summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2020-07-05 23:59:45 +0000
committerDarren Tucker <dtucker@dtucker.net>2020-07-15 15:07:42 +1000
commit6d755706a0059eb9e2d63517f288b75cbc3b4701 (patch)
treeadb003b1adcea270f4480baa4ff83d495b3478f3
parentb0c1e8384d5e136ebdf895d1434aea7dd8661a1c (diff)
upstream: some language improvements; ok markus
OpenBSD-Commit-ID: 939d787d571b4d5da50b3b721fd0b2ac236acaa8
-rw-r--r--PROTOCOL6
-rw-r--r--channels.h6
-rw-r--r--compat.c18
-rw-r--r--kex.c6
-rw-r--r--match.c12
-rw-r--r--match.h6
-rw-r--r--monitor.c4
-rw-r--r--mux.c14
-rw-r--r--packet.c4
-rw-r--r--readconf.c12
-rw-r--r--servconf.c22
-rw-r--r--servconf.h8
-rw-r--r--session.c20
-rw-r--r--ssh-agent.c8
-rw-r--r--ssh.c12
15 files changed, 79 insertions, 79 deletions
diff --git a/PROTOCOL b/PROTOCOL
index c702fca4..ecdacb9d 100644
--- a/PROTOCOL
+++ b/PROTOCOL
@@ -140,7 +140,7 @@ window space and may be sent even if no window space is available.
NB. due to certain broken SSH implementations aborting upon receipt
of this message (in contravention of RFC4254 section 5.4), this
message is only sent to OpenSSH peers (identified by banner).
-Other SSH implementations may be whitelisted to receive this message
+Other SSH implementations may be listed to receive this message
upon request.
2.2. connection: disallow additional sessions extension
@@ -169,7 +169,7 @@ Note that this is not a general defence against compromised clients
NB. due to certain broken SSH implementations aborting upon receipt
of this message, the no-more-sessions request is only sent to OpenSSH
servers (identified by banner). Other SSH implementations may be
-whitelisted to receive this message upon request.
+listed to receive this message upon request.
2.3. connection: Tunnel forward extension "tun@openssh.com"
@@ -496,4 +496,4 @@ OpenSSH's connection multiplexing uses messages as described in
PROTOCOL.mux over a Unix domain socket for communications between a
master instance and later clients.
-$OpenBSD: PROTOCOL,v 1.37 2020/02/21 00:04:43 dtucker Exp $
+$OpenBSD: PROTOCOL,v 1.38 2020/07/05 23:59:45 djm Exp $
diff --git a/channels.h b/channels.h
index c8ae0d90..ee818880 100644
--- a/channels.h
+++ b/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.133 2020/01/25 22:49:38 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.134 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -52,11 +52,11 @@
#define SSH_CHANNEL_DYNAMIC 13
#define SSH_CHANNEL_ZOMBIE 14 /* Almost dead. */
#define SSH_CHANNEL_MUX_LISTENER 15 /* Listener for mux conn. */
-#define SSH_CHANNEL_MUX_CLIENT 16 /* Conn. to mux slave */
+#define SSH_CHANNEL_MUX_CLIENT 16 /* Conn. to mux client */
#define SSH_CHANNEL_ABANDONED 17 /* Abandoned session, eg mux */
#define SSH_CHANNEL_UNIX_LISTENER 18 /* Listening on a domain socket. */
#define SSH_CHANNEL_RUNIX_LISTENER 19 /* Listening to a R-style domain socket. */
-#define SSH_CHANNEL_MUX_PROXY 20 /* proxy channel for mux-slave */
+#define SSH_CHANNEL_MUX_PROXY 20 /* proxy channel for mux-client */
#define SSH_CHANNEL_RDYNAMIC_OPEN 21 /* reverse SOCKS, parsing request */
#define SSH_CHANNEL_RDYNAMIC_FINISH 22 /* reverse SOCKS, finishing connect */
#define SSH_CHANNEL_MAX_TYPE 23
diff --git a/compat.c b/compat.c
index 7c0e1c23..dec8e7e9 100644
--- a/compat.c
+++ b/compat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.c,v 1.114 2020/06/01 07:11:38 dtucker Exp $ */
+/* $OpenBSD: compat.c,v 1.115 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
@@ -163,8 +163,8 @@ compat_cipher_proposal(char *cipher_prop)
if (!(datafellows & SSH_BUG_BIGENDIANAES))
return cipher_prop;
debug2("%s: original cipher proposal: %s", __func__, cipher_prop);
- if ((cipher_prop = match_filter_blacklist(cipher_prop, "aes*")) == NULL)
- fatal("match_filter_blacklist failed");
+ if ((cipher_prop = match_filter_denylist(cipher_prop, "aes*")) == NULL)
+ fatal("match_filter_denylist failed");
debug2("%s: compat cipher proposal: %s", __func__, cipher_prop);
if (*cipher_prop == '\0')
fatal("No supported ciphers found");
@@ -177,8 +177,8 @@ compat_pkalg_proposal(char *pkalg_prop)
if (!(datafellows & SSH_BUG_RSASIGMD5))
return pkalg_prop;
debug2("%s: original public key proposal: %s", __func__, pkalg_prop);
- if ((pkalg_prop = match_filter_blacklist(pkalg_prop, "ssh-rsa")) == NULL)
- fatal("match_filter_blacklist failed");
+ if ((pkalg_prop = match_filter_denylist(pkalg_prop, "ssh-rsa")) == NULL)
+ fatal("match_filter_denylist failed");
debug2("%s: compat public key proposal: %s", __func__, pkalg_prop);
if (*pkalg_prop == '\0')
fatal("No supported PK algorithms found");
@@ -192,14 +192,14 @@ compat_kex_proposal(char *p)
return p;
debug2("%s: original KEX proposal: %s", __func__, p);
if ((datafellows & SSH_BUG_CURVE25519PAD) != 0)
- if ((p = match_filter_blacklist(p,
+ if ((p = match_filter_denylist(p,
"curve25519-sha256@libssh.org")) == NULL)
- fatal("match_filter_blacklist failed");
+ fatal("match_filter_denylist failed");
if ((datafellows & SSH_OLD_DHGEX) != 0) {
- if ((p = match_filter_blacklist(p,
+ if ((p = match_filter_denylist(p,
"diffie-hellman-group-exchange-sha256,"
"diffie-hellman-group-exchange-sha1")) == NULL)
- fatal("match_filter_blacklist failed");
+ fatal("match_filter_denylist failed");
}
debug2("%s: compat KEX proposal: %s", __func__, p);
if (*p == '\0')
diff --git a/kex.c b/kex.c
index 09c7258e..aecb9394 100644
--- a/kex.c
+++ b/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.158 2020/03/13 04:01:56 djm Exp $ */
+/* $OpenBSD: kex.c,v 1.159 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@@ -247,7 +247,7 @@ kex_assemble_names(char **listp, const char *def, const char *all)
list = tmp;
} else if (*list == '-') {
/* Remove names from default list */
- if ((*listp = match_filter_blacklist(def, list + 1)) == NULL) {
+ if ((*listp = match_filter_denylist(def, list + 1)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto fail;
}
@@ -284,7 +284,7 @@ kex_assemble_names(char **listp, const char *def, const char *all)
goto fail;
}
free(matching);
- if ((matching = match_filter_whitelist(all, cp)) == NULL) {
+ if ((matching = match_filter_allowlist(all, cp)) == NULL) {
r = SSH_ERR_ALLOC_FAIL;
goto fail;
}
diff --git a/match.c b/match.c
index 3a8fa9d7..927565c1 100644
--- a/match.c
+++ b/match.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.c,v 1.41 2019/11/13 04:47:52 deraadt Exp $ */
+/* $OpenBSD: match.c,v 1.42 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -309,13 +309,13 @@ match_list(const char *client, const char *server, u_int *next)
/*
* Filter proposal using pattern-list filter.
- * "blacklist" determines sense of filter:
+ * "denylist" determines sense of filter:
* non-zero indicates that items matching filter should be excluded.
* zero indicates that only items matching filter should be included.
* returns NULL on allocation error, otherwise caller must free result.
*/
static char *
-filter_list(const char *proposal, const char *filter, int blacklist)
+filter_list(const char *proposal, const char *filter, int denylist)
{
size_t len = strlen(proposal) + 1;
char *fix_prop = malloc(len);
@@ -333,7 +333,7 @@ filter_list(const char *proposal, const char *filter, int blacklist)
*fix_prop = '\0';
while ((cp = strsep(&tmp, ",")) != NULL) {
r = match_pattern_list(cp, filter, 0);
- if ((blacklist && r != 1) || (!blacklist && r == 1)) {
+ if ((denylist && r != 1) || (!denylist && r == 1)) {
if (*fix_prop != '\0')
strlcat(fix_prop, ",", len);
strlcat(fix_prop, cp, len);
@@ -348,7 +348,7 @@ filter_list(const char *proposal, const char *filter, int blacklist)
* the 'filter' pattern list. Caller must free returned string.
*/
char *
-match_filter_blacklist(const char *proposal, const char *filter)
+match_filter_denylist(const char *proposal, const char *filter)
{
return filter_list(proposal, filter, 1);
}
@@ -358,7 +358,7 @@ match_filter_blacklist(const char *proposal, const char *filter)
* the 'filter' pattern list. Caller must free returned string.
*/
char *
-match_filter_whitelist(const char *proposal, const char *filter)
+match_filter_allowlist(const char *proposal, const char *filter)
{
return filter_list(proposal, filter, 0);
}
diff --git a/match.h b/match.h
index 3a8a6ecd..312ca6e1 100644
--- a/match.h
+++ b/match.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.h,v 1.19 2019/03/06 22:14:23 dtucker Exp $ */
+/* $OpenBSD: match.h,v 1.20 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -21,8 +21,8 @@ int match_hostname(const char *, const char *);
int match_host_and_ip(const char *, const char *, const char *);
int match_user(const char *, const char *, const char *, const char *);
char *match_list(const char *, const char *, u_int *);
-char *match_filter_blacklist(const char *, const char *);
-char *match_filter_whitelist(const char *, const char *);
+char *match_filter_denylist(const char *, const char *);
+char *match_filter_allowlist(const char *, const char *);
/* addrmatch.c */
int addr_match_list(const char *, const char *);
diff --git a/monitor.c b/monitor.c
index b6e855d5..325ad95e 100644
--- a/monitor.c
+++ b/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.210 2020/03/13 03:17:07 djm Exp $ */
+/* $OpenBSD: monitor.c,v 1.211 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -1568,7 +1568,7 @@ mm_answer_pty(struct ssh *ssh, int sock, struct sshbuf *m)
if (fd0 != 0)
error("%s: fd0 %d != 0", __func__, fd0);
- /* slave is not needed */
+ /* only need pty master side */
close(s->ttyfd);
s->ttyfd = s->ptyfd;
/* no need to dup() because nobody closes ptyfd */
diff --git a/mux.c b/mux.c
index fb31ad44..376f0d71 100644
--- a/mux.c
+++ b/mux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mux.c,v 1.82 2020/04/30 17:12:20 markus Exp $ */
+/* $OpenBSD: mux.c,v 1.83 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org>
*
@@ -187,7 +187,7 @@ static const struct {
{ 0, NULL }
};
-/* Cleanup callback fired on closure of mux slave _session_ channel */
+/* Cleanup callback fired on closure of mux client _session_ channel */
/* ARGSUSED */
static void
mux_master_session_cleanup_cb(struct ssh *ssh, int cid, void *unused)
@@ -209,7 +209,7 @@ mux_master_session_cleanup_cb(struct ssh *ssh, int cid, void *unused)
channel_cancel_cleanup(ssh, c->self);
}
-/* Cleanup callback fired on closure of mux slave _control_ channel */
+/* Cleanup callback fired on closure of mux client _control_ channel */
/* ARGSUSED */
static void
mux_master_control_cleanup_cb(struct ssh *ssh, int cid, void *unused)
@@ -287,7 +287,7 @@ mux_master_process_hello(struct ssh *ssh, u_int rid,
"(expected %u)", __func__, ver, SSHMUX_VER);
return -1;
}
- debug2("%s: channel %d slave version %u", __func__, c->self, ver);
+ debug2("%s: channel %d client version %u", __func__, c->self, ver);
/* No extensions are presently defined */
while (sshbuf_len(m) > 0) {
@@ -401,7 +401,7 @@ mux_master_process_new_session(struct ssh *ssh, u_int rid,
/* Gather fds from client */
for(i = 0; i < 3; i++) {
if ((new_fd[i] = mm_receive_fd(c->sock)) == -1) {
- error("%s: failed to receive fd %d from slave",
+ error("%s: failed to receive fd %d from client",
__func__, i);
for (j = 0; j < i; j++)
close(new_fd[j]);
@@ -994,7 +994,7 @@ mux_master_process_stdio_fwd(struct ssh *ssh, u_int rid,
/* Gather fds from client */
for(i = 0; i < 2; i++) {
if ((new_fd[i] = mm_receive_fd(c->sock)) == -1) {
- error("%s: failed to receive fd %d from slave",
+ error("%s: failed to receive fd %d from client",
__func__, i);
for (j = 0; j < i; j++)
close(new_fd[j]);
@@ -1154,7 +1154,7 @@ mux_master_process_proxy(struct ssh *ssh, u_int rid,
return 0;
}
-/* Channel callbacks fired on read/write from mux slave fd */
+/* Channel callbacks fired on read/write from mux client fd */
static int
mux_master_read_cb(struct ssh *ssh, Channel *c)
{
diff --git a/packet.c b/packet.c
index 042ec7c4..00e3180c 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.295 2020/07/01 16:28:31 markus Exp $ */
+/* $OpenBSD: packet.c,v 1.296 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2450,7 +2450,7 @@ ssh_packet_set_state(struct ssh *ssh, struct sshbuf *m)
(r = sshbuf_get_u64(m, &state->p_read.bytes)) != 0)
return r;
/*
- * We set the time here so that in post-auth privsep slave we
+ * We set the time here so that in post-auth privsep child we
* count from the completion of the authentication.
*/
state->rekey_time = monotime();
diff --git a/readconf.c b/readconf.c
index c0595a52..9e597748 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.331 2020/05/29 04:25:40 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.332 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2221,11 +2221,11 @@ fill_default_options(Options * options)
all_key = sshkey_alg_list(0, 0, 1, ',');
all_sig = sshkey_alg_list(0, 1, 1, ',');
/* remove unsupported algos from default lists */
- def_cipher = match_filter_whitelist(KEX_CLIENT_ENCRYPT, all_cipher);
- def_mac = match_filter_whitelist(KEX_CLIENT_MAC, all_mac);
- def_kex = match_filter_whitelist(KEX_CLIENT_KEX, all_kex);
- def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key);
- def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig);
+ def_cipher = match_filter_allowlist(KEX_CLIENT_ENCRYPT, all_cipher);
+ def_mac = match_filter_allowlist(KEX_CLIENT_MAC, all_mac);
+ def_kex = match_filter_allowlist(KEX_CLIENT_KEX, all_kex);
+ def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key);
+ def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig);
#define ASSEMBLE(what, defaults, all) \
do { \
if ((r = kex_assemble_names(&options->what, \
diff --git a/servconf.c b/servconf.c
index 22cb9583..67581ccf 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.366 2020/06/24 15:09:53 markus Exp $ */
+/* $OpenBSD: servconf.c,v 1.367 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -141,7 +141,7 @@ initialize_server_options(ServerOptions *options)
options->challenge_response_authentication = -1;
options->permit_empty_passwd = -1;
options->permit_user_env = -1;
- options->permit_user_env_whitelist = NULL;
+ options->permit_user_env_allowlist = NULL;
options->compression = -1;
options->rekey_limit = -1;
options->rekey_interval = -1;
@@ -213,11 +213,11 @@ assemble_algorithms(ServerOptions *o)
all_key = sshkey_alg_list(0, 0, 1, ',');
all_sig = sshkey_alg_list(0, 1, 1, ',');
/* remove unsupported algos from default lists */
- def_cipher = match_filter_whitelist(KEX_SERVER_ENCRYPT, all_cipher);
- def_mac = match_filter_whitelist(KEX_SERVER_MAC, all_mac);
- def_kex = match_filter_whitelist(KEX_SERVER_KEX, all_kex);
- def_key = match_filter_whitelist(KEX_DEFAULT_PK_ALG, all_key);
- def_sig = match_filter_whitelist(SSH_ALLOWED_CA_SIGALGS, all_sig);
+ def_cipher = match_filter_allowlist(KEX_SERVER_ENCRYPT, all_cipher);
+ def_mac = match_filter_allowlist(KEX_SERVER_MAC, all_mac);
+ def_kex = match_filter_allowlist(KEX_SERVER_KEX, all_kex);
+ def_key = match_filter_allowlist(KEX_DEFAULT_PK_ALG, all_key);
+ def_sig = match_filter_allowlist(SSH_ALLOWED_CA_SIGALGS, all_sig);
#define ASSEMBLE(what, defaults, all) \
do { \
if ((r = kex_assemble_names(&o->what, defaults, all)) != 0) \
@@ -390,7 +390,7 @@ fill_default_server_options(ServerOptions *options)
options->permit_empty_passwd = 0;
if (options->permit_user_env == -1) {
options->permit_user_env = 0;
- options->permit_user_env_whitelist = NULL;
+ options->permit_user_env_allowlist = NULL;
}
if (options->compression == -1)
#ifdef WITH_ZLIB
@@ -1630,7 +1630,7 @@ process_server_config_line_depth(ServerOptions *options, char *line,
case sPermitUserEnvironment:
intptr = &options->permit_user_env;
- charptr = &options->permit_user_env_whitelist;
+ charptr = &options->permit_user_env_allowlist;
arg = strdelim(&cp);
if (!arg || *arg == '\0')
fatal("%s line %d: missing argument.",
@@ -2925,11 +2925,11 @@ dump_config(ServerOptions *o)
}
printf("\n");
- if (o->permit_user_env_whitelist == NULL) {
+ if (o->permit_user_env_allowlist == NULL) {
dump_cfg_fmtint(sPermitUserEnvironment, o->permit_user_env);
} else {
printf("permituserenvironment %s\n",
- o->permit_user_env_whitelist);
+ o->permit_user_env_allowlist);
}
printf("pubkeyauthoptions");
diff --git a/servconf.h b/servconf.h
index a420f398..8422f3f5 100644
--- a/servconf.h
+++ b/servconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.h,v 1.144 2020/04/17 03:30:05 djm Exp $ */
+/* $OpenBSD: servconf.h,v 1.145 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -146,7 +146,7 @@ typedef struct {
int permit_empty_passwd; /* If false, do not permit empty
* passwords. */
int permit_user_env; /* If true, read ~/.ssh/environment */
- char *permit_user_env_whitelist; /* pattern-list whitelist */
+ char *permit_user_env_allowlist; /* pattern-list of allowed env names */
int compression; /* If true, compression is allowed */
int allow_tcp_forwarding; /* One of FORWARD_* */
int allow_streamlocal_forwarding; /* One of FORWARD_* */
@@ -250,7 +250,7 @@ TAILQ_HEAD(include_list, include_item);
/*
* These are string config options that must be copied between the
* Match sub-config and the main config, and must be sent from the
- * privsep slave to the privsep master. We use a macro to ensure all
+ * privsep child to the privsep master. We use a macro to ensure all
* the options are copied and the copies are done in the correct order.
*
* NB. an option must appear in servconf.c:copy_set_server_options() or
@@ -269,7 +269,7 @@ TAILQ_HEAD(include_list, include_item);
M_CP_STROPT(pubkey_key_types); \
M_CP_STROPT(ca_sign_algorithms); \
M_CP_STROPT(routing_domain); \
- M_CP_STROPT(permit_user_env_whitelist); \
+ M_CP_STROPT(permit_user_env_allowlist); \
M_CP_STRARRAYOPT(authorized_keys_files, num_authkeys_files); \
M_CP_STRARRAYOPT(allow_users, num_allow_users); \
M_CP_STRARRAYOPT(deny_users, num_deny_users); \
diff --git a/session.c b/session.c
index 84d3286c..ede98356 100644
--- a/session.c
+++ b/session.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: session.c,v 1.322 2020/07/03 07:02:37 djm Exp $ */
+/* $OpenBSD: session.c,v 1.323 2020/07/05 23:59:45 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -644,7 +644,7 @@ do_exec_pty(struct ssh *ssh, Session *s, const char *command)
s->pid = pid;
- /* Parent. Close the slave side of the pseudo tty. */
+ /* Parent. Close the child side of the pseudo tty. */
close(ttyfd);
/* Enter interactive session. */
@@ -843,12 +843,12 @@ check_quietlogin(Session *s, const char *command)
* into the environment. If the file does not exist, this does nothing.
* Otherwise, it must consist of empty lines, comments (line starts with '#')
* and assignments of the form name=value. No other forms are allowed.
- * If whitelist is not NULL, then it is interpreted as a pattern list and
+ * If allowlist is not NULL, then it is interpreted as a pattern list and
* only variable names that match it will be accepted.
*/
static void
read_environment_file(char ***env, u_int *envsize,
- const char *filename, const char *whitelist)
+ const char *filename, const char *allowlist)
{
FILE *f;
char *line = NULL, *cp, *value;
@@ -881,8 +881,8 @@ read_environment_file(char ***env, u_int *envsize,
*/
*value = '\0';
value++;
- if (whitelist != NULL &&
- match_pattern_list(cp, whitelist, 0) != 1)
+ if (allowlist != NULL &&
+ match_pattern_list(cp, allowlist, 0) != 1)
continue;
child_set_env(env, envsize, cp, value);
}
@@ -1111,10 +1111,10 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
cp = strchr(ocp, '=');
if (*cp == '=') {
*cp = '\0';
- /* Apply PermitUserEnvironment whitelist */
- if (options.permit_user_env_whitelist == NULL ||
+ /* Apply PermitUserEnvironment allowlist */
+ if (options.permit_user_env_allowlist == NULL ||
match_pattern_list(ocp,
- options.permit_user_env_whitelist, 0) == 1)
+ options.permit_user_env_allowlist, 0) == 1)
child_set_env(&env, &envsize,
ocp, cp + 1);
}
@@ -1127,7 +1127,7 @@ do_setup_env(struct ssh *ssh, Session *s, const char *shell)
snprintf(buf, sizeof buf, "%.200s/.ssh/environment",
pw->pw_dir);
read_environment_file(&env, &envsize, buf,
- options.permit_user_env_whitelist);
+ options.permit_user_env_allowlist);
}
#ifdef USE_PAM
diff --git a/ssh-agent.c b/ssh-agent.c
index 06efe3c6..5f7ac8b9 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.261 2020/06/22 06:37:38 jmc Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.262 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -93,8 +93,8 @@
#include "ssh-pkcs11.h"
#include "sk-api.h"
-#ifndef DEFAULT_PROVIDER_WHITELIST
-# define DEFAULT_PROVIDER_WHITELIST "/usr/lib*/*,/usr/local/lib*/*"
+#ifndef DEFAULT_ALLOWED_PROVIDERS
+# define DEFAULT_ALLOWED_PROVIDERS "/usr/lib*/*,/usr/local/lib*/*"
#endif
/* Maximum accepted message length */
@@ -1359,7 +1359,7 @@ main(int ac, char **av)
usage();
if (allowed_providers == NULL)
- allowed_providers = xstrdup(DEFAULT_PROVIDER_WHITELIST);
+ allowed_providers = xstrdup(DEFAULT_ALLOWED_PROVIDERS);
if (ac == 0 && !c_flag && !s_flag) {
shell = getenv("SHELL");
diff --git a/ssh.c b/ssh.c
index a767a183..b13783d4 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.530 2020/06/26 05:02:03 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.531 2020/07/05 23:59:45 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -137,11 +137,11 @@ int stdin_null_flag = 0;
/*
* Flag indicating that the current process should be backgrounded and
- * a new slave launched in the foreground for ControlPersist.
+ * a new mux-client launched in the foreground for ControlPersist.
*/
int need_controlpersist_detach = 0;
-/* Copies of flags for ControlPersist foreground slave */
+/* Copies of flags for ControlPersist foreground mux-client */
int ostdin_null_flag, ono_shell_flag, otty_flag, orequest_tty;
/*
@@ -1691,7 +1691,7 @@ control_persist_detach(void)
/* Child: master process continues mainloop */
break;
default:
- /* Parent: set up mux slave to connect to backgrounded master */
+ /* Parent: set up mux client to connect to backgrounded master */
debug2("%s: background process is %ld", __func__, (long)pid);
stdin_null_flag = ostdin_null_flag;
options.request_tty = orequest_tty;
@@ -2070,9 +2070,9 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
/*
* If we are in control persist mode and have a working mux listen
* socket, then prepare to background ourselves and have a foreground
- * client attach as a control slave.
+ * client attach as a control client.
* NB. we must save copies of the flags that we override for
- * the backgrounding, since we defer attachment of the slave until
+ * the backgrounding, since we defer attachment of the client until
* after the connection is fully established (in particular,
* async rfwd replies have been received for ExitOnForwardFailure).
*/