upstream: Change types in convtime() unit test to int to match

change its new type. Add tests for boundary conditions and fix convtime to
work up to INT_MAX. ok djm@

OpenBSD-Com

upstream: Change types in convtime() unit test to int to match

change its new type. Add tests for boundary conditions and fix convtime to
work up to INT_MAX. ok djm@

OpenBSD-Commit-ID: 01dc0475f1484ac2f47facdfcf9221f9472145de

show more ...

upstream: In waitfd(), when poll returns early we are subtracting

the elapsed time from the timeout each loop, so we only want to measure the
elapsed time the poll() in that loop, not si

upstream: In waitfd(), when poll returns early we are subtracting

the elapsed time from the timeout each loop, so we only want to measure the
elapsed time the poll() in that loop, not since the start of the function.
Spotted by chris.xj.zhu at gmail.com, ok djm@

OpenBSD-Commit-ID: 199df060978ee9aa89b8041a3dfaf1bf7ae8dd7a

show more ...

upstream: Change convtime() from returning long to returning int.

On platforms where sizeof(int) != sizeof(long), convtime could accept values
>MAX_INT which subsequently truncate when s

upstream: Change convtime() from returning long to returning int.

On platforms where sizeof(int) != sizeof(long), convtime could accept values
>MAX_INT which subsequently truncate when stored in an int during config
parsing. bz#3250, ok djm@

OpenBSD-Commit-ID: 8fc932683d6b4660d52f50911d62bd6639c5db31

show more ...

upstream: move subprocess() from auth.c to misc.c

make privilege dropping optional but allow it via callbacks (to avoid
need to link uidswap.c everywhere)

add some other flags (

upstream: move subprocess() from auth.c to misc.c

make privilege dropping optional but allow it via callbacks (to avoid
need to link uidswap.c everywhere)

add some other flags (keep environment, disable strict path safety check)
that make this more useful for client-side use.

feedback & ok markus@

OpenBSD-Commit-ID: a80ea9fdcc156f1a18e9c166122c759fae1637bf

show more ...

upstream: Set the specified TOS/DSCP for interactive use prior to

TCP connect. The connection phase of the SSH session is time-sensitive (due
to server side login grace periods) and is f

upstream: Set the specified TOS/DSCP for interactive use prior to

TCP connect. The connection phase of the SSH session is time-sensitive (due
to server side login grace periods) and is frequently interactive (e.g.
entering passwords). The ultimate interactive/bulk TOS/DSCP will be set after
authentication completes.

ok dtucker@

OpenBSD-Commit-ID: f31ab10d9233363a6d2c9996007083ba43a093f1

show more ...

upstream: use the new variant log macros instead of prepending

__func__ and appending ssh_err(r) manually; ok markus@

OpenBSD-Commit-ID: 1f14b80bcfa85414b2a1a6ff714fb5362687ace8

upstream: There are lots of place where we want to redirect stdin,

stdout and/or stderr to /dev/null. Factor all these out to a single
stdfd_devnull() function that allows selection of w

upstream: There are lots of place where we want to redirect stdin,

stdout and/or stderr to /dev/null. Factor all these out to a single
stdfd_devnull() function that allows selection of which of these to redirect.
ok markus@

OpenBSD-Commit-ID: 3033ba5a4c47cacfd5def020d42cabc52fad3099

show more ...

upstream: handle EINTR in waitfd() and timeout_connect() helpers;

bz#3071; ok dtucker@

OpenBSD-Commit-ID: 08fa87be50070bd8b754d9b1ebb1138d7bc9d8ee

upstream: Make dollar_expand variadic and pass a real va_list to

vdollar_percent_expand. Fixes build error on arm64 spotted by otto@.

OpenBSD-Commit-ID: 181910d7ae489f40ad609b4cf4a2

upstream: Make dollar_expand variadic and pass a real va_list to

vdollar_percent_expand. Fixes build error on arm64 spotted by otto@.

OpenBSD-Commit-ID: 181910d7ae489f40ad609b4cf4a20f3d068a7279

show more ...

upstream: Pass a NULL instead of zeroed out va_list from

dollar_expand. The original intent was in case there's some platform where
va_list is not a pointer equivalent, but on i386 this

upstream: Pass a NULL instead of zeroed out va_list from

dollar_expand. The original intent was in case there's some platform where
va_list is not a pointer equivalent, but on i386 this chokes on the memset.
This unbreaks that build, but will require further consideration.

OpenBSD-Commit-ID: 7b90afcd8e1137a1d863204060052aef415baaf7

show more ...

upstream: Allow some keywords to expand shell-style ${ENV}

environment variables on the client side. The supported keywords are
CertificateFile, ControlPath, IdentityAgent and IdentityF

upstream: Allow some keywords to expand shell-style ${ENV}

environment variables on the client side. The supported keywords are
CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus
LocalForward and RemoteForward when used for Unix domain socket paths. This
would for example allow forwarding of Unix domain socket paths that change at
runtime. bz#3140, ok djm@

OpenBSD-Commit-ID: a4a2e801fc2d4df2fe0e58f50d9c81b03822dffa

show more ...

upstream: Fix multiplier in convtime when handling seconds after

other units. bz#3171, spotted by ronf at timeheart.net, ok djm@.

OpenBSD-Commit-ID: 95b7a848e1083974a65fbb6ccb381d43

upstream: Fix multiplier in convtime when handling seconds after

other units. bz#3171, spotted by ronf at timeheart.net, ok djm@.

OpenBSD-Commit-ID: 95b7a848e1083974a65fbb6ccb381d438e1dd5be

show more ...

upstream: add fmt_timeframe() (from bgpd) to format a time

interval in a human- friendly format. Switch copyright for this file from BSD
to MIT to make it easier to add Henning's copyrig

upstream: add fmt_timeframe() (from bgpd) to format a time

interval in a human- friendly format. Switch copyright for this file from BSD
to MIT to make it easier to add Henning's copyright for this function. ok
markus@

OpenBSD-Commit-ID: 414a831c662df7e68893e5233e86f2cac081ccf9

show more ...

See if SA_RESTART signals will interrupt select().

On some platforms (at least older HP-UXes such as 11.11, possibly others)
setting SA_RESTART on signal handers will cause it to not int

See if SA_RESTART signals will interrupt select().

On some platforms (at least older HP-UXes such as 11.11, possibly others)
setting SA_RESTART on signal handers will cause it to not interrupt
select(), at least for calls that do not specify a timeout. Try to
detect this and if found, don't use SA_RESTART.

POSIX says "If SA_RESTART has been set for the interrupting signal, it
is implementation-dependent whether select() restarts or returns with
[EINTR]" so this behaviour is within spec.

show more ...

upstream: We've standardized on memset over bzero, replace a couple

that had slipped in. ok deraadt markus djm.

OpenBSD-Commit-ID: f5be055554ee93e6cc66b0053b590bef3728dbd6

upstream: make IPTOS_DSCP_LE available via IPQoS directive; bz2986,

based on patch by veegish AT cyberstorm.mu

OpenBSD-Commit-ID: 9902bf4fbb4ea51de2193ac2b1d965bc5d99c425

upstream: add xextendf() to extend a string with a format

(reallocating as necessary). ok aja@ as part of a larger diff

OpenBSD-Commit-ID: 30796b50d330b3e0e201747fe40cdf9aa70a77f9

upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTA

upstream: Replace all calls to signal(2) with a wrapper around

sigaction(2). This wrapper blocks all other signals during the handler
preventing races between handlers, and sets SA_RESTART which should reduce
the potential for short read/write operations.

OpenBSD-Commit-ID: 5e047663fd77a40d7b07bdabe68529df51fd2519

show more ...

upstream: Wait for FD to be readable or writeable during a nonblocking

connect, not just readable. Prevents a timeout when the server doesn't
immediately send a banner (eg multiplexers

upstream: Wait for FD to be readable or writeable during a nonblocking

connect, not just readable. Prevents a timeout when the server doesn't
immediately send a banner (eg multiplexers like sslh) but is also slightly
quicker for other connections since, unlike ssh1, ssh2 doesn't specify
that the client should parse the server banner before sending its own.
Patch from mnissler@chromium.org, ok djm@

OpenBSD-Commit-ID: aba9cd8480d1d9dd31d0ca0422ea155c26c5df1d

show more ...

Wrap poll.h includes in HAVE_POLL_H.

upstream: move authorized_keys option parsing helpsers to misc.c

and make them public; ok markus@

OpenBSD-Commit-ID: c18bcb2a687227b3478377c981c2d56af2638ea2

upstream: move skip_space() to misc.c and make it public; ok

markus@

OpenBSD-Commit-ID: caa77e8a3b210948e29ad3e28c5db00852961eae

upstream: switch percent_expand() to use sshbuf instead of a limited

fixed buffer; ok markus@

OpenBSD-Commit-ID: 3f9ef20bca5ef5058b48c1cac67c53b9a1d15711

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this be

upstream: When system calls indicate an error they return -1, not

some arbitrary value < 0. errno is only updated in this case. Change all
(most?) callers of syscalls to follow this better, and let's see if this
strictness helps us in the future.

OpenBSD-Commit-ID: 48081f00db7518e3b712a49dca06efc2a5428075

show more ...

upstream: Some asprintf() calls were checked < 0, rather than the

precise == -1. ok millert nicm tb, etc

OpenBSD-Commit-ID: caecf8f57938685c04f125515b9f2806ad408d53