| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
|
|
|
|
that flags may be detected propertly rather than just looking for
strings ("-O" and so on). Also add -C and -P flags to the copy commands:
-C prevents the commands from sending the text to the clipboard and -P
prevents them from adding the text as a paste buffer.
Note some of the default key bindings change to add "--" and any similar
custom key bindings using "send-keys -X" may need a similar change.
GitHub issue 4153.
|
|
Stanislav Kljuhhin in GitHub issue 4146.
|
|
size that the ctftools ctfconvert uses and I think we should do as well.
Fixes regress/usr.bin/ctfdump on i386.
OK miod@
|
|
|
|
more easily (for Cgywin).
|
|
from Stanislav Kljuhhin.
|
|
|
|
GitHub issue 4117.
|
|
what was originally received. Fixes problems with pasted text being
interpreted as extended keys reported by Mark Kelly.
|
|
ypixel (they are zero), if this is the case then try the query escape
sequences. From Dmitry Galchinsky in GitHub issue 4099.
|
|
if-shell and #() - these have been documented as using /bin/sh for a
long time and scripts rely on it. Pointed out by Gregory Pakosz.
|
|
|
|
It is in principle possible that blkhash_free() (which obviously frees
a struct blktab, sigh) is called with NULL. This would lead to a crash.
ok claudio
|
|
bset->blksz can be 0 here and how reallocarray() behaves is implementation
defined.
|
|
The well-named ERR() macro doesn't error out. Therefore an incorrect use
of reallocarray() is actually a leak that is easily overlooked. Do it the
right way by assigning to a temporary variable and preserve behavior by
freeing and NULL-ing.
ok claudio
|
|
Matches; spotted by phessler@ ok deraadt@
|
|
|
|
the original diff had a couple of errors, which i've fixed
|
|
to a more shell-like one. Apparently the old tokeniser (accidentally?)
allowed "Match criteria=argument" as well as the "Match criteria argument"
syntax that we tested for.
People were using this syntax so this adds back support for
"Match criteria=argument"
bz3739 ok dtucker
|
|
|
|
|
|
|
|
|
|
Found by Martin Cracauer
"look right" tb@
|
|
from Julian Prein, GitHub issue 4121.
|
|
applications can still enter mode 2 if they want, they just cannot turn
extended keys off entirely. From Stanislav Kljuhhin.
|
|
|
|
using -fwrapv to provide defined over/underflow behaviour, but we use
-ftrapv to catch integer errors and abort the program. ok dtucker@
|
|
|
|
|
|
|
|
in SUPERCOP 20201130 to the "compact" implementation in SUPERCOP
20240808. The new version is substantially faster.
Thanks to Daniel J Bernstein for pointing out the new implementation
(and of course for writing it).
tested in snaps/ok deraadt@
|
|
|
|
This allows writing Match conditions that trigger for invalid username.
E.g.
PerSourcePenalties refuseconnection:90s
Match invalid-user
RefuseConnection yes
Will effectively penalise bots try to guess passwords for bogus accounts,
at the cost of implicitly revealing which accounts are invalid.
feedback markus@
|
|
PerSourcePenalties
This allows penalising connection sources that have had connections
dropped by the RefuseConnection option. ok markus@
|
|
If set, this will terminate the connection at the first authentication
request (this is the earliest we can evaluate sshd_config Match blocks)
ok markus@
|
|
ok markus@
|
|
tokeniser, making it possible to use shell-like quoting in Match
directives, particularly "Match exec". ok markus@
|
|
the user know what's going on when ssh-keygen is invoked via other
tools. Requested in GHPR503
|
|
fails. Prevents restrictive key options being incorrectly applied
to subsequent keys in authorized_keys. bz3733, ok markus@
|
|
half-way between misleadingly eurocentric and urban legend.
It was so obviously suspect that it had already been marked "(?!)"
since at least 4.3BSD-Tahoe (June 1988).
Brought up by <Rob dot Schmersel at bahnhof dot se>,
additional research by <me at FletcherPorter dot com>,
see https://marc.info/?l=openbsd-bugs&m=172634202204747 for details.
|
|
kdump.c r1.138 in 2019 dropped the letters list in favour of [-t trstr].
|
|
which incorrectly required that sshd was started with an absolute path
in inetd mode. bz3717, patch from Colin Wilson
|
|
them on unless the application requests them. Ignore them so they do not
cause the prefix to be canceled, GitHub issue 4111.
|
|
Also, switch to S_IS*() tests and update the manpage
to reflect that POSIX-2024 has no substantive changes
for wc(1)
ok op@ millert@
|
|
|
