summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2020-07-05 23:59:46 +0000
committerDamien Miller <djm@cvs.openbsd.org>2020-07-05 23:59:46 +0000
commit7625ba0da2ed495de65f47f028fe7a6bb9f83032 (patch)
treeda3e707cd64ed822a43025c8dff9591ee5224926
parent7bca8d121b98a724696d973bd384c9e07ec31df1 (diff)
some language improvements; ok markus
-rw-r--r--usr.bin/ssh/PROTOCOL6
-rw-r--r--usr.bin/ssh/channels.h6
-rw-r--r--usr.bin/ssh/compat.c18
-rw-r--r--usr.bin/ssh/kex.c6
-rw-r--r--usr.bin/ssh/match.c12
-rw-r--r--usr.bin/ssh/match.h6
-rw-r--r--usr.bin/ssh/monitor.c4
-rw-r--r--usr.bin/ssh/mux.c14
-rw-r--r--usr.bin/ssh/packet.c4
-rw-r--r--usr.bin/ssh/readconf.c12
-rw-r--r--usr.bin/ssh/servconf.c22
-rw-r--r--usr.bin/ssh/servconf.h8
-rw-r--r--usr.bin/ssh/session.c20
-rw-r--r--usr.bin/ssh/ssh-agent.c8
-rw-r--r--usr.bin/ssh/ssh.c12
15 files changed, 79 insertions, 79 deletions
diff --git a/usr.bin/ssh/PROTOCOL b/usr.bin/ssh/PROTOCOL
index 5e56998e5cb..9a1567d0760 100644
--- a/usr.bin/ssh/PROTOCOL
+++ b/usr.bin/ssh/PROTOCOL
@@ -140,7 +140,7 @@ window space and may be sent even if no window space is available.
NB. due to certain broken SSH implementations aborting upon receipt
of this message (in contravention of RFC4254 section 5.4), this
message is only sent to OpenSSH peers (identified by banner).
-Other SSH implementations may be whitelisted to receive this message
+Other SSH implementations may be listed to receive this message
upon request.
2.2. connection: disallow additional sessions extension
@@ -169,7 +169,7 @@ Note that this is not a general defence against compromised clients
NB. due to certain broken SSH implementations aborting upon receipt
of this message, the no-more-sessions request is only sent to OpenSSH
servers (identified by banner). Other SSH implementations may be
-whitelisted to receive this message upon request.
+listed to receive this message upon request.
2.3. connection: Tunnel forward extension "tun@openssh.com"
@@ -496,4 +496,4 @@ OpenSSH's connection multiplexing uses messages as described in
PROTOCOL.mux over a Unix domain socket for communications between a
master instance and later clients.
-$OpenBSD: PROTOCOL,v 1.37 2020/02/21 00:04:43 dtucker Exp $
+$OpenBSD: PROTOCOL,v 1.38 2020/07/05 23:59:45 djm Exp $
diff --git a/usr.bin/ssh/channels.h b/usr.bin/ssh/channels.h
index 2cbdbf2b674..0abaec88720 100644
--- a/usr.bin/ssh/channels.h
+++ b/usr.bin/ssh/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.133 2020/01/25 22:49:38 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.134 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -52,11 +52,11 @@
#define SSH_CHANNEL_DYNAMIC 13
#define SSH_CHANNEL_ZOMBIE 14 /* Almost dead. */
#define SSH_CHANNEL_MUX_LISTENER 15 /* Listener for mux conn. */
-#define SSH_CHANNEL_MUX_CLIENT 16 /* Conn. to mux slave */
+#define SSH_CHANNEL_MUX_CLIENT 16 /* Conn. to mux client */
#define SSH_CHANNEL_ABANDONED 17 /* Abandoned session, eg mux */
#define SSH_CHANNEL_UNIX_LISTENER 18 /* Listening on a domain socket. */
#define SSH_CHANNEL_RUNIX_LISTENER 19 /* Listening to a R-style domain socket. */
-#define SSH_CHANNEL_MUX_PROXY 20 /* proxy channel for mux-slave */
+#define SSH_CHANNEL_MUX_PROXY 20 /* proxy channel for mux-client */
#define SSH_CHANNEL_RDYNAMIC_OPEN 21 /* reverse SOCKS, parsing request */
#define SSH_CHANNEL_RDYNAMIC_FINISH 22 /* reverse SOCKS, finishing connect */
#define SSH_CHANNEL_MAX_TYPE 23
diff --git a/usr.bin/ssh/compat.c b/usr.bin/ssh/compat.c
index fbed9f48c51..f6266f2a42c 100644
--- a/usr.bin/ssh/compat.c
+++ b/usr.bin/ssh/compat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.c,v 1.114 2020/06/01 07:11:38 dtucker Exp $ */
+/* $OpenBSD: compat.c,v 1.115 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
@@ -161,8 +161,8 @@ compat_cipher_proposal(char *cipher_prop)
if (!(datafellows & SSH_BUG_BIGENDIANAES))
return cipher_prop;
debug2("%s: original cipher proposal: %s", __func__, cipher_prop);
- if ((cipher_prop = match_filter_blacklist(cipher_prop, "aes*")) == NULL)
- fatal("match_filter_blacklist failed");
+ if ((cipher_prop = match_filter_denylist(cipher_prop, "aes*")) == NULL)
+ fatal("match_filter_denylist failed");
debug2("%s: compat cipher proposal: %s", __func__, cipher_prop);
if (*cipher_prop == '\0')
fatal("No supported ciphers found");
@@ -175,8 +175,8 @@ compat_pkalg_proposal(char *pkalg_prop)
if (!(datafellows & SSH_BUG_RSASIGMD5))
return pkalg_prop;
debug2("%s: original public key proposal: %s", __func__, pkalg_prop);
- if ((pkalg_prop = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == NULL)
- fatal("match_filter_blacklist failed");
+ if ((pkalg_prop = match_filter_denylist(pkalg_prop, "ssh-rsa")) == NULL)
+ fatal("match_filter_denylist failed");
debug2("%s: compat public key proposal: %s", __func__, pkalg_prop);
if (*pkalg_prop == '\0')
fatal("No supported PK algorithms found");
@@ -190,14 +190,14 @@ compat_kex_proposal(char *p)
return p;
debug2("%s: original KEX proposal: %s", __func__, p);
if ((datafellows & SSH_BUG_CURVE25519PAD) != 0)
- if ((p = match_filter_blacklist(p,
+ if ((p = match_filter_denylist(p,
"curve25519-sha256@libssh.org")) == NULL)
- fatal("match_filter_blacklist failed");
+ fatal("match_filter_denylist failed");
if ((datafellows & SSH_OLD_DHGEX) != 0) {
- if ((p = match_filter_blacklist(p,
+ if ((p = match_filter_denylist(p,
"diffie-hellman-group-exchange-sha256,"
"diffie-hellman-group-exchange-sha1")) == NULL)
- fatal("match_filter_blacklist failed");
+ fatal("match_filter_denylist failed");
}
debug2("%s: compat KEX proposal: %s", __func__, p);
if (*p == '\0')
diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c
index 61fbca92b5f..e27405d9e4a 100644
--- a/usr.bin/ssh/kex.c
+++ b/usr.bin/ssh/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.158 2020/03/13 04:01:56 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.159 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@@ -234,7 +234,7 @@ kex_assemble_names(char **listp, const char *def, const char *all)
list = tmp;
} else if (*list == '-') {
/* Remove names from default list */
- if ((*listp = match_filter_blacklist(def, list + 1)) == NULL) {
+ if ((*listp = match_filter_denylist(def, list + 1)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto fail;
}
@@ -271,7 +271,7 @@ kex_assemble_names(char **listp, const char *def, const char *all)
goto fail;
}
free(matching);
- if ((matching = match_filter_whitelist(all, cp)) == NULL) {
+ if ((matching = match_filter_allowlist(all, cp)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto fail;
}
diff --git a/usr.bin/ssh/match.c b/usr.bin/ssh/match.c
index 8cd080b7a75..2e1053bd05e 100644
--- a/usr.bin/ssh/match.c
+++ b/usr.bin/ssh/match.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.c,v 1.41 2019/11/13 04:47:52 deraadt Exp $ */
+/* $OpenBSD: match.c,v 1.42 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -302,13 +302,13 @@ match_list(const char *client, const char *server, u_int *next)
/*
* Filter proposal using pattern-list filter.
- * "blacklist" determines sense of filter:
+ * "denylist" determines sense of filter:
* non-zero indicates that items matching filter should be excluded.
* zero indicates that only items matching filter should be included.
* returns NULL on allocation error, otherwise caller must free result.
*/
static char *
-filter_list(const char *proposal, const char *filter, int blacklist)
+filter_list(const char *proposal, const char *filter, int denylist)
{
size_t len = strlen(proposal) + 1;
char *fix_prop = malloc(len);
@@ -326,7 +326,7 @@ filter_list(const char *proposal, const char *filter, int blacklist)
*fix_prop = '\0';
while ((cp = strsep(&tmp, ",")) != NULL) {
r = match_pattern_list(cp, filter, 0);
- if ((blacklist && r != 1) || (!blacklist && r == 1)) {
+ if ((denylist && r != 1) || (!denylist && r == 1)) {
if (*fix_prop != '\0')
strlcat(fix_prop, ",", len);
strlcat(fix_prop, cp, len);
@@ -341,7 +341,7 @@ filter_list(const char *proposal, const char *filter, int blacklist)
* the 'filter' pattern list. Caller must free returned string.
*/
char *
-match_filter_blacklist(const char *proposal, const char *filter)
+match_filter_denylist(const char *proposal, const char *filter)
{
return filter_list(proposal, filter, 1);
}
@@ -351,7 +351,7 @@ match_filter_blacklist(const char *proposal, const char *filter)
* the 'filter' pattern list. Caller must free returned string.
*/
char *
-match_filter_whitelist(const char *proposal, const char *filter)
+match_filter_allowlist(const char *proposal, const char *filter)
{
return filter_list(proposal, filter, 0);
}
diff --git a/usr.bin/ssh/match.h b/usr.bin/ssh/match.h
index 3a8a6ecdc1d..312ca6e1679 100644
--- a/usr.bin/ssh/match.h
+++ b/usr.bin/ssh/match.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.h,v 1.19 2019/03/06 22:14:23 dtucker Exp $ */
+/* $OpenBSD: match.h,v 1.20 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -21,8 +21,8 @@ int match_hostname(const char *, const char *);
int match_host_and_ip(const char *, const char *, const char *);
int match_user(const char *, const char *, const char *, const char *);
char *match_list(const char *, const char *, u_int *);
-char *match_filter_blacklist(const char *, const char *);
-char *match_filter_whitelist(const char *, const char *);
+char *match_filter_denylist(const char *, const char *);
+char *match_filter_allowlist(const char *, const char *);
/* addrmatch.c */
int addr_match_list(const char *, const char *);
diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c
index f890049e574..e297f41f9e1 100644
--- a/usr.bin/ssh/monitor.c
+++ b/usr.bin/ssh/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.210 2020/03/13 03:17:07 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.211 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1324,7 +1324,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
if (fd0 != 0)
error("%s: fd0 %d != 0", __func__, fd0);
- /* slave is not needed */
+ /* only need pty master side */
close(s->ttyfd);
s->ttyfd = s->ptyfd;
/* no need to dup() because nobody closes ptyfd */
diff --git a/usr.bin/ssh/mux.c b/usr.bin/ssh/mux.c
index 2c0f9ab5de2..461d91d0772 100644
--- a/usr.bin/ssh/mux.c
+++ b/usr.bin/ssh/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.82 2020/04/30 17:12:20 markus Exp $ */
+/* $OpenBSD: mux.c,v 1.83 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
*
@@ -174,7 +174,7 @@ static const struct {
{ 0, NULL }
};
-/* Cleanup callback fired on closure of mux slave _session_ channel */
+/* Cleanup callback fired on closure of mux client _session_ channel */
/* ARGSUSED */
static void
mux_master_session_cleanup_cb(struct ssh *ssh, int cid, void *unused)
@@ -196,7 +196,7 @@ mux_master_session_cleanup_cb(struct ssh *ssh, int cid, void *unused)
channel_cancel_cleanup(ssh, c->self);
}
-/* Cleanup callback fired on closure of mux slave _control_ channel */
+/* Cleanup callback fired on closure of mux client _control_ channel */
/* ARGSUSED */
static void
mux_master_control_cleanup_cb(struct ssh *ssh, int cid, void *unused)
@@ -274,7 +274,7 @@ mux_master_process_hello(struct ssh *ssh, u_int rid,
"(expected %u)", __func__, ver, SSHMUX_VER);
return -1;
}
- debug2("%s: channel %d slave version %u", __func__, c->self, ver);
+ debug2("%s: channel %d client version %u", __func__, c->self, ver);
/* No extensions are presently defined */
while (sshbuf_len(m) > 0) {
@@ -388,7 +388,7 @@ mux_master_process_new_session(struct ssh *ssh, u_int rid,
/* Gather fds from client */
for(i = 0; i < 3; i++) {
if ((new_fd[i] = mm_receive_fd(c->sock)) == -1) {
- error("%s: failed to receive fd %d from slave",
+ error("%s: failed to receive fd %d from client",
__func__, i);
for (j = 0; j < i; j++)
close(new_fd[j]);
@@ -981,7 +981,7 @@ mux_master_process_stdio_fwd(struct ssh *ssh, u_int rid,
/* Gather fds from client */
for(i = 0; i < 2; i++) {
if ((new_fd[i] = mm_receive_fd(c->sock)) == -1) {
- error("%s: failed to receive fd %d from slave",
+ error("%s: failed to receive fd %d from client",
__func__, i);
for (j = 0; j < i; j++)
close(new_fd[j]);
@@ -1141,7 +1141,7 @@ mux_master_process_proxy(struct ssh *ssh, u_int rid,
return 0;
}
-/* Channel callbacks fired on read/write from mux slave fd */
+/* Channel callbacks fired on read/write from mux client fd */
static int
mux_master_read_cb(struct ssh *ssh, Channel *c)
{
diff --git a/usr.bin/ssh/packet.c b/usr.bin/ssh/packet.c
index c748dcf31cd..e47ad8d589c 100644
--- a/usr.bin/ssh/packet.c
+++ b/usr.bin/ssh/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.295 2020/07/01 16:28:31 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.296 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2416,7 +2416,7 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
(r = sshbuf_get_u64(m, &state->p_read.bytes)) != 0)
return r;
/*
- * We set the time here so that in post-auth privsep slave we
+ * We set the time here so that in post-auth privsep child we
* count from the completion of the authentication.
*/
state->rekey_time = monotime();
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index cd83522f48b..265bfb75692 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.331 2020/05/29 04:25:40 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.332 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2200,11 +2200,11 @@ fill_default_options(Options * options)
all_key = sshkey_alg_list(0, 0, 1, ',');
all_sig = sshkey_alg_list(0, 1, 1, ',');
/* remove unsupported algos from default lists */
- def_cipher = match_filter_whitelist(KEX_CLIENT_ENCRYPT, all_cipher);
- def_mac = match_filter_whitelist(KEX_CLIENT_MAC, all_mac);
- def_kex = match_filter_whitelist(KEX_CLIENT_KEX, all_kex);
- def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key);
- def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig);
+ def_cipher = match_filter_allowlist(KEX_CLIENT_ENCRYPT, all_cipher);
+ def_mac = match_filter_allowlist(KEX_CLIENT_MAC, all_mac);
+ def_kex = match_filter_allowlist(KEX_CLIENT_KEX, all_kex);
+ def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key);
+ def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig);
#define ASSEMBLE(what, defaults, all) \
do { \
if ((r = kex_assemble_names(&options->what, \
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index e79cef87752..57e2bf83ccd 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.366 2020/06/24 15:09:53 markus Exp $ */
+/* $OpenBSD: servconf.c,v 1.367 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -123,7 +123,7 @@ initialize_server_options(ServerOptions *options)
options->challenge_response_authentication = -1;
options->permit_empty_passwd = -1;
options->permit_user_env = -1;
- options->permit_user_env_whitelist = NULL;
+ options->permit_user_env_allowlist = NULL;
options->compression = -1;
options->rekey_limit = -1;
options->rekey_interval = -1;
@@ -195,11 +195,11 @@ assemble_algorithms(ServerOptions *o)
all_key = sshkey_alg_list(0, 0, 1, ',');
all_sig = sshkey_alg_list(0, 1, 1, ',');
/* remove unsupported algos from default lists */
- def_cipher = match_filter_whitelist(KEX_SERVER_ENCRYPT, all_cipher);
- def_mac = match_filter_whitelist(KEX_SERVER_MAC, all_mac);
- def_kex = match_filter_whitelist(KEX_SERVER_KEX, all_kex);
- def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key);
- def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig);
+ def_cipher = match_filter_allowlist(KEX_SERVER_ENCRYPT, all_cipher);
+ def_mac = match_filter_allowlist(KEX_SERVER_MAC, all_mac);
+ def_kex = match_filter_allowlist(KEX_SERVER_KEX, all_kex);
+ def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key);
+ def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig);
#define ASSEMBLE(what, defaults, all) \
do { \
if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
@@ -365,7 +365,7 @@ fill_default_server_options(ServerOptions *options)
options->permit_empty_passwd = 0;
if (options->permit_user_env == -1) {
options->permit_user_env = 0;
- options->permit_user_env_whitelist = NULL;
+ options->permit_user_env_allowlist = NULL;
}
if (options->compression == -1)
#ifdef WITH_ZLIB
@@ -1563,7 +1563,7 @@ process_server_config_line_depth(ServerOptions *options, char *line,
case sPermitUserEnvironment:
intptr = &options->permit_user_env;
- charptr = &options->permit_user_env_whitelist;
+ charptr = &options->permit_user_env_allowlist;
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: missing argument.",
@@ -2845,11 +2845,11 @@ dump_config(ServerOptions *o)
}
printf("\n");
- if (o->permit_user_env_whitelist == NULL) {
+ if (o->permit_user_env_allowlist == NULL) {
dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
} else {
printf("permituserenvironment %s\n",
- o->permit_user_env_whitelist);
+ o->permit_user_env_allowlist);
}
printf("pubkeyauthoptions");
diff --git a/usr.bin/ssh/servconf.h b/usr.bin/ssh/servconf.h
index 337c01a9cab..d1a90d352b3 100644
--- a/usr.bin/ssh/servconf.h
+++ b/usr.bin/ssh/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.144 2020/04/17 03:30:05 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.145 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -146,7 +146,7 @@ typedef struct {
int permit_empty_passwd; /* If false, do not permit empty
* passwords. */
int permit_user_env; /* If true, read ~/.ssh/environment */
- char *permit_user_env_whitelist; /* pattern-list whitelist */
+ char *permit_user_env_allowlist; /* pattern-list of allowed env names */
int compression; /* If true, compression is allowed */
int allow_tcp_forwarding; /* One of FORWARD_* */
int allow_streamlocal_forwarding; /* One of FORWARD_* */
@@ -248,7 +248,7 @@ TAILQ_HEAD(include_list, include_item);
/*
* These are string config options that must be copied between the
* Match sub-config and the main config, and must be sent from the
- * privsep slave to the privsep master. We use a macro to ensure all
+ * privsep child to the privsep master. We use a macro to ensure all
* the options are copied and the copies are done in the correct order.
*
* NB. an option must appear in servconf.c:copy_set_server_options() or
@@ -267,7 +267,7 @@ TAILQ_HEAD(include_list, include_item);
M_CP_STROPT(pubkey_key_types); \
M_CP_STROPT(ca_sign_algorithms); \
M_CP_STROPT(routing_domain); \
- M_CP_STROPT(permit_user_env_whitelist); \
+ M_CP_STROPT(permit_user_env_allowlist); \
M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
M_CP_STRARRAYOPT(allow_users, num_allow_users); \
M_CP_STRARRAYOPT(deny_users, num_deny_users); \
diff --git a/usr.bin/ssh/session.c b/usr.bin/ssh/session.c
index 823622473ea..6f581aa5cbe 100644
--- a/usr.bin/ssh/session.c
+++ b/usr.bin/ssh/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.322 2020/07/03 07:02:37 djm Exp $ */
+/* $OpenBSD: session.c,v 1.323 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -613,7 +613,7 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command)
}
s->pid = pid;
- /* Parent. Close the slave side of the pseudo tty. */
+ /* Parent. Close the child side of the pseudo tty. */
close(ttyfd);
/* Enter interactive session. */
@@ -787,12 +787,12 @@ check_quietlogin(Session *s, const char *command)
* into the environment. If the file does not exist, this does nothing.
* Otherwise, it must consist of empty lines, comments (line starts with '#')
* and assignments of the form name=value. No other forms are allowed.
- * If whitelist is not NULL, then it is interpreted as a pattern list and
+ * If allowlist is not NULL, then it is interpreted as a pattern list and
* only variable names that match it will be accepted.
*/
static void
read_environment_file(char ***env, u_int *envsize,
- const char *filename, const char *whitelist)
+ const char *filename, const char *allowlist)
{
FILE *f;
char *line = NULL, *cp, *value;
@@ -825,8 +825,8 @@ read_environment_file(char ***env, u_int *envsize,
*/
*value = '\0';
value++;
- if (whitelist != NULL &&
- match_pattern_list(cp, whitelist, 0) != 1)
+ if (allowlist != NULL &&
+ match_pattern_list(cp, allowlist, 0) != 1)
continue;
child_set_env(env, envsize, cp, value);
}
@@ -896,10 +896,10 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
cp = strchr(ocp, '=');
if (*cp == '=') {
*cp = '\0';
- /* Apply PermitUserEnvironment whitelist */
- if (options.permit_user_env_whitelist == NULL ||
+ /* Apply PermitUserEnvironment allowlist */
+ if (options.permit_user_env_allowlist == NULL ||
match_pattern_list(ocp,
- options.permit_user_env_whitelist, 0) == 1)
+ options.permit_user_env_allowlist, 0) == 1)
child_set_env(&env, &envsize,
ocp, cp + 1);
}
@@ -912,7 +912,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
pw->pw_dir);
read_environment_file(&env, &envsize, buf,
- options.permit_user_env_whitelist);
+ options.permit_user_env_allowlist);
}
/* Environment specified by admin */
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index a56896fc09b..0b312350d57 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.261 2020/06/22 06:37:38 jmc Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.262 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -79,8 +79,8 @@
#include "ssh-pkcs11.h"
#include "sk-api.h"
-#ifndef DEFAULT_PROVIDER_WHITELIST
-# define DEFAULT_PROVIDER_WHITELIST "/usr/lib*/*,/usr/local/lib*/*"
+#ifndef DEFAULT_ALLOWED_PROVIDERS
+# define DEFAULT_ALLOWED_PROVIDERS "/usr/lib*/*,/usr/local/lib*/*"
#endif
/* Maximum accepted message length */
@@ -1340,7 +1340,7 @@ main(int ac, char **av)
usage();
if (allowed_providers == NULL)
- allowed_providers = xstrdup(DEFAULT_PROVIDER_WHITELIST);
+ allowed_providers = xstrdup(DEFAULT_ALLOWED_PROVIDERS);
if (ac == 0 && !c_flag && !s_flag) {
shell = getenv("SHELL");
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 3cd24df7600..e7efcc628f0 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.530 2020/06/26 05:02:03 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.531 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -121,11 +121,11 @@ int stdin_null_flag = 0;
/*
* Flag indicating that the current process should be backgrounded and
- * a new slave launched in the foreground for ControlPersist.
+ * a new mux-client launched in the foreground for ControlPersist.
*/
int need_controlpersist_detach = 0;
-/* Copies of flags for ControlPersist foreground slave */
+/* Copies of flags for ControlPersist foreground mux-client */
int ostdin_null_flag, ono_shell_flag, otty_flag, orequest_tty;
/*
@@ -1670,7 +1670,7 @@ control_persist_detach(void)
/* Child: master process continues mainloop */
break;
default:
- /* Parent: set up mux slave to connect to backgrounded master */
+ /* Parent: set up mux client to connect to backgrounded master */
debug2("%s: background process is %ld", __func__, (long)pid);
stdin_null_flag = ostdin_null_flag;
options.request_tty = orequest_tty;
@@ -2049,9 +2049,9 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
/*
* If we are in control persist mode and have a working mux listen
* socket, then prepare to background ourselves and have a foreground
- * client attach as a control slave.
+ * client attach as a control client.
* NB. we must save copies of the flags that we override for
- * the backgrounding, since we defer attachment of the slave until
+ * the backgrounding, since we defer attachment of the client until
* after the connection is fully established (in particular,
* async rfwd replies have been received for ExitOnForwardFailure).
*/