src - OpenBSD base system

Age	Commit message (Collapse)	Author
2015-01-14	downgrade ".so with absolute path" from FATAL to ERROR;	Ingo Schwarze
	allows to get rid of ROFF_ERR
2015-01-14	simplify by getting rid of ROFF_ERR in tbl(7) parsing; no functional change	Ingo Schwarze

2015-01-14	To get rid of SYSERR entries in enum mandocerr, downgrade problems with	Ingo Schwarze
	missing and unreadable files from SYSERR to ERROR. Needed for upcoming work. As a bonus, this minimally simplifies code and documentation.
2015-01-14	if earlier files set a non-zero exit status,	Ingo Schwarze
	do not allow later files to reset it to zero
2015-01-14	whitespace	Damien Miller

2015-01-14	move authfd.c and its tentacles to the new buffer/key API;	Damien Miller
	ok markus@
2015-01-14	fix small regression: ssh-agent would return a success message	Damien Miller
	but an empty signature if asked to sign using an unknown key; ok markus@
2015-01-14	Simplify handling of system errors: just exit(3).	Ingo Schwarze
	We already do the same for malloc(3) failure. The is no virtue in trying to survive failure of fork(2) and the like.
2015-01-14	avoid BIGNUM in KRL code by using a simple bitmap;	Damien Miller
	feedback and ok markus
2015-01-14	update sftp client and server to new buffer API.	Damien Miller
	pretty much just mechanical changes; with & ok markus
2015-01-14	switch to sshbuf/sshkey; with & ok djm@	Markus Friedl

2015-01-14	avoid an warning for the !OPENSSL case	Damien Miller

2015-01-14	swith auth-options to new sshbuf/sshkey; ok djm@	Markus Friedl

2015-01-14	make non-OpenSSL aes-ctr work on sshd w/ privsep; ok markus@	Damien Miller

2015-01-14	remove unneeded includes, sync my copyright across files & whitespace; ok djm@	Markus Friedl

2015-01-13	Be developer-friendly, 'cause OpenBSD devs like to:	Ingo Schwarze
	cd /usr/src/share/man/man4; vi newdev.4 Makefile; make install; man newdev When a manual is missing from an outdated database, let man(1) show it anyway, using a KISS file system lookup as a fallback. Requested by deraadt@. 87 new lines of code doesn't seem too much bloat to me. Of course, keeping your mandoc.db(5) files up to date with makewhatis(8) or weekly(8) is still required for apropos(1) to find your new pages.
2015-01-13	adapt mac.c to ssherr.h return codes (de-fatal) and simplify dependencies	Markus Friedl
	ok djm@
2015-01-13	sync changes from libopenssh; prepared by markus@	Damien Miller
	mostly debug output tweaks, a couple of error return value changes and some other minor stuff
2015-01-13	sync changes from libopenssh; prepared by markus@	Damien Miller
	mostly debug output tweaks, a couple of error return value changes and some other minor stuff
2015-01-13	zap really odd code that's not actually in-use.	Marc Espie
	okay millert@
2015-01-13	Remove a variable that's not really being used.	Brian Callahan
	ok deraadt@ jasper@
2015-01-13	Document the openssl s_client -proxy feature.	Alexander Bluhm
	OK jmc@
2015-01-13	do not spawn a pager when there is no output; issue pointed out by deraadt@	Ingo Schwarze

2015-01-13	Add the possibility to use the openssl s_client tool with an http	Alexander Bluhm
	proxy. Implement the -proxy feature in the same hackish way as -starttls. OK jsing@
2015-01-13	add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypes	Damien Miller
	options to allow sshd to control what public key types will be accepted. Currently defaults to all. Feedback & ok markus@
2015-01-13	An article on medium.com highlighted that grep	Daniel Dickman
	was available in v4. To quote Ken Thompson, grep appeared "sometime before the 4th edition." ok schwarze@
2015-01-13	Implement more thorough error checks:	Lawrence Teo
	- Check the return value of every relevant function call. - If BIO_new() returns NULL instead of a valid BIO, do not attempt to blindly use the NULL value as a BIO throughout the rest of the code. - Ensure that bio_out is freed by BIO_free_all() at the end of all error paths. ok doug@
2015-01-12	the BUG described at the bottom is not a bug. It is how it is supposed to	Theo de Raadt
	work. Move it up into the main body. ok tedu millert
2015-01-12	unbreak parsing of pubkey comments; with gerhard; ok djm/deraadt	Markus Friedl

2015-01-12	missing error assigment on sshbuf_put_string()	Markus Friedl

2015-01-12	Fetching port distfiles with the ftp command from githup did not	Alexander Bluhm
	work when using a https proxy because of a missing host header. Remember the host form the url and write it into the http request. Fix the format string when using Proxy-Authorization together with Cookie. Also write the http request to the debugging output to see what is going on. input jca@; OK sthen@ mpi@
2015-01-12	apparently memcpy(x, NULL, 0) is undefined behaviour according to	Damien Miller
	C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls when length==0; ok markus@
2015-01-12	free->sshkey_free; ok djm@	Markus Friedl

2015-01-12	allow WITH_OPENSSL w/o WITH_SSH1; ok djm@	Markus Friedl

2015-01-11	correctly use HOST_NAME_MAX.	Theo de Raadt
	Some notes: POSIX HOST_NAME_MAX doesn't include the NUL. POSIX LOGIN_NAME_MAX and TTY_NAME_MAX do include the NUL. BSD MAXHOSTNAMELEN includes the NUL. Actually, most of the historical BSD MAX* defines did include the NUL, except for the historical mistake of utmp fields without NULs in the string, which directly led to strncpy.. just showing how error prone this kind of accounting is. CSRG did right. Somehow POSIX missed the memo on the concepts of carefulness and consistancy, and we are still paying the price when people trip over this. Of course, glibc is even more amazing (that is a hint to blackhats) ok guenther
2015-01-10	1. They're flags, not counters. Set to one instead of incrementing.	Ted Unangst
	2. The G flag is useless and never checked. Remove it. ok millert
2015-01-10	Correct reversed test of setmountent() return	Philip Guenther
	Fix from Dennis Lindroos (denafcm (at) gmail.com)
2015-01-09	absurd optimization. reduce initial space by one to avoid leaving one byte	Ted Unangst
	hanging off on a page by itself.
2015-01-08	fix ssh_config FingerprintHash evaluation order; from Petr Lautrbach	Damien Miller

2015-01-08	Convert spkac.c to the new option handling code.	Doug Hogan
	input + ok jsing@
2015-01-08	Convert pkcs8.c to the new option handling code.	Doug Hogan
	Minor KNF in a few places too. input + ok jsing@
2015-01-08	Convert asn1pars.c to the new option handling.	Doug Hogan
	Also, removed a few useless if null checks. input from bcook@ input + ok jsing@
2015-01-08	reorder hostbased key attempts to better match the default	Damien Miller
	hostkey algorithms order in myproposal.h; ok markus@
2015-01-08	deprecate key_load_private_pem() and sshkey_load_private_pem()	Damien Miller
	interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
2015-01-07	bcallah noticed the ifndef guard for headers was wrong. don't fix, just	Ted Unangst
	remove it, and put these includes up with their friends.
2015-01-07	workaround for the Meyer, et al, Bleichenbacher Side Channel Attack.	Ted Unangst
	fake up a bignum key before RSA decryption. discussed/ok djm markus
2015-01-07	It is the copy command that is abbreviated as 'c', not chdir.	Todd C. Miller
	Also document that cd is an alias for chdir. From Kaspars Bankovskis.
2015-01-07	Document the '=' command; from trondd at gmail	Todd C. Miller

2015-01-07	Bugfix: When the invocation of a user-defined macro follows a roff	Ingo Schwarze
	conditional request on the same input line, don't skip the first few bytes of its content.
2015-01-07	Bump example pubkey filenames for 5.7	Florian Obser
	OK benno@