Page MenuHomeFreeBSD

ngie (Enji Cooper)
User

Projects

User Details

User Since
Aug 2 2014, 8:08 AM (461 w, 19 h)

Recent Activity

Fri, Jun 2

ngie added inline comments to D40296: dumpon(8): support OpenSSL 3.
Fri, Jun 2, 2:22 AM

Thu, Jun 1

ngie added a reviewer for D40366: devel/apr1: support building DBM with BDB 1.85: brnrd.
Thu, Jun 1, 7:12 AM
ngie requested review of D40366: devel/apr1: support building DBM with BDB 1.85.
Thu, Jun 1, 7:11 AM

Wed, May 31

ngie added a comment to D40353: dumpon: update OpenSSL initialization call.

Some of the comments I found elsewhere suggested this is unnecessary with OpenSSL 1.1+. Is this truly needed?

Wed, May 31, 10:26 PM
ngie added a comment to D40275: Fix rpc.tlsservd and rpc.tlsclntd so they build for OpenSSL3.

The commit message/revision description needs updating, BTW.

Wed, May 31, 5:07 AM
ngie accepted D40275: Fix rpc.tlsservd and rpc.tlsclntd so they build for OpenSSL3.
Wed, May 31, 5:06 AM
ngie accepted D40275: Fix rpc.tlsservd and rpc.tlsclntd so they build for OpenSSL3.

LGTM, but I think @jhb’s suggestion about using static functions or macros with forward looking names would be a good potential investment, but that doesn’t need to be done here or now.

Wed, May 31, 2:48 AM

Tue, May 30

ngie accepted D40341: unbound: avoid calling deprecated OpenSSL function.

Sounds good to me! From https://www.openssl.org/docs/man3.1/man3/SSL_CTX_set_ecdh_auto.html :

Tue, May 30, 11:11 PM

Sun, May 28

ngie added inline comments to D40296: dumpon(8): support OpenSSL 3.
Sun, May 28, 5:56 AM
ngie retitled D40307: kyua: map require.diskspace to required_disk_space from Pipe through require.diskspace from atf-sh to kyua: map require.diskspace to required_disk_space.
Sun, May 28, 5:52 AM
ngie added a reviewer for D40307: kyua: map require.diskspace to required_disk_space: olivier.
Sun, May 28, 5:51 AM
ngie updated the summary of D40307: kyua: map require.diskspace to required_disk_space.
Sun, May 28, 5:49 AM
ngie added reviewers for D40307: kyua: map require.diskspace to required_disk_space: kevans, asomers, brooks.
Sun, May 28, 5:48 AM
ngie requested review of D40307: kyua: map require.diskspace to required_disk_space.
Sun, May 28, 5:47 AM
ngie committed rG27234ad6999b: Fix the build post-dcf5d5603b3af8 (authored by ngie).
Fix the build post-dcf5d5603b3af8
Sun, May 28, 2:19 AM
ngie added a comment to D40296: dumpon(8): support OpenSSL 3.

I've been going back and forth a lot over the wording and APIs in use because I've been refining my understanding upon reading the manpages and tried to get things consistent across the board to aid with program UX 😅.
The existing code was also misleading/incorrect in terms of how the limits were calculated and enforced, too: it should have been 256, not 112 -- I have no idea why someone chose the number 112.

Sun, May 28, 2:08 AM
ngie updated the diff for D40296: dumpon(8): support OpenSSL 3.

Include appropriate headers for new APIs in use

Sun, May 28, 12:54 AM
ngie updated the diff for D40296: dumpon(8): support OpenSSL 3.

Consistently use bytes or bits in calculations

Sun, May 28, 12:47 AM
ngie updated the diff for D40296: dumpon(8): support OpenSSL 3.

Make the minimum required RSA bits 256, not 112.

Sun, May 28, 12:42 AM
ngie updated the diff for D40296: dumpon(8): support OpenSSL 3.

Update values and messages used when testing pubkey limits

Sun, May 28, 12:37 AM
ngie closed D40305: Reduce ifdef soup by adding pre-3.0 compat support.
Sun, May 28, 12:06 AM
ngie committed rGdcf5d5603b3a: Reduce ifdef soup by adding pre-3.0 compat support (authored by ngie).
Reduce ifdef soup by adding pre-3.0 compat support
Sun, May 28, 12:06 AM

Sat, May 27

ngie requested review of D40305: Reduce ifdef soup by adding pre-3.0 compat support.
Sat, May 27, 9:13 PM
ngie updated the diff for D40296: dumpon(8): support OpenSSL 3.

Remove all pre-3.0 related ifdefs.

Sat, May 27, 8:57 PM
ngie committed rGc60be9ea6b1e: Add simple factor/primes regression tests (authored by ngie).
Add simple factor/primes regression tests
Sat, May 27, 6:12 PM
ngie committed rG537cd766435c: factor: support OpenSSL 3 (authored by ngie).
factor: support OpenSSL 3
Sat, May 27, 6:12 PM
ngie closed D40297: Add simple factor/primes regression tests.
Sat, May 27, 6:12 PM
ngie closed D40298: factor: support OpenSSL 3.
Sat, May 27, 6:12 PM
ngie added inline comments to D40297: Add simple factor/primes regression tests.
Sat, May 27, 6:05 PM
ngie added a reviewer for D40298: factor: support OpenSSL 3: khorben_defora.org.
Sat, May 27, 4:57 AM
ngie requested review of D40298: factor: support OpenSSL 3.
Sat, May 27, 4:56 AM
ngie updated the summary of D40297: Add simple factor/primes regression tests.
Sat, May 27, 4:54 AM
ngie requested review of D40297: Add simple factor/primes regression tests.
Sat, May 27, 4:53 AM
ngie updated the test plan for D40296: dumpon(8): support OpenSSL 3.
Sat, May 27, 3:02 AM
ngie updated the test plan for D40296: dumpon(8): support OpenSSL 3.
Sat, May 27, 3:02 AM
ngie added a reviewer for D40296: dumpon(8): support OpenSSL 3: khorben_defora.org.
Sat, May 27, 2:57 AM
ngie requested review of D40296: dumpon(8): support OpenSSL 3.
Sat, May 27, 2:56 AM
ngie committed rG52b63df9b6df: dumpon: provide diag info when `PEM_read_RSA_PUBKEY` fails (authored by ngie).
dumpon: provide diag info when `PEM_read_RSA_PUBKEY` fails
Sat, May 27, 1:06 AM

Fri, May 26

ngie accepted D40273: auditdistd: Avoid calling deprecated OpenSSL functions.

(Copied from the GitHub pull request) So far I am aiming for minimal diffs, and plan to make another pass over everything later on including updates to use OpenSSL 3 APIs. In particular I don't want to delete SSL_library_init(); if other pre-OpenSSL-1.1 code remains (I haven't checked whether or not it does, yet).

Fri, May 26, 12:46 AM

Thu, May 25

ngie added inline comments to D40273: auditdistd: Avoid calling deprecated OpenSSL functions.
Thu, May 25, 11:12 PM
ngie added inline comments to D40265: libfetch: do not call deprecated OpenSSL functions.
Thu, May 25, 11:11 PM
ngie committed rG9a49a3792940: mptutil: document that disabled/enabled are also supported (authored by ngie).
mptutil: document that disabled/enabled are also supported
Thu, May 25, 4:57 AM

Tue, May 23

ngie committed rG5a9c724847f9: Correct size parameter to strncmp (authored by Rose <83477269+AtariDreams@users.noreply.github.com>).
Correct size parameter to strncmp
Tue, May 23, 1:20 AM

Sat, May 20

ngie added a reverting change for rGc6750ddec917: Require the OpenSSL 1.1 APIs when compiling ldns: rG902dc544cc58: Revert "Require the OpenSSL 1.1 APIs when compiling ldns".
Sat, May 20, 7:02 PM
ngie added a reverting change for D40082: Require the OpenSSL 1.1 APIs when compiling ldns: rG902dc544cc58: Revert "Require the OpenSSL 1.1 APIs when compiling ldns".
Sat, May 20, 7:02 PM
ngie committed rG902dc544cc58: Revert "Require the OpenSSL 1.1 APIs when compiling ldns" (authored by ngie).
Revert "Require the OpenSSL 1.1 APIs when compiling ldns"
Sat, May 20, 7:02 PM
ngie committed rGc6750ddec917: Require the OpenSSL 1.1 APIs when compiling ldns (authored by ngie).
Require the OpenSSL 1.1 APIs when compiling ldns
Sat, May 20, 6:42 PM
ngie closed D40082: Require the OpenSSL 1.1 APIs when compiling ldns.
Sat, May 20, 6:42 PM

Sat, May 13

ngie committed rG46f35bf28d0a: rc.subr(8): delete debug cpuset helper (authored by ngie).
rc.subr(8): delete debug cpuset helper
Sat, May 13, 2:50 AM
ngie closed D40055: rc.subr(8): delete debug cpuset helper.
Sat, May 13, 2:50 AM
ngie updated the summary of D40082: Require the OpenSSL 1.1 APIs when compiling ldns.
Sat, May 13, 2:42 AM
ngie updated subscribers of D40082: Require the OpenSSL 1.1 APIs when compiling ldns.
Sat, May 13, 2:42 AM
ngie requested review of D40082: Require the OpenSSL 1.1 APIs when compiling ldns.
Sat, May 13, 2:41 AM

Thu, May 11

ngie added a comment to D40065: dma: use OpenSSL 1.1 init API.

Submitted as https://github.com/corecode/dma/pull/126 .

Thu, May 11, 4:32 PM
ngie added a comment to D40065: dma: use OpenSSL 1.1 init API.

Ah, it’s not fixed upstream yet. I can submit the patch if that’s ok.

Thu, May 11, 3:05 PM
ngie accepted D40065: dma: use OpenSSL 1.1 init API.

Can we also update this third-party package to a version that supports OpenSSL 3?

Thu, May 11, 3:03 PM
ngie requested review of D40057: cpuset(8): move to /bin/.
Thu, May 11, 6:00 AM
ngie requested review of D40055: rc.subr(8): delete debug cpuset helper.
Thu, May 11, 5:49 AM
ngie committed rG4e9041a78690: rc.subr(8): run `trailing-whitespace-fixer` (authored by ngie).
rc.subr(8): run `trailing-whitespace-fixer`
Thu, May 11, 5:42 AM

Wed, May 10

ngie added inline comments to D40043: tsort: Add unit tests..
Wed, May 10, 10:51 PM

Apr 22 2023

ngie accepted D39711: dd: Tidy up the tests..
Apr 22 2023, 3:37 PM

Apr 18 2023

ngie accepted D39641: dd: Fix SIGINT handling..
Apr 18 2023, 5:19 PM

Apr 16 2023

ngie foisted D38939: Update security/py-cryptography to 40.0.1 upon sunpoet.
Apr 16 2023, 5:16 PM
ngie updated the diff for D38939: Update security/py-cryptography to 40.0.1.

Update with @sunpoet's patch from https://people.freebsd.org/~sunpoet/patch/security-py-cryptography.txt .

Apr 16 2023, 5:16 PM
ngie commandeered D38939: Update security/py-cryptography to 40.0.1.

Take back so I can update the diff.

Apr 16 2023, 5:15 PM
ngie retitled D38939: Update security/py-cryptography to 40.0.1 from Update security/py-cryptography to 39.0.2 to Update security/py-cryptography to 40.0.1.
Apr 16 2023, 5:14 PM
ngie foisted D38939: Update security/py-cryptography to 40.0.1 upon sunpoet.

@sunpoet : I'm going to pass this review to you, given that you're the more current maintainer and you have a patch out for updating to 40.0.1. Please feel free to abandon the review if you it's being addressed elsewhere or you don't feel this is necessary.

Apr 16 2023, 5:12 PM

Apr 3 2023

ngie added inline comments to D39385: Testing: add framework for the kernel unit tests.
Apr 3 2023, 4:23 PM

Mar 20 2023

ngie added a comment to D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.

John: do you have any more comments I should follow up on?

Mar 20 2023, 5:39 PM

Mar 19 2023

ngie updated subscribers of D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.

This built successfully with poudriere on 13.1-RELEASE-p7/amd64. It also passed the exp-run according to @antoine: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270161#c1 .

Mar 19 2023, 5:40 AM

Mar 15 2023

ngie added inline comments to D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.
Mar 15 2023, 12:16 AM

Mar 14 2023

ngie updated the test plan for D39037: Upgrade security/py-openssl to 23.0.0.
Mar 14 2023, 5:57 PM

Mar 13 2023

ngie added a reviewer for D39037: Upgrade security/py-openssl to 23.0.0: sbz.
Mar 13 2023, 9:00 AM
ngie updated the test plan for D39037: Upgrade security/py-openssl to 23.0.0.
Mar 13 2023, 8:09 AM
ngie added reviewers for D39037: Upgrade security/py-openssl to 23.0.0: Python, rozhuk.im-gmail.com.
Mar 13 2023, 8:08 AM
ngie requested review of D39037: Upgrade security/py-openssl to 23.0.0.
Mar 13 2023, 8:06 AM
ngie updated the diff for D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.

Fix typo in previous revision regarding version pinning.

Mar 13 2023, 4:22 AM
ngie updated the diff for D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.

Add a minimum required test-vectors version and a comment noting why the version is pinned.

Mar 13 2023, 4:20 AM
ngie updated the diff for D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.

Address comments re: 3.11 support.

Mar 13 2023, 4:12 AM
ngie added a comment to D39035: Upgrade py-pytest-cov from 2.9.0 to 4.0.

patch-setup.py isn't strictly required I suppose. I can remove it from the diff, if need be.

Mar 13 2023, 3:57 AM
ngie updated subscribers of D39035: Upgrade py-pytest-cov from 2.9.0 to 4.0.
Mar 13 2023, 3:55 AM
ngie requested review of D39035: Upgrade py-pytest-cov from 2.9.0 to 4.0.
Mar 13 2023, 3:55 AM

Mar 12 2023

ngie added a reviewer for D38939: Update security/py-cryptography to 40.0.1: Python.
Mar 12 2023, 7:28 PM
ngie retitled D39030: Upgrade security/py-pycryptodome{,x,-test-vectors} from Upgrade security/py-pycryptodome{,-test-vectors} to Upgrade security/py-pycryptodome{,x,-test-vectors}.
Mar 12 2023, 7:27 PM
ngie updated the summary of D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.
Mar 12 2023, 7:25 PM
ngie added a reviewer for D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}: jobrien_phabricator_saltant.net.
Mar 12 2023, 7:24 PM
ngie updated the summary of D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.
Mar 12 2023, 7:22 PM
ngie added a reviewer for D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}: Python.
Mar 12 2023, 7:19 PM
ngie added inline comments to D39018: tarfs: Repeat tests using GNU tar if available..
Mar 12 2023, 7:18 PM
ngie accepted D39018: tarfs: Repeat tests using GNU tar if available..

This is a bit of additional boilerplate that would be nice to DRY. Not needed now, but it would be a good idea to create a for-loop that generates test cases for gtar/non-gtar within atf_init_test_cases, if possible.

Mar 12 2023, 7:16 PM
ngie requested review of D39030: Upgrade security/py-pycryptodome{,x,-test-vectors}.
Mar 12 2023, 7:11 PM

Mar 8 2023

ngie added a comment to D38938: Split off release/development versions of OpenSSL 3.

The changes that needed to be removed are based on complaints from the developer checks printed out by stage-qa, BTW: I naively heeded the advice from stage-qa post build, which is why I introduced the checks: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270035 .

Mar 8 2023, 1:33 PM
ngie planned changes to D38938: Split off release/development versions of OpenSSL 3.
Mar 8 2023, 3:53 AM

Mar 7 2023

ngie retitled D38939: Update security/py-cryptography to 40.0.1 from Update security/py-cryptography to 39.0.2 This change is required in order to upgrade to OpenSSL 3.x. to Update security/py-cryptography to 39.0.2.
Mar 7 2023, 8:58 AM
ngie requested review of D38939: Update security/py-cryptography to 40.0.1.
Mar 7 2023, 8:56 AM
ngie updated subscribers of D38938: Split off release/development versions of OpenSSL 3.
Mar 7 2023, 5:02 AM
ngie updated subscribers of D38938: Split off release/development versions of OpenSSL 3.
Mar 7 2023, 4:18 AM
ngie requested review of D38938: Split off release/development versions of OpenSSL 3.
Mar 7 2023, 4:17 AM

Mar 6 2023

ngie abandoned D38835: openssl: Vendor import of OpenSSL-3.0.8.

Merged as https://reviews.freebsd.org/rGe4520c8bd1d3 .

Mar 6 2023, 7:54 PM · security, secteam
ngie committed rGe4520c8bd1d3: openssl: Vendor import of OpenSSL-3.0.8 (authored by ngie).
openssl: Vendor import of OpenSSL-3.0.8
Mar 6 2023, 7:40 PM