uv,zizmor: remove version number of aws-lc-sys in comment
It will stay this way for a few more versions and we will inevitably
forget to update this comment.
Add openssl/4.0 (third time is the charm)
This imports openssl-4.0.0-beta1 and merges openssl/3.6 into it. The
actual release is scheduled for April 14 at which point (or whenever
it happens) we can update to that version.
There's a lot of new things. Per the list, the most important breaking
change is that RSA keys having the top bit of the first octet set are
no longer prefixed with 00: when printed.
Less important changes include that they finally eliminated the atexit()
handler to appease Valgrind, that ASN1_STRING is now opaque and there was
a significant amount of const sprinkling.
Having ECH support is nice.
Why on earth they felt the need to add RFC 7919 FFDHE support to TLSv1.2
when the deprecation is both important and imminent is beyond me:
https://datatracker.ietf.org/doc/draft-ietf-tls-deprecate-obsolete-kex/
[5 lines not shown]
Apparently we shouldn't touch the RTC immediately after restarting the
i8254 clock either when coming out of S3 suspend. So move the code
that checks whether the RTC alarm went off and clears it all the way to
the end of acpi_cpu_resume. This fixes a lockup seen on the x220.
Figured out by mlarkin@ who write the initial diff; I just tweaked it.
ok mlarkin@, deraadt@
