src - OpenBSD base system

Age	Commit message (Collapse)	Author
2016-05-25	To prevent screwing up terminal settings when printing to the	Ingo Schwarze
	terminal, for ASCII and UTF-8, escape bytes not forming characters and bytes forming non-printable characters with vis(3) VIS_OCTAL. For other character sets, abort printing of the current string in these cases. In particular, * let scp(1) respect the local user's LC_CTYPE locale(1); * sanitize data received from the remote host; * sanitize filenames, usernames, and similar data even locally; * take character display widths into account for the progressmeter. This is believed to be sufficient to keep the local terminal safe on OpenBSD, but bad things can still happen on other systems with state-dependent locales because many places in the code print unencoded ASCII characters into the output stream. Using feedback from djm@ and martijn@, various aspects discussed with many others. deraadt@ says it should go in now, i probably already hesitated too long
2016-05-25	Avoid a use-after-free.	Kenneth R Westerback
	Diff from Vladimir Sotirov via tech@. Thanks! ok millert@
2016-05-25	Don't warn when read or write block at cycle boundary, this may	Alexandre Ratchov
	happen when remote devices are used and is not an error.
2016-05-25	Assert we're not freeing buffers we didn't allocate	Alexandre Ratchov

2016-05-25	Log files skipped during poll() as well, and flush the log buffer	Alexandre Ratchov
	right before we call poll().
2016-05-25	Set initial mixer slot name to "prog" to make all slots visible in	Alexandre Ratchov
	audioctl and alike.
2016-05-24	KNF compression proposal and simplify the client side a little. ok djm@	Darren Tucker

2016-05-24	Back out 'plug memleak'.	Darren Tucker

2016-05-23	prefer agent-hosted keys to keys from PKCS#11; ok markus	Damien Miller

2016-05-23	Use a fixed buffer for strftime() because there is no portable way to	Nicholas Marriott
	tell if the buffer is too small, and an expanding buffer is overkill anyway.
2016-05-23	Remove unused variable, from Ben Boeckel.	Nicholas Marriott

2016-05-23	Trim trailing whitespace from man.conf lines. OK schwarze@.	Todd C. Miller

2016-05-23	UTF-8 support.	Ingo Schwarze
	Using feedback about bugs in earlier versions from Matthew Martin <phy1729 at gmail dot com> and from tsg@ who tested it with afl(1). OK czarkoff@ tsg@
2016-05-23	Plug mem leak in filter_proposal. ok djm@	Darren Tucker

2016-05-22	On hppa, function pointer comparison can require dereferencing them.	Philip Guenther
	kdump can't do that for a sigaction sa_handler pointer from the trace, so cast to void* to suppress it. ok deraadt@
2016-05-19	fix type of ed25519 values	Damien Miller

2016-05-18	Also print a warning if the user doesn't fill the mail Subject	Jeremie Courreges-Anglas
	Alternative diff by Tim (trondd ! kagu-tsuchi . com), ok tedu@
2016-05-18	Print a user-friendly message if some fields are missing; ok tedu@	Jeremie Courreges-Anglas

2016-05-17	Refactor the handling of pledge and the optional user string: The three	Theo Buehler
	way pledge introduced by millert@ in -r1.70 is now a two way pledge, one for non-root and one for root. This also ensures that root drops the id promise in all cases early on. This disentangling of the bits for root and non-root simplifies the code paths in all cases. ok millert@
2016-05-17	Move the code block that builds up a default seed further down in order	Theo Buehler
	to reduce the noise in the next commit. While there, fix the indent level of a bit introduced in the previous commit. ok millert@
2016-05-17	Fix "skeyinit username" run as root. Also reduce the pledge	Todd C. Miller
	promise when run as root since we don't need proc or exec as root. OK tb@, earlier version OK deraadt@
2016-05-13	spelling and usage() fixes;	Jason McIntyre

2016-05-13	have sinclude/include be more compatible with sysv, handle list of files	Marc Espie
	small improvement and okay millert@
2016-05-13	-F is nonstandard as well. from Caspar Schutijser	Ted Unangst

2016-05-12	Add -F option to install(1) that calls fsync(2) on the installed	Todd C. Miller
	file right before closing it. OK tedu@ phessler@
2016-05-12	- Rework load_cfg() error handling a little.	Tim van der Molen
	- Add -q to source-file to suppress errors about nonexistent files. Input and OK nicm@
2016-05-12	set-hook needs CANFAIL like the other set commands.	Nicholas Marriott

2016-05-11	remove hppa64 port, which we never got going beyond broken single users.	Theo de Raadt
	hppa reverse-stack gives us a valuable test case, but most developers don't have a 2nd one to proceed further with this. ok kettenis
2016-05-11	Add on alerts rather than ignoring them if the event has already been	Nicholas Marriott
	queued, for example bell and activity together. From Marcel Lippmann via Romain Francoise.
2016-05-11	signify should refer to the future key	Theo de Raadt

2016-05-11	Allow top(1) to filter process args if they are being displayed.	Edd Barrett
	OK tedu@, deraadt@, and with input from Michal Mazurek. Thanks
2016-05-09	Implement Mdocdate keyword substitution.	Ingo Schwarze
	In particular, this stops rcsdiff(1) and CVSweb from showing wrong Mdocdate lines in diffs. Problem originally reported by tj@. OK tobias@ otto@ millert@
2016-05-08	Switch to getpwnam_shadow() now that getpwnam() no longer opens the shadow	Tim van der Molen
	database; OK deraadt@ sthen@
2016-05-08	The header <vis.h> is no longer needed; ok martijn@.	Ingo Schwarze

2016-05-08	Enable UTF-8 detection in wall(1). This deliberately ignores UTF-8 characters	Martijn van Duren
	and replaces them with a single question mark. Similar to write(1). code OK and tweaks schwarze@ man page adjustment by schwarze@ and OK jmc@
2016-05-08	Delete encoding code for the unused TODIGIT information.	Ingo Schwarze
	I'm not aware of plans to add any TODIGIT support, and when shown on tech@, people were more or less indifferent and showed confusion about what this code even did. But the encoding code was buggy, in particular lacking validity checks, and hence clobbered other important data, in particular character type and character width data, with consequences that are hard to judge.
2016-05-07	systrace is dead. long live systrace.	Theo de Raadt

2016-05-07	Free memory if realloc fails. The application is most likely to terminate after	Martijn van Duren
	a failure, but if it does not we better clean up after ourselfs. OK deraadt@ and stefan@
2016-05-06	Remove #ifdef INET6 bits, missed in a commit earlier this week	Jeremie Courreges-Anglas
	This probably broke passive FTP on IPv6 and [ip::v6]:port syntax in RAMDISK ftp(1), sorry about that. The diff was initially ok millert@
2016-05-05	Remove __sigblockset. This is a leftover after the removal of the signal	Martijn van Duren
	blocking code in common/gs.h rev 1.14. Remove a redundant return while here. OK millert@
2016-05-05	Fix one of the reads past the end of the buffer. Found	Alexandre Ratchov
	by Geoff Hill, fix proposed by jsg@ and zhuk@.
2016-05-04	Fix up a couple of long lines.	Nicholas Marriott

2016-05-04	Kill #ifdef INET6 occurrences in userland.	Jeremie Courreges-Anglas
	Prompted by and ok millert@ (tcpdump and libpcap left untouched, the #ifdef force is too strong with those)
2016-05-04	add IdentityAgent; noticed & ok jmc@	Markus Friedl

2016-05-04	allow setting IdentityAgent to SSH_AUTH_SOCK; ok djm@	Markus Friedl

2016-05-04	move SSH_MSG_NONE, so we don't have to include ssh1.h; ok deraadt@	Markus Friedl

2016-05-04	missing const in prototypes (ssh1)	Markus Friedl

2016-05-04	Fix inverted logic for updating StreamLocalBindMask which would cause the	Darren Tucker
	server to set an invalid mask. ok djm@
2016-05-04	IdentityAgent for specifying specific agent sockets; ok djm@	Markus Friedl

2016-05-04	fix junk characters after quotes	Damien Miller