IABSD.fr/src/usr.bin

Branch :


Log

Author Commit Date CI Message
74d38529 2023-03-02 06:41:56 Ensure we always call fclose when writing checkpoints. In the case of an fprintf failure we would not call fclose which would leak the FILE pointer. While we're there, try to clean up the temp file on failure. Spotted by Coverity, ok djm@
520304af 2023-02-28 21:31:50 fatal out if allocating banner string fails to avoid potential null deref later in sscanf. Spotted by Coverity, ok deraadt@
a4a4354d 2023-02-28 08:45:24 Explicitly ignore return from fchmod similar to other calls to prevent warning.
deb51e2e 2023-02-27 22:12:40 Plug mem leak on globbed ls error path. Spotted by Coverity, ok deraadt@
c1e2a033 2023-02-23 14:55:54 openssl speed: avoid bad plural Remedy a case of twitching eyes caused by seeing "Doing ... rsa's for 10s". If this breaks someone's script, so be it. ok jsing sthen
28ee9a64 2023-02-22 03:56:43 fix progressmeter corruption on wide displays; bz3534 feedback/ok dtucker@
0a857551 2023-02-21 14:31:07 for process kills due to execve from non-pinned syscall address, export a new AEXECVE bit to acct(4), and print it in lastcomm(8) ok bluhm
2598ede8 2023-02-21 06:48:18 fseek to end of known_hosts before writing to it. POSIX and ANSI C require that applications call fseek or similar between read and writing to a RW file. OpenBSD doesn't enforce this, but some (System V derived) platforms need this to prevent it from writing a spurious extra byte (in this case, a newline). ok djm@ deraadt@
0132222b 2023-02-17 18:01:26 KTRC_CODE__SYSCALL is never set anymore, because __syscall() is gone.
95ca2293 2023-02-17 18:00:35 Remove redundant assignment; ok millert@
1a0a232e 2023-02-17 17:59:36 Remove unused variables; ok millert@
ffc379c2 2023-02-17 04:22:50 Remove now-unused compat bit SSH_BUG_RSASIGMD5. The code to set this was removed in OpenSSH 7.7 when support for SSH implementations dating back to before RFC standardization were removed. "burn it all" djm@
9cf8803a 2023-02-17 03:06:18 Remove now-unused compat bit SSH_BUG_BIGENDIANAES. This was previously set for OpenSSH 2.3 (released in 2000) but this check was removed in OpenSSH 7.7 (2018). ok djm@ deraadt@
32b32022 2023-02-16 10:10:00 Remove SSH_BUG_PASSWORDPAD compat bit since it's no longer used. ok markus@
04444b3a 2023-02-16 07:55:15 Remove SSH_BUG_IGNOREMSG compat flag since it's only applicable to SSH1 and thus no longer used. ok markus@ "kill it with fire" djm@
786202c1 2023-02-14 17:15:15 Fix handling of port numbers in rsync://host[:port]/module URLs With and OK tb@
a7969b8b 2023-02-10 14:01:43 Fix cursor position after zero width space, GitHub issue 3469.
22a9c15e 2023-02-10 06:41:53 space between macro and punctuation; sort usage();
56802a7f 2023-02-10 06:40:48 space between macro and punctuation;
d921b99c 2023-02-10 06:39:27 sort SYNOPSIS;
16d9a131 2023-02-10 04:56:30 let ssh-keygen and ssh-keyscan accept -Ohashalg=sha1|sha256 when outputting SSHFP fingerprints to allow algorithm selection. bz3493 ok dtucker@
dab22c7c 2023-02-10 04:47:19 add a `sshd -G` option that parses and prints the effective configuration without attempting to load private keys and perform other checks. This allows usage of the option before keys have been generated. bz3460 feedback/ok dtucker@
6d26ad42 2023-02-10 04:40:28 make `ssh -Q CASignatureAlgorithms` work as the manpage says it should bz3532
5344d6be 2023-02-09 09:54:11 Ensure that there is a terminating newline when adding a new entry to known_hosts. bz#3529, with git+openssh at limpsquid.nl, ok deraadt@ markus@
ef6913ff 2023-02-08 15:56:32 Use _nc_tparm_analyze() instead of trying to do it ourselves in process(). This fixes tput when used with a capability that uses push/pop. OK gkoehler@
ae17c7f7 2023-02-08 08:24:29 finger/mail: two trivial functions were missed in earlier ansi passes
e777735b 2023-02-08 08:22:44 telnet: fix prototypes for two signal handlers to make clang 15 happy
4b7c5037 2023-02-08 08:18:11 sed: add missing void to avoid -Wstrict-prototype with clang 15
ce9c3de3 2023-02-08 07:59:24 openssl(1) pkcs7 avoid crash on malformed files When printing certificates or CRLs, check signed and signedAndEnveloped before dereferencing them. Prevents crash on inspecting malformed PKCS7 files. ok jsing
49828476 2023-02-07 10:56:04 Remove old buffer when renaming rather than complaining, GitHub issue 3467 from Jean-Philippe Paradis.
0da56a05 2023-02-07 10:21:01 Add an L modifier like P, W, S to loop over clients. Also fix some long lines in tmux(1).
6c1aad9d 2023-02-06 09:20:30 Add -f to list-clients like the other list commands, from Andy Walker in GitHub issue 3449.
422252e0 2023-02-05 21:26:48 Do not allow multiple line separators in a row.
1dd5a954 2023-02-05 21:15:32 Extend display-message to work for control clients. GitHub issue 3449.
a114beb5 2023-02-03 15:55:59 Fix tput when compiled with clang-15 -O2 For some reason clang-15 doesn't like passing the uninitialized array of pointers nargv[] to the vararg function tparm(). With -O2 it optimizes the for loop preceding the tparm() call strangely, with the result that the argv[i] == NULL error is hit in most real-world usage. This broke naddy's fancy shell prompt among other things. Initialize nargv[] to appease the insatiable undefined behavior exploiter. ok jca millert
f829cebc 2023-02-03 13:10:57 Add ASPA to Looking Glass OK claudio@
42717716 2023-02-02 12:10:22 openssh-9.2
bc85b416 2023-02-02 12:10:05 fix double-free caused by compat_kex_proposal(); bz3522 by dtucker@, ok me
08d1f2ca 2023-02-02 09:24:59 Add a missing error message which causes an invalid layout name to crash.
e069d6d1 2023-02-02 09:06:44 Tweak note for D key binding, from Clark Wang.
13c74f85 2023-02-01 00:03:38 Print the pid in lastcomm(1) output for post mortem analysis. Put it in brackets after the command name, like syslogd does it in log files. A while ago the process id was added to process accounting in the kernel, so no ABI break this time. OK deraadt@
e8de1577 2023-01-31 21:38:01 Fix a typo in a comment and spacing from weerd@
698cd879 2023-01-29 09:28:57 Fix ^^D and 0^D description; pointed out by Tomas Rippl; ok jmc@
99a8c03e 2023-01-25 19:06:50 Fix CVE-2023-24056, unbounded variable expansion in pkg-config. We now die with an error when trying to expand a variable that is already longer than 64K. This was never a buffer overflow in our pkg-config, but rather an unbounded memory allocation that would eventually run up against resource limits. OK sthen@ jasper@
6981b792 2023-01-23 09:33:51 Too many \s in example, GitHub issue 3445.
009dd187 2023-01-20 21:36:00 Add a flag to display-menu to select the manu item chosen first, GitHub issue 3442.
7c5efb42 2023-01-18 20:56:36 delete useless dependency
89841209 2023-01-18 20:43:15 Create and install sshd random relink kit. ../Makefile.inc and Makfile are concatenated for reuse, which hopefully won't be too fragile, we'll see if we need a different approach. The resulting sshd binary is tested with the new sshd -V option before installation. As the binary layout is now semi-unknown (meaning relative, fixed, and gadget offsets are not precisely known), change the filesystem permissions to 511 to prevent what I call "logged in BROP". I have ideas for improving this further but this is a first step ok djm
59586997 2023-01-18 06:55:32 tweak previous; ok djm
a35e5d14 2023-01-18 02:00:10 when restoring non-blocking mode to stdio fds, restore exactly the flags that ssh started with and don't just clobber them with zero, as this could also remove the append flag from the set; bz3523; ok dtucker@
93d238a6 2023-01-18 01:50:21 Add a -V (version) option to sshd like the ssh client has. OK markus@ deraadt@
dc4459a6 2023-01-17 18:52:44 For "ssh -V" always exit 0, there is no need to check opt again. This was missed when the fallthrough in the switch case above it was removed. OK deraadt@
c842d149 2023-01-17 13:03:22 Arguments may contain more than one variable assignment `make FOO=1 BAR=2 ...' works as expected and lots of things wouldn't work if make only accepted a single assignment, as currently documented. Fix SYNOPSIS and usage to match reality and POSIX spec (thanks jmc). OK jmc
1e415b51 2023-01-17 10:40:51 Support -1 without -N for list-keys.
f98a6cf6 2023-01-17 09:44:48 Add a sshd_config UnusedConnectionTimeout option to terminate client connections that have no open channels for some length of time. This complements the recently-added ChannelTimeout option that terminates inactive channels after a timeout. ok markus@
bf31d21b 2023-01-17 06:50:55 Update palette when moving a pane, GitHub issue 3437.
c79c3b80 2023-01-16 11:26:14 Mark keys sent by command and skip paste handling for them.
e2c8dd8b 2023-01-16 05:32:04 we spent far too long debugging a weird go library problem (incorrect arguments to mmap) because it was using syscall(2) and that callpath is invisible in ktrace. make it visible, it will now show "(via syscall)" and such. ok guenther
938209f1 2023-01-15 23:05:32 update OpenSSH's Ed25519 code to the last version of SUPERCOP (20221122) and change the import approach to the same one we use for Streamlined NTRUPrime: use a shell script to extract the bits we need from SUPERCOP, make some minor adjustments and squish them all into a single file. ok tb@ tobhe@
93d5a0ee 2023-01-15 06:55:12 fix text error; from jan stary
293b7b88 2023-01-13 15:14:24 Use extended header format for .wav files. According to Microsoft docs, it is needed if bits > 16 or if there are more than 2 channels, which aucat supports and is the defaut. Fixes errors reported by audio/sox port when trying to play .wav files generated by aucat. Reported by John Rigg <obsd at jrigg.co.uk> and others on misc@
9917671c 2023-01-13 07:13:40 fix double phrase in previous;
8074af79 2023-01-13 06:53:04 timeout(1): sig_atomic_t variables must also be 'volatile'; ok job@
d6bc16de 2023-01-13 03:16:29 Document "UserKnownHostsFile none". ok djm@
61d6691f 2023-01-13 02:58:20 Add a "Host" line to the output of ssh -G showing the original host arg. Inspired by patch from vincent at bernat.ch via bz#3343, ok djm@
bf25c7a3 2023-01-13 02:44:02 avoid printf("%s", NULL) if using ssh -oUserKnownHostsFile=none and a hostkey in one of the system known hosts file changes; ok dtucker@
25f2c821 2023-01-12 18:49:11 Have tmux recognise pasted texts wrapped in bracket paste sequences, rather than only forwarding them to the program inside. From Andrew Onyshchuk in GitHub issue 3431.
77a16aa3 2023-01-12 14:08:39 diff from sobrado to use a full argument name for -s: after some discussion we used "signal", as per pkill/pgrep; also lift the descriptive text from kill.1 to clarify that both signal name and number are accepted; ok sobrado job
f66d30ff 2023-01-11 05:39:38 clamp the minimum buffer lengths and number of inflight requests too
d28b3eb2 2023-01-11 05:36:50 ignore bogus upload/download buffer lengths in the limits extension
6d197b35 2023-01-11 02:13:52 remove whitespace at EOL from code extracted from SUPERCOP
0903cde6 2023-01-10 23:22:15 Switch scp from using pipes to a socketpair for communication with it's ssh sub-processes. We no longer need to reserve two descriptors to ensure that we don't end up using fd 0-2 unexpectedly, that is handled by sanitise_stdfd() in main(). Based on an original diff from djm@. OK deraadt@ djm@
03a52c9b 2023-01-10 21:10:37 oops, fix a bad edit in previous;
78dcb75a 2023-01-10 20:48:34 Fix device name in the MIDI control section For MMC to work, the MIDI sequencer must send MMC to subdevices registered with -tslave. From Dirk-Wilhelm Peters <peters at schwertfisch.de>, thanks.
846b88a7 2023-01-10 14:19:12 Add short options for --foreground and --preserve-status Align with upcoming POSIX spec: https://www.austingroupbugs.net/view.php?id=1586 OK jmc@
165474a8 2023-01-09 17:13:46 shorten SYNOPSIS from three versions to two (me) then one (ratchov), plus all the cleanup that goes with; ok ratchov
affa3703 2023-01-09 14:12:41 Fix behaviour with \007 (used the wrong tree for last change).
ce2a7883 2023-01-09 07:57:14 Accept \007 as terminator to OSC 10 or 11.
461a14bc 2023-01-08 23:34:46 Fix parsing of optional arguments so that and accept a - starting an argument.
ab9ea5e6 2023-01-08 22:17:04 Have client return 1 if process is interrupted to an input pane.
cc390fd4 2023-01-08 22:15:30 Restore code to handle wcwidth failure so that unknown codepoints still do the most likely right thing. GitHub issue 3427, patch based on an diff from Jesse Luehrs in GitHub issue 3003.
d89c343e 2023-01-08 21:00:01 Quotes are now required in select-layout example.
bfce157f 2023-01-08 08:27:17 - tweak the text relating to -w - sync usage() and SYNOPSIS ok ratchov
0c878ce4 2023-01-08 06:58:07 Add -w option to display variables periodically The purpose of -w is to monitor underruns without triggering long kernel code-paths (ex. fork and exec of new audioctl process) that may cause additional underruns than the ones being monitored. ok chehola, edd
190bef39 2023-01-07 05:26:40 Add argument and return support for {get,set}thrname()
cef5a146 2023-01-07 05:24:58 Add {get,set}thrname(2) for putting thread names in the kernel and exposed in a new field returned by sysctl(KERN_PROC). Update pthread_{get,set}_name_np(3) to use the syscalls. Show them, when set, in ps -H and top -H output. libc and libpthread minor bumps ok mpi@, mvs@, deraadt@
b9197c8b 2023-01-06 08:44:11 tweak previous; ok djm
83e2ab13 2023-01-06 07:09:27 If a pane is killed, cancel reading from the file. GitHub issue 3422.
eb183477 2023-01-06 02:47:18 Implement channel inactivity timeouts This adds a sshd_config ChannelTimeouts directive that allows channels that have not seen traffic in a configurable interval to be automatically closed. Different timeouts may be applied to session, X11, agent and TCP forwarding channels. Note: this only affects channels over an opened SSH connection and not the connection itself. Most clients close the connection when their channels go away, with a notable exception being ssh(1) in multiplexing mode. ok markus dtucker
e425622f 2023-01-06 02:42:34 Add channel_set_xtype() This sets an "extended" channel type after channel creation (e.g. "session:subsystem:sftp") that will be used for setting channel inactivity timeouts. ok markus dtucker
c6fd5a4a 2023-01-06 02:41:49 tweak channel ctype names These are now used by sshd_config:ChannelTimeouts to specify timeouts by channel type, so force them all to use a similar format without whitespace. ok dtucker markus
b21c0267 2023-01-06 02:39:59 Add channel_force_close() This will forcibly close an open channel by simulating read/write errors, draining the IO buffers and calling the detach function. Previously the detach function was only ever called during channel garbage collection, but there was no way to signal the user of a channel (e.g. session.c) that its channel was being closed deliberately (vs. by the usual state-machine logic). So this adds an extra "force" argument to the channel cleanup callback to indicate this condition. ok markus dtucker
0f30be9a 2023-01-06 02:38:23 replace manual poll/ppoll timeout math with ptimeout API feedback markus / ok markus dtucker
a598e5a3 2023-01-06 02:37:04 add ptimeout API for keeping track of poll/ppoll timeouts; ok dtucker markus
f2e3f6b6 2023-01-05 05:49:13 suppress "Connection closed" message when in quiet mode
998894f5 2023-01-05 00:00:44 Delete remnants of removed "diff -l" option. From Nathan Houghton
8305317d 2023-01-04 19:12:34 minor text shuffle, for clarity; ok millert
5d84952f 2023-01-04 14:58:04 Eduardo Horvath agreed to rescind clause 3 and 4 in NetBSD fgen.1 rev 1.9 cpu_in_cksum.S rev 1.2 https://mail-index.netbsd.org/source-changes/2009/10/19/msg002130.html
3d2b6224 2023-01-04 12:53:38 ugly white space
30b91020 2023-01-04 07:33:00 - use Fl instead of Ar for print0; from josiah frentsos - while here, describe it as a primary rather than an option