src - OpenBSD base system

Age	Commit message (Collapse)	Author
2017-03-07	tls_close() can return TLS_WANT_POLLIN/TLS_WANT_POLLOUT, handle them	Sunil Nimmagadda
	appropriately. Ok jca@
2017-03-02	close ftp(1)'s output file to avoid leaking one FD per request.	Stuart Henderson
	ok deraadt
2017-02-28	Use a do{}while loop with ssize_t return value when calling tls_read()	Philip Guenther
	problem noted by and ok jsg@
2017-01-25	cetificate -> certificate;	Jason McIntyre

2017-01-24	Add -S noverifytime to ftp to permit an unvalidated TLS connection when	Bob Beck
	you don't knwo what time it is
2017-01-21	Nuke whitespace foolish enough to expose itself during the great	Kenneth R Westerback
	"warning:" rectification.
2017-01-20	Move a couple of variables that are unused in SMALL under #ifndef SMALL.	Kenneth R Westerback
	ok deraadt@
2017-01-20	Straggling __dead. Mark usage() as __dead and make gcc happier.	Kenneth R Westerback

2017-01-20	#ifndef SMALL around a couple of non-SMALL labels.	Kenneth R Westerback
	ok deraadt@
2017-01-14	HTTPS proxy support for ftp-ssl.	Jeremie Courreges-Anglas
	The install media already allow for plaintext HTTP proxying. The code to support CONNECT is short enough. Reported/fix tested by rpe@, ok deraadt@
2017-01-11	Don't attempt to read .netrc when we already force anonymous FTP (-a).	Vadim Zhukov
	Patch from Anton Lindqvist via tech@, thanks! okay deraadt@
2017-01-10	Pledge more strictly. This is only enabled on the ramdisk version of the	Theo de Raadt
	ftp(1) client, which operates only in URL mode. Not willing to spend the time tracking piles of global variables for sub-modes, and finding all the pledge interactions. Would rather have the install media ftp(1) as safe as possible, immediately. ok tb jca
2017-01-07	-#endif /* !SMALL */	Theo Buehler
	+#endif /* !NOSSL */
2017-01-03	Add a "-w connect_timeout" option in support of URL-fetching. This allows	Theo de Raadt
	slow / failing connects to be identified. The install script needs this functionaly. ok jca rpe millert
2016-12-28	Split -DSMALL into -DNOSSL, so that a SSL-enabled version of ftp can	Theo de Raadt
	be built, which is still pretty small (in distrib/special/ftp-ssl). Lots of testing by rpe.
2016-12-24	Correctly handle tls_read()/tls_write().	Joel Sing
	In one tls_read() case, we failed to check for WANT_{POLLIN,POLLOUT}, so fix that. In the same tls_read() case and the tls_write() case we fail to handle errors correctly, which means that error is not reported and can be lost by a futher libtls call. ok beck@ jca@
2016-12-22	missing full stop;	Jason McIntyre

2016-12-22	add muststaple option so that oscp stapling can be required for sites you	Bob Beck
	expect to provide it. ok jsing@
2016-12-16	Eliminate some gcc warnings about 'unused variables', mostly by	Kenneth R Westerback
	adding appropriate #ifdef's around declarations. ok millert@ (with a tweak I will commit separately)
2016-12-08	Avoid splitting the "Requesting %s" printf and its trailing newline.	Todd C. Miller
	Fixes a missing newline in one place and an extra one later on when both debug and verbose are set.
2016-12-08	Avoid printf of a NULL pointer as a string in debug mode.	Todd C. Miller
	OK deraadt@
2016-11-30	Check return value of tls_config_set_protocols(3) and bail out in case of	Ricardo Mestre
	failure Feedback and OK jsing@
2016-11-06	Bump ftp(1)'s cipher default from "all" to "legacy" - this really should	Joel Sing
	be "compat", but that will require further testing. ok beck@
2016-09-27	Remove empty #ifdef and #ifndef blocks	Frederic Cambus
	OK natano@
2016-08-22	Replace "union sockunion" with "union sockaddr_union" which is also	Todd C. Miller
	used in the kernel. This makes it possible to remove the casts to "struct sockaddr *" when calling networking syscalls. OK jsing@ jca@
2016-08-20	Use connect(2) + a connect_wait() function instead of connect_sync(),	Todd C. Miller
	similar to the example in connect(2). OK tedu@
2016-08-18	Move connect_sync() to util.c and use it when connecting via http	Todd C. Miller
	too. OK sthen@ deraadt@
2016-08-14	Convert remaining calls to strtoq/strtouq in base with strtoll/strtoull.	Philip Guenther
	Fix a type mismatch in ftp's "page" command and could make transfers restart at the wrong position. ok and a ull->ll tweak from natano@, ok tedu@
2016-08-13	Split out the SSL options handling into a separate function, which makes	Joel Sing
	for more readable code and reduces line wrapping. Also improve error messages by adding tls_config_error() to errx() where appropriate. ok jca@
2016-08-09	When connect(2) is interrupted by a signal it continues asynchronously	Todd C. Miller
	and you need to do the same poll(2) dance as if the socket was non-blocking. Fixes a crash when the window is resized while connecting. OK deraadt@
2016-07-28	these programs probably do not need to use TMPDIR. ok florian	Ted Unangst

2016-07-13	Adjust existing tls_config_set_cipher() callers for TLS cipher group	Joel Sing
	changes - map the previous configuration to the equivalent in the new groups. This will be revisited post release. Discussed with beck@
2016-05-27	Per the libtls man page, tls_init() must be called prior to any other	Joel Sing
	tls_* function; so actually do that.
2016-05-25	Avoid a use-after-free.	Kenneth R Westerback
	Diff from Vladimir Sotirov via tech@. Thanks! ok millert@
2016-05-06	Remove #ifdef INET6 bits, missed in a commit earlier this week	Jeremie Courreges-Anglas
	This probably broke passive FTP on IPv6 and [ip::v6]:port syntax in RAMDISK ftp(1), sorry about that. The diff was initially ok millert@
2016-03-17	Last parameter to execl[e]() functions must be cast to a pointer.	Kenneth R Westerback
	Just NULL is not good practise as NULL is theoretically allowed to be an integer rather than a pointer. Use (char )NULL consistently instead of scattering a few (char )0 and (void *)NULL into the mix. Prompted by and probably ok deraadt@ millert@ kettenis@ Definitely ok mestre@ ratchov@
2016-03-16	More "(<blah> *)0" -> NULL, avoiding any stdarg functions.	Kenneth R Westerback
	Feedback millert@ kettenis@
2016-01-28	Fix a crash when a server sends a non-standard newline ("\n" instead of "\r\n").	martijn
	Present since ssl support was initially added in OpenBSD 4.0 Found by sthen@ via github downtime OK sthen@
2016-01-08	Handle redirects to _relative_ URIs containing '://', e.g. for archive.org.	Stuart Henderson
	From Lauri Tirkkonen, plus tweak to comment. ok jung@
2015-12-09	Remove NULL-checks before free(). ok tb@	mmcc

2015-12-05	Let special/ftp compile again. 'ares' is only used inside #ifndef SMALL, so	Kenneth R Westerback
	declare it inside #ifdef SMALL.
2015-12-05	Send bad whitespace to the attic.	Kenneth R Westerback

2015-12-05	Silence gcc whining about using 'serrno' uninitialized by initializing	Kenneth R Westerback
	it to 0.
2015-11-05	Fix the example "ls . \|more"; from Frederic Nowak <fnwk at mailbox dot org>.	Ingo Schwarze
	While here, make it clear that `-' and `\|' are only special in local, not in remote filenames. Probably, `\|' support should be removed from ftp(1), but let's fix one thing at a time. OK jmc@
2015-11-04	Fix inverted pledge requests, from Frederic Nowak	Jeremie Courreges-Anglas

2015-10-18	unrelated commit; not ready yet	Theo de Raadt

2015-10-18	First casualty of making pledge "dns" mandatory for dns users.	Theo de Raadt
	"dns" was missing, and this was relying on "inet" support..
2015-10-18	A whole buncha unsigned char casts for ctype function arguments.	mmcc
	ok guenther@
2015-10-16	Pledge for ftp(1) in non-interactive mode.	Doug Hogan
	We will iterate and remove some of the pledges in the future. This is conservative for now. Tested by sthen@ and myself. ok deraadt@
2015-10-13	ctype functions isxdigit() expect an unsigned char value; add missing casts	Philip Guenther
	and adjust variable types to get correct behavior ok beck@ millert@