
On Mon, Jan 17, 2022 at 08:42:47AM +0100, Otto Moerbeek wrote:
> On Sun, Jan 09, 2022 at 02:54:43PM +0100, Otto Moerbeek wrote:
>
> > Hi,
> >
> > currently malloc does cache a number of free'ed regions up to 128k in
> > size. This cache is indexed by size (in # of pages), so it is very
> > quick
25 matches
Mail list logo
