From nobody Tue Feb  6 18:23:18 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TTsDR2KkKz59kPW
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Tue,  6 Feb 2024 18:27:35 +0000 (UTC)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840::12])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "uucp.dinoex.sub.de", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TTsDP00TTz49YJ
	for <freebsd-stable@freebsd.org>; Tue,  6 Feb 2024 18:27:32 +0000 (UTC)
	(envelope-from pmc@citylink.dinoex.sub.org)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of pmc@citylink.dinoex.sub.org designates 2a0b:f840::12 as permitted sender) smtp.mailfrom=pmc@citylink.dinoex.sub.org;
	arc=pass ("uucp.dinoex.org:s=M20221114:i=1")
Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12])
	by uucp.dinoex.org (8.18.1/8.18.1) with ESMTPS id 416IR6kC029710
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
	for <freebsd-stable@freebsd.org>; Tue, 6 Feb 2024 19:27:07 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
ARC-Seal: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114; t=1707244029;
	cv=none; b=a6iZ3woSVbY6oZQ0O24Y18FWKuZKDoShIffUxPN3RY7uZgKbn7wFz/FkBog4De3nt6kCHiDXjdwpx22TBuvhjHn+XT73AiqtZ04Jd0HCVrno6u/WKVMu0pFtbFP+A1oqxyHigsX9lRSKc9oSjifkS3cNhElJkcTNwkRFVA5t1No=
ARC-Message-Signature: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114;
	t=1707244029; c=relaxed/simple;
	bh=ajGdmO6eBfq8eNdO3v5EbLRjvI5IR/zT6GA8RFWdT9g=;
	h=Received:Received:Received:Received:X-Authentication-Warning:Date:
	 From:To:Subject:Message-ID:MIME-Version:Content-Type:
	 Content-Disposition:X-Milter:X-Greylist; b=nNnd1dckgsgNh+ZlQj3uclx988ijCiiBx4ZS2kCkAODL8AFojTwUygf9qVB/tJjcO2MuZnX0eFHVp1rKJSNlpxF0KsDmW85nHMkrxxcJ0VcEhFn5Le2LV07QVNXKIMXWo3AHC0hlJvPR9g/PnDr2/swrX+RP/g87+iNUBRzF6HY=
ARC-Authentication-Results: i=1; uucp.dinoex.org
X-MDaemon-Deliver-To: <freebsd-stable@freebsd.org>
Received: (from uucp@localhost)
	by uucp.dinoex.org (8.18.1/8.18.1/Submit) with UUCP id 416IR6NE029709
	for freebsd-stable@freebsd.org; Tue, 6 Feb 2024 19:27:06 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: from disp.intra.daemon.contact (disp-e.intra.daemon.contact [IPv6:fd00:0:0:0:0:0:0:112])
	by admn.intra.daemon.contact (8.17.1/8.17.1) with ESMTPS id 416IQ7hl058724
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK)
	for <freebsd-stable@freebsd.org>; Tue, 6 Feb 2024 19:26:07 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: from disp.intra.daemon.contact (localhost [127.0.0.1])
	by disp.intra.daemon.contact (8.17.1/8.17.1) with ESMTPS id 416INIPH059519
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
	for <freebsd-stable@freebsd.org>; Tue, 6 Feb 2024 19:23:19 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: (from pmc@localhost)
	by disp.intra.daemon.contact (8.17.1/8.17.1/Submit) id 416INIYl059518
	for freebsd-stable@freebsd.org; Tue, 6 Feb 2024 19:23:18 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
X-Authentication-Warning: disp.intra.daemon.contact: pmc set sender to pmc@citylink.dinoex.sub.org using -f
Date: Tue, 6 Feb 2024 19:23:18 +0100
From: Peter <pmc@citylink.dinoex.sub.org>
To: freebsd-stable@freebsd.org
Subject: 13.3 (BETA1): my jails and guests dont terminate cleanly
Message-ID: <ZcJ5Fl4mFD-MPOA4@disp.intra.daemon.contact>
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Milter: Spamilter (Reciever: uucp.dinoex.org; Sender-ip: 0:0:2a0b:f840::; Sender-helo: uucp.dinoex.org;)
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12]); Tue, 06 Feb 2024 19:27:09 +0100 (CET)
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.99 / 15.00];
	ARC_ALLOW(-1.00)[uucp.dinoex.org:s=M20221114:i=1];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.69)[-0.695];
	R_SPF_ALLOW(-0.20)[+mx];
	MIME_GOOD(-0.10)[text/plain];
	DMARC_NA(0.00)[sub.org];
	RCPT_COUNT_ONE(0.00)[1];
	MISSING_XM_UA(0.00)[];
	ASN(0.00)[asn:205376, ipnet:2a0b:f840::/32, country:DE];
	MIME_TRACE(0.00)[0:+];
	R_DKIM_NA(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org];
	RCVD_TLS_LAST(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCVD_COUNT_FIVE(0.00)[5];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org];
	TO_DN_NONE(0.00)[];
	HAS_XAW(0.00)[]
X-Rspamd-Queue-Id: 4TTsDP00TTz49YJ

Hi together,

  this is only informative and not yet analyzed!
(It maybe that I just need to adapt my scripting)


After upgrade I noticed two issues so far.

1. guests won't stop at shutdown when running this code (which did
   work reliably before):
   https://gitr.daemon.contact/tools/tree/rc.d/guest#n238

   For now it seems that daemon treats signals somehow differently
   (and no idea yet if this is for the better or worse).

2. Up to now, my vimage jails would reliably die away after at most
   720 seconds. So if one waits 12 minutes, one can reuse the previous
   jail number. (If they do not, then something is wrong with the
   interfaces, and some interface is at a place where it shouldn't
   be, i.e. a design flaw).
   
   Now my jails do not die away *IF* they contain an openvpn.
   Maybe something has changed with the tunX devices, or something
   has changed with those TCP(?) timeouts which cause the 720 seconds.
   (again, no idea yet if for the better or worse).

From nobody Tue Feb  6 21:25:41 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TTxD54TzQz5B0fr
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Tue,  6 Feb 2024 21:27:33 +0000 (UTC)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840::12])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "uucp.dinoex.sub.de", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TTxD263y0z4cdP
	for <freebsd-stable@freebsd.org>; Tue,  6 Feb 2024 21:27:30 +0000 (UTC)
	(envelope-from pmc@citylink.dinoex.sub.org)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of pmc@citylink.dinoex.sub.org designates 2a0b:f840::12 as permitted sender) smtp.mailfrom=pmc@citylink.dinoex.sub.org;
	arc=pass ("uucp.dinoex.org:s=M20221114:i=1")
Received: from uucp.dinoex.org (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12])
	by uucp.dinoex.org (8.18.1/8.18.1) with ESMTPS id 416LR8nU061479
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
	for <freebsd-stable@freebsd.org>; Tue, 6 Feb 2024 22:27:08 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
ARC-Seal: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114; t=1707254830;
	cv=none; b=DbY4OLfJCNPbf2IQsMHFMKDNZKJGiuRPH6HC7OIyT3OmlvGD33G/siv2SXpRPuk6fxo8pfUP4xW2x6eWX+MF1Qbos7WKJOU3y2PeBJ8MB5yiyr0zgrZ52L5UNkwv2wIW3r5o1DNBOs7cWFSGQhgEExgVJJj7ZNv/KXPjQxZjA+s=
ARC-Message-Signature: i=1; a=rsa-sha256; d=uucp.dinoex.org; s=M20221114;
	t=1707254830; c=relaxed/simple;
	bh=ktT2/r6PDksjEEnecgsr1f/ssFe2n/aaqX34KLldqY4=;
	h=Received:Received:Received:Received:X-Authentication-Warning:Date:
	 From:To:Subject:Message-ID:MIME-Version:Content-Type:
	 Content-Disposition:X-Milter:X-Greylist; b=TrL9CcWKnbaznMeXxeA0YmZYasLZfs3Aew52T5aTlOZwyJX288N66Dc8xZCaxzHM0ZWSARjCF7wuLOwsmkZn9StqD1ISngF2/k6gDM+7c7psfE7magha6HSw25V7T3aiz08uE+86NNL38J5ZdG4u2AIExoU+FtDrHblacJw9T4g=
ARC-Authentication-Results: i=1; uucp.dinoex.org
X-MDaemon-Deliver-To: <freebsd-stable@freebsd.org>
Received: (from uucp@localhost)
	by uucp.dinoex.org (8.18.1/8.18.1/Submit) with UUCP id 416LR8vw061478
	for freebsd-stable@freebsd.org; Tue, 6 Feb 2024 22:27:08 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: from disp.intra.daemon.contact (disp-e.intra.daemon.contact [IPv6:fd00:0:0:0:0:0:0:112])
	by admn.intra.daemon.contact (8.17.1/8.17.1) with ESMTPS id 416LQ7D6073491
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=OK)
	for <freebsd-stable@freebsd.org>; Tue, 6 Feb 2024 22:26:07 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: from disp.intra.daemon.contact (localhost [127.0.0.1])
	by disp.intra.daemon.contact (8.17.1/8.17.1) with ESMTPS id 416LPfoT068321
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
	for <freebsd-stable@freebsd.org>; Tue, 6 Feb 2024 22:25:42 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
Received: (from pmc@localhost)
	by disp.intra.daemon.contact (8.17.1/8.17.1/Submit) id 416LPft7068320
	for freebsd-stable@freebsd.org; Tue, 6 Feb 2024 22:25:41 +0100 (CET)
	(envelope-from pmc@citylink.dinoex.sub.org)
X-Authentication-Warning: disp.intra.daemon.contact: pmc set sender to pmc@citylink.dinoex.sub.org using -f
Date: Tue, 6 Feb 2024 22:25:41 +0100
From: Peter <pmc@citylink.dinoex.sub.org>
To: freebsd-stable@freebsd.org
Subject: 13.3 (BETA1): kernel endless loop
Message-ID: <ZcKj1UvW7gSO8rtc@disp.intra.daemon.contact>
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Milter: Spamilter (Reciever: uucp.dinoex.org; Sender-ip: 0:0:2a0b:f840::; Sender-helo: uucp.dinoex.org;)
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (uucp.dinoex.org [IPv6:2a0b:f840:0:0:0:0:0:12]); Tue, 06 Feb 2024 22:27:10 +0100 (CET)
X-Spamd-Bar: --
X-Spamd-Result: default: False [-2.56 / 15.00];
	ARC_ALLOW(-1.00)[uucp.dinoex.org:s=M20221114:i=1];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_SPAM_SHORT(0.74)[0.739];
	R_SPF_ALLOW(-0.20)[+mx];
	MIME_GOOD(-0.10)[text/plain];
	DMARC_NA(0.00)[sub.org];
	RCPT_COUNT_ONE(0.00)[1];
	MISSING_XM_UA(0.00)[];
	ASN(0.00)[asn:205376, ipnet:2a0b:f840::/32, country:DE];
	R_DKIM_NA(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	MIME_TRACE(0.00)[0:+];
	RCVD_COUNT_FIVE(0.00)[5];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org];
	TO_DN_NONE(0.00)[];
	RCVD_TLS_LAST(0.00)[];
	HAS_XAW(0.00)[]
X-Rspamd-Queue-Id: 4TTxD263y0z4cdP

System Memory:
        11.05%  864.11  MiB Active,     33.27%  2.54    GiB Inact
        28.36%  2.16    GiB Wired,      0.00%   0       Bytes Cache
        21.25%  1.62    GiB Free,       6.06%   474.05  MiB Gap

        Real Installed:                         8.00    GiB
        Real Available:                 98.15%  7.85    GiB
        Real Managed:                   97.22%  7.63    GiB

        Logical Total:                          8.00    GiB
        Logical Used:                   47.97%  3.84    GiB
        Logical Free:                   52.03%  4.16    GiB

ARC Size:                               3.49%   244.88  MiB
        Target Size: (Adaptive)         4.04%   283.59  MiB
        Min Size (Hard Limit):          3.58%   251.26  MiB
        Max Size (High Water):          27:1    6.85    GiB
        Compressed Data Size:                   160.01  MiB
        Decompressed Data Size:                 347.37  MiB
        Compression Factor:                     2.17

  PID USERNAME    PRI NICE   SIZE    RES STATE    C   TIME    WCPU COMMAND
    0 root         -8    -     0B    10M CPU2     2 406:21 100.00% kernel{arc_prune}


From nobody Wed Feb  7 07:54:34 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVC7c53Wgz5941H
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Wed,  7 Feb 2024 07:54:36 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVC7c4NB3z4l6X
	for <freebsd-stable@freebsd.org>; Wed,  7 Feb 2024 07:54:36 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1707292476;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type;
	bh=f/fwnZ9HbA68h/Y0OXT3zYV7i/NjuQaQFP60BmCRJrA=;
	b=SYTYyiACUWfvaTmAODNoBduMRXsXI+jn1MljCBKX0JhTHdLNXg5TcfUuAz5mTlzPbIo/at
	JqUXsky4wdOx9g5HWP/7y1dTIrEV2qpSjym+EeW8y56HZadzE+1isK2XqkWm2AvJB42Ip8
	vk5s8NmefPPp9uWCdo2sTP8cbDqOYDG3UmG/tmgefwnvxx7u6lIY8ahfeO4Uhis7mfhvyv
	nt2EEuzZTG44kuqeun6OthHIL1y0v111N0b0FeGeprvbxwktoQDftR+gSqvowKyxa9Xs8n
	nOJPJRxxx+hAAKrskcawe2z8s7D2x4qpEMzW5w5/TIXw0WAyerZHe+6514w8jA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1707292476;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type;
	bh=f/fwnZ9HbA68h/Y0OXT3zYV7i/NjuQaQFP60BmCRJrA=;
	b=seqIOlxpy7PfB8DYSUCdefDS4Gdkl1dcHi31U/frytZB7HdAMKDraEX5lZ3sa/UfK42Ifn
	MbQybvaR+jGzYEeW+FQVfJNi9rfjpyXP/NevSVINkzNa0qNiQjshA1CHXEIyiSIb1nTMg7
	LB65oIH2V8WBCRP6/J1U3Syh+rtj7cFOl3tKKuyCIL30VTGdgxo83fqVlrppeytGN6k+ed
	nbFwOxLXufLMCBU0HCM0ahn59jhWhbiXZcACQF+H/6krw2jyhbS16+X6cJ1A3ueBDtNkH0
	9vaC8pPhsc8eGdye2xLnFGudG5nelIlBXdvJysXe4Bx1Uz/1YAfrv/mL+8mfPQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707292476; a=rsa-sha256; cv=none;
	b=QW8eeV4DXbAwB7QJkrTn/U3E5oxQRTBvefXK4T2tUtymIi8DM2J/MMuhzBK5zmNsDZ2D9w
	8rM7MtxK3CTtLtOJuRAd4J9IyPy7vMKXla/Jxy2mktfbfyti1fvJEW42lbcG+oSv7qg1Jh
	mtMLh74N4KS7Efo8fr/4XaiXlt6p5eHcZLJjKtowiZfoRB41KDerxvRpUqqdW6Iqtk4RIa
	wueA0kXIjOv19XmcWRoTSXJiOE4erfyC+5BQfQNHJ5oX8JslgJb4cv1lnbB4Q0AZmgRe7B
	FdogWF/WPrTCcXJ0WbWl9oDczOuS4SKCtBWvYiJqI8+YVj0fzCSVLvD393KGxg==
Received: from thornystick.gshapiro.net.beta.tailscale.net (sizz-lor.gshapiro.net [104.234.4.21])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: gshapiro)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4TVC7c262cz171k
	for <freebsd-stable@freebsd.org>; Wed,  7 Feb 2024 07:54:36 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
Date: Tue, 6 Feb 2024 23:54:34 -0800
From: Gregory Shapiro <gshapiro@freebsd.org>
To: freebsd-stable@freebsd.org
Subject: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
Message-ID: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

As noted in UPDATING:

20240207:
	sendmail 8.18.1 has been imported and merged.  This version enforces
	stricter RFC compliance by default, especially with respect to line
	endings.  This may cause issues with receiving messages from
	non-compliant MTAs; please see the first 8.18.1 release note in
	contrib/sendmail/RELEASE_NOTES for mitigations.

Here is that release note entry:

8.18.1/8.18.1	2024/01/31
	sendmail is now stricter in following the RFCs and rejects
		some invalid input with respect to line endings
		and pipelining:
		- Prevent transaction stuffing by ensuring SMTP clients
		wait for the HELO/EHLO and DATA response before sending
		further SMTP commands.  This can be disabled using
		the new srv_features option 'F'.  Issue reported by
		Yepeng Pan and Christian Rossow from CISPA Helmholtz
		Center for Information Security.
		- Accept only CRLF . CRLF as end of an SMTP message
		as required by the RFCs, which can disabled by the
		new srv_features option 'O'.
		- Do not accept a CR or LF except in the combination
		CRLF (as required by the RFCs).  These checks can
		be disabled by the new srv_features options
		'U' and 'G', respectively.  In this case it is
		suggested to use 'u2' and 'g2' instead so the server
		replaces offending bare CR or bare LF with a space.
		It is recommended to only turn these protections off
		for trusted networks due to the potential for abuse.

From nobody Wed Feb  7 19:02:36 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVTyY2Fpcz59tWH
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Wed,  7 Feb 2024 19:02:45 +0000 (UTC)
	(envelope-from mike@sentex.net)
Received: from smarthost1.sentex.ca (smarthost1.sentex.ca [IPv6:2607:f3e0:0:1::12])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smarthost1.sentex.ca", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVTyX5L23z4pMj;
	Wed,  7 Feb 2024 19:02:44 +0000 (UTC)
	(envelope-from mike@sentex.net)
Authentication-Results: mx1.freebsd.org;
	none
Received: from pyroxene2a.sentex.ca (pyroxene19.sentex.ca [199.212.134.19])
	by smarthost1.sentex.ca (8.17.1/8.16.1) with ESMTPS id 417J2bWb074287
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=FAIL);
	Wed, 7 Feb 2024 14:02:38 -0500 (EST)
	(envelope-from mike@sentex.net)
Received: from [IPV6:2607:f3e0:0:4:a488:af48:3db7:8589] ([IPv6:2607:f3e0:0:4:a488:af48:3db7:8589])
	by pyroxene2a.sentex.ca (8.17.1/8.15.2) with ESMTPS id 417J2aDR067491
	(version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO);
	Wed, 7 Feb 2024 14:02:36 -0500 (EST)
	(envelope-from mike@sentex.net)
Message-ID: <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
Date: Wed, 7 Feb 2024 14:02:36 -0500
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
Content-Language: en-US
To: Gregory Shapiro <gshapiro@freebsd.org>, freebsd-stable@freebsd.org
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
From: mike tancsa <mike@sentex.net>
Autocrypt: addr=mike@sentex.net; keydata=
 xsBNBFywzOMBCACoNFpwi5MeyEREiCeHtbm6pZJI/HnO+wXdCAWtZkS49weOoVyUj5BEXRZP
 xflV2ib2hflX4nXqhenaNiia4iaZ9ft3I1ebd7GEbGnsWCvAnob5MvDZyStDAuRxPJK1ya/s
 +6rOvr+eQiXYNVvfBhrCfrtR/esSkitBGxhUkBjOti8QwzD71JVF5YaOjBAs7jZUKyLGj0kW
 yDg4jUndudWU7G2yc9GwpHJ9aRSUN8e/mWdIogK0v+QBHfv/dsI6zVB7YuxCC9Fx8WPwfhDH
 VZC4kdYCQWKXrm7yb4TiVdBh5kgvlO9q3js1yYdfR1x8mjK2bH2RSv4bV3zkNmsDCIxjABEB
 AAHNHW1pa2UgdGFuY3NhIDxtaWtlQHNlbnRleC5uZXQ+wsCOBBMBCAA4FiEEmuvCXT0aY6hs
 4SbWeVOEFl5WrMgFAl+pQfkCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQeVOEFl5W
 rMiN6ggAk3H5vk8QnbvGbb4sinxZt/wDetgk0AOR9NRmtTnPaW+sIJEfGBOz47Xih+f7uWJS
 j+uvc9Ewn2Z7n8z3ZHJlLAByLVLtcNXGoRIGJ27tevfOaNqgJHBPbFOcXCBBFTx4MYMM4iAZ
 cDT5vsBTSaM36JZFtHZBKkuFEItbA/N8ZQSHKdTYMIA7A3OCLGbJBqloQ8SlW4MkTzKX4u7R
 yefAYQ0h20x9IqC5Ju8IsYRFacVZconT16KS81IBceO42vXTN0VexbVF2rZIx3v/NT75r6Vw
 0FlXVB1lXOHKydRA2NeleS4NEG2vWqy/9Boj0itMfNDlOhkrA/0DcCurMpnpbM7ATQRcsMzk
 AQgA1Dpo/xWS66MaOJLwA28sKNMwkEk1Yjs+okOXDOu1F+0qvgE8sVmrOOPvvWr4axtKRSG1
 t2QUiZ/ZkW/x/+t0nrM39EANV1VncuQZ1ceIiwTJFqGZQ8kb0+BNkwuNVFHRgXm1qzAJweEt
 RdsCMohB+H7BL5LGCVG5JaU0lqFU9pFP40HxEbyzxjsZgSE8LwkI6wcu0BLv6K6cLm0EiHPO
 l5G8kgRi38PS7/6s3R8QDsEtbGsYy6O82k3zSLIjuDBwA9GRaeigGppTxzAHVjf5o9KKu4O7
 gC2KKVHPegbXS+GK7DU0fjzX57H5bZ6komE5eY4p3oWT/CwVPSGfPs8jOwARAQABwsB2BBgB
 CAAgFiEEmuvCXT0aY6hs4SbWeVOEFl5WrMgFAl+pQfkCGwwACgkQeVOEFl5WrMiVqwf9GwU8
 c6cylknZX8QwlsVudTC8xr/L17JA84wf03k3d4wxP7bqy5AYy7jboZMbgWXngAE/HPQU95NM
 aukysSnknzoIpC96XZJ0okLBXVS6Y0ylZQ+HrbIhMpuQPoDweoF5F9wKrsHRoDaUK1VR706X
 rwm4HUzh7Jk+auuMYfuCh0FVlFBEuiJWMLhg/5WCmcRfiuB6F59ZcUQrwLEZeNhF2XJV4KwB
 Tlg7HCWO/sy1foE5noaMyACjAtAQE9p5kGYaj+DuRhPdWUTsHNuqrhikzIZd2rrcMid+ktb0
 NvtvswzMO059z1YGMtGSqQ4srCArju+XHIdTFdiIYbd7+jeehg==
In-Reply-To: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Scanned-By: MIMEDefang 2.84 on 64.7.153.18
X-Rspamd-Queue-Id: 4TVTyX5L23z4pMj
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:11647, ipnet:2607:f3e0::/32, country:CA]

Thanks for the continued sendmail support!   One question, I noticed the 
new mc file makes the following changes which refers to a file that does 
not normally exist on RELENG_13.  What is the best way to generate that 
file ?

  diff -u sendmail.cf build13.sentex.ca.cf
--- sendmail.cf 2024-02-07 18:54:29.649479000 +0000
+++ build13.sentex.ca.cf        2024-02-07 18:55:15.546923000 +0000
@@ -31,6 +31,7 @@
  #####  $Id: cfhead.m4,v 8.122 2013-11-22 20:51:13 ca Exp $  #####
  #####  $Id: cf.m4,v 8.33 2013-11-22 20:51:13 ca Exp $  #####

+#####  $FreeBSD$  #####

  #####  $Id: freebsd6.m4,v 1.2 2013-11-22 20:51:15 ca Exp $  #####

@@ -606,7 +607,7 @@
  # Directory containing hashes pointing to certificate revocation 
status files
  #O CRLPath
  # DHParameters (only required if DSA/DH is used)
-#O DHParameters
+O DHParameters=/etc/mail/certs/dh.param
  # Random data source (required for systems without /dev/urandom under 
OpenSSL)
  #O RandFile
  # fingerprint algorithm (digest) to use for the presented cert

Feb  7 18:56:00 build13 sm-mta[88899]: starting daemon (8.18.1): 
SMTP+queueing@00:30:00
Feb  7 18:56:00 build13 sm-mta[88899]: STARTTLS=server: file 
/etc/mail/certs/dh.param unsafe: No such file or directory
Feb  7 18:56:00 build13 sm-msp-queue[88902]: starting daemon (8.18.1): 
queueing@00:30:00


On 2/7/2024 2:54 AM, Gregory Shapiro wrote:
> As noted in UPDATING:
>
> 20240207:
> 	sendmail 8.18.1 has been imported and merged.  This version enforces
> 	stricter RFC compliance by default, especially with respect to line
> 	endings.  This may cause issues with receiving messages from
> 	non-compliant MTAs; please see the first 8.18.1 release note in
> 	contrib/sendmail/RELEASE_NOTES for mitigations.
>
> Here is that release note entry:
>
> 8.18.1/8.18.1	2024/01/31
> 	sendmail is now stricter in following the RFCs and rejects
> 		some invalid input with respect to line endings
> 		and pipelining:
> 		- Prevent transaction stuffing by ensuring SMTP clients
> 		wait for the HELO/EHLO and DATA response before sending
> 		further SMTP commands.  This can be disabled using
> 		the new srv_features option 'F'.  Issue reported by
> 		Yepeng Pan and Christian Rossow from CISPA Helmholtz
> 		Center for Information Security.
> 		- Accept only CRLF . CRLF as end of an SMTP message
> 		as required by the RFCs, which can disabled by the
> 		new srv_features option 'O'.
> 		- Do not accept a CR or LF except in the combination
> 		CRLF (as required by the RFCs).  These checks can
> 		be disabled by the new srv_features options
> 		'U' and 'G', respectively.  In this case it is
> 		suggested to use 'u2' and 'g2' instead so the server
> 		replaces offending bare CR or bare LF with a space.
> 		It is recommended to only turn these protections off
> 		for trusted networks due to the potential for abuse.
>

From nobody Wed Feb  7 19:30:20 2024
X-Original-To: stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVVZj32Wbz59wK3
	for <stable@mlmmj.nyi.freebsd.org>; Wed,  7 Feb 2024 19:30:37 +0000 (UTC)
	(envelope-from george+freebsd@m5p.com)
Received: from mailhost.m5p.com (mailhost.m5p.com [74.104.188.4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "m5p.com", Issuer "R3" (not verified))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVVZh4D2Fz4sfY
	for <stable@freebsd.org>; Wed,  7 Feb 2024 19:30:36 +0000 (UTC)
	(envelope-from george+freebsd@m5p.com)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of george+freebsd@m5p.com designates 74.104.188.4 as permitted sender) smtp.mailfrom=george+freebsd@m5p.com
Received: from [IPV6:2001:470:1f07:15ff::26] (court.m5p.com [IPv6:2001:470:1f07:15ff:0:0:0:26])
	(authenticated bits=0)
	by mailhost.m5p.com (8.17.1/8.15.2) with ESMTPSA id 417JUKWX041735
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO)
	for <stable@freebsd.org>; Wed, 7 Feb 2024 14:30:29 -0500 (EST)
	(envelope-from george+freebsd@m5p.com)
Message-ID: <5f68a2a8-64c0-4cb9-a9b5-8f730f75844d@m5p.com>
Date: Wed, 7 Feb 2024 14:30:20 -0500
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
To: stable@freebsd.org
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
 <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
Content-Language: en-US
From: George Mitchell <george+freebsd@m5p.com>
Autocrypt: addr=george+freebsd@m5p.com; keydata=
 xjMEZaHDbxYJKwYBBAHaRw8BAQdA2W6oBfS8haXY0/Ft4zS1OTLYfC8EBIADPTgMQdh85C3N
 KEdlb3JnZSBNaXRjaGVsbCA8Z2VvcmdlK2ZyZWVic2RAbTVwLmNvbT7CmQQTFgoAQRYhBDpv
 v9n4+UzMLAJ8EZocD3futmd9BQJlocSiAhsDBQkFo5qABQsJCAcCAiICBhUKCQgLAgQWAgMB
 Ah4HAheAAAoJEJocD3futmd9SxwBAJUi6DNdVhWCZBTv5XGy1g0JgApLWe/3S0M0zz9sn7/L
 AQCcJcV5k5s2rt9J5C1AUm6XVsuneVvIWXO5j1GKWk0NC844BGWhw28SCisGAQQBl1UBBQEB
 B0AaFz/6B95RRvjOdLZr5fSdhuIHvwr24H3ePDZSw6wlUwMBCAfCfgQYFgoAJhYhBDpvv9n4
 +UzMLAJ8EZocD3futmd9BQJlocNvAhsMBQkFo5qAAAoJEJocD3futmd9RXsBANwRD9RE56F6
 /jeZOrujHICLcgPiOt50Y6866v9OUTjUAP9GlC1aopfBpNwuPLJBam7oBaGqvY98VDhzOjoT
 7DNbCQ==
In-Reply-To: <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="------------HNQKQGtyGXyz0M0htIVzDdou"
X-Spam-Status: No, score=0.2 required=10.0 tests=HELO_MISC_IP,HELO_NO_DOMAIN
	autolearn=no autolearn_force=no version=4.0.0
X-Spam-Checker-Version: SpamAssassin 4.0.0 (2022-12-14) on mattapan.m5p.com
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.30 / 15.00];
	SIGNED_PGP(-2.00)[];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.95)[-0.947];
	NEURAL_SPAM_MEDIUM(0.93)[0.934];
	R_SPF_ALLOW(-0.20)[+a];
	MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain];
	MIME_BASE64_TEXT(0.10)[];
	XM_UA_NO_VERSION(0.01)[];
	RCVD_TLS_ALL(0.00)[];
	TAGGED_FROM(0.00)[freebsd];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	HAS_ATTACHMENT(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	ARC_NA(0.00)[];
	DMARC_NA(0.00)[m5p.com];
	ASN(0.00)[asn:701, ipnet:74.104.0.0/16, country:US];
	MIME_TRACE(0.00)[0:+,1:+,2:+,3:~];
	PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org];
	TO_DN_NONE(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	RCVD_COUNT_ONE(0.00)[1];
	MLMMJ_DEST(0.00)[stable@freebsd.org];
	MID_RHS_MATCH_FROM(0.00)[];
	R_DKIM_NA(0.00)[];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	FROM_HAS_DN(0.00)[]
X-Rspamd-Queue-Id: 4TVVZh4D2Fz4sfY

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--------------HNQKQGtyGXyz0M0htIVzDdou
Content-Type: multipart/mixed; boundary="------------vt06D9ci51rFC1K4dOMHseYa";
 protected-headers="v1"
From: George Mitchell <george+freebsd@m5p.com>
To: stable@freebsd.org
Message-ID: <5f68a2a8-64c0-4cb9-a9b5-8f730f75844d@m5p.com>
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
 <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
In-Reply-To: <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>

--------------vt06D9ci51rFC1K4dOMHseYa
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64

T24gMi83LzI0IDE0OjAyLCBtaWtlIHRhbmNzYSB3cm90ZToNCj4gVGhhbmtzIGZvciB0aGUg
Y29udGludWVkIHNlbmRtYWlsIHN1cHBvcnQhwqDCoCBPbmUgcXVlc3Rpb24sIEkgbm90aWNl
ZCB0aGUgDQo+IG5ldyBtYyBmaWxlIG1ha2VzIHRoZSBmb2xsb3dpbmcgY2hhbmdlcyB3aGlj
aCByZWZlcnMgdG8gYSBmaWxlIHRoYXQgZG9lcyANCj4gbm90IG5vcm1hbGx5IGV4aXN0IG9u
IFJFTEVOR18xMy7CoCBbLi4uXQ0KDQpBbmQgc3BlYWtpbmcgb2YgUkVMRU5HXzEzLCBpcyB0
aGlzIGNoYW5nZSBsaWtlbHkgdG8gc2hvdyB1cCBpbg0KRnJlZUJTRCAxMy4zLCB3aGljaCBp
cyBjdXJyZW50bHkgZ29pbmcgdGhyb3VnaCB0aGUgYmV0YSwgdGhlbg0KcmVsZWFzZSBjYW5k
aWRhdGUsIHRoZW4gcmVsZWFzZSBjeWNsZT8gICAgICAgICAgICAgICAgLS0gR2VvcmdlDQoN
Cg==

--------------vt06D9ci51rFC1K4dOMHseYa--

--------------HNQKQGtyGXyz0M0htIVzDdou
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature.asc"

-----BEGIN PGP SIGNATURE-----

wnsEABYIACMWIQQ6b7/Z+PlMzCwCfBGaHA937rZnfQUCZcPaTAUDAAAAAAAKCRCaHA937rZnfWuN
AQDreRxOh5+o6qJi1iK09+VERKpsSUupQBe6cCU+E71sTgEA6ZhlPKeifn3YjdTV6hr0VI7kjuLO
KWoOc/hAWW4oeg4=
=HskW
-----END PGP SIGNATURE-----

--------------HNQKQGtyGXyz0M0htIVzDdou--

From nobody Wed Feb  7 19:54:04 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVW5p6cl7z59yVr
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Wed,  7 Feb 2024 19:54:06 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVW5p5MvNz41rP;
	Wed,  7 Feb 2024 19:54:06 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1707335646;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=8fyeZC8ige5/jZLElXl18LKxFH9uF7DZOVjzxPmG9PE=;
	b=fwvIiJYk1F0rI3mTd3S0K3MQdYtEEqaaWD/GH2emOWf43+zgocJpSpytqFrbCPkCNNXU+3
	84C8MLFBiaZLOuGedYevDT2P+3zpGMbtg8LTah3uPxl7fr0AoA/8W5EjsL0z8CjvaXkCde
	VZNKCF5CRLrsPbqd+88TQR/fZ2uVSYhpJR1KGOzSuDpYQjZb6uWjwHTMyEn8Ua0zihcVYf
	RGspUOEHPCKt8BbPQEIjmoPWqGk9da9OHJ5JfqLHTul43vtoPvtqyyJHfpMf+hOl8iHeGp
	Jg9BJGbDPPkV3XsxOMXb4Vr4WjRve//DGlmpenkBhPXInbdPTB51DxO1gnvSjw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1707335646;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=8fyeZC8ige5/jZLElXl18LKxFH9uF7DZOVjzxPmG9PE=;
	b=VoTXY6ldfnVP0TRun37jv1KyGkXSHH4tACE6eGyKBwtMt8jedX61xLCHXlLgfKQ3z38Uds
	tBZu8F91ecYonDsrFeBosa/ae7GMq45vZhAES9DhjvAShkSMV0ZTL0BSd8MEltM+vXpaNh
	O5N7DBpmn7UqGut77pYnnw/8wSOyCk2nLubgrnjsPp0aAybSsLHsE0UtHnzSFTq6MQ7HHA
	KaraZ3YyZg/HyspwIIGFQuQJJfEaUbzD91SPr1CReZf9+v2sMJWXKWGYL/rEAUvS3VWgwu
	YHe0QetE6nubq+zAh5nyhuGpoPI91SlRsmNKQkEcM1oPWOpDJkgrxx8S1qDogQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707335646; a=rsa-sha256; cv=none;
	b=F3pejR/ZaI/H0NgilTbOe4KT88Onzr6kvuJAiR9JTT2REmW//PWOBRiYfAzeRB13Muxvaa
	P5VpCxWbJIOq7W4o994ExDgY5F5oygIMmZxAcAk6PpUUTISG+bTg5GCy/lcfJeTubMpqav
	0zlxy/1brC7guGAwwyfIWQLcicj9RUcGn/5FCjEX8u0oHroS77DD/MT4r0+q+/HBBO2l6B
	K+7b9kYQMwcb4XbvPWORLlIx3WYweI8BEw+jqMISGyukHAATu2jYcbhIylj0cgypJBxlac
	phtC+piFXyxYbky9nHLefMPhZfaoEdJYytvBWgSeewG97alo9O2v2ap6iKeZHw==
Received: from thornystick.terrier-augmented.ts.net (sizz-lor.gshapiro.net [104.234.4.21])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: gshapiro)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4TVW5p2djwz1NCl;
	Wed,  7 Feb 2024 19:54:06 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
Date: Wed, 7 Feb 2024 11:54:04 -0800
From: Gregory Shapiro <gshapiro@freebsd.org>
To: mike tancsa <mike@sentex.net>
Cc: freebsd-stable@freebsd.org
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
Message-ID: <pvhajisx6bsathaqwywt4i2rwcfiimpshorlt33h2gcctj6nws@mt254bqpy5up>
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
 <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>

On Wed, Feb 07, 2024 at 02:02:36PM -0500, mike tancsa wrote:
> Thanks for the continued sendmail support!   One question, I noticed the new
> mc file makes the following changes which refers to a file that does not
> normally exist on RELENG_13.  What is the best way to generate that file ?

Thanks Mike!  That file isn't part of the default configuration for
FreeBSD so it must be something you set in your .mc file.

The good news is it won't cause any breakage, but here are the docs (op.me)
which include how to generate:

DHParameters

This option applies to the server side only.  Possible values are:

5       use precomputed 512 bit prime.
1       generate 1024 bit prime
2       generate 2048 bit prime.
i       use included precomputed 2048 bit prime (default).
none    do not use Diffie-Hellman.
/path/to/file   load prime from file.

This is only required if a ciphersuite containing DSA/DH is used.  The
default is ``i'' which selects a precomputed, fixed 2048 bit prime.

If ``5'' is selected, then precomputed, fixed primes are used.  Note:
this option should not be used (unless necessary for compatibility with
old implementations).

If ``1'' or ``2'' is selected, then prime values are computed during
startup.  Note: this operation can take a significant amount of time on
a slow machine (several seconds), but it is only done once at startup.

If ``none'' is selected, then TLS ciphersuites containing DSA/DH cannot
be used.

If a file name is specified (which must be an absolute path), then the
primes are read from it.  It is recommended to generate such a file
using a command like this:

        openssl dhparam -out /etc/mail/dhparams.pem 2048

If the file is not readable or contains unusable data,
the default ``i'' is used instead.

From nobody Wed Feb  7 19:56:01 2024
X-Original-To: stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVW826vQpz59ycd
	for <stable@mlmmj.nyi.freebsd.org>; Wed,  7 Feb 2024 19:56:02 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "smtp.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVW825pp4z439p;
	Wed,  7 Feb 2024 19:56:02 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1707335762;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=ZeQA5cOTl8wYylnk+hzlrk0FOXEObqhYdxZajZJInxA=;
	b=JI0/ZAQSVLrGikhqeI7mEkwc5bSU+owea+spvKsXqRltaaYMHW515a8v/I+f5vjl5/MDBj
	TjGAldTgiSmNkS+ejQ6d4bmH2sxShNl1EYoTEVOpSjVWj2HQsHye9r3oXB/zXNLQN1vo2E
	CAS0issGVVSD/fXFDAhfnlUG1fcIFOfjhNQ+EoKKA5yr1aYdidCy+0mWFFR8Ush75Ju862
	9B7AUSpy68RXkg9BY9bqlF99hU2l+FnD3C5EYXVWvs1jkWNG5O8aaoAHfDH9LnClUGU7p/
	J8XTxSBKCPwZX3EkjWCLTW1knZkRc9K3LjYcRQ5FTwLtPYsyB3MbmfgGXXpQXA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1707335762;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 in-reply-to:in-reply-to:references:references;
	bh=ZeQA5cOTl8wYylnk+hzlrk0FOXEObqhYdxZajZJInxA=;
	b=rxY1RQARBu79m5T+mY0CDAy9R7pG5c45hnqABUIMWgf5xXQ5V3z+27oMLRP2xWSp+zI+q0
	n9MZ4EfLR5/XymR0cfgpERC1iEw9Z99n5v7U0tlmwFy7+YYqDMLx9xlXdNULP6VN6Ylleh
	3ZZIVi4A0dIuBJu4xvJC444dnRv3YlbHzFjRuiSdyn3d54ALh7giNPWSmRJJQvNBtpepQe
	WNbDVMN8LqL3eNJsQn/IYm280sHme0ieR4Q0OPFuxsRlpOyklazwIGofObbdIVDScvmVPh
	RUb4eoEea4ZRQ+u1aRrMVsIGtHM4nsRD7KeRqzJ8i5DbOGvFxrbu2H+KHDY8zQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707335762; a=rsa-sha256; cv=none;
	b=ppkm5j5dCOfMj2O0OsE6xCQP+QAP284Nbjkh+plaTUEip7YHWGZ6rq70Zzgqh9bp8+81eH
	cqBcocHK9SzKwt4jtxZRXqJNHvtcN7Y8w25aBmpUN6FTIOVdXjpNnC7CeZP9+wXwFmBGR7
	eBpEjpmlh/5ZFtpUXxnbLzpU8834DTgTzcsHT/ckOyeUMOHIxOY/Glm1jL4t/P2l98AFmW
	6E1B1dGFo/3K+JacDMU0e4pIvJeCid8QFtGLSMPv+Qtewh0AwNfuB+e7SrPBUizks0/ByP
	isVFv5I7JewdaJMG83xKJwzHIc4LnhD58uZMPwDPKxyjhXGigj8rAbEnh605/g==
Received: from thornystick.terrier-augmented.ts.net (sizz-lor.gshapiro.net [104.234.4.21])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	(Authenticated sender: gshapiro)
	by smtp.freebsd.org (Postfix) with ESMTPSA id 4TVW822G5Yz1NCm;
	Wed,  7 Feb 2024 19:56:02 +0000 (UTC)
	(envelope-from gshapiro@freebsd.org)
Date: Wed, 7 Feb 2024 11:56:01 -0800
From: Gregory Shapiro <gshapiro@freebsd.org>
To: George Mitchell <george+freebsd@m5p.com>
Cc: stable@freebsd.org
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
Message-ID: <uxepjjsslidk2teljjp5p2mg5cvp2ocpacirhe722ztrlxzywy@orpzremtk3jj>
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
 <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
 <5f68a2a8-64c0-4cb9-a9b5-8f730f75844d@m5p.com>
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <5f68a2a8-64c0-4cb9-a9b5-8f730f75844d@m5p.com>

> And speaking of RELENG_13, is this change likely to show up in
> FreeBSD 13.3, which is currently going through the beta, then
> release candidate, then release cycle?                -- George

Yes, after about a week of baking in stable/13.  I've already
communicated with re@ and they are fully supportive.


From nobody Thu Feb  8 10:06:54 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVt210l3gz59Q9l
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Thu,  8 Feb 2024 10:07:05 +0000 (UTC)
	(envelope-from SRS0=98Ky=JR=quip.cz=000.fbsd@elsa.codelab.cz)
Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVt203syMz4gHY;
	Thu,  8 Feb 2024 10:07:04 +0000 (UTC)
	(envelope-from SRS0=98Ky=JR=quip.cz=000.fbsd@elsa.codelab.cz)
Authentication-Results: mx1.freebsd.org;
	none
Received: from elsa.codelab.cz (localhost [127.0.0.1])
	by elsa.codelab.cz (Postfix) with ESMTP id 95896D78A4;
	Thu,  8 Feb 2024 11:06:56 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private;
	t=1707386816; bh=96GP/Ddaho9dkNvg6Z2Rd1VimRc5MRfBdaOVcqpHWMo=;
	h=Date:Subject:To:References:From:In-Reply-To;
	b=Mx8Qqq1D2nvnfARX/7b1wFepanvCNXzNoNKFaPol8UMQGIzWBBam4hoOr+vN0Fu7C
	 u3IUZrn4vuPV9bvlLC8ZEJD6P/6INNs5Qt4amTkcme3qdyuaUjqtatrhcPpU/DLPxd
	 bSqvmuf5cuXYwoBARwYpJ/+Fj3Meaw9+Pnki3F7M=
Received: from [192.168.145.49] (ip-89-177-27-225.bb.vodafone.cz [89.177.27.225])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by elsa.codelab.cz (Postfix) with ESMTPSA id 51754D78A8;
	Thu,  8 Feb 2024 11:06:55 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private;
	t=1707386815; bh=96GP/Ddaho9dkNvg6Z2Rd1VimRc5MRfBdaOVcqpHWMo=;
	h=Date:Subject:To:References:From:In-Reply-To;
	b=wza/AEnOHZRWHfDSxxxNTpoIAPqxXh+ua7rFEYE9HGQqDq+27aNCevSfD2pWK+mvj
	 9TjZugFQka2iiXnsA0/eV618g8DL/BKvgaRWl3c+kIgY6E/2kwqvlbQ+S5pYHYySjT
	 57DvK29igHGg86oUjLELp2U9AUyDU4hg94mSebzI=
Message-ID: <dd579cb4-559f-4a05-a2d9-e9709cd27ada@quip.cz>
Date: Thu, 8 Feb 2024 11:06:54 +0100
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
To: mike tancsa <mike@sentex.net>, Gregory Shapiro <gshapiro@freebsd.org>,
 freebsd-stable@freebsd.org
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
 <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
Content-Language: en-US
From: Miroslav Lachman <000.fbsd@quip.cz>
In-Reply-To: <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: 4TVt203syMz4gHY
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:42000, ipnet:94.124.104.0/21, country:CZ]

On 07/02/2024 20:02, mike tancsa wrote:
> Thanks for the continued sendmail support!   One question, I noticed the 
> new mc file makes the following changes which refers to a file that does 
> not normally exist on RELENG_13.  What is the best way to generate that 
> file ?

[..]

> @@ -606,7 +607,7 @@
>   # Directory containing hashes pointing to certificate revocation 
> status files
>   #O CRLPath
>   # DHParameters (only required if DSA/DH is used)
> -#O DHParameters
> +O DHParameters=/etc/mail/certs/dh.param


Almost any network daemon today can use DHParams files, but each have 
it's own location and some of them provide the script to re-generate it 
periodically. There was a PR about it for ProFTPD few years ago:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=208953

As a quick POC, I've provided a simple dhparams_gen.sh script.
https://bugs.freebsd.org/bugzilla/attachment.cgi?id=247526&action=edit

I thing something like this can be included in the base and all services 
from ports and base should be configured to use the same dhparams.pem 
file easily managed from cron, or manually by one simple command.

The submitted script generates DH params from 1024 to 8192. From what I 
read on the net, 1024 and 1536 should not be used and from my experience 
generating anything above 4096 takes too much time (the script runs for 
hours on a not so modern machine) so I created another version of the 
dhparams_gen.sh where user can specify what sizes will be generated by 
defining the range, for example "2048 4096" will generate only 2048 3072 
4096 sizes.
It is very simple scripting and as nobody reacted to the PR I didn't 
post the newer version. I can send it to you I you want.

Kind regards
Miroslav Lachman

From nobody Thu Feb  8 11:01:20 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVvF44Rtxz59VmN
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Thu,  8 Feb 2024 11:01:44 +0000 (UTC)
	(envelope-from ruben@verweg.com)
Received: from erg.verweg.com (erg.verweg.com [IPv6:2a02:898:96::5e8e:f508])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVvF41vv0z4lTT;
	Thu,  8 Feb 2024 11:01:44 +0000 (UTC)
	(envelope-from ruben@verweg.com)
Authentication-Results: mx1.freebsd.org;
	none
DKIM-Filter: OpenDKIM Filter v2.10.3 erg.verweg.com (unknown-jobid)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verweg.com;
	s=verweg; t=1707390093;
	bh=DLIBR5oN23vSVaCogPNeAswLqKcfviXwF00y2Y3SAII=;
	h=From:Subject:Date:In-Reply-To:Cc:To:References:From;
	b=T6zWmNmXzIWVwiRjdwaZU5blw4BiDinyL6k6AP0pkxWGbhaSJEL0IdeflJc2kU4Dy
	 LqTgNqEzLI53omYturDFRhdYLR7/JmxuTkTQ9A9cCggfsN2wTrjbk3Q/hVGxpWBLWK
	 vU7MMDd/3ykN/999hx6ZOMyw5kZ6prGGqI/QeZbBGznou7V8kmbM15ehBUwByTe4ge
	 iyyqSizwkE3KW26GT/rJ9w9F8QBou/igUSf7wZuM0Vu6ESP6PWa3uLg0av6fCRH6p7
	 tOv/JRW40qp0UCOCDMsMMyoGb1zd37nuzrp+Dp1DJxQaWKRntnIFZ1g66kg08s9fmq
	 gwlHHtc4AkyHA==
Received: from smtpclient.apple (2a10-3781-03e9.connected.by.freedominter.net [IPv6:2a10:3781:3e9:1:7187:67fd:c9c4:d620] (may be forged))
	(authenticated bits=0)
	by erg.verweg.com (8.17.2/8.17.2) with ESMTPSA id 418B1WbW027955
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 8 Feb 2024 11:01:32 GMT
	(envelope-from ruben@verweg.com)
X-Authentication-Warning: erg.verweg.com: Host 2a10-3781-03e9.connected.by.freedominter.net [IPv6:2a10:3781:3e9:1:7187:67fd:c9c4:d620] (may be forged) claimed to be smtpclient.apple
From: Ruben van Staveren <ruben@verweg.com>
Message-Id: <4CEF6CCD-2BB5-4677-9D81-55F23E9FA89A@verweg.com>
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C"
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
Date: Thu, 8 Feb 2024 12:01:20 +0100
In-Reply-To: <dd579cb4-559f-4a05-a2d9-e9709cd27ada@quip.cz>
Cc: mike tancsa <mike@sentex.net>, Gregory Shapiro <gshapiro@freebsd.org>,
        Miroslav Lachman <000.fbsd@quip.cz>
To: Ruben van Staveren via freebsd-stable <freebsd-stable@freebsd.org>
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
 <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
 <dd579cb4-559f-4a05-a2d9-e9709cd27ada@quip.cz>
X-Mailer: Apple Mail (2.3774.400.31)
X-Rspamd-Queue-Id: 4TVvF41vv0z4lTT
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:8283, ipnet:2a02:898::/32, country:NL]


--Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Hi all,=20

As for the dhparams file, lets use the ffdhe4096 as per RFC7919  one and =
stop continuing generating these ourselves.
The file can be grabbed from e.g. =
https://raw.githubusercontent.com/internetstandards/dhe_groups/master/ffdh=
e4096.pem

Not seeing any reason to use the weaker ffdhe3072 / ffdhe2048 for =
backwards compatibility, but ymmv.

Best Regards,
    Ruben


> On 8 Feb 2024, at 11:06, Miroslav Lachman <000.fbsd@quip.cz> wrote:
>=20
> On 07/02/2024 20:02, mike tancsa wrote:
>> Thanks for the continued sendmail support!   One question, I noticed =
the new mc file makes the following changes which refers to a file that =
does not normally exist on RELENG_13.  What is the best way to generate =
that file ?
>=20
> [..]
>=20
>> @@ -606,7 +607,7 @@
>>  # Directory containing hashes pointing to certificate revocation =
status files
>>  #O CRLPath
>>  # DHParameters (only required if DSA/DH is used)
>> -#O DHParameters
>> +O DHParameters=3D/etc/mail/certs/dh.param
>=20
>=20
> Almost any network daemon today can use DHParams files, but each have =
it's own location and some of them provide the script to re-generate it =
periodically. There was a PR about it for ProFTPD few years ago:
>=20
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208953
>=20
> As a quick POC, I've provided a simple dhparams_gen.sh script.
> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D247526&action=3Ded=
it
>=20
> I thing something like this can be included in the base and all =
services from ports and base should be configured to use the same =
dhparams.pem file easily managed from cron, or manually by one simple =
command.
>=20
> The submitted script generates DH params from 1024 to 8192. =46rom =
what I read on the net, 1024 and 1536 should not be used and from my =
experience generating anything above 4096 takes too much time (the =
script runs for hours on a not so modern machine) so I created another =
version of the dhparams_gen.sh where user can specify what sizes will be =
generated by defining the range, for example "2048 4096" will generate =
only 2048 3072 4096 sizes.
> It is very simple scripting and as nobody reacted to the PR I didn't =
post the newer version. I can send it to you I you want.
>=20
> Kind regards
> Miroslav Lachman
>=20


--Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=us-ascii

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; =
charset=3Dus-ascii"></head><body style=3D"overflow-wrap: break-word; =
-webkit-nbsp-mode: space; line-break: after-white-space;">Hi =
all,&nbsp;<div><br></div><div>As for the dhparams file, lets use the =
ffdhe4096 as per RFC7919 &nbsp;one and stop continuing generating these =
ourselves.</div><div>The file can be grabbed from e.g.&nbsp;<a =
href=3D"https://raw.githubusercontent.com/internetstandards/dhe_groups/mas=
ter/ffdhe4096.pem">https://raw.githubusercontent.com/internetstandards/dhe=
_groups/master/ffdhe4096.pem</a></div><div><br></div><div>Not seeing any =
reason to use the weaker ffdhe3072 / ffdhe2048 for backwards =
compatibility, but ymmv.</div><div><br></div><div>Best =
Regards,</div><div>&nbsp; &nbsp; Ruben</div><div><br =
id=3D"lineBreakAtBeginningOfMessage"><div><br><blockquote =
type=3D"cite"><div>On 8 Feb 2024, at 11:06, Miroslav Lachman =
&lt;000.fbsd@quip.cz&gt; wrote:</div><br =
class=3D"Apple-interchange-newline"><div><div>On 07/02/2024 20:02, mike =
tancsa wrote:<br><blockquote type=3D"cite">Thanks for the continued =
sendmail support!&nbsp;&nbsp; One question, I noticed the new mc file =
makes the following changes which refers to a file that does not =
normally exist on RELENG_13.&nbsp; What is the best way to generate that =
file ?<br></blockquote><br>[..]<br><br><blockquote type=3D"cite">@@ =
-606,7 +607,7 @@<br> &nbsp;# Directory containing hashes pointing to =
certificate revocation status files<br> &nbsp;#O CRLPath<br> &nbsp;# =
DHParameters (only required if DSA/DH is used)<br>-#O DHParameters<br>+O =
DHParameters=3D/etc/mail/certs/dh.param<br></blockquote><br><br>Almost =
any network daemon today can use DHParams files, but each have it's own =
location and some of them provide the script to re-generate it =
periodically. There was a PR about it for ProFTPD few years =
ago:<br><br>https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208953<br>=
<br>As a quick POC, I've provided a simple dhparams_gen.sh =
script.<br>https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D247526&am=
p;action=3Dedit<br><br>I thing something like this can be included in =
the base and all services from ports and base should be configured to =
use the same dhparams.pem file easily managed from cron, or manually by =
one simple command.<br><br>The submitted script generates DH params from =
1024 to 8192. =46rom what I read on the net, 1024 and 1536 should not be =
used and from my experience generating anything above 4096 takes too =
much time (the script runs for hours on a not so modern machine) so I =
created another version of the dhparams_gen.sh where user can specify =
what sizes will be generated by defining the range, for example "2048 =
4096" will generate only 2048 3072 4096 sizes.<br>It is very simple =
scripting and as nobody reacted to the PR I didn't post the newer =
version. I can send it to you I you want.<br><br>Kind =
regards<br>Miroslav =
Lachman<br><br></div></div></blockquote></div><br></div></body></html>=

--Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C--

From nobody Thu Feb  8 11:01:20 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TVvwQ49W4z59YJ0
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Thu,  8 Feb 2024 11:32:22 +0000 (UTC)
	(envelope-from ruben@verweg.com)
Received: from erg.verweg.com (erg.verweg.com [IPv6:2a02:898:96::5e8e:f508])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TVvwQ2sxqz4prF;
	Thu,  8 Feb 2024 11:32:22 +0000 (UTC)
	(envelope-from ruben@verweg.com)
Authentication-Results: mx1.freebsd.org;
	none
DKIM-Filter: OpenDKIM Filter v2.10.3 erg.verweg.com (unknown-jobid)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=verweg.com;
	s=verweg; t=1707391941;
	bh=DLIBR5oN23vSVaCogPNeAswLqKcfviXwF00y2Y3SAII=;
	h=From:Subject:Date:In-Reply-To:Cc:To:References:From;
	b=ovlxX8uRzYt1/Ar7yamfhq8zPJarX+66FNR9tGVzIJow9/KBjO0WpFQAXmUiBIMk1
	 ehld0DcVVrbguS/6OnxPAsLhTcbntNrmgg6gko71vVYVsOeXB9ZuIgNpV4CnWMDgTb
	 UG/M5Ir5HGhVgqpog92UHZ/BlZUkFVxW5vu7pG4udnVj0ETz2GGB97xkIV0qyrceJD
	 +lugcsmigJh9GgS5Zo5ykR90vDjWaKe0DJ+gj4WGXtL03WzKZ7N0YqW5oqemeob09O
	 FoeWRyZNa7YeMCys7mn0CXU1EiFrZYIcf2Bvenzg6CWLCY4qT51eXrU/27IFGhJiEu
	 +/wJnABZaIPkw==
Received: from smtpclient.apple (2a10-3781-03e9.connected.by.freedominter.net [IPv6:2a10:3781:3e9:1:7187:67fd:c9c4:d620] (may be forged))
	(authenticated bits=0)
	by erg.verweg.com (8.17.2/8.17.2) with ESMTPSA id 418BWKRW049587
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Thu, 8 Feb 2024 11:32:21 GMT
	(envelope-from ruben@verweg.com)
X-Authentication-Warning: erg.verweg.com: Host 2a10-3781-03e9.connected.by.freedominter.net [IPv6:2a10:3781:3e9:1:7187:67fd:c9c4:d620] (may be forged) claimed to be smtpclient.apple
From: Ruben van Staveren <ruben@verweg.com>
Message-Id: <4CEF6CCD-2BB5-4677-9D81-55F23E9FA89A@verweg.com>
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C"
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\))
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
Date: Thu, 8 Feb 2024 12:01:20 +0100
In-Reply-To: <dd579cb4-559f-4a05-a2d9-e9709cd27ada@quip.cz>
Cc: mike tancsa <mike@sentex.net>, Gregory Shapiro <gshapiro@freebsd.org>,
        Miroslav Lachman <000.fbsd@quip.cz>
To: Ruben van Staveren via freebsd-stable <freebsd-stable@freebsd.org>
References: <kuweloin2as6rvj46zff4kfm5lhyess73hdloiw2ggkpmzukhp@mzrzjmdli4yc>
 <c1a30751-daba-4321-bcff-4175f07c0b73@sentex.net>
 <dd579cb4-559f-4a05-a2d9-e9709cd27ada@quip.cz>
X-Mailer: Apple Mail (2.3774.400.31)
X-Rspamd-Queue-Id: 4TVvwQ2sxqz4prF
X-Spamd-Bar: ----
X-Rspamd-Pre-Result: action=no action;
	module=replies;
	Message is reply to one we originated
X-Spamd-Result: default: False [-4.00 / 15.00];
	REPLY(-4.00)[];
	ASN(0.00)[asn:8283, ipnet:2a02:898::/32, country:NL]


--Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Hi all,=20

As for the dhparams file, lets use the ffdhe4096 as per RFC7919  one and =
stop continuing generating these ourselves.
The file can be grabbed from e.g. =
https://raw.githubusercontent.com/internetstandards/dhe_groups/master/ffdh=
e4096.pem

Not seeing any reason to use the weaker ffdhe3072 / ffdhe2048 for =
backwards compatibility, but ymmv.

Best Regards,
    Ruben


> On 8 Feb 2024, at 11:06, Miroslav Lachman <000.fbsd@quip.cz> wrote:
>=20
> On 07/02/2024 20:02, mike tancsa wrote:
>> Thanks for the continued sendmail support!   One question, I noticed =
the new mc file makes the following changes which refers to a file that =
does not normally exist on RELENG_13.  What is the best way to generate =
that file ?
>=20
> [..]
>=20
>> @@ -606,7 +607,7 @@
>>  # Directory containing hashes pointing to certificate revocation =
status files
>>  #O CRLPath
>>  # DHParameters (only required if DSA/DH is used)
>> -#O DHParameters
>> +O DHParameters=3D/etc/mail/certs/dh.param
>=20
>=20
> Almost any network daemon today can use DHParams files, but each have =
it's own location and some of them provide the script to re-generate it =
periodically. There was a PR about it for ProFTPD few years ago:
>=20
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208953
>=20
> As a quick POC, I've provided a simple dhparams_gen.sh script.
> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D247526&action=3Ded=
it
>=20
> I thing something like this can be included in the base and all =
services from ports and base should be configured to use the same =
dhparams.pem file easily managed from cron, or manually by one simple =
command.
>=20
> The submitted script generates DH params from 1024 to 8192. =46rom =
what I read on the net, 1024 and 1536 should not be used and from my =
experience generating anything above 4096 takes too much time (the =
script runs for hours on a not so modern machine) so I created another =
version of the dhparams_gen.sh where user can specify what sizes will be =
generated by defining the range, for example "2048 4096" will generate =
only 2048 3072 4096 sizes.
> It is very simple scripting and as nobody reacted to the PR I didn't =
post the newer version. I can send it to you I you want.
>=20
> Kind regards
> Miroslav Lachman
>=20


--Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=us-ascii

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; =
charset=3Dus-ascii"></head><body style=3D"overflow-wrap: break-word; =
-webkit-nbsp-mode: space; line-break: after-white-space;">Hi =
all,&nbsp;<div><br></div><div>As for the dhparams file, lets use the =
ffdhe4096 as per RFC7919 &nbsp;one and stop continuing generating these =
ourselves.</div><div>The file can be grabbed from e.g.&nbsp;<a =
href=3D"https://raw.githubusercontent.com/internetstandards/dhe_groups/mas=
ter/ffdhe4096.pem">https://raw.githubusercontent.com/internetstandards/dhe=
_groups/master/ffdhe4096.pem</a></div><div><br></div><div>Not seeing any =
reason to use the weaker ffdhe3072 / ffdhe2048 for backwards =
compatibility, but ymmv.</div><div><br></div><div>Best =
Regards,</div><div>&nbsp; &nbsp; Ruben</div><div><br =
id=3D"lineBreakAtBeginningOfMessage"><div><br><blockquote =
type=3D"cite"><div>On 8 Feb 2024, at 11:06, Miroslav Lachman =
&lt;000.fbsd@quip.cz&gt; wrote:</div><br =
class=3D"Apple-interchange-newline"><div><div>On 07/02/2024 20:02, mike =
tancsa wrote:<br><blockquote type=3D"cite">Thanks for the continued =
sendmail support!&nbsp;&nbsp; One question, I noticed the new mc file =
makes the following changes which refers to a file that does not =
normally exist on RELENG_13.&nbsp; What is the best way to generate that =
file ?<br></blockquote><br>[..]<br><br><blockquote type=3D"cite">@@ =
-606,7 +607,7 @@<br> &nbsp;# Directory containing hashes pointing to =
certificate revocation status files<br> &nbsp;#O CRLPath<br> &nbsp;# =
DHParameters (only required if DSA/DH is used)<br>-#O DHParameters<br>+O =
DHParameters=3D/etc/mail/certs/dh.param<br></blockquote><br><br>Almost =
any network daemon today can use DHParams files, but each have it's own =
location and some of them provide the script to re-generate it =
periodically. There was a PR about it for ProFTPD few years =
ago:<br><br>https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208953<br>=
<br>As a quick POC, I've provided a simple dhparams_gen.sh =
script.<br>https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D247526&am=
p;action=3Dedit<br><br>I thing something like this can be included in =
the base and all services from ports and base should be configured to =
use the same dhparams.pem file easily managed from cron, or manually by =
one simple command.<br><br>The submitted script generates DH params from =
1024 to 8192. =46rom what I read on the net, 1024 and 1536 should not be =
used and from my experience generating anything above 4096 takes too =
much time (the script runs for hours on a not so modern machine) so I =
created another version of the dhparams_gen.sh where user can specify =
what sizes will be generated by defining the range, for example "2048 =
4096" will generate only 2048 3072 4096 sizes.<br>It is very simple =
scripting and as nobody reacted to the PR I didn't post the newer =
version. I can send it to you I you want.<br><br>Kind =
regards<br>Miroslav =
Lachman<br><br></div></div></blockquote></div><br></div></body></html>=

--Apple-Mail=_0E050745-1CC6-4219-AE3F-6005D4BBBC5C--

From nobody Thu Feb  8 15:32:00 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TW1FD3M33z59thl
	for <freebsd-stable@mlmmj.nyi.freebsd.org>; Thu,  8 Feb 2024 15:32:16 +0000 (UTC)
	(envelope-from freebsd@oldach.net)
Received: from nuc.oldach.net (hmo.in-vpn.de [IPv6:2001:67c:1407:60::1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "hmo.in-vpn.de", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TW1F953TFz4GT4
	for <freebsd-stable@freebsd.org>; Thu,  8 Feb 2024 15:32:13 +0000 (UTC)
	(envelope-from freebsd@oldach.net)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=none;
	spf=pass (mx1.freebsd.org: domain of freebsd@oldach.net designates 2001:67c:1407:60::1 as permitted sender) smtp.mailfrom=freebsd@oldach.net
Received: from nuc.oldach.net (localhost [127.0.0.1])
	by nuc.oldach.net (8.18.1/8.18.1) with ESMTPS id 418FW1or098010
	(version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO);
	Thu, 8 Feb 2024 16:32:01 +0100 (CET)
	(envelope-from freebsd@oldach.net)
Received: (from hmo@localhost)
	by nuc.oldach.net (8.18.1/8.18.1) id 418FW0cU097961;
	Thu, 8 Feb 2024 16:32:00 +0100 (CET)
	(envelope-from freebsd@oldach.net)
Message-Id: <202402081532.418FW0cU097961@nuc.oldach.net>
Subject: Re: sendmail 8.18.1 MFC'ed to stable/13 and stable/14
In-Reply-To: <4CEF6CCD-2BB5-4677-9D81-55F23E9FA89A@verweg.com> from Ruben van Staveren at "8 Feb 2024 12:01:20"
To: ruben@verweg.com (Ruben van Staveren)
Date: Thu, 8 Feb 2024 16:32:00 +0100 (CET)
Cc: mike@sentex.net, gshapiro@freebsd.org, 000.fbsd@quip.cz,
        freebsd-stable@freebsd.org
From: freebsd@oldach.net (Helge Oldach)
X-No-Archive: Yes
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Greylist: inspected by milter-greylist-4.6.4 (nuc.oldach.net [0.0.0.0]); Thu, 08 Feb 2024 16:32:01 +0100 (CET) for IP:127.0.0.1 DOMAIN:localhost HELO:nuc.oldach.net FROM:freebsd@oldach.net RCPT:
X-Spamd-Bar: ---
X-Spamd-Result: default: False [-3.28 / 15.00];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.98)[-0.978];
	R_SPF_ALLOW(-0.20)[+mx];
	MIME_GOOD(-0.10)[text/plain];
	ARC_NA(0.00)[];
	FROM_NO_DN(0.00)[];
	MIME_TRACE(0.00)[0:+];
	ASN(0.00)[asn:29670, ipnet:2001:67c:1400::/45, country:DE];
	MISSING_XM_UA(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	MLMMJ_DEST(0.00)[freebsd-stable@freebsd.org];
	MID_RHS_MATCH_FROMTLD(0.00)[];
	TO_DN_NONE(0.00)[];
	FROM_EQ_ENVFROM(0.00)[];
	R_DKIM_NA(0.00)[];
	TO_MATCH_ENVRCPT_SOME(0.00)[];
	DMARC_NA(0.00)[oldach.net];
	RCVD_TLS_LAST(0.00)[];
	RCPT_COUNT_FIVE(0.00)[5]
X-Rspamd-Queue-Id: 4TW1F953TFz4GT4

Ruben van Staveren wrote on Thu, 08 Feb 2024 12:01:20 +0100 (CET):
> As for the dhparams file, lets use the ffdhe4096 as per RFC7919  one and stop continuing generating these ourselves.
> The file can be grabbed from e.g. https://raw.githubusercontent.com/internetstandards/dhe_groups/master/ffdhe4096.pem

I seem to recall that sendmail is doing someting along these lines anyhow if the DHParameters file is missing or empty.

Kind regards
Helge

From nobody Fri Feb  9 22:59:20 2024
X-Original-To: freebsd-stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TWq6d2pKgz5BVNN;
	Fri,  9 Feb 2024 22:59:21 +0000 (UTC)
	(envelope-from cperciva@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "freefall.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4TWq6d0r1hz4NWL;
	Fri,  9 Feb 2024 22:59:21 +0000 (UTC)
	(envelope-from cperciva@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1707519561; h=from:from:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc;
	bh=rXcUhm/rjDv6HfiGZqusrh2xOBNrWWZWfPMmKP2JeNU=;
	b=Rlry3f7z3fX4SvgGjAkcJtIAYlt/IQcegJzFFntwsxvG++b8llflNBztdORB7/5+QqgCe3
	0yuSTgwHF5TaHtggkFH6s3m8H6PjzeO1DO5+8XIlPmB/1d917todzOqOfs/xPPSFqh+jYX
	X/stLnn/7+Q0SYl/W6dvMsOlrKLecmlRfBt9jT2Fm6Foy0Jc/YiPYxzzjq2Y3xexPHeMPZ
	fdXej2yyx7hvLHF9SbtkBzlMh7uEi8UAeJS22UjFOwV+u/8EZJkehpd4loI208pGO+5Qm/
	ncWKJ8tgdVJYhh7xCZdP3yxbXKSstfMVk74iCrMXVS5Nxmtt3ZeOFqLVM4Hj4Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1707519561; h=from:from:reply-to:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc;
	bh=rXcUhm/rjDv6HfiGZqusrh2xOBNrWWZWfPMmKP2JeNU=;
	b=JN4uhWrJPo+29vZRfKAMS6Wj4fFMjUyVBaWP/+j5zYdVwo02tosymYbSfVXLD3/R60fb0c
	H3um3AK31b47w7NDqQuklz9IkqcrvymFPmsMEUN7bo0V8FPFeWIYcTCEqID3ym96csP2xS
	Z9yx5ryLDT4NNh8n83coI7g5PscvkaQLMkv1tIk6gGZbXIlD6XG5LNQHyAkNwxND64CDoR
	npOxBg5MwzN/fXNm+oeQ1ca4lM1iUR7HnZwTYYjFOwa3vjz7DFd7rA18hCfBiufjMq8doT
	wBk/b9RHJckU+ugYTGGrlsgnZQLpN2ComBmL/XI2mdMrMH0r5x1w7oNVQthf0g==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707519561; a=rsa-sha256; cv=none;
	b=Vst8md6kuKSETHw/dWXfy89tJfpJfOTdKjM/s0qq3qrrbwCm3GgRV50JQaPW/RYuObviDA
	1xRFIR7Bf9z0WQnJmklEP6Ngj7WY+yGYSTLfrMtq9E0M/J0GApVfzMcUg+qqc8SCY7ODOU
	kLpS2liom79KijH7LjeC7OSMHDcm9R60Jc0J/01WmEEcLQmG4jI6J9y4y758H391XSwS9w
	W5teYRczIO2tW2EjmJJBxSB/OXAICvmjjudaSFtoC/UvEf3Vt9sZB8kfh1mfZbcGktTSd8
	UDv+OIVp0aI8svVY3iBN5tHbjhq0x1f0WwuJ9CBBCVBRDfLFv1U4QgrPhfIb2g==
Received: by freefall.freebsd.org (Postfix, from userid 1002)
	id E16541874A; Fri,  9 Feb 2024 22:59:20 +0000 (UTC)
To: freebsd-snapshots@FreeBSD.org, freebsd-stable@FreeBSD.org
Cc: FreeBSD Release Engineering Team <re@FreeBSD.org>
Reply-To: FreeBSD Release Engineering Team <re@FreeBSD.org>
Subject: FreeBSD 13.3-BETA2 Now Available
Approved: fbaxkvnqgivdgcnv
Message-Id: <20240209225920.E16541874A@freefall.freebsd.org>
Date: Fri,  9 Feb 2024 22:59:20 +0000 (UTC)
From: Colin Percival <cperciva@FreeBSD.org>
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

The second BETA build of the 13.3-RELEASE release cycle is now available.

Installation images are available for:

o 13.3-BETA2 amd64 GENERIC
o 13.3-BETA2 i386 GENERIC
o 13.3-BETA2 powerpc GENERIC
o 13.3-BETA2 powerpc64 GENERIC64
o 13.3-BETA2 powerpc64le GENERIC64LE
o 13.3-BETA2 powerpcspe MPC85XXSPE
o 13.3-BETA2 armv6 RPI-B
o 13.3-BETA2 armv7 GENERICSD
o 13.3-BETA2 aarch64 GENERIC
o 13.3-BETA2 aarch64 RPI
o 13.3-BETA2 aarch64 PINE64
o 13.3-BETA2 aarch64 PINE64-LTS
o 13.3-BETA2 aarch64 PINEBOOK
o 13.3-BETA2 aarch64 ROCK64
o 13.3-BETA2 aarch64 ROCKPRO64
o 13.3-BETA2 riscv64 GENERIC
o 13.3-BETA2 riscv64 GENERICSD

Note regarding arm SD card images: For convenience for those without
console access to the system, a freebsd user with a password of
freebsd is available by default for ssh(1) access.  Additionally,
the root user password is set to root.  It is strongly recommended
to change the password for both users after gaining access to the
system.

Installer images and memory stick images are available here:

    https://download.freebsd.org/releases/ISO-IMAGES/13.3/

The image checksums follow at the end of this e-mail.

If you notice problems you can report them through the Bugzilla PR
system or on the -stable mailing list.

If you would like to use Git to do a source based update of an existing
system, use the "releng/13.3" branch.

A summary of changes since 13.3-BETA1 includes:

o tzdata has been updated to 2024a

o An assertion in tty code has been fixed

A list of changes since 13.2 will be available in the releng/13.3
release notes:

    https://www.freebsd.org/releases/13.3R/relnotes/

Please note, the release notes page is not yet complete, and will be
updated on an ongoing basis as the 13.3-RELEASE cycle progresses.

=== Virtual Machine Disk Images ===

VM disk images are available for the amd64, i386, and aarch64
architectures.  Disk images may be downloaded from the following URL
(or any of the FreeBSD download mirrors):

    https://download.freebsd.org/releases/VM-IMAGES/13.3-BETA2/

BASIC-CI images can be found at:

    https://download.freebsd.org/releases/CI-IMAGES/13.3-BETA2/

The partition layout is:

    ~ 16 kB - freebsd-boot GPT partition type (bootfs GPT label)
    ~ 1 GB  - freebsd-swap GPT partition type (swapfs GPT label)
    ~ 20 GB - freebsd-ufs GPT partition type (rootfs GPT label)

The disk images are available in QCOW2, VHD, VMDK, and raw disk image
formats.  The image download size is approximately 135 MB and 165 MB
respectively (amd64/i386), decompressing to a 21 GB sparse image.

Note regarding arm64/aarch64 virtual machine images: a modified QEMU EFI
loader file is needed for qemu-system-aarch64 to be able to boot the
virtual machine images.  See this page for more information:

    https://wiki.freebsd.org/arm64/QEMU

To boot the VM image, run:

    % qemu-system-aarch64 -m 4096M -cpu cortex-a57 -M virt  \
	-bios QEMU_EFI.fd -serial telnet::4444,server -nographic \
	-drive if=none,file=VMDISK,id=hd0 \
	-device virtio-blk-device,drive=hd0 \
	-device virtio-net-device,netdev=net0 \
	-netdev user,id=net0

Be sure to replace "VMDISK" with the path to the virtual machine image.

=== Amazon EC2 AMI Images ===

FreeBSD/amd64 EC2 AMI IDs can be retrieved from the Systems Manager
Parameter Store in each region using the keys:

	/aws/service/freebsd/amd64/base/ufs/13.3/BETA2

FreeBSD/aarch64 EC2 AMI IDs can be retrieved from the Systems Manager
Parameter Store in each region using the keys:

	/aws/service/freebsd/arm64/base/ufs/13.3/BETA2

=== Vagrant Images ===

FreeBSD/amd64 images are available on the Hashicorp Atlas site, and can
be installed by running:

    % vagrant init freebsd/FreeBSD-13.3-BETA2
    % vagrant up

=== Upgrading ===

The freebsd-update(8) utility supports binary upgrades of amd64, i386,
and aarch64 systems running earlier FreeBSD releases.  Systems running
earlier FreeBSD releases can upgrade as follows:

	# freebsd-update upgrade -r 13.3-BETA2

During this process, freebsd-update(8) may ask the user to help by
merging some configuration files or by confirming that the automatically
performed merging was done correctly.

	# freebsd-update install

The system must be rebooted with the newly installed kernel before
continuing.

	# shutdown -r now

After rebooting, freebsd-update needs to be run again to install the new
userland components:

	# freebsd-update install

It is recommended to rebuild and install all applications if possible,
especially if upgrading from an earlier FreeBSD release, for example,
FreeBSD 12.x.  Alternatively, the user can install misc/compat12x and
other compatibility libraries, afterwards the system must be rebooted
into the new userland:

	# shutdown -r now

Finally, after rebooting, freebsd-update needs to be run again to remove
stale files:

	# freebsd-update install

== ISO CHECKSUMS ==

o 13.3-BETA2 amd64 GENERIC:
  SHA512 (FreeBSD-13.3-BETA2-amd64-bootonly.iso) = e5daecc74071bbe42a1d6e0a4adce81e257a6242bc1f7f5783c701cbd1f76708301147a9a333152be9f33bb3794180bbbd14c78fd34916fe2cceccbe52568362
  SHA512 (FreeBSD-13.3-BETA2-amd64-bootonly.iso.xz) = 02feb22abd470d3d4b63952c725f5ba942b6e3f66b4d37db9f2451f77d5e20a520c77dbc6b01303b46548b5f5442dc7ceb9d001604046b619fa6e258031cc116
  SHA512 (FreeBSD-13.3-BETA2-amd64-disc1.iso) = 2570157187c79cac113318b2760f1a6644d0605864cd8009f5b67b3cbe8e8e5ec6cea0c72ff824ca20979f6053607eb5adb3abcaf49fcb63660c377f5186a955
  SHA512 (FreeBSD-13.3-BETA2-amd64-disc1.iso.xz) = fd819f276a20c9668f1f2c07366a017fb7a6ab207c06f90f13e21ae48cbe025ed9ddd21e01ddad3516dda3ea65e569d0659de07ef94e095546c3a7150d0a391a
  SHA512 (FreeBSD-13.3-BETA2-amd64-dvd1.iso) = 7610787b9f63602d081dc6a381317b90b79fb856c4da1dcd0a0a181befff6d631bd37f77f065294150166f0ebbe2c6d9fea218a640fb098b971cc4959a9536c1
  SHA512 (FreeBSD-13.3-BETA2-amd64-dvd1.iso.xz) = c43577fb1e720aaed1ee1002b98ea3dd20643749fde0de040bca2eb633410ae942f63f6c7d2dc6a85c1d1fd000ab0ffe268fe1e3cb02f613a4fd0cc1ab246001
  SHA512 (FreeBSD-13.3-BETA2-amd64-memstick.img) = 8c91cff0e91ebcfc1f4690381472e6e1e31a3471a8d8ecef8acfec0719c8c2aff99cae8dba3a95964894682e09bdae9f7db51861257d22c8c33cc8bd2abc565d
  SHA512 (FreeBSD-13.3-BETA2-amd64-memstick.img.xz) = 0f6bff267900d141a5a40ac87984ac2d3bcda8cdf445b8a058ce49de6b7f444eb7b2e236614d59c871e41716d36a37300c52532c959e8908879de1c511b2ec35
  SHA512 (FreeBSD-13.3-BETA2-amd64-mini-memstick.img) = 0a6a8077c7914121a0cf892965697aa0830b527024d183d32539f0d0f74ca3ae170f411bbb25314aebadd39f8cd3ec5b4ce0765b4c6f1c495812e33c0e169ac9
  SHA512 (FreeBSD-13.3-BETA2-amd64-mini-memstick.img.xz) = 3659bd5e87f65e189b747c606b210db360474f9940032bf629d195d1966e361f0ef4195a155c7625fe2de20793d32af6b106c8c9c4e62d6abc5a495c6b6efdbf

  SHA256 (FreeBSD-13.3-BETA2-amd64-bootonly.iso) = 053afae664b6382e88b3c85301aa7eb10830056e68bbaf6fbb6d2757191d8942
  SHA256 (FreeBSD-13.3-BETA2-amd64-bootonly.iso.xz) = 5c1759902b4819b8551e94ab0dc96b9db77170b3e040337fd337612c12b1ff85
  SHA256 (FreeBSD-13.3-BETA2-amd64-disc1.iso) = 789ca768516cbbac0cb0028306434e1d5b405d149f3a8cfe5cb0a5f433e54d34
  SHA256 (FreeBSD-13.3-BETA2-amd64-disc1.iso.xz) = 21764b5b6086bf9dfc7e49689ba3d46e072c2ca9697adbd7b53b65f7653d1118
  SHA256 (FreeBSD-13.3-BETA2-amd64-dvd1.iso) = 6d369751a1f05397c65fd8e9e7f093428fcb4f6efe424868301430d8f9dbec25
  SHA256 (FreeBSD-13.3-BETA2-amd64-dvd1.iso.xz) = cf9a523f68ae2ba2b9877a8c781999ba05798871a1633d5e3e5c9d3c6d888496
  SHA256 (FreeBSD-13.3-BETA2-amd64-memstick.img) = 5d44715ab5a2b87a533b0d554a0d8a4776a8d8390a5835c9cb4eb6fa6907c4c1
  SHA256 (FreeBSD-13.3-BETA2-amd64-memstick.img.xz) = d5b5fb56e88865b38fc7770113efd68c2449c20546fd89e7c6ef5418b952ad17
  SHA256 (FreeBSD-13.3-BETA2-amd64-mini-memstick.img) = 62ca703ba258e0a692823a4f77c49eadd602282c1eb77825a209c4cecb87ac9f
  SHA256 (FreeBSD-13.3-BETA2-amd64-mini-memstick.img.xz) = aa8569e14b7e4de755d110653a5724b25b541419488a6ea98810ccff02906c63


o 13.3-BETA2 i386 GENERIC:
  SHA512 (FreeBSD-13.3-BETA2-i386-bootonly.iso) = 6fee8ebb64710b18b2557650d66c7feea612b15d896218f68d6dae7f5e5d67b628a91816d28ed0ef3cb107fb01997b7bd165d284d843a35534a980da24118443
  SHA512 (FreeBSD-13.3-BETA2-i386-bootonly.iso.xz) = d6fe366267340a1e492f2b59e60e754ba9602e2010800ff1de1178c07fee0047d70fcf4c9ce4bc4691cf50de2ef8b7ef1b1c5bf24761a1bae42af37f89ebb056
  SHA512 (FreeBSD-13.3-BETA2-i386-disc1.iso) = 86ea413c71974f17a7e274d5020f56f509c4ff536e2a2419ff19834814c71486e6f6b2f847106e94bc3fc5e611723ce3aeb4b7daf3d39772630e210d25ceb5a0
  SHA512 (FreeBSD-13.3-BETA2-i386-disc1.iso.xz) = 3d7305aaeafe34d725b992c347a3dc52dff675703f9e258b60745fcf409e8f0a30ecda0bf3738d9deb7469ec0bafaf8592b81fe1750c58158943279154dea78a
  SHA512 (FreeBSD-13.3-BETA2-i386-dvd1.iso) = 00ce6c72c52b20e5f6bf532e4eb9603717f6a932a168a63e5952ce2b830a0e8c175b41a71dfc5a1a3fa9f54b299c2be3e3e198959fc29dffcaa69b116d2f7239
  SHA512 (FreeBSD-13.3-BETA2-i386-dvd1.iso.xz) = 22f1bc87f94134b3265877125ff1182a2602f68b70035bc9a7ed05011aa8aeebbfaad0911124f3abfb74f592d3d22ebd967608c9e0d353d68193ca317170d4fa
  SHA512 (FreeBSD-13.3-BETA2-i386-memstick.img) = 0e2da85fff1c8a1982027bad80781e72b19588243bb7b852882e0717b23850d20b94b38abb7c5c0304bf1d39aef9991b6ebc9ee507f40f644cd81e81b119d060
  SHA512 (FreeBSD-13.3-BETA2-i386-memstick.img.xz) = d44558f26c294b69e1f1fe59a6819ff60e98efa401cc9664ad442305a2951c175f81e3df99d88fd88316c08c8fab95e3d41fc0cbc92af3ec502cf74e71cdfa43
  SHA512 (FreeBSD-13.3-BETA2-i386-mini-memstick.img) = a4ae5885b5596e62afaa87d12b6c97ee3914ea9f7c3f0cd0cefeafa2a6c39896e0bcfe91cfe340ffac334aae0a2c1286fae7471124a48813589066af340ee99c
  SHA512 (FreeBSD-13.3-BETA2-i386-mini-memstick.img.xz) = bc921fc1b6a200d4b159bb14dc16e57b460452fc203f373e3ca70c8befdb5e71b9a90817df1f78b52654f50ecfcde8443c1af8ad8a4598a9df110b5c5bc778ca

  SHA256 (FreeBSD-13.3-BETA2-i386-bootonly.iso) = cbbd5a0d9e9102efe3eb6dabdfb356689617bf2d6a9d9a95494f6618818c2ab4
  SHA256 (FreeBSD-13.3-BETA2-i386-bootonly.iso.xz) = ef7cf88edadd97b4830540e223048abd5dc1c31d692c320c759440c2b0383737
  SHA256 (FreeBSD-13.3-BETA2-i386-disc1.iso) = c9604957069ffdf25eb04624320c37aa3cf81db711e8a2d43782401200af695d
  SHA256 (FreeBSD-13.3-BETA2-i386-disc1.iso.xz) = 5ca659b455d9ed15d7b85add3d6e82f2a63e906ef1b7369c7c89e6f2e13244f8
  SHA256 (FreeBSD-13.3-BETA2-i386-dvd1.iso) = ab4c65d5d60a1327a3693a589011f02e02569c7f14cda46f4c0b9be65957e3d2
  SHA256 (FreeBSD-13.3-BETA2-i386-dvd1.iso.xz) = 2c9043ab2ec894d28628b2d83b48d3e292ad29b7dbe0aedfeca3f336eb825618
  SHA256 (FreeBSD-13.3-BETA2-i386-memstick.img) = 692f54f30a422b26799d71256d28babd80f65b9359fa8857333e8e9f68d93251
  SHA256 (FreeBSD-13.3-BETA2-i386-memstick.img.xz) = 00f99b16e3130e8d02c9d1edf4ed52766b4fa471b4ff2b7b40856fd2ac35b03c
  SHA256 (FreeBSD-13.3-BETA2-i386-mini-memstick.img) = 9cde19e30008dd95f17abc38d0401c3f41c8bed450da0287486e212189404a2c
  SHA256 (FreeBSD-13.3-BETA2-i386-mini-memstick.img.xz) = 36ee739befe465f899d4b58ff4b1c2305c50a3cc22b283d0600b8cbf50d0f23d


o 13.3-BETA2 powerpc GENERIC:
  SHA512 (FreeBSD-13.3-BETA2-powerpc-bootonly.iso) = 15f8b2fed2538c592f8e1089d05e980697b21d18ff707bac780907e4329ddd401da4b4dfb77d42fdca40adecadec71e7143619bbb1572e273686156d29cd9f31
  SHA512 (FreeBSD-13.3-BETA2-powerpc-bootonly.iso.xz) = c30407e7b73ad1be212e4faf2e13787969347e87d1b124050eda2ed13dc88f8df9056da23dafb4f47eecda7c9b48a3dd4e99932769ca7866a029c826e7aa52a9
  SHA512 (FreeBSD-13.3-BETA2-powerpc-disc1.iso) = 093dee04afd18e40196e321b9264508a82600d5bab70ce32786cb9746e83137f66d5da94e3f8b634438a4e3d3d50e5fab9ef96278cce94267a2fd50b1bba7cde
  SHA512 (FreeBSD-13.3-BETA2-powerpc-disc1.iso.xz) = 861dabcdc2e70aabf2b31c73a115236bdd3f174133e63f5e21b31d14423e133fe37a800d14082d8a743bd7ee6b9f4d55b7b7fd1f7cdcace350d5fdf0f3f849e2
  SHA512 (FreeBSD-13.3-BETA2-powerpc-dvd1.iso) = 3c03df807bfcd4dbc31f6a697dfb25dcaae4cfc6bfdacce0c2bcb00f6024f92a1a804e7636c435eab1e295439dc2761d0b3cb025700930cad48ea9318f485b22
  SHA512 (FreeBSD-13.3-BETA2-powerpc-dvd1.iso.xz) = a237aad190612974145ccc9c9a692ab218787eedebe1f862fe6b11dcd71a65671626c89d65dbc7c02e6aa2bbaa65d83c41db119028d8a97bc7fd0516b8a7b5be

  SHA256 (FreeBSD-13.3-BETA2-powerpc-bootonly.iso) = 56f7990d6cb75a8413fc94db258ff82d76a50ef3607f55396b67728812e54462
  SHA256 (FreeBSD-13.3-BETA2-powerpc-bootonly.iso.xz) = 3443c3a0ae803357037a9f0b4e4fb72248880acb1b9e43ca97b96b0f1a2f6920
  SHA256 (FreeBSD-13.3-BETA2-powerpc-disc1.iso) = 0144c0d4a2ed90593d72aba50fda761d6e5c7ec0d8750282a55fb2767b8ce6f1
  SHA256 (FreeBSD-13.3-BETA2-powerpc-disc1.iso.xz) = c44b73c4a9e37687754870cdfb6d606e7e4d1a147574c415094406a25c570dbd
  SHA256 (FreeBSD-13.3-BETA2-powerpc-dvd1.iso) = 124a8ebcce3534aa030ce978ec35d18326b61193b8a88aef59ec560d4d246a50
  SHA256 (FreeBSD-13.3-BETA2-powerpc-dvd1.iso.xz) = 0927c00d0167314203309c104ef2195f1810b4aaa976a03922789da804e99328


o 13.3-BETA2 powerpc64 GENERIC64:
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64-bootonly.iso) = 87ced50ed118d07065d627582b124f51eb1f7fa0952afd6b1f4643393e6053eeeb308adae31ab07ce0124ba1bef7cc7427f4dc36750a4f59756521da572e397a
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64-bootonly.iso.xz) = 185bf0a5f7ae56e8a1f1e1047b221d226108c63982970fa788c494f456142e627ca9eda1585f90cedd3ce65df556966c33e9b7072393f83c090be4971b61b09b
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64-disc1.iso) = 85fda52aeffa9b6797ced35e4d665465112a7393e9e38fd90a013303961fb1eb3c475ac471f156d4067458e134e95c0001dc250ea14203547d48e494bfb231db
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64-disc1.iso.xz) = a16808e1ebb3d1f1c6dec320375d96762cfe9455957e4720cf4fcb7dde3c4854fe37e77822afbb2413d50f2b3dd41022797901b372f3a5a5f042fa6ce94ac9a1
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64-dvd1.iso) = 4eb3f727f98dc1ab2dff01dd78eac1ea517042d5070347a4052bf46746cffbf3b7f4b2d55f26eb614e96399bdb3a60683a269a3484dce2084498333ae03eb0a3
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64-dvd1.iso.xz) = 2bd9bb3ded9bea46343e9312fa9f99c3f8559301fc0e2a5bab028a6cbdfabd81ac0b8d267e2dbfb544b808d376fe5eb1aa8953bc1260e36b108a16a651129f31

  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64-bootonly.iso) = 8c4105560daf329a4ba27546a34d816f11ccb74bef4d609600b0d77659822f34
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64-bootonly.iso.xz) = a51f136ecc19628882fccef76f51a1e24a7f2d2b93b8ab74f75f556ff492f212
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64-disc1.iso) = 41bec395a5b569e542663664620864d6cd2b977f8790ddafc5ac320cfc785fc2
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64-disc1.iso.xz) = 8d068bb5d8020b5e437e51cd555274723b5b198966f484acb2f63ca8762ff0d1
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64-dvd1.iso) = 4038c82a939c0713feafdcd63c5a7afd4270d0ce4e83fbf5deccc98984b1337b
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64-dvd1.iso.xz) = 3273351da663efbb648493203db34dd75bf1a9d6c6dc3cbb5e54b3221eca960e


o 13.3-BETA2 powerpc64le GENERIC64LE:
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-bootonly.iso) = 5d74d35728b08a6fc6f13e9da6fa2ca62d9aab61d10c82ee0c4c48b76e52fec9d45a7282a3932da887956d7ab89cb7523b371ef8f8536050aa7201b6079db2e7
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-bootonly.iso.xz) = d31963a3e97d4069fd1bbcfdc7096b6e835036244d6218d64a553dbc62bf5a7cf451bbe058bd7e4fffec50d1bfe070afd2978ca10a18177079a07705f1f8e319
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-disc1.iso) = 73c4bb6e99da0ae89e6aa531727c671b0cda0a2dd245f19b125474195b265436fdc3541b2acbb5711ffcdf0eaa445b42f26a2644fc4817c8f79a4a082e428989
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-disc1.iso.xz) = 7e44d8b8177d0543fe7953c00d4d493cb2fd07f8381daaa3682593453cead6392a733286de00a83707138e92237bbb9ad59f514e68d85f5a7400551a2874b60e
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-dvd1.iso) = 6b66430c5a604488fe8eb03649bd769a827071f6a8669c402afc065775e8487716648ea9974d9659596d75ef8bf4a1b26807851ecd94bcefcbdafb96c8bbbf51
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-dvd1.iso.xz) = 58bf5aca04dd908f9056b738ad2e53c9346e58022249cdd3228f802628d40fcb8aa36464b11ee0306630e7b6db6af85364739fdab041de7290ea5505bcc4ae6f

  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-bootonly.iso) = c996b2c1c29190a6a2a32aa4fbd26145063c2d19983a27c26ccc240f51d43b4c
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-bootonly.iso.xz) = 56057a77371f86039f782330161d37e0c674fe902b1d4f9781583b5d06de06f7
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-disc1.iso) = 8b492ee007dc8915f2998f9a8280f89c8173a37810e378b6f92a0ddc80b74408
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-disc1.iso.xz) = b5d5113fdddd5a20bc9cf9b76e5896af204d03d83a7275fd6031adb9bfe2e290
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-dvd1.iso) = 41ad62ac92c5ca9087af4f1ca512cdbbe0556f8e51b16672916ed9f745202ac3
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpc64le-dvd1.iso.xz) = e83890aea8a50020dd79551175594ab2bcb6808fe4c8099e21e2bf93c9cfa78c


o 13.3-BETA2 powerpcspe MPC85XXSPE:
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-bootonly.iso) = 416322c45580a4028d1215d3b2bb4e1929632b7c73755879b6391450f6c0b34e12562be9e7a99118f48b02a0c9b1cd97616330577f6341c0faae9df8a22d6ebf
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-bootonly.iso.xz) = eb3b98e1e943aea7eb466781e1c1f750df93d74161226c55dca722a70ec88eceb863c31f487e47d2eec2617ce700b5f28702305695dc78139f3c0a8810cbe168
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-disc1.iso) = 5114d664820497dc5d14baf3afbb7acd5778ba010b715f9ce6de5638a3e01e394f15bd35934d77c0bbc8a6d376576935ca46db8264be85457f5aac224714526f
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-disc1.iso.xz) = 24e71db96f2c9691ca802769146dbd3689d7644ab1d82044e1c9d8b004281385d28049a1e3e6b8280ba058e094e4cb708f8a1288c2a2c86275bbdbeff1bb3bb5
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-dvd1.iso) = 23e5f6afa4add5f28747e474dfaae5542dd487954f57347535119af9965186c4569852a635b062aafd9d83a9d0afeb18347a82eb7177ba799b2623960e2b4a09
  SHA512 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-dvd1.iso.xz) = 0fe1997dd8195822cab60c5def652acf3d91a19d023a599d80ccfbc47a21f2bc9a5e5d4c6ae67d5973aa4ea2bc3b5d8c568994924a2ea6fe2be292f3e8e41423

  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-bootonly.iso) = c320f7ba501bd153c409c30226ec0ccf3ceae35478eb4ac36b0bc1263b4c0b5f
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-bootonly.iso.xz) = 901199daf4700c8376bdd9f5c98cde7dc0f314fd60b228b288a8f343ac06b32d
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-disc1.iso) = 9035429791b0f8831c16e2c9fcf02ff2d14e667928d1a8eb8b6df2b71c1d0c48
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-disc1.iso.xz) = 56631a0aae3570dc2107445978f284d59d90c614707d8ebfbc30e75b8e78a2b9
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-dvd1.iso) = 1e3e41890a0379ca5bcbf28baf244997eab162a623abfce9cd17525036833cc2
  SHA256 (FreeBSD-13.3-BETA2-powerpc-powerpcspe-dvd1.iso.xz) = 72ab2f765be557248544d98ce794f37fbd4ccb292c1a300d72edcdc4f71997d1


o 13.3-BETA2 armv6 RPI-B:
  SHA512 (FreeBSD-13.3-BETA2-arm-armv6-RPI-B.img.xz) = bbb9921471ceccc26ed1d17278c23666cc434d88fb1b414fc2bb0e0414f51f5f64f21434cb97e4fd71fa6572d2cf57a0e76aff05a462910dd0b099e4d0a5c42b

  SHA256 (FreeBSD-13.3-BETA2-arm-armv6-RPI-B.img.xz) = 7aab033bfb354b4da7e8bcca2c0458ec8511e459a65bcf596e57cea6527cc7f5


o 13.3-BETA2 armv7 GENERICSD:
  SHA512 (FreeBSD-13.3-BETA2-arm-armv7-GENERICSD.img.xz) = 3c87b2b2c4595a6589755d39affd26c020a6ac9f2446ece2b9fe716f5fbdbd24afa6b1677e42edebf295336ed4b5c6f97f699fa390c9b72cc9fdedef61b7b834

  SHA256 (FreeBSD-13.3-BETA2-arm-armv7-GENERICSD.img.xz) = 304ff25b2248cf3a4d8889952c15d5aab17ea10bc63c5fa67043eb1e1cd94cf3


o 13.3-BETA2 aarch64 GENERIC:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-bootonly.iso) = 685a79ae9ed5cfe96fc67b6c5b4025b27b109361d2dfbafff16edc15a4907232fd188e07adca6aa5cb96699a94bb588778ff1b581854ce90b3b2f349c4bc0d2a
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-bootonly.iso.xz) = 10b306d51c4f3b0ae4591c0109111761564a59209e08ba8abc77878a6b185ccfacae698fae6b27de9c9b1a6e8d6eabe2010f95f42e490e0b8e1c19fbcfbbd455
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-disc1.iso) = 2b19d53f4a4ddc002e76bd2918d0a6fff09d205e1a181086273142d73a503be0184ab423d465c5f293e1023e2d01cff4960589642cf5ad7f0730af6c5d400e1d
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-disc1.iso.xz) = d755298b8215a923199bde6fbe27f0af930564fe4e24f53bce5b4cc043b1247fc6f6fd2cc04841d5a6dcfd836a0f5c915af1bb07a33f97ab11c27371dc041e56
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-dvd1.iso) = 0a8642a8ccafb63ddecd871b95cdada4b97066b20df181161d1da873b7ba177d703c5ae8bcb39592e6b1b50c889f92f9f19d65e512c766a50986e80b3a16661b
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-dvd1.iso.xz) = e1e2a7d525bce83399c078ecd67f64b6d603700fdec459c13ebeb03a5ed674372d47c763cbd2dad41e237b71a28992eec9a622e6ccd5cffc92b7202fe222b707
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-memstick.img) = effc9626fc8c02ad496a7810ed4f1cf9bfaa29d605e1f3b7e985d0bd84cfd615418bdfd378438b199637dc14a381de286ed0f708c643e3a4c0b642277b1664c9
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-memstick.img.xz) = 53e2770af9268724397d7298d52088f783ee5fb5cddea1dcd50e924d9200a1ed825253c81e0807fcb96ab485ae8344fd1fab8bb6d62a1e4236a4c100826a7d96
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-mini-memstick.img) = 53a414591b1f2c39512603ef48e9b70607cbe45cca7b1f3b0b229cbec0745295c41491956b15034d25f097fa15de0032701a5eef102f6bd0d9a5f711fd8ff23f
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-mini-memstick.img.xz) = 1257550700d6345c0771d6f69cd5602debd3947bc4d10c08c6da20e66463d0c38b18ea75b0396b3a8859beb4afc0a2cf214ff565b87ef98b79757baeae12e018

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-bootonly.iso) = dca2672adec853dc1f23804fe1e343b5b072e2b0e2cff7a0dc3b7a5ae5434f7a
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-bootonly.iso.xz) = 35dab96a8ec9e0aa964080c8fe57d7318d1d0a8f0671cddf6d85e1731ec0fcd0
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-disc1.iso) = 32430185690d7d5b2cdef03918b3750967875e72289aa3200f0a96eb7b4b3dd4
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-disc1.iso.xz) = c47a2d9ffa631389570bc2ec120af46796b05cf5f910fe656032bf47863f29bb
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-dvd1.iso) = 03b3829d0ca3ad5b198f6d368b70df540141f4ef7a845306bbe3269094abe4ee
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-dvd1.iso.xz) = 41c6d5ab7a51ea14c574d23da7304aada96be2a3fd37b884a42f254c7cb3cb28
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-memstick.img) = 9360d890b85781d5e8f0357f5ebddce856a8d01f507c65d8ecc1e3b20068de4a
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-memstick.img.xz) = 3ccf7f9edd64d07b41ebffa6651d2b841bbb19d388b503825099744d48efef29
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-mini-memstick.img) = 8d9a49b0f1fd4e31d6340a809c0bcf283cf6872268f2eabd029a30a10db4d80a
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-mini-memstick.img.xz) = 7f636cc026fa235336f5ead577635f4116a0f671808e70b5bf71307c178c0c98


o 13.3-BETA2 aarch64 RPI:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-RPI.img.xz) = 92760bdaf801491252ebadf908794e94b0555fe14aaccdfbd16d5cc57dfb42d70de4d697d20a8fefe44878c4895830fc3977e91266eb5bf618ce826735fd23b2

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-RPI.img.xz) = 9205d3abb6280c3741621760bc38071d6ae8d2b2cf837ac43bcaecd94f625f28


o 13.3-BETA2 aarch64 PINE64:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-PINE64.img.xz) = 6c7ad4877eb3cbc01443de85fcce70051877217973791d12070536ad3bd632debe72f6d58a45a0ecf4ef1f36f1de3f0bb34c89dc89f554c3cead37dca906b85b

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-PINE64.img.xz) = 3ce77fa1090265c70d8fcb043139ecff5cd3158e70f6ffcd33961812683ce0f1


o 13.3-BETA2 aarch64 PINE64-LTS:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-PINE64-LTS.img.xz) = 7548cb2e534f6030e18b61c18696fbbbbdcce40930c466a21251af57783b8117c6c4fd8c43b07243f0af4a0f5e242120e0e5147f0f6317885f8f60a4bb8da704

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-PINE64-LTS.img.xz) = ea3b243f7a69eec0b96301331e68836edbd5f80e56f1412cb9513dbad3a55edc


o 13.3-BETA2 aarch64 PINEBOOK:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-PINEBOOK.img.xz) = be916eff053a641b0fbb27ef6a4b48bf759dae5bb9b9a2a3750a4d673f096b0a0f398b90db513588f9d2b4d809b9d6edfd952ea492e3e0cf651cc0cd1e2090f8

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-PINEBOOK.img.xz) = 0f9b96f459736371fe34b366388f29de63cacf798f5d77a1ce8b13c033b8b084


o 13.3-BETA2 aarch64 ROCK64:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-ROCK64.img.xz) = ee68b52e4546f499a4d48071260837b6c9b04884da5b25fcc2f364ad4846a5827a333b2bd39cf57aa46692087fb6cdb4b12f775c58ffd905d28ae0ec42b2d687

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-ROCK64.img.xz) = b8891cd8b9e42f29b31d5bb8b205cea5d66d9a4b4dcf7bae7f4ce5bee172aa25


o 13.3-BETA2 aarch64 ROCKPRO64:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64-ROCKPRO64.img.xz) = 26a48198bc0026ac9910f68c5b21c233830ea2f87549f3df49cbd89b3461ec03f63ff3705c3f2a9d98cd8da98c1cb56a722bc548eb6ba3f0d5fde6e8653734ab

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64-ROCKPRO64.img.xz) = 928e8c30765017a398e339890beb2e1b9e5cbc333f1750dd3ba2fd39617c8b34


o 13.3-BETA2 riscv64 GENERIC:
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-bootonly.iso) = 68e3736921297367cd006776a780e317267b0532a8111096b805b0367153bec55a5c27185ef6d0124ba9ee38040e31e5a8f805940f6e67666ad1d5620266a441
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-bootonly.iso.xz) = 0d9f505b2415d63e2755424a9b3249e1d949711c0c637a509a48972b082fdaa9887249ce7fd6dfd0e47e9ea12be3b9639ca20628d80e588e37bf65355648ba21
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-disc1.iso) = 4d683abbc25280d56d98a09b7c35c6b29fdc0f0237f65bb5aca923b44b405b0249bfde55eb4a4f897dc7b50d09341dec42af0d9d1feaf811adadb90f4f22fbbd
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-disc1.iso.xz) = fa396247a4c1d71896b28bb0d587cc9bfa69bdc859001674f1480821bfc3426c73c54028a69bb2666f07b7f12230d524a8552ca0e12d6e36e8f1d4bf82247f61
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-dvd1.iso) = 2bb5eadb894d154003413c85f06c514c58ac094e24ea08dac2949f4a899d78e6dabed8d52859890230fd30e65d95329b4bd1a2ade096a7a7cf54909b651a27be
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-dvd1.iso.xz) = f1014af95df5d3eab4ed1a0829b7df10e1832951485a89834564706c83419248dda5c8b99cddeb5f8c0f5f9db0aee807f71496f9974d01ac22e6617884950261
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-memstick.img) = b6b8e8cc49e92679ff60272b2cf54bffc379e8e14abe58cd84d74a7227176e1bd32d0405e05d727a675ef98681bb092ebd2f761626ff3f024553c049c02daf82
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-memstick.img.xz) = c90251d6d14ea401b3214f04769875cb8102f813e181378c9c42fa76486eefd2c04a52d025998c2c64291d61940cf646ef1a05be3f084b42c08d27f1556bf2e3
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-mini-memstick.img) = 8ebbf1ecb87bc4d566ab395c7775850a6ed9842b1548eae9a5aed5d049b8c6655ca2b5f0e015efd687acd058390adc3130d577bd21a96e39f9aa7daafabe00be
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-mini-memstick.img.xz) = 527fcf3736d3e8f5048e3e96a3b6e06018bb944bd2d9e51f4da9de538cb2957b9d5798a4e25019574406ee5f2f5fa067ea98a20ba014d5f9dd16b2cdd28a4aae

  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-bootonly.iso) = 541434b214f68405dd64ea6c9325f6798dfb9a070916a1c827a4d755f47c6f51
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-bootonly.iso.xz) = 75158efb8048ec2fa4750fd9435fe5a7a4aae724dfe5acbe62fa8c136a07d0cf
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-disc1.iso) = d6384a53a860147a8500a67d38219df2b2e229959eadbfd8b6d75d34a8227c91
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-disc1.iso.xz) = f61c180d8d9afb27553bcf2dbccd7161b52529bbab579572db479f37241d7095
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-dvd1.iso) = b9ffbbd777f7a1241cef9aa19fed928d92d87997108f1e36694312207cd34fa9
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-dvd1.iso.xz) = fd6f365d7c3581fa40a88be622781d76fd8589c9e8a9f3a8583108621a6c4b74
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-memstick.img) = b7510149de668b23adcab952b702c16096661a7d6f7b2fdfb11be5b7f7a311d0
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-memstick.img.xz) = 25e6277e607ce592c31ccf79861bf06f8c512fb20491aecd2d88ee018570da9a
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-mini-memstick.img) = 70e013200b1f231906689ed2fe7c046db4ce0cae9560ffac9d2a101a702ee8fd
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-mini-memstick.img.xz) = dbf63c09113d6836731ee41e83e2686d1007df033e9c934eadfa0c9b786ebd0a


o 13.3-BETA2 riscv64 GENERICSD:
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64-GENERICSD.img.xz) = c651216e385c3ad64d21428a64de7690c02f28af21d095248f537e023c94db285dffb3ffc399400944b0291695b99f792fd74d56573e9636c33da7b2f521b1e8

  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64-GENERICSD.img.xz) = db6fa8cb4a819f543c94c2494e2c0dc4bc6784fb0cc6d7a246d95f2dd8ee46c4


== VM IMAGE CHECKSUMS ==

o 13.3-BETA2 amd64:
  SHA512 (FreeBSD-13.3-BETA2-amd64.qcow2.xz) = 89575f2eaf7b71c275dad404ed1ab9f7eb4e5a29821f4b19b3f386e5294993665eab904ae0dc36816ca893052e002ef20ad712abe5d1b589636ef29914c43a9d
  SHA512 (FreeBSD-13.3-BETA2-amd64.raw.xz) = 5f98b27b63fbbf945d3ea5d92efa80ed5780acfe46067ab9ad26ccf9dd1bb8722d0fb284bd85f5366ba2f63c21ef3840fe9bbd82b5309fe5a22adbd3893367e4
  SHA512 (FreeBSD-13.3-BETA2-amd64.vhd.xz) = 3d958064598cf6b84fd2a7acbb1cdf739fa6b147ba0ea19c60a075cd46387201ca4278a9a6daccfbc6b24e5550bc9377a6c465f9802891505f93b0d56f7bc9d8
  SHA512 (FreeBSD-13.3-BETA2-amd64.vmdk.xz) = 47ab47a4b0df53b0eb460771f534ea6c1cbdf19156359625f3087ee813dacf77aedb14a15e9c6713e367348fca8ea68486b2865fafc23f61903e251dd001ad2e

  SHA256 (FreeBSD-13.3-BETA2-amd64.qcow2.xz) = 1dee4f2311eafb11e3d26a69722eb8541131017beb02a1c7d2fb630ef5fef8e6
  SHA256 (FreeBSD-13.3-BETA2-amd64.raw.xz) = 90ccda7253d503460d2825470db3ac414d8557b0a475dd0c0f924ea0ab1bf434
  SHA256 (FreeBSD-13.3-BETA2-amd64.vhd.xz) = fae1c183da92ab017ec3c4aea2d882dee41e14bb5cc86a13bbfb42f3a781c96b
  SHA256 (FreeBSD-13.3-BETA2-amd64.vmdk.xz) = 9d0a133abeb639db1b06b92e27adafb3621db645939f7f1fff5a54ff9afcbfed


o 13.3-BETA2 i386:
  SHA512 (FreeBSD-13.3-BETA2-i386.qcow2.xz) = 9f7e8912b8c6ae990f944b24712c328aecf0e25b581692e101bce848b2ff6c566a8283bae86376d57fdb3d267371857edb5fa32928428f56105742f5e42f7528
  SHA512 (FreeBSD-13.3-BETA2-i386.raw.xz) = 4fa68b2faa60cf7f0de0096275904e0a3ca765b9d3f9a7a6f12fa4d884a1b7f030651d71fa62fef08ab8cb8ae0804f6d457aa7c2b003a02871ed1c2f689ba427
  SHA512 (FreeBSD-13.3-BETA2-i386.vhd.xz) = 098ca34e1ef18d64d83379eaea05095a3484336b5bc20fbd3840bba39d599d7b55e8e1da32bfa9398e2e0704ab7f4d617d25a9bb91bef8131c22439b1f1c4ead
  SHA512 (FreeBSD-13.3-BETA2-i386.vmdk.xz) = a3461680829f1d02682dfa319f47a7309bac430d54cc9a2ce2002d2e58f2b5ae067acc868298d9ef5e4d61ec127b2d9ce557eee18cd03c5f57fa51f3bd24c3f7

  SHA256 (FreeBSD-13.3-BETA2-i386.qcow2.xz) = 1dd096a9e5cba868e6da7d83cb45f92895914fd6c67d0523987c8c24b632b239
  SHA256 (FreeBSD-13.3-BETA2-i386.raw.xz) = c2b87dddd5f05532a27b34bdd69b9a8b37dda174dd084bcb9c8643509a0c6cf1
  SHA256 (FreeBSD-13.3-BETA2-i386.vhd.xz) = 29e59b7d5c6e114baec8b3183a006cc093bf420911fc8ef85c3ee77f2158c05a
  SHA256 (FreeBSD-13.3-BETA2-i386.vmdk.xz) = f19792cf9ccc0568d075a27d73fa779f686c62f340e85460f5fba0660ae48fa5


o 13.3-BETA2 aarch64:
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64.qcow2.xz) = 4e82fcfd14d3396b60ef50a8de81ca32a597b0443ed0e3d0835510e39598bfdf5baf397e6db498d661d1eb3409cdca8ca1244516be261f02ca16e633af16fc95
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64.raw.xz) = f1f356353a689ed26126619d334ad2c161b79dd677c3812ab0fe31c3d217fbf739b8c02e0ca3c642e0961114e5bdb2a6f23e36cd94b5fadf393d68ff761cc896
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64.vhd.xz) = c1ba6536d924f446a5d1f154f3d54d4841944d4948e11e7299eaedfebe40f5cfddb30aa678da767e4cb1e2c9b823cc71889221c464033c226396da4ed49d3fa1
  SHA512 (FreeBSD-13.3-BETA2-arm64-aarch64.vmdk.xz) = dc502a5a543bfd8807bf91959deb0321fb626474ec6197aa836866d3b072fe6da2d0fdb5c65d3b888a9c1ff8cc81e3fe3a77e3917975fca8000cc3bd4cd1e4b2

  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64.qcow2.xz) = fea67fa8dbccbedaf66ce9f61a3451897370436e629edb0a3a32c8cf152d3cad
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64.raw.xz) = 5ac785751ef1b7efaf9fc54404099a94522a4e8b8895fcc20bed53e0177d97d7
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64.vhd.xz) = af2012eca92bde68693761a94f9cfbbcf1192030071cd766563fe77116e518df
  SHA256 (FreeBSD-13.3-BETA2-arm64-aarch64.vmdk.xz) = 323cf0f26e5417e6589e20ec245c7681cb344bb04e49b4916f32d6877b5efb35


o 13.3-BETA2 riscv64:
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64.qcow2.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64.raw.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64.vhd.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527
  SHA512 (FreeBSD-13.3-BETA2-riscv-riscv64.vmdk.xz) = 034b32f1138322638c7a5b7949a3b184c6a4cdfd003360a496c08c56c2cc645c94fbe9cdf9d84c963af6dda6c442717cd61d7e1cecf7024bd463f6f5196c5527

  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64.qcow2.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64.raw.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64.vhd.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275
  SHA256 (FreeBSD-13.3-BETA2-riscv-riscv64.vmdk.xz) = 0040f94d11d0039505328a90b2ff48968db873e9e7967307631bf40ef5679275



Love FreeBSD?  Support this and future releases with a donation to
the FreeBSD Foundation!  https://www.freebsdfoundation.org/donate/
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEglY7hNBiDtwN+4ZBOJfy4i5lrT8FAmXGrjoACgkQOJfy4i5l
rT/KLA//cZtFSlspuBV9TfmX/wHnnyksFNgP0RE10eLjaSd/XubazxLmIEVNe/Sk
WMSHsHVvmjVpZoicuedkgy2WR0Cj2+rzVj2vym58XCvuwDiRAnH6GBWPtyGuffrb
k6nPACgWgnakgL+oV5eT+K/WrwdL6ayKEPKEbR0U19VVSfqJM0FrcQTluvAjdsFd
1IO2TPz0IbT3Rd+BfBBTwgcu4y7Xk5lbEDFoTpc5LJdMToGjHzDWNXu1NGfBAaqo
l1aE+xiIu7gAgyXlQEGhH5b+W8dpM/unyzR1qH2t1Gzov4F1tRAO8My18kfLroH5
iS6dwtEyxlkq9dVG5zSUjnXgxAP4ehok5TeqdZ1pX7q+QbNS/7evCsc3jYvTNnN6
QMXnknBb9Wurv+i0XFMqxW7ITwEeiQhKsPdtZbjQO1B9zKmZlH9vyCjRqjqytdJT
FFs04nQPDgP7IaWmHT2Ndh+QNF8UIsjMixXH/XOhwTGmZ0Hd0vYOkYJcnlJolGBR
1IYK+3BNRWS4QeF+/ExMGVkSrALo0kRVe5rKswvPrAgExWXSinXtz0oIcbt34dq6
n30QsqiwWrMPbFzsiLx/TXjxjAVPH0HnHhlRvaQ3hsSlRv7AZKEgmJlSgNKK3AQ2
CYu9u895xJTITvZNg98VzWltg+jdB3vIc0dhGZ3ohCEojs3EVYk=
=fcAh
-----END PGP SIGNATURE-----