Instead of terminating with fatalx() when a private key hash cannot be found, log a warning and send an error back to the relay worker. This prevents a race condition during "reload" where a request might reach the CA process while keys are being repopulated. Reported by Nick Owens; thanks! OK tb@

Adjust a comment. Being non-existent, the OpenSSL engine layer cannot be responsible for whatever unholy hacks this code requires.

Joel Carnat (Thanks) notice that GoToSocial does not like it when we sent no User-Agent and returns an HTTP/418. Lloyd pointed to use RELAYD_SERVERNAME instead hardcoded "relayd" OK sthen, claudio (diff without RELAYD_SERVERNAME)

OK claudio@

OK claudio@

If the cookie doesn't match, we bail with a continue and totally forget to free the imsg. OK claudio@

patch from Christoph Liebender OK: rsadowski@

The things that need quoting are not necessarily "argument names", and not even necessarily "names" at all, so just talk about "arguments". "I guess?" florian@ and no objection from otto@, both back in July 2025. Actually, the quoting rules are more complicated than the text makes believe, but i do not know how to better describe them. It may not be easy because some suspect the implementation may be somewhat adhoc rather than based on cleary defined lexical rules.

OK stsp