| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
clarify that rsa-sha2-512 is the default signature scheme when RSA
is in use. Based on GHPR505 from SebastianRzk
|
|
from Antonio Larrosa via GHPR515
|
|
|
|
telnet(1) doesn't have anything to do with login(1), maybe telnetd(8)
did, but that was taken behind the barn nearly 20 years ago.
Earlier version OK miod
Input dtucker
OK jmc, sthen, deraadt
|
|
The rpc library needs read access to the rpc database in
/etc/rpc. Other than that rpcinfo only uses AF_INET sockets.
With -b, rpcinfo(8) uses gethostbyaddr(3) to report hosts that
responded, so add "dns" pledge as well.
OK bluhm, miod
|
|
unconverted as it will be removed within six months.
Based on patches originally from Dmitry Belyavskiy, but significantly
reworked based on feedback from Bob Beck, Joel Sing and especially
Theo Buehler (apologies to anyone I've missed).
ok tb@
|
|
|
|
|
|
|
|
The first argument should be the amount, the second argument should be the
element size. Fixing this also silences some gcc compiler warnings for
portable.
Spotted with Benny Baumann (BenBE at geshi dot org).
ok djm@
|
|
Multiple sshbuf structs can be linked through a parent/child relationship.
Make sure that a single sshbuf cannot be its own parent. If this would ever
happen, it would result in reference counting issues.
This is a cheap way of testing this with very little overhead. It does not
detect A->B->A linkages though for performance reason and the fact that it
takes a programming error for this to occur anyway.
Authored with Benny Baumann (BenBE at geshi dot org).
ok djm@
|
|
It has the same meaning as the current pair of calling explicit_bzero
and free. Spotted with Benny Baumann (BenBE at geshi dot org).
ok djm@
|
|
Spotted with Benny Baumann (BenBE at geshi dot org).
ok djm@
|
|
Since the .Ql macro action uses an output prefix of "'`" and an output
suffix of "`'", md_post_raw() would decrement the code_blocks state variable
even though md_pre_raw() had earlier neglected to increment it, hence
leaving the variable in an invalid negative state. That in turn could
result in corrupt output in a variety of ways.
Fix this by checking in md_pre_raw() whether the prefix *contains* a
backtick rather than only checking whether it *starts* with a backtick.
For consistency, apply the same change to md_post_raw() even though
there was no bug in that function: all *suffixes* containing a backtick
actually contain it in the leading position.
Thanks to job@ for reporting this bug. He noticed a particularly nasty
kind of output corruption: having .Ql in an input file would result
in ASCII_NBRSP (0x31) sneaking through into the output stream if later,
unrelated parts of the same input file directly or indirectly used
the \~ escape sequence, for example by using the .Ex macro.
|
|
This option allows to verify certs in a CMS object against additional
CRLs.
Ported from work by Tom Harrison from APNIC
OK tb@
|
|
localhost is just a weird spelling of 127.0.0.1.
OK bluhm
|
|
Input & OK bluhm
|
|
the POSIX standard explicitly requires in section 6.2 that "the POSIX
locale shall contain 256 single-byte characters", see:
https://pubs.opengroup.org/onlinepubs/9799919799/basedefs/V1_chap06.html#tag_06_02
So the current behaviour of treating non-ASCII bytes in an LC_CTYPE=POSIX
input stream as if they were characters is not a POSIX violation, but
actually required by the standard - and not just for awk(1), but for
utility programs in general and even for library functions in general.
Consequently, delete the wrong sentence i added to the STANDARDS section
last year.
Thanks to millert@ and jmc@ for making me realize my mistake.
OK millert@ jmc@
|
|
|
|
|
|
Sure deraadt@
|
|
The only thing it does is error because of a check added in sockargs() in
uipc_syscalls r1.155. As guenther pointed out, this may have been added
because of a misreading of the last sentence of the first paragraph of the
connect(2) manual.
Instead of erroring, this will keep listening if -k is given and otherwise
it will close the socket and exit with success.
ok guenther jeremy
|
|
3720.
|
|
that it is emulating them by setting a bright (or bold) flag; however,
when the colour is changed from a bright colour (say SGR 96) to a
non-bright (say SGR 36), the flag is not reset, so the new colour
remains as bright. SGR 39 (default colour) also does not reset, so you
end up with the bright default colour. Work around this by sending SGR 0
when switching away from a bright colour, and disable AX for TERM=linux.
Also make the check for AX simpler and do not check for the op
capability is not actually used. GitHub issue 3976.
|
|
|
|
selection: if selecting the element below the deleted one fails (because
as the last one), select the one above it instead. From Daniel Mueller,
GitHub issue 4043.
|
|
will return NULL if there are no automatic buffers.
|
|
Sequence numbers are in the range [0, SKEY_MAX_SEQ] inclusive.
This means the maximum value for the -n option (count) should be
SKEY_MAX_SEQ + 1. From Denis Bodor.
|
|
* Fixed readcsvrec resize segfault when reading csv records longer than 8k.
* Rewrite if-else chain in quoted as a switch.
|
|
ok tb@
|
|
Fixes possible sndiod(8) crashes caused by a global table overread
triggered by the client.
Found and analysed by Henry Ford <henryfordkjv at gmail.com>, thanks!
ok blumh, help from millert, mlarkin
|
|
|
|
ok deraadt@ djm@
|
|
groff) stumbling over literal words that match macro names;
|
|
|
|
there). move the information of "time_arg" matching touch -t to the "time_arg"
description, instead of "timespec".
ok millert
|
|
|
|
- "now" is a permissable timespec
- split the at and batch notes in STANDARDS
- note batch behaviour differences
- note default queue name differences
ok millert
|
|
Broken/sorted in previous -u addition, fix/move it to the end.
By tb
|
|
OK aisha millert
Feedback jmc
|
|
ok deraadt@ claudio@
|
|
|
|
A single forgotton login that times out should be below the penalty
threshold.
ok deraadt/claudio
|
|
If a mux started with ControlPersist then later has a forwarding added using
mux proxy connection and the forwarding was used, then when the mux proxy
session terminates, the mux master process will send a channel close to the
server with a bad channel ID and crash the connection.
This was caused by my stupidly reusing c->remote_id for mux channel
associations when I should have just added another member to struct channel.
ok markus@
|
|
|
|
If there are no descriptors to poll for an event source, we call
the i/o handlers immediately (before poll(2) is called). As this
may generate output for other descriptors, their the poll(2) event
masks need to be updated.
|
|
FreeBSD, NetBSD, and GNU all use a variation of "STDIN" as the
default input filename when compiling to header files (-h) to prevent
a NULL-pointer deference. Adopt a similar approach.
ok millert@
|
|
4051.
|
