CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: d...@cvs.openbsd.org2023/05/24 17:01:06 Modified files: usr.bin/ssh: servconf.c Log message: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand appears previously in configuration. Reported by John Meyers in bz3574 ok dtucker@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2023/05/24 14:31:49 Modified files: regress/sys/kern/sosplice/scapy: Makefile Log message: Skip tests if p5-BSD-Socket-Splice is not installed.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: na...@cvs.openbsd.org 2023/05/24 14:04:05 Modified files: distrib/miniroot: install.sub Log message: replace "$(cat file)" with the ksh construct "$(
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: o...@cvs.openbsd.org2023/05/24 09:48:11 Modified files: share/man/man8 : sticky.8 Log message: mark S_ISVTX with Dv in sticky(8); makes `man -k any=S_ISVTX' more useful ok millert@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2023/05/24 08:20:33 Modified files: bin/ksh: eval.c Log message: ksh: make $(< filename) error output include the errno string. This is more consistent with how bash, zsh and ksh93 behave and makes $(< filename) more of a drop-in replacment for $(cat filename). OK kn@ florian@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bl...@cvs.openbsd.org 2023/05/24 05:52:30 Modified files: regress/sys/netinet/pmtu: Makefile Added files: regress/sys/netinet/pmtu: pf.conf Log message: Default pf rule "block return; pass" interferes with test. Use "block; pass" instead.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/05/24 03:57:51 Modified files: lib/libcrypto/man: X509_VERIFY_PARAM_new.3 Log message: Update X509_VERIFY_PARAM_inherit() to reflect the change of behavior in x509_vpm.c r1.39.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/05/24 03:15:14 Modified files: lib/libcrypto/x509: x509_vpm.c regress/lib/libssl/unit: Makefile Log message: Copy the verify param hostflags independently of the host list Without this, hostflags set on the SSL_CTX would not propagate to newly created SSL. This is surprising behavior that was changed in OpenSSL 1.1 by Christian Heimes after the issue was flagged by Quentin Pradet: https://bugs.python.org/issue43522 This is a version of the fix that landed in OpenSSL. There used to be a workaround in place in urllib3, but that was removed at some point. We haven't fixed this earlier since it wasn't reported. It only showed up after recent fallout of extraordinarily strict library checking in urllib3 coming from their own interpretation of the implications of PEP 644. ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/05/24 02:54:59 Modified files: regress/lib/libssl/unit: Makefile Added files: regress/lib/libssl/unit: ssl_verify_param.c Log message: Add a test to verify that an SSL inherits the hostflags from the SSL_CTX This is currently an expected failure that will be fixed shortly.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/05/24 02:49:06 Modified files: regress/lib/libssl: Makefile.inc Log message: Provide CRYPTO_INT for statically linking libcrypto for libssl regress This will be needed for the ssl_verify_param test
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2023/05/24 02:46:01 Modified files: lib/libcrypto/x509: x509_vpm.c Log message: Provide X509_VERIFY_PARAM_set_hostflags() This is needed for an upcoming regress test that needs to access the hostflag. This is public API in OpenSSL but since nothing seems to be using this, this accessor will be kept internal-only for the time being. ok jsing