From owner-freebsd-arch@FreeBSD.ORG Sun Dec 5 15:09:27 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D4AD816A4CE; Sun, 5 Dec 2004 15:09:27 +0000 (GMT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 278F643D5C; Sun, 5 Dec 2004 15:09:27 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iB5F9PKT061739; Sun, 5 Dec 2004 16:09:25 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: arch@freebsd.org, current@freebsd.org From: Poul-Henning Kamp Date: Sun, 05 Dec 2004 16:09:25 +0100 Message-ID: <61738.1102259365@critter.freebsd.dk> Sender: phk@critter.freebsd.dk Subject: [HEADSUP/TEST]: mount(2)/nmount(2) & rootfs mounting X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Dec 2004 15:09:28 -0000 Please help test this megapatch: http://phk.freebsd.dk/patch/nmount.patch Any observations of filesystems behaving differently etc are most welcome. I intend to commit this before X-mas if at all possible. The problem, briefly stated: ---------------------------- The old mount(2) interface, ("omount") does not help filesystems much with argument passing. A single pointer is passed in along with a set of flags of which some are magic to varying degrees. The single pointer is usually used for a struct MYFS_args, which contains what the filesystem needs. Since these structs differ from filesystem to filesystem, we can not reuse the userland mount code, but need a mount_msdos(8), mount_nwfs(8) etc etc. We ran out of flags, and rather than just postpone the trouble by making the flags field wider, we (mux@ & I) created a new mount system call ("nmount") which can pass lists of options and help filesystems manage them. How nmount(2) works ------------------- In userland, a list of options are collected, they have names which are ascii-strings and values which can be anything: build_iovec(&iov, &iovlen, "fstype", "ufs", -1); build_iovec(&iov, &iovlen, "fspath", mntpath, -1); build_iovec(&iov, &iovlen, "from", dev, -1); build_iovec(&iov, &iovlen, "flags", &ufs_flags, sizeof ufs_flags); build_iovec(&iov, &iovlen, "export", &export, sizeof export); if (nmount(iov, iovlen, mntflags) < 0) err(1, "%s", dev); On the kernel side, the options are copyin(9)'ed and arranged into a list. A number of functions allows a filesystem to access elements in the list. Compatibility ------------- If an old style mount call comes in, the filesystem offers a "vfs_cmount" function which converts old-style arguments into an kernel call to nmount: error = copyin(data, &args, sizeof args); if (error) return (error); ma = mount_arg(ma, "from", args.fspec, -1); ma = mount_arg(ma, "export", &args.export, sizeof args.export); ma = mount_argf(ma, "uid", "%d", args.uid); ma = mount_argf(ma, "gid", "%d", args.gid); [...] error = kernel_mount(ma, flags); Root mounting ------------- When we mount the root filesystem, we do with an ascii string of the form "$filesystem:$something", if the filesystem is able to parse $something (passed in mount argument "from", the filesystem can be used as root filesystem (NB: there must be a /dev directory or things go downhill really fast). There are no other requirements or special code needed in the filesystem. In theory, we should be able to use a msdosfs as rootfilesystem now. (see other email about how root mounting works) The Short Future Pespective --------------------------- After some more testing I will commit my current megapatch and deal with breakage we find it. The Long Future Perspective --------------------------- A few filesystems need magic userland support, nfs, nwfs and similar where userland does some of the network setup. For these we will still need a mount_blafs(8) program which knows about these things. For all other filesystems my hope is that we can keep all mount options as ascii strings so that a single mount(8) tool can work for all of these filesystems. Currently I have made the omount->nmount conversion as best I could, (refinements are more than welcome) and the kernel will now respond to both nmount and omount systemcalls. Before 6.0 freeze I want to convert userland to use nmount exclusively, this hopefully will amount to getting rid of a number of mount_foofs(8) programs. After 6.0 branch I want to remove the omount compatibility in the kernel so that 7.x is nmount exclusively. So, the problem here is that I can not even test all these various filesystems and I would be surprised if I can find the time to polish each and every one of them, so I hope the various filesystem owners and other interested hackers will step in and help me with the last bit of this. What needs to be done --------------------- UFS/FFS: release global mount flags which are areally UFS/FFS private flags (MNT_SOFTDEP etc). NFS/NFSv4: More sharing is possible here I think. Root mount code is too magic, we don't really interpret the "from" string as far as I can tell, rather we rely on various magic stuff dropped by bootloader. Would be nice if we DTRT so that one could point a kernel at any NFS server without bootloader support. All filesystems: Verify that things work. Tune the option names and error checking. Get rid of mount_foofs(8) if possible. Documentation. All "single user" filesystems There may be a "market" for some library routines to handle filesystems which are designed for single-user (msdosfs etc) rather than have the uid/gid/filemode/dirmode in three or four separate filesystems. Documentation Please help! *END* -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-arch@FreeBSD.ORG Sun Dec 5 21:13:11 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B9DD716A4E2; Sun, 5 Dec 2004 21:13:11 +0000 (GMT) Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4880943D2F; Sun, 5 Dec 2004 21:13:11 +0000 (GMT) (envelope-from rodrigc@crodrigues.org) Received: from h00609772adf0.ne.client2.attbi.com ([66.30.114.143]) by comcast.net (sccrmhc12) with ESMTP id <2004120521131001200ankghe>; Sun, 5 Dec 2004 21:13:10 +0000 Received: from h00609772adf0.ne.client2.attbi.com (localhost [127.0.0.1]) iB5LD9VM005330; Sun, 5 Dec 2004 16:13:09 -0500 (EST) (envelope-from rodrigc@h00609772adf0.ne.client2.attbi.com) Received: (from rodrigc@localhost)iB5LD8oj005329; Sun, 5 Dec 2004 16:13:08 -0500 (EST) (envelope-from rodrigc) Date: Sun, 5 Dec 2004 16:13:08 -0500 From: Craig Rodrigues To: Poul-Henning Kamp Message-ID: <20041205211308.GA5174@crodrigues.org> References: <61738.1102259365@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <61738.1102259365@critter.freebsd.dk> User-Agent: Mutt/1.4.1i cc: arch@freebsd.org cc: current@freebsd.org Subject: Re: [HEADSUP/TEST]: mount(2)/nmount(2) & rootfs mounting X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Dec 2004 21:13:11 -0000 On Sun, Dec 05, 2004 at 04:09:25PM +0100, Poul-Henning Kamp wrote: > > Please help test this megapatch: > > http://phk.freebsd.dk/patch/nmount.patch I mounted an ISO file: mdconfig -a -t vnode -f ./freesbie.iso -u 4 mount -t cd9660 /dev/md4 /tmp/mnt1 The output of 'mount' showed: on /tmp/mnt1 (cd9660, local, read-only) i.e. it did not show "/dev/md4 on" I mounted an NFS filesystem via the automounter: cd /net/rincewind-2/opt/home/ACE_wrappers The output of 'mount' showed: rincewind-2:/opt/home/ACE_wrappers on XXX: foo (nfs, nosuid) i.e it did not show 'on /net/rincewind-2'. I tried to mount the same NFS file system via nfs4: mount_nfs4 rincewind-2:/opt/home/ACE_wrappers /tmp/mnt1 mount_nfs4: /tmp/mnt1: Operation not supported -- Craig Rodrigues rodrigc@crodrigues.org From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 03:56:51 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EEDF16A4CE; Mon, 6 Dec 2004 03:56:51 +0000 (GMT) Received: from smtp3.server.rpi.edu (smtp3.server.rpi.edu [128.113.2.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id DA6E743D31; Mon, 6 Dec 2004 03:56:50 +0000 (GMT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp3.server.rpi.edu (8.13.0/8.13.0) with ESMTP id iB63um45028619; Sun, 5 Dec 2004 22:56:50 -0500 Mime-Version: 1.0 Message-Id: In-Reply-To: <20041130231236.GD56431@darkness.comp.waw.pl> References: <20041130231236.GD56431@darkness.comp.waw.pl> Date: Sun, 5 Dec 2004 22:56:47 -0500 To: Pawel Jakub Dawidek , freebsd-arch@freebsd.org From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-CanItPRO-Stream: default X-RPI-SA-Score: undef - spam-scanning disabled X-Scanned-By: CanIt (www . canit . ca) cc: cperciva@freebsd.org Subject: Re: ps -e without procfs(5). X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 03:56:51 -0000 At 12:12 AM +0100 12/1/04, Pawel Jakub Dawidek wrote: >Hello. > >I need some testing for this patch: > > http://people.freebsd.org/~pjd/patches/ps-e.patch > >It allows to use 'ps -e' without procfs(5) mounted. > >I decided to disable this functionality by default, because procfs(5) >is also disabled by default and some people may already depend on the >fact, that environment is a secret by default. >To see the effects, you need to increase sysctl kern.ps_env_cache_limit >to for example 1024. I think it is true that procfs was mounted by default in 4.x, so I am not sure we need to start the system with kern.ps_env_cache_limit set to 0. Note that there are (or were?) other protections in `ps' such that non-root users can only see the environment variables for their own processes. They can't see them for processes owned by other users. And in 5.x, if procfs *is* mounted then users can't even see environment variables of their own processes if sysctl security.bsd.unprivileged_proc_debug is set to 0 (it defaults to 1). I also notice that due to the way your new ability is implemented, nobody can see the environment variables for any process which was started up before the kern.ps_env_cache_limit is set. I tried to set it in /boot/loader.conf.local, but that didn't seem to work. (that may have been due to an error on my part, though). Hmm. And actually, your new version does seem to allow users to see the environment variables of processes they do not own, once the new sysctl is turned on. That would not be a good change to make. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 04:16:37 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 385BB16A4CE; Mon, 6 Dec 2004 04:16:37 +0000 (GMT) Received: from smtp3.server.rpi.edu (smtp3.server.rpi.edu [128.113.2.3]) by mx1.FreeBSD.org (Postfix) with ESMTP id C31B743D67; Mon, 6 Dec 2004 04:16:34 +0000 (GMT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp3.server.rpi.edu (8.13.0/8.13.0) with ESMTP id iB64GWL4031604; Sun, 5 Dec 2004 23:16:33 -0500 Mime-Version: 1.0 Message-Id: In-Reply-To: <200411301628.05476.peter@wemm.org> References: <20041130231236.GD56431@darkness.comp.waw.pl> <200411301628.05476.peter@wemm.org> Date: Sun, 5 Dec 2004 23:16:32 -0500 To: Peter Wemm , freebsd-arch@freebsd.org From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-CanItPRO-Stream: default X-RPI-SA-Score: undef - spam-scanning disabled X-Scanned-By: CanIt (www . canit . ca) cc: Pawel Jakub Dawidek Subject: Re: ps -e without procfs(5). X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 04:16:37 -0000 At 4:28 PM -0800 11/30/04, Peter Wemm wrote: >On Tuesday 30 November 2004 03:12 pm, Pawel Jakub Dawidek wrote: >> Hello. >> >> I need some testing for this patch: >> >> http://people.freebsd.org/~pjd/patches/ps-e.patch >> > > It allows to use 'ps -e' without procfs(5) mounted. > >ps -e is "live" and reads the environment from the process. It looks >like your patch adds a once-only snapshot of the exec-time values.. > >I've only ever used "ps -e" to figure out what the current live values >are, I'd be more interested in a ptrace based replacement.. I also always thought that `ps -e' was live, but I went to check on that, and now I'm not so sure it is. On both 4.x and 5.x (with procfs mounted), I tried doing `ps -eww -p $$'. I got a list of environment variables, and I tried adding or modifying a variable and then re-entering the command. As near as I could tell, the output did not change. So, it looks like the procfs implementation is also just a copy of the variables as they were set when the process initially started up. I also tried a quick test of 'ps eww p $$' on a linux box, and it also seems to show only the environment variables (and values) that the process started up with. I think there are a few issues that need to be addressed in Pawel's work here, but it looks like he is correct in implementing it as a once-only snapshot. Maybe we should have something else to show the "live" environment of a process. We probably need to do more comparisons of the procfs-based `ps -e' (on both 4.x and 5.x) with Pawel's work, but once we sort out the security issues I think it is a reasonable thing to add. It will mean there is one less reason that anyone has to mount procfs, and I believe that is a direction that we (as a project) wanted to go. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 09:17:47 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 04F6F16A4CE; Mon, 6 Dec 2004 09:17:47 +0000 (GMT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7FBF543D5F; Mon, 6 Dec 2004 09:17:46 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 5909EACBCF; Mon, 6 Dec 2004 10:17:44 +0100 (CET) Date: Mon, 6 Dec 2004 10:17:44 +0100 From: Pawel Jakub Dawidek To: Garance A Drosihn Message-ID: <20041206091744.GJ813@darkness.comp.waw.pl> References: <20041130231236.GD56431@darkness.comp.waw.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="W13SgbpmD6bhZUTM" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: cperciva@freebsd.org cc: freebsd-arch@freebsd.org Subject: Re: ps -e without procfs(5). X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 09:17:47 -0000 --W13SgbpmD6bhZUTM Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Dec 05, 2004 at 10:56:47PM -0500, Garance A Drosihn wrote: +> At 12:12 AM +0100 12/1/04, Pawel Jakub Dawidek wrote: +> >Hello. +> > +> >I need some testing for this patch: +> > +> > http://people.freebsd.org/~pjd/patches/ps-e.patch +> > +> >It allows to use 'ps -e' without procfs(5) mounted. +> > +> >I decided to disable this functionality by default, because procfs(5) +> >is also disabled by default and some people may already depend on the +> >fact, that environment is a secret by default. +> >To see the effects, you need to increase sysctl kern.ps_env_cache_limit +> >to for example 1024. +>=20 +> I think it is true that procfs was mounted by default in 4.x, so I +> am not sure we need to start the system with kern.ps_env_cache_limit +> set to 0. Note that there are (or were?) other protections in `ps' +> such that non-root users can only see the environment variables for +> their own processes. They can't see them for processes owned by +> other users. And in 5.x, if procfs *is* mounted then users can't +> even see environment variables of their own processes if sysctl +> security.bsd.unprivileged_proc_debug is set to 0 (it defaults to 1). +>=20 +> I also notice that due to the way your new ability is implemented, +> nobody can see the environment variables for any process which was +> started up before the kern.ps_env_cache_limit is set. I tried to +> set it in /boot/loader.conf.local, but that didn't seem to work. +> (that may have been due to an error on my part, though). (I added an example entry to /etc/sysctl.conf) +> Hmm. And actually, your new version does seem to allow users to see +> the environment variables of processes they do not own, once the new +> sysctl is turned on. That would not be a good change to make. I updated the patch, thanks for your suggestions. PS. In this patch I removed an example entry from sysctl.conf and set cache size to 1024 bytes by default and now I use p_candebug() to protect envs. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --W13SgbpmD6bhZUTM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFBtCO4ForvXbEpPzQRAtvUAKD2w9TdHZD0PXmtKhukjPrap+oZdACg9dfE JHSE+dEXkFHSwqwx1qGpSSA= =7/Mg -----END PGP SIGNATURE----- --W13SgbpmD6bhZUTM-- From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 10:10:07 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9EAB516A4D0 for ; Mon, 6 Dec 2004 10:10:07 +0000 (GMT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id E734943D48 for ; Mon, 6 Dec 2004 10:10:06 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iB6AA5S6079553 for ; Mon, 6 Dec 2004 11:10:05 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: arch@freebsd.org From: Poul-Henning Kamp Date: Mon, 06 Dec 2004 11:10:05 +0100 Message-ID: <79552.1102327805@critter.freebsd.dk> Sender: phk@critter.freebsd.dk Subject: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 10:10:07 -0000 We are aiming 6.X at production readiness around start of 2006. By that time IPX and NWFS are not really interesting and nobody seems to be interested in doing the SMPng work on them. I propose we remove them from -current before the 6.x freeze starts next spring. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 10:15:22 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B7D3516A4CE for ; Mon, 6 Dec 2004 10:15:22 +0000 (GMT) Received: from pooker.samsco.org (pooker.samsco.org [168.103.85.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 46A1D43D66 for ; Mon, 6 Dec 2004 10:15:22 +0000 (GMT) (envelope-from scottl@freebsd.org) Received: from [192.168.254.11] (junior-wifi.samsco.home [192.168.254.11]) (authenticated bits=0) by pooker.samsco.org (8.12.11/8.12.10) with ESMTP id iB6AJTrh098138; Mon, 6 Dec 2004 03:19:29 -0700 (MST) (envelope-from scottl@freebsd.org) Message-ID: <41B43140.802@freebsd.org> Date: Mon, 06 Dec 2004 03:15:28 -0700 From: Scott Long User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20040929 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Poul-Henning Kamp References: <79552.1102327805@critter.freebsd.dk> In-Reply-To: <79552.1102327805@critter.freebsd.dk> X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=3.8 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on pooker.samsco.org cc: arch@freebsd.org Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 10:15:23 -0000 Poul-Henning Kamp wrote: > We are aiming 6.X at production readiness around start of 2006. > > By that time IPX and NWFS are not really interesting and nobody > seems to be interested in doing the SMPng work on them. > > I propose we remove them from -current before the 6.x freeze starts > next spring. > Are these getting in the way of current work? We have shims in place to make at least IPX operate correctly without explicit locking. Saying that they are old and not used by people who read arch@ isn't a compelling argument to remove them. If they are getting in the way of current work, then it would be much friendlier to ask for help rather than summarily announcing their doom. Scott From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 10:24:27 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A41E016A4CE; Mon, 6 Dec 2004 10:24:27 +0000 (GMT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 058A443D1D; Mon, 6 Dec 2004 10:24:27 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iB6AOQIL079851; Mon, 6 Dec 2004 11:24:26 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: Scott Long From: "Poul-Henning Kamp" In-Reply-To: Your message of "Mon, 06 Dec 2004 03:15:28 MST." <41B43140.802@freebsd.org> Date: Mon, 06 Dec 2004 11:24:26 +0100 Message-ID: <79850.1102328666@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: arch@freebsd.org Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 10:24:27 -0000 In message <41B43140.802@freebsd.org>, Scott Long writes: >Poul-Henning Kamp wrote: >> We are aiming 6.X at production readiness around start of 2006. >> >> By that time IPX and NWFS are not really interesting and nobody >> seems to be interested in doing the SMPng work on them. >> >> I propose we remove them from -current before the 6.x freeze starts >> next spring. >> > >Are these getting in the way of current work? That's not really the most relevant question is it ? I would think that the question is "Will we be comfortable with listing them in our feature list for 6.x ?" This could also be phrased as: "Do we actually have somebody who will make sure it works ?" or even: "Does anybody care about PR's against the code and does it even work ?" This last one I think we can answer: Hint: S Submitted Tracker Resp. Description f 2001/12/13 kern/32797 glebius [netgraph] Problem with IPX and netgraph(4) o 2003/03/06 kern/48976 nwfs.ko oddity a 2003/11/12 kern/59211 [nwfs] System crashes when moving files from NWFS mounted system p 2004/04/05 kern/65217 bms PATCH: Improve Linux IPX application compatibility o 2004/04/23 kern/65920 [nwfs] Mounted Netware filesystem behaves strange o 2004/07/15 kern/69100 [nwfs] panic: 5.2.1p9 kernel panics when mounting nwfs filesystem o 2004/08/10 kern/70236 [patch] uninitialised parameters passed to kernel_sysctl [nwfs_vfsops.c smb_subr.c] o 2004/11/19 kern/74105 rwatson IPX protocol support doesn't work -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 16:58:44 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E19AA16A4CE for ; Mon, 6 Dec 2004 16:58:44 +0000 (GMT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8920A43D58 for ; Mon, 6 Dec 2004 16:58:44 +0000 (GMT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.13.1/8.13.1) with ESMTP id iB6GuMxD075665; Mon, 6 Dec 2004 11:56:22 -0500 (EST) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)iB6GuM1l075662; Mon, 6 Dec 2004 16:56:22 GMT (envelope-from robert@fledge.watson.org) Date: Mon, 6 Dec 2004 16:56:21 +0000 (GMT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Poul-Henning Kamp In-Reply-To: <79552.1102327805@critter.freebsd.dk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: arch@freebsd.org Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 16:58:45 -0000 On Mon, 6 Dec 2004, Poul-Henning Kamp wrote: > We are aiming 6.X at production readiness around start of 2006. > > By that time IPX and NWFS are not really interesting and nobody seems to > be interested in doing the SMPng work on them. > > I propose we remove them from -current before the 6.x freeze starts next > spring. FYI, I have a substantial work in progress in the netperf branch to bring fine-grained locking to IPX/SPX, as well as to clean up a number of elements of its implementions (for example, moving the the queue(9) macros. While I'm currently a bit stalled on it due to being overwhelmed at work (etc), my hope was to get the Giant-free IPX pieces working early next year. I think there's a reference to this on the SMPng page showing the task as last worked on in April (probably accurate). I don't have the ability to experiment with or test the nwfs code at this time. However, there are occasional bug reports so one assumes that someone must be using it. I'm not necessarily opposed to removing IPX/SPX on the basis that it is hardly a mainstream protocol component anymore, but I think it's probably not accurate to say that no one is interested in doing the locking work for the IPX parts (since I'm working on it :-). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Principal Research Scientist, McAfee Research From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 17:03:36 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D60F916A4CE; Mon, 6 Dec 2004 17:03:36 +0000 (GMT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1BD2043D39; Mon, 6 Dec 2004 17:03:36 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iB6H3YDj085968; Mon, 6 Dec 2004 18:03:34 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: Robert Watson From: "Poul-Henning Kamp" In-Reply-To: Your message of "Mon, 06 Dec 2004 16:56:21 GMT." Date: Mon, 06 Dec 2004 18:03:34 +0100 Message-ID: <85967.1102352614@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: arch@freebsd.org Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 17:03:37 -0000 In message , Robe rt Watson writes: >> We are aiming 6.X at production readiness around start of 2006. >> >> By that time IPX and NWFS are not really interesting and nobody seems to >> be interested in doing the SMPng work on them. >> >I'm not necessarily opposed to removing IPX/SPX on the basis that it >is hardly a mainstream protocol component anymore, but I think it's >probably not accurate to say that no one is interested in doing the >locking work for the IPX parts (since I'm working on it :-). That's cool, but there are so many other things I'd rather want to see you spend your time on. Despite what people have said, I still think that will not be able to stand by and support the IPX/NWFS things from 2006 until 2007-2008. Do we even know if it works in 5.3 ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 17:29:41 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E7A9F16A4CE for ; Mon, 6 Dec 2004 17:29:41 +0000 (GMT) Received: from dragon.nuxi.com (trang.nuxi.com [66.93.134.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9FA6E43D5C for ; Mon, 6 Dec 2004 17:29:41 +0000 (GMT) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.13.1/8.13.1) with ESMTP id iB6HTeri033366; Mon, 6 Dec 2004 09:29:40 -0800 (PST) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.13.1/8.13.1/Submit) id iB6HTd0T033365; Mon, 6 Dec 2004 09:29:39 -0800 (PST) (envelope-from obrien) Date: Mon, 6 Dec 2004 09:29:39 -0800 From: "David O'Brien" To: Poul-Henning Kamp Message-ID: <20041206172939.GD32801@dragon.nuxi.com> Mail-Followup-To: David O'Brien , Poul-Henning Kamp , arch@freebsd.org References: <41B43140.802@freebsd.org> <79850.1102328666@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <79850.1102328666@critter.freebsd.dk> User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD 6.0-CURRENT Organization: The NUXI BSD Group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 cc: arch@freebsd.org Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-arch@freebsd.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 17:29:42 -0000 On Mon, Dec 06, 2004 at 11:24:26AM +0100, Poul-Henning Kamp wrote: > "Does anybody care about PR's against the code and does it even work ?" > > This last one I think we can answer: > > Hint: > > S Submitted Tracker Resp. Description > f 2001/12/13 kern/32797 glebius [netgraph] Problem with IPX and netgraph(4) > o 2003/03/06 kern/48976 nwfs.ko oddity > a 2003/11/12 kern/59211 [nwfs] System crashes when moving files from NWFS mounted system > p 2004/04/05 kern/65217 bms PATCH: Improve Linux IPX application compatibility http://www.freebsd.org/cgi/query-pr.cgi?pr=65217 State-Changed-From-To: open->patched State-Changed-By: bms State-Changed-When: Tue Jun 22 21:47:01 GMT 2004 State-Changed-Why: Committed to -CURRENT, thanks! Looks like a "YES" to me, there is at least one committer. The PR is probably just in the wrong state now and should have been closed. -- -- David (obrien@FreeBSD.org) From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 21:10:16 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DAD8F16A4E5; Mon, 6 Dec 2004 21:10:16 +0000 (GMT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4152243D68; Mon, 6 Dec 2004 21:10:15 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iB6LAD48090141; Mon, 6 Dec 2004 22:10:14 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: arch@freebsd.org, current@freebsd.org From: Poul-Henning Kamp Date: Mon, 06 Dec 2004 22:10:13 +0100 Message-ID: <90140.1102367413@critter.freebsd.dk> Sender: phk@critter.freebsd.dk Subject: NMOUNT/OMOUNT midway status X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 21:10:17 -0000 I have now converted all of the filesystems which are not rootfs candidates under the old world order[1] (nfs, cd9660 and ufs). There shouldn't be any visible effects of this work seen from userland: the old mount_*(8) binaries and mount(2) system calls should all just work like they used to. If they don't, try to take a peek yourself, it's pretty simple after all. If you can't spot the mistake I've made, send me email. The next step involved converting the three 'big' filesystems and the root filesystem mount code, and I have not quite found out how to partition that into a sequence of sensible commits. If you want to help me test I keep a patch relative to -current up to date: http://phk.freebsd.dk/patch/nmount.patch Poul-Henning [1] In the new worldorder all filesystems which understand a "from" argument is a root filesystem candidate, that means that msdosfs, ntfs, hpfs and ext2fs with no or only minor tweaking can be used for root filesystem. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-arch@FreeBSD.ORG Mon Dec 6 23:03:13 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 832DB16A4CE; Mon, 6 Dec 2004 23:03:13 +0000 (GMT) Received: from blackwater.lemis.com (wantadilla.lemis.com [192.109.197.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id 01D6743D3F; Mon, 6 Dec 2004 23:03:12 +0000 (GMT) (envelope-from grog@lemis.com) Received: by blackwater.lemis.com (Postfix, from userid 1004) id 05A1985665; Tue, 7 Dec 2004 09:33:10 +1030 (CST) Date: Tue, 7 Dec 2004 09:33:09 +1030 From: Greg 'groggy' Lehey To: Poul-Henning Kamp Message-ID: <20041206230309.GN92212@wantadilla.lemis.com> References: <85967.1102352614@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="HKLejDDV6gCqJAZ/" Content-Disposition: inline In-Reply-To: <85967.1102352614@critter.freebsd.dk> User-Agent: Mutt/1.4.2.1i Organization: The FreeBSD Project Phone: +61-8-8388-8286 Fax: +61-8-8388-8725 Mobile: +61-418-838-708 WWW-Home-Page: http://www.FreeBSD.org/ X-PGP-Fingerprint: 9A1B 8202 BCCE B846 F92F 09AC 22E6 F290 507A 4223 cc: arch@freebsd.org cc: Robert Watson Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 23:03:13 -0000 --HKLejDDV6gCqJAZ/ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Monday, 6 December 2004 at 18:03:34 +0100, Poul-Henning Kamp wrote: > In message , Robe > rt Watson writes: > >>> We are aiming 6.X at production readiness around start of 2006. >>> >>> By that time IPX and NWFS are not really interesting and nobody seems to >>> be interested in doing the SMPng work on them. >>> >> I'm not necessarily opposed to removing IPX/SPX on the basis that it >> is hardly a mainstream protocol component anymore, but I think it's >> probably not accurate to say that no one is interested in doing the >> locking work for the IPX parts (since I'm working on it :-). > > That's cool, but there are so many other things I'd rather want to see > you spend your time on. Why don't you leave that kind of decision to the people who run the project? Your intentions appear to be at variance with those of the two members of core who have responded. Greg -- See complete headers for address and phone numbers. --HKLejDDV6gCqJAZ/ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBtOUtIubykFB6QiMRApmgAKCQejWRQFu8jfxQkFO55YXDokO+PACgjPxn d5zfXvvCWVoOcLfSmV6av28= =sNlr -----END PGP SIGNATURE----- --HKLejDDV6gCqJAZ/-- From owner-freebsd-arch@FreeBSD.ORG Tue Dec 7 06:29:57 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ECA5216A4CE; Tue, 7 Dec 2004 06:29:57 +0000 (GMT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3596843D69; Tue, 7 Dec 2004 06:29:57 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iB76TrT6098422; Tue, 7 Dec 2004 07:29:53 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: "Greg 'groggy' Lehey" From: "Poul-Henning Kamp" In-Reply-To: Your message of "Tue, 07 Dec 2004 09:33:09 +1030." <20041206230309.GN92212@wantadilla.lemis.com> Date: Tue, 07 Dec 2004 07:29:53 +0100 Message-ID: <98421.1102400993@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: arch@FreeBSD.org cc: Robert Watson Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Dec 2004 06:29:58 -0000 In message <20041206230309.GN92212@wantadilla.lemis.com>, "Greg 'groggy' Lehey" writes: >Why don't you leave that kind of decision to the people who run the >project? Your intentions appear to be at variance with those of the >two members of core who have responded. That is a refreshingly easy question to answer: because core has time and again said that they prefer to act on specific requests. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-arch@FreeBSD.ORG Tue Dec 7 17:53:39 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C3F5416A4CF; Tue, 7 Dec 2004 17:53:39 +0000 (GMT) Received: from harmony.village.org (rover.village.org [168.103.84.182]) by mx1.FreeBSD.org (Postfix) with ESMTP id 08C5A43D70; Tue, 7 Dec 2004 17:53:39 +0000 (GMT) (envelope-from imp@harmony.village.org) Received: from localhost (localhost [IPv6:::1]) by harmony.village.org (8.13.1/8.13.1) with ESMTP id iB7HrBA0070667; Tue, 7 Dec 2004 10:53:16 -0700 (MST) (envelope-from imp@harmony.village.org) Date: Tue, 07 Dec 2004 10:53:11 -0700 (MST) Message-Id: <20041207.105311.74679218.imp@harmony.village.org> To: phk@phk.freebsd.dk From: Warner Losh In-Reply-To: <98421.1102400993@critter.freebsd.dk> References: <20041206230309.GN92212@wantadilla.lemis.com> <98421.1102400993@critter.freebsd.dk> X-Mailer: Mew version 3.3 on Emacs 21.3 / Mule 5.0 (SAKAKI) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: grog@freebsd.org cc: arch@freebsd.org cc: rwatson@freebsd.org Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Dec 2004 17:53:39 -0000 > >Why don't you leave that kind of decision to the people who run the > >project? Your intentions appear to be at variance with those of the > >two members of core who have responded. > > That is a refreshingly easy question to answer: because core has time > and again said that they prefer to act on specific requests. Core has been transitioning to a more proactive role in making these sorts of decisions over the past 9 months or so. This can be seen both in terms of what we're doing as individuals, as well as the things we're talking about in our conference calls. Warner From owner-freebsd-arch@FreeBSD.ORG Wed Dec 8 03:27:09 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7289616A4CE; Wed, 8 Dec 2004 03:27:09 +0000 (GMT) Received: from daintree.corp.yahoo.com (daintree.corp.yahoo.com [216.145.52.172]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4752343D60; Wed, 8 Dec 2004 03:27:09 +0000 (GMT) (envelope-from peter@wemm.org) Received: by daintree.corp.yahoo.com (Postfix, from userid 2154) id 3C2D019755; Tue, 7 Dec 2004 19:27:09 -0800 (PST) From: Peter Wemm To: Garance A Drosihn Date: Tue, 7 Dec 2004 19:27:08 -0800 User-Agent: KMail/1.7.1 References: <20041130231236.GD56431@darkness.comp.waw.pl> <200411301628.05476.peter@wemm.org> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200412071927.08878.peter@wemm.org> cc: Pawel Jakub Dawidek cc: freebsd-arch@freebsd.org Subject: Re: ps -e without procfs(5). X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Dec 2004 03:27:09 -0000 On Sunday 05 December 2004 08:16 pm, Garance A Drosihn wrote: > At 4:28 PM -0800 11/30/04, Peter Wemm wrote: > >On Tuesday 30 November 2004 03:12 pm, Pawel Jakub Dawidek wrote: > >> Hello. > >> > >> I need some testing for this patch: > >> > >> http://people.freebsd.org/~pjd/patches/ps-e.patch > >> > > > It allows to use 'ps -e' without procfs(5) mounted. > > > >ps -e is "live" and reads the environment from the process. It > > looks like your patch adds a once-only snapshot of the exec-time > > values.. > > > >I've only ever used "ps -e" to figure out what the current live > > values are, I'd be more interested in a ptrace based replacement.. > > I also always thought that `ps -e' was live, but I went to check > on that, and now I'm not so sure it is. On both 4.x and 5.x (with > procfs mounted), I tried doing `ps -eww -p $$'. I got a list of > environment variables, and I tried adding or modifying a variable > and then re-entering the command. As near as I could tell, the > output did not change. So, it looks like the procfs implementation > is also just a copy of the variables as they were set when the > process initially started up. As I said above, no, this is not the case. It works unless you add a new environment variable to the vector. This causes us to realloc() the envv list and ps -e can't find it anymore. All it can see is the original vector which points to some still-shared strings. The situation isn't helped by things like shells that hand-craft a brand-new environ string that shares none of the original memory. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com "All of this is for nothing if we don't go to the stars" - JMS/B5 From owner-freebsd-arch@FreeBSD.ORG Thu Dec 9 09:19:39 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 643FA16A4CE; Thu, 9 Dec 2004 09:19:39 +0000 (GMT) Received: from relay.vertex.kz (butya-gw.butya.kz [212.19.129.142]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9EA6943D58; Thu, 9 Dec 2004 09:19:37 +0000 (GMT) (envelope-from bp@vertex.kz) Received: from lion.butya.kz (localhost [127.0.0.1]) by relay.vertex.kz (Postfix) with SMTP id DB9975BDB; Thu, 9 Dec 2004 15:19:32 +0600 (ALMT) Received: from relay.vertex.kz (localhost [127.0.0.1]) by localhost.vertex.kz (Postfix) with ESMTP id B197B5BA9; Thu, 9 Dec 2004 15:19:32 +0600 (ALMT) Received: by relay.vertex.kz (Postfix, from userid 1000) id A97CC5AF7; Thu, 9 Dec 2004 15:19:32 +0600 (ALMT) Date: Thu, 9 Dec 2004 15:19:32 +0600 From: Boris Popov To: Robert Watson Message-ID: <20041209091932.GA14988@vertex.kz> References: <79552.1102327805@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.6i cc: arch@freebsd.org cc: Poul-Henning Kamp Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Dec 2004 09:19:39 -0000 On Mon, Dec 06, 2004 at 04:56:21PM +0000, Robert Watson wrote: > > > FYI, I have a substantial work in progress in the netperf branch to bring > fine-grained locking to IPX/SPX, as well as to clean up a number of > elements of its implementions (for example, moving the the queue(9) > macros. While I'm currently a bit stalled on it due to being overwhelmed > at work (etc), my hope was to get the Giant-free IPX pieces working early > next year. I think there's a reference to this on the SMPng page showing These are perfect news. As the former active maintainer of IPX protocol stack and the author of NWFS I'm receive notable amount of complains about IPX support in 5.X as people upgrade boxes from 4.X. For some people it works but nwfs doesn't and vise versa. Addressing phk's request about removal: there was exactly 93 questions related to ipx/nwfs in November. This indeed encourages me to fix them. Although, I can't promise anything at this point because earning on life doesn't left much free time these days. -- Boris Popov http://rbp.euro.ru From owner-freebsd-arch@FreeBSD.ORG Thu Dec 9 14:19:34 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 606B316A4CE; Thu, 9 Dec 2004 14:19:34 +0000 (GMT) Received: from pooker.samsco.org (pooker.samsco.org [168.103.85.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 02E0B43D54; Thu, 9 Dec 2004 14:19:34 +0000 (GMT) (envelope-from scottl@freebsd.org) Received: from [192.168.1.102] (CPE000625f86c85-CM000e5c22aba0.cpe.net.cable.rogers.com [69.193.110.163] (may be forged)) (authenticated bits=0) by pooker.samsco.org (8.12.11/8.12.10) with ESMTP id iB9ELhK3021057; Thu, 9 Dec 2004 07:21:45 -0700 (MST) (envelope-from scottl@freebsd.org) Message-ID: <41B85EF6.5090008@freebsd.org> Date: Thu, 09 Dec 2004 07:19:34 -0700 From: Scott Long User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20040929 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Boris Popov References: <79552.1102327805@critter.freebsd.dk> <20041209091932.GA14988@vertex.kz> In-Reply-To: <20041209091932.GA14988@vertex.kz> X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=3.8 tests=none autolearn=no version=2.63 X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on pooker.samsco.org cc: arch@freebsd.org cc: Poul-Henning Kamp cc: Robert Watson Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Dec 2004 14:19:34 -0000 Boris Popov wrote: > On Mon, Dec 06, 2004 at 04:56:21PM +0000, Robert Watson wrote: > >> >>FYI, I have a substantial work in progress in the netperf branch to bring >>fine-grained locking to IPX/SPX, as well as to clean up a number of >>elements of its implementions (for example, moving the the queue(9) >>macros. While I'm currently a bit stalled on it due to being overwhelmed >>at work (etc), my hope was to get the Giant-free IPX pieces working early >>next year. I think there's a reference to this on the SMPng page showing > > > These are perfect news. As the former active maintainer of IPX > protocol stack and the author of NWFS I'm receive notable amount of complains > about IPX support in 5.X as people upgrade boxes from 4.X. For some > people it works but nwfs doesn't and vise versa. > > Addressing phk's request about removal: there was exactly 93 > questions related to ipx/nwfs in November. This indeed encourages me to > fix them. Although, I can't promise anything at this point because > earning on life doesn't left much free time these days. > Boris, This is wonderful news too! If you have any questions or need help with testing, please don't hesitate to ask. Scott From owner-freebsd-arch@FreeBSD.ORG Thu Dec 9 15:16:19 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 774A016A4CE; Thu, 9 Dec 2004 15:16:19 +0000 (GMT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id ECFB043D2D; Thu, 9 Dec 2004 15:16:18 +0000 (GMT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.13.1/8.13.1) with ESMTP id iB9FDnpW055298; Thu, 9 Dec 2004 10:13:49 -0500 (EST) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)iB9FDnji055295; Thu, 9 Dec 2004 15:13:49 GMT (envelope-from robert@fledge.watson.org) Date: Thu, 9 Dec 2004 15:13:49 +0000 (GMT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Scott Long In-Reply-To: <41B85EF6.5090008@freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: Boris Popov cc: Poul-Henning Kamp cc: arch@freebsd.org Subject: Re: [HEADSUP] IPX and NWFS to be killed in -current. X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Dec 2004 15:16:19 -0000 On Thu, 9 Dec 2004, Scott Long wrote: > >>FYI, I have a substantial work in progress in the netperf branch to bring > >>fine-grained locking to IPX/SPX, as well as to clean up a number of > >>elements of its implementions (for example, moving the the queue(9) > >>macros. While I'm currently a bit stalled on it due to being overwhelmed > >>at work (etc), my hope was to get the Giant-free IPX pieces working early > >>next year. I think there's a reference to this on the SMPng page showing > > > > These are perfect news. As the former active maintainer of IPX > > protocol stack and the author of NWFS I'm receive notable amount of complains > > about IPX support in 5.X as people upgrade boxes from 4.X. For some > > people it works but nwfs doesn't and vise versa. > > > > Addressing phk's request about removal: there was exactly 93 > > questions related to ipx/nwfs in November. This indeed encourages me to > > fix them. Although, I can't promise anything at this point because > > earning on life doesn't left much free time these days. > > This is wonderful news too! If you have any questions or need help with > testing, please don't hesitate to ask. The elements I can easily work on here are: - IPX cleanup and locking, in particular, normalizing the data structures, moving to queue(9) from custom lists, locking of the pcb lists and pcbs, and interactions with socket locking. The basic IPX pieces should fall out pretty easily; I need to look more closely at SPX before passing judgement there. - Writing some simple IPX/SPX regression suites for loopback traffic and ethernet traffic. I'm less qualified, and insufficiently available, to work with the NCP protocol pieces, or the file system pieces, and other hands there would be most welcome. As with the NFS client, smb client, etc, there's not an immediate pressure to get netncp and nwfs able to run without the Giant lock, especially since netncp doesn't use socket upcalls, but as Giant pushes down on VFS, it's probably an increasingly good idea to do that. I anticipate being available to start working on IPX/SPX again sometime in late January or early Feburary, although I may be able to start on the regression tests to diagnose any current problems a bit before that. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Principal Research Scientist, McAfee Research From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 04:59:12 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 24A3116A4CE for ; Fri, 10 Dec 2004 04:59:12 +0000 (GMT) Received: from pd4mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6933243D58 for ; Fri, 10 Dec 2004 04:59:11 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd2mr4so.prod.shaw.ca (pd2mr4so-qfe3.prod.shaw.ca [10.0.141.107]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8H006SOPTKU110@l-daemon> for freebsd-arch@freebsd.org; Thu, 09 Dec 2004 21:58:32 -0700 (MST) Received: from pn2ml8so.prod.shaw.ca ([10.0.121.152]) by pd2mr4so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8H00DUFPTHXE60@pd2mr4so.prod.shaw.ca> for freebsd-arch@freebsd.org; Thu, 09 Dec 2004 21:58:29 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0I8H00C4QPTG7A@l-daemon> for freebsd-arch@freebsd.org; Thu, 09 Dec 2004 21:58:29 -0700 (MST) Date: Thu, 09 Dec 2004 20:58:27 -0800 From: Colin Percival To: freebsd-arch@freebsd.org Message-id: <41B92CF3.2090302@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) Subject: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 04:59:12 -0000 I'd like to add a new library for lightweight barebones RSA computations, and associated commandline rsa-makekey, rsa-sign, and rsa-verify utilities. To a certain extent, this duplicates existing functionality (openssl), but I think my code has important advantages which justify the duplication: 1. It is lightweight (around 2% of the size of openssl), which may allow it to be used in memory-limited environments, 2. It is far more auditable, due to its smaller size, and 3. It is designed for security rather than performance; I made certain design decisions which result in my code being rather slower than openssl as a result of a desire to avoid potential attack vectors. My reason for wanting to add this code is that I'm using it in FreeBSD Update (and recently portsnap as well) and this is the first step towards migrating that into the base system. Any objections? Colin Percival From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 07:57:23 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 85D7D16A4CE for ; Fri, 10 Dec 2004 07:57:23 +0000 (GMT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 29CA743D4C for ; Fri, 10 Dec 2004 07:57:23 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id CDF56ACAFB; Fri, 10 Dec 2004 08:57:20 +0100 (CET) Date: Fri, 10 Dec 2004 08:57:20 +0100 From: Pawel Jakub Dawidek To: Colin Percival Message-ID: <20041210075720.GR1130@darkness.comp.waw.pl> References: <41B92CF3.2090302@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="2qwbT0JTInWqknst" Content-Disposition: inline In-Reply-To: <41B92CF3.2090302@wadham.ox.ac.uk> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 07:57:23 -0000 --2qwbT0JTInWqknst Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Dec 09, 2004 at 08:58:27PM -0800, Colin Percival wrote: +> I'd like to add a new library for lightweight barebones RSA +> computations, and associated commandline rsa-makekey, rsa-sign, +> and rsa-verify utilities. +>=20 +> To a certain extent, this duplicates existing functionality +> (openssl), but I think my code has important advantages which +> justify the duplication: +> 1. It is lightweight (around 2% of the size of openssl), which +> may allow it to be used in memory-limited environments, You compered size of the source or compiled library? Compiled openssl library isn't too big... PS. This is not a 'no' voice. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --2qwbT0JTInWqknst Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFBuVbgForvXbEpPzQRAnctAJ9BLPEN6OGEK4Ri54OVT1lRDjFevgCfZ+HE HxPzwjyQHqoK/jcVSOiEUKQ= =J93y -----END PGP SIGNATURE----- --2qwbT0JTInWqknst-- From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 08:07:21 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D823616A4CE; Fri, 10 Dec 2004 08:07:21 +0000 (GMT) Received: from pd4mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4405543D5A; Fri, 10 Dec 2004 08:07:19 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd3mr3so.prod.shaw.ca (pd3mr3so-qfe3.prod.shaw.ca [10.0.141.179]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8H00BKDYK6LN40@l-daemon>; Fri, 10 Dec 2004 01:07:18 -0700 (MST) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd3mr3so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8H00JMYYK6ERO0@pd3mr3so.prod.shaw.ca>; Fri, 10 Dec 2004 01:07:18 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42])2003)) with ESMTP id <0I8H00J3BYK61U@l-daemon>; Fri, 10 Dec 2004 01:07:18 -0700 (MST) Date: Fri, 10 Dec 2004 00:07:17 -0800 From: Colin Percival In-reply-to: <20041210075720.GR1130@darkness.comp.waw.pl> To: Pawel Jakub Dawidek Message-id: <41B95935.10505@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041210075720.GR1130@darkness.comp.waw.pl> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 08:07:22 -0000 Pawel Jakub Dawidek wrote: > On Thu, Dec 09, 2004 at 08:58:27PM -0800, Colin Percival wrote: > +> 1. It is lightweight (around 2% of the size of openssl), which > +> may allow it to be used in memory-limited environments, > > You compered size of the source or compiled library? > Compiled openssl library isn't too big... I was comparing /usr/lib/libcrypto.a (1.7 MB on my system) to the sum of the sizes of the object files built from my library code (38 kB). If you look at the number of lines of C files (counted using `wc -l` since I don't want to bother installing sloccount), my code is 1489 lines compared to openssl's 202982 lines. Colin Percival From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 08:20:16 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D014916A4CE for ; Fri, 10 Dec 2004 08:20:16 +0000 (GMT) Received: from storm.uk.FreeBSD.org (storm.uk.FreeBSD.org [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4C86D43D2F for ; Fri, 10 Dec 2004 08:20:16 +0000 (GMT) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (uucp@localhost [127.0.0.1]) by storm.uk.FreeBSD.org (8.13.1/8.13.1) with ESMTP id iBA8KDc0059577; Fri, 10 Dec 2004 08:20:14 GMT (envelope-from mark@grondar.org) Received: (from uucp@localhost)iBA8KC6H059576; Fri, 10 Dec 2004 08:20:12 GMT (envelope-from mark@grondar.org) Received: from grondar.org (localhost [127.0.0.1]) by grovel.grondar.org (8.13.1/8.13.1) with ESMTP id iBA8FTWw085726; Fri, 10 Dec 2004 08:15:29 GMT (envelope-from mark@grondar.org) Message-Id: <200412100815.iBA8FTWw085726@grovel.grondar.org> X-Mailer: exmh version 2.7.0 06/18/2004 with nmh-1.0.4 To: Colin Percival From: Mark Murray In-Reply-To: Your message of "Fri, 10 Dec 2004 00:07:17 PST." <41B95935.10505@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 10 Dec 2004 08:15:29 +0000 Sender: mark@grondar.org cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 08:20:16 -0000 Colin Percival writes: > I was comparing /usr/lib/libcrypto.a (1.7 MB on my system) to the sum > of the sizes of the object files built from my library code (38 kB). > > If you look at the number of lines of C files (counted using `wc -l` > since I don't want to bother installing sloccount), my code is 1489 > lines compared to openssl's 202982 lines. Do you have a version of your code linked against OpenSSL? What is the size difference between a static link of your code vs a static link against OpenSSL? M -- Mark Murray iumop ap!sdn w,I idlaH From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 09:08:04 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6C77416A4CE; Fri, 10 Dec 2004 09:08:04 +0000 (GMT) Received: from pd4mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF0B143D72; Fri, 10 Dec 2004 09:08:03 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd4mr7so.prod.shaw.ca (pd4mr7so-qfe3.prod.shaw.ca [10.0.141.84])2004)) with ESMTP id <0I8I00JQU1DF5G60@l-daemon>; Fri, 10 Dec 2004 02:08:03 -0700 (MST) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd4mr7so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8I00CO71DF5CK0@pd4mr7so.prod.shaw.ca>; Fri, 10 Dec 2004 02:08:03 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42])2003)) with ESMTP id <0I8I0097L1DE8J@l-daemon>; Fri, 10 Dec 2004 02:08:03 -0700 (MST) Date: Fri, 10 Dec 2004 01:08:02 -0800 From: Colin Percival In-reply-to: <200412100815.iBA8FTWw085726@grovel.grondar.org> To: Mark Murray Message-id: <41B96772.4010000@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <200412100815.iBA8FTWw085726@grovel.grondar.org> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 09:08:04 -0000 Mark Murray wrote: > Colin Percival writes: >>I was comparing /usr/lib/libcrypto.a (1.7 MB on my system) to the sum >>of the sizes of the object files built from my library code (38 kB). >> >>If you look at the number of lines of C files (counted using `wc -l` >>since I don't want to bother installing sloccount), my code is 1489 >>lines compared to openssl's 202982 lines. > > Do you have a version of your code linked against OpenSSL? What is the > size difference between a static link of your code vs a static link > against OpenSSL? I don't have a version using openssl, but my key generation program (statically linked against my crypto code) is 37kB, while a program which calls RSA_generate_key (statically linked against openssl) is 240kB. So even under the most favourable conditions (adding overhead to my code but not to openssl) it's a size ratio of more than 6. Colin Percival From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 09:24:08 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 525EB16A4CE for ; Fri, 10 Dec 2004 09:24:08 +0000 (GMT) Received: from smtp02.syd.iprimus.net.au (smtp02.syd.iprimus.net.au [210.50.76.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1916943D41 for ; Fri, 10 Dec 2004 09:24:08 +0000 (GMT) (envelope-from tim@robbins.dropbear.id.au) Received: from robbins.dropbear.id.au (210.50.44.157) by smtp02.syd.iprimus.net.au (7.0.036) id 41A76DCB005E6C38; Fri, 10 Dec 2004 20:24:06 +1100 Received: by robbins.dropbear.id.au (Postfix, from userid 1000) id 111CA4266; Fri, 10 Dec 2004 20:24:55 +1100 (EST) Date: Fri, 10 Dec 2004 20:24:55 +1100 From: Tim Robbins To: Colin Percival Message-ID: <20041210092455.GB27181@cat.robbins.dropbear.id.au> References: <41B92CF3.2090302@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41B92CF3.2090302@wadham.ox.ac.uk> User-Agent: Mutt/1.4.1i cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 09:24:08 -0000 On Thu, Dec 09, 2004 at 08:58:27PM -0800, Colin Percival wrote: > I'd like to add a new library for lightweight barebones RSA > computations, and associated commandline rsa-makekey, rsa-sign, > and rsa-verify utilities. This sounds good to me. I recently found myself writing a similarly stripped-down library for performing RSA signatures due to licensing problems with OpenSSL (obnoxious advertising clauses, GPL incompatibility). Can you be a little more specific about what your library supports? What format does it expect keys to be in? What format does it store signatures in? Tim From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 09:35:28 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C083516A4CE; Fri, 10 Dec 2004 09:35:28 +0000 (GMT) Received: from pd3mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 83D7143D2F; Fri, 10 Dec 2004 09:35:28 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd3mr8so.prod.shaw.ca (pd3mr8so-qfe3.prod.shaw.ca [10.0.141.24])2004)) with ESMTP id <0I8I008302N4IPA0@l-daemon>; Fri, 10 Dec 2004 02:35:28 -0700 (MST) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd3mr8so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8I00HFT2N43810@pd3mr8so.prod.shaw.ca>; Fri, 10 Dec 2004 02:35:28 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42])2003)) with ESMTP id <0I8I00N0K2N33R@l-daemon>; Fri, 10 Dec 2004 02:35:28 -0700 (MST) Date: Fri, 10 Dec 2004 01:35:27 -0800 From: Colin Percival In-reply-to: <20041210092455.GB27181@cat.robbins.dropbear.id.au> To: Tim Robbins Message-id: <41B96DDF.2080304@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041210092455.GB27181@cat.robbins.dropbear.id.au> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 09:35:28 -0000 Tim Robbins wrote: > Can you be a little more specific about what your library supports? RSA -- key generation, signing, verification, encryption, decryption. > What > format does it expect keys to be in? What format does it store signatures in? Everything is an integer of keylen/8 bytes. The value of the integer x[] is x[0] + x[1] * 2^8 + x[2] * 2^16 + ... Keeping track of details -- like the keylength, or allocating temporary working space -- is left up to the caller; my library functions take a set of pointers to arrays of bytes, integer length(s), and a pointer to preallocated working space (of size depending upon the key length). Colin Percival From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 10:15:14 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F0C3316A4CF for ; Fri, 10 Dec 2004 10:15:14 +0000 (GMT) Received: from storm.uk.FreeBSD.org (storm.uk.FreeBSD.org [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B48A43D55 for ; Fri, 10 Dec 2004 10:15:14 +0000 (GMT) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (uucp@localhost [127.0.0.1]) by storm.uk.FreeBSD.org (8.13.1/8.13.1) with ESMTP id iBAAFCaq061615; Fri, 10 Dec 2004 10:15:12 GMT (envelope-from mark@grondar.org) Received: (from uucp@localhost)iBAAFBBt061614; Fri, 10 Dec 2004 10:15:11 GMT (envelope-from mark@grondar.org) Received: from grondar.org (localhost [127.0.0.1]) by grovel.grondar.org (8.13.1/8.13.1) with ESMTP id iBAAEict086798; Fri, 10 Dec 2004 10:14:44 GMT (envelope-from mark@grondar.org) Message-Id: <200412101014.iBAAEict086798@grovel.grondar.org> To: Colin Percival From: Mark Murray In-Reply-To: Your message of "Fri, 10 Dec 2004 01:08:02 PST." <41B96772.4010000@wadham.ox.ac.uk> Date: Fri, 10 Dec 2004 10:14:44 +0000 Sender: mark@grondar.org cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 10:15:15 -0000 Colin Percival writes: > Mark Murray wrote: > > Colin Percival writes: > >>I was comparing /usr/lib/libcrypto.a (1.7 MB on my system) to the sum > >>of the sizes of the object files built from my library code (38 kB). > >> > >>If you look at the number of lines of C files (counted using `wc -l` > >>since I don't want to bother installing sloccount), my code is 1489 > >>lines compared to openssl's 202982 lines. > > > > Do you have a version of your code linked against OpenSSL? What is the > > size difference between a static link of your code vs a static link > > against OpenSSL? > > I don't have a version using openssl, but my key generation program > (statically linked against my crypto code) is 37kB, while a program > which calls RSA_generate_key (statically linked against openssl) is > 240kB. So even under the most favourable conditions (adding overhead > to my code but not to openssl) it's a size ratio of more than 6. Hmm. I must profess to having a degree of discomfort with duplicated functionality. 240k is not a big binary, and it sounds like your applet is one that may get heavy use. Its not built for speed; how much of a problem is this? If OpenSSL grows hardware BigNum support, your app will not benefit; how will this affect the user? Is size really a concern? I can't find a disk smaller than 10 GB at my local dealer. M -- Mark Murray iumop ap!sdn w,I idlaH From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 10:24:45 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D80DD16A4CE; Fri, 10 Dec 2004 10:24:45 +0000 (GMT) Received: from xorpc.icir.org (xorpc.icir.org [192.150.187.68]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9F14C43D5E; Fri, 10 Dec 2004 10:24:45 +0000 (GMT) (envelope-from rizzo@icir.org) Received: from xorpc.icir.org (localhost [127.0.0.1]) by xorpc.icir.org (8.12.11/8.12.8) with ESMTP id iBAAOiOB011963; Fri, 10 Dec 2004 02:24:44 -0800 (PST) (envelope-from rizzo@xorpc.icir.org) Received: (from rizzo@localhost) by xorpc.icir.org (8.12.11/8.12.3/Submit) id iBAAOiNH011962; Fri, 10 Dec 2004 02:24:44 -0800 (PST) (envelope-from rizzo) Date: Fri, 10 Dec 2004 02:24:44 -0800 From: Luigi Rizzo To: Mark Murray Message-ID: <20041210022444.A11833@xorpc.icir.org> References: <41B96772.4010000@wadham.ox.ac.uk> <200412101014.iBAAEict086798@grovel.grondar.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <200412101014.iBAAEict086798@grovel.grondar.org>; from markm@freebsd.org on Fri, Dec 10, 2004 at 10:14:44AM +0000 cc: Colin Percival cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 10:24:46 -0000 On Fri, Dec 10, 2004 at 10:14:44AM +0000, Mark Murray wrote: ... > > >>I was comparing /usr/lib/libcrypto.a (1.7 MB on my system) to the sum > > >>of the sizes of the object files built from my library code (38 kB). > > >> > > >>If you look at the number of lines of C files (counted using `wc -l` > > >>since I don't want to bother installing sloccount), my code is 1489 > > >>lines compared to openssl's 202982 lines. ... > > I don't have a version using openssl, but my key generation program > > (statically linked against my crypto code) is 37kB, while a program > > which calls RSA_generate_key (statically linked against openssl) is > > 240kB. So even under the most favourable conditions (adding overhead > > to my code but not to openssl) it's a size ratio of more than 6. > > Hmm. > > I must profess to having a degree of discomfort with duplicated > functionality. on the other hand, there are far too many reasons to prefer a small implementation over a dinosaur like openssl. Consider that people do use freebsd for small appliances where size does count, even for the time it takes to load and initialize all the unused code, and navigate through lists of indirections to reach the methods you actually need. But size apart, it does not give me a huge sense of security to use a 200k-lines-of-code library to do something that could be done in 1500. Even if highly scrutinized, 200k-lines is far beyond the review ability of the average human being, so the chance of bugs, however stupid they can be (but security holes are often like this) is a lot higher. cheers luigi > 240k is not a big binary, and it sounds like your applet is one that > may get heavy use. Its not built for speed; how much of a problem is > this? If OpenSSL grows hardware BigNum support, your app will not > benefit; how will this affect the user? Is size really a concern? > I can't find a disk smaller than 10 GB at my local dealer. > > M > -- > Mark Murray > iumop ap!sdn w,I idlaH > _______________________________________________ > freebsd-arch@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-arch > To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org" From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 11:37:59 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1D9516A4CE; Fri, 10 Dec 2004 11:37:59 +0000 (GMT) Received: from smtp2.server.rpi.edu (smtp2.server.rpi.edu [128.113.2.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7077143D2F; Fri, 10 Dec 2004 11:37:59 +0000 (GMT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp2.server.rpi.edu (8.13.0/8.13.0) with ESMTP id iBABbq24002807; Fri, 10 Dec 2004 06:37:53 -0500 Mime-Version: 1.0 Message-Id: In-Reply-To: <200412101014.iBAAEict086798@grovel.grondar.org> References: <200412101014.iBAAEict086798@grovel.grondar.org> Date: Fri, 10 Dec 2004 06:37:52 -0500 To: Mark Murray , Colin Percival From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-CanItPRO-Stream: default X-RPI-SA-Score: undef - spam-scanning disabled X-Scanned-By: CanIt (www . canit . ca) cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 11:38:00 -0000 At 10:14 AM +0000 12/10/04, Mark Murray wrote: > >I must profess to having a degree of discomfort with duplicated >functionality. > >240k is not a big binary, and it sounds like your applet is one >that may get heavy use. Its not built for speed; how much of a >problem is this? Probably not any more than size... How much faster is hardware now than it was when RSA was first written? >If OpenSSL grows hardware BigNum support, your app will not >benefit; how will this affect the user? Is size really a concern? >I can't find a disk smaller than 10 GB at my local dealer. I am usually not too comfortable with duplication either, but I must confess that OpenSSL gives me a headache whenever I try to use it for much of anything. On the other hand, I have never actually used it for RSA :-) I will make a mild vote in favor of a small, well-written library for RSA, but I do not feel very strongly about it. -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 13:09:11 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F038F16A4CE; Fri, 10 Dec 2004 13:09:11 +0000 (GMT) Received: from smtpq3.home.nl (smtpq3.home.nl [213.51.128.198]) by mx1.FreeBSD.org (Postfix) with ESMTP id 19B2143D48; Fri, 10 Dec 2004 13:09:11 +0000 (GMT) (envelope-from dodell@sitetronics.com) Received: from [213.51.128.135] (port=56487 helo=smtp4.home.nl) by smtpq3.home.nl with esmtp (Exim 4.30) id 1CckWE-0000FO-1w; Fri, 10 Dec 2004 14:09:10 +0100 Received: from cc740438-a.deven1.ov.home.nl ([82.75.136.183]:4445 helo=[192.168.1.42]) by smtp4.home.nl with esmtp (Exim 4.30) id 1CckWB-0000p1-10; Fri, 10 Dec 2004 14:09:07 +0100 Message-ID: <41B99FF4.2070703@sitetronics.com> Date: Fri, 10 Dec 2004 14:09:08 +0100 From: "Devon H. O'Dell" User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Mark Murray References: <200412101014.iBAAEict086798@grovel.grondar.org> In-Reply-To: <200412101014.iBAAEict086798@grovel.grondar.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-AtHome-MailScanner-Information: Please contact support@home.nl for more information X-AtHome-MailScanner: Found to be clean cc: Colin Percival cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 13:09:12 -0000 Mark Murray wrote: > Colin Percival writes: > >>Mark Murray wrote: >> >>>Colin Percival writes: >>> >>>>I was comparing /usr/lib/libcrypto.a (1.7 MB on my system) to the sum >>>>of the sizes of the object files built from my library code (38 kB). >>>> >>>>If you look at the number of lines of C files (counted using `wc -l` >>>>since I don't want to bother installing sloccount), my code is 1489 >>>>lines compared to openssl's 202982 lines. >>> >>>Do you have a version of your code linked against OpenSSL? What is the >>>size difference between a static link of your code vs a static link >>>against OpenSSL? >> >>I don't have a version using openssl, but my key generation program >>(statically linked against my crypto code) is 37kB, while a program >>which calls RSA_generate_key (statically linked against openssl) is >>240kB. So even under the most favourable conditions (adding overhead >>to my code but not to openssl) it's a size ratio of more than 6. > > > Hmm. > > I must profess to having a degree of discomfort with duplicated > functionality. > > 240k is not a big binary, and it sounds like your applet is one that > may get heavy use. Its not built for speed; how much of a problem is > this? If OpenSSL grows hardware BigNum support, your app will not > benefit; how will this affect the user? Is size really a concern? > I can't find a disk smaller than 10 GB at my local dealer. I use CompactFlash cards to run FreeBSD on some systems, and the smallest is 16MB. This would be a very welcomed library for such a system. A good few people are using solid-state disks for data storage in FreeBSD these days, especially those of us doing work on embedded systems. When you have several binaries linking against OpenSSL, that 240k can take up a lot of space, very quickly. > M > -- > Mark Murray > iumop ap!sdn w,I idlaH Hope I didn't sound callous; that's not my intention. Kind regards, Devon H. O'Dell From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 13:25:14 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3201716A4CF; Fri, 10 Dec 2004 13:25:14 +0000 (GMT) Received: from storm.uk.FreeBSD.org (storm.uk.FreeBSD.org [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C98F43D48; Fri, 10 Dec 2004 13:25:13 +0000 (GMT) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (uucp@localhost [127.0.0.1]) by storm.uk.FreeBSD.org (8.13.1/8.13.1) with ESMTP id iBADPBFh063661; Fri, 10 Dec 2004 13:25:11 GMT (envelope-from mark@grondar.org) Received: (from uucp@localhost)iBADPAN8063659; Fri, 10 Dec 2004 13:25:10 GMT (envelope-from mark@grondar.org) Received: from grondar.org (localhost [127.0.0.1]) by grovel.grondar.org (8.13.1/8.13.1) with ESMTP id iBADMDQD088479; Fri, 10 Dec 2004 13:22:13 GMT (envelope-from mark@grondar.org) Message-Id: <200412101322.iBADMDQD088479@grovel.grondar.org> To: "Devon H. O'Dell" From: Mark Murray In-Reply-To: Your message of "Fri, 10 Dec 2004 14:09:08 +0100." <41B99FF4.2070703@sitetronics.com> Date: Fri, 10 Dec 2004 13:22:13 +0000 Sender: mark@grondar.org cc: Mark Murray cc: Colin Percival cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 13:25:14 -0000 "Devon H. O'Dell" writes: > > 240k is not a big binary, and it sounds like your applet is one that > > may get heavy use. Its not built for speed; how much of a problem is > > this? If OpenSSL grows hardware BigNum support, your app will not > > benefit; how will this affect the user? Is size really a concern? I > > can't find a disk smaller than 10 GB at my local dealer. > > I use CompactFlash cards to run FreeBSD on some systems, and the > smallest is 16MB. This would be a very welcomed library for such a > system. A good few people are using solid-state disks for data storage > in FreeBSD these days, especially those of us doing work on embedded > systems. FreeBSD is really aiming itself at the server market. While I sympathise with what you are doing, what you are doing is somewhat specialised, and is the sort of thing that lends itself to purpose-built tools. I guess that you are really on the side of a "no crypto" variant of FreeBSD, but with a few hand-picked ports chosen for your application. My reluctance to unconditionally accept a custom RSA library is based on the experience of having other duplicated technologies in the system, which then diverge and become a real PITN to select and support. IPFW, IPFilter anf PF are a good example of this. Previously we had libcrypto AND libdes; it took AGES to clean up that mess. > When you have several binaries linking against OpenSSL, that 240k can > take up a lot of space, very quickly. In the case of sharable libraries, not very quickly, and not really in a way that is causing a problem for desktops and servers. > Hope I didn't sound callous; that's not my intention. No callousness detected :-) M -- Mark Murray iumop ap!sdn w,I idlaH From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 13:48:09 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A39B16A4CE; Fri, 10 Dec 2004 13:48:09 +0000 (GMT) Received: from pittgoth.com (14.zlnp1.xdsl.nauticom.net [209.195.149.111]) by mx1.FreeBSD.org (Postfix) with ESMTP id A1C7443D46; Fri, 10 Dec 2004 13:48:08 +0000 (GMT) (envelope-from trhodes@FreeBSD.org) Received: from localhost (64-144-75-100.client.dsl.net [64.144.75.100]) (authenticated bits=0) by pittgoth.com (8.12.10/8.12.10) with ESMTP id iBADm6ag024978 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 10 Dec 2004 08:48:07 -0500 (EST) (envelope-from trhodes@FreeBSD.org) Date: Fri, 10 Dec 2004 08:48:13 -0500 From: Tom Rhodes To: Mark Murray Message-ID: <20041210084813.3adab69b@localhost> In-Reply-To: <200412101014.iBAAEict086798@grovel.grondar.org> References: <41B96772.4010000@wadham.ox.ac.uk> <200412101014.iBAAEict086798@grovel.grondar.org> X-Mailer: Sylpheed-Claws 0.9.12b (GTK+ 1.2.10; i386-portbld-freebsd5.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: Colin Percival cc: freebsd-arch@FreeBSD.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 13:48:09 -0000 On Fri, 10 Dec 2004 10:14:44 +0000 Mark Murray wrote: > Colin Percival writes: > > Mark Murray wrote: > > > Colin Percival writes: > > >>I was comparing /usr/lib/libcrypto.a (1.7 MB on my system) to the sum > > >>of the sizes of the object files built from my library code (38 kB). > > >> > > >>If you look at the number of lines of C files (counted using `wc -l` > > >>since I don't want to bother installing sloccount), my code is 1489 > > >>lines compared to openssl's 202982 lines. > > > > > > Do you have a version of your code linked against OpenSSL? What is the > > > size difference between a static link of your code vs a static link > > > against OpenSSL? > > > > I don't have a version using openssl, but my key generation program > > (statically linked against my crypto code) is 37kB, while a program > > which calls RSA_generate_key (statically linked against openssl) is > > 240kB. So even under the most favourable conditions (adding overhead > > to my code but not to openssl) it's a size ratio of more than 6. > > Hmm. > > I must profess to having a degree of discomfort with duplicated > functionality. See, right here I can agree. > > 240k is not a big binary, and it sounds like your applet is one that > may get heavy use. Its not built for speed; how much of a problem is > this? If OpenSSL grows hardware BigNum support, your app will not > benefit; how will this affect the user? Is size really a concern? > I can't find a disk smaller than 10 GB at my local dealer. Now with this last one, I think you're being a little difficult, Mark. Not to be rude, of course, if I come off as such I'm sorry. Either way, I think what Colin is proposing is a good idea. -- Tom Rhodes From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 16:02:46 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 22C2D16A4CE for ; Fri, 10 Dec 2004 16:02:46 +0000 (GMT) Received: from saturn.criticalmagic.com (saturn.criticalmagic.com [64.74.124.105]) by mx1.FreeBSD.org (Postfix) with ESMTP id DCF2843D45 for ; Fri, 10 Dec 2004 16:02:45 +0000 (GMT) (envelope-from rcoleman@criticalmagic.com) Received: from [10.40.30.75] (borg.ciphertrust.com [64.238.118.66]) by saturn.criticalmagic.com (Postfix) with ESMTP id 076593BD10; Fri, 10 Dec 2004 11:02:44 -0500 (EST) Message-ID: <41B9C8B1.2090600@criticalmagic.com> Date: Fri, 10 Dec 2004 11:02:57 -0500 From: Richard Coleman Organization: Critical Magic User-Agent: Mozilla Thunderbird 1.0RC1 (X11/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Colin Percival References: <41B92CF3.2090302@wadham.ox.ac.uk> In-Reply-To: <41B92CF3.2090302@wadham.ox.ac.uk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 16:02:46 -0000 Colin Percival wrote: > I'd like to add a new library for lightweight barebones RSA > computations, and associated commandline rsa-makekey, rsa-sign, and > rsa-verify utilities. > > To a certain extent, this duplicates existing functionality > (openssl), but I think my code has important advantages which justify > the duplication: 1. It is lightweight (around 2% of the size of > openssl), which may allow it to be used in memory-limited > environments, 2. It is far more auditable, due to its smaller size, > and 3. It is designed for security rather than performance; I made > certain design decisions which result in my code being rather slower > than openssl as a result of a desire to avoid potential attack > vectors. > > My reason for wanting to add this code is that I'm using it in > FreeBSD Update (and recently portsnap as well) and this is the first > step towards migrating that into the base system. > > Any objections? > > Colin Percival If the objective is to create a standard library for memory limited cryptography, then using elliptic curve cryptography would be more appropriate than RSA. But that may be too radical for most users. My primary concern about a new library is that as more applications use cryptography, the more openssl becomes a "sunk" cost. It's already there. So using an alternate library (even a small one) is an increase in memory utilization. Also, as Mark says, openssl is much more likely to grow hardware support for common crypto algorithms (like in the VIA chip). Just my random thoughts. Don't take this as a strenuous objection. Richard Coleman rcoleman@criticalmagic.com From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 16:57:44 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D947416A4CE; Fri, 10 Dec 2004 16:57:44 +0000 (GMT) Received: from pd4mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5B9E443D41; Fri, 10 Dec 2004 16:57:44 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd3mr5so.prod.shaw.ca (pd3mr5so-qfe3.prod.shaw.ca [10.0.141.12])2004)) with ESMTP id <0I8I009ZCN48IDA0@l-daemon>; Fri, 10 Dec 2004 09:57:44 -0700 (MST) Received: from pn2ml8so.prod.shaw.ca ([10.0.121.152]) by pd3mr5so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8I000VHN48W640@pd3mr5so.prod.shaw.ca>; Fri, 10 Dec 2004 09:57:44 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42])2003)) with ESMTP id <0I8I00BDFN47GU@l-daemon>; Fri, 10 Dec 2004 09:57:44 -0700 (MST) Date: Fri, 10 Dec 2004 08:57:42 -0800 From: Colin Percival In-reply-to: <200412101014.iBAAEict086798@grovel.grondar.org> To: Mark Murray Message-id: <41B9D586.5070403@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <200412101014.iBAAEict086798@grovel.grondar.org> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 16:57:45 -0000 Mark Murray wrote: > 240k is not a big binary, and it sounds like your applet is one that > may get heavy use. Unless you have a different definition of "heavy use" than me, no. I don't intend to replace openssl; I want some code for occasional high security purposes -- like verifying the integrity of binary security patches. > Is size really a concern? No. The size is a side-effect of having a minimal, highly secure, library, and was not a design consideration. Colin Percival From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 17:53:31 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 960AA16A4CF for ; Fri, 10 Dec 2004 17:53:31 +0000 (GMT) Received: from VARK.MIT.EDU (VARK.MIT.EDU [18.95.3.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1AA0D43D68 for ; Fri, 10 Dec 2004 17:53:31 +0000 (GMT) (envelope-from das@FreeBSD.ORG) Received: from VARK.MIT.EDU (localhost [127.0.0.1]) by VARK.MIT.EDU (8.13.1/8.13.1) with ESMTP id iBAHqiFA029060; Fri, 10 Dec 2004 12:52:44 -0500 (EST) (envelope-from das@FreeBSD.ORG) Received: (from das@localhost) by VARK.MIT.EDU (8.13.1/8.13.1/Submit) id iBAHqh3p029059; Fri, 10 Dec 2004 12:52:43 -0500 (EST) (envelope-from das@FreeBSD.ORG) Date: Fri, 10 Dec 2004 12:52:43 -0500 From: David Schultz To: Colin Percival Message-ID: <20041210175243.GA28803@VARK.MIT.EDU> Mail-Followup-To: Colin Percival , freebsd-arch@FreeBSD.ORG References: <41B92CF3.2090302@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41B92CF3.2090302@wadham.ox.ac.uk> cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 17:53:31 -0000 On Thu, Dec 09, 2004, Colin Percival wrote: > I'd like to add a new library for lightweight barebones RSA > computations, and associated commandline rsa-makekey, rsa-sign, > and rsa-verify utilities. > > To a certain extent, this duplicates existing functionality > (openssl), but I think my code has important advantages which > justify the duplication: > 1. It is lightweight (around 2% of the size of openssl), which > may allow it to be used in memory-limited environments, > 2. It is far more auditable, due to its smaller size, and > 3. It is designed for security rather than performance; I made > certain design decisions which result in my code being rather > slower than openssl as a result of a desire to avoid potential > attack vectors. > > My reason for wanting to add this code is that I'm using it > in FreeBSD Update (and recently portsnap as well) and this is > the first step towards migrating that into the base system. I'm not sure I agree with your point (2). My concern is that just because a library is small and open source doesn't mean it's secure. Consider, for instance, that Kerberos version 4 had design-level vulnerabilities that were unnoticed for well over a decade. The OpenSSL library has an advantage over yours in that it has been vetted by numerous cryptographers, owing to its popularity. Textbook descriptions of RSA are often deceptively simple, but turn out to have subtle flaws without the appropriate padding (e.g. OAEP) and careful key generation. Besides that, the OpenSSL developers have already been forced to address even more obscure problems such as timing analysis attacks. I don't mean to suggest that you're not aware of these issues, but this stuff can be tricky, and I've seen home-brewed cryptography (e.g. iterated hash construction) done wrong before. Moreover, your point (1) doesn't seem particularly relevant for FreeBSD. We don't target systems that lack sufficient memory for OpenSSL, and there are existing RSA implementations that are designed for embedded systems. From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 18:00:17 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1484616A4CF; Fri, 10 Dec 2004 18:00:17 +0000 (GMT) Received: from storm.uk.FreeBSD.org (storm.uk.FreeBSD.org [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6E28343D55; Fri, 10 Dec 2004 18:00:16 +0000 (GMT) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (uucp@localhost [127.0.0.1]) by storm.uk.FreeBSD.org (8.13.1/8.13.1) with ESMTP id iBAI0EoG066790; Fri, 10 Dec 2004 18:00:14 GMT (envelope-from mark@grondar.org) Received: (from uucp@localhost)iBAI0EeL066789; Fri, 10 Dec 2004 18:00:14 GMT (envelope-from mark@grondar.org) Received: from grondar.org (localhost [127.0.0.1]) by grovel.grondar.org (8.13.1/8.13.1) with ESMTP id iBAHt55A090986; Fri, 10 Dec 2004 17:55:05 GMT (envelope-from mark@grondar.org) Message-Id: <200412101755.iBAHt55A090986@grovel.grondar.org> X-Mailer: exmh version 2.7.0 06/18/2004 with nmh-1.0.4 To: Colin Percival From: Mark Murray In-Reply-To: Your message of "Fri, 10 Dec 2004 08:57:42 PST." <41B9D586.5070403@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 10 Dec 2004 17:55:05 +0000 Sender: mark@grondar.org cc: Mark Murray cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 18:00:17 -0000 Colin Percival writes: > > Is size really a concern? > > No. The size is a side-effect of having a minimal, highly secure, > library, and was not a design consideration. "New" very often means "Insecure". I'd rather see something with lots of eyes over it, and OpenSSL has the advantage of having quite a few competent crypto guys grovel through it. I'm still inclined to say "Please stick with OpenSSL; it is the devil we know." M -- Mark Murray iumop ap!sdn w,I idlaH From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 22:32:14 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9C39016A4CE for ; Fri, 10 Dec 2004 22:32:14 +0000 (GMT) Received: from mailserv1.neuroflux.com (mailserv1.neuroflux.com [204.228.228.92]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3132C43D3F for ; Fri, 10 Dec 2004 22:32:14 +0000 (GMT) (envelope-from ryans@gamersimpact.com) Received: (qmail 11783 invoked by uid 89); 10 Dec 2004 22:31:22 -0000 Received: from unknown (HELO www2.neuroflux.com) (127.0.0.1) by localhost with SMTP; 10 Dec 2004 22:31:22 -0000 Received: from 208.4.77.66 (SquirrelMail authenticated user ryans@gamersimpact.com); by www2.neuroflux.com with HTTP; Fri, 10 Dec 2004 15:31:22 -0700 (MST) Message-ID: <49534.208.4.77.66.1102717882.squirrel@208.4.77.66> In-Reply-To: <200412101755.iBAHt55A090986@grovel.grondar.org> References: Your message of "Fri, 10 Dec 2004 08:57:42 PST." <41B9D586.5070403@wadham.ox.ac.uk> <200412101755.iBAHt55A090986@grovel.grondar.org> Date: Fri, 10 Dec 2004 15:31:22 -0700 (MST) From: "Ryan Sommers" To: "Mark Murray" User-Agent: SquirrelMail/1.4.3a X-Mailer: SquirrelMail/1.4.3a MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal cc: Colin Percival cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 22:32:14 -0000 Mark Murray said: > Colin Percival writes: >> > Is size really a concern? >> >> No. The size is a side-effect of having a minimal, highly secure, >> library, and was not a design consideration. > > "New" very often means "Insecure". I'd rather see something with lots > of eyes over it, and OpenSSL has the advantage of having quite a few > competent crypto guys grovel through it. > > I'm still inclined to say "Please stick with OpenSSL; it is the devil > we know." I have to say I'm with Mark and das@ (I believe it was). As good as smaller and more efficeint sounds, when it comes to crypto libraries I'd rather stick with OpenSSL. It's definately a lot more source code, however, as stated above, it has quite a few more eyes on it as well. With more people working on OpenSSL and auditing it I feel more comfortable with a large developer-base familiar with the same code should an issue crop up. What happens if during a lapse of ENOTIME for you a bug comes up with the library and exposes a severe security flaw for an application making use of it? -- Ryan Sommers ryans@gamersimpact.com From owner-freebsd-arch@FreeBSD.ORG Fri Dec 10 23:03:14 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 49D7516A4CE; Fri, 10 Dec 2004 23:03:14 +0000 (GMT) Received: from pd3mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 901F943D45; Fri, 10 Dec 2004 23:03:13 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd5mr5so.prod.shaw.ca (pd5mr5so-qfe3.prod.shaw.ca [10.0.141.181]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8J005JV41DEUA0@l-daemon>; Fri, 10 Dec 2004 16:03:13 -0700 (MST) Received: from pn2ml3so.prod.shaw.ca ([10.0.121.147]) by pd5mr5so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8J00A3941DB680@pd5mr5so.prod.shaw.ca>; Fri, 10 Dec 2004 16:03:13 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42])2003)) with ESMTP id <0I8J0031R41CWA@l-daemon>; Fri, 10 Dec 2004 16:03:13 -0700 (MST) Date: Fri, 10 Dec 2004 15:03:10 -0800 From: Colin Percival In-reply-to: <49534.208.4.77.66.1102717882.squirrel@208.4.77.66> To: Ryan Sommers Message-id: <41BA2B2E.1070304@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: "Your message of Fri, 10 Dec 2004 08:57:42 PST." <41B9D586.5070403@wadham.ox.ac.uk> <200412101755.iBAHt55A090986@grovel.grondar.org> <49534.208.4.77.66.1102717882.squirrel@208.4.77.66> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 10 Dec 2004 23:03:14 -0000 Ryan Sommers wrote: > I have to say I'm with Mark and das@ (I believe it was). As good as > smaller and more efficeint sounds, when it comes to crypto libraries I'd ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > rather stick with OpenSSL. You're missing the point. I'm not talking about "smaller and more efficient". I'm talking about "smaller and more secure". > It's definately a lot more source code, > however, as stated above, it has quite a few more eyes on it as well. Openssl has had 8 significant security flaws fixed in the past two years. Yes, they have more eyes looking at their code -- but even if they've found 80% of the security problems in the past two years, that still leaves two major security flaws left. Further, speaking from my experience on secteam, I'm more than a little dubious of the "many eyes" concept anyway (at least when it comes to security issues); the amount of time that security flaws sit in our tree before anyone notices them is rather depressing. > What happens if during a lapse of ENOTIME for you a bug > comes up with the library and exposes a severe security flaw for an > application making use of it? In that case, the 9410 people (at last count) who have used FreeBSD Update in the past couple of years are already in trouble. :-) Colin Percival From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 02:05:21 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB31316A4CE for ; Sat, 11 Dec 2004 02:05:20 +0000 (GMT) Received: from dragon.nuxi.com (trang.nuxi.com [66.93.134.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8673C43D2D for ; Sat, 11 Dec 2004 02:05:20 +0000 (GMT) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.13.1/8.13.1) with ESMTP id iBB25JAV074930; Fri, 10 Dec 2004 18:05:19 -0800 (PST) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.13.1/8.13.1/Submit) id iBB25Jvr074929; Fri, 10 Dec 2004 18:05:19 -0800 (PST) (envelope-from obrien) Date: Fri, 10 Dec 2004 18:05:18 -0800 From: "David O'Brien" To: Colin Percival Message-ID: <20041211020518.GA74718@dragon.nuxi.com> References: <41B92CF3.2090302@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41B92CF3.2090302@wadham.ox.ac.uk> User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD 6.0-CURRENT Organization: The NUXI BSD Group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-arch@freebsd.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 02:05:21 -0000 On Thu, Dec 09, 2004 at 08:58:27PM -0800, Colin Percival wrote: > I'd like to add a new library for lightweight barebones RSA > computations, and associated commandline rsa-makekey, rsa-sign, > and rsa-verify utilities. .. > Any objections? Without a stronger justification than what was given in this thread, I have to side with Mark Murry and David Schultz. While your library may be perfect for your FreeBSD Update; I fear it may become the /usr/src fad to use your library over OpenSSL, even in cases where speed and HW support is important. I am also concerned about a future found security problem that you are ETOOBUSY to deal with and someone else totally unfamiliar with the code has to deal with it. At the moment, I think your library code should just be part of your FreeBSD Update code if you find you simply cannot use OpenSSL. Or make your library a port in which only a static library is provided. -- -- David (obrien@FreeBSD.org) From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 02:21:50 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 53A3E16A4CE; Sat, 11 Dec 2004 02:21:50 +0000 (GMT) Received: from mail.vicor-nb.com (bigwoop.vicor-nb.com [208.206.78.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14DBE43D53; Sat, 11 Dec 2004 02:21:48 +0000 (GMT) (envelope-from julian@elischer.org) Received: from elischer.org (julian.vicor-nb.com [208.206.78.97]) by mail.vicor-nb.com (Postfix) with ESMTP id C58B77A403; Fri, 10 Dec 2004 18:21:47 -0800 (PST) Message-ID: <41BA59BB.1020108@elischer.org> Date: Fri, 10 Dec 2004 18:21:47 -0800 From: Julian Elischer User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.3.1) Gecko/20030516 X-Accept-Language: en, hu MIME-Version: 1.0 To: Mark Murray References: <200412101322.iBADMDQD088479@grovel.grondar.org> In-Reply-To: <200412101322.iBADMDQD088479@grovel.grondar.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: Colin Percival cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 02:21:50 -0000 Mark Murray wrote: >FreeBSD is really aiming itself at the server market. While I sympathise >with what you are doing, what you are doing is somewhat specialised, and is >the sort of thing that lends itself to purpose-built tools. > Well you may be aiming for the server market, but I'm not specifically aiming there.. make it a port.. >bsd.org" > > From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 03:39:47 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4E08116A4CE; Sat, 11 Dec 2004 03:39:47 +0000 (GMT) Received: from pd3mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id C5BA443D2F; Sat, 11 Dec 2004 03:39:46 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd5mr1so.prod.shaw.ca (pd5mr1so-qfe3.prod.shaw.ca [10.0.141.232]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8J0087WGTBYE90@l-daemon>; Fri, 10 Dec 2004 20:39:11 -0700 (MST) Received: from pn2ml3so.prod.shaw.ca ([10.0.121.147]) by pd5mr1so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8J002AKGTBN600@pd5mr1so.prod.shaw.ca>; Fri, 10 Dec 2004 20:39:11 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42])2003)) with ESMTP id <0I8J00H1MGTB63@l-daemon>; Fri, 10 Dec 2004 20:39:11 -0700 (MST) Date: Fri, 10 Dec 2004 19:39:10 -0800 From: Colin Percival In-reply-to: <20041211020518.GA74718@dragon.nuxi.com> To: freebsd-arch@freebsd.org, obrien@freebsd.org Message-id: <41BA6BDE.5070909@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 03:39:47 -0000 David O'Brien wrote: > Without a stronger justification than what was given in this thread, I > have to side with Mark Murry and David Schultz. While your library may > be perfect for your FreeBSD Update; I fear it may become the /usr/src fad > to use your library over OpenSSL, even in cases where speed and HW > support is important. I have to object to this argument; everything in the src tree can be misused, and the potential for someone to misuse my code should not be considered as a reason for not including it in the base system. > I am also concerned about a future found security > problem that you are ETOOBUSY to deal with and someone else totally > unfamiliar with the code has to deal with it. I'll conceed that this may be a reasonable consideration, although I still think that serious problems in a ~1500 line library are probably both less likely and easier to fix than problems in a ~200000 line library. > At the moment, I think your library code should just be part of your > FreeBSD Update code if you find you simply cannot use OpenSSL. Or make > your library a port in which only a static library is provided. I'm not quite sure I understand what you're saying here. The entire point of this discussion is that bringing my RSA code into the base systme is an obvious first step towards bringing FreeBSD Update into the base system, which is something I've been asked countless times (by both committers and users) to do. Removing my RSA code from the security/freebsd-update port and creating a separate devel/minirsa port might have some advantages (in fact, it has one very obvious advantage -- sysutils/portsnap wouldn't have to depend upon security/freebsd-update any longer), but I can't see how it would help get FreeBSD Update into the base system. Colin Percival From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 03:50:13 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A29CE16A4CE for ; Sat, 11 Dec 2004 03:50:13 +0000 (GMT) Received: from dragon.nuxi.com (trang.nuxi.com [66.93.134.19]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7C23C43D2F for ; Sat, 11 Dec 2004 03:50:13 +0000 (GMT) (envelope-from obrien@NUXI.com) Received: from dragon.nuxi.com (obrien@localhost [127.0.0.1]) by dragon.nuxi.com (8.13.1/8.13.1) with ESMTP id iBB3oCrP003078; Fri, 10 Dec 2004 19:50:13 -0800 (PST) (envelope-from obrien@dragon.nuxi.com) Received: (from obrien@localhost) by dragon.nuxi.com (8.13.1/8.13.1/Submit) id iBB3oC6E003077; Fri, 10 Dec 2004 19:50:12 -0800 (PST) (envelope-from obrien) Date: Fri, 10 Dec 2004 19:50:12 -0800 From: "David O'Brien" To: Colin Percival Message-ID: <20041211035012.GB93068@dragon.nuxi.com> References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41BA6BDE.5070909@wadham.ox.ac.uk> User-Agent: Mutt/1.4.1i X-Operating-System: FreeBSD 6.0-CURRENT Organization: The NUXI BSD Group X-Pgp-Rsa-Fingerprint: B7 4D 3E E9 11 39 5F A3 90 76 5D 69 58 D9 98 7A X-Pgp-Rsa-Keyid: 1024/34F9F9D5 cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: freebsd-arch@freebsd.org List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 03:50:13 -0000 [ #1, respect the reply-to ] On Fri, Dec 10, 2004 at 07:39:10PM -0800, Colin Percival wrote: > David O'Brien wrote: > >At the moment, I think your library code should just be part of your > >FreeBSD Update code if you find you simply cannot use OpenSSL. Or make > >your library a port in which only a static library is provided. > > I'm not quite sure I understand what you're saying here. In other words, rather than create an RSA library that your code links against, just build .o's and list the .c's in your FreeBSD Update's Makefile. That way you can use this RSA code that you want to, but it isn't exposed as a consumable library in FreeBSD's {,/usr}/lib. -- -- David (obrien@FreeBSD.org) From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 03:58:29 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B626F16A4CE for ; Sat, 11 Dec 2004 03:58:29 +0000 (GMT) Received: from pd3mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8FF6043D64 for ; Sat, 11 Dec 2004 03:58:29 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd4mr4so.prod.shaw.ca (pd4mr4so-qfe3.prod.shaw.ca [10.0.141.215]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8J008DHHO0YEA0@l-daemon> for freebsd-arch@freebsd.org; Fri, 10 Dec 2004 20:57:36 -0700 (MST) Received: from pn2ml3so.prod.shaw.ca ([10.0.121.147]) by pd4mr4so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8J006VFHNW72K0@pd4mr4so.prod.shaw.ca> for freebsd-arch@freebsd.org; Fri, 10 Dec 2004 20:57:32 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0I8J00H5CHNWBF@l-daemon> for freebsd-arch@freebsd.org; Fri, 10 Dec 2004 20:57:32 -0700 (MST) Date: Fri, 10 Dec 2004 19:57:32 -0800 From: Colin Percival In-reply-to: <20041211035012.GB93068@dragon.nuxi.com> To: freebsd-arch@freebsd.org Message-id: <41BA702C.3010909@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> <20041211035012.GB93068@dragon.nuxi.com> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 03:58:29 -0000 David O'Brien wrote: > In other words, rather than create an RSA library that your code links > against, just build .o's and list the .c's in your FreeBSD Update's > Makefile. That way you can use this RSA code that you want to, but it > isn't exposed as a consumable library in FreeBSD's {,/usr}/lib. Ah, now I understand. FreeBSD Update is a shell script, so I'd still need to add an rsa-verify program into /usr/sbin, but I'm quite happy to have it statically link my RSA code rather than installing a separate library, if that's what people would prefer. Honestly, I thought that people would complain if I did it that way. Colin Percival From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 07:54:54 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7713E16A4FD for ; Sat, 11 Dec 2004 07:54:54 +0000 (GMT) Received: from ns1.xcllnt.net (209-128-86-226.bayarea.net [209.128.86.226]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3E9B043D48 for ; Sat, 11 Dec 2004 07:54:54 +0000 (GMT) (envelope-from marcel@xcllnt.net) Received: from [192.168.4.250] (dhcp50.pn.xcllnt.net [192.168.4.250]) by ns1.xcllnt.net (8.13.1/8.13.1) with ESMTP id iBB7srfH025030; Fri, 10 Dec 2004 23:54:53 -0800 (PST) (envelope-from marcel@xcllnt.net) In-Reply-To: <41BA6BDE.5070909@wadham.ox.ac.uk> References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> Mime-Version: 1.0 (Apple Message framework v619) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Marcel Moolenaar Date: Fri, 10 Dec 2004 23:54:53 -0800 To: Colin Percival X-Mailer: Apple Mail (2.619) cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 07:54:54 -0000 On Dec 10, 2004, at 7:39 PM, Colin Percival wrote: > I'm not quite sure I understand what you're saying here. The entire > point > of this discussion is that bringing my RSA code into the base systme > is an > obvious first step towards bringing FreeBSD Update into the base > system, > which is something I've been asked countless times (by both committers > and > users) to do. I may have missed this, but can openssl(1) be used at all or do you need functionality not present in openssl(1)? The reason I ask is that arguments about security issues, code size and performance are mostly second order and highly subjective. I recall you mentioned that using openssl(1) resulted in a "large" binary and gave a size that's simply not the worth the fuzz if you ask me (it was less than .5MB -- I don't even care if there's an error margin of 50%, it's not worth my consideration. YMMV). My point is that if you can use openssl(1), do so. Import FreeBSD update and make it work on all platforms. If there's a genuine need, backed by requests that openssl(1) should be replaced because it has some negative characteristics that hamper development, usability or whatever, then (and only then) can we meaningfully discuss and argue whether such replacement is worth it. At this time I don't see a need at all. I do see a need to have FreeBSD update work on all platforms and that would be my first requirement for putting FreeBSD update in the base system. My 0.02 smurfs, -- Marcel Moolenaar USPA: A-39004 marcel@xcllnt.net From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 08:06:27 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC21116A4CE for ; Sat, 11 Dec 2004 08:06:27 +0000 (GMT) Received: from acampi.inet.it (acampi.inet.it [213.92.1.165]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7BE1543D62 for ; Sat, 11 Dec 2004 08:06:27 +0000 (GMT) (envelope-from andrea@acampi.inet.it) Received: by acampi.inet.it (Postfix, from userid 1000) id 2D474A6; Sat, 11 Dec 2004 09:06:26 +0100 (CET) Date: Sat, 11 Dec 2004 09:06:26 +0100 From: Andrea Campi To: Colin Percival Message-ID: <20041211080625.GA11190@webcom.it> References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> <20041211035012.GB93068@dragon.nuxi.com> <41BA702C.3010909@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41BA702C.3010909@wadham.ox.ac.uk> User-Agent: Mutt/1.5.6i cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 08:06:27 -0000 On Fri, Dec 10, 2004 at 07:57:32PM -0800, Colin Percival wrote: > David O'Brien wrote: > >In other words, rather than create an RSA library that your code links > >against, just build .o's and list the .c's in your FreeBSD Update's > >Makefile. That way you can use this RSA code that you want to, but it > >isn't exposed as a consumable library in FreeBSD's {,/usr}/lib. > > Ah, now I understand. FreeBSD Update is a shell script, so I'd still need > to add an rsa-verify program into /usr/sbin, but I'm quite happy to have > it statically link my RSA code rather than installing a separate library, > if that's what people would prefer. Honestly, I thought that people would > complain if I did it that way. Can you offer a choice between using and installing your rsa-verify and calling openssl? I guess it's just a matter of sed'ing FreeBSD Update shell script to use one or the other. Speaking as one user that values space over time in some installations, I think this would be a win-win and would allow people to adopt rsa-verify at their own pace. Or vice versa, if (when) rsa-verify would become default, would allow security-conscious critics that would prefer to stick with OpenSSL to just do so. Bye, Andrea -- Give a man a fish and you feed him for a day; teach him to use the Net and he won't bother you for weeks. From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 09:41:25 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9281E16A4CE for ; Sat, 11 Dec 2004 09:41:25 +0000 (GMT) Received: from mail18.syd.optusnet.com.au (mail18.syd.optusnet.com.au [211.29.132.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id A83D343D45 for ; Sat, 11 Dec 2004 09:41:24 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (c211-30-75-229.belrs2.nsw.optusnet.com.au [211.30.75.229]) iBB9fMfL025105 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO) for ; Sat, 11 Dec 2004 20:41:23 +1100 Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1])iBB9fMxP084176 for ; Sat, 11 Dec 2004 20:41:22 +1100 (EST) (envelope-from pjeremy@cirb503493.alcatel.com.au) Received: (from pjeremy@localhost) by cirb503493.alcatel.com.au (8.12.10/8.12.9/Submit) id iBB9fMnV084175 for freebsd-arch@freebsd.org; Sat, 11 Dec 2004 20:41:22 +1100 (EST) (envelope-from pjeremy) Date: Sat, 11 Dec 2004 20:41:22 +1100 From: Peter Jeremy To: freebsd-arch@freebsd.org Message-ID: <20041211094121.GB79646@cirb503493.alcatel.com.au> References: <41B92CF3.2090302@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41B92CF3.2090302@wadham.ox.ac.uk> User-Agent: Mutt/1.4.2i Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 09:41:25 -0000 On Thu, 2004-Dec-09 20:58:27 -0800, Colin Percival wrote: > I'd like to add a new library for lightweight barebones RSA >computations, and associated commandline rsa-makekey, rsa-sign, >and rsa-verify utilities. To head off on a slight tangent... Does -core have an official set of guidelines for adding new libraries and utilities to FreeBSD? (What purpose does it serve? Why aren't existing facilities adequate? Why should it be in the base system rather than ports? How will it be maintained in future? etc). -- Peter Jeremy From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 20:19:12 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B275516A4CE for ; Sat, 11 Dec 2004 20:19:12 +0000 (GMT) Received: from VARK.MIT.EDU (VARK.MIT.EDU [18.95.3.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 632E343D2F for ; Sat, 11 Dec 2004 20:19:12 +0000 (GMT) (envelope-from das@FreeBSD.ORG) Received: from VARK.MIT.EDU (localhost [127.0.0.1]) by VARK.MIT.EDU (8.13.1/8.13.1) with ESMTP id iBBKILqg037350; Sat, 11 Dec 2004 15:18:21 -0500 (EST) (envelope-from das@FreeBSD.ORG) Received: (from das@localhost) by VARK.MIT.EDU (8.13.1/8.13.1/Submit) id iBBKILjD037349; Sat, 11 Dec 2004 15:18:21 -0500 (EST) (envelope-from das@FreeBSD.ORG) Date: Sat, 11 Dec 2004 15:18:21 -0500 From: David Schultz To: Colin Percival Message-ID: <20041211201821.GA37211@VARK.MIT.EDU> Mail-Followup-To: Colin Percival , freebsd-arch@FreeBSD.ORG References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> <20041211035012.GB93068@dragon.nuxi.com> <41BA702C.3010909@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41BA702C.3010909@wadham.ox.ac.uk> cc: freebsd-arch@FreeBSD.ORG Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 20:19:12 -0000 On Fri, Dec 10, 2004, Colin Percival wrote: > David O'Brien wrote: > >In other words, rather than create an RSA library that your code links > >against, just build .o's and list the .c's in your FreeBSD Update's > >Makefile. That way you can use this RSA code that you want to, but it > >isn't exposed as a consumable library in FreeBSD's {,/usr}/lib. > > Ah, now I understand. FreeBSD Update is a shell script, so I'd still need > to add an rsa-verify program into /usr/sbin, but I'm quite happy to have > it statically link my RSA code rather than installing a separate library, > if that's what people would prefer. Honestly, I thought that people would > complain if I did it that way. I think keeping the library ``private'' is a better way to do it. Despite OpenSSL's size, it is better documented, widely deployed, and somewhat more difficult for third parties to misuse. For instance, as we discussed privately, your RSA encryption routine is insecure unless the caller appropriately preprocesses the input with a random pad, and the documentation doesn't seem to mention this caveat. I'm sure *you* know how to use your library securely, but it could be dangerous to someone else. That said, it still puzzles me that you don't want to use OpenSSL's rsautl. FreeBSD users are *already* in trouble if there's a flaw in OpenSSL. If we have two cryptographic libraries, then people are in trouble if there's a bug in OpenSSL *or* there's a bug in your library. I understand that you are frustrated with OpenSSL, but it isn't clear that this is a battle you can win, short of reimplementing all of OpenSSL's functionality. From owner-freebsd-arch@FreeBSD.ORG Sat Dec 11 21:00:29 2004 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EE85A16A4CF; Sat, 11 Dec 2004 21:00:29 +0000 (GMT) Received: from pd3mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id C2D2E43D39; Sat, 11 Dec 2004 21:00:29 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd3mr6so.prod.shaw.ca (pd3mr6so-qfe3.prod.shaw.ca [10.0.141.21])2004)) with ESMTP id <0I8K00JTGT0TJCE0@l-daemon>; Sat, 11 Dec 2004 14:00:29 -0700 (MST) Received: from pn2ml10so.prod.shaw.ca ([10.0.121.80]) by pd3mr6so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0I8K00BMOT0T23K0@pd3mr6so.prod.shaw.ca>; Sat, 11 Dec 2004 14:00:29 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.233.42])2003)) with ESMTP id <0I8K00L4TT0SLV@l-daemon>; Sat, 11 Dec 2004 14:00:29 -0700 (MST) Date: Sat, 11 Dec 2004 13:00:28 -0800 From: Colin Percival In-reply-to: <20041211201821.GA37211@VARK.MIT.EDU> To: David Schultz Message-id: <41BB5FEC.30100@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; format=flowed; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <41B92CF3.2090302@wadham.ox.ac.uk> <20041211020518.GA74718@dragon.nuxi.com> <41BA6BDE.5070909@wadham.ox.ac.uk> <20041211035012.GB93068@dragon.nuxi.com> <41BA702C.3010909@wadham.ox.ac.uk> <20041211201821.GA37211@VARK.MIT.EDU> User-Agent: Mozilla Thunderbird 0.9 (X11/20041107) cc: freebsd-arch@freebsd.org Subject: Re: Adding standalone RSA code X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 11 Dec 2004 21:00:30 -0000 David Schultz wrote: > For > instance, as we discussed privately, your RSA encryption routine > is insecure unless the caller appropriately preprocesses the input > with a random pad ... or is using it to encode data with at least 128 bits of entropy... > and the documentation doesn't seem to mention > this caveat. I'm sure *you* know how to use your library > securely, but it could be dangerous to someone else. True enough, but I was planning on revising my interface (e.g., to use OAEP) and documentation before committing anyway. > That said, it still puzzles me that you don't want to use > OpenSSL's rsautl. I wrote my RSA code long before I started working on FreeBSD Update; so when I needed some code for signing my update index, I used the most convenient code -- the code which I had written, understood intimately, and trusted. Colin Percival