src - OpenBSD base system

Age	Commit message (Collapse)	Author
2024-10-31	When decoding SVCB or HTTPS do not skip reading params in alias	Otto Moerbeek
	mode. According to the RFC, client shoud ignore them (which means actively skipping), but for dig it make sense to print them anyway. ok florian@
2024-10-30	Don't run through time checks when entry is definitely oversized.	Jan Klemkow
	This leads to newsyslog rotating on (size OR time) if both are specified. Reported from Matthias Pitzl. with tweak from bluhm@ ok millert@
2024-10-28	Match tab cells when searching, from Alexander Arch in GitHub issue	Nicholas Marriott
	4201.
2024-10-28	Treat tabs as a word separator, from Alexander Arch in GitHub issue	Nicholas Marriott
	4201.
2024-10-28	Fix issues in the command prompt: set PROMPT_QUOTENEXT after quoting	Nicholas Marriott
	than before, meaning that accidentally scrolling the mouse wheel doesn't break quoting; and move the cursor correctly over wide characters. From Alexander Arch in GitHub issue 4212.
2024-10-27	explicitly include endian.h	Damien Miller

2024-10-27	fix ML-KEM768x25519 KEX on big-endian systems;	Damien Miller
	spotted by jsg@ feedback/ok deraadt@
2024-10-25	mlkem768x25519-sha256 has been promoted to default key exchange	Christian Weisgerber

2024-10-25	Allow tabs even on terminals without UTF-8, reported by jmc.	Nicholas Marriott

2024-10-25	Allow control characters to be entered at the command prompt prefixed	Nicholas Marriott
	with with C-v, from Alexander Arch in GitHub issue 4206.
2024-10-25	Do not attempt to search for zero length strings, from Alexander Arch in	Nicholas Marriott
	GitHub issue 4209.
2024-10-25	Do not stop stop at first padding in format_grid_line and handle tabs.	Nicholas Marriott

2024-10-25	Flag tabs if possible in the grid cell so they can be preserved on	Nicholas Marriott
	copying and capture-pane. From Alexander Arch in GitHub issue 4201.
2024-10-25	Add a helper function for cell data comparison, from Alexander Arch.	Nicholas Marriott

2024-10-25	remove unneeded dst__opensslrsa_init() prototype	Jonathan Gray

2024-10-25	remove unneeded typedefs; ok florian@	Jonathan Gray

2024-10-25	promote mlkem768x25519-sha256 to be the default key exchange;	Damien Miller
	ok markus@
2024-10-24	Map ucom unit number to cuaU number using the same	Kenneth R Westerback
	scheme as MAKEDEV uses. Fixes problems with ucom units > 10. Problem noted by, fix tested and ok sthen@
2024-10-24	amake ssh-agent drop all keys when it receives SIGUSR1;	Damien Miller
	let's users zap keys without access to $SSH_AUTH_SOCK ok deraadt@
2024-10-24	relax valid_domain() checks to allow an underscore as the first	Damien Miller
	character. ok deraadt@
2024-10-22	remove duplicate prototype	Jonathan Gray

2024-10-22	Add a sshd debug wrapper to run all of the subprograms from the build	Darren Tucker
	directory while developing and debugging. Should help prevent accidentally testing against unchanged installed sshd-auth and sshd-session binaries. ok djm@
2024-10-22	Make debug call printf("%s", NULL) safe. Prevents problems on platforms	Darren Tucker
	where this isn't safe (which it's not required to be). ok djm@
2024-10-21	Bump up the maximum for repeat-time (some people want it to be	Nicholas Marriott
	effectively infinite).
2024-10-21	Add function to get current offset from copy mode, from Michael Grant.	Nicholas Marriott

2024-10-21	Adjust how Ctrl and Meta keys are sent to use standard representation if	Nicholas Marriott
	available in mode 1, from Stanislav Kljuhhin, GitHub issue 4188.
2024-10-18	mention that LocalForward and RemoteForward can accept Unix domain socket	Damien Miller
	paths; GHPR115
2024-10-18	remove duplicate check; GHPR392 from Pedro Martelletto	Damien Miller

2024-10-18	allow "-" as output file for moduli screening	Damien Miller
	based on GHPR393
2024-10-18	ssh-keyscan doesn't need it's own sshfatal() definition, it can	Damien Miller
	use the shared one from fatal.c based on GHPR401 from lengyijun
2024-10-18	in _ssh_order_hostkeyalgs() consider ECDSA curve type when arranging	Damien Miller
	the hostkey algorithms. AFAIK this code is unused in OpenSSH, but I guess others are using it based on GHPR387 from Pawel Jakub Dawidek
2024-10-18	require control-escape character sequences passed via the '-e ^x'	Damien Miller
	commandline to be exactly two characters long. Avoids one by OOB read if ssh is invoked as "ssh -e^ ..." Spotted by Maciej Domanski in GHPR368
2024-10-18	remove addr.[ch] functions that are unused and visbility-restrict	Damien Miller
	ones that are unused outside the implementation itself; based on GHPR#282 by tobias@
2024-10-18	unreachable POLLERR case; from ya0guang via GHPR485	Damien Miller

2024-10-18	s/Sx/Cm/ for external references; from Domen Puncer Kugler via GHPR501	Damien Miller

2024-10-17	Switch pane-colors and cursor-style options to be in alphabetical order,	Nicholas Marriott
	from Teubel Gyorgy, GitHub issue 4191.
2024-10-17	Allow attributes in menu style, from Japin Li in GitHub issue 4194.	Nicholas Marriott

2024-10-17	create_tempfile: pass pointer to full pathname to strlcat()	Todd C. Miller
	Fixes a potential buffer overrun. Also check strlcpy() and strlcat() return value to detect truncations. Based on a diff from naddy@. OK naddy@ tb@ deraadt@
2024-10-14	mention SshdAuthPath option; ok djm@	Christian Weisgerber

2024-10-14	Set ACS flag for REP. Reported by Romain Francoise, GitHub issue 4182.	Nicholas Marriott

2024-10-14	Split per-connection sshd-session binary	Damien Miller
	This splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. This will be executed by sshd-session to complete the user authentication phase of the protocol only. Splitting this code into a separate binary ensures that the crucial pre-authentication attack surface has an entirely disjoint address space from the code used for the rest of the connection. It also yields a small runtime memory saving as the authentication code will be unloaded after thhe authentication phase completes. Joint work with markus@ feedback deraadt@ Tested in snaps since last week
2024-10-13	don't start the ObscureKeystrokeTiming mitigations if there has been	Damien Miller
	traffic on a X11 forwarding channel recently. Should fix X11 forwarding performance problems when this setting is enabled. Patch from Antonio Larrosa via bz3655
2024-10-13	include stdio.h for sscanf() snprintf()	Jonathan Gray

2024-10-12	remove duplicate misc.h include	Jonathan Gray
	ok dtucker@
2024-10-12	Call realpath on the source file to match -f on the command line, GitHub	Nicholas Marriott
	issue 4180.
2024-10-12	Do not rename a buffer to itself, GitHub issue 4181.	Nicholas Marriott

2024-10-10	Add a sixel_support format variable which is 1 if SIXEL is supported	Nicholas Marriott
	(always 0 on OpenBSD), requested by Misaki Masa in GitHub issue 4177
2024-10-08	Draw pane status line on the correct line when at the bottom, fixes	Nicholas Marriott
	issues if the window size is smaller than the entire terminal. GitHub issue 3943.
2024-10-08	Put the prompt cursor attributes into the status line screen and use	Nicholas Marriott
	that rather than updating the current screen (since there might not be one).
2024-10-07	Add prompt-cursor-colour and prompt-cursor-style to set the style of the	Nicholas Marriott
	cursor in the command prompt and remove the emulated cursor, from Alexander Arch in GitHub issue 4170.