summaryrefslogtreecommitdiffstats
path: root/usr.bin (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* Replace SB_KNOTE and sb_flagsintr with direct checking of klist.visa2021-01-171-2/+1
| | | | OK mpi@ as part of a larger diff
* Unle recover the scope_id from a possible embedded scope if the scope_idclaudio2021-01-162-5/+7
| | | | | is not initalized. Do not reset the scope_id if it was already set. OK bluhm@ florian@
* s/authorization/authentication/gmartijn2021-01-162-7/+7
| | | | OK kn@ tedu@
* Be more explicit by stating that the -n flag is linked to the nopass optionmartijn2021-01-151-5/+5
| | | | | | | | in doas.conf instead of a generic "would prompt for password", which could lead people into believing that persist could work with this option. OK tedu@ Feedback and OK kn@
* Make output buffer larger to prevent potential truncation warnings fromdtucker2021-01-151-2/+2
| | | | | compilers not smart enough to know the strftime calls won't ever fully fill "to" and "from". ok djm@
* Change types in convtime() unit test to int to match change its new type.dtucker2021-01-151-3/+3
| | | | | Add tests for boundary conditions and fix convtime to work up to INT_MAX. ok djm@
* In waitfd(), when poll returns early we are subtracting the elapsed timedtucker2021-01-151-2/+2
| | | | | | from the timeout each loop, so we only want to measure the elapsed time the poll() in that loop, not since the start of the function. Spotted by chris.xj.zhu at gmail.com, ok djm@
* Minor grammatical correction.rob2021-01-142-6/+6
| | | | OK jmc@
* Pledge the "-C" code pathkn2021-01-131-1/+5
| | | | | | | In "Parse and check config" mode nothing is executed so pledge without "exec" while still setuid and before reading/parsing the config file. OK millert
* const-ify lookup tables; ok ratchov@naddy2021-01-127-34/+34
|
* Use sndiod's 8-th order FIR low-pass filter for resamplingratchov2021-01-112-9/+149
| | | | Removes most of the aliasing noise during resampling
* Use a 8-th order FIR low-pass filter for resamplingratchov2021-01-112-9/+148
| | | | | At the expence of slightly more CPU cycles, it almost removes aliasing noise in most practical use-cases.
* Correct spelling of persourcenetblocksize in config-dump mode.dtucker2021-01-111-2/+2
|
* Change convtime() from returning long to returning int. On platformsdtucker2021-01-114-14/+14
| | | | | | where sizeof(int) != sizeof(long), convtime could accept values >MAX_INT which subsequently truncate when stored in an int during config parsing. bz#3250, ok djm@
* add a comma to previous;jmc2021-01-091-2/+2
|
* kill trailing whitespacejasper2021-01-091-12/+12
|
* Add PerSourceMaxStartups and PerSourceNetBlockSize options which providedtucker2021-01-097-12/+255
| | | | | more fine grained MaxStartups limits. Man page help jmc@, feedback & ok djm@
* Move address handling functions out into their own file in order to reusedtucker2021-01-094-328/+483
| | | | | | them for per-source maxstartups limiting. Supplement with some additional functions from djm's flowtools that we'll also need. ok djm@ (as part of a larger diff).
* Move a premature optimization so that -s with offsets works.otto2021-01-091-4/+4
| | | | ok florian@ tb@
* bowie died 10.1; from steffen nurpmesojmc2021-01-081-2/+2
|
* Missed from last commit.nicm2021-01-081-1/+2
|
* With incremental search, start empty and only repeat the previous searchnicm2021-01-082-17/+37
| | | | | if the user tries to search again with an empty prompt. This matches emacs behaviour more closely.
* make CheckHostIP default to 'no'. It doesn't provide any perceptibledjm2021-01-082-6/+6
| | | | | | | value and makes it much harder for hosts to change host keys, particularly ones that use IP-based load-balancing. ok dtucker@
* If a signature operation on a FIDO key fails with a "incorrect PIN"djm2021-01-081-3/+12
| | | | | | | | | | | | | reason and no PIN was initially requested from the user, then request a PIN and retry the operation. This smoothes over a few corner cases including FIDO devices that require PINs for all hosted credentials, biometric FIDO devices that fall back to requiring PIN when reading the biometric failed, devices that don't implement reading credProtect status for downloaded keys and probably a few more cases that I haven't though of yet. ok dtucker@
* don't try to use timespeccmp(3) directly as a qsort(3) comparisondjm2021-01-081-4/+7
| | | | | | | | function - it returns 0/1 and not the -1/0/1 that qsort expectes. fixes sftp "ls -ltr" under some circumstances. Based on patch by Masahiro Matsuya via bz3248.
* Update the sntrup761 creation script and generated code:dtucker2021-01-083-121/+49
| | | | | | | | | | - remove unneeded header files and typedefs and rely on crypto_api.h - add defines to map types used to the crypto_api ones instead of typedefs. This prevents typedef name collisions in -portable. - remove CRYPTO_NAMESPACE entirely instead of making it a no-op - delete unused functions and make the remaining ones that aren't exported static. ok djm@
* mention that DisableForwarding is valid in a sshd_config Match blockdjm2021-01-081-2/+3
| | | | reported by Fredrik Eriksson in bz3239
* Insert joined pane before the target pane with -b, like for split. Fromnicm2021-01-061-2/+5
| | | | Takeshi Banse.
* Remove unused variable, from Ben Boeckel.nicm2021-01-061-7/+2
|
* estructure sntrup761.sh to process all files in a single list, which willdtucker2021-01-043-41/+33
| | | | make it easier to reorder. Re-inline int32_MINMAX. ok tobhe@
* Add a variant of remain-on-exit that only keeps the pane if the programnicm2021-01-043-11/+26
| | | | failed, GitHub issue 2513.
* Remove BER_TYPE_BOOLEAN, it's not part of the spec and I haven't seen itmartijn2021-01-041-19/+1
| | | | | | used anywhere. OK jan@
* Prevent redefinition of `crypto_int32' error with gcc3.tobhe2021-01-032-4/+4
| | | | | | | Fixes compilation on luna88k. Feedback millert@ Found by and ok aoyama@
* Add missing .Cm macros to the Address Family table.schwarze2021-01-021-8/+8
| | | | While here, trim pointless quoting and one excessive column width.
* Markup route flags such that apropos(1) finds themkn2021-01-021-24/+24
| | | | | | | | | | netstat(1) is where the mapping between letters and flags is documented, but searching for them ("man -k any=RTF_" or "man -k -i any=blackhole") would only list route(4) and route(8). Markup preprocessor defines as such. OK schwarze
* update currency exchange rates;jmc2021-01-021-39/+39
|
* Handle Permanent Redirect (RFC 7538)chrisz2021-01-011-1/+2
| | | | ok jca@, kn@
* Add a -C flag to run-shell to use a tmux command rather than a shell command.nicm2021-01-012-31/+83
|
* Use right format for session loop, GitHub issue 2519.nicm2020-12-301-2/+2
|
* Use int64_t for intermediate values in int32_MINMAX to prevent signedtobhe2020-12-303-15/+24
| | | | | | | 32-bit integer overflow. Found by and ok djm@ ok markus@
* Document meaning of '*' in genrsa outputtb2020-12-301-3/+6
| | | | ok inoguchi jmc kn
* fflush after outputting a set of stats.dlg2020-12-291-1/+3
| | | | | this helps when you're trying to pipe stuff into other programs (like awk and ttyplot).
* getifaddrs() can return entries where ifa_addr is NULL. Check for thisbenno2020-12-291-2/+3
| | | | | before accessing anything in ifa_addr. ok claudio@
* getifaddrs() can return entries where ifa_addr is NULL. Check for thisbenno2020-12-291-2/+3
| | | | | before accessing anything in ifa_addr. ok claudio@
* Update/replace the experimental post-quantim hybrid key exchangedjm2020-12-2916-1207/+1496
| | | | | | | | | | | | | | | | | | method based on Streamlined NTRU Prime (coupled with X25519). The previous sntrup4591761x25519-sha512@tinyssh.org method is replaced with sntrup761x25519-sha512@openssh.com. Per the authors, sntrup4591761 was replaced almost two years ago by sntrup761. The sntrup761 implementaion, like sntrup4591761 before it, is public domain code extracted from the SUPERCOP cryptography benchmark suite (https://bench.cr.yp.to/supercop.html). Thanks for Daniel J Bernstein for guidance on algorithm selection. Patch from Tobias Heider; feedback & ok markus@ and myself (note this both the updated method and the one that it replaced are disabled by default)
* Do not list user options with show-hooks.nicm2020-12-281-6/+8
|
* Remove current match indicator which can't work anymore since we onlynicm2020-12-281-17/+8
| | | | search the visible region. From Anindya Mukherjee, GitHub issue 2508.
* Print specific headline for TCP state and IP protocol in netstat.bluhm2020-12-231-3/+4
| | | | OK claudio@ sthen@
* Break cursor movement in grid into a common set of functions that cannicm2020-12-224-147/+519
| | | | | handle line wrapping and so on in one place and use them for the obvious copy mode commands. From Anindya Mukherjee.
* tweak the description of KnownHostsCommand in ssh_conf.5, and addjmc2020-12-223-14/+16
| | | | | | entries for it to the -O list in scp.1 and sftp.1; ok djm
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.