From owner-freebsd-security@FreeBSD.ORG Mon Feb 2 15:07:18 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 90BCD1CB; Mon, 2 Feb 2015 15:07:18 +0000 (UTC) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 80EE3FC4; Mon, 2 Feb 2015 15:07:18 +0000 (UTC) Date: Mon, 2 Feb 2015 07:07:11 -0800 (PST) From: Roger Marquis To: freebsd-security@freebsd.org Subject: Enumerating glibc dependencies In-Reply-To: References: User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-pkg@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 15:07:18 -0000 Before pkgng it was easy to list a system's port dependencies by (starting with): grep glib /var/db/pkg/*/* Is there an equivalent (single) command for pkgng? Roger From owner-freebsd-security@FreeBSD.ORG Mon Feb 2 15:21:32 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 17266594 for ; Mon, 2 Feb 2015 15:21:32 +0000 (UTC) Received: from sasl.smtp.pobox.com (pb-smtp1.int.icgroup.com [208.72.237.35]) by mx1.freebsd.org (Postfix) with ESMTP id C7C6D267 for ; Mon, 2 Feb 2015 15:21:30 +0000 (UTC) Received: from sasl.smtp.pobox.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 450DA3248C for ; Mon, 2 Feb 2015 10:21:29 -0500 (EST) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=pobox.com; h=date:from:to :subject:message-id:in-reply-to:references:mime-version :content-type; s=sasl; bh=W/gvOrJtnaP5lI7q5um4tbSgJ0g=; b=Z9CFiL 25kJTnC40EJWxzxWvK25rw25Dqo7Gb3A91PnG9zAsKns/DHcGmkvACORVb3sFpdR Q2/OQsi6BVIGF/MTn4W7IeWbWrIQWG8qyY58yh63q66yA7ZPluuDXbpObt5iwL0t 1pq+jidFaq6d/SMQcygQYKme/pLg839zP0UUc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=pobox.com; h=date:from:to :subject:message-id:in-reply-to:references:mime-version :content-type; q=dns; s=sasl; b=acH4/svZ1ntXSBnUOjXhY8bMEqC+dpYe zI7xbQTQ0FaeZRs+KCazDdC/uoxwhfug6SF66eqerVHAGsmQLGfJ6lIcDWkYAI2n aDjzooz8TQN56qDY3yA23BMXOT9dvlOr+Y3eXfCLCgcYT7uqou6lCgRdVEv3PQqT OJcRINDE++8= Received: from pb-smtp1.int.icgroup.com (unknown [127.0.0.1]) by pb-smtp1.pobox.com (Postfix) with ESMTP id 3A8793248B for ; Mon, 2 Feb 2015 10:21:29 -0500 (EST) Received: from satori.lan (unknown [50.90.2.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pb-smtp1.pobox.com (Postfix) with ESMTPSA id 1573232487 for ; Mon, 2 Feb 2015 10:21:25 -0500 (EST) Date: Mon, 2 Feb 2015 10:21:19 -0500 From: Chris Nehren To: freebsd-security@freebsd.org Subject: Re: Enumerating glibc dependencies Message-ID: <20150202102119.1224e6f8@satori.lan> In-Reply-To: <20150202150722.A6FAD271@hub.freebsd.org> References: <20150202150722.A6FAD271@hub.freebsd.org> Followup-To: freebsd-questions@freebsd.org X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/hZnM.hBUPq7SkSk_FirZDVu"; protocol="application/pgp-signature" X-Pobox-Relay-ID: 26B7DD64-AAEF-11E4-B3B9-7BA29F42C9D4-49531120!pb-smtp1.pobox.com X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 15:21:32 -0000 --Sig_/hZnM.hBUPq7SkSk_FirZDVu Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable [Followup-To: set to questions@. This is not a security question.] On Mon, 2 Feb 2015 07:07:11 -0800 (PST) Roger Marquis wrote: > Before pkgng it was easy to list a system's port dependencies by > (starting with): >=20 > grep glib /var/db/pkg/*/* >=20 > Is there an equivalent (single) command for pkgng? Hey Roger, You'll want `pkg info -r` for this--and note that glib is not glibc!=20 --=20 Chris Nehren --Sig_/hZnM.hBUPq7SkSk_FirZDVu Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJUz5X0AAoJEBHA+GJAM0vP0NUP/3WEod1NnQ/3fIo7fhbr30WP y0/mePGWjqHktImRmzqOm2edmuaGZSm6PZ0wW2UpSzJu871Ig1GT/WD0xKajNmb+ LZI18HP3iFXU/G61rp5rUvZtwdfhZCLpbWCFCsd3q7qogAoF9x7zacAmP9+ktOEB u23ebz9yNsAt+MN12GFmtpUsKAG1S8syd0eEkb8WOVb/whVUEraGx6REwo97SQkO vl6KA5drsmmmTmN+PHn7ntPbhQNj4eqBw5Dn03RN+3+H9n2deXnQTy1IXsBY1Vim agMv0wxt2916261WfVz+8eSrVCg+AgnMMaJveSpz19OlAEc0zJLak09ZIU/B/Qk0 Yk5CytYZcOUXpZh/iVIk7HxCECgRxV3/xdN6MKuYqtzL2WYO2bmNBhkC/XImyXmA J/67mXfI1e/tbv53tpSQPjn9VngwrETELrpkpt3vQsKwvNNzsM5uW/v6HqVUQany FEbLD3Wb2BIIzLrhC2neKlrMCUE1s20UVo98qWRMwiKzHXifOR6QYiiWOpdfO9ed qpAvTQ34MLOCc+S/ZXlUTOU2jbi9I2aP3b0NGIYu0e9Z9glH7m1ziGlT06JkhXpL /hx6J0w0T/UbjkyAJbpc7x8xkJS1Mm2tUFtUYSLdmrz630Xq+fWe1aKwN29BWCyx rawql2hEjIESBEPAWbeG =S+GJ -----END PGP SIGNATURE----- --Sig_/hZnM.hBUPq7SkSk_FirZDVu-- From owner-freebsd-security@FreeBSD.ORG Mon Feb 2 15:22:46 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1BC11707; Mon, 2 Feb 2015 15:22:46 +0000 (UTC) Received: from mail.in-addr.com (mail.in-addr.com [IPv6:2a01:4f8:191:61e8::2525:2525]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D22A328C; Mon, 2 Feb 2015 15:22:45 +0000 (UTC) Received: from gjp by mail.in-addr.com with local (Exim 4.85 (FreeBSD)) (envelope-from ) id 1YIIpn-0008Zz-5J; Mon, 02 Feb 2015 15:22:43 +0000 Date: Mon, 2 Feb 2015 15:22:43 +0000 From: Gary Palmer To: Roger Marquis Subject: Re: Enumerating glibc dependencies Message-ID: <20150202152243.GA29176@in-addr.com> References: <20150202150721.E8553209@hub.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150202150721.E8553209@hub.freebsd.org> X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: gpalmer@freebsd.org X-SA-Exim-Scanned: No (on mail.in-addr.com); SAEximRunCond expanded to false Cc: freebsd-security@freebsd.org, freebsd-pkg@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 15:22:46 -0000 On Mon, Feb 02, 2015 at 07:07:11AM -0800, Roger Marquis wrote: > Before pkgng it was easy to list a system's port dependencies by > (starting with): > > grep glib /var/db/pkg/*/* > > Is there an equivalent (single) command for pkgng? pkg query %ro glib Regards, Gary From owner-freebsd-security@FreeBSD.ORG Mon Feb 2 16:55:07 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 782F6780; Mon, 2 Feb 2015 16:55:07 +0000 (UTC) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 669C1FBC; Mon, 2 Feb 2015 16:55:07 +0000 (UTC) Date: Mon, 2 Feb 2015 08:55:06 -0800 (PST) From: Roger Marquis To: freebsd-security@freebsd.org, freebsd-pkg@freebsd.org Subject: Re: Enumerating glibc dependencies In-Reply-To: <20150202164319.GL11558@ivaldir.etoilebsd.net> References: <20150202150721.E8553209@hub.freebsd.org> <20150202152243.GA29176@in-addr.com> <20150202164319.GL11558@ivaldir.etoilebsd.net> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 16:55:07 -0000 > Please note that the glibc has nothing to do with glib. Is FreeBSD glib always linked to libc (vs glibc)? # ldd /usr/local/lib/libglib* 2>/dev/null| grep libc | sort -u libc.so.7 => /lib/libc.so.7 (0x800648000) Roger From owner-freebsd-security@FreeBSD.ORG Mon Feb 2 16:43:25 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 5595F421; Mon, 2 Feb 2015 16:43:25 +0000 (UTC) Received: from mail-wi0-x22f.google.com (mail-wi0-x22f.google.com [IPv6:2a00:1450:400c:c05::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D1E48E82; Mon, 2 Feb 2015 16:43:24 +0000 (UTC) Received: by mail-wi0-f175.google.com with SMTP id fb4so18208851wid.2; Mon, 02 Feb 2015 08:43:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=CpjK9LUAVe3g2oekEPP7ZRQqUYGh3fiCYSTb++NmWxs=; b=y6sxOp04Z4qJD1CKAxWVvGmdgtad2mmBpFMzt+nptz9t2b/f2sLEbtmwOC+1l/B1Wc un5o9aECkfKN4G5GJ4oWHTWxUcO2YFJ/CODHWjmE3g3v27UCdSaR3nV1YPonXpE7oE1r /MEIAT8qrYMsApE/y3bVdBh77NffqCo+a2h2V8DsnVTnmlldEUI5rIop99IFRRqDR7LJ NvaDd1JwEtEYUGmaZL9efFgMLNWsLg74XGjLSf+QcifX8vPMZ4HHh3iP2Zseup1Rn02v FYzDaykWi1/OJkXNYmHi8t4h1lRsRLa2Cp9BjhlyX/dgJPI3Th61ZnaSvUWlLLE/ZSxR bEMQ== X-Received: by 10.180.108.202 with SMTP id hm10mr25612232wib.68.1422895403294; Mon, 02 Feb 2015 08:43:23 -0800 (PST) Received: from ivaldir.etoilebsd.net ([2001:41d0:8:db4c::1]) by mx.google.com with ESMTPSA id m4sm8301938wjb.25.2015.02.02.08.43.21 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 02 Feb 2015 08:43:22 -0800 (PST) Sender: Baptiste Daroussin Date: Mon, 2 Feb 2015 17:43:20 +0100 From: Baptiste Daroussin To: Gary Palmer Subject: Re: Enumerating glibc dependencies Message-ID: <20150202164319.GL11558@ivaldir.etoilebsd.net> References: <20150202150721.E8553209@hub.freebsd.org> <20150202152243.GA29176@in-addr.com> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="iK/wEI4vkfDmI6Zw" Content-Disposition: inline In-Reply-To: <20150202152243.GA29176@in-addr.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-Mailman-Approved-At: Mon, 02 Feb 2015 18:12:59 +0000 Cc: freebsd-security@freebsd.org, Roger Marquis , freebsd-pkg@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 16:43:25 -0000 --iK/wEI4vkfDmI6Zw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Feb 02, 2015 at 03:22:43PM +0000, Gary Palmer wrote: > On Mon, Feb 02, 2015 at 07:07:11AM -0800, Roger Marquis wrote: > > Before pkgng it was easy to list a system's port dependencies by > > (starting with): > >=20 > > grep glib /var/db/pkg/*/* > >=20 > > Is there an equivalent (single) command for pkgng? >=20 > pkg query %ro glib >=20 pkg info -r glibc Please note that the glibc has nothing to do with glib. Best regards, Bapt --iK/wEI4vkfDmI6Zw Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlTPqScACgkQ8kTtMUmk6EwctwCcCb80l4aYA+AwAO/hk5tovJrl 9NEAoLg3TD5RyqJbvpNlYles9ALmRsTE =CZOF -----END PGP SIGNATURE----- --iK/wEI4vkfDmI6Zw-- From owner-freebsd-security@FreeBSD.ORG Mon Feb 2 18:58:04 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 4B251815; Mon, 2 Feb 2015 18:58:04 +0000 (UTC) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 38FAB1E9; Mon, 2 Feb 2015 18:58:03 +0000 (UTC) Date: Mon, 2 Feb 2015 10:58:03 -0800 (PST) From: Roger Marquis To: freebsd-security@freebsd.org, freebsd-pkg@freebsd.org Subject: Re: Enumerating glibc dependencies In-Reply-To: References: <20150202150721.E8553209@hub.freebsd.org> <20150202152243.GA29176@in-addr.com> <20150202164319.GL11558@ivaldir.etoilebsd.net> User-Agent: Alpine 2.00 (BSF 1167 2008-08-23) MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 18:58:04 -0000 > Is FreeBSD glib always linked to libc (vs glibc)? Apparently it is, at least on the systems I've tested where there were no glibc dependencies at all. Another item added to the list of BSD (security) advantages. Roger From owner-freebsd-security@FreeBSD.ORG Mon Feb 2 19:11:43 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 65AFEEBF for ; Mon, 2 Feb 2015 19:11:43 +0000 (UTC) Received: from mail-ie0-x229.google.com (mail-ie0-x229.google.com [IPv6:2607:f8b0:4001:c03::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 29E9E5E5 for ; Mon, 2 Feb 2015 19:11:43 +0000 (UTC) Received: by mail-ie0-f169.google.com with SMTP id rl12so19819968iec.0 for ; Mon, 02 Feb 2015 11:11:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=q4xHyP1pmd/15KzbRbCAGscjL/0/GqQSWv6DwnQGlsg=; b=NkxcslIrIHQxk3x9DxhAMjWKyHialrU4bWMwuXQZNtfE4Eec5gyfDSL8ZbWsjryApW hfCyAt/jXUa1X6AqoOJZCz0J92Hn+DhFvE9yVmVM4NJTTLT/11NOYj+ixqODdkBG/ewr eP6Z87+hlcMQfL9h+S9JhBSuDzJoCK/GKMZDMgZ4oOF7wDgeQ/cPvTKepnxgInG4/ZzK SCs5B0WHu0d88JAg1p37sDgUIaSbXNDN6ohsyeiEENeRNdFPkWfEkgreTFaCF7zwoXdJ KdBD2A73Leae46iWLyRv/AqqvEtPBKr6yO6K8/oyvadVubd00Dz/UWOVKqpsMZBMnOxw gy9g== MIME-Version: 1.0 X-Received: by 10.42.79.76 with SMTP id q12mr20475956ick.16.1422904302614; Mon, 02 Feb 2015 11:11:42 -0800 (PST) Received: by 10.36.8.215 with HTTP; Mon, 2 Feb 2015 11:11:42 -0800 (PST) In-Reply-To: <20150202185806.EC8B4884@hub.freebsd.org> References: <20150202150721.E8553209@hub.freebsd.org> <20150202152243.GA29176@in-addr.com> <20150202164319.GL11558@ivaldir.etoilebsd.net> <20150202185806.EC8B4884@hub.freebsd.org> Date: Mon, 2 Feb 2015 14:11:42 -0500 Message-ID: Subject: Re: Enumerating glibc dependencies From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=UTF-8 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Feb 2015 19:11:43 -0000 On Mon, Feb 2, 2015 at 1:58 PM, Roger Marquis wrote: >> Is FreeBSD glib always linked to libc (vs glibc)? > > > Apparently it is, at least on the systems I've tested where there were no > glibc dependencies at all. Another item added to the list of BSD > (security) advantages. I believe there is a bit of confusion on the list. My assumption for why the OP wants to determine glibc dependencies is the vulnerability in gethostbyname. However, many people on the list seem to be looking for devel/glib dependencies. devel/glib in FreeBSD's ports is unrelated to glibc (take a peek at the pkg-info file for this port for more info). GLib is a component of GNOME: https://developer.gnome.org/glib/ The library that contains the glibc vulnerability is the GNU C Library: https://www.gnu.org/software/libc/ From owner-freebsd-security@FreeBSD.ORG Tue Feb 3 13:49:01 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BE646703 for ; Tue, 3 Feb 2015 13:49:01 +0000 (UTC) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8CE71F17 for ; Tue, 3 Feb 2015 13:49:01 +0000 (UTC) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id A935E20C7F for ; Tue, 3 Feb 2015 08:48:53 -0500 (EST) Received: from web3 ([10.202.2.213]) by compute6.internal (MEProxy); Tue, 03 Feb 2015 08:48:53 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:x-sasl-enc:from:to :mime-version:content-transfer-encoding:content-type:in-reply-to :references:subject:date; s=smtpout; bh=taxJaX6B+1bBRQzKNWFCBWRp KYA=; b=IfvGYnt3SN/UKUSOYQNPvA0dCf/s4IOaw63WcbLebARReH8XH5zE7kft rcHZiovX7R6nTi3qh8FaFXk6p/hzI0+meCBCs8tCir+BI4Bgxj7bKLQh5IcH7qlJ H8AtRh2NxOJ96FzP9iO7fvaQ2nPwBr9sSrTxoNKTutUrNgEaoxY= Received: by web3.nyi.internal (Postfix, from userid 99) id 66C24147126; Tue, 3 Feb 2015 08:48:53 -0500 (EST) Message-Id: <1422971333.3444346.222480213.4886CF10@webmail.messagingengine.com> X-Sasl-Enc: N+OTbCOvwoNNWV2fs0P3JRRovpAbbosC1tqjvCeMsw+3 1422971333 From: Mark Felder To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-b6284d51 In-Reply-To: <20150202185806.BD0AF865@hub.freebsd.org> References: <20150202150721.E8553209@hub.freebsd.org> <20150202152243.GA29176@in-addr.com> <20150202164319.GL11558@ivaldir.etoilebsd.net> <20150202185806.BD0AF865@hub.freebsd.org> Subject: Re: Enumerating glibc dependencies Date: Tue, 03 Feb 2015 07:48:53 -0600 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Feb 2015 13:49:01 -0000 On Mon, Feb 2, 2015, at 12:58, Roger Marquis wrote: > > Is FreeBSD glib always linked to libc (vs glibc)? > > Apparently it is, at least on the systems I've tested where there were no > glibc dependencies at all. Another item added to the list of BSD > (security) advantages. > Unless you're building a Frankenstein OS you should never come across a situation where a native FreeBSD binary is linked to glibc. (I'm not even sure it's possible!) Linux uses glibc for their libc reference, we use our own. If you are running native Linux binaries via the linuxulator you will certainly be using glibc for those binaries. Those programs could be vulnerable to glibc issues. From owner-freebsd-security@FreeBSD.ORG Tue Feb 3 13:53:50 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 874F1927 for ; Tue, 3 Feb 2015 13:53:50 +0000 (UTC) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5650482 for ; Tue, 3 Feb 2015 13:53:50 +0000 (UTC) Received: from compute6.internal (compute6.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id 9C77D20C10 for ; Tue, 3 Feb 2015 08:53:49 -0500 (EST) Received: from web3 ([10.202.2.213]) by compute6.internal (MEProxy); Tue, 03 Feb 2015 08:53:49 -0500 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:x-sasl-enc:from:to :mime-version:content-transfer-encoding:content-type:in-reply-to :references:subject:date; s=smtpout; bh=2DYFQZrEVgt4m6CeAbJELHyw cXs=; b=Qk31xeU9i/drELqlzJu1sNCKxu6jeY7GbAx7a9uGHNKAo0hYiaTL/THU ba5gQUjNV7alXJln6LPFkW8OmWmHqiYMczOUmz0cR/cvbkjoL8DZadtcaV1Wci4p lxZGHlimkTE5m30nKLQBLYjW4gj2UM1EtqWaZS+qusbAkxmPgx8= Received: by web3.nyi.internal (Postfix, from userid 99) id 6FF4A147142; Tue, 3 Feb 2015 08:53:49 -0500 (EST) Message-Id: <1422971629.3446909.222482893.6AA0AE96@webmail.messagingengine.com> X-Sasl-Enc: Z+OyD857DfRQRLZ3DpnjEm/cv8/G3XMOip2uJbdXBKxp 1422971629 From: Mark Felder To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain X-Mailer: MessagingEngine.com Webmail Interface - ajax-b6284d51 In-Reply-To: <1422971333.3444346.222480213.4886CF10@webmail.messagingengine.com> References: <20150202150721.E8553209@hub.freebsd.org> <20150202152243.GA29176@in-addr.com> <20150202164319.GL11558@ivaldir.etoilebsd.net> <20150202185806.BD0AF865@hub.freebsd.org> <1422971333.3444346.222480213.4886CF10@webmail.messagingengine.com> Subject: Re: Enumerating glibc dependencies Date: Tue, 03 Feb 2015 07:53:49 -0600 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Feb 2015 13:53:50 -0000 On Tue, Feb 3, 2015, at 07:48, Mark Felder wrote: > > Unless you're building a Frankenstein OS you should never come across a > situation where a native FreeBSD binary is linked to glibc. (I'm not > even sure it's possible!) Linux uses glibc for their libc reference, we > use our own. I forgot Debian K/FreeBSD existed which has a complete GNU base system. So it has to be possible. But doesn't make it sane! :-) From owner-freebsd-security@FreeBSD.ORG Thu Feb 5 17:16:59 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 89EE0EF5 for ; Thu, 5 Feb 2015 17:16:59 +0000 (UTC) Received: from mx1.core43.com (jaws.core43.com [54.187.139.74]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 65A58B59 for ; Thu, 5 Feb 2015 17:16:58 +0000 (UTC) Received: from mx1.core43.com (localhost [127.0.0.1]) by mx1.core43.com (Postfix) with ESMTP id 2BFB64F161 for ; Thu, 5 Feb 2015 09:09:16 -0800 (PST) X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on jaws.core43.com X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=ALL_TRUSTED,BAYES_00 autolearn=ham autolearn_force=no version=3.4.0 X-Spam-Trusted-Relays: [ ip=10.0.1.3 rdns=bkup helo=mail.bpsw.biz by=mx1.core43.com ident= envfrom= intl=1 id=1E8044F15C auth= msa=0 ] [ ip=127.0.0.1 rdns=localhost helo=mail.bpsw.biz by=mail.bpsw.biz ident= envfrom= intl=1 id=065502CBCDA auth= msa=0 ] [ ip=10.0.1.53 rdns= helo=!10.0.1.53! by=mail.bpsw.biz ident= envfrom= intl=1 id=B5A3A2CBCD9 auth= msa=0 ] X-Spam-Untrusted-Relays: X-Spam-Language: X-Spam-Relay-Country: _RELAYCOUNTRY_ X-Spam-Score: -2.9 Received: from mail.bpsw.biz (bkup [10.0.1.3]) by mx1.core43.com (Postfix) with ESMTPS id 1E8044F15C for ; Thu, 5 Feb 2015 09:09:16 -0800 (PST) Received: from mail.bpsw.biz (localhost [127.0.0.1]) by mail.bpsw.biz (Postfix) with ESMTP id 065502CBCDA for ; Thu, 5 Feb 2015 09:09:10 -0800 (PST) Received: from [10.0.1.53] (unknown [10.0.1.53]) by mail.bpsw.biz (Postfix) with ESMTPS id B5A3A2CBCD9 for ; Thu, 5 Feb 2015 09:09:09 -0800 (PST) From: Max C Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Subject: update3.freebsd.org out of date Message-Id: Date: Thu, 5 Feb 2015 09:09:09 -0800 To: freebsd-security@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) X-Mailer: Apple Mail (2.1878.6) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2015 17:16:59 -0000 freebsd-update gives me this message whenever I hit update3, but no = message when I hit any other server. Looks like update3 has not been updated in at least ~10 days. Who = should I contact to resync update3? Thanks. - Max Begin forwarded message: > Looking up update.FreeBSD.org mirrors... 5 mirrors found. > Fetching metadata signature for 9.3-RELEASE from = update3.freebsd.org... done. >=20 > Files on mirror (9.3-RELEASE-p8) are older than the > most recently seen updates (9.3-RELEASE-p9). > Cowardly refusing to proceed any further. From owner-freebsd-security@FreeBSD.ORG Thu Feb 5 17:24:24 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 04D8A1ED for ; Thu, 5 Feb 2015 17:24:24 +0000 (UTC) Received: from mail-qc0-x22d.google.com (mail-qc0-x22d.google.com [IPv6:2607:f8b0:400d:c01::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AE724C69 for ; Thu, 5 Feb 2015 17:24:23 +0000 (UTC) Received: by mail-qc0-f173.google.com with SMTP id m20so7427985qcx.4 for ; Thu, 05 Feb 2015 09:24:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lifeofadishwasher.com; s=google; h=date:from:to:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=KDH7aQKvBaMRStj933k58Gy38Scf7J1A5juVK9AIHLw=; b=IGhHq1g0JcJsg/VCy4li+/SGXtT+kb70MFdI0htl/6hvz+jYgSNDVWUHY8CugAZS67 B4tvQ468cjE4qEK7R2Rd3Eo07bOVcp4E/+89mlNHAWvrBf6JhLg8LlVJJATRFIEpMEcP vB3bpbm8cbdqsVdD1T1WmnwBN82yamhDw8cFA= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:subject:message-id:references :mime-version:content-type:content-disposition:in-reply-to :user-agent; bh=KDH7aQKvBaMRStj933k58Gy38Scf7J1A5juVK9AIHLw=; b=DNuTLlwfiuFk7nuavSAgnyUuVM1GiLqj+H2YGmbiuQHKG5H6GGGec1fSpZGd354Irx igywz6+iJ1homC3GjBrQE/T55fbgr7s5I5Pfmpbp0kqIF/zhnxP+5gu80HZgpbtlN+z5 QtGRCDdvjucZMPPuBIdlvweCqB5eRCIgQuoGgIyY0yEiMGxZ5CgqNAYHUrCjFQBMbt23 8tV+zVMLOuUOw2geluIQt7Od2NLeWkgp4E49z4ENTNvSrjAIRuSr2FFehqBd9eQVcRHa gzRYnkmD8tt6306E+avS/vBRiQP4grdqcrC2wh2R/KtoeuULawsTBFDviaFNKzyUls3I a3rQ== X-Gm-Message-State: ALoCoQn+9WSKSuRbw+4sQdUVsE4zedv/JzmX/wTxxqpVmLl/vHkQqkQH7rxRj/boEgMB//+NNtzY X-Received: by 10.140.104.1 with SMTP id z1mr9889381qge.76.1423157062745; Thu, 05 Feb 2015 09:24:22 -0800 (PST) Received: from lifeofadishwasher.com (c-71-206-246-125.hsd1.pa.comcast.net. [71.206.246.125]) by mx.google.com with ESMTPSA id o10sm5510767qah.35.2015.02.05.09.24.21 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 05 Feb 2015 09:24:22 -0800 (PST) Received: by lifeofadishwasher.com (sSMTP sendmail emulation); Thu, 05 Feb 2015 12:24:20 -0500 Date: Thu, 5 Feb 2015 12:24:20 -0500 From: Derek Schrock To: freebsd-security@freebsd.org Subject: Re: update3.freebsd.org out of date Message-ID: <20150205172420.GA53579@ircbsd.lifeofadishwasher.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.23 (2014-03-12) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Feb 2015 17:24:24 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197240 On Thu, Feb 05, 2015 at 09:09:09AM -0800, Max C wrote: > freebsd-update gives me this message whenever I hit update3, but no message when I hit any other server. > > Looks like update3 has not been updated in at least ~10 days. Who should I contact to resync update3? > > Thanks. > > - Max > > Begin forwarded message: > > > Looking up update.FreeBSD.org mirrors... 5 mirrors found. > > Fetching metadata signature for 9.3-RELEASE from update3.freebsd.org... done. > > > > Files on mirror (9.3-RELEASE-p8) are older than the > > most recently seen updates (9.3-RELEASE-p9). > > Cowardly refusing to proceed any further. > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Fri Feb 6 13:34:00 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6DDA0A14 for ; Fri, 6 Feb 2015 13:34:00 +0000 (UTC) Received: from kazi.fit.vutbr.cz (kazi6.fit.vutbr.cz [IPv6:2001:67c:1220:808::93e5:80c]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "kazi.fit.vutbr.cz", Issuer "Brno University of Technology CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 0050D21A for ; Fri, 6 Feb 2015 13:33:59 +0000 (UTC) Received: from kazi.fit.vutbr.cz (localhost [127.0.0.1]) by kazi.fit.vutbr.cz (8.14.9/8.14.6) with ESMTP id t16DXqVR076473 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 6 Feb 2015 14:33:52 +0100 (CET) Received: (from cejkar@localhost) by kazi.fit.vutbr.cz (8.14.9/8.14.8/Submit) id t16DXpMS076470; Fri, 6 Feb 2015 14:33:51 +0100 (CET) (envelope-from cejkar@fit.vutbr.cz) X-Authentication-Warning: kazi.fit.vutbr.cz: cejkar set sender to cejkar@fit.vutbr.cz using -f Date: Fri, 6 Feb 2015 14:33:51 +0100 From: Cejka Rudolf To: Derek Schrock Subject: Re: update3.freebsd.org out of date Message-ID: <20150206133351.GA75403@fit.vutbr.cz> References: <20150205172420.GA53579@ircbsd.lifeofadishwasher.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150205172420.GA53579@ircbsd.lifeofadishwasher.com> User-Agent: Mutt/1.5.23 (2014-03-12) X-Scanned-By: MIMEDefang 2.75 on 147.229.8.12 Cc: freebsd-security@freebsd.org, Max C X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Feb 2015 13:34:00 -0000 Hello, yes, thanks for the report. The issue with update3.FreeBSD.org should be fixed now. For further details please see updated https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197240 Best regards. Derek Schrock wrote (2015/02/05): > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197240 > > On Thu, Feb 05, 2015 at 09:09:09AM -0800, Max C wrote: > > freebsd-update gives me this message whenever I hit update3, but no message when I hit any other server. > > > > Looks like update3 has not been updated in at least ~10 days. Who should I contact to resync update3? > > > > Thanks. > > > > - Max > > > > Begin forwarded message: > > > > > Looking up update.FreeBSD.org mirrors... 5 mirrors found. > > > Fetching metadata signature for 9.3-RELEASE from update3.freebsd.org... done. > > > > > > Files on mirror (9.3-RELEASE-p8) are older than the > > > most recently seen updates (9.3-RELEASE-p9). > > > Cowardly refusing to proceed any further. -- Rudolf Cejka http://www.fit.vutbr.cz/~cejkar Brno University of Technology, Faculty of Information Technology Bozetechova 2, 612 66 Brno, Czech Republic From owner-freebsd-security@FreeBSD.ORG Sat Feb 7 02:37:23 2015 Return-Path: Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 9D2936E2 for ; Sat, 7 Feb 2015 02:37:23 +0000 (UTC) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gold.funkthat.com", Issuer "gold.funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 6197E2D2 for ; Sat, 7 Feb 2015 02:37:19 +0000 (UTC) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.14.5/8.14.5) with ESMTP id t172bIIN059437 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 6 Feb 2015 18:37:18 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.14.5/8.14.5/Submit) id t172bIfj059436 for freebsd-security@FreeBSD.org; Fri, 6 Feb 2015 18:37:18 -0800 (PST) (envelope-from jmg) Resent-From: John-Mark Gurney Resent-Date: Fri, 6 Feb 2015 18:37:18 -0800 Resent-Message-ID: <20150207023718.GD58410@funkthat.com> Resent-To: freebsd-security@FreeBSD.org Date: Fri, 6 Feb 2015 18:35:25 -0800 From: John-Mark Gurney To: security@FreeBSD.org, current@FreeBSD.org Subject: request for crypto hardware... Message-ID: <20150207023525.GC58410@funkthat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (gold.funkthat.com [127.0.0.1]); Fri, 06 Feb 2015 18:37:18 -0800 (PST) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Feb 2015 02:37:23 -0000 I have some plans to improve the opencrypto framework in FreeBSD later this year. This will require invasive changes to the various drivers. So, I'd like to line up hardware/volunteers before then. If you would like to see your hardware tested and verified to work with the new changes, please contact me w/ either a donation of hardware, money to purchase hardware, or if you have hardware, that you volunteer to test changes. I currently have the following hardware: aesni I do not have the following hardware: hifn ubsec padlock (VIA C3, C7 and Eden) cesa (Marvell, missing man page) glxsb (AMD Geode LX, such as Sokris Net5501, missing man page) safe (SafeNet) sec (Freescale, missing man page) cryptocteon (Cavium Octeon, missing man page) nlmsec (mips/nlm/dev/sec/nlmsec.c, missing man page) rmisec (mips/rmi/dev/sec/rmisec.c, missing man page) -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." From owner-freebsd-security@FreeBSD.ORG Sat Feb 7 04:59:01 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 185B9DEC; Sat, 7 Feb 2015 04:59:01 +0000 (UTC) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "gold.funkthat.com", Issuer "gold.funkthat.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id CC8003B8; Sat, 7 Feb 2015 04:59:00 +0000 (UTC) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.14.5/8.14.5) with ESMTP id t174wxMI060196 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 6 Feb 2015 20:58:59 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.14.5/8.14.5/Submit) id t174wxpb060195; Fri, 6 Feb 2015 20:58:59 -0800 (PST) (envelope-from jmg) Date: Fri, 6 Feb 2015 20:58:59 -0800 From: John-Mark Gurney To: Benjamin Perrault Subject: Re: request for crypto hardware... Message-ID: <20150207045859.GF58410@funkthat.com> References: <20150207023525.GC58410@funkthat.com> <775F9DB7-A493-48CF-8B77-30A71693FD98@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <775F9DB7-A493-48CF-8B77-30A71693FD98@gmail.com> X-Operating-System: FreeBSD 9.1-PRERELEASE amd64 X-PGP-Fingerprint: 54BA 873B 6515 3F10 9E88 9322 9CB1 8F74 6D3F A396 X-Files: The truth is out there X-URL: http://resnet.uoregon.edu/~gurney_j/ X-Resume: http://resnet.uoregon.edu/~gurney_j/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (gold.funkthat.com [127.0.0.1]); Fri, 06 Feb 2015 20:58:59 -0800 (PST) Cc: freebsd-security@freebsd.org, current@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Feb 2015 04:59:01 -0000 Benjamin Perrault wrote this message on Fri, Feb 06, 2015 at 18:41 -0800: > I have a Soekris Net5501 ( glxsb ) w/ a vpn1411 card in it ( which is a hifn based crypto board ) that you can have. And they are in SF, so, I believe, fairly local for you. > > Let me know if they are of interest. Thanks, I've taken this offer off list. > > On Feb 6, 2015, at 6:35 PM, John-Mark Gurney wrote: > > > > I have some plans to improve the opencrypto framework in FreeBSD later > > this year. This will require invasive changes to the various drivers. > > So, I'd like to line up hardware/volunteers before then. > > > > If you would like to see your hardware tested and verified to work > > with the new changes, please contact me w/ either a donation of > > hardware, money to purchase hardware, or if you have hardware, that > > you volunteer to test changes. > > > > I currently have the following hardware: > > aesni > > > > I do not have the following hardware: > > hifn > > ubsec > > padlock (VIA C3, C7 and Eden) > > cesa (Marvell, missing man page) > > glxsb (AMD Geode LX, such as Sokris Net5501, missing man page) > > safe (SafeNet) > > sec (Freescale, missing man page) > > cryptocteon (Cavium Octeon, missing man page) > > nlmsec (mips/nlm/dev/sec/nlmsec.c, missing man page) > > rmisec (mips/rmi/dev/sec/rmisec.c, missing man page) -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."