Garbled IPv6 printout

Sat Mar 30 21:35:18 UTC 2019

I just pushed a fix.  It was an interesting quirk.  The API for accepet 
includes a pointer and length to a place to put the IP Address of the remote 
site.  The type of that place is struct sockaddr.  sockaddr is generic, 
presumably big enough for the biggest address format.  They botched something, 
I'm not sure what.  A sockaddr isn't big enough for an IPv6 address.

I also added a missing free in the openssl area.  I'm not sure how many are 
still missing.  Much of our stuff gets free-ed.  There isn't a cleanup hook 
for the NTS stuff.  Anybody good at tracking this stuff?  There is a tool.  I 
forget the name.  I'd probably run it with a bare system, then again with 
several NTS clients and look for differences.  Then similar for the server 
side.

FreeBSD is still using OpenSSL 1.1.1a which doesn't work for making S2C and 
C2S.  It does work if you force TLS1.2

-- 
These are my opinions.  I hate spam.