Import devel/scnlib
scnlib is a modern C++ library for replacing scanf and std::istream.
This library attempts to move us ever so much closer to replacing
iostreams and C stdio altogether. It's faster than iostream, and
type-safe, unlike scanf. Think {fmt} or C++20 std::format, but in
the other direction.
ok rsadowski@
repair more prototypes for pseudo-device attach functions
pppattach and spppattach should have a single int parameter to match
what's in ioconf.c.
also noticed independently by jsg@; ok jsg@
relayd: use explicit_bzero in ssl_password_cb
This replaces bzero with explicit_bzero in the SSL password callback. Since
ssl_password_cb handles sensitive data a standard bzero could be optimized
away by the compiler.
Additionally, this ensures the buffer is cleared if strlcpy fails due to
truncation, preventing password fragments from lingering in memory.
OK renaud@, kirill@
repair prototype for pseudo-device attach function
The dtattach function was declared with an autoconf style prototype, but
should have been declared with a single int parameter. Repair this.
ok deraadt@, jsg@
Exclude hidden files and directories when synchronizing via Rsync
According to RFC 9286 section 4.2.2, filenames in the RPKI cannot start
with a dot. And RFC 6481 section 1.1 describes the concept of a publication
point as a "directory in a publicly accessible filesystem". From there it
follows there is no need to transfer hidden files and directories. This may
help in avoiding exposure to intermediate states (e.g., /a/.~tmp~/b.roa).
Thanks to by Ben Cartwright-Cox for raising this.
OK tb@