import ports/security/py-python-pskc, ok tb@
This Python library handles Portable Symmetric Key Container (PSKC)
files as defined in RFC 6030. PSKC files are used to transport and
provision symmetric keys (seed files) to different types of crypto
modules, commonly one-time password tokens or other authentication
devices.
This module can be used to extract keys from PSKC files for use in an
OTP authentication system. The module can also be used for authoring
PSKC files.
add upstream patches for postfix/stable35, ok Brad:
postfix-3.1-3.5-tlsa-death-patch
postfix-3.4-3.7-input-limit-patch
(3.5 is the last version which works with libressl, so it's kept
around for cases when you need to use remote databases with TLS, which
otherwise usually result in conflicts)
Rewrite screen-redraw.c to make it tidier and more maintainable. A scene
is generated and cached in the client: it holds positions and sizes of
panes, borders and so on. The scene is invalidated when a pane is moved
or resized or relevant option is changed. This scene is then drawn to
the client as needed and text and colours are filled in. With Michael
Grant.
Reject empty CNAMEs in gethostbyname(3) / getaddrinfo(3).
An empty string is arguably not a correct hostname (even though
res_hnok accepts it). More worrisome though is software not expecting
this and making mistakes. In practice this cannot happen unless the
resolver lies to us.
OK deraadt, jca
Rework non-functional CA statistics accounting
This also fixes a subtle defect: non-functional CAs were counted
towards the repository those broken CAs were pointing towards,
instead of being counted towards the repository that contained the
broken CA.
Attributing the non-functional CA to the issuing parent makes more
sense, because the issuing parent can actually do something about it,
for example, by revoking the non-functional child CA.
OK tb@