summaryrefslogtreecommitdiffstats
path: root/usr.bin (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Fatal errors no longer exist.schwarze2015-01-1510-106/+51
| | | | | | If a file can be opened, mandoc will produce some output; at worst, the output may be almost empty. Simplifies error handling and frees a message type for future use.
* downgrade .so failure from FATAL to ERRORschwarze2015-01-152-18/+20
|
* downgrade ".so with absolute path" from FATAL to ERROR;schwarze2015-01-144-13/+14
| | | | allows to get rid of ROFF_ERR
* simplify by getting rid of ROFF_ERR in tbl(7) parsing; no functional changeschwarze2015-01-144-17/+16
|
* To get rid of SYSERR entries in enum mandocerr, downgrade problems withschwarze2015-01-143-48/+30
| | | | | | missing and unreadable files from SYSERR to ERROR. Needed for upcoming work. As a bonus, this minimally simplifies code and documentation.
* if earlier files set a non-zero exit status,schwarze2015-01-141-7/+13
| | | | do not allow later files to reset it to zero
* whitespacedjm2015-01-141-2/+0
|
* move authfd.c and its tentacles to the new buffer/key API;djm2015-01-1410-682/+846
| | | | ok markus@
* fix small regression: ssh-agent would return a success messagedjm2015-01-141-14/+23
| | | | | but an empty signature if asked to sign using an unknown key; ok markus@
* Simplify handling of system errors: just exit(3).schwarze2015-01-142-43/+17
| | | | | We already do the same for malloc(3) failure. The is no virtue in trying to survive failure of fork(2) and the like.
* avoid BIGNUM in KRL code by using a simple bitmap;djm2015-01-147-43/+531
| | | | feedback and ok markus
* update sftp client and server to new buffer API.djm2015-01-149-684/+924
| | | | pretty much just mechanical changes; with & ok markus
* switch to sshbuf/sshkey; with & ok djm@markus2015-01-141-212/+308
|
* avoid an warning for the !OPENSSL casedjm2015-01-141-5/+5
|
* swith auth-options to new sshbuf/sshkey; ok djm@markus2015-01-142-46/+40
|
* make non-OpenSSL aes-ctr work on sshd w/ privsep; ok markus@djm2015-01-141-1/+9
|
* remove unneeded includes, sync my copyright across files & whitespace; ok djm@markus2015-01-145-37/+18
|
* Be developer-friendly, 'cause OpenBSD devs like to:schwarze2015-01-131-5/+102
| | | | | | | | | | | | | cd /usr/src/share/man/man4; vi newdev.4 Makefile; make install; man newdev When a manual is missing from an outdated database, let man(1) show it anyway, using a KISS file system lookup as a fallback. Requested by deraadt@. 87 new lines of code doesn't seem too much bloat to me. Of course, keeping your mandoc.db(5) files up to date with makewhatis(8) or weekly(8) is still required for apropos(1) to find your new pages.
* adapt mac.c to ssherr.h return codes (de-fatal) and simplify dependenciesmarkus2015-01-135-82/+100
| | | | ok djm@
* sync changes from libopenssh; prepared by markus@djm2015-01-131-2/+2
| | | | | mostly debug output tweaks, a couple of error return value changes and some other minor stuff
* sync changes from libopenssh; prepared by markus@djm2015-01-131-50/+48
| | | | | mostly debug output tweaks, a couple of error return value changes and some other minor stuff
* zap really odd code that's not actually in-use.espie2015-01-131-19/+8
| | | | okay millert@
* Remove a variable that's not really being used.bcallah2015-01-131-7/+1
| | | | ok deraadt@ jasper@
* Document the openssl s_client -proxy feature.bluhm2015-01-131-2/+14
| | | | OK jmc@
* do not spawn a pager when there is no output; issue pointed out by deraadt@schwarze2015-01-131-24/+29
|
* Add the possibility to use the openssl s_client tool with an httpbluhm2015-01-131-4/+24
| | | | | | proxy. Implement the -proxy feature in the same hackish way as -starttls. OK jsing@
* add sshd_config HostbasedAcceptedKeyTypes and PubkeyAcceptedKeyTypesdjm2015-01-1310-24/+131
| | | | | options to allow sshd to control what public key types will be accepted. Currently defaults to all. Feedback & ok markus@
* An article on medium.com highlighted that grepdaniel2015-01-131-3/+3
| | | | | | | | | was available in v4. To quote Ken Thompson, grep appeared "sometime before the 4th edition." ok schwarze@
* Implement more thorough error checks:lteo2015-01-131-12/+38
| | | | | | | | | | | | - Check the return value of every relevant function call. - If BIO_new() returns NULL instead of a valid BIO, do not attempt to blindly use the NULL value as a BIO throughout the rest of the code. - Ensure that bio_out is freed by BIO_free_all() at the end of all error paths. ok doug@
* the BUG described at the bottom is not a bug. It is how it is supposed toderaadt2015-01-121-8/+8
| | | | | work. Move it up into the main body. ok tedu millert
* unbreak parsing of pubkey comments; with gerhard; ok djm/deraadtmarkus2015-01-121-9/+9
|
* missing error assigment on sshbuf_put_string()markus2015-01-121-3/+3
|
* Fetching port distfiles with the ftp command from githup did notbluhm2015-01-121-9/+25
| | | | | | | | | work when using a https proxy because of a missing host header. Remember the host form the url and write it into the http request. Fix the format string when using Proxy-Authorization together with Cookie. Also write the http request to the debugging output to see what is going on. input jca@; OK sthen@ mpi@
* apparently memcpy(x, NULL, 0) is undefined behaviour according todjm2015-01-122-9/+15
| | | | | C99 (cf. sections 7.21.1 and 7.1.4), so check skip memcpy calls when length==0; ok markus@
* free->sshkey_free; ok djm@markus2015-01-121-2/+2
|
* allow WITH_OPENSSL w/o WITH_SSH1; ok djm@markus2015-01-121-3/+7
|
* correctly use HOST_NAME_MAX.deraadt2015-01-112-5/+5
| | | | | | | | | | | | | | | | | Some notes: POSIX HOST_NAME_MAX doesn't include the NUL. POSIX LOGIN_NAME_MAX and TTY_NAME_MAX do include the NUL. BSD MAXHOSTNAMELEN includes the NUL. Actually, most of the historical BSD MAX* defines did include the NUL, except for the historical mistake of utmp fields without NULs in the string, which directly led to strncpy.. just showing how error prone this kind of accounting is. CSRG did right. Somehow POSIX missed the memo on the concepts of carefulness and consistancy, and we are still paying the price when people trip over this. Of course, glibc is even more amazing (that is a hint to blackhats) ok guenther
* 1. They're flags, not counters. Set to one instead of incrementing.tedu2015-01-102-23/+15
| | | | | 2. The G flag is useless and never checked. Remove it. ok millert
* Correct reversed test of setmountent() returnguenther2015-01-101-2/+2
| | | | Fix from Dennis Lindroos (denafcm (at) gmail.com)
* absurd optimization. reduce initial space by one to avoid leaving one bytetedu2015-01-091-2/+2
| | | | hanging off on a page by itself.
* fix ssh_config FingerprintHash evaluation order; from Petr Lautrbachdjm2015-01-081-3/+4
|
* Convert spkac.c to the new option handling code.doug2015-01-081-100/+137
| | | | input + ok jsing@
* Convert pkcs8.c to the new option handling code.doug2015-01-081-157/+220
| | | | | Minor KNF in a few places too. input + ok jsing@
* Convert asn1pars.c to the new option handling.doug2015-01-081-137/+206
| | | | | | | Also, removed a few useless if null checks. input from bcook@ input + ok jsing@
* reorder hostbased key attempts to better match the defaultdjm2015-01-081-17/+17
| | | | hostkey algorithms order in myproposal.h; ok markus@
* deprecate key_load_private_pem() and sshkey_load_private_pem()djm2015-01-0810-102/+62
| | | | | | | | | | | | | | | interfaces. Refactor the generic key loading API to not require pathnames to be specified (they weren't really used). Fixes a few other things en passant: Makes ed25519 keys work for hostbased authentication (ssh-keysign previously used the PEM-only routines). Fixes key comment regression bz#2306: key pathnames were being lost as comment fields. ok markus@
* bcallah noticed the ifndef guard for headers was wrong. don't fix, justtedu2015-01-071-5/+3
| | | | remove it, and put these includes up with their friends.
* workaround for the Meyer, et al, Bleichenbacher Side Channel Attack.tedu2015-01-071-57/+47
| | | | | fake up a bignum key before RSA decryption. discussed/ok djm markus
* It is the copy command that is abbreviated as 'c', not chdir.millert2015-01-071-3/+5
| | | | Also document that cd is an alias for chdir. From Kaspars Bankovskis.
* Document the '=' command; from trondd at gmailmillert2015-01-071-2/+4
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.