From dirkx at webweaving.org Tue Dec 3 22:01:22 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Tue, 3 Dec 2019 22:01:22 +0100 Subject: [rs-dev] Work-around for Open SSL 1.1.0 till Open SSL 1.1.1 bis Message-ID: So OpenSSL 1.1.0 made the contents of the X509_REQ struct private. And only gave us a getter. I've put in a PR for a setter (https://github.com/openssl/openssl/pull/10563) But that will take a few months to work through - and 2-3 years for most distributions to pick this up. How about below as a stopgap for us. Or is this too naughty ? Dw. Index: mod_csr.c =================================================================== --- mod_csr.c (revision 145) +++ mod_csr.c (working copy) @@ -47,6 +47,8 @@ #define DEFAULT_FRESHNESS 2 #define DEFAULT_FRESHNESS_MAX 3600*24 +#include "openssl_setter_compat.h" + module AP_MODULE_DECLARE_DATA csr_module; typedef struct @@ -897,7 +899,13 @@ X509_REQ_set_pubkey(creq, pktmp); /* duplicate the signature algorithm */ +#if OPENSSL_VERSION_NUMBER > 0x010100000L + const X509_ALGOR *psigalg; + X509_REQ_get0_signature(req,NULL /* no need for signature */,&psigalg); + X509_REQ_set0_signature(creq, NULL, X509_ALGOR_dup((X509_ALGOR*)psigalg)); +#else creq->sig_alg = X509_ALGOR_dup(req->sig_alg); +#endif /* extract the param_challenge, if present */ idx = X509_REQ_get_attr_by_NID(req, OBJ_sn2nid("challengePassword"), -1); Index: openssl_setter_compat.h =================================================================== --- openssl_setter_compat.h (nonexistent) +++ openssl_setter_compat.h (working copy) @@ -0,0 +1,38 @@ +#if OPENSSL_VERSION_NUMBER < 0x010101000L || OPENSSL_VERSION_NUMBER >= 0x010100000L +#warning Including openssl private parts - as there is no setter yet (OpenSSL_1_1_0-pre1 .. post OpenSSL_1_1_1) + +#include "openssl/x509.h" + +// Yhese routines are coies from OpenSSL/1.1.1 its x509/x509_req.c +// and the private header files for that. + +struct X509_req_info_st { + ASN1_ENCODING enc; + ASN1_INTEGER *version; + X509_NAME *subject; + X509_PUBKEY *pubkey; + STACK_OF(X509_ATTRIBUTE) *attributes; +}; + +typedef _Atomic int CRYPTO_REF_COUNT; + +struct X509_req_st { + X509_REQ_INFO req_info; + X509_ALGOR sig_alg; + ASN1_BIT_STRING *signature; /* signature */ + CRYPTO_REF_COUNT references; + CRYPTO_RWLOCK *lock; +# ifndef OPENSSL_NO_SM2 + ASN1_OCTET_STRING *sm2_id; +# endif +}; + +static void X509_REQ_set0_signature(X509_REQ *req, ASN1_BIT_STRING *psigOrNull, + X509_ALGOR *palgOrNull) +{ + if (psigOrNull != NULL) + req->signature = psigOrNull; + if (palgOrNull != NULL) + req->sig_alg = *palgOrNull; +} +#endif From dirkx at webweaving.org Tue Dec 3 22:04:32 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Tue, 3 Dec 2019 22:04:32 +0100 Subject: [rs-dev] Work-around for Open SSL 1.1.0 till Open SSL 1.1.1 bis In-Reply-To: References: Message-ID: <0AA53EFB-66F1-4E78-B72D-8D610151960C@webweaving.org> On 3 Dec 2019, at 22:01, Dirk-Willem van Gulik via rs-dev wrote: > > So OpenSSL 1.1.0 made the contents of the X509_REQ struct private. And only gave us a getter. > > I've put in a PR for a setter (https://github.com/openssl/openssl/pull/10563) FWIIW - that PR is nicely progressing - approved for merge into 1.1.1 (e I guess?). Dw. From minfrin at redwax.eu Thu Dec 5 00:26:51 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Thu, 5 Dec 2019 01:26:51 +0200 Subject: [rs-dev] Work-around for Open SSL 1.1.0 till Open SSL 1.1.1 bis In-Reply-To: References: Message-ID: On 03 Dec 2019, at 23:01, Dirk-Willem van Gulik via rs-dev wrote: > So OpenSSL 1.1.0 made the contents of the X509_REQ struct private. And only gave us a getter. > > I've put in a PR for a setter (https://github.com/openssl/openssl/pull/10563) > > But that will take a few months to work through - and 2-3 years for most distributions to pick this up. > > How about below as a stopgap for us. > > Or is this too naughty ? I think given it was public in the past and so set in stone, it works in the present, and looks like it will be accepted in future, as soon as anyone upstreams breaks anything the proper setter will be used and it won't matter. Regards, Graham ? From minfrin at redwax.eu Fri Dec 6 14:13:19 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Fri, 6 Dec 2019 15:13:19 +0200 Subject: [rs-dev] Overall Architecture principles: https://redwax.eu/rw/architecture/ Message-ID: Hi all, I have documented the basic architecture principles for Redwax code in general. These take the form of acceptance criteria against which the design of any code should be measured: https://redwax.eu/rw/architecture/ In this second document, I've documented how the above applies to Redwax Server specifically: https://redwax.eu/rs/docs/latest/architecture.html It covers each acceptable criterion, and also gives a big picture diagram of the Redwax Server architecture. It?s tricky to describe without saying ?it?s just Apache httpd?. Is this enough or do we need more detail? Regards, Graham ? From dirkx at webweaving.org Fri Dec 6 15:02:38 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Fri, 6 Dec 2019 15:02:38 +0100 Subject: [rs-dev] Overall Architecture principles: https://redwax.eu/rw/architecture/ In-Reply-To: References: Message-ID: On 6 Dec 2019, at 14:13, Graham Leggett via rs-dev wrote: > I have documented the basic architecture principles for Redwax code in general. These take the form of acceptance criteria against which the design of any code should be measured: > > https://redwax.eu/rw/architecture/ > > In this second document, I've documented how the above applies to Redwax Server specifically: > > https://redwax.eu/rs/docs/latest/architecture.html > > It covers each acceptable criterion, and also gives a big picture diagram of the Redwax Server architecture. It?s tricky to describe without saying ?it?s just Apache httpd?. > > Is this enough or do we need more detail? Think this is a good start ! If I commit a change - does it flow straight to the site ? Or is there a `release? tag ? Dw. From dirkx at webweaving.org Fri Dec 6 15:04:29 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Fri, 6 Dec 2019 15:04:29 +0100 Subject: [rs-dev] Release vote -- not quite there yet Message-ID: <29D1B38E-C805-4A6F-80F4-BF7A2B9267D5@webweaving.org> Grmpfh ? the OpenSSL crowd does not quite internally agree on how to tackle this API issue - so I a going to wait for another 24-48 hours before asking for an 0.01 or a 1.00 (which I think is a fair) number release tag. Secondly - objections if I create a ?distribution-utils? or some similar TLD in SVN - to keep my NixOS and FreeBSD ports code in ? Dw. PS: I need a ?tag? - as that is the only clean way to integrate it in NixOS ? my current integration is a hack. From minfrin at redwax.eu Fri Dec 6 15:09:19 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Fri, 6 Dec 2019 16:09:19 +0200 Subject: [rs-dev] Overall Architecture principles: https://redwax.eu/rw/architecture/ In-Reply-To: References: Message-ID: <1C621733-BD04-4F5E-83AD-9BD905181D0D@redwax.eu> On 06 Dec 2019, at 16:02, Dirk-Willem van Gulik via rs-dev wrote: > Think this is a good start ! If I commit a change - does it flow straight to the site ? Or is there a `release? tag ? Right now if you commit to trunk/master on the rs-manual, it will automatically be built by bamboo and published with maven to the trunk/master version of the docs on the site automatically. The main site isn?t mavenised yet, so anything you commit to trunk/master needs to be ?svn update?'d manually from the /var/www/secure/redwax.eu/ directory. When the main site becomes maven, bamboo will do everything that?s needed. Regards, Graham ? From dirkx at webweaving.org Fri Dec 6 20:35:54 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Fri, 6 Dec 2019 20:35:54 +0100 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> Message-ID: <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> Would anyone object to tagging the state of the repo as a first release / 0.01 (or 1.00) ? The OpenSSL discussion is going to take a while (yak shaving) - so I made a small tweak that isolates us from their 1.1.1e release timelines. And a 0.01 or 1.00 tag (even a tarball is not needed) lets us do the NixOS pull request. Dw From minfrin at redwax.eu Sun Dec 8 00:48:43 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Sun, 8 Dec 2019 01:48:43 +0200 Subject: [rs-dev] Release vote -- not quite there yet In-Reply-To: <29D1B38E-C805-4A6F-80F4-BF7A2B9267D5@webweaving.org> References: <29D1B38E-C805-4A6F-80F4-BF7A2B9267D5@webweaving.org> Message-ID: <7ED6D9C7-A6F2-428F-850D-BF73ACEDEA08@redwax.eu> On 06 Dec 2019, at 16:04, Dirk-Willem van Gulik via rs-dev wrote: > Grmpfh ? the OpenSSL crowd does not quite internally agree on how to tackle this API issue - so I a going to wait for another 24-48 hours before asking for an 0.01 or a 1.00 (which I think is a fair) number release tag. > > Secondly - objections if I create a ?distribution-utils? or some similar TLD in SVN - to keep my NixOS and FreeBSD ports code in ? Does NixOS and FreeBSD need outside-the-tree definitions, or do they support inside-the-tree definitions? Currently we support both Debian and RPM inside-the-tree, but either is possible. I?ve created a https://source.redwax.eu/svn/redwax/rs/rs-distribution repo that follows the pattern used by rs-manual. Will this be ok? Regards, Graham ? From minfrin at redwax.eu Sun Dec 8 00:51:40 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Sun, 8 Dec 2019 01:51:40 +0200 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> Message-ID: On 06 Dec 2019, at 21:35, Dirk-Willem van Gulik via rs-dev wrote: > Would anyone object to tagging the state of the repo as a first release / 0.01 (or 1.00) ? > > The OpenSSL discussion is going to take a while (yak shaving) - so I made a small tweak that isolates us from their 1.1.1e release timelines. > > And a 0.01 or 1.00 tag (even a tarball is not needed) lets us do the NixOS pull request. Currently all the versions are at 0.2.0, I think we are good for a release. Let me create the dist directory for it? Regards, Graham ? From dirkx at webweaving.org Sun Dec 8 12:20:49 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Sun, 8 Dec 2019 12:20:49 +0100 Subject: [rs-dev] Release vote -- not quite there yet In-Reply-To: <7ED6D9C7-A6F2-428F-850D-BF73ACEDEA08@redwax.eu> References: <29D1B38E-C805-4A6F-80F4-BF7A2B9267D5@webweaving.org> <7ED6D9C7-A6F2-428F-850D-BF73ACEDEA08@redwax.eu> Message-ID: > On 8 Dec 2019, at 00:48, Graham Leggett wrote: > > On 06 Dec 2019, at 16:04, Dirk-Willem van Gulik via rs-dev wrote: > >> Grmpfh ? the OpenSSL crowd does not quite internally agree on how to tackle this API issue - so I a going to wait for another 24-48 hours before asking for an 0.01 or a 1.00 (which I think is a fair) number release tag. >> >> Secondly - objections if I create a ?distribution-utils? or some similar TLD in SVN - to keep my NixOS and FreeBSD ports code in ? > > Does NixOS and FreeBSD need outside-the-tree definitions, or do they support inside-the-tree definitions? You mean - if it is ?foo-1.23/Makefile, etc? or without the TLD name as you unpack the source. FreeBSD and NixOS do not care; but foo-1./23 is more natural. > Currently we support both Debian and RPM inside-the-tree, but either is possible. > > I?ve created a https://source.redwax.eu/svn/redwax/rs/rs-distribution repo that follows the pattern used by rs-manual. Will this be ok? Ack ! Dw. From minfrin at redwax.eu Sun Dec 8 14:14:31 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Sun, 8 Dec 2019 15:14:31 +0200 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> Message-ID: <0145BF4A-ED95-46DA-9011-F480E7B1FF15@redwax.eu> On 08 Dec 2019, at 01:51, Graham Leggett via rs-dev wrote: > Let me create the dist directory for it? ?and the dist directory is created: https://source.redwax.eu/svn/dist/rs/ Add dev artifacts for voting on to the dev directory, and then copy them to release when ready. Automagically, everything in the release directory appears here: https://redwax.eu/dist/rs/ Regards, Graham ? From dirkx at webweaving.org Sun Dec 8 14:28:48 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Sun, 8 Dec 2019 14:28:48 +0100 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> Message-ID: > On 8 Dec 2019, at 00:51, Graham Leggett wrote: > > On 06 Dec 2019, at 21:35, Dirk-Willem van Gulik via rs-dev wrote: > >> Would anyone object to tagging the state of the repo as a first release / 0.01 (or 1.00) ? >> >> The OpenSSL discussion is going to take a while (yak shaving) - so I made a small tweak that isolates us from their 1.1.1e release timelines. >> >> And a 0.01 or 1.00 tag (even a tarball is not needed) lets us do the NixOS pull request. > > Currently all the versions are at 0.2.0, I think we are good for a release. So was 0.2.0 ever released? Or is this release a 0.2.1 ? Dw./ From minfrin at redwax.eu Sun Dec 8 15:26:56 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Sun, 8 Dec 2019 16:26:56 +0200 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> Message-ID: On 08 Dec 2019, at 15:28, Dirk-Willem van Gulik wrote: >> Currently all the versions are at 0.2.0, I think we are good for a release. > > So was 0.2.0 ever released? Or is this release a 0.2.1 ? To be safe this should be v0.2.1. Will update it quick. Regards, Graham ? From minfrin at redwax.eu Sun Dec 8 23:27:48 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Mon, 9 Dec 2019 00:27:48 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_ca v0.2.1 Message-ID: <1FC44F87-6882-4361-A538-D89099B9F2E2@redwax.eu> Hi all, Calling for a vote to release mod_ca v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? From info at gadylsh.ru Mon Dec 9 14:43:47 2019 From: info at gadylsh.ru (Sync) Date: Mon, 9 Dec 2019 16:43:47 +0300 Subject: [rs-dev] We present oneself Message-ID: Good day! We advance Sending your business proposition through the feedback form which can be found on the sites in the contact section. Contact form are filled in by our application and the captcha is solved. The advantage of this method is that messages sent through feedback forms are whitelisted. This method raise the chances that your message will be read. Our database contains more than 35 million sites around the world to which we can send your message. The cost of one million messages 49 USD FREE TEST mailing to any country of your choice. (We also provide other services. 1. Mailing email message to corporate addresses of any country 2. Selling the email database of any country in the world) This message is automatically generated. Use our contacts for communication. Contact us Telegram - @FeedbackMessages Skype ? Feedback_Messages Email - feedback.messages at mail.ru Contact us From dirkx at webweaving.org Mon Dec 9 22:54:49 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Mon, 9 Dec 2019 22:54:49 +0100 Subject: [rs-dev] [Vote] Release Redwax Server mod_ca v0.2.1 In-Reply-To: <1FC44F87-6882-4361-A538-D89099B9F2E2@redwax.eu> References: <1FC44F87-6882-4361-A538-D89099B9F2E2@redwax.eu> Message-ID: <3E1EB143-25EA-4179-99B3-3CBA95FBD9C7@webweaving.org> > On 8 Dec 2019, at 23:27, Graham Leggett via rs-dev wrote: > > Hi all, > > Calling for a vote to release mod_ca v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. > > [ ] +1: It's not just good, it's good enough! +1 > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > > To approve the release (+1 is not enough), do the following: > > - Check out https://source.redwax.eu/svn/dist/rs/dev/ > - Run ?make verify? to verify the existing signatures. > - Run ?make sign? to add your signature to the list of signatures. > - Check in your signatures. Ok - done! Dw From info at toweek.ru Tue Dec 10 14:11:58 2019 From: info at toweek.ru (Hafiz Zahir) Date: Tue, 10 Dec 2019 16:11:58 +0300 Subject: [rs-dev] We present oneself Message-ID: <8648aee81cea1fa88b793f6c67b380dcff46d38a47@toweek.ru> Hi! We advance Sending your commercial offer through the feedback form which can be found on the sites in the contact partition. Contact form are filled in by our software and the captcha is solved. The advantage of this method is that messages sent through feedback forms are whitelisted. This method increases the odds that your message will be open. Our database contains more than 35 million sites around the world to which we can send your message. The cost of one million messages 49 USD FREE TEST mailing to any country of your choice. (We also provide other services. 1. Mailing email message to corporate addresses of any country 2. Selling the email database of any country in the world) This message is automatically generated. Use our contacts for communication. Contact us Telegram - @FeedbackMessages Skype ? Feedback_Messages Email - feedback.messages at mail.ru Contact us From dirkx at webweaving.org Tue Dec 10 20:07:26 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Tue, 10 Dec 2019 20:07:26 +0100 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: <0145BF4A-ED95-46DA-9011-F480E7B1FF15@redwax.eu> References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> <0145BF4A-ED95-46DA-9011-F480E7B1FF15@redwax.eu> Message-ID: <83A34564-2F25-4258-BBE2-792140BAD0D5@webweaving.org> On 8 Dec 2019, at 14:14, Graham Leggett wrote: > Automagically, everything in the release directory appears here: > > https://redwax.eu/dist/rs/ Is still empty - what is the process of moving the signed tarballs there ? A script - or it (and archive.redwax) a static site ? Dw From minfrin at redwax.eu Wed Dec 11 01:10:49 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Wed, 11 Dec 2019 02:10:49 +0200 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: <83A34564-2F25-4258-BBE2-792140BAD0D5@webweaving.org> References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> <0145BF4A-ED95-46DA-9011-F480E7B1FF15@redwax.eu> <83A34564-2F25-4258-BBE2-792140BAD0D5@webweaving.org> Message-ID: <739E0223-4D0F-4656-A247-6E0AED293565@redwax.eu> On 10 Dec 2019, at 21:07, Dirk-Willem van Gulik via rs-dev wrote: >> Automagically, everything in the release directory appears here: >> >> https://redwax.eu/dist/rs/ > > Is still empty - what is the process of moving the signed tarballs there ? > > A script - or it (and archive.redwax) a static site ? Process is an svn copy - that?s it. Anything that is placed in https://source.redwax.eu/svn/dist/rs/release/ is automagically checked out and made visible at https://redwax.eu/dist/rs/. Once the vote signatures are all in, svn copy the tarballs and the ascs across from /dev to /release. Regards, Graham ? From dirkx at webweaving.org Thu Dec 12 09:17:31 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Thu, 12 Dec 2019 09:17:31 +0100 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: <739E0223-4D0F-4656-A247-6E0AED293565@redwax.eu> References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> <0145BF4A-ED95-46DA-9011-F480E7B1FF15@redwax.eu> <83A34564-2F25-4258-BBE2-792140BAD0D5@webweaving.org> <739E0223-4D0F-4656-A247-6E0AED293565@redwax.eu> Message-ID: <0CDF5FF8-E01E-44A5-BA52-3909A6572F3E@webweaving.org> On 11 Dec 2019, at 01:10, Graham Leggett wrote: > > On 10 Dec 2019, at 21:07, Dirk-Willem van Gulik via rs-dev wrote: > >>> Automagically, everything in the release directory appears here: >>> >>> https://redwax.eu/dist/rs/ >> >> Is still empty - what is the process of moving the signed tarballs there ? >> >> A script - or it (and archive.redwax) a static site ? > > Process is an svn copy - that?s it. > > Anything that is placed in https://source.redwax.eu/svn/dist/rs/release/ is automagically checked out and made visible at https://redwax.eu/dist/rs/. > > Once the vote signatures are all in, svn copy the tarballs and the ascs across from /dev to /release. Ok; done that - worked splendidly - and we got an end to end build on NixOS with #180. Only thing I forgot about - now that we have split off the other modules - we obviously need to tag, tar & sign these too ! Will do that this evening (as I do not have my gpg key on me) & then call a vote. Dw. dirkx$ nix-build $NIXPKGS -A mod_ca these derivations will be built: /nix/store/qjjx6yncnn129c4gsn19wi9avnvshl5v-mod_ca.drv .... strip is /nix/store/71g0j6424jnwl533fc6z580xsj2kp537-cctools-binutils-darwin/bin/strip stripping (with command strip and flags -S) in /nix/store/z2m6gx1znvlwaf9hyxpc9bccs24kcz0y-mod_ca/libexec patching script interpreter paths in /nix/store/z2m6gx1znvlwaf9hyxpc9bccs24kcz0y-mod_ca /nix/store/z2m6gx1znvlwaf9hyxpc9bccs24kcz0y-mod_ca From info at mychatus.ru Thu Dec 12 13:36:20 2019 From: info at mychatus.ru (Tohid Sohag) Date: Thu, 12 Dec 2019 15:36:20 +0300 Subject: [rs-dev] We propose Message-ID: <2d6700ac7f85454962b70152a66bc1cdad58b432@mychatus.ru> Hi! We present Sending your business proposition through the Contact us form which can be found on the sites in the Communication partition. Feedback forms are filled in by our application and the captcha is solved. The advantage of this method is that messages sent through feedback forms are whitelisted. This method increases the odds that your message will be open. Our database contains more than 35 million sites around the world to which we can send your message. The cost of one million messages 49 USD FREE TEST mailing to any country of your choice. (We also provide other services. 1. Mailing email message to corporate addresses of any country 2. Selling the email database of any country in the world) This message is automatically generated. Use our contacts for communication. Contact us Telegram - @FeedbackMessages Skype ? Feedback_Messages Email - feedback.messages at mail.ru Contact us From minfrin at redwax.eu Thu Dec 12 16:12:23 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Thu, 12 Dec 2019 17:12:23 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_crl v0.2.1 Message-ID: <7BC5A230-3D29-4AE6-8795-FEC0B5CBFB83@redwax.eu> Hi all, Calling for a vote to release mod_crl v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? From minfrin at redwax.eu Thu Dec 12 16:13:11 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Thu, 12 Dec 2019 17:13:11 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_csr v0.2.1 Message-ID: <07814B0E-7FD9-456C-8299-C0ACD3C283C1@redwax.eu> Hi all, Calling for a vote to release mod_csr v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? From minfrin at redwax.eu Thu Dec 12 16:13:38 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Thu, 12 Dec 2019 17:13:38 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_ocsp v0.2.1 Message-ID: <158A6C68-232D-47B2-A8C9-3ADF826C8749@redwax.eu> Hi all, Calling for a vote to release mod_ocsp v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? From minfrin at redwax.eu Thu Dec 12 16:14:01 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Thu, 12 Dec 2019 17:14:01 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_pkcs12 v0.2.1 Message-ID: <2976DA06-32D9-4088-9074-E132D514BDFC@redwax.eu> Hi all, Calling for a vote to release mod_pkcs12 v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? From minfrin at sharp.fm Thu Dec 12 16:14:35 2019 From: minfrin at sharp.fm (Graham Leggett) Date: Thu, 12 Dec 2019 17:14:35 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_scep v0.2.1 Message-ID: Hi all, Calling for a vote to release mod_scep v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? _______________________________________________ rs-dev mailing list rs-dev at redwax.eu https://redwax.eu/mailman/listinfo/rs-dev -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3260 bytes Desc: not available URL: From minfrin at sharp.fm Thu Dec 12 16:14:57 2019 From: minfrin at sharp.fm (Graham Leggett) Date: Thu, 12 Dec 2019 17:14:57 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_spkac v0.2.1 Message-ID: <2D76A951-A0E1-4387-B4FC-A4F69A67CDD6@sharp.fm> Hi all, Calling for a vote to release mod_spkac v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? _______________________________________________ rs-dev mailing list rs-dev at redwax.eu https://redwax.eu/mailman/listinfo/rs-dev -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3260 bytes Desc: not available URL: From minfrin at sharp.fm Thu Dec 12 16:15:19 2019 From: minfrin at sharp.fm (Graham Leggett) Date: Thu, 12 Dec 2019 17:15:19 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_timestamp v0.2.1 Message-ID: <2F875AC4-8A30-48EC-BF72-E67DE8D05259@sharp.fm> Hi all, Calling for a vote to release mod_timestamp v0.2.1 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? _______________________________________________ rs-dev mailing list rs-dev at redwax.eu https://redwax.eu/mailman/listinfo/rs-dev -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3260 bytes Desc: not available URL: From minfrin at redwax.eu Thu Dec 12 16:17:56 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Thu, 12 Dec 2019 17:17:56 +0200 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: <0CDF5FF8-E01E-44A5-BA52-3909A6572F3E@webweaving.org> References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> <0145BF4A-ED95-46DA-9011-F480E7B1FF15@redwax.eu> <83A34564-2F25-4258-BBE2-792140BAD0D5@webweaving.org> <739E0223-4D0F-4656-A247-6E0AED293565@redwax.eu> <0CDF5FF8-E01E-44A5-BA52-3909A6572F3E@webweaving.org> Message-ID: <94509942-F432-497B-8152-58186E056720@redwax.eu> On 12 Dec 2019, at 10:17, Dirk-Willem van Gulik via rs-dev wrote: > Ok; done that - worked splendidly - and we got an end to end build on NixOS with #180. > > Only thing I forgot about - now that we have split off the other modules - we obviously need to tag, tar & sign these too ! > > Will do that this evening (as I do not have my gpg key on me) & then call a vote. Just created vote threads for each of the modules, and fixed a typo in the Makefile for the signing. Just need one more vote signature on mod_ca, it felt wrong to propose a release of all the modules until the mod_ca they all depend on was all sorted. Regards, Graham ? From dirkx at webweaving.org Fri Dec 13 19:17:54 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Fri, 13 Dec 2019 19:17:54 +0100 Subject: [rs-dev] Releasing an 0.01 or 1.00 In-Reply-To: <94509942-F432-497B-8152-58186E056720@redwax.eu> References: <20191206193358.F1B546A8DBC@chestnut.redwax.eu> <2F4DC606-389B-4672-8561-7E759BDAD231@webweaving.org> <0145BF4A-ED95-46DA-9011-F480E7B1FF15@redwax.eu> <83A34564-2F25-4258-BBE2-792140BAD0D5@webweaving.org> <739E0223-4D0F-4656-A247-6E0AED293565@redwax.eu> <0CDF5FF8-E01E-44A5-BA52-3909A6572F3E@webweaving.org> <94509942-F432-497B-8152-58186E056720@redwax.eu> Message-ID: <049f3e89-a40b-1c9d-67a2-c7a5533ddeac@webweaving.org> On 2019-12-12 16:17, Graham Leggett wrote: > On 12 Dec 2019, at 10:17, Dirk-Willem van Gulik via rs-dev > > wrote: > >> Ok; done that - worked splendidly - and we got an end to end build on >> NixOS with #180. >> >> Only thing I forgot about - now that we have split off the other >> modules - we obviously need to tag, tar & sign these too ! >> >> Will do that this evening (as I do not have my gpg key on me) & then >> call a vote. > > Just created vote threads for each of the modules, and fixed a typo in > the Makefile for the signing. > > Just need one more vote signature on mod_ca, it felt wrong to propose > a release of all the modules until the mod_ca they all depend on was > all sorted. Ok - signed all modules. So they now have two. Which for now are as many as they will get. And will now update the dist/freebsd/nixos checksums for this., Dw. From dirkx at webweaving.org Fri Dec 13 21:55:09 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Fri, 13 Dec 2019 21:55:09 +0100 Subject: [rs-dev] We may have to do a 0.2.2 fairly soon Message-ID: <6DCA342E-22DF-4427-8B7B-4228FA5BBBF1@webweaving.org> As the dist missed out the openssl compat layer. Which does not matter on most versions of OpenSSL; unless you are on too modern a one. Fixed it for now in the NixOS builds - so no rush with that. Suggest we go through a full NixOS cycle before we touch things up and do a minor re-release with all the tweaks. Nice to finally have signed tarball one can test NixOS against. Dw. From dirkx at webweaving.org Fri Dec 13 21:56:01 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Fri, 13 Dec 2019 21:56:01 +0100 Subject: [rs-dev] NixOS pull request has gone in :) Message-ID: <841B908A-89CD-4061-933F-F22ADEB50AB5@webweaving.org> NixOS pull request has gone in: https://github.com/NixOS/nixpkgs/pull/75620 lets see how far this goes & if we then have enough to bootstrap things like apache, mediawiki and other things with it. Dw From dirkx at webweaving.org Fri Dec 13 23:41:19 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Fri, 13 Dec 2019 23:41:19 +0100 Subject: [rs-dev] NixOS pull request has gone in :) In-Reply-To: <841B908A-89CD-4061-933F-F22ADEB50AB5@webweaving.org> References: <841B908A-89CD-4061-933F-F22ADEB50AB5@webweaving.org> Message-ID: <1811AF06-54DE-4745-9444-B97BC1A23E26@webweaving.org> > On 13 Dec 2019, at 21:56, Dirk-Willem van Gulik wrote: > > NixOS pull request has gone in: > > https://github.com/NixOS/nixpkgs/pull/75620 > > lets see how far this goes & if we then have enough to bootstrap things like apache, mediawiki and other things with it. And got past the CI sentinel guarding the castle. Dw. Add more commits by pushing to the master branch on dirkx/nixpkgs . Hide all checks All checks have passed 13 successful checks Evaluation Performance Report ? Evaluator Performance Report Details grahamcofborg-eval ? ^.^! Details grahamcofborg-eval-check-maintainers ? matching changed paths to changed attrs... Details grahamcofborg-eval-check-meta ? config.nix: checkMeta = true grahamcofborg-eval-darwin ? nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A darwin-tested grahamcofborg-eval-nixos ? nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release-combined.nix -A tested grahamcofborg-eval-nixos-manual ? nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A manual grahamcofborg-eval-nixos-options ? nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./nixos/release.nix -A options grahamcofborg-eval-nixpkgs-manual ? nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A manual grahamcofborg-eval-nixpkgs-tarball ? nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A tarball grahamcofborg-eval-nixpkgs-unstable-jobset ? nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="ofborg"; } ./pkgs/top-level/release.nix -A unstable grahamcofborg-eval-package-list ? nix-env -qa --json --file . grahamcofborg-eval-package-list-no-aliases ? nix-env -qa --json --file . --arg config { allowAliases = false; } This branch has no conflicts with the base branch Only those with write access to this repository can merge pull requests. From minfrin at redwax.eu Fri Dec 13 23:52:01 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Sat, 14 Dec 2019 00:52:01 +0200 Subject: [rs-dev] We may have to do a 0.2.2 fairly soon In-Reply-To: <6DCA342E-22DF-4427-8B7B-4228FA5BBBF1@webweaving.org> References: <6DCA342E-22DF-4427-8B7B-4228FA5BBBF1@webweaving.org> Message-ID: <34C5B7AB-674C-44F9-8560-F3A720E4F1C0@redwax.eu> On 13 Dec 2019, at 22:55, Dirk-Willem van Gulik via rs-dev wrote: > As the dist missed out the openssl compat layer. Which does not matter on most versions of OpenSSL; unless you are on too modern a one. > > Fixed it for now in the NixOS builds - so no rush with that. > > Suggest we go through a full NixOS cycle before we touch things up and do a minor re-release with all the tweaks. > > Nice to finally have signed tarball one can test NixOS against. Excellent! Regards, Graham ? From minfrin at sharp.fm Sat Dec 21 03:03:22 2019 From: minfrin at sharp.fm (Graham Leggett) Date: Sat, 21 Dec 2019 04:03:22 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_crl v0.2.2 Message-ID: <24E00ADE-E8E6-4456-9EE2-F15B0EB6704B@sharp.fm> Hi all, Calling for a vote to release mod_crl v0.2.2 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3260 bytes Desc: not available URL: From minfrin at sharp.fm Sat Dec 21 03:14:09 2019 From: minfrin at sharp.fm (Graham Leggett) Date: Sat, 21 Dec 2019 04:14:09 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_csr v0.2.2 Message-ID: <8845EB37-5126-4A18-80DF-9C4865B383AE@sharp.fm> Hi all, Calling for a vote to release mod_csr v0.2.2 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3260 bytes Desc: not available URL: From minfrin at sharp.fm Sat Dec 21 03:23:56 2019 From: minfrin at sharp.fm (Graham Leggett) Date: Sat, 21 Dec 2019 04:23:56 +0200 Subject: [rs-dev] [Vote] Release Redwax Server mod_scep v0.2.2 Message-ID: <1CFAB693-2E3F-4781-B821-73DA19226B2F@sharp.fm> Hi all, Calling for a vote to release mod_scep v0.2.2 at https://source.redwax.eu/svn/dist/rs/dev/. [ ] +1: It's not just good, it's good enough! [ ] +0: Let's have a talk. [ ] -1: There's trouble in paradise. Here's what's wrong. To approve the release (+1 is not enough), do the following: - Check out https://source.redwax.eu/svn/dist/rs/dev/ - Run ?make verify? to verify the existing signatures. - Run ?make sign? to add your signature to the list of signatures. - Check in your signatures. Release process is here: https://redwax.eu/rw/releases/ Regards, Graham ? -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3260 bytes Desc: not available URL: From dirkx at webweaving.org Sat Dec 21 17:46:42 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Sat, 21 Dec 2019 17:46:42 +0100 Subject: [rs-dev] [Vote] Release Redwax Server mod_scep v0.2.2 In-Reply-To: <1CFAB693-2E3F-4781-B821-73DA19226B2F@sharp.fm> References: <1CFAB693-2E3F-4781-B821-73DA19226B2F@sharp.fm> Message-ID: On 2019-12-21 03:23, Graham Leggett via rs-dev wrote: > Hi all, > > Calling for a vote to release mod_scep v0.2.2 at https://source.redwax.eu/svn/dist/rs/dev/. > > [ ] +1: It's not just good, it's good enough! +1 from me. > - Check out https://source.redwax.eu/svn/dist/rs/dev/ > - Run ?make verify? to verify the existing signatures. > - Run ?make sign? to add your signature to the list of signatures. > - Check in your signatures. Done. Dw. From dirkx68 at me.com Tue Dec 24 17:23:17 2019 From: dirkx68 at me.com (Dirk-Willem van Gulik) Date: Tue, 24 Dec 2019 17:23:17 +0100 Subject: [rs-dev] Copied 0.2.1 modules back into dist - as archives.redwax.eu seems to be unreachable. Message-ID: <29F66891-77B7-40E3-9FBD-456F67BD9A70@me.com> Graham, Apologies - but as a bit of a stopgap measure - I copied the 0.2.1 modules back into dist. As it seems that Archive.redwax.eu is down -- and this was breaking the NixOS CI & CD chain a bit. Correct that it is not in DNS ? Or is something odd happening with the delegation ? Dw From minfrin at redwax.eu Tue Dec 24 21:18:25 2019 From: minfrin at redwax.eu (Graham Leggett) Date: Tue, 24 Dec 2019 22:18:25 +0200 Subject: [rs-dev] Copied 0.2.1 modules back into dist - as archives.redwax.eu seems to be unreachable. In-Reply-To: <29F66891-77B7-40E3-9FBD-456F67BD9A70@me.com> References: <29F66891-77B7-40E3-9FBD-456F67BD9A70@me.com> Message-ID: On 24 Dec 2019, at 18:23, Dirk-Willem van Gulik via rs-dev wrote: > Apologies - but as a bit of a stopgap measure - I copied the 0.2.1 modules back into dist. > > As it seems that Archive.redwax.eu is down -- and this was breaking the NixOS CI & CD chain a bit. > > Correct that it is not in DNS ? Or is something odd happening with the delegation ? Archive is not yet in DNS, I need to teach svn how to serve subdirectories from a repository without checking the whole thing out first. The files can stay in the release directory until I get that sorted out. Regards, Graham ? From dirkx at webweaving.org Wed Dec 25 18:08:34 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Wed, 25 Dec 2019 18:08:34 +0100 Subject: [rs-dev] OBJ_txt2nid Message-ID: <033b7b91-18be-6b02-4939-b73642c84cf9@webweaving.org> Graham, Was just creating a test case for the timeserver in NixOS: ??? https://pastebin.com/GsSHj3DB and that worked splendidly. The server did insist on a proper critical time signing extension (i.e. v3, etc). I though I had seen v1 (with no extension) time severs in the past ? Or is that a station way past ? Dw From minfrin at sharp.fm Thu Dec 26 15:05:46 2019 From: minfrin at sharp.fm (Graham Leggett) Date: Thu, 26 Dec 2019 16:05:46 +0200 Subject: [rs-dev] OBJ_txt2nid In-Reply-To: <033b7b91-18be-6b02-4939-b73642c84cf9@webweaving.org> References: <033b7b91-18be-6b02-4939-b73642c84cf9@webweaving.org> Message-ID: <36F130AF-5BA9-4853-87A2-3F88907D7BD2@sharp.fm> On 25 Dec 2019, at 19:08, Dirk-Willem van Gulik via rs-dev wrote: > Was just creating a test case for the timeserver in NixOS: > > https://pastebin.com/GsSHj3DB > > and that worked splendidly. The server did insist on a proper critical time signing extension (i.e. v3, etc). > > I though I had seen v1 (with no extension) time severs in the past ? Or is that a station way past ? I went with default openssl behaviour on this one as I recall, although we can make things optional if there is a need? Regards, Graham ? -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 3260 bytes Desc: not available URL: From dirkx at webweaving.org Thu Dec 26 15:16:10 2019 From: dirkx at webweaving.org (Dirk-Willem van Gulik) Date: Thu, 26 Dec 2019 15:16:10 +0100 Subject: [rs-dev] OBJ_txt2nid In-Reply-To: <36F130AF-5BA9-4853-87A2-3F88907D7BD2@sharp.fm> References: <033b7b91-18be-6b02-4939-b73642c84cf9@webweaving.org> <36F130AF-5BA9-4853-87A2-3F88907D7BD2@sharp.fm> Message-ID: > On 26 Dec 2019, at 15:05, Graham Leggett wrote: > > On 25 Dec 2019, at 19:08, Dirk-Willem van Gulik via rs-dev wrote: > >> Was just creating a test case for the timeserver in NixOS: >> >> https://pastebin.com/GsSHj3DB >> >> and that worked splendidly. The server did insist on a proper critical time signing extension (i.e. v3, etc). >> >> I though I had seen v1 (with no extension) time severs in the past ? Or is that a station way past ? > > I went with default openssl behaviour on this one as I recall, although we can make things optional if there is a need? Ok - lets not worry about it - checked that yours works against MS-Office - so should be fine. Dw.