closest end of a word just like <esc><left> moves left to the closest
beginning of a word.
ok djm
OpenBSD-Commit-ID: 6afe01b05ed52d8b12eb1fda6e9af5afb5e198ee
We shipped a BSD implementation of realpath() because sftp-server
depended on its behaviour.
OpenBSD is now moving to a more strictly POSIX-compliant realpath(2),
so sftp-server now unconditionally requires its own BSD-style realpath
implementation. As such, there is no need to carry another independant
implementation in openbsd-compat.
ok dtucker@
sftp-server use ahead of OpenBSD's realpath changing to match POSIX;
ok deraadt@ (thanks for snaps testing)
OpenBSD-Commit-ID: 4f8cbf7ed8679f6237264301d104ecec64885d55
When configured --with-prngd-socket the code had a missing bracket after
an API change. Fix that and a couple of warnings. bz#3032 , from
ole.weidner at protonmail.ch
A recent regress change (2a9b3a2ce411d16cda9c79ab713c55f65b0ec257 in
portable) broke the PuTTY and Twisted Conch interop tests, because the
key they want to use is now called ssh-rsa rather than rsa. Adapt the
tests to the new file names. bz#3020, patch from cjwatson at debian.org.
OpenBSD-Regress-ID: fd342a37db4d55aa4ec85316f73082c8eb96e64e
Currently when the multiplex client requests a forward it returns
once the request has been sent but not necessarily when the forward
is up. This causes intermittent text failures due to this race,
so add some sleeps to mitigate this until we can fix it properly.
OpenBSD-Regress-ID: 384c7d209d2443d25ea941d7f677e932621fb253
Some platforms (eg AIX and Cygwin) do not have a "tty" group. In those
cases we will fall back to making the tty device the user's primary
group, so do not fatal if the group lookup fails. ok djm@
some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.
OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075
upon error the (very sloppy specification) leaves an undefined value in *ret,
so it is wrong to inspect it, the error condition is enough. discussed a
little with nicm, and then much more with millert until we were exasperated
OpenBSD-Commit-ID: 29258fa51edf8115d244b9d4b84028487bf8923e
speculation and memory sidechannel attacks like Spectre, Meltdown, Rowhammer
and Rambleed. This change encrypts private keys when they are not in use with
a symmetic key that is derived from a relatively large "prekey" consisting of
random data (currently 16KB).
Attackers must recover the entire prekey with high accuracy before
they can attempt to decrypt the shielded private key, but the current
generation of attacks have bit error rates that, when applied
cumulatively to the entire prekey, make this unlikely.
Implementation-wise, keys are encrypted "shielded" when loaded and then
automatically and transparently unshielded when used for signatures or
when being saved/serialised.
Hopefully we can remove this in a few years time when computer
architecture has become less unsafe.
been in snaps for a bit already; thanks deraadt@
ok dtucker@ deraadt@
OpenBSD-Commit-ID: 19767213c312e46f94b303a512ef8e9218a39bd4
optional, not local-path - sync help
from deraadt:
- prefer -R and undocument -r (but add a comment for future editors)
from schwarze:
- prefer -p and undocument -P (as above. the comment was schwarze's too)
more:
- add the -f flag to reput and reget
- sort help (i can;t remember who suggested this originally)
djm and deraadt were ok with earlier versions of this;
tim and schwarze ok
OpenBSD-Commit-ID: 3c699b53b46111f5c57eed4533f132e7e58bacdd
Cast bitcount to u_in64_t before bit shifting to prevent integer overflow
on 32bit platforms which cause incorrect results when adding a block
>=512M in size. sha1 patch from ante84 at gmail.com via openssh github,
sha2 with djm@, ok tedu@
correct signature algorithm when requested. Patch from Jakub Jelen in bz3016
ok dtucker markus
OpenBSD-Commit-ID: 61f86efbeb4a1857a3e91298c1ccc6cf49b79624
the "Hostname" and "X11UseLocalhost" keywords; this makes things consistent
(effectively reversing my commit of yesterday);
ok deraadt markus djm
OpenBSD-Commit-ID: 255c02adb29186ac91dcf47dfad7adb1b1e54667
