~mcf

https://mforney.org

~mcf/cproc

Last active 24 days ago

~mcf/libtls-bearssl

Last active 9 months ago

~mcf/dnssec-rr

Last active 1 year, 2 months ago

~mcf/test

Last active 1 year, 8 months ago
View more

Recent activity

Re: [PATCH] main/doas: set doas.conf to mode 500 28 days ago

From Michael Forney to ~sircmpwn/alpine-aports

On 2021-07-02, Drew DeVault <sir@cmpwn.com> wrote:
> -	chmod 440 "$pkgdir"/etc/doas.conf
> +	chmod 500 "$pkgdir"/etc/doas.conf

I think you intended 600 (rw-------). 500 is r-x------.

[PATCH sr.ht-docs] builds.sr.ht: Add NetBSD to compatibility.md 28 days ago

From Michael Forney to ~sircmpwn/sr.ht-dev

---
 builds.sr.ht/compatibility.md | 87 +++++++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)

diff --git a/builds.sr.ht/compatibility.md b/builds.sr.ht/compatibility.md
index 94e28e8..4f66fa4 100644
--- a/builds.sr.ht/compatibility.md
@@ -972,3 +972,90 @@ Support cycle: no support guarantees are made for 9front
  wire protocol
- Custom packages and custom repositories are not supported
- Shell access is not supported

## NetBSD
[message trimmed]

[PATCH builds.sr.ht v6] Simplify NetBSD image creation and remove EOL NetBSD version a month ago

From Michael Forney to ~sircmpwn/sr.ht-dev

From: Thomas Merkel <tm@core.io>

Provide a more simple NetBSD installation method by extracting the
sets.

Additional to that:

- Remove py-anita dependency
- Remove NetBSD 7.x because of EOL
- Remove NetBSD current since it still needs more work
- Switch to CDN when possible to speedup download of resources
- Add NetBSD 9.2 resource information and script
- Remove -p flag from cvs update command, since that writes the
  files to stdout instead of updating them.
[message trimmed]

Re: [PATCH builds.sr.ht v5] Simplify NetBSD image creation and remove EOL NetBSD version a month ago

From Michael Forney to ~sircmpwn/sr.ht-dev

On 20201-06-06, Drew DeVault <sir@cmpwn.com> wrote:
> Nice work! Can you do a brief write-up of how to do the full bootstrap
> from scratch? I assume it's as simple as setting up a NetBSD VM and
> running the genimg script, but just want to double check to save myself
> the effort of troubleshooting if it's more involved.

Yep, the following steps should work:
1. Install a NetBSD VM, enabling binary packages.
2. Install qemu, git, and mozilla-rootcerts with pkgin, then run
`mozilla-rootcerts install`.
3. Clone the builds.sr.ht repo and run genimg.

> We should do whatever is most idiomatic to meet NetBSD users
> expectations. My suspicion is that binary packages will be fine in this

[PATCH builds.sr.ht] images/control: fix up some error messages a month ago

From Michael Forney to ~sircmpwn/sr.ht-dev

- Use printf consistently instead of a mix of echo and printf.
- Write error messages to stderr consistently.
- Add missing trailing newline in one message.
- Fix one instance of writing the error message to a file named '2'.
- Exit with non-zero status on unknown command.
---
 images/control | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/images/control b/images/control
index 9e08e18..1a774f2 100755
--- a/images/control
+++ b/images/control
@@ -13,7 +13,7 @@ shift 2
[message trimmed]

[PATCH builds.sr.ht v5] Simplify NetBSD image creation and remove EOL NetBSD version a month ago

From Michael Forney to ~sircmpwn/sr.ht-dev

From: Thomas Merkel <tm@core.io>

Provide a more simple NetBSD installation method by extracting the
sets.

Additional to that:

- Remove py-anita dependency
- Remove NetBSD 7.x because of EOL
- Remove NetBSD current since it still needs more work
- Switch to CDN when possible to speedup download of resources
- Add NetBSD 9.2 resource information and script

Instead of creating a smaller filesystem image and resizing, just
[message trimmed]

Re: [RFC PATCH] WIP: client side certificates 2 months ago

From Michael Forney to ~sircmpwn/gmni-devel

On 2021-05-17, Drew DeVault <sir@cmpwn.com> wrote:
> Thanks. Any chance for a 0.3 as well?

Before I do so, can you confirm that the API looks sufficient for your
use case? I believe you are just creating self-signed certs with some
particular DN, so I think it should be fine, but I just want to
double-check.

Re: [RFC PATCH] WIP: client side certificates 2 months ago

From Michael Forney to ~sircmpwn/gmni-devel

On 2021-05-16, Drew DeVault <sir@cmpwn.com> wrote:
> Do you think you could add a pkg-config file to this? The BearSSL
> maintainer isn't interested in this, but doesn't provide any rational
> reasons, so hopefully you're easier to convince.

Sure, just added one.

Re: [RFC PATCH] WIP: client side certificates 2 months ago

From Michael Forney to ~sircmpwn/gmni-devel

On 2021-03-04, Michael Forney <mforney@mforney.org> wrote:
> Drew DeVault <sir@cmpwn.com> wrote:
>> Also, BearSSL lacks support for creating new certificates, so automatic
>> certificate creation will have to be postponed. I might actually end up
>> ditching BearSSL over this, mere hours after I decided to switch to it,
>> which I'm rather annoyed about.
>
> I think it wouldn't be too difficult to write a small utility/library
> to wrap a public key in a self-signed certificate. This would be
> quite useful even outside the context of gemini.

I ended up writing such a utility/library: https://git.sr.ht/~mcf/x509cert

> It should just be

Re: [PATCH v3 2/2] handle prefixed string literals 3 months ago

From Michael Forney to ~mcf/cproc

Thanks! This is shaping up pretty well.

On 2021-04-14, Nihal Jere <nihal@nihaljere.xyz> wrote:
> ---
> The patch now handles initializers inside structs and functions
> properly, and the tests for these have been updated for wide strings as
> well.
>
> I'm not sure my change in parseinit is correct, but it seems to work
> well in my testing.
>
> While testing, I found that gcc treats wide prefixed literals as type
> int, and complains when you try to assign it to an unsigned int array,