A mirror of https://github.com/libressl/openbsd.git https://git.lua4.win/openbsd/atom?h=OPENBSD_6_9_BASE 2021-04-15T16:43:27+00:00 2021-04-15T16:43:27+00:00 tb 2021-04-15T16:43:27+00:00 urn:sha1:e8f5d300c023c6ce39600d797f14aad30480c218 2021-04-15T16:40:32+00:00 tb 2021-04-15T16:40:32+00:00 urn:sha1:d9e6b3c687e1354c4e1cad55cbcab90c57b88e22 2021-04-15T16:35:54+00:00 tb 2021-04-15T16:35:54+00:00 urn:sha1:f84b114c13dd506177484d1d3d884decd7f8fc49 2021-04-15T16:30:14+00:00 tb 2021-04-15T16:30:14+00:00 urn:sha1:e3838fdc2a1003bcdb4b3974b84cac83f1360f3f 2021-04-15T16:13:22+00:00 tb 2021-04-15T16:13:22+00:00 urn:sha1:ac21a57498563a5b644578b3012a2748d9c5eee0 2021-04-15T14:15:03+00:00 tb 2021-04-15T14:15:03+00:00 urn:sha1:013c39e97f0af8342cdb560b4a2a45f87602f7b7 This is disappointing as a lot of work was put into the new verifier during this cycle. However, there are still too many known bugs and incompatibilities. It is better to be faced with known broken behavior than with new broken behavior and to switch now rather than via errata. This way we have another cycle to iron out the kinks and to fix some of the remaining bugs. ok jsing 2021-04-11T07:06:01+00:00 tb 2021-04-11T07:06:01+00:00 urn:sha1:7d1a2a60100b5104532cc2cc1b5d6f28551be015 2021-04-09T06:05:21+00:00 otto 2021-04-09T06:05:21+00:00 urn:sha1:b4499c43f4b32d2e5e054187f8f0e5bfd8299e02 2021-04-09T06:04:15+00:00 otto 2021-04-09T06:04:15+00:00 urn:sha1:e3d1ed16d000aa151144fb4a5e41cd02144b2cc2 of pages anymore, but also cache larger regions; ok tb@ 2021-04-07T21:48:23+00:00 tb 2021-04-07T21:48:23+00:00 urn:sha1:dce38e74ea35338f295612fb140758e949815c70 In order to fail gracefully on encountering a self-signed cert, curl looks at the top-most error on the stack and needs specific SSL_R_ error codes. This mechanism was broken when the tls13_alert_sent_cb() was added after people complained about unhelpful unknown errors. Fix this by only setting the error code from a fatal alert if no error has been set previously. Issue reported by Christopher Reid ok jsing