src - OpenBSD base system

Age	Commit message (Collapse)	Author
2021-12-18	tighten the decription of -F; from richard ulmer	Jason McIntyre
	ok ratchov
2021-12-15	grep: Add missing unistd.h and limits.h includes	Theo Buehler
	Both binary.c and file.c currently pull in unistd.h via zlib's zconf.h. binary.c uses SEEK_SET and file.c a bunch of things like close(), isatty(), lseek(). In addition file.c needs limits.h for PATH_MAX. ok deraadt
2021-12-15	restrict filesystem access with unveil(2).	Ricardo Mestre
	this one opens the default table file "/usr/share/misc/usb_hid_usages" through hid_start(3) from libusbhid, then `dev' (will be the fd used on the ioctls) and finally `conf' which is the file with the actions to be monitored. `conf' needs to be unveil(2)ed with read perms since usbhidaction(1) can run as daemon and this file will be re-read if a SIGHUP is catched. looks good deraadt@
2021-12-15	restrict all filesystem access with unveil(2).	Ricardo Mestre
	hid_start(3) opens `table' through libusbhid, then usbhidctl(1) itself opens `dev', after that it's just performing ioctls on the fd left opened by the latter so all fs access can be disabled.
2021-12-13	tee(1): increase I/O buffer size from 8KB to 64KB	Scott Soule Cheloha
	64KB strikes a good balance between space and time on today's machines. Buffers smaller than 64KB waste more time in userspace traveling to and from the kernel. Buffers larger than 64KB do I/O a bit faster, but the performance improvements rapidly diminish at a steep memory cost. Discussed with millert@ and deraadt@. Positive feedback from Geoff Steckel. Thread: https://marc.info/?l=openbsd-tech&m=163737586414354&w=2 ok millert@ deraadt@
2021-12-13	including sys/cdefs.h manually started as a result of netbsd trying to	Theo de Raadt
	macro-build a replacement for sccsid, and was done without any concern for namespace damage. Unfortunately this practice started infecting other code as others were unaware they didn't need the file. ok millert guenther
2021-12-13	acct(4) ac_tty shouldn't need NODEV from sys/param.h (which is kernel API),	Theo de Raadt
	-1 is sufficient to indicate the process had no controlling tty, removing one more sys/param.h include in our userland ok millert
2021-12-13	Make pane-border-format a pane option, GitHub issue 2999.	Nicholas Marriott

2021-12-12	Convert req.c to compile with opaque EVP_MD_CTX.	Theo Buehler
	ok inoguchi
2021-12-12	Convert passwd.c to opaque EVP_MD_CTX and add a bit of error checking.	Theo Buehler
	tweak/ok inoguchi
2021-12-12	Make speed.c compile with opaque EVP_CIPHER, EVP_MD and HMAC_CTX.	Theo Buehler
	ok inoguchi
2021-12-12	A few more simplifications using get0_pubkey instead of get_pubkey + free.	Theo Buehler

2021-12-12	Simplify x509.c slightly by using X509_get0_pubkey() instead of	Theo Buehler
	X509_get_pubkey() ok inoguchi
2021-12-12	Make x509.c compile with opaque EVP_PKEY.	Theo Buehler
	ok inoguchi
2021-12-12	Use correct spelling of NULL	Theo Buehler
	ok inoguchi
2021-12-12	Make ts.c compile with opaque EVP_MD_CTX.	Theo Buehler
	ok inoguchi
2021-12-10	fix a copy-and-paste error;	Ingo Schwarze
	from Richard Ulmer <... rulmer at mailbox dot org>
2021-12-10	Missed unlinked control notifications, GitHub issue 2996.	Nicholas Marriott

2021-12-10	Mention XParseColor(3) for the cursor colour escape sequence.	Nicholas Marriott

2021-12-10	Add a NOBLOCK flag rather than adding amount to wait for when	Nicholas Marriott
	dealing with potentially-long sequences. GitHub issue 3001.
2021-12-09	imrove the description of lesskey; based on a diff from richard ulmer	Jason McIntyre
	ok deraadt schwarze
2021-12-07	better error message for FIDO keys when we can't match them to a token	Damien Miller

2021-12-07	Simple conversion to opaque EVP_CIPHER.	Theo Buehler

2021-12-07	switch from tradcpp(1) to cpp(1); ok jsg@	Robert Nagy

2021-12-07	Improve the COMMAND SECTION section in multiple respects regarding	Ingo Schwarze
	correctness, clarity, readability, and markup conventions. Triggered by Richard Ulmer <... rulmer at mailbox dot org> wondering whether the list of actions is complete and pointing out that the "shell" action no longer exists (it was removed quite some time ago for security reasons). OK jmc@
2021-12-07	Respond to OSC 4 query.	Nicholas Marriott

2021-12-07	Use four digits not two for RGB responses to match other terminals.	Nicholas Marriott

2021-12-07	sys/signal.h (or some master include) must happen before sys/proc.h, which	Theo de Raadt
	is not standalone. This problem is being hidden by a sys/param.h which cannot be deleted yet.
2021-12-07	Use PATH_MAX (the standard name) rather than MAXPATHLEN (from BSD sys/param.h)	Theo de Raadt

2021-12-06	Clean up a bunch of dead code in s_server.c and s_socket.c	Theo Buehler
	jsg's analysis tool flagged a potential double free in do_server(). While this looks like a false positive, we can clean this code up a little: the host name passed to the callbacks isn't used by either sv_body() and www_body(), so it can be made local to do_accept() (an extra variable would not even be needed). Simplify the callbacks' signatures accordingly. Remove some commented out linger code that would never be used again anyway. ok inoguchi jsg
2021-12-06	Fix g/G keys to be in line with copy mode.	Nicholas Marriott

2021-12-06	Do not dereference NULL window when resizing client, GitHub issue 2982.	Nicholas Marriott

2021-12-05	sys/select.h is not needed, if howmany/NBBY are needed they will arrive	Theo de Raadt
	via netinet/in.h and sys/time.h, which I must say surprises me a bit
2021-12-05	fix unintended sizeof pointer in debug path	Jonathan Gray
	ok markus@
2021-12-04	RSA/SHA-1 is not used by default anymore on the server	Christian Weisgerber

2021-12-03	Fixed-size NOFILE_MAX (from sys/param.h of course) array is crazy, so	Theo de Raadt
	rewrite to expand the array as needed. ok tb
2021-12-02	hash full host:port when asked to hash output, fixes hashes for non-	Damien Miller
	default ports. bz3367 ok dtucker@
2021-12-02	improve the testing of credentials against inserted FIDO keys a little	Damien Miller
	more: ask the token whether a particular key belongs to it in cases where the token support on-token user- verification (e.g. biometrics) rather than just assuming that it will accept it. Will reduce spurious "Confirm user presence" notifications for key handles that relate to FIDO keys that are not currently inserted in at least some cases. Motivated by bz3366; by Pedro Martelletto
2021-12-02	move check_sk_options() up so we can use it earlier	Damien Miller

2021-12-02	ssh-rsa is no longer in the default for PubkeyAcceptedAlgorithms.	Darren Tucker

2021-12-02	list uppercase options along with lower in SYNOPSIS/options list/usage;	Jason McIntyre
	suggested by/ok deraadt
2021-12-02	don't put the tty into raw mode when SessionType=none, avoids ^c being	Damien Miller
	unable to kill such a session. bz3360; ok dtucker@
2021-11-30	Improved error handling in config parser.	Tobias Stoeckmann
	- Escaped newlines confused column counter - An unclosed quote could have been logged multiple times - Signed data types could overflow, which is undefined behavior ok tedu
2021-11-30	Fix indentation of return in yy_try_NUL_trans().	Todd C. Miller
	M4_YY_NOOP_GUTS_VAR is a no-op in most cases but its indentation remains, leading to double indentation of the return statement. This fixes "misleading indentation" warnings from clang. OK tb@
2021-11-29	Bump response timer to three seconds, GitHub issue 2984.	Nicholas Marriott

2021-11-29	Fix user option lookup ordering.	Nicholas Marriott

2021-11-29	local copy of roundup() means no more sys/param.h	Theo de Raadt

2021-11-28	Stop using MAXBSIZE to eliminate sys/param.h including (which injects a	Theo de Raadt
	ton of namespace intrusion). Create local sizes, and refactor some code along the way. ok millert
2021-11-28	sshsig: return "key not found" when searching empty files rather than	Damien Miller
	"internal error"
2021-11-28	ssh-keygen -Y match-principals doesn't accept any -O options	Damien Miller
	at present, so don't say otherwise in SYNOPSIS; spotted jmc@