| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
correctness, clarity, readability, and markup conventions.
Triggered by Richard Ulmer <... rulmer at mailbox dot org> wondering
whether the list of actions is complete and pointing out that
the "shell" action no longer exists (it was removed quite some time
ago for security reasons).
OK jmc@
|
|
|
|
|
|
is not standalone.
This problem is being hidden by a sys/param.h which cannot be deleted yet.
|
|
|
|
jsg's analysis tool flagged a potential double free in do_server().
While this looks like a false positive, we can clean this code up
a little: the host name passed to the callbacks isn't used by either
sv_body() and www_body(), so it can be made local to do_accept()
(an extra variable would not even be needed). Simplify the callbacks'
signatures accordingly. Remove some commented out linger code that
would never be used again anyway.
ok inoguchi jsg
|
|
|
|
|
|
via netinet/in.h and sys/time.h, which I must say surprises me a bit
|
|
ok markus@
|
|
|
|
rewrite to expand the array as needed.
ok tb
|
|
default ports. bz3367 ok dtucker@
|
|
more: ask the token whether a particular key belongs to it in cases
where the token support on-token user- verification (e.g. biometrics)
rather than just assuming that it will accept it.
Will reduce spurious "Confirm user presence" notifications for key
handles that relate to FIDO keys that are not currently inserted in at
least some cases.
Motivated by bz3366; by Pedro Martelletto
|
|
|
|
|
|
suggested by/ok deraadt
|
|
unable to kill such a session. bz3360; ok dtucker@
|
|
- Escaped newlines confused column counter
- An unclosed quote could have been logged multiple times
- Signed data types could overflow, which is undefined behavior
ok tedu
|
|
M4_YY_NOOP_GUTS_VAR is a no-op in most cases but its indentation
remains, leading to double indentation of the return statement.
This fixes "misleading indentation" warnings from clang. OK tb@
|
|
|
|
|
|
|
|
ton of namespace intrusion). Create local sizes, and refactor some code
along the way.
ok millert
|
|
"internal error"
|
|
at present, so don't say otherwise in SYNOPSIS; spotted jmc@
|
|
|
|
|
|
principals names against an allowed signers file.
Requested by and mostly written by Fabian Stelzer, towards a TOFU
model for SSH signatures in git. Some tweaks by me.
"doesn't bother me" deraadt@
|
|
ok inoguchi jsing
|
|
|
|
|
|
|
|
ok bluhm inoguchi
|
|
|
|
userland the TDBs which exceeded hard limit.
Also the `ipsec_notdb' counter description in header doesn't math to
netstat(1) description. We never count `ipsec_notdb' and the netstat(1)
description looks more appropriate so it's used to avoid confusion with
the new counter.
ok bluhm@
|
|
tee(1) handles partial writes correctly, but the more idiomatic write
loop is shorter and easier to audit than this heterodox approach.
ok millert@
|
|
This is three times the same thing while genrsa needs some extra steps
to deal with opaque BIGNUMs. We can also garbage collect some Win 3.1
contortions and use the conversion routines directly instead of doing
them manually.
ok jsing
|
|
|
|
|
|
for RSA keys). Avoids fatal errors for PKCS#11 libraries that return
empty keyid, e.g. Microchip ATECC608B "cryptoauthlib"; bz#3364
|
|
ca certs but not with simple key lifetimes within the allowed
signers file.
Since it returns the first keys principal it finds this could
result in a principal with an expired key even though a valid
one is just below.
patch from Fabian Stelzer; feedback/ok djm markus
|
|
|
|
|
|
ok deraadt millert
|
|
as half-close on the output side; ok deraadt millert
|
|
POSIX.1-2008 tweaked the uniq definition in light of AGI 1003.1-2001
#133. uniq must now *ignore* the trailing newline when comparing
lines from the input.
In practice this means that if the last line in the input is missing a
trailing newline it isn't necessarily different from the line
preceding it.
So, uniq(1) now stubs the trailing newline before doing any line
comparisons.
For sake of simplicity, this patch introduces a second change: if the
last line in the input is missing a trailing newline and we choose to
print the line, a newline is appended when we print it.
Adopting the newline change aligns our implementation with with
POSIX.1-2008 (which we already claim in the manpage). Adopting both
changes aligns our behavior with that of FreeBSD and GNU uniq. For
better or worse, OpenBSD's uniq no longer behaves like NetBSD's uniq
in this corner case.
References:
POSIX.1-2001 uniq:
https://pubs.opengroup.org/onlinepubs/009695399/utilities/uniq.html
Austin Group Interpretation 1003.1-2001 #133:
https://collaboration.opengroup.org/austin/interps/documents/14355/AI-133.txt
POSIX.1-2008 uniq:
https://pubs.opengroup.org/onlinepubs/9699919799/utilities/uniq.html
--
Discussed with millert@. With input from schwarze@. Positive feedback
from bcallah@.
Thread: https://marc.info/?l=openbsd-tech&m=163581613829524&w=2
ok millert@
|
