src - OpenBSD base system

Age	Commit message (Collapse)	Author
2021-01-28	Make slot_{attach,detach}() the opposite of each other	Alexandre Ratchov
	No bahavior change. Now, slot_attach() moves slot's clock forward and puts the slot on device list; slot_detach() does the opposite: remove from device list and move clock backwards. This will allow to detach a client and attach it later in exactly the same state.
2021-01-28	Drop unused dev_nctl() function and few unused prototypes	Alexandre Ratchov

2021-01-27	fix leak: was double allocating kex->session_id buffer	Damien Miller

2021-01-27	update comment, SMALL was split into SMALL and NOSSL	Stuart Henderson

2021-01-27	Promote nrules/maxrules to size_t and make sure they can't overflow.	Todd C. Miller
	reallocarray(3) will fail if nmemb * size would overflow. OK tb@ martijn@
2021-01-27	Flush pending output before entering or exiting alternate screen rather	Nicholas Marriott
	than leaking it, oss-fuzz issue 29959.
2021-01-27	this needs kex.h now	Damien Miller

2021-01-27	make ssh->kex->session_id a sshbuf instead of u_char*/size_t and	Damien Miller
	use that instead of global variables containing copies of it. feedback/ok markus@
2021-01-27	remove global variable used to stash compat flags and use the	Damien Miller
	purpose-built ssh->compat variable instead; feedback/ok markus@
2021-01-27	fix -fno-common issues; ok mortimer	Theo de Raadt

2021-01-27	Logical not bitwise or. ok djm@	Darren Tucker

2021-01-26	satisfy -fno-common, by (1) copying all the variable decls from	Theo de Raadt
	indent_globs.h to indent.c, and (2) changing all the same decls in indent_globs.h to be extern ok mortimer
2021-01-26	sockb variable is unused (and even worse, was common unused)	Theo de Raadt

2021-01-26	satisfy -fno-common by repairing one enum decl	Theo de Raadt
	ok mortimer
2021-01-26	move HostbasedAcceptedAlgorithms to the right place in alphabetical order	Christian Weisgerber

2021-01-26	Remove unused variables leftover from refactoring. ok djm@	Darren Tucker

2021-01-26	Always resize the original screen before copying when exiting the	Nicholas Marriott
	alternate screen, GitHub issue 2536.
2021-01-26	Rename HostbasedKeyTypes (ssh) and HostbasedAcceptedKeyTypes (sshd) to	Darren Tucker
	HostbasedAcceptedAlgorithms, which more accurately reflects its effect. This matches a previous change to PubkeyAcceptedAlgorithms. The previous names are retained as aliases. ok djm@
2021-01-26	refactor key constraint parsing in ssh-agent	Damien Miller
	Key constraints parsing code previously existed in both the "add regular key" and "add smartcard key" path. This unifies them but also introduces more consistency checking: duplicated constraints and constraints that are nonsensical for a particular situation (e.g. FIDO provider for a smartcard key) are now banned. ok markus@
2021-01-26	more ssh-agent refactoring	Damien Miller
	Allow confirm_key() to accept an additional reason suffix Factor publickey userauth parsing out into its own function and allow it to optionally return things it parsed out of the message to its caller. feedback/ok markus@
2021-01-26	make struct hostkeys public; I have no idea why I made it opaque	Damien Miller
	originally. ok markus@
2021-01-26	move check_host_cert() from sshconnect,c to sshkey.c and refactor	Damien Miller
	it to make it more generally usable and testable. ok markus@
2021-01-26	use recallocarray to allocate the agent sockets table; also clear	Damien Miller
	socket entries that are being marked as unused. spinkle in some debug2() spam to make it easier to watch an agent do its thing. ok markus
2021-01-26	factor out common code in the agent client	Damien Miller
	Add a ssh_request_reply_decode() function that sends a message to the agent, reads and parses a success/failure reply. Use it for all requests that only expect success/failure ok markus@
2021-01-25	fix filtering on kstat unit numbers	David Gwynne

2021-01-25	make ssh hostbased authentication send the signature algorithm in	Damien Miller
	its SSH2_MSG_USERAUTH_REQUEST packets instead of the key type. This make HostbasedAcceptedAlgorithms do what it is supposed to - filter on signature algorithm and not key type. spotted with dtucker@ ok markus@
2021-01-24	Add missing __KAME__ markers.	Florian Obser
	OK claudio
2021-01-23	recognize those ubiquitous webp file	Marc Espie
	cherry-picked from FreeBSD okay millert@, deraadt@, sthen@
2021-01-22	Revert clear changes to writing as they don't work properly, better	Nicholas Marriott
	change to come.
2021-01-22	Add rectangle-on and rectangle-off copy mode commands, GitHub isse 2546	Nicholas Marriott
	from author at will dot party.
2021-01-22	Fix some cursor movement commands, from Anindya Mukherjee.	Nicholas Marriott

2021-01-22	PubkeyAcceptedKeyTypes->PubkeyAcceptedAlgorithms here too.	Darren Tucker

2021-01-22	Rename PubkeyAcceptedKeyTypes keyword to PubkeyAcceptedAlgorithms.	Darren Tucker
	While the two were originally equivalent, this actually specifies the signature algorithms that are accepted. Some key types (eg RSA) can be used by multiple algorithms (eg ssh-rsa, rsa-sha2-512) so the old name is becoming increasingly misleading. The old name is retained as an alias. Prompted by bz#3253, help & ok djm@, man page help jmc@
2021-01-21	revert previous after complaints from sthen and deraadt;	Jason McIntyre

2021-01-21	remove an unneccessary escape; from martin vahlensieck	Jason McIntyre
	ok gilles while, there, zap an unneccessary Tn;
2021-01-21	Revert r1.87 "Pledge before authentication when possible"	kn
	Someone reported to me that ''This breaks ansible managed machines where "persist" isn't used. There i get /bsd: doas[49341]: pledge "proc", syscall 2 Using "persist", everything is fine.''
2021-01-20	Pledge before authentication when possible	kn
	Generally, pleding before parsing the file seems hardly possible due to unveil() being involved. Pledging in case of the winning rule being a "persist" one is not possible either due to TIOC{SET,CHK}VERAUTH not being allowed in the "tty" pledge. But if "persist" is not used, we can pledge before authentication without having to hoist or chang anything. Feedback deraadt tedu OK tdeu
2021-01-20	Change so that window_flags escapes # automatically which means configs	Nicholas Marriott
	will not have to change. A new format window_raw_flags contains the old unescaped version.
2021-01-18	Hide some warnings on newer GCC versions, GitHUb issue 2525.	Nicholas Marriott

2021-01-18	There is no need to clear every line entirely before drawing to it, this	Nicholas Marriott
	means moving the cursor and messes up wrapping. Better to just clear the sections that aren't written over. GitHub issue 2537.
2021-01-18	Move usage definition out of header file to avoid issues with -fno-common.	mortimer
	ok deraadt@
2021-01-18	Move defiition of sum variable from header file to avoid issues with	mortimer
	-fno-common ok deraadt@
2021-01-18	Move definition of pmode to main.c instead of a compress.h. Avoids linker	mortimer
	issues with -fno-common. ok deraadt@
2021-01-18	Extern tracks list to avoid linker issues with -fno-common.	mortimer
	ok deraadt@
2021-01-17	Add -N flag to never start server even if command would normally do so,	Nicholas Marriott
	GitHub issue 2523.
2021-01-17	Replace SB_KNOTE and sb_flagsintr with direct checking of klist.	Visa Hankala
	OK mpi@ as part of a larger diff
2021-01-16	Unle recover the scope_id from a possible embedded scope if the scope_id	Claudio Jeker
	is not initalized. Do not reset the scope_id if it was already set. OK bluhm@ florian@
2021-01-16	s/authorization/authentication/g	Martijn van Duren
	OK kn@ tedu@
2021-01-15	Be more explicit by stating that the -n flag is linked to the nopass option	Martijn van Duren
	in doas.conf instead of a generic "would prompt for password", which could lead people into believing that persist could work with this option. OK tedu@ Feedback and OK kn@
2021-01-15	Make output buffer larger to prevent potential truncation warnings from	Darren Tucker
	compilers not smart enough to know the strftime calls won't ever fully fill "to" and "from". ok djm@