]>
Commit | Line | Data |
---|---|---|
344f2b94 | 1 | 20001028 |
2 | - (djm) fix select hack in serverloop.c from Philippe WILLEM | |
3 | <Philippe.WILLEM@urssaf.fr> | |
4 | ||
ddc49b5c | 5 | 20001027 |
6 | - (djm) Increase REKEY_BYTES to 2^24 for arc4random | |
7 | ||
48e7916f | 8 | 20001025 |
9 | - (djm) Added WARNING.RNG file and modified configure to ask users of the | |
10 | builtin entropy code to read it. | |
11 | - (djm) Prefer builtin regex to PCRE. | |
00937921 | 12 | - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly. |
13 | - (bal) Apply fixes to configure.in pointed out by Pavel Roskin | |
14 | <proski@gnu.org> | |
48e7916f | 15 | |
8dcda1e3 | 16 | 20001020 |
17 | - (djm) Don't define _REENTRANT for SNI/Reliant Unix | |
07bee9a7 | 18 | - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation |
19 | is more correct then current version. | |
8dcda1e3 | 20 | |
f5af5cd5 | 21 | 20001018 |
22 | - (stevesk) Add initial support for setproctitle(). Current | |
23 | support is for the HP-UX pstat(PSTAT_SETCMD, ...) method. | |
134fd7f6 | 24 | - (stevesk) Add egd startup scripts to contrib/hpux/ |
f5af5cd5 | 25 | |
2f31bdd6 | 26 | 20001017 |
27 | - (djm) Add -lregex to cywin libs from Corinna Vinschen | |
28 | <vinschen@cygnus.com> | |
ba7a3f40 | 29 | - (djm) Don't rely on atomicio's retval to determine length of askpass |
30 | supplied passphrase. Problem report from Lutz Jaenicke | |
31 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
66d6c27e | 32 | - (bal) Changed from GNU rx to PCRE on suggestion from djm. |
33 | - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki | |
34 | <nakaji@tutrp.tut.ac.jp> | |
2f31bdd6 | 35 | |
33de75a3 | 36 | 20001016 |
37 | - (djm) Sync with OpenBSD: | |
38 | - markus@cvs.openbsd.org 2000/10/14 04:01:15 | |
39 | [cipher.c] | |
40 | debug3 | |
41 | - markus@cvs.openbsd.org 2000/10/14 04:07:23 | |
42 | [scp.c] | |
43 | remove spaces from arguments; from djm@mindrot.org | |
44 | - markus@cvs.openbsd.org 2000/10/14 06:09:46 | |
45 | [ssh.1] | |
46 | Cipher is for SSH-1 only | |
47 | - markus@cvs.openbsd.org 2000/10/14 06:12:09 | |
48 | [servconf.c servconf.h serverloop.c session.c sshd.8] | |
49 | AllowTcpForwarding; from naddy@ | |
50 | - markus@cvs.openbsd.org 2000/10/14 06:16:56 | |
51 | [auth2.c compat.c compat.h sshconnect2.c version.h] | |
52 | OpenSSH_2.3; note that is is not complete, but the version number | |
53 | needs to be changed for interoperability reasons | |
54 | - markus@cvs.openbsd.org 2000/10/14 06:19:45 | |
55 | [auth-rsa.c] | |
56 | do not send RSA challenge if key is not allowed by key-options; from | |
57 | eivind@ThinkSec.com | |
58 | - markus@cvs.openbsd.org 2000/10/15 08:14:01 | |
59 | [rijndael.c session.c] | |
60 | typos; from stevesk@sweden.hp.com | |
61 | - markus@cvs.openbsd.org 2000/10/15 08:18:31 | |
62 | [rijndael.c] | |
63 | typo | |
30d8b039 | 64 | - (djm) Copy manpages back over from OpenBSD - too tedious to wade |
65 | through diffs | |
aa0289fe | 66 | - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola |
30d8b039 | 67 | <pekkas@netcore.fi> |
aa0289fe | 68 | - (djm) Update version in Redhat spec file |
69 | - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the | |
70 | Redhat 7.0 spec file | |
5b2d4b75 | 71 | - (djm) Make inability to read/write PRNG seedfile non-fatal |
72 | ||
33de75a3 | 73 | |
4d670c24 | 74 | 20001015 |
75 | - (djm) Fix ssh2 hang on background processes at logout. | |
76 | ||
71dfaf1c | 77 | 20001014 |
443172c4 | 78 | - (bal) Add support for realpath and getcwd for platforms with broken |
79 | or missing realpath implementations for sftp-server. | |
80 | - (bal) Corrected mistake in INSTALL in regards to GNU rx library | |
d8f1edd5 | 81 | - (bal) Add support for GNU rx library for those lacking regexp support |
71dfaf1c | 82 | - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth |
02323c45 | 83 | - (djm) Revert SSH2 serverloop hack, will find a better way. |
4ee81249 | 84 | - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch |
85 | from Martin Johansson <fatbob@acc.umu.se> | |
94ec8c6b | 86 | - (djm) Big OpenBSD sync: |
87 | - markus@cvs.openbsd.org 2000/09/30 10:27:44 | |
88 | [log.c] | |
89 | allow loglevel debug | |
90 | - markus@cvs.openbsd.org 2000/10/03 11:59:57 | |
91 | [packet.c] | |
92 | hmac->mac | |
93 | - markus@cvs.openbsd.org 2000/10/03 12:03:03 | |
94 | [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] | |
95 | move fake-auth from auth1.c to individual auth methods, disables s/key in | |
96 | debug-msg | |
97 | - markus@cvs.openbsd.org 2000/10/03 12:16:48 | |
98 | ssh.c | |
99 | do not resolve canonname, i have no idea why this was added oin ossh | |
100 | - markus@cvs.openbsd.org 2000/10/09 15:30:44 | |
101 | ssh-keygen.1 ssh-keygen.c | |
102 | -X now reads private ssh.com DSA keys, too. | |
103 | - markus@cvs.openbsd.org 2000/10/09 15:32:34 | |
104 | auth-options.c | |
105 | clear options on every call. | |
106 | - markus@cvs.openbsd.org 2000/10/09 15:51:00 | |
107 | authfd.c authfd.h | |
108 | interop with ssh-agent2, from <res@shore.net> | |
109 | - markus@cvs.openbsd.org 2000/10/10 14:20:45 | |
110 | compat.c | |
111 | use rexexp for version string matching | |
112 | - provos@cvs.openbsd.org 2000/10/10 22:02:18 | |
113 | [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] | |
114 | First rough implementation of the diffie-hellman group exchange. The | |
115 | client can ask the server for bigger groups to perform the diffie-hellman | |
116 | in, thus increasing the attack complexity when using ciphers with longer | |
117 | keys. University of Windsor provided network, T the company. | |
118 | - markus@cvs.openbsd.org 2000/10/11 13:59:52 | |
119 | [auth-rsa.c auth2.c] | |
120 | clear auth options unless auth sucessfull | |
121 | - markus@cvs.openbsd.org 2000/10/11 14:00:27 | |
122 | [auth-options.h] | |
123 | clear auth options unless auth sucessfull | |
124 | - markus@cvs.openbsd.org 2000/10/11 14:03:27 | |
125 | [scp.1 scp.c] | |
126 | support 'scp -o' with help from mouring@pconline.com | |
127 | - markus@cvs.openbsd.org 2000/10/11 14:11:35 | |
128 | [dh.c] | |
129 | Wall | |
130 | - markus@cvs.openbsd.org 2000/10/11 14:14:40 | |
131 | [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] | |
132 | [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] | |
133 | add support for s/key (kbd-interactive) to ssh2, based on work by | |
134 | mkiernan@avantgo.com and me | |
135 | - markus@cvs.openbsd.org 2000/10/11 14:27:24 | |
136 | [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] | |
137 | [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] | |
138 | [sshconnect2.c sshd.c] | |
139 | new cipher framework | |
140 | - markus@cvs.openbsd.org 2000/10/11 14:45:21 | |
141 | [cipher.c] | |
142 | remove DES | |
143 | - markus@cvs.openbsd.org 2000/10/12 03:59:20 | |
144 | [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] | |
145 | enable DES in SSH-1 clients only | |
146 | - markus@cvs.openbsd.org 2000/10/12 08:21:13 | |
147 | [kex.h packet.c] | |
148 | remove unused | |
149 | - markus@cvs.openbsd.org 2000/10/13 12:34:46 | |
150 | [sshd.c] | |
151 | Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se | |
152 | - markus@cvs.openbsd.org 2000/10/13 12:59:15 | |
153 | [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] | |
154 | rijndael/aes support | |
155 | - markus@cvs.openbsd.org 2000/10/13 13:10:54 | |
156 | [sshd.8] | |
157 | more info about -V | |
158 | - markus@cvs.openbsd.org 2000/10/13 13:12:02 | |
159 | [myproposal.h] | |
160 | prefer no compression | |
3ed32516 | 161 | - (djm) Fix scp user@host handling |
162 | - (djm) Don't clobber ssh_prng_cmds on install | |
6bcf7caa | 163 | - (stevesk) Include config.h in rijndael.c so we define intXX_t and |
164 | u_intXX_t types on all platforms. | |
9ea53ba5 | 165 | - (stevesk) rijndael.c: cleanup missing declaration warnings. |
2919e060 | 166 | - (stevesk) ~/.hushlogin shouldn't cause required password change to |
167 | be bypassed. | |
f5665f6f | 168 | - (stevesk) Display correct path to ssh-askpass in configure output. |
169 | Report from Lutz Jaenicke. | |
71dfaf1c | 170 | |
ebd782f7 | 171 | 20001007 |
172 | - (stevesk) Print PAM return value in PAM log messages to aid | |
173 | with debugging. | |
97994d32 | 174 | - (stevesk) Fix detection of pw_class struct member in configure; |
175 | patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp> | |
176 | ||
47a134c1 | 177 | 20001002 |
178 | - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com> | |
179 | - (djm) Add host system and CC to end-of-configure report. Suggested by | |
180 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
181 | ||
7322ef0e | 182 | 20000931 |
183 | - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com> | |
184 | ||
6ac7829a | 185 | 20000930 |
b6490dcb | 186 | - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi> |
772bd898 | 187 | - (djm) Support in bsd-snprintf.c for long long conversions from |
188 | Ben Lindstrom <mouring@pconline.com> | |
189 | - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com> | |
857040fb | 190 | - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with |
191 | very short lived X connections. Bug report from Tobias Oetiker | |
192 | <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org> | |
bd2d7f6a | 193 | - (djm) Add recent InitScripts as a RPM dependancy for openssh-server |
194 | patch from Pekka Savola <pekkas@netcore.fi> | |
58665035 | 195 | - (djm) Forgot to cvs add LICENSE file |
dc2901a0 | 196 | - (djm) Add LICENSE to RPM spec files |
de273eef | 197 | - (djm) CVS OpenBSD sync: |
198 | - markus@cvs.openbsd.org 2000/09/26 13:59:59 | |
199 | [clientloop.c] | |
200 | use debug2 | |
201 | - markus@cvs.openbsd.org 2000/09/27 15:41:34 | |
202 | [auth2.c sshconnect2.c] | |
203 | use key_type() | |
204 | - markus@cvs.openbsd.org 2000/09/28 12:03:18 | |
205 | [channels.c] | |
206 | debug -> debug2 cleanup | |
2a7d529a | 207 | - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only |
208 | strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis | |
209 | <Alain.St-Denis@ec.gc.ca> | |
210 | - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass. | |
211 | Problem was caused by interrupted read in ssh-add. Report from Donald | |
212 | J. Barry <don@astro.cornell.edu> | |
6ac7829a | 213 | |
c5d85828 | 214 | 20000929 |
215 | - (djm) Fix SSH2 not terminating until all background tasks done problem. | |
2ed85c06 | 216 | - (djm) Another off-by-one fix from Pavel Kankovsky |
217 | <peak@argo.troja.mff.cuni.cz> | |
22d89d24 | 218 | - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, |
219 | tidy necessary differences. Use Markus' new debugN() in entropy.c | |
77bb0bca | 220 | - (djm) Merged big SCO portability patch from Tim Rice |
221 | <tim@multitalents.net> | |
c5d85828 | 222 | |
6fd7f731 | 223 | 20000926 |
224 | - (djm) Update X11-askpass to 1.0.2 in RPM spec file | |
c5ae7384 | 225 | - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX |
226 | - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c. | |
227 | Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> | |
6fd7f731 | 228 | |
2f125ca1 | 229 | 20000924 |
230 | - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net> | |
231 | - (djm) A bit more cleanup - created cygwin_util.h | |
bcdaaeab | 232 | - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller |
233 | <markm@swoon.net> | |
2f125ca1 | 234 | |
764d4113 | 235 | 20000923 |
236 | - (djm) Fix address logging in utmp from Kevin Steves | |
237 | <stevesk@sweden.hp.com> | |
777319db | 238 | - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi> |
bd590612 | 239 | - (djm) Seperate tests for int64_t and u_int64_t types |
37c1c46d | 240 | - (djm) Tweak password expiry checking at suggestion of Kevin Steves |
241 | <stevesk@sweden.hp.com> | |
e79b44e1 | 242 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
e2144f11 | 243 | - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from |
244 | Michael Stone <mstone@cs.loyola.edu> | |
188adeb2 | 245 | - (djm) OpenBSD CVS sync: |
246 | - markus@cvs.openbsd.org 2000/09/17 09:38:59 | |
247 | [sshconnect2.c sshd.c] | |
248 | fix DEBUG_KEXDH | |
249 | - markus@cvs.openbsd.org 2000/09/17 09:52:51 | |
250 | [sshconnect.c] | |
251 | yes no; ok niels@ | |
252 | - markus@cvs.openbsd.org 2000/09/21 04:55:11 | |
253 | [sshd.8] | |
254 | typo | |
255 | - markus@cvs.openbsd.org 2000/09/21 05:03:54 | |
256 | [serverloop.c] | |
257 | typo | |
258 | - markus@cvs.openbsd.org 2000/09/21 05:11:42 | |
259 | scp.c | |
260 | utime() to utimes(); mouring@pconline.com | |
261 | - markus@cvs.openbsd.org 2000/09/21 05:25:08 | |
262 | sshconnect2.c | |
263 | change login logic in ssh2, allows plugin of other auth methods | |
264 | - markus@cvs.openbsd.org 2000/09/21 05:25:35 | |
265 | [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h] | |
266 | [serverloop.c] | |
267 | add context to dispatch_run | |
268 | - markus@cvs.openbsd.org 2000/09/21 05:07:52 | |
269 | authfd.c authfd.h ssh-agent.c | |
270 | bug compat for old ssh.com software | |
764d4113 | 271 | |
7f377177 | 272 | 20000920 |
273 | - (djm) Fix bad path substitution. Report from Andrew Miner | |
274 | <asminer@cs.iastate.edu> | |
275 | ||
bcbf86ec | 276 | 20000916 |
7950bf97 | 277 | - (djm) Fix SSL search order from Lutz Jaenicke |
278 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
19ece6d2 | 279 | - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de> |
9cd45ea4 | 280 | - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com> |
995edaac | 281 | - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. |
282 | Patch from Larry Jones <larry.jones@sdrc.com> | |
ad55cd03 | 283 | - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM |
284 | password change patch. | |
285 | - (djm) Bring licenses on my stuff in line with OpenBSD's | |
0bbfbdeb | 286 | - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from |
287 | Kevin Steves <stevesk@sweden.hp.com> | |
7f8f5e00 | 288 | - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz> |
289 | - (djm) Re-enable int64_t types - we need them for sftp | |
290 | - (djm) Use libexecdir from configure , rather than libexecdir/ssh | |
291 | - (djm) Update Redhat SPEC file accordingly | |
292 | - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files | |
293 | - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch | |
294 | - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter | |
295 | <Dirk.DeWachter@rug.ac.be> | |
296 | - (djm) Fixprogs and entropy list fixes from Larry Jones | |
297 | <larry.jones@sdrc.com> | |
298 | - (djm) Fix for SuSE spec file from Takashi YOSHIDA | |
299 | <tyoshida@gemini.rc.kyushu-u.ac.jp> | |
bcbf86ec | 300 | - (djm) Merge OpenBSD changes: |
301 | - markus@cvs.openbsd.org 2000/09/05 02:59:57 | |
302 | [session.c] | |
303 | print hostname (not hushlogin) | |
304 | - markus@cvs.openbsd.org 2000/09/05 13:18:48 | |
305 | [authfile.c ssh-add.c] | |
306 | enable ssh-add -d for DSA keys | |
307 | - markus@cvs.openbsd.org 2000/09/05 13:20:49 | |
308 | [sftp-server.c] | |
309 | cleanup | |
310 | - markus@cvs.openbsd.org 2000/09/06 03:46:41 | |
311 | [authfile.h] | |
312 | prototype | |
313 | - deraadt@cvs.openbsd.org 2000/09/07 14:27:56 | |
314 | [ALL] | |
315 | cleanup copyright notices on all files. I have attempted to be | |
316 | accurate with the details. everything is now under Tatu's licence | |
317 | (which I copied from his readme), and/or the core-sdi bsd-ish thing | |
318 | for deattack, or various openbsd developers under a 2-term bsd | |
319 | licence. We're not changing any rules, just being accurate. | |
320 | - markus@cvs.openbsd.org 2000/09/07 14:40:30 | |
321 | [channels.c channels.h clientloop.c serverloop.c ssh.c] | |
322 | cleanup window and packet sizes for ssh2 flow control; ok niels | |
323 | - markus@cvs.openbsd.org 2000/09/07 14:53:00 | |
324 | [scp.c] | |
325 | typo | |
326 | - markus@cvs.openbsd.org 2000/09/07 15:13:37 | |
327 | [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] | |
328 | [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] | |
329 | [pty.c readconf.c] | |
330 | some more Copyright fixes | |
331 | - markus@cvs.openbsd.org 2000/09/08 03:02:51 | |
332 | [README.openssh2] | |
333 | bye bye | |
334 | - deraadt@cvs.openbsd.org 2000/09/11 18:38:33 | |
335 | [LICENCE cipher.c] | |
336 | a few more comments about it being ARC4 not RC4 | |
337 | - markus@cvs.openbsd.org 2000/09/12 14:53:11 | |
338 | [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] | |
339 | multiple debug levels | |
340 | - markus@cvs.openbsd.org 2000/09/14 14:25:15 | |
341 | [clientloop.c] | |
342 | typo | |
343 | - deraadt@cvs.openbsd.org 2000/09/15 01:13:51 | |
344 | [ssh-agent.c] | |
345 | check return value for setenv(3) for failure, and deal appropriately | |
346 | ||
deb8d717 | 347 | 20000913 |
348 | - (djm) Fix server not exiting with jobs in background. | |
349 | ||
b5e300c2 | 350 | 20000905 |
351 | - (djm) Import OpenBSD CVS changes | |
352 | - markus@cvs.openbsd.org 2000/08/31 15:52:24 | |
353 | [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c] | |
354 | implement a SFTP server. interops with sftp2, scp2 and the windows | |
355 | client from ssh.com | |
356 | - markus@cvs.openbsd.org 2000/08/31 15:56:03 | |
357 | [README.openssh2] | |
358 | sync | |
359 | - markus@cvs.openbsd.org 2000/08/31 16:05:42 | |
360 | [session.c] | |
361 | Wall | |
362 | - markus@cvs.openbsd.org 2000/08/31 16:09:34 | |
363 | [authfd.c ssh-agent.c] | |
364 | add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions | |
365 | - deraadt@cvs.openbsd.org 2000/09/01 09:25:13 | |
366 | [scp.1 scp.c] | |
367 | cleanup and fix -S support; stevesk@sweden.hp.com | |
368 | - markus@cvs.openbsd.org 2000/09/01 16:29:32 | |
369 | [sftp-server.c] | |
370 | portability fixes | |
371 | - markus@cvs.openbsd.org 2000/09/01 16:32:41 | |
372 | [sftp-server.c] | |
373 | fix cast; mouring@pconline.com | |
374 | - itojun@cvs.openbsd.org 2000/09/03 09:23:28 | |
375 | [ssh-add.1 ssh.1] | |
376 | add missing .El against .Bl. | |
377 | - markus@cvs.openbsd.org 2000/09/04 13:03:41 | |
378 | [session.c] | |
379 | missing close; ok theo | |
380 | - markus@cvs.openbsd.org 2000/09/04 13:07:21 | |
381 | [session.c] | |
382 | fix get_last_login_time order; from andre@van-veen.de | |
383 | - markus@cvs.openbsd.org 2000/09/04 13:10:09 | |
384 | [sftp-server.c] | |
385 | more cast fixes; from mouring@pconline.com | |
386 | - markus@cvs.openbsd.org 2000/09/04 13:06:04 | |
387 | [session.c] | |
388 | set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net | |
389 | - (djm) Cleanup after import. Fix sftp-server compilation, Makefile | |
3c62e7eb | 390 | - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> |
391 | ||
1e61f54a | 392 | 20000903 |
393 | - (djm) Fix Redhat init script | |
394 | ||
c80876b4 | 395 | 20000901 |
396 | - (djm) Pick up Jim's new X11-askpass | |
397 | - (djm) Release 2.2.0p1 | |
398 | ||
8b4a0d08 | 399 | 20000831 |
bcbf86ec | 400 | - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox |
8b4a0d08 | 401 | <acox@cv.telegroup.com> |
b817711d | 402 | - (djm) Pick up new version (2.2.0) from OpenBSD CVS |
8b4a0d08 | 403 | |
0b65b628 | 404 | 20000830 |
405 | - (djm) Compile warning fixes from Mark Miller <markm@swoon.net> | |
10fa00c8 | 406 | - (djm) Periodically rekey arc4random |
407 | - (djm) Clean up diff against OpenBSD. | |
bcbf86ec | 408 | - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves |
2b10f47a | 409 | <stevesk@sweden.hp.com> |
b33a2e6e | 410 | - (djm) Quieten the pam delete credentials error message |
44839801 | 411 | - (djm) Fix printing of $DISPLAY hack if set by system type. Report from |
412 | Kevin Steves <stevesk@sweden.hp.com> | |
84a770d1 | 413 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
7efa2776 | 414 | - (djm) Fix doh in bsd-arc4random.c |
0b65b628 | 415 | |
9aaf9be4 | 416 | 20000829 |
bcbf86ec | 417 | - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert |
418 | Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and | |
9aaf9be4 | 419 | Garrick James <garrick@james.net> |
b5f90139 | 420 | - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from |
421 | Bastian Trompetter <btrompetter@firemail.de> | |
698d107e | 422 | - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com> |
14a9a859 | 423 | - More OpenBSD updates: |
424 | - deraadt@cvs.openbsd.org 2000/08/24 15:46:59 | |
425 | [scp.c] | |
426 | off_t in sink, to fix files > 2GB, i think, test is still running ;-) | |
427 | - deraadt@cvs.openbsd.org 2000/08/25 10:10:06 | |
428 | [session.c] | |
429 | Wall | |
430 | - markus@cvs.openbsd.org 2000/08/26 04:33:43 | |
431 | [compat.c] | |
432 | ssh.com-2.3.0 | |
433 | - markus@cvs.openbsd.org 2000/08/27 12:18:05 | |
434 | [compat.c] | |
435 | compatibility with future ssh.com versions | |
436 | - deraadt@cvs.openbsd.org 2000/08/27 21:50:55 | |
437 | [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c] | |
438 | print uid/gid as unsigned | |
439 | - markus@cvs.openbsd.org 2000/08/28 13:51:00 | |
440 | [ssh.c] | |
441 | enable -n and -f for ssh2 | |
442 | - markus@cvs.openbsd.org 2000/08/28 14:19:53 | |
443 | [ssh.c] | |
444 | allow combination of -N and -f | |
445 | - markus@cvs.openbsd.org 2000/08/28 14:20:56 | |
446 | [util.c] | |
447 | util.c | |
448 | - markus@cvs.openbsd.org 2000/08/28 14:22:02 | |
449 | [util.c] | |
450 | undo | |
451 | - markus@cvs.openbsd.org 2000/08/28 14:23:38 | |
452 | [util.c] | |
453 | don't complain if setting NONBLOCK fails with ENODEV | |
9aaf9be4 | 454 | |
137d7b6c | 455 | 20000823 |
456 | - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4 | |
bcbf86ec | 457 | Avoids "scp never exits" problem. Reports from Lutz Jaenicke |
458 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA | |
137d7b6c | 459 | <kajiyama@grad.sccs.chukyo-u.ac.jp> |
2e73a022 | 460 | - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers |
da40ab4d | 461 | - (djm) Add local version to version.h |
ea788c22 | 462 | - (djm) Don't reseed arc4random everytime it is used |
2e73a022 | 463 | - (djm) OpenBSD CVS updates: |
464 | - deraadt@cvs.openbsd.org 2000/08/18 20:07:23 | |
465 | [ssh.c] | |
466 | accept remsh as a valid name as well; roman@buildpoint.com | |
467 | - deraadt@cvs.openbsd.org 2000/08/18 20:17:13 | |
468 | [deattack.c crc32.c packet.c] | |
469 | rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to | |
470 | libz crc32 function yet, because it has ugly "long"'s in it; | |
471 | oneill@cs.sfu.ca | |
472 | - deraadt@cvs.openbsd.org 2000/08/18 20:26:08 | |
473 | [scp.1 scp.c] | |
474 | -S prog support; tv@debian.org | |
475 | - deraadt@cvs.openbsd.org 2000/08/18 20:50:07 | |
476 | [scp.c] | |
477 | knf | |
478 | - deraadt@cvs.openbsd.org 2000/08/18 20:57:33 | |
479 | [log-client.c] | |
480 | shorten | |
481 | - markus@cvs.openbsd.org 2000/08/19 12:48:11 | |
482 | [channels.c channels.h clientloop.c ssh.c ssh.h] | |
483 | support for ~. in ssh2 | |
484 | - deraadt@cvs.openbsd.org 2000/08/19 15:29:40 | |
485 | [crc32.h] | |
486 | proper prototype | |
487 | - markus@cvs.openbsd.org 2000/08/19 15:34:44 | |
bcbf86ec | 488 | [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1] |
489 | [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile] | |
2e73a022 | 490 | [fingerprint.c fingerprint.h] |
491 | add SSH2/DSA support to the agent and some other DSA related cleanups. | |
492 | (note that we cannot talk to ssh.com's ssh2 agents) | |
493 | - markus@cvs.openbsd.org 2000/08/19 15:55:52 | |
494 | [channels.c channels.h clientloop.c] | |
495 | more ~ support for ssh2 | |
496 | - markus@cvs.openbsd.org 2000/08/19 16:21:19 | |
497 | [clientloop.c] | |
498 | oops | |
499 | - millert@cvs.openbsd.org 2000/08/20 12:25:53 | |
500 | [session.c] | |
501 | We have to stash the result of get_remote_name_or_ip() before we | |
502 | close our socket or getpeername() will get EBADF and the process | |
503 | will exit. Only a problem for "UseLogin yes". | |
504 | - millert@cvs.openbsd.org 2000/08/20 12:30:59 | |
505 | [session.c] | |
506 | Only check /etc/nologin if "UseLogin no" since login(1) may have its | |
507 | own policy on determining who is allowed to login when /etc/nologin | |
508 | is present. Also use the _PATH_NOLOGIN define. | |
509 | - millert@cvs.openbsd.org 2000/08/20 12:42:43 | |
510 | [auth1.c auth2.c session.c ssh.c] | |
511 | Add calls to setusercontext() and login_get*(). We basically call | |
512 | setusercontext() in most places where previously we did a setlogin(). | |
513 | Add default login.conf file and put root in the "daemon" login class. | |
514 | - millert@cvs.openbsd.org 2000/08/21 10:23:31 | |
515 | [session.c] | |
516 | Fix incorrect PATH setting; noted by Markus. | |
137d7b6c | 517 | |
c345cf9d | 518 | 20000818 |
519 | - (djm) OpenBSD CVS changes: | |
520 | - markus@cvs.openbsd.org 2000/07/22 03:14:37 | |
521 | [servconf.c servconf.h sshd.8 sshd.c sshd_config] | |
522 | random early drop; ok theo, niels | |
523 | - deraadt@cvs.openbsd.org 2000/07/26 11:46:51 | |
524 | [ssh.1] | |
525 | typo | |
526 | - deraadt@cvs.openbsd.org 2000/08/01 11:46:11 | |
527 | [sshd.8] | |
528 | many fixes from pepper@mail.reppep.com | |
529 | - provos@cvs.openbsd.org 2000/08/01 13:01:42 | |
530 | [Makefile.in util.c aux.c] | |
531 | rename aux.c to util.c to help with cygwin port | |
532 | - deraadt@cvs.openbsd.org 2000/08/02 00:23:31 | |
533 | [authfd.c] | |
534 | correct sun_len; Alexander@Leidinger.net | |
535 | - provos@cvs.openbsd.org 2000/08/02 10:27:17 | |
536 | [readconf.c sshd.8] | |
537 | disable kerberos authentication by default | |
538 | - provos@cvs.openbsd.org 2000/08/02 11:27:05 | |
539 | [sshd.8 readconf.c auth-krb4.c] | |
540 | disallow kerberos authentication if we can't verify the TGT; from | |
541 | dugsong@ | |
542 | kerberos authentication is on by default only if you have a srvtab. | |
543 | - markus@cvs.openbsd.org 2000/08/04 14:30:07 | |
544 | [auth.c] | |
545 | unused | |
546 | - markus@cvs.openbsd.org 2000/08/04 14:30:35 | |
547 | [sshd_config] | |
548 | MaxStartups | |
549 | - markus@cvs.openbsd.org 2000/08/15 13:20:46 | |
550 | [authfd.c] | |
551 | cleanup; ok niels@ | |
552 | - markus@cvs.openbsd.org 2000/08/17 14:05:10 | |
553 | [session.c] | |
554 | cleanup login(1)-like jobs, no duplicate utmp entries | |
555 | - markus@cvs.openbsd.org 2000/08/17 14:06:34 | |
556 | [session.c sshd.8 sshd.c] | |
557 | sshd -u len, similar to telnetd | |
1a022229 | 558 | - (djm) Lastlog was not getting closed after writing login entry |
39987cc0 | 559 | - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com> |
c345cf9d | 560 | |
416ed5a7 | 561 | 20000816 |
562 | - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc) | |
bcbf86ec | 563 | - (djm) Fix strerror replacement for old SunOS. Based on patch from |
416ed5a7 | 564 | Charles Levert <charles@comm.polymtl.ca> |
bcbf86ec | 565 | - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4 |
416ed5a7 | 566 | implementation. |
ba606eb2 | 567 | - (djm) SUN_LEN macro for systems which lack it |
416ed5a7 | 568 | |
dbaa2e87 | 569 | 20000815 |
570 | - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> | |
cd352c82 | 571 | - (djm) Avoid failures on Irix when ssh is not setuid. Fix from |
572 | Michael Stone <mstone@cs.loyola.edu> | |
d93a7e5a | 573 | - (djm) Don't seek in directory based lastlogs |
bcbf86ec | 574 | - (djm) Fix --with-ipaddr-display configure option test. Patch from |
d93a7e5a | 575 | Jarno Huuskonen <jhuuskon@messi.uku.fi> |
2a2cb9e7 | 576 | - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br> |
dbaa2e87 | 577 | |
6c33bf70 | 578 | 20000813 |
579 | - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from | |
580 | Fabrice bacchella <fabrice.bacchella@marchfirst.fr> | |
581 | ||
3fcce26c | 582 | 20000809 |
bcbf86ec | 583 | - (djm) Define AIX hard limits if headers don't. Report from |
3fcce26c | 584 | Bill Painter <william.t.painter@lmco.com> |
bcbf86ec | 585 | - (djm) utmp direct write & SunOS 4 patch from Charles Levert |
32eec038 | 586 | <charles@comm.polymtl.ca> |
3fcce26c | 587 | |
71d43804 | 588 | 20000808 |
589 | - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install | |
590 | time, spec file cleanup. | |
591 | ||
f9bcea07 | 592 | 20000807 |
378f2232 | 593 | - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke |
47670e77 | 594 | - (djm) Suppress error messages on channel close shutdown() failurs |
595 | works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org> | |
378f2232 | 596 | - (djm) Add some more entropy collection commands from Lutz Jaenicke |
f9bcea07 | 597 | |
bcf89935 | 598 | 20000725 |
599 | - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF | |
600 | ||
4c8722d9 | 601 | 20000721 |
602 | - (djm) OpenBSD CVS updates: | |
603 | - markus@cvs.openbsd.org 2000/07/16 02:27:22 | |
604 | [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] | |
605 | [sshconnect1.c sshconnect2.c] | |
606 | make ssh-add accept dsa keys (the agent does not) | |
607 | - djm@cvs.openbsd.org 2000/07/17 19:25:02 | |
608 | [sshd.c] | |
609 | Another closing of stdin; ok deraadt | |
610 | - markus@cvs.openbsd.org 2000/07/19 18:33:12 | |
611 | [dsa.c] | |
612 | missing free, reorder | |
613 | - markus@cvs.openbsd.org 2000/07/20 16:23:14 | |
614 | [ssh-keygen.1] | |
615 | document input and output files | |
616 | ||
240777b8 | 617 | 20000720 |
4c8722d9 | 618 | - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz> |
240777b8 | 619 | |
3c7def32 | 620 | 20000716 |
4c8722d9 | 621 | - (djm) Release 2.1.1p4 |
3c7def32 | 622 | |
819b676f | 623 | 20000715 |
704b1659 | 624 | - (djm) OpenBSD CVS updates |
625 | - provos@cvs.openbsd.org 2000/07/13 16:53:22 | |
626 | [aux.c readconf.c servconf.c ssh.h] | |
627 | allow multiple whitespace but only one '=' between tokens, bug report from | |
628 | Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@ | |
629 | - provos@cvs.openbsd.org 2000/07/13 17:14:09 | |
630 | [clientloop.c] | |
631 | typo; todd@fries.net | |
632 | - provos@cvs.openbsd.org 2000/07/13 17:19:31 | |
633 | [scp.c] | |
634 | close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu> | |
635 | - markus@cvs.openbsd.org 2000/07/14 16:59:46 | |
636 | [readconf.c servconf.c] | |
637 | allow leading whitespace. ok niels | |
638 | - djm@cvs.openbsd.org 2000/07/14 22:01:38 | |
639 | [ssh-keygen.c ssh.c] | |
640 | Always create ~/.ssh with mode 700; ok Markus | |
819b676f | 641 | - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca> |
642 | - Include floatingpoint.h for entropy.c | |
643 | - strerror replacement | |
704b1659 | 644 | |
3f7a7e4a | 645 | 20000712 |
c37fb3c1 | 646 | - (djm) Remove -lresolve for Reliant Unix |
3f7a7e4a | 647 | - (djm) OpenBSD CVS Updates: |
648 | - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 | |
649 | [session.c sshd.c ] | |
650 | make MaxStartups code still work with -d; djm | |
651 | - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 | |
652 | [readconf.c ssh_config] | |
653 | disable FallBackToRsh by default | |
c37fb3c1 | 654 | - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from |
655 | Ben Lindstrom <mouring@pconline.com> | |
1e970014 | 656 | - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM |
657 | spec file. | |
dcb36e5d | 658 | - (djm) Released 2.1.1p3 |
3f7a7e4a | 659 | |
56118702 | 660 | 20000711 |
661 | - (djm) Fixup for AIX getuserattr() support from Tom Bertelson | |
662 | <tbert@abac.com> | |
132dd316 | 663 | - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de> |
bcbf86ec | 664 | - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom |
c99e5056 | 665 | <mouring@pconline.com> |
bcbf86ec | 666 | - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report |
dc2a6d09 | 667 | from Jim Watt <jimw@peisj.pebio.com> |
2d9a148e | 668 | - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known |
669 | to compile on more platforms (incl NeXT). | |
cc6f2c4c | 670 | - (djm) Added bsd-inet_aton and configure support for NeXT |
aae19451 | 671 | - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> |
089fbbd2 | 672 | - (djm) OpenBSD CVS updates: |
673 | - markus@cvs.openbsd.org 2000/06/26 03:22:29 | |
674 | [authfd.c] | |
675 | cleanup, less cut&paste | |
676 | - markus@cvs.openbsd.org 2000/06/26 15:59:19 | |
677 | [servconf.c servconf.h session.c sshd.8 sshd.c] | |
bcbf86ec | 678 | MaxStartups: limit number of unauthenticated connections, work by |
089fbbd2 | 679 | theo and me |
680 | - deraadt@cvs.openbsd.org 2000/07/05 14:18:07 | |
681 | [session.c] | |
682 | use no_x11_forwarding_flag correctly; provos ok | |
683 | - provos@cvs.openbsd.org 2000/07/05 15:35:57 | |
684 | [sshd.c] | |
685 | typo | |
686 | - aaron@cvs.openbsd.org 2000/07/05 22:06:58 | |
687 | [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8] | |
bcbf86ec | 688 | Insert more missing .El directives. Our troff really should identify |
089fbbd2 | 689 | these and spit out a warning. |
690 | - todd@cvs.openbsd.org 2000/07/06 21:55:04 | |
691 | [auth-rsa.c auth2.c ssh-keygen.c] | |
692 | clean code is good code | |
693 | - deraadt@cvs.openbsd.org 2000/07/07 02:14:29 | |
694 | [serverloop.c] | |
695 | sense of port forwarding flag test was backwards | |
696 | - provos@cvs.openbsd.org 2000/07/08 17:17:31 | |
697 | [compat.c readconf.c] | |
698 | replace strtok with strsep; from David Young <dyoung@onthejob.net> | |
699 | - deraadt@cvs.openbsd.org 2000/07/08 19:21:15 | |
700 | [auth.h] | |
701 | KNF | |
702 | - ho@cvs.openbsd.org 2000/07/08 19:27:33 | |
703 | [compat.c readconf.c] | |
704 | Better conditions for strsep() ending. | |
705 | - ho@cvs.openbsd.org 2000/07/10 10:27:05 | |
706 | [readconf.c] | |
707 | Get the correct message on errors. (niels@ ok) | |
708 | - ho@cvs.openbsd.org 2000/07/10 10:30:25 | |
709 | [cipher.c kex.c servconf.c] | |
710 | strtok() --> strsep(). (niels@ ok) | |
5540ea9b | 711 | - (djm) Fix problem with debug mode and MaxStartups |
eb37534b | 712 | - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM |
713 | builds) | |
229f64ee | 714 | - (djm) Add strsep function from OpenBSD libc for systems that lack it |
56118702 | 715 | |
a8545c6c | 716 | 20000709 |
717 | - (djm) Only enable PAM_TTY kludge for Linux. Problem report from | |
718 | Kevin Steves <stevesk@sweden.hp.com> | |
ec90a7d6 | 719 | - (djm) Match prototype and function declaration for rresvport_af. |
720 | Problem report from Niklas Edmundsson <nikke@ing.umu.se> | |
bcbf86ec | 721 | - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM |
732e8ac5 | 722 | builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu> |
37f1df94 | 723 | - (djm) Replace ut_name with ut_user. Patch from Jim Watt |
724 | <jimw@peisj.pebio.com> | |
264dce47 | 725 | - (djm) Fix pam sprintf fix |
726 | - (djm) Cleanup entropy collection code a little more. Split initialisation | |
727 | from seeding, perform intialisation immediatly at start, be careful with | |
728 | uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com> | |
5bf9cfe9 | 729 | - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com> |
730 | Including sigaction() et al. replacements | |
bcbf86ec | 731 | - (djm) AIX getuserattr() session initialisation from Tom Bertelson |
eeec075f | 732 | <tbert@abac.com> |
a8545c6c | 733 | |
e2902a5b | 734 | 20000708 |
bcbf86ec | 735 | - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from |
e2902a5b | 736 | Aaron Hopkins <aaron@die.net> |
7a33f831 | 737 | - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from |
738 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
bcbf86ec | 739 | - (djm) Fixed undefined variables for OSF SIA. Report from |
b3f162ba | 740 | Baars, Henk <Hendrik.Baars@nl.origin-it.com> |
bcbf86ec | 741 | - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c |
b28e4a3b | 742 | Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL> |
bcbf86ec | 743 | - (djm) Don't use inet_addr. |
e2902a5b | 744 | |
5637650d | 745 | 20000702 |
746 | - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com> | |
27494968 | 747 | - (djm) Stop shadow expiry checking from preventing logins with NIS. Based |
748 | on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> | |
a4070484 | 749 | - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from |
750 | Chris, the Young One <cky@pobox.com> | |
bcbf86ec | 751 | - (djm) Fix scp progress meter on really wide terminals. Based on patch |
88726b31 | 752 | from James H. Cloos Jr. <cloos@jhcloos.com> |
5637650d | 753 | |
388e9f9f | 754 | 20000701 |
755 | - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu> | |
daaff4d5 | 756 | - (djm) Login fixes from Tom Bertelson <tbert@abac.com> |
82258d68 | 757 | - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen |
758 | <vinschen@cygnus.com> | |
30228d7c | 759 | - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM |
2647ae26 | 760 | - (djm) Added check for broken snprintf() functions which do not correctly |
761 | terminate output string and attempt to use replacement. | |
46158300 | 762 | - (djm) Released 2.1.1p2 |
388e9f9f | 763 | |
9f32ceb4 | 764 | 20000628 |
765 | - (djm) Fixes to lastlog code for Irix | |
766 | - (djm) Use atomicio in loginrec | |
3206bb3b | 767 | - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for |
768 | Irix 6.x array sessions, project id's, and system audit trail id. | |
9e0c3e1f | 769 | - (djm) Added 'distprep' make target to simplify packaging |
bcbf86ec | 770 | - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA |
4d33e531 | 771 | support. Enable using "USE_SIA=1 ./configure [options]" |
bcbf86ec | 772 | |
d8caae24 | 773 | 20000627 |
774 | - (djm) Fixes to login code - not setting li->uid, cleanups | |
a05a70ab | 775 | - (djm) Formatting |
d8caae24 | 776 | |
fe30cc2e | 777 | 20000626 |
3e98362e | 778 | - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net> |
4cb5ffa0 | 779 | - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de> |
780 | - (djm) Added password expiry checking (no password change support) | |
be0b9bb7 | 781 | - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK |
782 | based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
b5b3f75d | 783 | - (djm) Fix fixed EGD code. |
3e98362e | 784 | - OpenBSD CVS update |
785 | - provos@cvs.openbsd.org 2000/06/25 14:17:58 | |
786 | [channels.c] | |
787 | correct check for bad channel ids; from Wei Dai <weidai@eskimo.com> | |
788 | ||
1c04b088 | 789 | 20000623 |
bcbf86ec | 790 | - (djm) Use sa_family_t in prototype for rresvport_af. Patch from |
1c04b088 | 791 | Svante Signell <svante.signell@telia.com> |
792 | - (djm) Autoconf logic to define sa_family_t if it is missing | |
e5a0294f | 793 | - OpenBSD CVS Updates: |
794 | - markus@cvs.openbsd.org 2000/06/22 10:32:27 | |
795 | [sshd.c] | |
796 | missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL | |
797 | - djm@cvs.openbsd.org 2000/06/22 17:55:00 | |
798 | [auth-krb4.c key.c radix.c uuencode.c] | |
799 | Missing CVS idents; ok markus | |
1c04b088 | 800 | |
f528fdf2 | 801 | 20000622 |
802 | - (djm) Automatically generate host key during "make install". Suggested | |
803 | by Gary E. Miller <gem@rellim.com> | |
804 | - (djm) Paranoia before kill() system call | |
74fc9186 | 805 | - OpenBSD CVS Updates: |
806 | - markus@cvs.openbsd.org 2000/06/18 18:50:11 | |
807 | [auth2.c compat.c compat.h sshconnect2.c] | |
808 | make userauth+pubkey interop with ssh.com-2.2.0 | |
809 | - markus@cvs.openbsd.org 2000/06/18 20:56:17 | |
810 | [dsa.c] | |
811 | mem leak + be more paranoid in dsa_verify. | |
812 | - markus@cvs.openbsd.org 2000/06/18 21:29:50 | |
813 | [key.c] | |
814 | cleanup fingerprinting, less hardcoded sizes | |
815 | - markus@cvs.openbsd.org 2000/06/19 19:39:45 | |
816 | [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] | |
817 | [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] | |
bcbf86ec | 818 | [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] |
74fc9186 | 819 | [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] |
820 | [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] | |
bcbf86ec | 821 | [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] |
822 | [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] | |
74fc9186 | 823 | [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] |
824 | [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] | |
825 | OpenBSD tag | |
826 | - markus@cvs.openbsd.org 2000/06/21 10:46:10 | |
827 | sshconnect2.c missing free; nuke old comment | |
f528fdf2 | 828 | |
e5fe9a1f | 829 | 20000620 |
830 | - (djm) Replace use of '-o' and '-a' logical operators in configure tests | |
bcbf86ec | 831 | with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx> |
e5fe9a1f | 832 | to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com> |
c03aced4 | 833 | - (djm) Typo in loginrec.c |
e5fe9a1f | 834 | |
cbd7492e | 835 | 20000618 |
836 | - (djm) Add summary of configure options to end of ./configure run | |
bcbf86ec | 837 | - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from |
cbd7492e | 838 | Michael Stone <mstone@cs.loyola.edu> |
bcbf86ec | 839 | - (djm) rusage is a privileged operation on some Unices (incl. |
cbd7492e | 840 | Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com> |
bcbf86ec | 841 | - (djm) Avoid PAM failures when running without a TTY. Report from |
cbd7492e | 842 | Martin Petrak <petrak@spsknm.schools.sk> |
843 | - (djm) Include sys/types.h when including netinet/in.h in configure tests. | |
844 | Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net> | |
729bfe59 | 845 | - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support |
38c295d6 | 846 | - OpenBSD CVS updates: |
847 | - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 | |
848 | [channels.c] | |
849 | everyone says "nix it" (remove protocol 2 debugging message) | |
850 | - markus@cvs.openbsd.org 2000/06/17 13:24:34 | |
851 | [sshconnect.c] | |
852 | allow extended server banners | |
853 | - markus@cvs.openbsd.org 2000/06/17 14:30:10 | |
854 | [sshconnect.c] | |
855 | missing atomicio, typo | |
856 | - jakob@cvs.openbsd.org 2000/06/17 16:52:34 | |
857 | [servconf.c servconf.h session.c sshd.8 sshd_config] | |
858 | add support for ssh v2 subsystems. ok markus@. | |
859 | - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 | |
860 | [readconf.c servconf.c] | |
861 | include = in WHITESPACE; markus ok | |
862 | - markus@cvs.openbsd.org 2000/06/17 19:09:10 | |
863 | [auth2.c] | |
864 | implement bug compatibility with ssh-2.0.13 pubkey, server side | |
865 | - markus@cvs.openbsd.org 2000/06/17 21:00:28 | |
866 | [compat.c] | |
867 | initial support for ssh.com's 2.2.0 | |
868 | - markus@cvs.openbsd.org 2000/06/17 21:16:09 | |
869 | [scp.c] | |
870 | typo | |
871 | - markus@cvs.openbsd.org 2000/06/17 22:05:02 | |
872 | [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] | |
873 | split auth-rsa option parsing into auth-options | |
874 | add options support to authorized_keys2 | |
875 | - markus@cvs.openbsd.org 2000/06/17 22:42:54 | |
876 | [session.c] | |
877 | typo | |
cbd7492e | 878 | |
509b1f88 | 879 | 20000613 |
880 | - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>: | |
881 | - Platform define for SCO 3.x which breaks on /dev/ptmx | |
882 | - Detect and try to fix missing MAXPATHLEN | |
a4d05724 | 883 | - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp |
884 | <P.S.S.Camp@ukc.ac.uk> | |
509b1f88 | 885 | |
09564242 | 886 | 20000612 |
887 | - (djm) Glob manpages in RPM spec files to catch compressed files | |
888 | - (djm) Full license in auth-pam.c | |
08ae384f | 889 | - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
383207f7 | 890 | - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>: |
891 | - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is | |
892 | def'd | |
893 | - Set AIX to use preformatted manpages | |
bcbf86ec | 894 | |
74b224a0 | 895 | 20000610 |
896 | - (djm) Minor doc tweaks | |
217ab55e | 897 | - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx> |
74b224a0 | 898 | |
32c80420 | 899 | 20000609 |
900 | - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage | |
901 | (in favour of utmpx) on Solaris 8 | |
902 | ||
fa649821 | 903 | 20000606 |
48c99b2c | 904 | - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through |
905 | list of commands (by default). Removed verbose debugging (by default). | |
bcbf86ec | 906 | - (djm) Increased command entropy estimates and default entropy collection |
48c99b2c | 907 | timeout |
f988dce5 | 908 | - (djm) Remove duplicate headers from loginrec.c |
c5fa2eb0 | 909 | - (djm) Don't add /usr/local/lib to library search path on Irix |
bcbf86ec | 910 | - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III |
fa649821 | 911 | <tibbs@math.uh.edu> |
1e83f2a2 | 912 | - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg |
913 | <zack@wolery.cumb.org> | |
fa649821 | 914 | - (djm) OpenBSD CVS updates: |
915 | - todd@cvs.openbsd.org | |
916 | [sshconnect2.c] | |
917 | teach protocol v2 to count login failures properly and also enable an | |
918 | explanation of why the password prompt comes up again like v1; this is NOT | |
919 | crypto | |
bcbf86ec | 920 | - markus@cvs.openbsd.org |
fa649821 | 921 | [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] |
922 | xauth_location support; pr 1234 | |
923 | [readconf.c sshconnect2.c] | |
924 | typo, unused | |
925 | [session.c] | |
926 | allow use_login only for login sessions, otherwise remote commands are | |
927 | execed with uid==0 | |
928 | [sshd.8] | |
929 | document UseLogin better | |
930 | [version.h] | |
931 | OpenSSH 2.1.1 | |
932 | [auth-rsa.c] | |
bcbf86ec | 933 | fix match_hostname() logic for auth-rsa: deny access if we have a |
fa649821 | 934 | negative match or no match at all |
935 | [channels.c hostfile.c match.c] | |
bcbf86ec | 936 | don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via |
fa649821 | 937 | kris@FreeBSD.org |
938 | ||
8e7b16f8 | 939 | 20000606 |
bcbf86ec | 940 | - (djm) Added --with-cflags, --with-ldflags and --with-libs options to |
8e7b16f8 | 941 | configure. |
942 | ||
d7c0f3d5 | 943 | 20000604 |
944 | - Configure tweaking for new login code on Irix 5.3 | |
2d6c411f | 945 | - (andre) login code changes based on djm feedback |
d7c0f3d5 | 946 | |
2d6c411f | 947 | 20000603 |
948 | - (andre) New login code | |
949 | - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c | |
950 | - Add loginrec.[ch], logintest.c and autoconf code | |
bcbf86ec | 951 | |
5daf7064 | 952 | 20000531 |
953 | - Cleanup of auth.c, login.c and fake-* | |
954 | - Cleanup of auth-pam.c, save and print "account expired" error messages | |
e5662474 | 955 | - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp> |
69134b9b | 956 | - Rewrote bsd-login to use proper utmp API if available. Major cleanup |
957 | of fallback DIY code. | |
5daf7064 | 958 | |
b9f446d1 | 959 | 20000530 |
960 | - Define atexit for old Solaris | |
b02ebca1 | 961 | - Fix buffer overrun in login.c for systems which use syslen in utmpx. |
962 | patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp> | |
71276795 | 963 | - OpenBSD CVS updates: |
964 | - markus@cvs.openbsd.org | |
965 | [session.c] | |
966 | make x11-fwd work w/ localhost (xauth add host/unix:11) | |
967 | [cipher.c compat.c readconf.c servconf.c] | |
968 | check strtok() != NULL; ok niels@ | |
969 | [key.c] | |
970 | fix key_read() for uuencoded keys w/o '=' | |
971 | [serverloop.c] | |
972 | group ssh1 vs. ssh2 in serverloop | |
973 | [kex.c kex.h myproposal.h sshconnect2.c sshd.c] | |
974 | split kexinit/kexdh, factor out common code | |
975 | [readconf.c ssh.1 ssh.c] | |
976 | forwardagent defaults to no, add ssh -A | |
977 | - theo@cvs.openbsd.org | |
978 | [session.c] | |
979 | just some line shortening | |
60688ef9 | 980 | - Released 2.1.0p3 |
b9f446d1 | 981 | |
29611d9c | 982 | 20000520 |
983 | - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
25422c70 | 984 | - Don't touch utmp if USE_UTMPX defined |
a423beaf | 985 | - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com> |
fc1e8bf4 | 986 | - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com> |
bcbf86ec | 987 | - HPUX and Configure fixes from Lutz Jaenicke |
fc1e8bf4 | 988 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
bcbf86ec | 989 | - Use mkinstalldirs script to make directories instead of non-portable |
fc1e8bf4 | 990 | "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
a905808d | 991 | - Doc cleanup |
29611d9c | 992 | |
301e9b01 | 993 | 20000518 |
994 | - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday | |
995 | - OpenBSD CVS updates: | |
996 | - markus@cvs.openbsd.org | |
997 | [sshconnect.c] | |
998 | copy only ai_addrlen bytes; misiek@pld.org.pl | |
999 | [auth.c] | |
bcbf86ec | 1000 | accept an empty shell in authentication; bug reported by |
301e9b01 | 1001 | chris@tinker.ucr.edu |
1002 | [serverloop.c] | |
1003 | we don't have stderr for interactive terminal sessions (fcntl errors) | |
1004 | ||
ad85db64 | 1005 | 20000517 |
1006 | - Fix from Andre Lucas <andre.lucas@dial.pipex.com> | |
1007 | - Fixes command line printing segfaults (spotter: Bladt Norbert) | |
1008 | - Fixes erroneous printing of debug messages to syslog | |
1009 | - Fixes utmp for MacOS X (spotter: Aristedes Maniatis) | |
1010 | - Gives useful error message if PRNG initialisation fails | |
1011 | - Reduced ssh startup delay | |
1012 | - Measures cumulative command time rather than the time between reads | |
704b1659 | 1013 | after select() |
ad85db64 | 1014 | - 'fixprogs' perl script to eliminate non-working entropy commands, and |
704b1659 | 1015 | optionally run 'ent' to measure command entropy |
c1ef8333 | 1016 | - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix |
a64009ad | 1017 | - Avoid WCOREDUMP complation errors for systems that lack it |
bcbf86ec | 1018 | - Avoid SIGCHLD warnings from entropy commands |
28c1d5ce | 1019 | - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk> |
0e73cc53 | 1020 | - OpenBSD CVS update: |
bcbf86ec | 1021 | - markus@cvs.openbsd.org |
0e73cc53 | 1022 | [ssh.c] |
1023 | fix usage() | |
1024 | [ssh2.h] | |
1025 | draft-ietf-secsh-architecture-05.txt | |
1026 | [ssh.1] | |
1027 | document ssh -T -N (ssh2 only) | |
1028 | [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c] | |
1029 | enable nonblocking IO for sshd w/ proto 1, too; split out common code | |
1030 | [aux.c] | |
1031 | missing include | |
c04f75f1 | 1032 | - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
1033 | - INSTALL typo and URL fix | |
1034 | - Makefile fix | |
1035 | - Solaris fixes | |
bcbf86ec | 1036 | - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka |
c04f75f1 | 1037 | <ksakai@kso.netwk.ntt-at.co.jp> |
afa5ee68 | 1038 | - RSAless operation patch from kevin_oconnor@standardandpoors.com |
d45e3d76 | 1039 | - Detect OpenSSL seperatly from RSA |
bcbf86ec | 1040 | - Better test for RSA (more compatible with RSAref). Based on work by |
d45e3d76 | 1041 | Ed Eden <ede370@stl.rural.usda.gov> |
ad85db64 | 1042 | |
3d1a1654 | 1043 | 20000513 |
bcbf86ec | 1044 | - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz |
3d1a1654 | 1045 | <misiek@pld.org.pl> |
1046 | ||
d02a3a00 | 1047 | 20000511 |
bcbf86ec | 1048 | - Fix for prng_seed permissions checking from Lutz Jaenicke |
d02a3a00 | 1049 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
3d1a1654 | 1050 | - "make host-key" fix for Irix |
d02a3a00 | 1051 | |
d0c832f3 | 1052 | 20000509 |
1053 | - OpenBSD CVS update | |
1054 | - markus@cvs.openbsd.org | |
1055 | [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c] | |
1056 | [ssh.h sshconnect1.c sshconnect2.c sshd.8] | |
1057 | - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) | |
1058 | - hugh@cvs.openbsd.org | |
1059 | [ssh.1] | |
1060 | - zap typo | |
1061 | [ssh-keygen.1] | |
1062 | - One last nit fix. (markus approved) | |
1063 | [sshd.8] | |
1064 | - some markus certified spelling adjustments | |
1065 | - markus@cvs.openbsd.org | |
1066 | [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c] | |
1067 | [sshconnect2.c ] | |
1068 | - bug compat w/ ssh-2.0.13 x11, split out bugs | |
1069 | [nchan.c] | |
1070 | - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@ | |
1071 | [ssh-keygen.c] | |
1072 | - handle escapes in real and original key format, ok millert@ | |
1073 | [version.h] | |
1074 | - OpenSSH-2.1 | |
3dc1102e | 1075 | - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a |
e93ee87a | 1076 | - Doc updates |
bcbf86ec | 1077 | - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported |
21e5304a | 1078 | by Andre Lucas <andre.lucas@dial.pipex.com> |
d0c832f3 | 1079 | |
ebdeb9a8 | 1080 | 20000508 |
1081 | - Makefile and RPM spec fixes | |
1082 | - Generate DSA host keys during "make key" or RPM installs | |
f6cde515 | 1083 | - OpenBSD CVS update |
1084 | - markus@cvs.openbsd.org | |
1085 | [clientloop.c sshconnect2.c] | |
1086 | - make x11-fwd interop w/ ssh-2.0.13 | |
1087 | [README.openssh2] | |
1088 | - interop w/ SecureFX | |
1089 | - Release 2.0.0beta2 | |
ebdeb9a8 | 1090 | |
bcbf86ec | 1091 | - Configure caching and cleanup patch from Andre Lucas' |
58d100bf | 1092 | <andre.lucas@dial.pipex.com> |
1093 | ||
1d1ffb87 | 1094 | 20000507 |
1095 | - Remove references to SSLeay. | |
1096 | - Big OpenBSD CVS update | |
1097 | - markus@cvs.openbsd.org | |
1098 | [clientloop.c] | |
1099 | - typo | |
1100 | [session.c] | |
1101 | - update proctitle on pty alloc/dealloc, e.g. w/ windows client | |
1102 | [session.c] | |
1103 | - update proctitle for proto 1, too | |
1104 | [channels.h nchan.c serverloop.c session.c sshd.c] | |
1105 | - use c-style comments | |
1106 | - deraadt@cvs.openbsd.org | |
1107 | [scp.c] | |
1108 | - more atomicio | |
bcbf86ec | 1109 | - markus@cvs.openbsd.org |
1d1ffb87 | 1110 | [channels.c] |
1111 | - set O_NONBLOCK | |
1112 | [ssh.1] | |
1113 | - update AUTHOR | |
1114 | [readconf.c ssh-keygen.c ssh.h] | |
1115 | - default DSA key file ~/.ssh/id_dsa | |
1116 | [clientloop.c] | |
1117 | - typo, rm verbose debug | |
1118 | - deraadt@cvs.openbsd.org | |
1119 | [ssh-keygen.1] | |
1120 | - document DSA use of ssh-keygen | |
1121 | [sshd.8] | |
1122 | - a start at describing what i understand of the DSA side | |
1123 | [ssh-keygen.1] | |
1124 | - document -X and -x | |
1125 | [ssh-keygen.c] | |
1126 | - simplify usage | |
bcbf86ec | 1127 | - markus@cvs.openbsd.org |
1d1ffb87 | 1128 | [sshd.8] |
1129 | - there is no rhosts_dsa | |
1130 | [ssh-keygen.1] | |
1131 | - document -y, update -X,-x | |
1132 | [nchan.c] | |
1133 | - fix close for non-open ssh1 channels | |
1134 | [servconf.c servconf.h ssh.h sshd.8 sshd.c ] | |
1135 | - s/DsaKey/HostDSAKey/, document option | |
1136 | [sshconnect2.c] | |
1137 | - respect number_of_password_prompts | |
1138 | [channels.c channels.h servconf.c servconf.h session.c sshd.8] | |
1139 | - GatewayPorts for sshd, ok deraadt@ | |
1140 | [ssh-add.1 ssh-agent.1 ssh.1] | |
1141 | - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2 | |
1142 | [ssh.1] | |
1143 | - more info on proto 2 | |
1144 | [sshd.8] | |
1145 | - sync AUTHOR w/ ssh.1 | |
1146 | [key.c key.h sshconnect.c] | |
1147 | - print key type when talking about host keys | |
1148 | [packet.c] | |
1149 | - clear padding in ssh2 | |
1150 | [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h] | |
1151 | - replace broken uuencode w/ libc b64_ntop | |
1152 | [auth2.c] | |
1153 | - log failure before sending the reply | |
1154 | [key.c radix.c uuencode.c] | |
1155 | - remote trailing comments before calling __b64_pton | |
1156 | [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1] | |
1157 | [sshconnect2.c sshd.8] | |
1158 | - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8 | |
1159 | - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch]) | |
1160 | ||
1a11e1ae | 1161 | 20000502 |
0fbe8c74 | 1162 | - OpenBSD CVS update |
1163 | [channels.c] | |
1164 | - init all fds, close all fds. | |
1165 | [sshconnect2.c] | |
1166 | - check whether file exists before asking for passphrase | |
1167 | [servconf.c servconf.h sshd.8 sshd.c] | |
1168 | - PidFile, pr 1210 | |
1169 | [channels.c] | |
1170 | - EINTR | |
1171 | [channels.c] | |
1172 | - unbreak, ok niels@ | |
1173 | [sshd.c] | |
1174 | - unlink pid file, ok niels@ | |
1175 | [auth2.c] | |
1176 | - Add missing #ifdefs; ok - markus | |
bcbf86ec | 1177 | - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy |
d3083fbd | 1178 | gathering commands from a text file |
1a11e1ae | 1179 | - Release 2.0.0beta1 |
1180 | ||
c4bc58eb | 1181 | 20000501 |
1182 | - OpenBSD CVS update | |
1183 | [packet.c] | |
1184 | - send debug messages in SSH2 format | |
3189621b | 1185 | [scp.c] |
1186 | - fix very rare EAGAIN/EINTR issues; based on work by djm | |
1187 | [packet.c] | |
1188 | - less debug, rm unused | |
1189 | [auth2.c] | |
1190 | - disable kerb,s/key in ssh2 | |
1191 | [sshd.8] | |
1192 | - Minor tweaks and typo fixes. | |
1193 | [ssh-keygen.c] | |
1194 | - Put -d into usage and reorder. markus ok. | |
bcbf86ec | 1195 | - Include missing headers for OpenSSL tests. Fix from Phil Karn |
44fb55e9 | 1196 | <karn@ka9q.ampr.org> |
bcbf86ec | 1197 | - Fixed __progname symbol collisions reported by Andre Lucas |
3fd95d9a | 1198 | <andre.lucas@dial.pipex.com> |
0d5f7abc | 1199 | - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering |
1200 | <gd@hilb1.medat.de> | |
8cb940db | 1201 | - Add some missing ifdefs to auth2.c |
8af50c98 | 1202 | - Deprecate perl-tk askpass. |
52bcc044 | 1203 | - Irix portability fixes - don't include netinet headers more than once |
1204 | - Make sure we don't save PRNG seed more than once | |
c4bc58eb | 1205 | |
2b763e31 | 1206 | 20000430 |
1207 | - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au> | |
b7a87eea | 1208 | - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection |
1209 | patch. | |
1210 | - Adds timeout to entropy collection | |
1211 | - Disables slow entropy sources | |
1212 | - Load and save seed file | |
bcbf86ec | 1213 | - Changed entropy seed code to user per-user seeds only (server seed is |
b7a87eea | 1214 | saved in root's .ssh directory) |
1215 | - Use atexit() and fatal cleanups to save seed on exit | |
0b242b12 | 1216 | - More OpenBSD updates: |
1217 | [session.c] | |
1218 | - don't call chan_write_failed() if we are not writing | |
1219 | [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c] | |
1220 | - keysize warnings error() -> log() | |
2b763e31 | 1221 | |
a306f2dd | 1222 | 20000429 |
1223 | - Merge big update to OpenSSH-2.0 from OpenBSD CVS | |
1224 | [README.openssh2] | |
1225 | - interop w/ F-secure windows client | |
1226 | - sync documentation | |
1227 | - ssh_host_dsa_key not ssh_dsa_key | |
1228 | [auth-rsa.c] | |
1229 | - missing fclose | |
1230 | [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c] | |
1231 | [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c] | |
1232 | [sshd.c uuencode.c uuencode.h authfile.h] | |
1233 | - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] | |
1234 | for trading keys with the real and the original SSH, directly from the | |
1235 | people who invented the SSH protocol. | |
1236 | [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h] | |
1237 | [sshconnect1.c sshconnect2.c] | |
1238 | - split auth/sshconnect in one file per protocol version | |
1239 | [sshconnect2.c] | |
1240 | - remove debug | |
1241 | [uuencode.c] | |
1242 | - add trailing = | |
1243 | [version.h] | |
1244 | - OpenSSH-2.0 | |
1245 | [ssh-keygen.1 ssh-keygen.c] | |
1246 | - add -R flag: exit code indicates if RSA is alive | |
1247 | [sshd.c] | |
1248 | - remove unused | |
1249 | silent if -Q is specified | |
1250 | [ssh.h] | |
1251 | - host key becomes /etc/ssh_host_dsa_key | |
1252 | [readconf.c servconf.c ] | |
1253 | - ssh/sshd default to proto 1 and 2 | |
1254 | [uuencode.c] | |
1255 | - remove debug | |
1256 | [auth2.c ssh-keygen.c sshconnect2.c sshd.c] | |
1257 | - xfree DSA blobs | |
1258 | [auth2.c serverloop.c session.c] | |
1259 | - cleanup logging for sshd/2, respect PasswordAuth no | |
1260 | [sshconnect2.c] | |
1261 | - less debug, respect .ssh/config | |
1262 | [README.openssh2 channels.c channels.h] | |
bcbf86ec | 1263 | - clientloop.c session.c ssh.c |
a306f2dd | 1264 | - support for x11-fwding, client+server |
1265 | ||
0ac7199f | 1266 | 20000421 |
1267 | - Merge fix from OpenBSD CVS | |
1268 | [ssh-agent.c] | |
1269 | - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de> | |
1270 | via Debian bug #59926 | |
18ba2aab | 1271 | - Define __progname in session.c if libc doesn't |
1272 | - Remove indentation on autoconf #include statements to avoid bug in | |
bcbf86ec | 1273 | DEC Tru64 compiler. Report and fix from David Del Piero |
18ba2aab | 1274 | <David.DelPiero@qed.qld.gov.au> |
0ac7199f | 1275 | |
e1b37056 | 1276 | 20000420 |
bcbf86ec | 1277 | - Make fixpaths work with perl4, patch from Andre Lucas |
e1b37056 | 1278 | <andre.lucas@dial.pipex.com> |
9da5c3c9 | 1279 | - Sync with OpenBSD CVS: |
1280 | [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c] | |
1281 | - pid_t | |
1282 | [session.c] | |
1283 | - remove bogus chan_read_failed. this could cause data | |
1284 | corruption (missing data) at end of a SSH2 session. | |
4e577b89 | 1285 | - Merge fixes from Debian patch from Phil Hands <phil@hands.com> |
1286 | - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE) | |
1287 | - Use vhangup to clean up Linux ttys | |
1288 | - Force posix getopt processing on GNU libc systems | |
371ecff9 | 1289 | - Debian bug #55910 - remove references to ssl(8) manpages |
247f1a89 | 1290 | - Debian bug #58031 - ssh_config lies about default cipher |
e1b37056 | 1291 | |
d6f24e45 | 1292 | 20000419 |
1293 | - OpenBSD CVS updates | |
1294 | [channels.c] | |
1295 | - fix pr 1196, listen_port and port_to_connect interchanged | |
1296 | [scp.c] | |
bcbf86ec | 1297 | - after completion, replace the progress bar ETA counter with a final |
d6f24e45 | 1298 | elapsed time; my idea, aaron wrote the patch |
1299 | [ssh_config sshd_config] | |
1300 | - show 'Protocol' as an example, ok markus@ | |
1301 | [sshd.c] | |
1302 | - missing xfree() | |
1303 | - Add missing header to bsd-misc.c | |
1304 | ||
35484284 | 1305 | 20000416 |
1306 | - Reduce diff against OpenBSD source | |
bcbf86ec | 1307 | - All OpenSSL includes are now unconditionally referenced as |
35484284 | 1308 | openssl/foo.h |
1309 | - Pick up formatting changes | |
1310 | - Other minor changed (typecasts, etc) that I missed | |
1311 | ||
6ae2364d | 1312 | 20000415 |
1313 | - OpenBSD CVS updates. | |
1314 | [ssh.1 ssh.c] | |
1315 | - ssh -2 | |
1316 | [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] | |
1317 | [session.c sshconnect.c] | |
1318 | - check payload for (illegal) extra data | |
1319 | [ALL] | |
1320 | whitespace cleanup | |
1321 | ||
c323ac76 | 1322 | 20000413 |
1323 | - INSTALL doc updates | |
f54651ce | 1324 | - Merged OpenBSD updates to include paths. |
bcbf86ec | 1325 | |
a8be9f80 | 1326 | 20000412 |
1327 | - OpenBSD CVS updates: | |
1328 | - [channels.c] | |
1329 | repair x11-fwd | |
1330 | - [sshconnect.c] | |
1331 | fix passwd prompt for ssh2, less debugging output. | |
1332 | - [clientloop.c compat.c dsa.c kex.c sshd.c] | |
1333 | less debugging output | |
1334 | - [kex.c kex.h sshconnect.c sshd.c] | |
1335 | check for reasonable public DH values | |
1336 | - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] | |
1337 | [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] | |
1338 | add Cipher and Protocol options to ssh/sshd, e.g.: | |
1339 | ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers | |
1340 | arcfour,3des-cbc' | |
1341 | - [sshd.c] | |
1342 | print 1.99 only if server supports both | |
1343 | ||
18e92801 | 1344 | 20000408 |
1345 | - Avoid some compiler warnings in fake-get*.c | |
1346 | - Add IPTOS macros for systems which lack them | |
9d98aaf6 | 1347 | - Only set define entropy collection macros if they are found |
e78a59f5 | 1348 | - More large OpenBSD CVS updates: |
1349 | - [auth.c auth.h servconf.c servconf.h serverloop.c session.c] | |
1350 | [session.h ssh.h sshd.c README.openssh2] | |
1351 | ssh2 server side, see README.openssh2; enable with 'sshd -2' | |
1352 | - [channels.c] | |
1353 | no adjust after close | |
1354 | - [sshd.c compat.c ] | |
1355 | interop w/ latest ssh.com windows client. | |
bcbf86ec | 1356 | |
8ce64345 | 1357 | 20000406 |
1358 | - OpenBSD CVS update: | |
1359 | - [channels.c] | |
1360 | close efd on eof | |
1361 | - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h] | |
1362 | ssh2 client implementation, interops w/ ssh.com and lsh servers. | |
1363 | - [sshconnect.c] | |
1364 | missing free. | |
1365 | - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c] | |
1366 | remove unused argument, split cipher_mask() | |
1367 | - [clientloop.c] | |
1368 | re-order: group ssh1 vs. ssh2 | |
1369 | - Make Redhat spec require openssl >= 0.9.5a | |
1370 | ||
e7627112 | 1371 | 20000404 |
1372 | - Add tests for RAND_add function when searching for OpenSSL | |
7e7327a1 | 1373 | - OpenBSD CVS update: |
1374 | - [packet.h packet.c] | |
1375 | ssh2 packet format | |
1376 | - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c] | |
1377 | [channels.h channels.c] | |
1378 | channel layer support for ssh2 | |
1379 | - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] | |
1380 | DSA, keyexchange, algorithm agreement for ssh2 | |
6c081128 | 1381 | - Generate manpages before make install not at the end of make all |
1382 | - Don't seed the rng quite so often | |
1383 | - Always reseed rng when requested | |
e7627112 | 1384 | |
bfc9a610 | 1385 | 20000403 |
1386 | - Wrote entropy collection routines for systems that lack /dev/random | |
1387 | and EGD | |
837c30b8 | 1388 | - Disable tests and typedefs for 64 bit types. They are currently unused. |
bfc9a610 | 1389 | |
7368a6c8 | 1390 | 20000401 |
1391 | - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) | |
1392 | - [auth.c session.c sshd.c auth.h] | |
1393 | split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal | |
1394 | - [bufaux.c bufaux.h] | |
1395 | support ssh2 bignums | |
1396 | - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c] | |
1397 | [readconf.c ssh.c ssh.h serverloop.c] | |
1398 | replace big switch() with function tables (prepare for ssh2) | |
1399 | - [ssh2.h] | |
1400 | ssh2 message type codes | |
1401 | - [sshd.8] | |
1402 | reorder Xr to avoid cutting | |
1403 | - [serverloop.c] | |
1404 | close(fdin) if fdin != fdout, shutdown otherwise, ok theo@ | |
1405 | - [channels.c] | |
1406 | missing close | |
1407 | allow bigger packets | |
1408 | - [cipher.c cipher.h] | |
1409 | support ssh2 ciphers | |
1410 | - [compress.c] | |
1411 | cleanup, less code | |
1412 | - [dispatch.c dispatch.h] | |
1413 | function tables for different message types | |
1414 | - [log-server.c] | |
1415 | do not log() if debuggin to stderr | |
1416 | rename a cpp symbol, to avoid param.h collision | |
1417 | - [mpaux.c] | |
1418 | KNF | |
1419 | - [nchan.c] | |
1420 | sync w/ channels.c | |
1421 | ||
f5238bee | 1422 | 20000326 |
1423 | - Better tests for OpenSSL w/ RSAref | |
bcbf86ec | 1424 | - Added replacement setenv() function from OpenBSD libc. Suggested by |
f5238bee | 1425 | Ben Lindstrom <mouring@pconline.com> |
4fe2af09 | 1426 | - OpenBSD CVS update |
1427 | - [auth-krb4.c] | |
1428 | -Wall | |
1429 | - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c] | |
1430 | [match.h ssh.c ssh.h sshconnect.c sshd.c] | |
1431 | initial support for DSA keys. ok deraadt@, niels@ | |
1432 | - [cipher.c cipher.h] | |
1433 | remove unused cipher_attack_detected code | |
1434 | - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] | |
1435 | Fix some formatting problems I missed before. | |
1436 | - [ssh.1 sshd.8] | |
1437 | fix spelling errors, From: FreeBSD | |
1438 | - [ssh.c] | |
1439 | switch to raw mode only if he _get_ a pty (not if we _want_ a pty). | |
f5238bee | 1440 | |
0024a081 | 1441 | 20000324 |
1442 | - Released 1.2.3 | |
1443 | ||
bd499f9e | 1444 | 20000317 |
1445 | - Clarified --with-default-path option. | |
1446 | - Added -blibpath handling for AIX to work around stupid runtime linking. | |
1447 | Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble | |
1448 | <jmknoble@pobox.com> | |
474b5fef | 1449 | - Checks for 64 bit int types. Problem report from Mats Fredholm |
1450 | <matsf@init.se> | |
610cd5c6 | 1451 | - OpenBSD CVS updates: |
bcbf86ec | 1452 | - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] |
610cd5c6 | 1453 | [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] |
1454 | [sshd.c] | |
1455 | pedantic: signed vs. unsigned, void*-arithm, etc | |
1456 | - [ssh.1 sshd.8] | |
1457 | Various cleanups and standardizations. | |
bcbf86ec | 1458 | - Runtime error fix for HPUX from Otmar Stahl |
be48d23c | 1459 | <O.Stahl@lsw.uni-heidelberg.de> |
bd499f9e | 1460 | |
4696775a | 1461 | 20000316 |
bcbf86ec | 1462 | - Fixed configure not passing LDFLAGS to Solaris. Report from David G. |
4696775a | 1463 | Hesprich <dghespri@sprintparanet.com> |
d423d822 | 1464 | - Propogate LD through to Makefile |
b7a9ce47 | 1465 | - Doc cleanups |
2ba2a610 | 1466 | - Added blurb about "scp: command not found" errors to UPGRADING |
4696775a | 1467 | |
cb0b7ea4 | 1468 | 20000315 |
1469 | - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list | |
1470 | problems with gcc/Solaris. | |
bcbf86ec | 1471 | - Don't free argument to putenv() after use (in setenv() replacement). |
db55a3ea | 1472 | Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp> |
bcbf86ec | 1473 | - Created contrib/ subdirectory. Included helpers from Phil Hands' |
13652e52 | 1474 | Debian package, README file and chroot patch from Ricardo Cerqueira |
1475 | <rmcc@clix.pt> | |
bcbf86ec | 1476 | - Moved gnome-ssh-askpass.c to contrib directory and removed config |
13652e52 | 1477 | option. |
1478 | - Slight cleanup to doc files | |
b14b2ae7 | 1479 | - Configure fix from Bratislav ILICH <bilic@zepter.ru> |
cb0b7ea4 | 1480 | |
a8ed9fd9 | 1481 | 20000314 |
bcbf86ec | 1482 | - Include macro for IN6_IS_ADDR_V4MAPPED. Report from |
a8ed9fd9 | 1483 | peter@frontierflying.com |
84afc958 | 1484 | - Include /usr/local/include and /usr/local/lib for systems that don't |
1485 | do it themselves | |
1486 | - -R/usr/local/lib for Solaris | |
1487 | - Fix RSAref detection | |
1488 | - Fix IN6_IS_ADDR_V4MAPPED macro | |
a8ed9fd9 | 1489 | |
bcf36c78 | 1490 | 20000311 |
1491 | - Detect RSAref | |
43e48848 | 1492 | - OpenBSD CVS change |
1493 | [sshd.c] | |
1494 | - disallow guessing of root password | |
867dbf40 | 1495 | - More configure fixes |
80faa19f | 1496 | - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> |
bcf36c78 | 1497 | |
c8d54615 | 1498 | 20000309 |
1499 | - OpenBSD CVS updates to v1.2.3 | |
704b1659 | 1500 | [ssh.h atomicio.c] |
1501 | - int atomicio -> ssize_t (for alpha). ok deraadt@ | |
1502 | [auth-rsa.c] | |
1503 | - delay MD5 computation until client sends response, free() early, cleanup. | |
1504 | [cipher.c] | |
1505 | - void* -> unsigned char*, ok niels@ | |
1506 | [hostfile.c] | |
1507 | - remove unused variable 'len'. fix comments. | |
1508 | - remove unused variable | |
1509 | [log-client.c log-server.c] | |
1510 | - rename a cpp symbol, to avoid param.h collision | |
1511 | [packet.c] | |
1512 | - missing xfree() | |
1513 | - getsockname() requires initialized tolen; andy@guildsoftware.com | |
1514 | - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
1515 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
1516 | [pty.c pty.h] | |
bcbf86ec | 1517 | - register cleanup for pty earlier. move code for pty-owner handling to |
c8d54615 | 1518 | pty.c ok provos@, dugsong@ |
704b1659 | 1519 | [readconf.c] |
1520 | - turn off x11-fwd for the client, too. | |
1521 | [rsa.c] | |
1522 | - PKCS#1 padding | |
1523 | [scp.c] | |
1524 | - allow '.' in usernames; from jedgar@fxp.org | |
1525 | [servconf.c] | |
1526 | - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de | |
1527 | - sync with sshd_config | |
1528 | [ssh-keygen.c] | |
1529 | - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ | |
1530 | [ssh.1] | |
1531 | - Change invalid 'CHAT' loglevel to 'VERBOSE' | |
1532 | [ssh.c] | |
1533 | - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp | |
1534 | - turn off x11-fwd for the client, too. | |
1535 | [sshconnect.c] | |
1536 | - missing xfree() | |
1537 | - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. | |
1538 | - read error vs. "Connection closed by remote host" | |
1539 | [sshd.8] | |
1540 | - ie. -> i.e., | |
1541 | - do not link to a commercial page.. | |
1542 | - sync with sshd_config | |
1543 | [sshd.c] | |
1544 | - no need for poll.h; from bright@wintelcom.net | |
1545 | - log with level log() not fatal() if peer behaves badly. | |
1546 | - don't panic if client behaves strange. ok deraadt@ | |
1547 | - make no-port-forwarding for RSA keys deny both -L and -R style fwding | |
1548 | - delay close() of pty until the pty has been chowned back to root | |
1549 | - oops, fix comment, too. | |
1550 | - missing xfree() | |
1551 | - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. | |
1552 | (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) | |
bcbf86ec | 1553 | - register cleanup for pty earlier. move code for pty-owner handling to |
704b1659 | 1554 | pty.c ok provos@, dugsong@ |
1555 | - create x11 cookie file | |
1556 | - fix pr 1113, fclose() -> pclose(), todo: remote popen() | |
1557 | - version 1.2.3 | |
c8d54615 | 1558 | - Cleaned up |
bcbf86ec | 1559 | - Removed warning workaround for Linux and devpts filesystems (no longer |
d8223847 | 1560 | required after OpenBSD updates) |
c8d54615 | 1561 | |
07055445 | 1562 | 20000308 |
1563 | - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> | |
1564 | ||
1565 | 20000307 | |
1566 | - Released 1.2.2p1 | |
1567 | ||
9c8c3fc6 | 1568 | 20000305 |
1569 | - Fix DEC compile fix | |
54096dcc | 1570 | - Explicitly seed OpenSSL's PRNG before checking rsa_alive() |
aa6bd60a | 1571 | - Check for getpagesize in libucb.a if not found in libc. Fix for old |
1572 | Solaris from Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 1573 | - Check for libwrap if --with-tcp-wrappers option specified. Suggestion |
9fc7867e | 1574 | Mate Wierdl <mw@moni.msci.memphis.edu> |
9c8c3fc6 | 1575 | |
6bf4d066 | 1576 | 20000303 |
1577 | - Added "make host-key" target, Suggestion from Dominik Brettnacher | |
1578 | <domi@saargate.de> | |
bcbf86ec | 1579 | - Don't permanently fail on bind() if getaddrinfo has more choices left for |
16218745 | 1580 | us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz |
1581 | Miskiewicz <misiek@pld.org.pl> | |
22fa590f | 1582 | - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au> |
1583 | - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au> | |
6bf4d066 | 1584 | |
a0391976 | 1585 | 20000302 |
1586 | - Big cleanup of autoconf code | |
1587 | - Rearranged to be a little more logical | |
1588 | - Added -R option for Solaris | |
1589 | - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program | |
1590 | to detect library and header location _and_ ensure library has proper | |
1591 | RSA support built in (this is a problem with OpenSSL 0.9.5). | |
817175bc | 1592 | - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de |
0a1718dc | 1593 | - Avoid warning message with Unix98 ptys |
bcbf86ec | 1594 | - Warning was valid - possible race condition on PTYs. Avoided using |
3276571c | 1595 | platform-specific code. |
1596 | - Document some common problems | |
bcbf86ec | 1597 | - Allow root access to any key. Patch from |
81eef326 | 1598 | markus.friedl@informatik.uni-erlangen.de |
a0391976 | 1599 | |
f55afe71 | 1600 | 20000207 |
1601 | - Removed SOCKS code. Will support through a ProxyCommand. | |
1602 | ||
d07d1c58 | 1603 | 20000203 |
1604 | - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu | |
d581b7ae | 1605 | - Add --with-ssl-dir option |
d07d1c58 | 1606 | |
9d5f374b | 1607 | 20000202 |
bcbf86ec | 1608 | - Fix lastlog code for directory based lastlogs. Fix from Josh Durham |
9d5f374b | 1609 | <jmd@aoe.vt.edu> |
6b1f3fdb | 1610 | - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 1611 | - Added URLs to Japanese translations of documents by HARUYAMA Seigo |
6b1f3fdb | 1612 | <haruyama@nt.phys.s.u-tokyo.ac.jp> |
9d5f374b | 1613 | |
bc8c2601 | 1614 | 20000201 |
1615 | - Use socket pairs by default (instead of pipes). Prevents race condition | |
1616 | on several (buggy) OSs. Report and fix from tridge@linuxcare.com | |
1617 | ||
69c76614 | 1618 | 20000127 |
1619 | - Seed OpenSSL's random number generator before generating RSA keypairs | |
1620 | - Split random collector into seperate file | |
aaf2abd7 | 1621 | - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com> |
69c76614 | 1622 | |
f9507c24 | 1623 | 20000126 |
1624 | - Released 1.2.2 stable | |
1625 | ||
bcbf86ec | 1626 | - NeXT keeps it lastlog in /usr/adm. Report from |
f9507c24 | 1627 | mouring@newton.pconline.com |
bcbf86ec | 1628 | - Added note in UPGRADING re interop with commercial SSH using idea. |
587120ad | 1629 | Report from Jim Knoble <jmknoble@pobox.com> |
1630 | - Fix linking order for Kerberos/AFS. Fix from Holget Trapp | |
1631 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
f9507c24 | 1632 | |
bfae20ad | 1633 | 20000125 |
bcbf86ec | 1634 | - Fix NULL pointer dereference in login.c. Fix from Andre Lucas |
bfae20ad | 1635 | <andre.lucas@dial.pipex.com> |
07b0cb78 | 1636 | - Reorder PAM initialisation so it does not mess up lastlog. Reported |
1637 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 1638 | - Use preformatted manpages on SCO, report from Gary E. Miller |
9755cbdb | 1639 | <gem@rellim.com> |
1640 | - New URL for x11-ssh-askpass. | |
bcbf86ec | 1641 | - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble |
7e31dc81 | 1642 | <jmknoble@pobox.com> |
bcbf86ec | 1643 | - Added 'DESTDIR' option to Makefile to ease package building. Patch from |
ff8ecdb8 | 1644 | Jim Knoble <jmknoble@pobox.com> |
1645 | - Updated RPM spec files to use DESTDIR | |
bfae20ad | 1646 | |
bb58aa4b | 1647 | 20000124 |
1648 | - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number | |
1649 | increment) | |
1650 | ||
d45317d8 | 1651 | 20000123 |
1652 | - OpenBSD CVS: | |
1653 | - [packet.c] | |
1654 | getsockname() requires initialized tolen; andy@guildsoftware.com | |
bcbf86ec | 1655 | - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin |
4c40f834 | 1656 | <drankin@bohemians.lexington.ky.us> |
12aa90af | 1657 | - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com> |
d45317d8 | 1658 | |
e844f761 | 1659 | 20000122 |
1660 | - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor | |
1661 | <bent@clark.net> | |
c54a6257 | 1662 | - Merge preformatted manpage patch from Andre Lucas |
1663 | <andre.lucas@dial.pipex.com> | |
8eb34e02 | 1664 | - Make IPv4 use the default in RPM packages |
1665 | - Irix uses preformatted manpages | |
1e64903d | 1666 | - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp |
1667 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
9bc5ddfe | 1668 | - OpenBSD CVS updates: |
1669 | - [packet.c] | |
1670 | use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
1671 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
1672 | - [sshd.c] | |
1673 | log with level log() not fatal() if peer behaves badly. | |
1674 | - [readpass.c] | |
bcbf86ec | 1675 | instead of blocking SIGINT, catch it ourselves, so that we can clean |
1676 | the tty modes up and kill ourselves -- instead of our process group | |
1677 | leader (scp, cvs, ...) going away and leaving us in noecho mode. | |
9bc5ddfe | 1678 | people with cbreak shells never even noticed.. |
399d9d44 | 1679 | - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
1680 | ie. -> i.e., | |
e844f761 | 1681 | |
4c8ef3fb | 1682 | 20000120 |
1683 | - Don't use getaddrinfo on AIX | |
7b2ea3a1 | 1684 | - Update to latest OpenBSD CVS: |
1685 | - [auth-rsa.c] | |
1686 | - fix user/1056, sshd keeps restrictions; dbt@meat.net | |
1687 | - [sshconnect.c] | |
1688 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
1689 | - destroy keys earlier | |
bcbf86ec | 1690 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 1691 | ok: provos@ |
7b2ea3a1 | 1692 | - [sshd.c] |
1693 | - no need for poll.h; from bright@wintelcom.net | |
1694 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
bcbf86ec | 1695 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 1696 | ok: provos@ |
f3bba493 | 1697 | - Big manpage and config file cleanup from Andre Lucas |
1698 | <andre.lucas@dial.pipex.com> | |
5f4fdfae | 1699 | - Re-added latest (unmodified) OpenBSD manpages |
47f9a56a | 1700 | - Doc updates |
d468fc76 | 1701 | - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and |
1702 | Christos Zoulas <christos@netbsd.org> | |
4c8ef3fb | 1703 | |
082bbfb3 | 1704 | 20000119 |
20af321f | 1705 | - SCO compile fixes from Gary E. Miller <gem@rellim.com> |
082bbfb3 | 1706 | - Compile fix from Darren_Hall@progressive.com |
59e76f33 | 1707 | - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC |
1708 | addresses using getaddrinfo(). Added a configure switch to make the | |
1709 | default lookup mode AF_INET | |
082bbfb3 | 1710 | |
a63a7f37 | 1711 | 20000118 |
1712 | - Fixed --with-pid-dir option | |
51a6baf8 | 1713 | - Makefile fix from Gary E. Miller <gem@rellim.com> |
bcbf86ec | 1714 | - Compile fix for HPUX and Solaris from Andre Lucas |
976f7e19 | 1715 | <andre.lucas@dial.pipex.com> |
a63a7f37 | 1716 | |
f914c7fb | 1717 | 20000117 |
1718 | - Clean up bsd-bindresvport.c. Use arc4random() for picking initial | |
1719 | port, ignore EINVAL errors (Linux) when searching for free port. | |
bcbf86ec | 1720 | - Revert __snprintf -> snprintf aliasing. Apparently Solaris |
de93b046 | 1721 | __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org> |
9b363e1c | 1722 | - Document location of Redhat PAM file in INSTALL. |
bcbf86ec | 1723 | - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6 |
1724 | INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to | |
f4a7cf29 | 1725 | deliver (no IPv6 kernel support) |
80a44451 | 1726 | - Released 1.2.1pre27 |
f914c7fb | 1727 | |
f4a7cf29 | 1728 | - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c) |
bcbf86ec | 1729 | - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen |
cf8ad170 | 1730 | <jhuuskon@hytti.uku.fi> |
bcbf86ec | 1731 | - Fix hang on logout if processes are still using the pty. Needs |
691a8a9f | 1732 | further testing. |
5957fd29 | 1733 | - Patch from Christos Zoulas <christos@zoulas.com> |
1734 | - Try $prefix first when looking for OpenSSL. | |
1735 | - Include sys/types.h when including sys/socket.h in test programs | |
bcbf86ec | 1736 | - Substitute PID directory in sshd.8. Suggestion from Andrew |
19d9ac2a | 1737 | Stribblehill <a.d.stribblehill@durham.ac.uk> |
f4a7cf29 | 1738 | |
47e45e44 | 1739 | 20000116 |
1740 | - Renamed --with-xauth-path to --with-xauth | |
1741 | - Added --with-pid-dir option | |
1742 | - Released 1.2.1pre26 | |
1743 | ||
a82ef8ae | 1744 | - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
bcbf86ec | 1745 | - Fixed broken bugfix for /dev/ptmx on Linux systems which lack |
66be05a1 | 1746 | openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
a82ef8ae | 1747 | |
5cdfe03f | 1748 | 20000115 |
1749 | - Add --with-xauth-path configure directive and explicit test for | |
bcbf86ec | 1750 | /usr/openwin/bin/xauth for Solaris systems. Report from Anders |
5cdfe03f | 1751 | Nordby <anders@fix.no> |
bcbf86ec | 1752 | - Fix incorrect detection of /dev/ptmx on Linux systems that lack |
5cdfe03f | 1753 | openpty. Report from John Seifarth <john@waw.be> |
1754 | - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in | |
bcbf86ec | 1755 | sys/types.h. Fixes problems on SCO, report from Gary E. Miller |
5cdfe03f | 1756 | <gem@rellim.com> |
1757 | - Use __snprintf and __vnsprintf if they are found where snprintf and | |
1758 | vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net> | |
1759 | and others. | |
1760 | ||
48e671d5 | 1761 | 20000114 |
1762 | - Merged OpenBSD IPv6 patch: | |
1763 | - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] | |
1764 | [scp.c packet.h packet.c login.c log.c canohost.c channels.c] | |
1765 | [hostfile.c sshd_config] | |
1766 | ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new | |
bcbf86ec | 1767 | features: sshd allows multiple ListenAddress and Port options. note |
1768 | that libwrap is not IPv6-ready. (based on patches from | |
48e671d5 | 1769 | fujiwara@rcac.tdi.co.jp) |
1770 | - [ssh.c canohost.c] | |
bcbf86ec | 1771 | more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, |
48e671d5 | 1772 | from itojun@ |
1773 | - [channels.c] | |
1774 | listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) | |
1775 | - [packet.h] | |
1776 | allow auth-kerberos for IPv4 only | |
1777 | - [scp.1 sshd.8 servconf.h scp.c] | |
1778 | document -4, -6, and 'ssh -L 2022/::1/22' | |
1779 | - [ssh.c] | |
bcbf86ec | 1780 | 'ssh @host' is illegal (null user name), from |
48e671d5 | 1781 | karsten@gedankenpolizei.de |
1782 | - [sshconnect.c] | |
1783 | better error message | |
1784 | - [sshd.c] | |
1785 | allow auth-kerberos for IPv4 only | |
1786 | - Big IPv6 merge: | |
1787 | - Cleanup overrun in sockaddr copying on RHL 6.1 | |
1788 | - Replacements for getaddrinfo, getnameinfo, etc based on versions | |
1789 | from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp> | |
1790 | - Replacement for missing structures on systems that lack IPv6 | |
1791 | - record_login needed to know about AF_INET6 addresses | |
1792 | - Borrowed more code from OpenBSD: rresvport_af and requisites | |
1793 | ||
2598df62 | 1794 | 20000110 |
1795 | - Fixes to auth-skey to enable it to use the standard OpenSSL libraries | |
1796 | ||
b8a0310d | 1797 | 20000107 |
1798 | - New config.sub and config.guess to fix problems on SCO. Supplied | |
1799 | by Gary E. Miller <gem@rellim.com> | |
b6a98a85 | 1800 | - SCO build fix from Gary E. Miller <gem@rellim.com> |
2598df62 | 1801 | - Released 1.2.1pre25 |
b8a0310d | 1802 | |
dfb95100 | 1803 | 20000106 |
1804 | - Documentation update & cleanup | |
1805 | - Better KrbIV / AFS detection, based on patch from: | |
1806 | Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
1807 | ||
b9795b89 | 1808 | 20000105 |
bcbf86ec | 1809 | - Fixed annoying DES corruption problem. libcrypt has been |
b9795b89 | 1810 | overriding symbols in libcrypto. Removed libcrypt and crypt.h |
1811 | altogether (libcrypto includes its own crypt(1) replacement) | |
1812 | - Added platform-specific rules for Irix 6.x. Included warning that | |
1813 | they are untested. | |
1814 | ||
a1ec4d79 | 1815 | 20000103 |
1816 | - Add explicit make rules for files proccessed by fixpaths. | |
bcbf86ec | 1817 | - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori |
a1ec4d79 | 1818 | <tnh@kondara.org> |
bcbf86ec | 1819 | - Removed "nullok" directive from default PAM configuration files. |
1820 | Added information on enabling EmptyPasswords on openssh+PAM in | |
607d73e6 | 1821 | UPGRADING file. |
e02735bb | 1822 | - OpenBSD CVS updates |
1823 | - [ssh-agent.c] | |
bcbf86ec | 1824 | cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and |
e02735bb | 1825 | dgaudet@arctic.org |
1826 | - [sshconnect.c] | |
1827 | compare correct version for 1.3 compat mode | |
a1ec4d79 | 1828 | |
93c7f644 | 1829 | 20000102 |
1830 | - Prevent multiple inclusion of config.h and defines.h. Suggested | |
1831 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
1832 | - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet | |
1833 | <dgaudet@arctic.org> | |
1834 | ||
76b8607f | 1835 | 19991231 |
bcbf86ec | 1836 | - Fix password support on systems with a mixture of shadowed and |
1837 | non-shadowed passwords (e.g. NIS). Report and fix from | |
76b8607f | 1838 | HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 1839 | - Fix broken autoconf typedef detection. Report from Marc G. |
723221b5 | 1840 | Fournier <marc.fournier@acadiau.ca> |
b92964b7 | 1841 | - Fix occasional crash on LinuxPPC. Patch from Franz Sirl |
1842 | <Franz.Sirl-kernel@lauterbach.com> | |
bcbf86ec | 1843 | - Prevent typedefs from being compiled more than once. Report from |
a6ddc88b | 1844 | Marc G. Fournier <marc.fournier@acadiau.ca> |
4811cc0b | 1845 | - Fill in ut_utaddr utmp field. Report from Benjamin Charron |
1846 | <iretd@bigfoot.com> | |
bcbf86ec | 1847 | - Really fix broken default path. Fix from Jim Knoble |
c43d69a9 | 1848 | <jmknoble@pobox.com> |
ae3a3d31 | 1849 | - Remove test for quad_t. No longer needed. |
76a8e733 | 1850 | - Released 1.2.1pre24 |
1851 | ||
1852 | - Added support for directory-based lastlogs | |
1853 | - Really fix typedefs, patch from Ben Taylor <bent@clark.net> | |
76b8607f | 1854 | |
13f825f4 | 1855 | 19991230 |
1856 | - OpenBSD CVS updates: | |
1857 | - [auth-passwd.c] | |
1858 | check for NULL 1st | |
bcbf86ec | 1859 | - Removed most of the pam code into its own file auth-pam.[ch]. This |
a5c9cd31 | 1860 | cleaned up sshd.c up significantly. |
bcbf86ec | 1861 | - PAM authentication was incorrectly interpreting |
76b8607f | 1862 | "PermitRootLogin without-password". Report from Matthias Andree |
1863 | <ma@dt.e-technik.uni-dortmund.de | |
a5c9cd31 | 1864 | - Several other cleanups |
0bc5b6fb | 1865 | - Merged Dante SOCKS support patch from David Rankin |
1866 | <drankin@bohemians.lexington.ky.us> | |
1867 | - Updated documentation with ./configure options | |
76b8607f | 1868 | - Released 1.2.1pre23 |
13f825f4 | 1869 | |
c73a0cb5 | 1870 | 19991229 |
bcbf86ec | 1871 | - Applied another NetBSD portability patch from David Rankin |
c73a0cb5 | 1872 | <drankin@bohemians.lexington.ky.us> |
1873 | - Fix --with-default-path option. | |
bcbf86ec | 1874 | - Autodetect perl, patch from David Rankin |
a0f84251 | 1875 | <drankin@bohemians.lexington.ky.us> |
bcbf86ec | 1876 | - Print whether OpenSSH was compiled with RSARef, patch from |
0a2ff95d | 1877 | Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu> |
bcbf86ec | 1878 | - Calls to pam_setcred, patch from Nalin Dahyabhai |
f91bacbd | 1879 | <nalin@thermo.stat.ncsu.edu> |
e3a93db0 | 1880 | - Detect missing size_t and typedef it. |
5ab44a92 | 1881 | - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] |
1882 | - Minor Makefile cleaning | |
c73a0cb5 | 1883 | |
b6019d68 | 1884 | 19991228 |
1885 | - Replacement for getpagesize() for systems which lack it | |
bcbf86ec | 1886 | - NetBSD login.c compile fix from David Rankin |
70e0115b | 1887 | <drankin@bohemians.lexington.ky.us> |
1888 | - Fully set ut_tv if present in utmp or utmpx | |
d94aa2ae | 1889 | - Portability fixes for Irix 5.3 (now compiles OK!) |
1890 | - autoconf and other misc cleanups | |
ea1970a3 | 1891 | - Merged AIX patch from Darren Hall <dhall@virage.org> |
1892 | - Cleaned up defines.h | |
fa9a2dd6 | 1893 | - Released 1.2.1pre22 |
b6019d68 | 1894 | |
d2dcff5f | 1895 | 19991227 |
1896 | - Automatically correct paths in manpages and configuration files. Patch | |
1897 | and script from Andre Lucas <andre.lucas@dial.pipex.com> | |
1898 | - Removed credits from README to CREDITS file, updated. | |
cb807f40 | 1899 | - Added --with-default-path to specify custom path for server |
1900 | - Removed #ifdef trickery from acconfig.h into defines.h | |
36a5b38e | 1901 | - PAM bugfix. PermitEmptyPassword was being ignored. |
1902 | - Fixed PAM config files to allow empty passwords if server does. | |
1903 | - Explained spurious PAM auth warning workaround in UPGRADING | |
21feb5fa | 1904 | - Use last few chars of tty line as ut_id |
5a7794be | 1905 | - New SuSE RPM spec file from Chris Saia <csaia@wtower.com> |
00e6dd70 | 1906 | - OpenBSD CVS updates: |
1907 | - [packet.h auth-rhosts.c] | |
1908 | check format string for packet_disconnect and packet_send_debug, too | |
1909 | - [channels.c] | |
1910 | use packet_get_maxsize for channels. consistence. | |
d2dcff5f | 1911 | |
f74efc8d | 1912 | 19991226 |
1913 | - Enabled utmpx support by default for Solaris | |
1914 | - Cleanup sshd.c PAM a little more | |
bc7ea646 | 1915 | - Revised RPM package to include Jim Knoble's <jmknoble@pobox.com> |
1916 | X11 ssh-askpass program. | |
20c43d8c | 1917 | - Disable logging of PAM success and failures, PAM is verbose enough. |
bcbf86ec | 1918 | Unfortunatly there is currently no way to disable auth failure |
1919 | messages. Mention this in UPGRADING file and sent message to PAM | |
20c43d8c | 1920 | developers |
83b7f649 | 1921 | - OpenBSD CVS update: |
1922 | - [ssh-keygen.1 ssh.1] | |
bcbf86ec | 1923 | remove ref to .ssh/random_seed, mention .ssh/environment in |
83b7f649 | 1924 | .Sh FILES, too |
72251cb6 | 1925 | - Released 1.2.1pre21 |
bcbf86ec | 1926 | - Fixed implicit '.' in default path, report from Jim Knoble |
72251cb6 | 1927 | <jmknoble@pobox.com> |
30a39691 | 1928 | - Redhat RPM spec fixes from Jim Knoble <jmknoble@pobox.com> |
f74efc8d | 1929 | |
f498ed15 | 1930 | 19991225 |
1931 | - More fixes from Andre Lucas <andre.lucas@dial.pipex.com> | |
1932 | - Cleanup of auth-passwd.c for shadow and MD5 passwords | |
1933 | - Cleanup and bugfix of PAM authentication code | |
f74efc8d | 1934 | - Released 1.2.1pre20 |
1935 | ||
1936 | - Merged fixes from Ben Taylor <bent@clark.net> | |
1937 | - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> | |
1938 | - Disabled logging of PAM password authentication failures when password | |
1939 | is empty. (e.g start of authentication loop). Reported by Naz | |
1940 | <96na@eng.cam.ac.uk>) | |
f498ed15 | 1941 | |
1942 | 19991223 | |
bcbf86ec | 1943 | - Merged later HPUX patch from Andre Lucas |
f498ed15 | 1944 | <andre.lucas@dial.pipex.com> |
1945 | - Above patch included better utmpx support from Ben Taylor | |
f74efc8d | 1946 | <bent@clark.net> |
f498ed15 | 1947 | |
eef6f7e9 | 1948 | 19991222 |
bcbf86ec | 1949 | - Fix undefined fd_set type in ssh.h from Povl H. Pedersen |
eef6f7e9 | 1950 | <pope@netguide.dk> |
ae28776a | 1951 | - Fix login.c breakage on systems which lack ut_host in struct |
1952 | utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com> | |
eef6f7e9 | 1953 | |
a7effaac | 1954 | 19991221 |
bcbf86ec | 1955 | - Integration of large HPUX patch from Andre Lucas |
1956 | <andre.lucas@dial.pipex.com>. Integrating it had a few other | |
a7effaac | 1957 | benefits: |
1958 | - Ability to disable shadow passwords at configure time | |
1959 | - Ability to disable lastlog support at configure time | |
1960 | - Support for IP address in $DISPLAY | |
ae2f7af7 | 1961 | - OpenBSD CVS update: |
1962 | - [sshconnect.c] | |
1963 | say "REMOTE HOST IDENTIFICATION HAS CHANGED" | |
59dd7a31 | 1964 | - Fix DISABLE_SHADOW support |
1965 | - Allow MD5 passwords even if shadow passwords are disabled | |
16034de9 | 1966 | - Release 1.2.1pre19 |
a7effaac | 1967 | |
3f1d9bcd | 1968 | 19991218 |
bcbf86ec | 1969 | - Redhat init script patch from Chun-Chung Chen |
3f1d9bcd | 1970 | <cjj@u.washington.edu> |
7e1c2490 | 1971 | - Avoid breakage on systems without IPv6 headers |
3f1d9bcd | 1972 | |
60d804c8 | 1973 | 19991216 |
bcbf86ec | 1974 | - Makefile changes for Solaris from Peter Kocks |
60d804c8 | 1975 | <peter.kocks@baygate.com> |
89cafde6 | 1976 | - Minor updates to docs |
1977 | - Merged OpenBSD CVS changes: | |
1978 | - [authfd.c ssh-agent.c] | |
1979 | keysize warnings talk about identity files | |
1980 | - [packet.c] | |
1981 | "Connection closed by x.x.x.x": fatal() -> log() | |
bcbf86ec | 1982 | - Correctly handle empty passwords in shadow file. Patch from: |
c9d323f0 | 1983 | "Chris, the Young One" <cky@pobox.com> |
1984 | - Released 1.2.1pre18 | |
60d804c8 | 1985 | |
7dc6fc6d | 1986 | 19991215 |
1987 | - Integrated patchs from Juergen Keil <jk@tools.de> | |
1988 | - Avoid void* pointer arithmatic | |
1989 | - Use LDFLAGS correctly | |
68227e6d | 1990 | - Fix SIGIO error in scp |
1991 | - Simplify status line printing in scp | |
bcbf86ec | 1992 | - Added better test for inline functions compiler support from |
906a2515 | 1993 | Darren_Hall@progressive.com |
7dc6fc6d | 1994 | |
95f1eccc | 1995 | 19991214 |
1996 | - OpenBSD CVS Changes | |
1997 | - [canohost.c] | |
bcbf86ec | 1998 | fix get_remote_port() and friends for sshd -i; |
95f1eccc | 1999 | Holger.Trapp@Informatik.TU-Chemnitz.DE |
2000 | - [mpaux.c] | |
2001 | make code simpler. no need for memcpy. niels@ ok | |
2002 | - [pty.c] | |
2003 | namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org | |
2004 | fix proto; markus | |
2005 | - [ssh.1] | |
2006 | typo; mark.baushke@solipsa.com | |
2007 | - [channels.c ssh.c ssh.h sshd.c] | |
2008 | type conflict for 'extern Type *options' in channels.c; dot@dotat.at | |
2009 | - [sshconnect.c] | |
2010 | move checking of hostkey into own function. | |
2011 | - [version.h] | |
2012 | OpenSSH-1.2.1 | |
884bcb37 | 2013 | - Clean up broken includes in pty.c |
7303768f | 2014 | - Some older systems don't have poll.h, they use sys/poll.h instead |
2015 | - Doc updates | |
95f1eccc | 2016 | |
847e8865 | 2017 | 19991211 |
bcbf86ec | 2018 | - Fix compilation on systems with AFS. Reported by |
847e8865 | 2019 | aloomis@glue.umd.edu |
bcbf86ec | 2020 | - Fix installation on Solaris. Reported by |
847e8865 | 2021 | Gordon Rowell <gordonr@gormand.com.au> |
2022 | - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com, | |
2023 | patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
2024 | - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com> | |
2025 | - Compile fix from David Agraz <dagraz@jahoopa.com> | |
2026 | - Avoid compiler warning in bsd-snprintf.c | |
bcbf86ec | 2027 | - Added pam_limits.so to default PAM config. Suggested by |
847e8865 | 2028 | Jim Knoble <jmknoble@pobox.com> |
2029 | ||
8946db53 | 2030 | 19991209 |
2031 | - Import of patch from Ben Taylor <bent@clark.net>: | |
2032 | - Improved PAM support | |
2033 | - "uninstall" rule for Makefile | |
2034 | - utmpx support | |
2035 | - Should fix PAM problems on Solaris | |
2d86a6cc | 2036 | - OpenBSD CVS updates: |
2037 | - [readpass.c] | |
2038 | avoid stdio; based on work by markus, millert, and I | |
2039 | - [sshd.c] | |
2040 | make sure the client selects a supported cipher | |
2041 | - [sshd.c] | |
bcbf86ec | 2042 | fix sighup handling. accept would just restart and daemon handled |
2043 | sighup only after the next connection was accepted. use poll on | |
2d86a6cc | 2044 | listen sock now. |
2045 | - [sshd.c] | |
2046 | make that a fatal | |
87e91331 | 2047 | - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us> |
2048 | to fix libwrap support on NetBSD | |
5001b9e4 | 2049 | - Released 1.2pre17 |
8946db53 | 2050 | |
6d8c4ea4 | 2051 | 19991208 |
bcbf86ec | 2052 | - Compile fix for Solaris with /dev/ptmx from |
6d8c4ea4 | 2053 | David Agraz <dagraz@jahoopa.com> |
2054 | ||
4285816a | 2055 | 19991207 |
2056 | - sshd Redhat init script patch from Jim Knoble <jmknoble@pobox.com> | |
2057 | fixes compatability with 4.x and 5.x | |
db28aeb5 | 2058 | - Fixed default SSH_ASKPASS |
bcbf86ec | 2059 | - Fix PAM account and session being called multiple times. Problem |
d465f2ca | 2060 | reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk> |
a408af76 | 2061 | - Merged more OpenBSD changes: |
2062 | - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c] | |
bcbf86ec | 2063 | move atomicio into it's own file. wrap all socket write()s which |
a408af76 | 2064 | were doing write(sock, buf, len) != len, with atomicio() calls. |
2065 | - [auth-skey.c] | |
2066 | fd leak | |
2067 | - [authfile.c] | |
2068 | properly name fd variable | |
2069 | - [channels.c] | |
2070 | display great hatred towards strcpy | |
2071 | - [pty.c pty.h sshd.c] | |
2072 | use openpty() if it exists (it does on BSD4_4) | |
2073 | - [tildexpand.c] | |
2074 | check for ~ expansion past MAXPATHLEN | |
2075 | - Modified helper.c to use new atomicio function. | |
2076 | - Reformat Makefile a little | |
2077 | - Moved RC4 routines from rc4.[ch] into helper.c | |
2078 | - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX) | |
9983a8ca | 2079 | - Updated SuSE spec from Chris Saia <csaia@wtower.com> |
2080 | - Tweaked Redhat spec | |
9158d92f | 2081 | - Clean up bad imports of a few files (forgot -kb) |
2082 | - Released 1.2pre16 | |
4285816a | 2083 | |
9c7b6dfd | 2084 | 19991204 |
2085 | - Small cleanup of PAM code in sshd.c | |
57112b5a | 2086 | - Merged OpenBSD CVS changes: |
2087 | - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h] | |
2088 | move skey-auth from auth-passwd.c to auth-skey.c, same for krb4 | |
2089 | - [auth-rsa.c] | |
2090 | warn only about mismatch if key is _used_ | |
2091 | warn about keysize-mismatch with log() not error() | |
2092 | channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c | |
2093 | ports are u_short | |
2094 | - [hostfile.c] | |
2095 | indent, shorter warning | |
2096 | - [nchan.c] | |
2097 | use error() for internal errors | |
2098 | - [packet.c] | |
2099 | set loglevel for SSH_MSG_DISCONNECT to log(), not fatal() | |
2100 | serverloop.c | |
2101 | indent | |
2102 | - [ssh-add.1 ssh-add.c ssh.h] | |
2103 | document $SSH_ASKPASS, reasonable default | |
2104 | - [ssh.1] | |
2105 | CheckHostIP is not available for connects via proxy command | |
2106 | - [sshconnect.c] | |
2107 | typo | |
2108 | easier to read client code for passwd and skey auth | |
2109 | turn of checkhostip for proxy connects, since we don't know the remote ip | |
9c7b6dfd | 2110 | |
dad3b556 | 2111 | 19991126 |
2112 | - Add definition for __P() | |
2113 | - Added [v]snprintf() replacement for systems that lack it | |
2114 | ||
0ce43ae4 | 2115 | 19991125 |
2116 | - More reformatting merged from OpenBSD CVS | |
2117 | - Merged OpenBSD CVS changes: | |
2118 | - [channels.c] | |
2119 | fix packet_integrity_check() for !have_hostname_in_open. | |
2120 | report from mrwizard@psu.edu via djm@ibs.com.au | |
2121 | - [channels.c] | |
2122 | set SO_REUSEADDR and SO_LINGER for forwarded ports. | |
2123 | chip@valinux.com via damien@ibs.com.au | |
2124 | - [nchan.c] | |
2125 | it's not an error() if shutdown_write failes in nchan. | |
2126 | - [readconf.c] | |
2127 | remove dead #ifdef-0-code | |
2128 | - [readconf.c servconf.c] | |
2129 | strcasecmp instead of tolower | |
2130 | - [scp.c] | |
2131 | progress meter overflow fix from damien@ibs.com.au | |
2132 | - [ssh-add.1 ssh-add.c] | |
2133 | SSH_ASKPASS support | |
2134 | - [ssh.1 ssh.c] | |
2135 | postpone fork_after_authentication until command execution, | |
2136 | request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au | |
2137 | plus: use daemon() for backgrounding | |
cf8dd513 | 2138 | - Added BSD compatible install program and autoconf test, thanks to |
2139 | Niels Kristian Bech Jensen <nkbj@image.dk> | |
2140 | - Solaris fixing, thanks to Ben Taylor <bent@clark.net> | |
09041313 | 2141 | - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com> |
3dbefdb8 | 2142 | - Release 1.2pre15 |
0ce43ae4 | 2143 | |
5260325f | 2144 | 19991124 |
2145 | - Merged very large OpenBSD source code reformat | |
2146 | - OpenBSD CVS updates | |
2147 | - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] | |
2148 | [ssh.h sshd.8 sshd.c] | |
2149 | syslog changes: | |
2150 | * Unified Logmessage for all auth-types, for success and for failed | |
2151 | * Standard connections get only ONE line in the LOG when level==LOG: | |
2152 | Auth-attempts are logged only, if authentication is: | |
2153 | a) successfull or | |
2154 | b) with passwd or | |
2155 | c) we had more than AUTH_FAIL_LOG failues | |
2156 | * many log() became verbose() | |
2157 | * old behaviour with level=VERBOSE | |
2158 | - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] | |
2159 | tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE | |
2160 | messages. allows use of s/key in windows (ttssh, securecrt) and | |
2161 | ssh-1.2.27 clients without 'ssh -v', ok: niels@ | |
2162 | - [sshd.8] | |
2163 | -V, for fallback to openssh in SSH2 compatibility mode | |
2164 | - [sshd.c] | |
2165 | fix sigchld race; cjc5@po.cwru.edu | |
2166 | ||
4655fe80 | 2167 | 19991123 |
2168 | - Added SuSE package files from Chris Saia <csaia@wtower.com> | |
8b241e50 | 2169 | - Restructured package-related files under packages/* |
4655fe80 | 2170 | - Added generic PAM config |
8b241e50 | 2171 | - Numerous little Solaris fixes |
9c08d6ce | 2172 | - Add recommendation to use GNU make to INSTALL document |
4655fe80 | 2173 | |
60bed5fd | 2174 | 19991122 |
2175 | - Make <enter> close gnome-ssh-askpass (Debian bug #50299) | |
2f2cc3f9 | 2176 | - OpenBSD CVS Changes |
bcbf86ec | 2177 | - [ssh-keygen.c] |
2178 | don't create ~/.ssh only if the user wants to store the private | |
2179 | key there. show fingerprint instead of public-key after | |
2f2cc3f9 | 2180 | keygeneration. ok niels@ |
b09a984b | 2181 | - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h |
96ad4350 | 2182 | - Added timersub() macro |
b09a984b | 2183 | - Tidy RCSIDs of bsd-*.c |
bcbf86ec | 2184 | - Added autoconf test and macro to deal with old PAM libraries |
96ad4350 | 2185 | pam_strerror definition (one arg vs two). |
530f1889 | 2186 | - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>) |
bcbf86ec | 2187 | - Retry /dev/urandom reads interrupted by signal (report from |
530f1889 | 2188 | Robert Hardy <rhardy@webcon.net>) |
1647c2b5 | 2189 | - Added a setenv replacement for systems which lack it |
d84a9a44 | 2190 | - Only display public key comment when presenting ssh-askpass dialog |
2191 | - Released 1.2pre14 | |
60bed5fd | 2192 | |
bcbf86ec | 2193 | - Configure, Make and changelog corrections from Tudor Bosman |
2ddcfdf3 | 2194 | <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk> |
2195 | ||
9d6b7add | 2196 | 19991121 |
2f2cc3f9 | 2197 | - OpenBSD CVS Changes: |
60bed5fd | 2198 | - [channels.c] |
2199 | make this compile, bad markus | |
2200 | - [log.c readconf.c servconf.c ssh.h] | |
2201 | bugfix: loglevels are per host in clientconfig, | |
2202 | factor out common log-level parsing code. | |
2203 | - [servconf.c] | |
2204 | remove unused index (-Wall) | |
2205 | - [ssh-agent.c] | |
2206 | only one 'extern char *__progname' | |
2207 | - [sshd.8] | |
2208 | document SIGHUP, -Q to synopsis | |
2209 | - [sshconnect.c serverloop.c sshd.c packet.c packet.h] | |
2210 | [channels.c clientloop.c] | |
2211 | SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ | |
2212 | [hope this time my ISP stays alive during commit] | |
2213 | - [OVERVIEW README] typos; green@freebsd | |
2214 | - [ssh-keygen.c] | |
2215 | replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me) | |
2216 | exit if writing the key fails (no infinit loop) | |
2217 | print usage() everytime we get bad options | |
2218 | - [ssh-keygen.c] overflow, djm@mindrot.org | |
2219 | - [sshd.c] fix sigchld race; cjc5@po.cwru.edu | |
bcbf86ec | 2220 | |
2b942fe0 | 2221 | 19991120 |
bcbf86ec | 2222 | - Merged more Solaris support from Marc G. Fournier |
2b942fe0 | 2223 | <marc.fournier@acadiau.ca> |
2224 | - Wrote autoconf tests for integer bit-types | |
2225 | - Fixed enabling kerberos support | |
bcbf86ec | 2226 | - Fix segfault in ssh-keygen caused by buffer overrun in filename |
13c36c4c | 2227 | handling. |
2b942fe0 | 2228 | |
06479889 | 2229 | 19991119 |
2230 | - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com> | |
2ad77510 | 2231 | - Merged OpenBSD CVS changes |
2232 | - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] | |
2233 | more %d vs. %s in fmt-strings | |
2234 | - [authfd.c] | |
2235 | Integers should not be printed with %s | |
7b1cc56c | 2236 | - EGD uses a socket, not a named pipe. Duh. |
2237 | - Fix includes in fingerprint.c | |
29dbde15 | 2238 | - Fix scp progress bar bug again. |
bcbf86ec | 2239 | - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of |
736890c4 | 2240 | David Rankin <drankin@bohemians.lexington.ky.us> |
91b8065d | 2241 | - Added autoconf option to enable Kerberos 4 support (untested) |
2242 | - Added autoconf option to enable AFS support (untested) | |
2243 | - Added autoconf option to enable S/Key support (untested) | |
2244 | - Added autoconf option to enable TCP wrappers support (compiles OK) | |
beb43d31 | 2245 | - Renamed BSD helper function files to bsd-* |
bcbf86ec | 2246 | - Added tests for login and daemon and enable OpenBSD replacements for |
caf3bc51 | 2247 | when they are absent. |
2248 | - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu> | |
06479889 | 2249 | |
2bd61362 | 2250 | 19991118 |
2251 | - Merged OpenBSD CVS changes | |
2252 | - [scp.c] foregroundproc() in scp | |
2253 | - [sshconnect.h] include fingerprint.h | |
bcbf86ec | 2254 | - [sshd.c] bugfix: the log() for passwd-auth escaped during logging |
2bd61362 | 2255 | changes. |
0c16a097 | 2256 | - [ssh.1] Spell my name right. |
2bd61362 | 2257 | - Added openssh.com info to README |
2258 | ||
f095fcc7 | 2259 | 19991117 |
2260 | - Merged OpenBSD CVS changes | |
2261 | - [ChangeLog.Ylonen] noone needs this anymore | |
2262 | - [authfd.c] close-on-exec for auth-socket, ok deraadt | |
bcbf86ec | 2263 | - [hostfile.c] |
2264 | in known_hosts key lookup the entry for the bits does not need | |
2265 | to match, all the information is contained in n and e. This | |
2266 | solves the problem with buggy servers announcing the wrong | |
f095fcc7 | 2267 | modulus length. markus and me. |
bcbf86ec | 2268 | - [serverloop.c] |
2269 | bugfix: check for space if child has terminated, from: | |
f095fcc7 | 2270 | iedowse@maths.tcd.ie |
2271 | - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] | |
2272 | [fingerprint.c fingerprint.h] | |
2273 | rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se> | |
2274 | - [ssh-agent.1] typo | |
2275 | - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ | |
bcbf86ec | 2276 | - [sshd.c] |
f095fcc7 | 2277 | force logging to stderr while loading private key file |
2278 | (lost while converting to new log-levels) | |
2279 | ||
4d195447 | 2280 | 19991116 |
2281 | - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> | |
2282 | - Merged OpenBSD CVS changes: | |
2283 | - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] | |
2284 | [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] | |
2285 | the keysize of rsa-parameter 'n' is passed implizit, | |
2286 | a few more checks and warnings about 'pretended' keysizes. | |
2287 | - [cipher.c cipher.h packet.c packet.h sshd.c] | |
2288 | remove support for cipher RC4 | |
2289 | - [ssh.c] | |
2290 | a note for legay systems about secuity issues with permanently_set_uid(), | |
2291 | the private hostkey and ptrace() | |
2292 | - [sshconnect.c] | |
2293 | more detailed messages about adding and checking hostkeys | |
2294 | ||
dad9a31e | 2295 | 19991115 |
2296 | - Merged OpenBSD CVS changes: | |
bcbf86ec | 2297 | - [ssh-add.c] change passphrase loop logic and remove ref to |
dad9a31e | 2298 | $DISPLAY, ok niels |
2299 | - Changed to ssh-add.c broke askpass support. Revised it to be a little more | |
bcbf86ec | 2300 | modular. |
dad9a31e | 2301 | - Revised autoconf support for enabling/disabling askpass support. |
e7c0f9d5 | 2302 | - Merged more OpenBSD CVS changes: |
704b1659 | 2303 | [auth-krb4.c] |
2304 | - disconnect if getpeername() fails | |
2305 | - missing xfree(*client) | |
2306 | [canohost.c] | |
2307 | - disconnect if getpeername() fails | |
2308 | - fix comment: we _do_ disconnect if ip-options are set | |
2309 | [sshd.c] | |
2310 | - disconnect if getpeername() fails | |
2311 | - move checking of remote port to central place | |
2312 | [auth-rhosts.c] move checking of remote port to central place | |
2313 | [log-server.c] avoid extra fd per sshd, from millert@ | |
2314 | [readconf.c] print _all_ bad config-options in ssh(1), too | |
2315 | [readconf.h] print _all_ bad config-options in ssh(1), too | |
2316 | [ssh.c] print _all_ bad config-options in ssh(1), too | |
2317 | [sshconnect.c] disconnect if getpeername() fails | |
e7c0f9d5 | 2318 | - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. |
c75a1a66 | 2319 | - Various small cleanups to bring diff (against OpenBSD) size down. |
f601d847 | 2320 | - Merged more Solaris compability from Marc G. Fournier |
2321 | <marc.fournier@acadiau.ca> | |
2322 | - Wrote autoconf tests for __progname symbol | |
8c119fd0 | 2323 | - RPM spec file fixes from Jim Knoble <jmknoble@pobox.com> |
0c372277 | 2324 | - Released 1.2pre12 |
2325 | ||
2326 | - Another OpenBSD CVS update: | |
2327 | - [ssh-keygen.1] fix .Xr | |
dad9a31e | 2328 | |
92da7197 | 2329 | 19991114 |
2330 | - Solaris compilation fixes (still imcomplete) | |
2331 | ||
94f7bb9e | 2332 | 19991113 |
dd092f97 | 2333 | - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk> |
2334 | - Don't install config files if they already exist | |
2335 | - Fix inclusion of additional preprocessor directives from acconfig.h | |
94f7bb9e | 2336 | - Removed redundant inclusions of config.h |
e9c75a39 | 2337 | - Added 'Obsoletes' lines to RPM spec file |
94f7bb9e | 2338 | - Merged OpenBSD CVS changes: |
2339 | - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels | |
bcbf86ec | 2340 | - [scp.c] fix overflow reported by damien@ibs.com.au: off_t |
94f7bb9e | 2341 | totalsize, ok niels,aaron |
bcbf86ec | 2342 | - Delay fork (-f option) in ssh until after port forwarded connections |
94f7bb9e | 2343 | have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi> |
b2344d54 | 2344 | - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de> |
2345 | - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled | |
dd092f97 | 2346 | - Tidied default config file some more |
2347 | - Revised Redhat initscript to fix bug: sshd (re)start would fail | |
2348 | if executed from inside a ssh login. | |
94f7bb9e | 2349 | |
e35c1dc2 | 2350 | 19991112 |
2351 | - Merged changes from OpenBSD CVS | |
2352 | - [sshd.c] session_key_int may be zero | |
b4748e2f | 2353 | - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] |
bcbf86ec | 2354 | IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok |
b4748e2f | 2355 | deraadt,millert |
2356 | - Brought default sshd_config more in line with OpenBSD's | |
547c9f30 | 2357 | - Grab server in gnome-ssh-askpass (Debian bug #49872) |
2358 | - Released 1.2pre10 | |
e35c1dc2 | 2359 | |
8bc7973f | 2360 | - Added INSTALL documentation |
6fa724bc | 2361 | - Merged yet more changes from OpenBSD CVS |
2362 | - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] | |
2363 | [ssh.c ssh.h sshconnect.c sshd.c] | |
2364 | make all access to options via 'extern Options options' | |
2365 | and 'extern ServerOptions options' respectively; | |
2366 | options are no longer passed as arguments: | |
2367 | * make options handling more consistent | |
2368 | * remove #include "readconf.h" from ssh.h | |
2369 | * readconf.h is only included if necessary | |
2370 | - [mpaux.c] clear temp buffer | |
2371 | - [servconf.c] print _all_ bad options found in configfile | |
045672f9 | 2372 | - Make ssh-askpass support optional through autoconf |
59b0f0d4 | 2373 | - Fix nasty division-by-zero error in scp.c |
2374 | - Released 1.2pre11 | |
8bc7973f | 2375 | |
4cca272e | 2376 | 19991111 |
2377 | - Added (untested) Entropy Gathering Daemon (EGD) support | |
67d68e3a | 2378 | - Fixed /dev/urandom fd leak (Debian bug #49722) |
5bbb5681 | 2379 | - Merged OpenBSD CVS changes: |
2380 | - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
2381 | - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
2382 | - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
bcbf86ec | 2383 | - Fix integer overflow which was messing up scp's progress bar for large |
3f1d9bcd | 2384 | file transfers. Fix submitted to OpenBSD developers. Report and fix |
2385 | from Kees Cook <cook@cpoint.net> | |
6a17f9c2 | 2386 | - Merged more OpenBSD CVS changes: |
bcbf86ec | 2387 | - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() |
6a17f9c2 | 2388 | + krb-cleanup cleanup |
2389 | - [clientloop.c log-client.c log-server.c ] | |
2390 | [readconf.c readconf.h servconf.c servconf.h ] | |
2391 | [ssh.1 ssh.c ssh.h sshd.8] | |
2392 | add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, | |
2393 | obsoletes QuietMode and FascistLogging in sshd. | |
e35c1dc2 | 2394 | - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: |
2395 | allow session_key_int != sizeof(session_key) | |
2396 | [this should fix the pre-assert-removal-core-files] | |
2397 | - Updated default config file to use new LogLevel option and to improve | |
2398 | readability | |
2399 | ||
f370266e | 2400 | 19991110 |
67d68e3a | 2401 | - Merged several minor fixes: |
f370266e | 2402 | - ssh-agent commandline parsing |
2403 | - RPM spec file now installs ssh setuid root | |
2404 | - Makefile creates libdir | |
4cca272e | 2405 | - Merged beginnings of Solaris compability from Marc G. Fournier |
2406 | <marc.fournier@acadiau.ca> | |
f370266e | 2407 | |
d4f11b59 | 2408 | 19991109 |
2409 | - Autodetection of SSL/Crypto library location via autoconf | |
2410 | - Fixed location of ssh-askpass to follow autoconf | |
2411 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
2412 | - Autodetection of RSAref library for US users | |
2413 | - Minor doc updates | |
560557bb | 2414 | - Merged OpenBSD CVS changes: |
2415 | - [rsa.c] bugfix: use correct size for memset() | |
2416 | - [sshconnect.c] warn if announced size of modulus 'n' != real size | |
f025becb | 2417 | - Added GNOME passphrase requestor (use --with-gnome-askpass) |
d397b172 | 2418 | - RPM build now creates subpackages |
aa51e7cc | 2419 | - Released 1.2pre9 |
d4f11b59 | 2420 | |
e1a9c08d | 2421 | 19991108 |
2422 | - Removed debian/ directory. This is now being maintained separately. | |
2423 | - Added symlinks for slogin in RPM spec file | |
2424 | - Fixed permissions on manpages in RPM spec file | |
2425 | - Added references to required libraries in README file | |
2426 | - Removed config.h.in from CVS | |
2427 | - Removed pwdb support (better pluggable auth is provided by glibc) | |
2428 | - Made PAM and requisite libdl optional | |
2429 | - Removed lots of unnecessary checks from autoconf | |
2430 | - Added support and autoconf test for openpty() function (Unix98 pty support) | |
2431 | - Fix for scp not finding ssh if not installed as /usr/bin/ssh | |
2432 | - Added TODO file | |
2433 | - Merged parts of Debian patch From Phil Hands <phil@hands.com>: | |
2434 | - Added ssh-askpass program | |
2435 | - Added ssh-askpass support to ssh-add.c | |
2436 | - Create symlinks for slogin on install | |
2437 | - Fix "distclean" target in makefile | |
2438 | - Added example for ssh-agent to manpage | |
2439 | - Added support for PAM_TEXT_INFO messages | |
2440 | - Disable internal /etc/nologin support if PAM enabled | |
2441 | - Merged latest OpenBSD CVS changes: | |
5bae4ab8 | 2442 | - [all] replace assert() with error, fatal or packet_disconnect |
e1a9c08d | 2443 | - [sshd.c] don't send fail-msg but disconnect if too many authentication |
2444 | failures | |
e1a9c08d | 2445 | - [sshd.c] remove unused argument. ok dugsong |
2446 | - [sshd.c] typo | |
2447 | - [rsa.c] clear buffers used for encryption. ok: niels | |
2448 | - [rsa.c] replace assert() with error, fatal or packet_disconnect | |
ade6fccd | 2449 | - [auth-krb4.c] remove unused argument. ok dugsong |
e1a9c08d | 2450 | - Fixed coredump after merge of OpenBSD rsa.c patch |
9010d60a | 2451 | - Released 1.2pre8 |
e1a9c08d | 2452 | |
3028328e | 2453 | 19991102 |
2454 | - Merged change from OpenBSD CVS | |
2455 | - One-line cleanup in sshd.c | |
2456 | ||
474832c5 | 2457 | 19991030 |
2458 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> | |
69256d9d | 2459 | - Merged latest updates for OpenBSD CVS: |
2460 | - channels.[ch] - remove broken x11 fix and document istate/ostate | |
2461 | - ssh-agent.c - call setsid() regardless of argv[] | |
2462 | - ssh.c - save a few lines when disabling rhosts-{rsa-}auth | |
2463 | - Documentation cleanups | |
2464 | - Renamed README -> README.Ylonen | |
2465 | - Renamed README.openssh ->README | |
474832c5 | 2466 | |
339660f6 | 2467 | 19991029 |
2468 | - Renamed openssh* back to ssh* at request of Theo de Raadt | |
2469 | - Incorporated latest changes from OpenBSD's CVS | |
2470 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
2471 | - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | |
549b3eed | 2472 | - Make distclean now removed configure script |
2473 | - Improved PAM logging | |
2474 | - Added some debug() calls for PAM | |
4ecd19ea | 2475 | - Removed redundant subdirectories |
bcbf86ec | 2476 | - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for |
4ecd19ea | 2477 | building on Debian. |
242588e6 | 2478 | - Fixed off-by-one error in PAM env patch |
2479 | - Released 1.2pre6 | |
339660f6 | 2480 | |
5881cd60 | 2481 | 19991028 |
2482 | - Further PAM enhancements. | |
2483 | - Much cleaner | |
2484 | - Now uses account and session modules for all logins. | |
2485 | - Integrated patch from Dan Brosemer <odin@linuxfreak.com> | |
2486 | - Build fixes | |
2487 | - Autoconf | |
2488 | - Change binary names to open* | |
2489 | - Fixed autoconf script to detect PAM on RH6.1 | |
2490 | - Added tests for libpwdb, and OpenBSD functions to autoconf | |
221395b3 | 2491 | - Released 1.2pre4 |
fca82d2e | 2492 | |
2493 | - Imported latest OpenBSD CVS code | |
2494 | - Updated README.openssh | |
93f04616 | 2495 | - Released 1.2pre5 |
fca82d2e | 2496 | |
5881cd60 | 2497 | 19991027 |
2498 | - Adapted PAM patch. | |
2499 | - Released 1.0pre2 | |
2500 | ||
2501 | - Excised my buggy replacements for strlcpy and mkdtemp | |
2502 | - Imported correct OpenBSD strlcpy and mkdtemp routines. | |
2503 | - Reduced arc4random_stir entropy read to 32 bytes (256 bits) | |
2504 | - Picked up correct version number from OpenBSD | |
2505 | - Added sshd.pam PAM configuration file | |
2506 | - Added sshd.init Redhat init script | |
2507 | - Added openssh.spec RPM spec file | |
2508 | - Released 1.2pre3 | |
2509 | ||
2510 | 19991026 | |
2511 | - Fixed include paths of OpenSSL functions | |
2512 | - Use OpenSSL MD5 routines | |
2513 | - Imported RC4 code from nanocrypt | |
2514 | - Wrote replacements for OpenBSD arc4random* functions | |
2515 | - Wrote replacements for strlcpy and mkdtemp | |
2516 | - Released 1.0pre1 |