As per @Ansuel's not about ctx cleanup in error path, decided to rework
the patch.
Changes and Improvements:
Smart Pointers for Memory Management:
* The `EVP_PKEY_ptr` and `X509_NAME_ptr` smart pointers
are used to manage the memory of `EVP_PKEY` and `X509_NAME`
objects respectively to ensure proper cleanup.
Error Handling:
* Improved error messages and exception handling to provide
more information about what went wrong.
Resource Cleanup:
* Ensured all allocated resources are now properly freed
in case of an error to prevent memory leaks.
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Previously the "use" command had the following shortcomings:
* a subprocess was created instead of replacing the shell process
* whitespace in arguments was not handled correctly
Implementation detail:
In shell context the `"$@"` expression should be used (instead of `$*`).
This allows the safe handling of arguments containing whitespace.
Closes: #20001
Signed-off-by: Lars Kruse <devel@sumpfralle.de>
shairport-sync expects statistics/log_verbosity/log_output_to settings
to be in the diagnostics section of shairport-sync's native config.
Prior to this commit, these settings were either missing (log_output_to)
or generated in the incorrect (general) native config section bloc.
Signed-off-by: David Andreoletti <david@andreoletti.net>
Lua-ffi is a portable lightweight C FFI for Lua, based on libffi
and aiming to be mostly compatible with LuaJIT FFI, but written
from scratch in C language.
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
owut (OpenWrt Update Tool) is a command line program that gathers
information from the various openwrt.org build sites and reports
status on various aspects of builds and package availability.
It also shows many details about your current configuration and
installed packages, allowing it to create, download, verify and
install new images containing the user-installed packages.
It is written completely in 'ucode', allowing for user customization
on the installed device, without the need for compilers and linkers.
Documentation is available at https://github.com/efahl/owut
Forum thread at https://forum.openwrt.org/t/owut-openwrt-upgrade-tool/200035
Signed-off-by: Eric Fahlgren <ericfahlgren@gmail.com>
Currently, the nfs-kernel-server package exports /mnt by default after
it is installed. This is not a good default behavior, as it may expose
sensitive data to the network if a user mounts something on /mnt. This
commit commented out the line that exports /mnt, so the user has to
enable it explicitly.
Signed-off-by: Yangyu Chen <cyy@cyyself.name>
Switch to meson build system instead of autotools.
Changes since version 2.0.1:
2.2.3: Ludovic Rousseau
26 May 2024
- meson:
. Fix build on Slackware 15
. fail if both libusb and libudev are used
- Fix memory leak on exit
- libpcscspy: dump an output buffer only if the call succeeded
- Some code cleanup
2.2.2: Ludovic Rousseau
20 May 2024
- Serial support is ENABLED by default
2.2.1: Ludovic Rousseau
8 May 2024
- fix meson related issues
- Some code cleanup
2.2.0: Ludovic Rousseau
3 May 2024
- provide files for meson build tool (replaces autoconf/auoomake)
- fix a missing symbol in libpcscspy (bug introduced by the previous version)
- fix shutdown issues with hotplug_libusb
- update pcsc-spy manpage
- update copyright date
- Some other minor improvements
2.1.0: Ludovic Rousseau
12 April 2024
- LIBPCSCLITE_DELEGATE is used to redirect to another libpcsclite library
- setup_spy.sh displays the LIBPCSCLITE_DELEGATE value to use for spying
- provides libfake.c as a sample source code
- Some other minor improvements
2.0.3: Ludovic Rousseau
3 March 2024
- add SCARD_E_UNKNOWN_RES_MNG back
2.0.2: Ludovic Rousseau
3 March 2024
- SCardConnect() & SCardReconnect(): restrict the protocol used
- negotiate PTS also for the backup protocol
- pcscd.8:
. document --disable-polkit
. add "CONFIGURATION FILE" section
- Some other minor improvements
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The kernel knows about /sbin/request-key *at that path*, and the shipped
configuration file presumes that /sbin/key.dns_resolver and /bin/keyctl are the
correct paths.
Signed-off-by: Nathaniel Wesley Filardo <nwfilardo@gmail.com>
* relax the firewall pre-check if fw4 is not running
* replace former stale tor feed source with 'https://www.dan.me.uk/torlist/?exit'
* add openvpn log term/search pattern example to the readme
* the default config now includes only log terms for dropbear and LuCI, all others are optional
* readme update
Signed-off-by: Dirk Brenken <dev@brenken.org>
This is a bugfix release containing several security fixes.
Security fixes
--------------
- CVE-2024-4877: Windows: harden interactive service pipe.
Security scope: a malicious process with "some" elevated privileges
could open the pipe a second time, tricking openvn GUI
into providing user credentials (tokens), getting full access
to the account openvpn-gui.exe runs as.
- CVE-2024-5594: control channel: refuse control channel messages
with nonprintable characters in them.
Security scope: a malicious openvpn peer can send garbage to openvpn log,
or cause high CPU load.
- CVE-2024-28882: only call schedule_exit() once (on a given peer).
Security scope: an authenticated client can make the server "keep the session"
even when the server has been told to disconnect this client
Bug fixes
---------
- fix connect timeout when using SOCKS proxies
- work around LibreSSL crashing on OpenBSD 7.5 when enumerating ciphers
- Add bracket in fingerprint message and do not warn about missing verification
For details refer to https://github.com/OpenVPN/openvpn/blob/v2.6.11/Changes.rst
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
tlsv1.3 support is broken in curl 8.8.0 with mbedtls 3.6.0.
See curl/curl#13653 and Mbed-TLS/mbedtls#9210 for more details.
A workaround was implemented in upsteam code, see curl/curl@0c4b4c1 and curl/curl@5f9017d
This commit includes patches generated from upstream commits.
fix#24365#24386
Signed-off-by: Ryan Keane <the.ra2.ifv@gmail.com>
