Commit: 235ee2d2e5c8c97845035b63b50ff225a72ead6b
Parent: 44885b371faffae422448a57bf224342bdea901c
Author: Michael Forney
Date: Wed, 4 Mar 2026 15:54:45 -0800
openbsd: Update to 7.8
Diffstat:
10 files changed, 121 insertions(+), 73 deletions(-)
diff --git a/pkg/sys/openbsd/patch/0026-nc-Portability-fixes-from-libressl-portable.patch b/pkg/sys/openbsd/patch/0026-nc-Portability-fixes-from-libressl-portable.patch
@@ -1,4 +1,4 @@
-From 05fd24cc7b3f1b73a58d41d70ef725925007165c Mon Sep 17 00:00:00 2001
+From 941679ac1af45e3359fa28172cd9339727c08a17 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Mon, 2 Dec 2019 21:11:04 -0800
Subject: [PATCH] nc: Portability fixes from libressl-portable
@@ -8,7 +8,7 @@ Subject: [PATCH] nc: Portability fixes from libressl-portable
1 file changed, 48 insertions(+), 7 deletions(-)
diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c
-index 8c60fd18826..b5129c2204d 100644
+index e3c9c939e24..9d182198089 100644
--- a/usr.bin/nc/netcat.c
+++ b/usr.bin/nc/netcat.c
@@ -93,9 +93,13 @@ int zflag; /* Port Scan Flag */
@@ -25,7 +25,7 @@ index 8c60fd18826..b5129c2204d 100644
int usetls; /* use TLS */
const char *Cflag; /* Public cert file */
-@@ -268,12 +272,14 @@ main(int argc, char *argv[])
+@@ -271,12 +275,14 @@ main(int argc, char *argv[])
case 'u':
uflag = 1;
break;
@@ -40,7 +40,7 @@ index 8c60fd18826..b5129c2204d 100644
case 'v':
vflag = 1;
break;
-@@ -320,9 +326,11 @@ main(int argc, char *argv[])
+@@ -323,9 +329,11 @@ main(int argc, char *argv[])
case 'o':
oflag = optarg;
break;
@@ -52,7 +52,7 @@ index 8c60fd18826..b5129c2204d 100644
case 'T':
errstr = NULL;
errno = 0;
-@@ -346,9 +354,11 @@ main(int argc, char *argv[])
+@@ -349,9 +357,11 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
@@ -64,7 +64,7 @@ index 8c60fd18826..b5129c2204d 100644
/* Cruft to make sure options are clean, and used properly. */
if (argc == 1 && family == AF_UNIX) {
-@@ -923,7 +933,10 @@ remote_connect(const char *host, const char *port, struct addrinfo hints,
+@@ -928,7 +938,10 @@ remote_connect(const char *host, const char *port, struct addrinfo hints,
char *ipaddr)
{
struct addrinfo *res, *res0;
@@ -76,7 +76,7 @@ index 8c60fd18826..b5129c2204d 100644
if ((error = getaddrinfo(host, port, &hints, &res0)))
errx(1, "getaddrinfo for host \"%s\" port %s: %s", host,
-@@ -938,8 +951,10 @@ remote_connect(const char *host, const char *port, struct addrinfo hints,
+@@ -943,8 +956,10 @@ remote_connect(const char *host, const char *port, struct addrinfo hints,
if (sflag || pflag) {
struct addrinfo ahints, *ares;
@@ -87,7 +87,7 @@ index 8c60fd18826..b5129c2204d 100644
memset(&ahints, 0, sizeof(struct addrinfo));
ahints.ai_family = res->ai_family;
ahints.ai_socktype = uflag ? SOCK_DGRAM : SOCK_STREAM;
-@@ -1031,8 +1046,11 @@ int
+@@ -1036,8 +1051,11 @@ int
local_listen(const char *host, const char *port, struct addrinfo hints)
{
struct addrinfo *res, *res0;
@@ -100,7 +100,7 @@ index 8c60fd18826..b5129c2204d 100644
/* Allow nodename to be null. */
hints.ai_flags |= AI_PASSIVE;
-@@ -1052,9 +1070,11 @@ local_listen(const char *host, const char *port, struct addrinfo hints)
+@@ -1057,9 +1075,11 @@ local_listen(const char *host, const char *port, struct addrinfo hints)
res->ai_protocol)) == -1)
continue;
@@ -112,7 +112,7 @@ index 8c60fd18826..b5129c2204d 100644
set_common_sockopts(s, res->ai_family);
-@@ -1559,11 +1579,13 @@ set_common_sockopts(int s, int af)
+@@ -1564,11 +1584,13 @@ set_common_sockopts(int s, int af)
{
int x = 1;
@@ -126,7 +126,7 @@ index 8c60fd18826..b5129c2204d 100644
if (Dflag) {
if (setsockopt(s, SOL_SOCKET, SO_DEBUG,
&x, sizeof(x)) == -1)
-@@ -1574,9 +1596,16 @@ set_common_sockopts(int s, int af)
+@@ -1579,9 +1601,16 @@ set_common_sockopts(int s, int af)
IP_TOS, &Tflag, sizeof(Tflag)) == -1)
err(1, "set IP ToS");
@@ -143,7 +143,7 @@ index 8c60fd18826..b5129c2204d 100644
}
if (Iflag) {
if (setsockopt(s, SOL_SOCKET, SO_RCVBUF,
-@@ -1600,13 +1629,17 @@ set_common_sockopts(int s, int af)
+@@ -1605,13 +1634,17 @@ set_common_sockopts(int s, int af)
}
if (minttl != -1) {
@@ -162,7 +162,7 @@ index 8c60fd18826..b5129c2204d 100644
}
}
-@@ -1831,14 +1864,22 @@ help(void)
+@@ -1841,14 +1874,22 @@ help(void)
\t-P proxyuser\tUsername for proxy authentication\n\
\t-p port\t Specify local port for remote connects\n\
\t-R CAfile CA bundle\n\
diff --git a/pkg/sys/openbsd/patch/0030-pax-Fix-some-incorrect-format-specifiers.patch b/pkg/sys/openbsd/patch/0030-pax-Fix-some-incorrect-format-specifiers.patch
@@ -1,4 +1,4 @@
-From e62d415fb66744cac915dc1873e09774a705d536 Mon Sep 17 00:00:00 2001
+From 7770f53d7d46a5dee46478caa4d0bda8d7cf9b9c Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Thu, 4 Jun 2020 21:36:11 -0700
Subject: [PATCH] pax: Fix some incorrect format specifiers
diff --git a/pkg/sys/openbsd/patch/0031-pax-Use-memcpy-to-set-TMAGIC-and-TVERSION-to-avoid-w.patch b/pkg/sys/openbsd/patch/0031-pax-Use-memcpy-to-set-TMAGIC-and-TVERSION-to-avoid-w.patch
@@ -1,4 +1,4 @@
-From dc49fca08adc0fd8cd9565f2aeca6dc2c8d1fbd2 Mon Sep 17 00:00:00 2001
+From fadd8482d8e37f8ff1a61a8d8060e83cec744222 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Thu, 4 Jun 2020 21:44:26 -0700
Subject: [PATCH] pax: Use memcpy to set TMAGIC and TVERSION to avoid warning
@@ -8,10 +8,10 @@ Subject: [PATCH] pax: Use memcpy to set TMAGIC and TVERSION to avoid warning
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/bin/pax/tar.c b/bin/pax/tar.c
-index a0cbb31b547..095eef85af0 100644
+index 1c5065ce655..ac6f3c60d94 100644
--- a/bin/pax/tar.c
+++ b/bin/pax/tar.c
-@@ -1055,8 +1055,8 @@ wr_xheader(ARCHD *arcn, struct xheader *xhdr)
+@@ -1056,8 +1056,8 @@ wr_xheader(char *fname, HD_USTAR *fhd, struct xheader *xhdr)
memset(hdblk, 0, sizeof(hdblk));
hd = (HD_USTAR *)hdblk;
hd->typeflag = XHDRTYPE;
@@ -20,9 +20,9 @@ index a0cbb31b547..095eef85af0 100644
+ memcpy(hd->magic, TMAGIC, TMAGLEN);
+ memcpy(hd->version, TVERSION, TVERSLEN);
if (ul_oct(size, hd->size, sizeof(hd->size), 3))
- return -1;
+ goto out;
-@@ -1263,8 +1263,8 @@ wr_ustar_or_pax(ARCHD *arcn, int ustar)
+@@ -1276,8 +1276,8 @@ wr_ustar_or_pax(ARCHD *arcn, int ustar)
break;
}
diff --git a/pkg/sys/openbsd/patch/0034-acme-client-Fix-signed-ness-of-base64buf_url-input.patch b/pkg/sys/openbsd/patch/0034-acme-client-Fix-signed-ness-of-base64buf_url-input.patch
@@ -1,4 +1,4 @@
-From 67ffb8812ee7ac5fe23a5149ff643d1f392fb1f5 Mon Sep 17 00:00:00 2001
+From d287356e4da2f2bc232df9bc13821738ffbe5299 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Fri, 23 Apr 2021 20:10:05 -0700
Subject: [PATCH] acme-client: Fix signed-ness of base64buf_url input
@@ -96,7 +96,7 @@ index 2b6377f0d81..0d84ad4b458 100644
size_t i, sz;
char *buf;
diff --git a/usr.sbin/acme-client/extern.h b/usr.sbin/acme-client/extern.h
-index 915f80e3992..5b0950b0693 100644
+index 46a1387f5bc..37820e6cfb6 100644
--- a/usr.sbin/acme-client/extern.h
+++ b/usr.sbin/acme-client/extern.h
@@ -244,7 +244,7 @@ int checkexit_ext(int *, pid_t, enum comp);
@@ -132,10 +132,10 @@ index a3b6666c279..f0df9f292d4 100644
goto out;
} else if ((der64 = base64buf_url(der, len)) == NULL) {
diff --git a/usr.sbin/acme-client/revokeproc.c b/usr.sbin/acme-client/revokeproc.c
-index 0f1bf32678b..58e81233f1a 100644
+index 65170078226..493a9ea9752 100644
--- a/usr.sbin/acme-client/revokeproc.c
+++ b/usr.sbin/acme-client/revokeproc.c
-@@ -63,7 +63,9 @@ revokeproc(int fd, const char *certfile, int force,
+@@ -77,7 +77,9 @@ revokeproc(int fd, const char *certfile, int force,
int revocate, const char *const *alts, size_t altsz)
{
GENERAL_NAMES *sans = NULL;
@@ -146,7 +146,7 @@ index 0f1bf32678b..58e81233f1a 100644
int rc = 0, cc, i, len;
size_t *found = NULL;
FILE *f = NULL;
-@@ -240,7 +242,7 @@ revokeproc(int fd, const char *certfile, int force,
+@@ -260,7 +262,7 @@ revokeproc(int fd, const char *certfile, int force,
} else if ((der = dercp = malloc(len)) == NULL) {
warn("malloc");
goto out;
diff --git a/pkg/sys/openbsd/patch/0035-acme-client-Port-to-BearSSL.patch b/pkg/sys/openbsd/patch/0035-acme-client-Port-to-BearSSL.patch
@@ -1,4 +1,4 @@
-From 1ab0f94943e02c49d88a358351914f9032a5bca3 Mon Sep 17 00:00:00 2001
+From 6abdd6eef47b5ff9a34536acbec947d2c9a3cebc Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Fri, 23 Apr 2021 23:14:16 -0700
Subject: [PATCH] acme-client: Port to BearSSL
@@ -9,8 +9,8 @@ Subject: [PATCH] acme-client: Port to BearSSL
usr.sbin/acme-client/key.c | 329 ++++++++++++++++++++++++------
usr.sbin/acme-client/key.h | 22 +-
usr.sbin/acme-client/keyproc.c | 198 ++++++------------
- usr.sbin/acme-client/revokeproc.c | 237 ++++++++++-----------
- 6 files changed, 564 insertions(+), 525 deletions(-)
+ usr.sbin/acme-client/revokeproc.c | 260 +++++++++++------------
+ 6 files changed, 566 insertions(+), 546 deletions(-)
diff --git a/usr.sbin/acme-client/acctproc.c b/usr.sbin/acme-client/acctproc.c
index 9e97a8bb760..8d66dac49d9 100644
@@ -1213,10 +1213,10 @@ index f0df9f292d4..fc7de74b616 100644
return rc;
}
diff --git a/usr.sbin/acme-client/revokeproc.c b/usr.sbin/acme-client/revokeproc.c
-index 58e81233f1a..378de35f662 100644
+index 493a9ea9752..82e31792f3b 100644
--- a/usr.sbin/acme-client/revokeproc.c
+++ b/usr.sbin/acme-client/revokeproc.c
-@@ -22,58 +22,54 @@
+@@ -22,73 +22,53 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -1232,29 +1232,46 @@ index 58e81233f1a..378de35f662 100644
#include "extern.h"
- #define RENEW_ALLOW (30 * 24 * 60 * 60)
-
-/*
-- * Convert the X509's expiration time into a time_t value.
+- * Convert the X509's notAfter time into a time_t value.
+- */
+-static time_t
+-X509notafter(X509 *x)
+-{
+- ASN1_TIME *atim;
+- struct tm t;
+-
+- if ((atim = X509_getm_notAfter(x)) == NULL)
+- return -1;
+-
+- memset(&t, 0, sizeof(t));
+-
+- if (!ASN1_TIME_to_tm(atim, &t))
+- return -1;
+-
+- return timegm(&t);
+-}
+-
+-/*
+- * Convert the X509's notBefore time into a time_t value.
- */
-static time_t
--X509expires(X509 *x)
+-X509notbefore(X509 *x)
+static void
+append_cert(void *ctx, const void *buf, size_t len)
{
- ASN1_TIME *atim;
- struct tm t;
-
-- if ((atim = X509_getm_notAfter(x)) == NULL) {
-- warnx("missing notAfter");
+- if ((atim = X509_getm_notBefore(x)) == NULL)
- return -1;
-- }
-
- memset(&t, 0, sizeof(t));
-
-- if (!ASN1_TIME_to_tm(atim, &t)) {
-- warnx("invalid ASN1_TIME");
+- if (!ASN1_TIME_to_tm(atim, &t))
- return -1;
+-
+- return timegm(&t);
+ br_x509_certificate *cert = ctx;
+ size_t newlen;
+ unsigned char *newdata;
@@ -1269,9 +1286,7 @@ index 58e81233f1a..378de35f662 100644
+ } else {
+ warn("realloc");
+ cert->data_len = -1;
- }
--
-- return timegm(&t);
++ }
}
int
@@ -1298,12 +1313,13 @@ index 58e81233f1a..378de35f662 100644
+ uint32_t days, secs;
long lval;
enum revokeop op, rop;
- time_t t;
+ time_t notafter, notbefore, cert_validity;
+ time_t remaining_validity, renew_allow;
- size_t j;
/*
* First try to open the certificate before we drop privileges
-@@ -88,8 +84,6 @@ revokeproc(int fd, const char *certfile, int force,
+@@ -103,8 +83,6 @@ revokeproc(int fd, const char *certfile, int force,
/* File-system and sandbox jailing. */
@@ -1312,7 +1328,7 @@ index 58e81233f1a..378de35f662 100644
if (pledge("stdio", NULL) == -1) {
warn("pledge");
goto out;
-@@ -113,39 +107,86 @@ revokeproc(int fd, const char *certfile, int force,
+@@ -128,44 +106,88 @@ revokeproc(int fd, const char *certfile, int force,
goto out;
}
@@ -1365,25 +1381,22 @@ index 58e81233f1a..378de35f662 100644
/* Read out the expiration date. */
-- if ((t = X509expires(x)) == -1) {
-- warnx("X509expires");
+- if ((notafter = X509notafter(x)) == -1) {
+- warnx("X509notafter");
+ br_x509_decoder_init(&xd, NULL, NULL);
+ br_x509_decoder_push(&xd, cert.data, cert.data_len);
+ if ((err = br_x509_decoder_last_error(&xd)) != 0) {
+ warnx("%s: X.509 decoding error %d", certfile, err);
goto out;
}
-+ br_x509_decoder_get_notafter(&xd, &days, &secs);
-+ t = 86400ll * (days - 719528) + 86400;
-
-- /* Extract list of SAN entries from the certificate. */
-
-- sans = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
-- if (sans == NULL) {
-- warnx("%s: does not have a SAN entry", certfile);
-- if (revocate)
-- goto out;
-- force = 2;
+- if ((notbefore = X509notbefore(x)) == -1) {
+- warnx("X509notbefore");
++ br_x509_decoder_get_notafter(&xd, &days, &secs);
++ notafter = 86400ll * (days - 719528) + 86400;
++ br_x509_decoder_get_notbefore(&xd, &days, &secs);
++ notbefore = 86400ll * (days - 719528) + 86400;
++
+ for (i = 0, altmax = 0; i < altsz; ++i) {
+ altlen = strlen(alts[i]) + 1;
+ if (altlen > altmax)
@@ -1393,8 +1406,17 @@ index 58e81233f1a..378de35f662 100644
+ if ((elts = calloc(eltsz, sizeof(elts[0]))) == NULL ||
+ (sans = calloc(eltsz, altmax)) == NULL) {
+ warn("calloc");
-+ goto out;
-+ }
+ goto out;
+ }
+-
+- /* Extract list of SAN entries from the certificate. */
+-
+- sans = X509_get_ext_d2i(x, NID_subject_alt_name, NULL, NULL);
+- if (sans == NULL) {
+- warnx("%s: does not have a SAN entry", certfile);
+- if (revocate)
+- goto out;
+- force = 2;
+ for (i = 0; i < eltsz; ++i) {
+ elts[i].oid = dnsname;
+ elts[i].buf = sans + i * altmax;
@@ -1421,7 +1443,7 @@ index 58e81233f1a..378de35f662 100644
goto out;
}
-@@ -154,63 +195,37 @@ revokeproc(int fd, const char *certfile, int force,
+@@ -174,63 +196,37 @@ revokeproc(int fd, const char *certfile, int force,
* configuration file and that all domains are represented only once.
*/
@@ -1504,7 +1526,7 @@ index 58e81233f1a..378de35f662 100644
goto out;
}
force = 2;
-@@ -236,16 +251,7 @@ revokeproc(int fd, const char *certfile, int force,
+@@ -256,16 +252,7 @@ revokeproc(int fd, const char *certfile, int force,
if (cc <= 0)
goto out;
@@ -1522,7 +1544,7 @@ index 58e81233f1a..378de35f662 100644
warnx("base64buf_url");
goto out;
} else if (writestr(fd, COMM_CSR, der64) >= 0)
-@@ -298,12 +304,9 @@ out:
+@@ -339,12 +326,9 @@ out:
close(fd);
if (f != NULL)
fclose(f);
diff --git a/pkg/sys/openbsd/patch/0038-nc-Add-option-to-disable-certificate-time-checking.patch b/pkg/sys/openbsd/patch/0038-nc-Add-option-to-disable-certificate-time-checking.patch
@@ -1,4 +1,4 @@
-From 5e993fe93c590d60b05948e22b51dfc34c3eac4b Mon Sep 17 00:00:00 2001
+From 0b4249dea4ec148875be7a7fedc8ec0873043c71 Mon Sep 17 00:00:00 2001
From: Michael Forney <mforney@mforney.org>
Date: Thu, 20 May 2021 13:44:35 -0700
Subject: [PATCH] nc: Add option to disable certificate time checking
@@ -9,7 +9,7 @@ Subject: [PATCH] nc: Add option to disable certificate time checking
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/usr.bin/nc/nc.1 b/usr.bin/nc/nc.1
-index 76b6dc018ea..9e13b84acf7 100644
+index 2ffdcd1ea60..ecff109e395 100644
--- a/usr.bin/nc/nc.1
+++ b/usr.bin/nc/nc.1
@@ -249,6 +249,8 @@ may be one of:
@@ -22,7 +22,7 @@ index 76b6dc018ea..9e13b84acf7 100644
which requires a client certificate on incoming connections; or
.Cm muststaple ,
diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c
-index b5129c2204d..d1ed530eb2c 100644
+index 9d182198089..74d18595309 100644
--- a/usr.bin/nc/netcat.c
+++ b/usr.bin/nc/netcat.c
@@ -70,8 +70,9 @@
@@ -37,7 +37,7 @@ index b5129c2204d..d1ed530eb2c 100644
/* Command Line Options */
int dflag; /* detached, no stdin */
-@@ -546,6 +547,8 @@ main(int argc, char *argv[])
+@@ -551,6 +552,8 @@ main(int argc, char *argv[])
errx(1, "clientcert is only valid with -l");
if (TLSopt & TLS_NONAME)
tls_config_insecure_noverifyname(tls_cfg);
@@ -46,14 +46,14 @@ index b5129c2204d..d1ed530eb2c 100644
if (TLSopt & TLS_NOVERIFY) {
if (tls_expecthash != NULL)
errx(1, "-H and -T noverify may not be used "
-@@ -1707,6 +1710,7 @@ process_tls_opt(char *s, int *flags)
+@@ -1712,6 +1715,7 @@ process_tls_opt(char *s, int *flags)
+ { "clientcert", TLS_CCERT, NULL },
{ "muststaple", TLS_MUSTSTAPLE, NULL },
- { "noverify", TLS_NOVERIFY, NULL },
{ "noname", TLS_NONAME, NULL },
+ { "notime", TLS_NOTIME, NULL },
+ { "noverify", TLS_NOVERIFY, NULL },
{ "protocols", -1, &tls_protocols },
{ NULL, -1, NULL },
- };
--
2.49.0
diff --git a/pkg/sys/openbsd/patch/0040-acme-client-Fix-enum-int-mismatch-in-declaration-of-.patch b/pkg/sys/openbsd/patch/0040-acme-client-Fix-enum-int-mismatch-in-declaration-of-.patch
@@ -0,0 +1,26 @@
+From 87c6da40a600a00d331d1d7f8968fd4ee933377a Mon Sep 17 00:00:00 2001
+From: Michael Forney <mforney@mforney.org>
+Date: Wed, 4 Mar 2026 15:27:54 -0800
+Subject: [PATCH] acme-client: Fix enum/int mismatch in declaration of
+ json_parse_response
+
+---
+ usr.sbin/acme-client/extern.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/usr.sbin/acme-client/extern.h b/usr.sbin/acme-client/extern.h
+index 37820e6cfb6..3c780ebf777 100644
+--- a/usr.sbin/acme-client/extern.h
++++ b/usr.sbin/acme-client/extern.h
+@@ -252,7 +252,7 @@ char *base64buf_url(const unsigned char *, size_t);
+ */
+ struct jsmnn *json_parse(const char *, size_t);
+ void json_free(struct jsmnn *);
+-int json_parse_response(struct jsmnn *);
++enum chngstatus json_parse_response(struct jsmnn *);
+ void json_free_challenge(struct chng *);
+ int json_parse_challenge(struct jsmnn *, struct chng *);
+ void json_free_order(struct order *);
+--
+2.49.0
+
diff --git a/pkg/sys/openbsd/sha256 b/pkg/sys/openbsd/sha256
@@ -1,2 +1,2 @@
-6239a7a906bec7c386a06e6fda5893d854a4a00b6702eb47cbed0353a6a0c4fb src.tar.gz
-65b58e8432c8f678840fa58402daee8acf196770b748068e165664bd2d6cd85c sys.tar.gz
+1f20cc61f3b5bc9be69be131f9c897635ca6c3b4eba3a69e938a68e74139f48a src.tar.gz
+e24904caaee40e8774816b20f30983626f4a5434e04b4768a9ef451dc4bc39eb sys.tar.gz
diff --git a/pkg/sys/openbsd/url b/pkg/sys/openbsd/url
@@ -1,5 +1,5 @@
remote-name
-url = "https://cdn.openbsd.org/pub/OpenBSD/7.7/src.tar.gz"
+url = "https://cdn.openbsd.org/pub/OpenBSD/7.8/src.tar.gz"
remote-name
-url = "https://cdn.openbsd.org/pub/OpenBSD/7.7/sys.tar.gz"
+url = "https://cdn.openbsd.org/pub/OpenBSD/7.8/sys.tar.gz"
diff --git a/pkg/sys/openbsd/ver b/pkg/sys/openbsd/ver
@@ -1 +1 @@
-7.7 r0
+7.8 r0