Pavel Timofeev | 18 Jun 10:34 2015
Picon

Last openssl update brakes localhost email sending

Good day to everybody! ;)
My FreeBSD 10.1-RELEASE-p13 amd64 can't send email to localhost anymore!

I know that openssl has been updated, and it raises the bar of bit
size of dh parameters.
I know, there is an update for sendmail to catch up it. But. it didn't help.

Here is one of my servers.
I did not touch anything in /etc/mail after installation of my system.
And of course I didn't create a dh parameters in /etc/mail/certs dir.

root <at> pyxis-v:~ # freebsd-version
10.1-RELEASE-p13

root <at> pyxis-v:~ # echo test | mail -s 'aa' ptimofeev <at> ocs.ru

root <at> pyxis-v:~ # tail -f /var/log/maillog
Jun 18 11:19:00 pyxis-v sendmail[1122]: t5I8J0F1001122: from=timp,
size=39, class=0, nrcpts=1,
msgid=<201506180819.t5I8J0F1001122 <at> pyxis-v.ocs.ru>,
relay=root <at> localhost
Jun 18 11:19:00 pyxis-v sendmail[1122]: STARTTLS=client, error:
connect failed=-1, reason=dh key too small, SSL_error=1, errno=0,
retry=-1
Jun 18 11:19:00 pyxis-v sm-mta[1123]: STARTTLS=server, error: accept
failed=0, reason=sslv3 alert handshake failure, SSL_error=1, errno=0,
retry=-1, relay=localhost [127.0.0.1]
Jun 18 11:19:00 pyxis-v sendmail[1122]: ruleset=tls_server,
arg1=SOFTWARE, relay=[127.0.0.1], reject=403 4.7.0 TLS handshake.
Jun 18 11:19:00 pyxis-v sendmail[1122]: t5I8J0F1001122:
(Continue reading)

jungle Boogie | 17 Jun 20:14 2015
Picon

building -stable after FreeBSD-SA-15:10.openssl

Hello All,

Trying to upgrade from r283863 to 284520 after I applied this patch:
https://www.freebsd.org/security/advisories/FreeBSD-SA-15:10.openssl.asc

In the manner described:

# fetch https://security.FreeBSD.org/patches/SA-15:10/openssl-10.1.patch
# cd /usr/src
# patch < /path/to/patch

I begin the build by doing:
cd /usr/src
svn update
make -j `sysctl -n hw.ncpu` buildworld  -DNO_CLEAN

But then this happened:

Removing stale symlinks.
rm -f /usr/obj/usr/src/tmp/usr/include/des.h
rm -f /usr/obj/usr/src/tmp/usr/lib/libdes.a
rm -f /usr/obj/usr/src/tmp/usr/lib/libdes.so
rm -f /usr/obj/usr/src/tmp/usr/lib/libdes.so.3
rm -f /usr/obj/usr/src/tmp/usr/lib/libdes_p.a
===> lib/libldns (obj,depend,all,install)
sh /usr/src/tools/install.sh -C -o root -g wheel -m 444   libldns.a
/usr/obj/usr/src/tmp/usr/lib/private
sh /usr/src/tools/install.sh -s -o root -g wheel -m 444
libldns.so.5 /usr/obj/usr/src/tmp/usr/lib/private
sh /usr/src/tools/install.sh -l s libldns.so.5
(Continue reading)

Richard Kuhns | 16 Jun 18:55 2015

Getting going with a new Dell 7810

Greetings all,

I've just received a new Dell Precision 7810. I've installed FreeBSD
10.1 (UEFI boot), checked out sources, built world & kernel and am now
running r284449. So far, so good.

The problem is Xorg. I'm running the latest Xorg in ports; I just did a
'make install clean' in /usr/ports/x11/xorg with no errors.

The display card is a FirePro W4100. lspci shows:

03:00.0 VGA compatible controller: Advanced Micro Devices, Inc.
[AMD/ATI] Cape Verde GL [FirePro W4100]

It has 4 DisplayPorts, and I have 2 monitors plugged in. If I run 'Xorg
-configure' it says

Number of created screens does not match number of detected devices.
  Configuration failed.

Looking through /var/log/Xorg.0.log it appears that the X server is
trying to use the RADEON driver, but ends with:

=====
[  1292.463] (--) Using syscons driver with X support (version 2.0)
[  1292.463] (--) using VT number 9

[  1292.485] (II) [KMS] Kernel modesetting enabled.
[  1292.485] (WW) Falling back to old probe method for vesa
[  1292.485] (WW) VGA arbiter: cannot open kernel arbiter, no multi-card
(Continue reading)

jenkins-admin | 15 Jun 17:36 2015
Picon

$PROJECT_NAME - Build #$BUILD_NUMBER - $BUILD_STATUS

$PROJECT_NAME - Build #$BUILD_NUMBER - $BUILD_STATUS:

Check console output at $BUILD_URL to view the results.
_______________________________________________
freebsd-stable <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe <at> freebsd.org"

Claus Assmann | 14 Jun 20:51 2015

Re: dhparam (was: sendmail problem after upgrade to r284296)

BTW: You can check the file using:
$ openssl dhparam -C < dhparam.pem  | fgrep get_dh 
DH *get_dh768()
          ^^^

_______________________________________________
freebsd-stable <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe <at> freebsd.org"

Neneth Morales | 14 Jun 17:19 2015
Picon

How to reply


_______________________________________________
freebsd-stable <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe <at> freebsd.org"

Frank Seltzer | 14 Jun 16:57 2015
Picon

Sendmail problem after upgrade to r284296

I didn't get any hits from a mailing list search and there is no mail or 
sendmail list so I am sending it here because stable is what I'm running.

Because of a recent alert I updated both of my FreeBSD computers (both 
running 10.1-STABLE and built from /etc/src) to r284296 and am having a 
problem with sendmail. Sendmail is giving me the following error every 30 
minutes:

Jun 14 09:50:04 Ace sm-mta[10430]: STARTTLS=server, error: accept failed=0, reason=sslv3 alert
handshake failure, SSL_error=1, errno=0, retry=-1, relay=localhost [127.0.0.1]

If I restart it I get these errors:

Jun 14 00:50:04 Ace sm-msp-queue[79406]: STARTTLS=client, error: connect failed=-1, reason=dh key too
small, SSL_error=1, errno=0, retry=-1
Jun 14 00:50:04 Ace sm-msp-queue[79406]: ruleset=tls_server, arg1=SOFTWARE, relay=[127.0.0.1],
reject=403 4.7.0 TLS handshake.

I have made no changes to sendmail's configuration and all files in 
/etc/mail are dated Mar 16 so apparently mergemaster didn't see anything 
new to install and rebuild.  There is no entry in /usr/src/UPDATING about 
any change in sendmail either.

I first noticed this on the second machine on my home network. This 
machine has an entry in /etc/mail/aliases forwarding root's email to me on 
the primary.  I noticed the day after the upgrade that I didn't get the 
nightly email from the /etc/periodic/daily/ run or from rkhunter.  I 
checked my main machine and found that I am not getting these emails from 
it either and am getting the same errors in /var/log/maillog.  It can't 
even email itself.
(Continue reading)

Dave Duchscher | 14 Jun 15:46 2015

freebsd-update upgrading 9.2 -> 9.3

Trying to upgrade a system from 9.2 -> 9.3 with freebsd-update and I get the output below.  Search has seen
reports but not solutions.  I also tried upgrading to 10.1 and seeing similar issue those the "No such file
or directory" error only shows up once but is asking for me to manually merge lots of unmodified files in /etc.

Anybody have a clue on what is going wrong?

--
Dave

freebsd-update -r 9.3-RELEASE upgrade
Looking up update.FreeBSD.org mirrors... 5 mirrors found.
Fetching public key from update6.freebsd.org... done.
Fetching metadata signature for 9.2-RELEASE from update6.freebsd.org... done.
Fetching metadata index... done.
Fetching 2 metadata files... done.
Inspecting system... done.

The following components of FreeBSD seem to be installed:
kernel/generic world/base world/doc world/lib32

The following components of FreeBSD do not seem to be installed:
src/src world/games

Does this look reasonable (y/n)? y

Fetching metadata signature for 9.3-RELEASE from update6.freebsd.org... done.
Fetching metadata index... done.
Fetching 1 metadata patches. done.
Applying metadata patches... done.
Fetching 1 metadata files... done.
(Continue reading)

Marko Turk | 12 Jun 21:35 2015

Vbox kernel module panic on boot

Hi,

I'm running 10-STABLE and I have the following in my rc.conf:

vboxdrv_load="YES"
vboxnet_enable="YES"

Today I upgraded to r284295 and I get a kernel panic on boot when the
vbox module is loaded (panic: ncpus is 0 with non-zero map). Complete
backtrace is at the end of the mail.

Last time I upgraded was May 14 and then everything worked fine.

Has anyone else seen this? Is this a bug in virtualbox module or in
kernel?

BR,
Marko

(kgdb) #0  doadump (textdump=<value optimized out>) at pcpu.h:219
#1  0xffffffff80940ce2 in kern_reboot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:451
#2  0xffffffff80941128 in vpanic (fmt=<value optimized out>, 
    ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:758
#3  0xffffffff80940f53 in panic (fmt=0x0)
    at /usr/src/sys/kern/kern_shutdown.c:687
#4  0xffffffff8098a494 in smp_rendezvous_cpus (map=<value optimized out>, 
    setup_func=<value optimized out>, action_func=<value optimized out>, 
    teardown_func=<value optimized out>, arg=<value optimized out>)
    at /usr/src/sys/kern/subr_smp.c:495
(Continue reading)

Mihai Vintila | 12 Jun 18:57 2015
Picon

MLNX subnet manager issue on FBSD 10.1

Hi,
I'm having issues starting opensm under FBSD 10.1 . Used to work some 
time ago, but i had to rebuild the system:
Any help to what i'm doing wrong would be appreciated. Drivers used are 
the ones from Mellanox (i've tried it with 2.1.5 and 2.1.6 as well), as 
the one from kernel are from 2008.
opensm is built like this:
svnlite checkout https://svn0.eu.freebsd.org/base/releng/10.1 /usr/src
  cd /usr/src/contrib/ofed && make includes
cd /usr/src/contrib/ofed/usr.lib && make depend all install
  cd /usr/src/contrib/ofed/usr.bin && make depend all install

mlx4_core0: <mlx4_core> mem 0xc7400000-0xc74fffff,0xc5000000-0xc57fffff 
irq 32 at device 0.0 on pci2
mlx4_core: Initializing mlx4_core: Mellanox ConnectX VPI driver v2.1.6 
(Jun 12 2015)

mlx4_core0: mlx4_ib_add: allocated counter index 1 for port 1
mlx4_en mlx4_core0: Activating port:1
mlxen0: Ethernet address: e4:1d:2d:0a:21:30
mlx4_en: mlx4_core0: Port 1: Using 12 TX rings
mlxen0: link state changed to DOWN
mlx4_en: mlx4_core0: Port 1: Using 8 RX rings
mlx4_en: mlxen0: Using 12 TX rings
mlx4_en: mlxen0: Using 8 RX rings
mlx4_en: mlxen0: Initializing port
root <at> nvme:~ # kldstat
Id Refs Address            Size     Name
  1   27 0xffffffff80200000 1756638  kernel
  2    1 0xffffffff81957000 2681e8   zfs.ko
(Continue reading)

Mihai Vintila | 11 Jun 14:23 2015
Picon

Kernel Source - Noob question

Hi,
I want to compile only mlx drivers since they don't seem available by 
default. But i'm having a hard time finding the source for FreeBSD 10.1 
p10.
Can you guys indicate what is the best way to do it without recompiling 
full kernel.
Right now i've taken the src.tgz from 
ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/amd64/10.1-STABLE/
Compiled the modules but when i try to load them i end up with:

KLD mlx4.ko: depends on kernel - not available or version mismatch
linker_load_file: Unsupported file type

Kernel i'm using is FreeBSD nvme 10.1-RELEASE-p10 FreeBSD 
10.1-RELEASE-p10 #0: Wed May 13 06:54:13 UTC 2015 
root <at> amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC amd64

--

-- 
Best regards,
Vintila Mihai Alexandru

_______________________________________________
freebsd-stable <at> freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe <at> freebsd.org"


Gmane