- The default cipher is BF-CBC, which openvpn refuses to use by default.
Switched to AES-256-CBC.
- openvpn does not require an external "ip" executable anymore, and does
not support the "ipconfig" option by default, so remove that option.
This is a follow up to #200815 and #184634.
The PCRE2 JIT SEAlloc does not support the `fork()` as announced in
their README [0]:
> If you are enabling JIT under SELinux environment you may also want to add
> --enable-jit-sealloc, which enables the use of an executable memory allocator
> that is compatible with SELinux. Warning: this allocator is experimental!
> It does not support fork() operation and may crash when no disk space is
> available. This option has no effect if JIT is disabled.
As a result using it in PHP can break apps and tools, it can only be
enabled under very specific context where you have a full picture of
what the PHP code is doing.
This contribution disables again the PCRE2 JIT SEAlloc and extends the
existing PHP/PCRE2 tests to make sure we do not enable it again by
mistake.
[0] https://www.pcre.org/readme.txt
remove trailing whitespace
switch docs to markdown
use mdDoc
remove trailing whitespace
get rid of double space
add tests and update options to use submodule
remove whitespace
remove whitespace
use mdDoc
remove whitespace
make default a no-op
make ALTER ROLE a single sql statement
document null case
The tests TLS setup was bogus: the xmpp-send-message script was trying
to connect to the server through a bogus domain name. Injecting the
right one.
I'm a bit confused about that one. I know for sure this NixOS test
succeeded last time I checked it, but the TLS conf is bogus for sure.
I assume the slixmpp SNI validation was a bit too loose and was
tightened at some point.
The xmpp-sendmessage the slixmpp-powered python script tend to timeout
and block the nixos channels.
Adding a signal-based timeout making sure that whatever happens, the
script won't run for more than 2 minutes. That should be pleinty
enough time to finish regardless of the runner specs. As a data point,
it runs in about 10 secs on my desktop machine.
