| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2021-08-29 | After years of forewarning, disable the RSA/SHA-1 signature algorithm | Damien Miller | |
| by default. It is feasible to create colliding SHA1 hashes, so we need to deprecate its use. RSA/SHA-256/512 remains available and will be transparently selected instead of RSA/SHA1 for most SSH servers released in the last five+ years. There is no need to regenerate RSA keys. The use of RSA/SHA1 can be re-enabled by adding "ssh-rsa" to the PubkeyAcceptedAlgorithms directives on the client and server. ok dtucker deraadt | |||
| 2021-08-29 | wrap at 80 columns | Damien Miller | |
| 2021-08-29 | Lee "Scratch" Perry died :( | Stuart Henderson | |
| 2021-08-29 | Do not call X509_alias_get0(3) with NULL as the second argument. | Ingo Schwarze | |
| Even if the buffer is guaranteed to be NUL-terminated in a particular case, it is still setting a bad example. Besides, it is unclear to me whether there is any such guarantee in the case at hand. Checking that would require auditing all of d2i_X509_bio(3), ASN1_item_d2i_bio(&NETSCAPE_X509_it, ...), PEM_read_bio_X509_AUX(3), and PKCS12_parse(3), since no such guarantee is documented for any of these functions, and even then it would remain fragile with respect to later changes of implementation details. In the worst case, this could potentially result in a read buffer overrun. OK tb@ on an earlier version of this patch. While we are here, deraadt@ requested to not use the word "string" in the name of a variable that is not a string in the sense of the C language. | |||
| 2021-08-29 | This needs extern.h for the rmatch prototype | Claudio Jeker | |
| 2021-08-29 | notify the user about a successful password change; ok millert@ | Robert Nagy | |
| 2021-08-29 | Implement --exclude/exclude-file and --include/include-file. | Claudio Jeker | |
| Currently only simple include and excludes work, the advanced filters introduced later in rsync are not implemented. It is unclear if the per directory filters are something we want to implement. This requires more modern protocols which openrsync is not able to handle right now. This adds a special matching function to allow the ** matching which behaves mostly like rsyncs version with the exception of how bad [] patterns are expanded. For bad patterns openrsync follows more how fnmatch behaves and not the somewhat strange rsync behaviour. Not perfect but committing now so people can test and provide feedback. | |||
| 2021-08-29 | Start naccept .desc with a capital | Theo Buehler | |
| noted by inoguchi | |||
| 2021-08-29 | Implement -naccept in the s_server. | Theo Buehler | |
| doc fixes/ok jmc ok beck | |||
| 2021-08-28 | Add RCS marker | Theo Buehler | |
| 2021-08-28 | use stderr for printing error and informational messages | Robert Nagy | |
| this makes it easier to parse what passwd(1) is doing if spawned from a GUI ok millert@ | |||
| 2021-08-28 | Check X509_get_notAfter return value in openssl(1) ca.c | Kinichiro Inoguchi | |
| 2021-08-28 | Use strndup instead of malloc, memcpy and NULL termination in openssl(1) ca.c | Kinichiro Inoguchi | |
| suggested from tb@ for do_updatedb(), and applied the same for do_body() and do_revoke(). | |||
| 2021-08-28 | Remove ASN1_TIME_new and use NULL for X509_gmtime_adj, free tmptm in err path | Kinichiro Inoguchi | |
| comments from tb@ | |||
| 2021-08-28 | Unwrap lines in openssl(1) ca.c | Kinichiro Inoguchi | |
| suggested from tb@ | |||
| 2021-08-28 | Avoid leak with X509_REVOKED variable in openssl(1) ca.c | Kinichiro Inoguchi | |
| pointed out by tb@ | |||
| 2021-08-28 | Checking the return value in openssl(1) ca.c | Kinichiro Inoguchi | |
| Some functions are used without verifying the return value in openssl(1) ca. This diff adds checking for the function return value. With this diff, I changed return value of the write_new_certificate from void to int to return the condition to the caller. ok and comments from tb@ | |||
| 2021-08-27 | Replace %% in command lists (by copying them) for template arguments , | Nicholas Marriott | |
| this means they can be used with {} as well. Also make argument processing from an existing vector preserve commands. GitHub issue 2858. | |||
| 2021-08-27 | Allow control mode clients to set a hard limit on the window width and | Nicholas Marriott | |
| height, GitHub issue 2594. | |||
| 2021-08-25 | Improve some logging. | Nicholas Marriott | |
| 2021-08-25 | Ignore client creating session when working out size if it is a control | Nicholas Marriott | |
| client. | |||
| 2021-08-25 | bind-key needs to allow commands for any argument for the moment. | Nicholas Marriott | |
| 2021-08-25 | Validate command argument types (string or command list) and give more | Nicholas Marriott | |
| useful error messages. | |||
| 2021-08-25 | setupterm needs char * not const char * on some platforms. | Nicholas Marriott | |
| 2021-08-25 | Fix up some printflike attributes. | Nicholas Marriott | |
| 2021-08-25 | Start inputs as NULL so not freeing random stack garbage, GitHub issue 2852. | Nicholas Marriott | |
| 2021-08-23 | args_make_commands_now needs to take an extra reference to the returned | Nicholas Marriott | |
| command list since it will be freed already. | |||
| 2021-08-23 | Move command argument parsing common functions and don't bother to parse | Nicholas Marriott | |
| again if given a command rather than a string. | |||
| 2021-08-23 | Key bindings steal a reference to the command instead of adding their | Nicholas Marriott | |
| own, it was correct not to add a reference when parsing, but the bind-key then needs to add one. | |||
| 2021-08-23 | Revert one of previous, for some reason it is being freed. | Nicholas Marriott | |
| 2021-08-23 | Fix a few memory leaks. | Nicholas Marriott | |
| 2021-08-23 | Limit width and height to tty correctly, GitHub issue 2843. | Nicholas Marriott | |
| 2021-08-22 | Fix handling of leading #s when working out width. | Nicholas Marriott | |
| 2021-08-22 | Do not double free expanded path in source-file, also remove some | Nicholas Marriott | |
| unnecessary assignments. | |||
| 2021-08-22 | Insert alias in the right place, GitHub issue 2842. | Nicholas Marriott | |
| 2021-08-21 | Free value properly. | Nicholas Marriott | |
| 2021-08-21 | Preserve argument type in command and convert to string on demand. | Nicholas Marriott | |
| 2021-08-21 | Pass typed arguments out of the parser into the arguments list and let | Nicholas Marriott | |
| it convert them into strings. | |||
| 2021-08-21 | Use new syntax for default key bindings. | Nicholas Marriott | |
| 2021-08-21 | Stop caring about empty commands, just treat as a null command. | Nicholas Marriott | |
| 2021-08-21 | Remove some members of struct cmd which are no longer used. | Nicholas Marriott | |
| 2021-08-21 | Preserve command group when moving temporary list to current list being | Nicholas Marriott | |
| buit. | |||
| 2021-08-21 | Rename a member to match what it will be in future. | Nicholas Marriott | |
| 2021-08-21 | Add args parsing callback for some future work, currently unused. | Nicholas Marriott | |
| 2021-08-21 | Wrap command argument definitions in their own struct. | Nicholas Marriott | |
| 2021-08-20 | A couple more spacing fixes. | Nicholas Marriott | |
| 2021-08-20 | Spacing tweaks. | Nicholas Marriott | |
| 2021-08-20 | Hide struct args behind a couple of accessor functions. | Nicholas Marriott | |
| 2021-08-20 | Add a couple of const and fix some warnings. | Nicholas Marriott | |
| 2021-08-20 | Remove some unnecessary blank lines. | Nicholas Marriott | |
 |
index : src | |
| OpenBSD base system |
| summaryrefslogtreecommitdiff |