Branch :
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
| 067867af | 2020-09-01 10:51:41 | update currency exchange rates; | ||
| 9f04068a | 2020-09-01 09:19:01 | Add -F to set-environment and source-file; GitHub issue 2359. | ||
| 33491e32 | 2020-09-01 08:50:14 | Only print below number when there is enough space. | ||
| cf629db8 | 2020-09-01 08:48:26 | Allow a-z keys for display-panes to jump to higher numbered panes. | ||
| a907aba0 | 2020-08-31 16:08:28 | crank to 6.8-beta | ||
| 8b827e99 | 2020-08-31 04:33:17 | refuse to add verify-required (PINful) FIDO keys to ssh-agent until the agent supports them properly | ||
| 0cb81611 | 2020-08-31 00:17:41 | Add RCS IDs to the few files that are missing them; from Pedro Martelletto | ||
| e33a93b3 | 2020-08-30 12:16:04 | Fix :S with anchors and replacement gnezdo noticed that :S/old_string/new_string/ variable modifiers such as :S/^sth/&/ and :S/sth$/&/ with an anchor in the old_string and an & in the new_string don't work as documented (and expected) since they replace & with old_string including the anchors. This is because get_spatternarg() deals with skipping the anchors in pattern->lhs only after having replaced any '&' in the buffer that will eventually become new_string with pattern->lhs. Fix this by moving the logic of skipping the anchors from get_spatternarg() into common_get_patternarg() so it is done before & is handled. ok millert | ||
| 2ed04c87 | 2020-08-28 16:29:16 | Implement mktime() function for compatibility with mawk and gawk. This is the only missing time function compared to those two implementations. Doc changes OK jmc@ | ||
| cd676bba | 2020-08-28 03:15:52 | Check that the addresses supplied to Match Address and Match LocalAddress are valid when parsing in config-test mode. This will catch address/mask mismatches before they cause problems at runtime. Found by Daniel Stocker, ok djm@ | ||
| bad5e71c | 2020-08-27 15:54:38 | Remove a lie reported by Jamie Landeg-Jones <jamie at catflap dot org>: The times when -T man may have expanded .so requests are long gone, nor would such a feature be useful. Use soelim(1) if you need that. | ||
| e01d8257 | 2020-08-27 15:20:31 | unveil(_PATH_DEV, "r") when -T or -u is used: who(1) is using stat(2) for determining the status of the tty ok deraadt@ | ||
| 0d0f340d | 2020-08-27 14:59:42 | Fix a regression caused by the insertion of two new tokens, which unintentionally made the -O tag= argument mandatory, breaking commands like "man -akO tag Ic=ulimit". Noticed while answering questions from Ian Ropers. | ||
| 2909699b | 2020-08-27 14:28:08 | Make it more explicit that the statement "-O tag does not work with less(1)" only applies to -T html output mode, and why. Of course, -O tag works just fine with less(1) in the -T ascii and -T utf8 output modes. Potential for confusion pointed out by Ian Ropers. | ||
| fbe6102b | 2020-08-27 12:58:00 | Avoid artifacts in the most common case of closing conditional blocks when no arguments follow the closing brace, \}. For example, the line "'br\}" contained in the pod2man(1) preamble would throw a bogus "escaped character not allowed in a name" error. This issue was originally reported by Chris Bennett on ports@, and afresh1@ noticed it came from the pod2man(1) preamble. | ||
| fb0dc9ff | 2020-08-27 12:34:00 | sentence fix; from pedro martelletto | ||
| cb9b4a5c | 2020-08-27 09:46:04 | debug()-print a little info about FIDO-specific key fields via "ssh-keygen -vyf /path/key" | ||
| 8c966c57 | 2020-08-27 09:43:28 | skip a bit more FIDO token selection logic when only a single token is attached. with Pedro Martelletto | ||
| 07d23686 | 2020-08-27 06:55:54 | Add pane_last format, GitHub issue 2353. | ||
| 096c972c | 2020-08-27 06:15:22 | tweak previous; | ||
| e4ab4c29 | 2020-08-27 02:11:09 | remove unreachable code I forgot to delete in r1.334 | ||
| 7365ccde | 2020-08-27 01:08:45 | Request PIN ahead of time for certain FIDO actions When we know that a particular action will require a PIN, such as downloading resident keys or generating a verify-required key, request the PIN before attempting it. joint work with Pedro Martelletto; ok markus@ | ||
| 15a2cdb6 | 2020-08-27 01:08:19 | preserve verify-required for resident FIDO keys When downloading a resident, verify-required key from a FIDO token, preserve the verify-required in the private key that is written to disk. Previously we weren't doing that because of lack of support in the middleware API. from Pedro Martelletto; ok markus@ and myself | ||
| 01bb7af0 | 2020-08-27 01:07:51 | major rework of FIDO token selection logic When PINs are in use and multiple FIDO tokens are attached to a host, we cannot just blast requests at all attached tokens with the PIN specified as this will cause the per-token PIN failure counter to increment. If this retry counter hits the token's limit (usually 3 attempts), then the token will lock itself and render all (web and SSH) of its keys invalid. We don't want this. So this reworks the key selection logic for the specific case of multiple keys being attached. When multiple keys are attached and the operation requires a PIN, then the user must touch the key that they wish to use first in order to identify it. This may require multiple touches, but only if there are multiple keys attached AND (usually) the operation requires a PIN. The usual case of a single key attached should be unaffected. Work by Pedro Martelletto; ok myself and markus@ | ||
| 869858c2 | 2020-08-27 01:07:09 | support for requiring user verified FIDO keys in sshd This adds a "verify-required" authorized_keys flag and a corresponding sshd_config option that tells sshd to require that FIDO keys verify the user identity before completing the signing/authentication attempt. Whether or not user verification was performed is already baked into the signature made on the FIDO token, so this is just plumbing that flag through and adding ways to require it. feedback and ok markus@ | ||
| 1f63d3c4 | 2020-08-27 01:06:18 | support for user-verified FIDO keys FIDO2 supports a notion of "user verification" where the user is required to demonstrate their identity to the token before particular operations (e.g. signing). Typically this is done by authenticating themselves using a PIN that has been set on the token. This adds support for generating and using user verified keys where the verification happens via PIN (other options might be added in the future, but none are in common use now). Practically, this adds another key generation option "verify-required" that yields a key that requires a PIN before each authentication. feedback markus@ and Pedro Martelletto; ok markus@ | ||
| d31303eb | 2020-08-26 16:21:28 | Add "t" to toggle the display of routing tables Swap the WAIT column with RTABLE (and vice versa); WAIT is wide enough to fit RTABLE, somewhat adds additional value to STATE and seems therefore most appropiate to hide in favour of RTABLE. Filtering rtables with "T" does not toggle the column, just like filtering users with "u" does not toggle between user and thread id. Feedback jmc OK remi | ||
| 43dc5f42 | 2020-08-25 11:35:32 | Allow colour to be spelt as color, from Boris Verkhovsky. GitHub issue 2317. | ||
| 754b6bea | 2020-08-25 07:27:34 | Rename rtable filter variables and simplify buffer handling No functional change, the rename is for consistency and the buffer handling reduces churn in an upcoming diff. | ||
| aac46131 | 2020-08-24 05:23:30 | Old Terminal.app versions do not respond correctly to secondary DA, instead responding with the primary DA response. Ignore it. Reported by Dave Vandervies. | ||
| 493d2591 | 2020-08-24 05:22:28 | Do not run off end of string when stripping delays, reported by Dave Vandervies. | ||
| f6c67779 | 2020-08-23 21:11:55 | Filter by routing table "-T-0" for processes outside the default routing table, "-T3" for those in a specific one; same semantics as with other filters. Manual wording and command line flag taken from pgrep(1) being the only way to identify processes by routing table; After netstat(1)'s recent addition of "-R", filtering in top makes for handy tooling around rtable(4). "looks good to me" millert OK remi | ||
| 03397e00 | 2020-08-22 18:34:29 | Support looking up unix domain sockets by file name. The best that we can do is string comparison of the file name. Previously, "fstat /var/run/foo.sock" would return no results. The -f option still won't work for sockets since they are not file system objects. OK kn@ | ||
| 4b565362 | 2020-08-21 22:13:15 | Print unp_path for unix domain sockets. OK kn@ mvs@ | ||
| 8d34ed16 | 2020-08-20 16:57:40 | Add n: modifier to get length of a format, also automatically expand variable name arguments again if they contain a #{. | ||
| 55a1066f | 2020-08-19 11:10:42 | Handle EADDRNOAVAIL from connect(2) gracefully The server's DNS name may yield multiple addresses of different address families; in case the local client has no suitable address, i.e. connect(2) fails with EADDRNOTAVAIL, do not fail hard but try the next address instead. Report (IPv6 only client with dualstack server) and diff from Sasha Romijn. OK job | ||
| 6434f49b | 2020-08-19 07:15:42 | Set alert flag for the current window if the session is unattached. GitHub issues 1182 and 2299. From Eric Garver. | ||
| 7a3e72b5 | 2020-08-19 06:37:23 | Respond to colour requests if a colour is available, from Michal Goral. | ||
| 5fcfc6ff | 2020-08-17 18:41:23 | -F requires at least 5 columns for folding, while a tab at start of line is 8 columns. This causes an infinite loop in the folding logic. Fix this by implementing an escape hatch so that only a single fold can occur. This does mean that a tab with a -F smaller or equal to 8 will always print the newline escape backslash in the 8th column. Bug reported by phillbush <at> cock <dot> li Minor tweak and OK deraadt@ | ||
| a8dc0ba1 | 2020-08-17 18:12:12 | honor /etc/nologin by unveiled it ok deraadt@ | ||
| b1b24323 | 2020-08-14 17:44:53 | '!' does not need to be escaped; confirmed by naddy and deraadt | ||
| a09091e5 | 2020-08-13 12:37:16 | new kstat(1) manual page, using info from dlg@, from his commit messages, and from partial code inspection; OK dlg@ | ||
| dcf22d41 | 2020-08-12 01:23:45 | ssh-keyscan(1): simplify conloop() with timercmp(3), timersub(3); ok djm@ | ||
| 60613915 | 2020-08-11 16:57:05 | Update awk to August 7, 2020 version. | ||
| 210ec77e | 2020-08-11 09:49:57 | let ssh_config(5)'s AddKeysToAgent keyword accept a time limit for keys in addition to its current flag options. Time-limited keys will automatically be removed from ssh-agent after their expiry time has passed; ok markus@ | ||
| 272d1ebd | 2020-08-11 09:45:54 | let the "Confirm user presence for key ..." ssh-askpass notification respect $SSH_ASKPASS_REQUIRE; ok markus@ | ||
| 6b04bb45 | 2020-08-11 01:07:47 | add -w so kstat can update and print stats at a specified wait interval. | ||
| 81e355e4 | 2020-08-10 06:51:40 | sigh, i made the previous diff to small. main needs to understand the kstat_tree type now, so move the declaration up. | ||
| 62fc0d78 | 2020-08-10 06:39:52 | factor out the printing of kstats. no functional change otherwise. | ||
| 59ead937 | 2020-08-10 01:13:28 | add the ability to filter which kstats are displayed. kstats are identified by a "provider:instance:name:unit" tuple, where provider and name are strings, and instance and unit are integers. you can pass tuples as arguments to kstat to select them for display, eg, to see the rxq and txq stats for the first rings on an em0 interface, you can run `kstat em0:0:rxq:0 em0:0:txq:0`. this can be pretty tedious if you want to select a group of stats quickly though, so there's some wildcard and pattern matching support. firstly, empty fields in the tuple are wildcarded, eg, if you want to see all the stats that an mcx0 interface provides then run `kstat mcx0:::`. secondly, strings in a tuple (ie, the provider and name fields) are compared using fnmatch(3) so you can use shell like patterns to match fields. to expand the last example to all mcx interfaces, you can run `kstat mcx*:::`. lastly, you can pass a bare name to match on all kstats with that name. eg, to see the txq stats for all interfaces, just run `kstat txq`. | ||
| e451a623 | 2020-08-09 16:38:24 | Convert openssl req option handling. With input from inoguchi@ ok beck@ inoguchi@ | ||
| 97da2ad2 | 2020-08-08 14:01:31 | Reorder SNMPv2-MIB to match order with original document. Some minor touchups while here. | ||
| 2e6355c0 | 2020-08-08 13:13:19 | Reorganize SNMPv2-MIB so that all it's elements are together and in order of the original definition, for better comparability. While here rename snmpProxies to snmpProxys, since that's what it's called. Also add the zeroDotZero object. | ||
| 6972fbe4 | 2020-08-08 13:02:54 | Clean up smi_mibtree. It checks on o_oid[0] for 0, which prevents us from adding the ccitt oid and its zeroDotZero subsidiary. Change this to check for o_name, which is always set, because mibtree is filled by MIBDECL(). | ||
| e48b1d2e | 2020-08-08 08:57:29 | Implement SNMP-USM-AES-MIB and SNMP-USM-HMAC-SHA2-MIB | ||
| 16c279e6 | 2020-08-08 08:37:57 | Polish up SNMP-USER-BASED-SM-MIB and SNMP-FRAMEWORK-MIB. This changes a couple of object names, but this makes them comply with the actual MIB definition. | ||
| 27b4df32 | 2020-08-08 07:18:08 | Somewhere during working on UTF-8 support I thought it was a good idea to use sysContact as a testcase, because it's readily available in snmpd, but forgetting it's actual textual convention as time went by, which is DisplayString (which is ASCII). Add support for the DisplayString textual convention, which is similar to having no textual convention, except that invalid bytes (value 128 and up) are printed as UTF-8 replacement characters, or question mark, depending on LC_CTYPE. Feedback and OK schwarze@ | ||
| f35e0348 | 2020-08-08 07:11:47 | Document UTF-8 support in snmp. Lots of feedback and OK schwarze@ | ||
| 14b12344 | 2020-08-07 07:02:57 | Do not force line width to grid width because it may need to be larger to accomodate a wide character. GitHub issue 2336. | ||
| 1e0c6b38 | 2020-08-06 17:23:29 | Wow, the indentation is totally messed up, to the point where compilers complain (actually useful this time) ok millert | ||
| bbbc8bd0 | 2020-08-05 09:11:09 | Change searching to behave more like emacs and so that regex searching doesn't overlap when searching forwards. | ||
| eb5d7a07 | 2020-08-04 08:50:01 | Also ignore SIGQUIT so it can't be used to kill the client when locked. | ||
| 1248928a | 2020-08-03 14:45:54 | Add support for UTF-8 DISPLAY-HINTs with octet length. For now only sysContact is supported with SnmpAdminString, but more shall follow soon(tm). Note that this will change output even in the C locale: Previously every unprintable byte would be tranformed to a '.', with this diff a valid UTF-8 multibyte or unprintable character will be squished into a single dot to give a better understanding of the intention of the original message. Invalid bytes will now be printed as question marks. Lot's of help and back and forth with schwarze@ who also kindly offered to walk away when I mentioned looking through MIB files for more objects to convert to this new code, which is understandable. OK schwarze@ | ||
| fd9d9245 | 2020-08-03 10:52:38 | Put the code handling \} into a new function roff_cond_checkend() and call that function not only from both places where copies existed - when processing text lines and when processing request/macro lines in conditional block scope - but also when closing a macro definition request, such that this construction works: .if n \{.de macroname macro content .. \} ignored arguments .macroname This fixes a bug reported by John Gardner <gardnerjohng at gmail dot com>. While here, avoid a confusing decrement of the line scope counter in roffnode_cleanscope() for conditional blocks that do not have line scope in the first place (no functional change for this part). Also improve validation of an internal invariant in roff_cblock() and polish some comments. | ||
| b7ec8c74 | 2020-08-03 02:53:51 | ensure that certificate extensions are lexically sorted. Previously if the user specified a custom extension then the everything would be in order except the custom ones. bz3198 ok dtucker markus | ||
| dba54a79 | 2020-08-03 02:43:41 | allow -A to explicitly enable agent forwarding in scp and sftp. The default remains to not forward an agent, even when ssh_config enables it. ok jmc dtucker markus | ||
| 6c0867c1 | 2020-08-03 02:42:49 | clang -Wimplicit-fallthrough does not recognise /* FALLTHROUGH */ comments, which is the style we currently use, and gives too many boring warnings. ok djm | ||
| e85eb45e | 2020-08-03 01:08:37 | Split some code that gives clang10 heartburn ok millert | ||
| f2fa7a92 | 2020-08-02 20:14:10 | missing {} identified by clang10 ok martijn | ||
| 1710b8e4 | 2020-08-01 06:19:59 | update currency exchange rates; | ||
| b767a9ad | 2020-07-31 04:19:37 | Also compare username when checking for JumpHost loops. bz#3057, ok djm@ | ||
| 149ad3e3 | 2020-07-30 17:46:54 | Don't print extra newlines on error before awk starts parsing. If awk prints an error message while when compile_time is still set to ERROR_PRINTING, don't try to print the context since there is none. This can happen due to a problem with, e.g., unknown command line options. | ||
| 5df2889f | 2020-07-30 17:45:44 | Update awk to July 30, 2020 version. | ||
| 0a287e03 | 2020-07-30 17:11:10 | Improved handling of an unescaped '/' in a bracket expression. | ||
| 140dce51 | 2020-07-30 07:32:52 | Trim newline from ctime, from Thomas Adam. | ||
| 4da86b84 | 2020-07-27 13:46:48 | Wrap long lines s_server.c | ||
| 72a107cf | 2020-07-27 13:06:13 | Add function prototype and move sub functions to bottom | ||
| f94a2c25 | 2020-07-27 12:29:51 | Remove space between '*' and pointer variable in s_server.c | ||
| 0e15fe22 | 2020-07-27 12:19:51 | Remove 's_' prefix from member of s_server_config struct | ||
| 5a233072 | 2020-07-27 12:09:14 | Convert openssl(1) s_server option handling ok and comments from jsing@ | ||
| 247fdabf | 2020-07-27 08:03:10 | Add a -d option to display-message to set delay, from theonekeyg at gmail dot com in GitHub issue 2322. | ||
| b1ef1ce0 | 2020-07-26 21:59:16 | Add / as alias for g (grep) Simpliy mdoc(7) markup for "n|# count" while here. Positive manual feedback jmc No objections millert | ||
| 073a2214 | 2020-07-24 07:05:37 | Add a hook when the pane title changed. | ||
| ef301d81 | 2020-07-24 01:57:06 | Regular expression support in RS is an extension. | ||
| 483368fb | 2020-07-23 20:19:27 | Change line counter from int to unsigned long long to reduce overflow. In case unsigned long long is miraculously still too small add an additional overflow detection so we stop counting and add a marker to couter output. Input on earlier diff guenther@ OK millert | ||
| 2c40dbd1 | 2020-07-23 20:13:01 | getline(3) does it's own memory allocation. No need to use an intermediate buffer and copy it over to the final destination. Tweaks and OK millert@, schwarze@ | ||
| 5784a26a | 2020-07-23 14:17:56 | Check all lists if option not found already. | ||
| 8a6c6275 | 2020-07-22 13:29:05 | Avoid running out of memory with query-replace-regex ^ Choosing ! (replace rest) never advances beyond the current line and keeps inserting the replacement test, and mg eventually runs out of memory. Patch from Mark Willson with minor stylistic tweaks. Looks good to Hiltjo Posthuma who would have preferred making forward replacing on empty lines work. Mark argued that this makes it behave consistently with the current behaviour when searching for ^ and the point at the beginning of a non-empty line in which case the cursor does not move either. Also tested by krw | ||
| 82bc5afb | 2020-07-22 13:22:53 | Prevent mg segfault with query-replace-regex replacing ^ Patch from Mark Willson with a minor tweak | ||
| 85b81c84 | 2020-07-22 06:21:46 | Correct checks for window borders. | ||
| 90f584c6 | 2020-07-21 15:08:48 | undocumented options -O outfilename and -O tagfilename to support regression testing without a tty; no user visible change intended | ||
| 6523adaf | 2020-07-21 05:24:33 | Fix show-buffer when run from inside tmux, GitHub issue 2314. | ||
| 95944651 | 2020-07-20 18:57:19 | If closefile() is called on std{in,out,err}, freopen() /dev/null instead. Otherwise, awk will continue trying to perform I/O on a closed stdio stream. This appears to be consistent with how gawk behaves. OK tim@ | ||
| 8bde1373 | 2020-07-20 18:55:15 | In closeall(), skip stdin and flush std{err,out} instead of closing. Otherwise awk could fclose(stdin) twice (it may appear more than once) and closing stderr means awk cannot report errors closing other streams. OK tim@ | ||
| e886970e | 2020-07-20 14:52:12 | as jmc@ points out, i missed a few instances of .Xr more 1 | ||
| c9771691 | 2020-07-20 14:25:22 | Switch the default pager from "more -s" to "less". POSIX explicitly allows using a different default pager if that is documented. The pager provided in the OpenBSD base system is less(1). It can merely be called as more(1) for compatibility. Our man(1) implementation uses less(1) features that traditional more(1) did not provide, in particular tagging. Besides, as noted by deraadt@, the user interface of less(1) is slightly more refined and preferable over the user inferface of more(1). This switch was originally suggested by Ian Ropers. As explained by jmc@ and deraadt@, the -s flag was added a very long time ago when an antique version of groff(1) had an annoying bug in terminal output that would randomly display blank lines in the middle of pages. Clearly, -s has no longer been needed for many years, so drop it from the default pager invocation. OK deraadt@ jmc@ martijn@ job@ | ||
| d3a07ef2 | 2020-07-19 13:19:25 | Delete support for LC_MESSAGES which we shall never implement. This nicely simplifies the code, deleting three header inclusions and calls to various complicated library functions. Dead code reported by Jan Stary <hans at stare dot cz>. Garbage collect pointless (void) casts and a .Tn macro while here. Tweaks and OK martijn@, OK millert@ and kn@ on an earlier version. | ||
| c2008cb8 | 2020-07-19 11:13:35 | Don't add server.device knob if there's only one audio device | ||
| 6a564c82 | 2020-07-19 11:07:14 | Fix initial alternate device number The initial alternate device number was set to 1 (instead of -1), causing device number 1 to be skipped the first time sndiod is used. | ||
| 6a636119 | 2020-07-18 21:44:17 | oops - the description of -i had a similarly incorrect text as -I concerning use of -f; remove that too; pointed out by guenther |