src - OpenBSD base system

Age	Commit message (Collapse)	Author
2016-07-30	use the style from the man page examples for getaddrinfo, which makes a	Alexander Hall
	bit more sense ok jung@ deraadt@
2016-07-28	rework realloc loop. there's no need to shrink the allocation between	Ted Unangst
	calls. if we need a big space once, we'll likely need a big space again.
2016-07-28	strncmp is a more reasonable way to check the beginning of a string.	Ted Unangst

2016-07-28	these programs probably do not need to use TMPDIR. ok florian	Ted Unangst

2016-07-28	remove HISTORY: it was a nonsense;	Jason McIntyre

2016-07-28	some text cutting, after feedback from jsing;	Jason McIntyre

2016-07-27	better bounds check on iovcnt (we only ever use fixed, positive values)	Damien Miller

2016-07-27	it should not be necessary for yacc to use TMPDIR, /tmp is good enough.	Ted Unangst
	ok beck deraadt guenther
2016-07-27	increase the size of forkstat fields to accomodate large values	Ted Unangst

2016-07-27	fix signed char extension bugs. from fade@cock.li. ok guenther.	Ted Unangst
	As a personal remark, I'll add that it's not necessary to cast a value to a function's return type. The compiler is happy to do that for you. But such casts can hide warnings and bugs.
2016-07-24	openssh-7.3	Damien Miller

2016-07-23	rework crl2pkcs7; with help from jsing	Jason McIntyre

2016-07-23	fix pledge violation with ssh -f; reported by Valentin Kozamernik	Damien Miller
	ok dtucker@
2016-07-22	improve wording; suggested by jmc@	Damien Miller

2016-07-22	Lower loglevel for "Authenticated with partial success" message similar to	Darren Tucker
	other similar level. bz#2599, patch from cgallek at gmail.com, ok markus@
2016-07-22	constify a few functions' arguments; patch from Jakub Jelen bz#2581	Damien Miller

2016-07-22	move debug("%p", key) to before key is free'd; probable undefined	Damien Miller
	behaviour on strict compilers; reported by Jakub Jelen bz#2581
2016-07-22	reverse the order in which -J/JumpHost proxies are visited to be	Damien Miller
	more intuitive and document reported by and manpage bits naddy@
2016-07-21	rework DESCRIPTION a little: no-command seems clearer than no-XXX;	Jason McIntyre

2016-07-21	rename NOTES to COMMON SYNTAX (explains itself better); rework the	Jason McIntyre
	passphrase section a little; move the DER\|PEM stuff in there to help avoid text repetition, and prefer the lowercase (less keys to press); adjust ENVIRONMENT to format a little more nicely;
2016-07-21	strip back openssl crl somewhat: remove the examples	Jason McIntyre
	and move any relevant text into the main body;
2016-07-21	zap trailing whitespace;	Jason McIntyre

2016-07-21	Add AF_UNIX support to tcpbench and also make it possible to randomize the	Claudio Jeker
	write size in the client. pledge setup can be made tighter but that will be done in a second step. OK benno@, henning@, markus@ and some man page input by jmc@
2016-07-21	Skip passwords longer than 1k in length so clients can't easily DoS sshd	Darren Tucker
	by sending very long passwords, causing it to spend CPU hashing them. feedback djm@, ok markus@. Brought to our attention by tomas.kuthan at oracle.com, shilei-c at 360.cn and coredump at autistici.org
2016-07-20	To tune the TCP SYN cache we need more information. Print the	Alexander Bluhm
	relevant counters with netstat -s -p tcp. OK henning@
2016-07-20	strip back openssl ciphers:	Jason McIntyre
	- rearrange the descriptions of -V and -v to read more logically - move the cipherlist text into the cipherlist description - zap examples
2016-07-20	tag_signal() is dead; from LLVM via Christos Zoulas	Ingo Schwarze

2016-07-20	Do not clobber the global jump_host variables when parsing an inactive	Christian Weisgerber
	configuration. ok djm@
2016-07-19	strip back openssl ca: in particular remove some excessively wordy sections,	Jason McIntyre
	move some other sections into more relevant places, and remove the example ca file;
2016-07-19	Since the mdoc/man parser unification, the parser is always allocated	Ingo Schwarze
	in mparse_alloc(), so delete all the curp->man == NULL checks. Triggered by a patch from Christos Zoulas suggesting to add yet another such check.
2016-07-19	Use __attribute__((__format__ throughout.	Ingo Schwarze
	Triggered by a smaller patch from Christos Zoulas.
2016-07-19	tweak previous;	Jason McIntyre

2016-07-19	Allow wildcard for PermitOpen hosts as well as ports. bz#2582, patch from	Darren Tucker
	openssh at mzpqnxow.com and jjelen at redhat.com. ok markus@
2016-07-19	Cleanup close(open idioms.	Theo de Raadt
	ok krw
2016-07-18	The string with path to shell could be taken directly from struct passwd.	Vadim Zhukov
	At some point later the data it points to is overridden by getpwuid() call, resulting in garbage. The problem could be easily demonstreated by double doas call: $ doas doas -su _sndio doas: mpty: command not found The fix is easy: just strdup() the pw_shell field value. okay tedu@, tweaks from & okay natano@
2016-07-18	Reduce timing attack against obsolete CBC modes by always computing	Markus Friedl
	the MAC over a fixed size of data. Reported by Jean Paul Degabriele, Kenny Paterson, Torben Hansen and Martin Albrecht. ok djm@
2016-07-18	Add 'p' trace point for KTRFAC_PLEDGE, as noted by	Philip Guenther
	Michal Mazurek <akfaew@jasminek.net> While here, fix handling of -t+ in ltrace.
2016-07-18	Add some unsigned overflow checks for extra_pad. None of these	Damien Miller
	are reachable with the amount of padding that we use internally. bz#2566, pointed out by Torben Hansen. ok markus@
2016-07-17	getopt(3) can be called twice (once for bc and once for dc), so reinit getopt	Otto Moerbeek
	ok deraadt@
2016-07-17	strip back asn1parse; ok beck jsing	Jason McIntyre
	description of -out altered on jsing's advice
2016-07-17	support UTF-8 characters in ssh(1) banners using schwarze@'s	Damien Miller
	safe fmprintf printer; bz#2058 feedback schwarze@ ok dtucker@
2016-07-17	Remove now obsolete parenthetical explanation (should have been part of	Theo Buehler
	previous commit).
2016-07-17	1. Update manpage in view of the change of behavior I introduced in -r1.27.	Theo Buehler
	The bounds are taken inclusive and -w %d doesn't change the output of integer random sequences anymore. This is the same behavior as that of Linux and NetBSD, but differs from FreeBSD and OS X. Issue reported by Philippe Meunier on misc@. 2 Fix a bug from the same commit observed by Otto: if the precision is 0, values may be printed out of bounds. Fall back to the old behavior if at least one bound isn't an integer. General agreement expressed by otto@, tedu@, jmc@, sobrado@ Help with checking other operating systems by sobrado@. Manpage ok jmc@. Bugfix discussed with otto@ on icb
2016-07-16	since we no longer pull source directly from openssl, the time is	Jason McIntyre
	right to try and trim some of the excess from this page. begin now by cutting some of the fluff from the start. the section on pass phrase arguments goes to the end of the page: it;s in the way for now.
2016-07-16	- add proxyjump to the options list	Jason McIntyre
	- formatting fixes - update usage() ok djm
2016-07-15	To remove the const qualifier from a pointer to an object - either	Ingo Schwarze
	because we know it is actually mutable or because we are passing it to a function that doesn't accept a const object but won't actually attempt to modify it - simply casting from (const type ) to (type ) is legal C and clearly expresses the intent. So get rid of the obfuscating UNCONST macro. Basic idea discussed with guenther@.
2016-07-15	Fix previous: the mandocdb() prototype was already there, it just	Ingo Schwarze
	hid among static functions, as noticed by tedu@ (my bad).
2016-07-15	add missing prototypes, no code change;	Ingo Schwarze
	noticed by Christos Zoulas with -Wmissing-prototypes
2016-07-15	Tweak output of environment logging.	Nicholas Marriott

2016-07-15	Log environment to new panes.	Nicholas Marriott