Saturday September 29, 2007 Random ramblings
Saturday September 29, 2007 About Me Howto, aka Insecurity Questions
My place of birth is a matter of public record, not too hard to find - if you know even a little about me, you'll likely know to start looking in the Netherlands. If you find that record, you'll know my mother's maiden name too (it's a good Wexford name).
Details of various places I've lived in or near, and all the schools I've gone to, may be on-file with various companies, through my CV. You can probably figure out a good deal of it with a mild googling.
My dog's name is known to a good few friends, all neighbours and many people in my family's town - just go to the green by Woodside and wait for my mother to walk him, and you'll hear her call him "Buddy". Oops, let that cat out of the bag! Speaking of cats, my family's long-dead cat was called "Cuddles", and my mother's been minding a stray we call "Bonnie" for years now.
I don't really follow football (it was far more fun playing it..), so I don't really have a favourite team now, but I did have a big poster of Johan Cruyff in my bedroom as a boy (you'll take a guess that that must have been early 80s, from your visit to NLs radio city).
Don't really have any favourite colour, but if you've seen me around, you'll know my clothes tend to be a certain colour (a darker shade of it, often).
My favourite food is, is... Well, that's too difficult to answer! (As someone pointed out, you'd have to never eat anything new again to answer that one and have a hope of recalling your answer later).
On a different subject, what's with those really dumb sites which let you change your password based on very unsecret personal details? For what it's worth, I will try avoid doing business with you, if possible.. It's not worth the hassle of remembering invented answers (National-Lottery.co.uk lost potential £6 today cause of such dumb questions).
End the madness 
Friday September 21, 2007 PINE is dead, long live Alpine
I'm a long-time user of the best MUA out there, PINE. It has some problems though, firstly it is not free software (you may not distribute modified versions) and secondly it doesn't support UTF-8. A while ago WU started work on a free rewrite of PINE, called Alpine. Alpine is now at v0.9999. I've been using it for a few weeks now and does it indeed seem to be quite complete and perfectly useable (there's only regression from PINE I've noticed, roles only let you set one address in Reply-To).
Finally we have the very powerful but user-friendly, terminal-based PINE MUA, under a friendlier licence 
. I wonder if I can get this included into SFW..
Friday September 07, 2007
Quagga 0.99.9 has been released, and is available, along with a full
changelog, in the usual places, such as:
http://www.quagga.net/download/
Thanks to everyone who helped by reporting bugs and testing fixes.
Release notes:
-------------
bgpd: Low impact DoS (Mu Security)
----------------------------------
This release fixes two potential DoS conditions in bgpd, reported by Mu
Security, where a bgpd could be crashed if a peer sent a malformed OPEN
message or a malformed COMMUNITY attribute. Only configured peers can do
this, hence we consider these issues to be very low impact.
bgpd: crash with outbound route-maps
------------------------------------
This release fixes a serious regression in bgpd in Quagga 0.99.8, where use
of outbound route-maps would cause a crash.
bgpd: severe performance problems with regexes
----------------------------------------------
Operators should be aware that allowing untrusted access to the bgpd vty are
vulnerable to such untrusted users running regex commands that may cause
bgpd to block for many minutes.
To try alleviate this, bgpd now passes the 'REG_NOSUB' flag to regcomp().
This may help good regex implementations to avoid doing a lot of work when
users specify substitutions (which we will never use). Unfortunately, this
doesn't appear to have much of an effect on the platforms I have tested
(Solaris libc and GNU libc).
The 'PCRE' regex implementation however appears to be better behaved, and
does not introduce huge slow-downs when regexes with substitutions are
applied. Operators who continue to offer untrusted vty access may wish to
preload the 'libpcreposix' library (e.g. using LD_PRELOAD). Be aware however
that PCRE is not fully compatible with POSIX extended regexes, and this
workaround may adversely impact existing configurations.
bgpd: AS-Pathlimit TTL attribute support added
----------------------------------------------
This attribute allows for routes to be announced with a limited scope,
specified in terms of numbers of AS-hopcount. See the TeXinfo documentation
for further details.
isisd: Now supports Solaris
-
A short-form list of code related changes:
bgpd:
- [bgpd] low-impact DoS: crash on malformed community with debug set
- [bgpd] bug #398 Bogus free on out route-map, and assert() with rsclients
- [bgpd] Add support for AS_PATHLIMIT / draft-ietf-idr-as-pathlimit
- [bgpd] cleanup, compact and consolidate capability parsing code
- [bgpd] Dont schedule dumps multiple times for same command
- [bgpd] Pass NOSUB to regexec
ospfd:
- [ospfd] Bug #331, NSSA ASBR regression - failure to set E-bit in NSSA
areas
- Bug #362 is fixed now.
- [ospfd] Fix bad SPF calculation on some topologies - incorrect sorting
zebra:
- + fixed bug #400: adjusted rtread_sysctl.c:route_read()
- Looks like bug #320 is finally fixed now.
- Fixed ioctl_solaris.c:if_get_mtu() for IPv6'less operation
- Fixed bug #394 "RTF_DONE is ignored in rtm_read()"
- Merged own patch for bug #390 (rewrite
zebra/zebra_rib.c:nexthop_active_update())
- Use the proper field length for the peer's address
(netlink_interface_addr)
- Bugzilla #384.
isisd:
- [isisd] Add support for Solaris DLPI
( Sep 07 2007, 07:45:44 PM IST )
Permalink
Comments [0]
Wednesday September 05, 2007 I'm not a sales person but, when I see people in urgent need of help, to the degree they're offering bug bounties on the Quagga lists, and who apparently already have some kind of support relationship with Sun, then it seems it might be useful to quote from the README.Solaris file included with the SUNWzebrar/SUNWquaggar packages which ships with Solaris (10 onwards), installed to either /etc/zebra or /etc/quagga:
Support Level of Quagga Software ================================ The contents of SUNWzebrar, SUNWzebrau are provided with full Level 1 support in accordance with your current software support agreement. This support includes Sun's global 24/7 sustaining model.
The versions of Quagga shipped are:
- Solaris 10 RR: GNU Zebra, patched equivalent to Quagga 0.96ish for ospfd.
- Solaris 10 8/07 (aka Update 4): Quagga 0.99.5 + a few CVS patches.
