Jacob Hoffman-Andrews
Jacob Hoffman-Andrews
@fhossain: The backstory on why PKCS#11 is not included by default is that it is implemented in cgo and requires libtool-ltdl, which not everyone has on their system, so including...
Boulder uses pkcs11key as a signer.Signer. You can see an example here of how we instantiate it: https://github.com/letsencrypt/boulder/blob/master/cmd/boulder-ca/main.go#L66-L102, and here of how we use it with cfssl: https://github.com/letsencrypt/boulder/blob/master/ca/ca.go#L140-L175. You can...
It's definitely possible to do this, but I'm pretty sure not directly through cfssl, since the Go x509 APIs do not support NameConstraints AFAICT. You would need to re-sign the...
One thing I forgot: The latest OpenWRT compiles using gcc 4.8, but the resulting image won't run under qemu. You need to build using gcc 4.6, which is a setting...
Awesome, thanks @monocasa! I have not tried running the Malta build on real hardware. I'm not actually sure which real platforms run it, but it sounds like finding one and...
Good point, @sip. The goal is indeed to run an unmodified WNDR3800 firmware image, or at least a the filesystem from a WNDR3800 firmware + a modified kernel. It sounds...
@ericschultz I believe I did something like `dd if=/dev/mtdblock` on the device. However, I am far from sure that this was the correct approach. I'm very inexperienced with embedded device...
@ericschultz To answer your question a little more clearly: I am not sure what needs to be added to QEMU for it to support ar71xx as a platform. Per @slp's...
@monocasa That's terrific, thanks! I've got a WNDR3800 and I'm happy to run some scripts. If that becomes too tedious I can probably arrange SSH access too, but I'd want...
@monocasa Actually, I can just mail you my WNDR3800 for a few weeks to hack on if you'd like. Send me email at [email protected] if you're interested.