]>
Commit | Line | Data |
---|---|---|
227e8e86 | 1 | 20001215 |
2 | - (stevesk) OpenBSD CVS updates: | |
3 | - markus@cvs.openbsd.org 2000/12/13 16:26:53 | |
4 | [ssh-keyscan.c] | |
5 | fatal already adds \n; from stevesk@pobox.com | |
6 | - markus@cvs.openbsd.org 2000/12/13 16:25:44 | |
7 | [ssh-agent.c] | |
8 | remove redundant spaces; from stevesk@pobox.com | |
9 | - ho@cvs.openbsd.org 2000/12/12 15:50:21 | |
10 | [pty.c] | |
11 | When failing to set tty owner and mode on a read-only filesystem, don't | |
12 | abort if the tty already has correct owner and reasonably sane modes. | |
13 | Example; permit 'root' to login to a firewall with read-only root fs. | |
14 | (markus@ ok) | |
15 | - deraadt@cvs.openbsd.org 2000/12/13 06:36:05 | |
16 | [pty.c] | |
17 | KNF | |
6ffc9c88 | 18 | - markus@cvs.openbsd.org 2000/12/12 14:45:21 |
19 | [sshd.c] | |
20 | source port < 1024 is no longer required for rhosts-rsa since it | |
21 | adds no additional security. | |
22 | - markus@cvs.openbsd.org 2000/12/12 16:11:49 | |
23 | [ssh.1 ssh.c] | |
24 | rhosts-rsa is no longer automagically disabled if ssh is not privileged. | |
25 | UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers. | |
26 | these changes should not change the visible default behaviour of the ssh client. | |
71c0d06a | 27 | - deraadt@cvs.openbsd.org 2000/12/11 10:27:33 |
28 | [scp.c] | |
29 | when copying 0-sized files, do not re-print ETA time at completion | |
227e8e86 | 30 | |
6c935fbd | 31 | 20001213 |
32 | - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report | |
33 | from Andreas M. Kirchwitz <amk@krell.zikzak.de> | |
227e8e86 | 34 | - (stevesk) OpenBSD CVS update: |
1fe6a48f | 35 | - markus@cvs.openbsd.org 2000/12/12 15:30:02 |
36 | [ssh-keyscan.c ssh.c sshd.c] | |
37 | consistently use __progname; from stevesk@pobox.com | |
6c935fbd | 38 | |
367d1840 | 39 | 20001211 |
40 | - (bal) Applied patch to include ssh-keyscan into Redhat's package, and | |
41 | patch to install ssh-keyscan manpage. Patch by Pekka Savola | |
42 | <pekka@netcore.fi> | |
e3a70753 | 43 | - (bal) OpenbSD CVS update |
44 | - markus@cvs.openbsd.org 2000/12/10 17:01:53 | |
45 | [sshconnect1.c] | |
46 | always request new challenge for skey/tis-auth, fixes interop with | |
47 | other implementations; report from roth@feep.net | |
367d1840 | 48 | |
6b523bae | 49 | 20001210 |
50 | - (bal) OpenBSD CVS updates | |
51 | - markus@cvs.openbsd.org 2000/12/09 13:41:51 | |
52 | [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] | |
53 | undo rijndael changes | |
54 | - markus@cvs.openbsd.org 2000/12/09 13:48:31 | |
55 | [rijndael.c] | |
56 | fix byte order bug w/o introducing new implementation | |
57 | - markus@cvs.openbsd.org 2000/12/09 14:08:27 | |
58 | [sftp-server.c] | |
59 | "" -> "." for realpath; from vinschen@redhat.com | |
60 | - markus@cvs.openbsd.org 2000/12/09 14:06:54 | |
61 | [ssh-agent.c] | |
62 | extern int optind; from stevesk@sweden.hp.com | |
13af0aa2 | 63 | - provos@cvs.openbsd.org 2000/12/09 23:51:11 |
64 | [compat.c] | |
65 | remove unnecessary '\n' | |
6b523bae | 66 | |
ce9c0b75 | 67 | 20001209 |
6b523bae | 68 | - (bal) OpenBSD CVS updates: |
ce9c0b75 | 69 | - djm@cvs.openbsd.org 2000/12/07 4:24:59 |
70 | [ssh.1] | |
71 | Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo | |
72 | ||
f72fc97f | 73 | 20001207 |
6b523bae | 74 | - (bal) OpenBSD CVS updates: |
f72fc97f | 75 | - markus@cvs.openbsd.org 2000/12/06 22:58:14 |
76 | [compat.c compat.h packet.c] | |
77 | disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0 | |
dfe89252 | 78 | - markus@cvs.openbsd.org 2000/12/06 23:10:39 |
79 | [rijndael.c] | |
80 | unexpand(1) | |
81 | - markus@cvs.openbsd.org 2000/12/06 23:05:43 | |
82 | [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h] | |
83 | new rijndael implementation. fixes endian bugs | |
f72fc97f | 84 | |
97fb6912 | 85 | 20001206 |
6b523bae | 86 | - (bal) OpenBSD CVS updates: |
97fb6912 | 87 | - markus@cvs.openbsd.org 2000/12/05 20:34:09 |
88 | [channels.c channels.h clientloop.c serverloop.c] | |
89 | async connects for -R/-L; ok deraadt@ | |
90 | - todd@cvs.openssh.org 2000/12/05 16:47:28 | |
91 | [sshd.c] | |
92 | tweak comment to reflect real location of pid file; ok provos@ | |
bf5f69f7 | 93 | - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't |
94 | have it (used in ssh-keyscan). | |
227e8e86 | 95 | - (stevesk) OpenBSD CVS update: |
f20255cb | 96 | - markus@cvs.openbsd.org 2000/12/06 19:57:48 |
97 | [ssh-keyscan.c] | |
98 | err(3) -> internal error(), from stevesk@sweden.hp.com | |
97fb6912 | 99 | |
f6fdbddf | 100 | 20001205 |
6b523bae | 101 | - (bal) OpenBSD CVS updates: |
f6fdbddf | 102 | - markus@cvs.openbsd.org 2000/12/04 19:24:02 |
103 | [ssh-keyscan.c ssh-keyscan.1] | |
104 | David Maziere's ssh-keyscan, ok niels@ | |
105 | - (bal) Updated Makefile.in to include ssh-keyscan that was just added | |
106 | to the recent OpenBSD source tree. | |
835d2104 | 107 | - (stevesk) fix typos in contrib/hpux/README |
f6fdbddf | 108 | |
cbc5abf9 | 109 | 20001204 |
110 | - (bal) More C functions defined in NeXT that are unaccessable without | |
f6fdbddf | 111 | defining -POSIX. |
cbc5abf9 | 112 | - (bal) OpenBSD CVS updates: |
113 | - markus@cvs.openbsd.org 2000/12/03 11:29:04 | |
114 | [compat.c] | |
115 | remove fallback to SSH_BUG_HMAC now that the drafts are updated | |
116 | - markus@cvs.openbsd.org 2000/12/03 11:27:55 | |
117 | [compat.c] | |
97fb6912 | 118 | correctly match "2.1.0.pl2 SSH" etc; from |
119 | pekkas@netcore.fi/bugzilla.redhat | |
cbc5abf9 | 120 | - markus@cvs.openbsd.org 2000/12/03 11:15:03 |
121 | [auth2.c compat.c compat.h sshconnect2.c] | |
122 | support f-secure/ssh.com 2.0.12; ok niels@ | |
123 | ||
0b6fbf03 | 124 | 20001203 |
cbc5abf9 | 125 | - (bal) OpenBSD CVS updates: |
0b6fbf03 | 126 | - markus@cvs.openbsd.org 2000/11/30 22:54:31 |
127 | [channels.c] | |
128 | debug->warn if tried to do -R style fwd w/o client requesting this; | |
129 | ok neils@ | |
130 | - markus@cvs.openbsd.org 2000/11/29 20:39:17 | |
131 | [cipher.c] | |
132 | des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV | |
133 | - markus@cvs.openbsd.org 2000/11/30 18:33:05 | |
134 | [ssh-agent.c] | |
135 | agents must not dump core, ok niels@ | |
136 | - markus@cvs.openbsd.org 2000/11/30 07:04:02 | |
137 | [ssh.1] | |
138 | T is for both protocols | |
139 | - markus@cvs.openbsd.org 2000/12/01 00:00:51 | |
140 | [ssh.1] | |
141 | typo; from green@FreeBSD.org | |
142 | - markus@cvs.openbsd.org 2000/11/30 07:02:35 | |
143 | [ssh.c] | |
144 | check -T before isatty() | |
145 | - provos@cvs.openbsd.org 2000/11/29 13:51:27 | |
146 | [sshconnect.c] | |
147 | show IP address and hostname when new key is encountered. okay markus@ | |
148 | - markus@cvs.openbsd.org 2000/11/30 22:53:35 | |
149 | [sshconnect.c] | |
150 | disable agent/x11/port fwding if hostkey has changed; ok niels@ | |
151 | - marksu@cvs.openbsd.org 2000/11/29 21:11:59 | |
152 | [sshd.c] | |
153 | sshd -D, startup w/o deamon(), for monitoring scripts or inittab; | |
154 | from handler@sub-rosa.com and eric@urbanrange.com; ok niels@ | |
8c9fe09e | 155 | - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable |
156 | PAM authentication using KbdInteractive. | |
157 | - (djm) Added another TODO | |
0b6fbf03 | 158 | |
90f4078a | 159 | 20001202 |
160 | - (bal) Backed out of part of Alain St-Denis' loginrec.c patch. | |
161 | - (bal) Irix need some sort of mansubdir, patch by Michael Stone | |
162 | <mstone@cs.loyola.edu> | |
163 | ||
dcef6523 | 164 | 20001129 |
7062c40f | 165 | - (djm) Back out all the serverloop.c hacks. sshd will now hang again |
166 | if there are background children with open fds. | |
c193d002 | 167 | - (djm) bsd-rresvport.c bzero -> memset |
168 | - (djm) Don't fail in defines.h on absence of 64 bit types (we will | |
169 | still fail during compilation of sftp-server). | |
170 | - (djm) Fail if ar is not found during configure | |
c523303b | 171 | - (djm) OpenBSD CVS updates: |
172 | - provos@cvs.openbsd.org 2000/11/22 08:38:31 | |
173 | [sshd.8] | |
174 | talk about /etc/primes, okay markus@ | |
175 | - markus@cvs.openbsd.org 2000/11/23 14:03:48 | |
176 | [ssh.c sshconnect1.c sshconnect2.c] | |
177 | complain about invalid ciphers for ssh1/ssh2, fall back to reasonable | |
178 | defaults | |
179 | - markus@cvs.openbsd.org 2000/11/25 09:42:53 | |
180 | [sshconnect1.c] | |
181 | reorder check for illegal ciphers, bugreport from espie@ | |
182 | - markus@cvs.openbsd.org 2000/11/25 10:19:34 | |
183 | [ssh-keygen.c ssh.h] | |
184 | print keytype when generating a key. | |
185 | reasonable defaults for RSA1/RSA/DSA keys. | |
b3ec54b4 | 186 | - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few |
187 | more manpage paths in fixpaths calls | |
188 | - (djm) Also add xauth path at Pekka's suggestion. | |
57ce3f00 | 189 | - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility |
dcef6523 | 190 | |
e879a080 | 191 | 20001125 |
192 | - (djm) Give up privs when reading seed file | |
193 | ||
d343d900 | 194 | 20001123 |
195 | - (bal) Merge OpenBSD changes: | |
196 | - markus@cvs.openbsd.org 2000/11/15 22:31:36 | |
197 | [auth-options.c] | |
198 | case insensitive key options; from stevesk@sweeden.hp.com | |
199 | - markus@cvs.openbsd.org 2000/11/16 17:55:43 | |
200 | [dh.c] | |
201 | do not use perror() in sshd, after child is forked() | |
202 | - markus@cvs.openbsd.org 2000/11/14 23:42:40 | |
203 | [auth-rsa.c] | |
204 | parse option only if key matches; fix some confusing seen by the client | |
205 | - markus@cvs.openbsd.org 2000/11/14 23:44:19 | |
206 | [session.c] | |
207 | check no_agent_forward_flag for ssh-2, too | |
208 | - markus@cvs.openbsd.org 2000/11/15 | |
209 | [ssh-agent.1] | |
210 | reorder SYNOPSIS; typo, use .It | |
211 | - markus@cvs.openbsd.org 2000/11/14 23:48:55 | |
212 | [ssh-agent.c] | |
213 | do not reorder keys if a key is removed | |
214 | - markus@cvs.openbsd.org 2000/11/15 19:58:08 | |
215 | [ssh.c] | |
216 | just ignore non existing user keys | |
217 | - millert@cvs.openbsd.org 200/11/15 20:24:43 | |
218 | [ssh-keygen.c] | |
219 | Add missing \n at end of error message. | |
220 | ||
0b49a754 | 221 | 20001122 |
222 | - (bal) Minor patch to ensure platforms lacking IRIX job limit supports | |
223 | are compilable. | |
224 | - (bal) Updated TODO as of 11/18/2000 with known things to resolve. | |
225 | ||
fab2e5d3 | 226 | 20001117 |
227 | - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It | |
228 | has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com> | |
835d2104 | 229 | - (stevesk) Reworked progname support. |
260d427b | 230 | - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by |
231 | Shinichi Maruyama <marya@st.jip.co.jp> | |
fab2e5d3 | 232 | |
c2207f11 | 233 | 20001116 |
234 | - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO | |
235 | releases. | |
236 | - (bal) Make builds work outside of source tree. Patch by Mark D. Roth | |
237 | <roth@feep.net> | |
238 | ||
3d398e04 | 239 | 20001113 |
240 | - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to | |
241 | contrib/README | |
fa08c86b | 242 | - (djm) Merge OpenBSD changes: |
243 | - markus@cvs.openbsd.org 2000/11/06 16:04:56 | |
244 | [channels.c channels.h clientloop.c nchan.c serverloop.c] | |
245 | [session.c ssh.c] | |
246 | agent forwarding and -R for ssh2, based on work from | |
247 | jhuuskon@messi.uku.fi | |
248 | - markus@cvs.openbsd.org 2000/11/06 16:13:27 | |
249 | [ssh.c sshconnect.c sshd.c] | |
250 | do not disabled rhosts(rsa) if server port > 1024; from | |
251 | pekkas@netcore.fi | |
252 | - markus@cvs.openbsd.org 2000/11/06 16:16:35 | |
253 | [sshconnect.c] | |
254 | downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net | |
255 | - markus@cvs.openbsd.org 2000/11/09 18:04:40 | |
256 | [auth1.c] | |
257 | typo; from mouring@pconline.com | |
258 | - markus@cvs.openbsd.org 2000/11/12 12:03:28 | |
259 | [ssh-agent.c] | |
260 | off-by-one when removing a key from the agent | |
261 | - markus@cvs.openbsd.org 2000/11/12 12:50:39 | |
262 | [auth-rh-rsa.c auth2.c authfd.c authfd.h] | |
263 | [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] | |
264 | [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] | |
265 | [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] | |
266 | [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] | |
267 | [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] | |
268 | add support for RSA to SSH2. please test. | |
269 | there are now 3 types of keys: RSA1 is used by ssh-1 only, | |
270 | RSA and DSA are used by SSH2. | |
271 | you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA | |
272 | keys for SSH2 and use the RSA keys for hostkeys or for user keys. | |
273 | SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. | |
274 | - (djm) Fix up Makefile and Redhat init script to create RSA host keys | |
f001465f | 275 | - (djm) Change to interim version |
5733a41a | 276 | - (djm) Fix RPM spec file stupidity |
6fff1ac4 | 277 | - (djm) fixpaths to DSA and RSA keys too |
3d398e04 | 278 | |
d287c664 | 279 | 20001112 |
280 | - (bal) SCO Patch to add needed libraries for configure.in. Patch by | |
281 | Phillips Porch <root@theporch.com> | |
3d398e04 | 282 | - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker |
283 | <dcp@sgi.com> | |
a3bf38d0 | 284 | - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to |
285 | failed ioctl(TIOCSCTTY) call. | |
d287c664 | 286 | |
3c4d4fef | 287 | 20001111 |
288 | - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and | |
289 | packaging files | |
35325fd4 | 290 | - (djm) Fix new Makefile.in warnings |
027bf205 | 291 | - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are |
292 | promoted to type int. Report and fix from Dan Astoorian | |
293 | <djast@cs.toronto.edu> | |
d287c664 | 294 | - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get |
e3291159 | 295 | it wrong. Report from Bennett Todd <bet@rahul.net> |
3c4d4fef | 296 | |
3e366738 | 297 | 20001110 |
298 | - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c | |
299 | - (bal) Changed from --with-skey to --with-skey=PATH in configure.in | |
300 | - (bal) Added in check to verify S/Key library is being detected in | |
301 | configure.in | |
302 | - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif. | |
303 | Patch by Mark Miller <markm@swoon.net> | |
304 | - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined | |
305 | to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net> | |
306 | - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs | |
307 | ||
373998a4 | 308 | 20001107 |
e506ee73 | 309 | - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by |
310 | Mark Miller <markm@swoon.net> | |
373998a4 | 311 | - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by |
312 | Jarno Huuskonen <jhuuskon@messi.uku.fi> | |
e506ee73 | 313 | - (bal) fixpaths fixed to stop it from quitely failing. Patch by |
314 | Mark D. Roth <roth@feep.net> | |
373998a4 | 315 | |
ac89998a | 316 | 20001106 |
317 | - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs | |
6c09e23c | 318 | - (djm) Manually fix up missed diff hunks (mainly RCS idents) |
d6846e6a | 319 | - (djm) Remove UPGRADING document in favour of a link to the better |
320 | maintained FAQ on www.openssh.com | |
73bd30fe | 321 | - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola |
322 | <pekkas@netcore.fi> | |
323 | - (djm) Don't need X11-askpass in RPM spec file if building without it | |
324 | from Pekka Savola <pekkas@netcore.fi> | |
c215ba3b | 325 | - (djm) Release 2.3.0p1 |
97b378bf | 326 | - (bal) typo in configure.in in regards to --with-ldflags from Marko |
327 | Asplund <aspa@kronodoc.fi> | |
328 | - (bal) fixed next-posix.h. Forgot prototype of getppid(). | |
68f189a9 | 329 | |
b850ecd9 | 330 | 20001105 |
331 | - (bal) Sync with OpenBSD: | |
332 | - markus@cvs.openbsd.org 2000/10/31 9:31:58 | |
333 | [compat.c] | |
334 | handle all old openssh versions | |
335 | - markus@cvs.openbsd.org 2000/10/31 13:1853 | |
336 | [deattack.c] | |
337 | so that large packets do not wrap "n"; from netbsd | |
338 | - (bal) rijndel.c - fix up RCSID to match OpenBSD tree | |
a30ce26d | 339 | - (bal) auth2-skey.c - Checked in. Missing from portable tree. |
340 | - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and | |
341 | setsid() into more common files | |
96054e6f | 342 | - (stevesk) pty.c: use __hpux to identify HP-UX. |
d0127657 | 343 | - (bal) Missed auth-skey.o in Makefile.in and minor correction to |
344 | bsd-waitpid.c | |
b850ecd9 | 345 | |
75b90ced | 346 | 20001029 |
347 | - (stevesk) Fix typo in auth.c: USE_PAM not PAM | |
95273555 | 348 | - (stevesk) Create contrib/cygwin/ directory; patch from |
349 | Corinna Vinschen <vinschen@redhat.com> | |
e9e4a1c7 | 350 | - (bal) Resolved more $xno and $xyes issues in configure.in |
fd5f0295 | 351 | - (bal) next-posix.h - spelling and forgot a prototype |
75b90ced | 352 | |
344f2b94 | 353 | 20001028 |
354 | - (djm) fix select hack in serverloop.c from Philippe WILLEM | |
355 | <Philippe.WILLEM@urssaf.fr> | |
240ae474 | 356 | - (djm) Fix mangled AIXAUTHENTICATE code |
606ea390 | 357 | - (djm) authctxt->pw may be NULL. Fix from Markus Friedl |
358 | <markus.friedl@informatik.uni-erlangen.de> | |
a22aff1f | 359 | - (djm) Sync with OpenBSD: |
360 | - markus@cvs.openbsd.org 2000/10/16 15:46:32 | |
361 | [ssh.1] | |
362 | fixes from pekkas@netcore.fi | |
363 | - markus@cvs.openbsd.org 2000/10/17 14:28:11 | |
364 | [atomicio.c] | |
365 | return number of characters processed; ok deraadt@ | |
366 | - markus@cvs.openbsd.org 2000/10/18 12:04:02 | |
367 | [atomicio.c] | |
368 | undo | |
369 | - markus@cvs.openbsd.org 2000/10/18 12:23:02 | |
370 | [scp.c] | |
371 | replace atomicio(read,...) with read(); ok deraadt@ | |
372 | - markus@cvs.openbsd.org 2000/10/18 12:42:00 | |
373 | [session.c] | |
374 | restore old record login behaviour | |
375 | - deraadt@cvs.openbsd.org 2000/10/19 10:41:13 | |
376 | [auth-skey.c] | |
377 | fmt string problem in unused code | |
378 | - provos@cvs.openbsd.org 2000/10/19 10:45:16 | |
379 | [sshconnect2.c] | |
380 | don't reference freed memory. okay deraadt@ | |
381 | - markus@cvs.openbsd.org 2000/10/21 11:04:23 | |
382 | [canohost.c] | |
383 | typo, eramore@era-t.ericsson.se; ok niels@ | |
384 | - markus@cvs.openbsd.org 2000/10/23 13:31:55 | |
385 | [cipher.c] | |
386 | non-alignment dependent swap_bytes(); from | |
387 | simonb@wasabisystems.com/netbsd | |
388 | - markus@cvs.openbsd.org 2000/10/26 12:38:28 | |
389 | [compat.c] | |
390 | add older vandyke products | |
391 | - markus@cvs.openbsd.org 2000/10/27 01:32:19 | |
392 | [channels.c channels.h clientloop.c serverloop.c session.c] | |
393 | [ssh.c util.c] | |
394 | enable non-blocking IO on channels, and tty's (except for the | |
395 | client ttys). | |
344f2b94 | 396 | |
ddc49b5c | 397 | 20001027 |
398 | - (djm) Increase REKEY_BYTES to 2^24 for arc4random | |
399 | ||
48e7916f | 400 | 20001025 |
401 | - (djm) Added WARNING.RNG file and modified configure to ask users of the | |
402 | builtin entropy code to read it. | |
403 | - (djm) Prefer builtin regex to PCRE. | |
00937921 | 404 | - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly. |
405 | - (bal) Apply fixes to configure.in pointed out by Pavel Roskin | |
406 | <proski@gnu.org> | |
48e7916f | 407 | |
8dcda1e3 | 408 | 20001020 |
409 | - (djm) Don't define _REENTRANT for SNI/Reliant Unix | |
07bee9a7 | 410 | - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation |
411 | is more correct then current version. | |
8dcda1e3 | 412 | |
f5af5cd5 | 413 | 20001018 |
414 | - (stevesk) Add initial support for setproctitle(). Current | |
415 | support is for the HP-UX pstat(PSTAT_SETCMD, ...) method. | |
134fd7f6 | 416 | - (stevesk) Add egd startup scripts to contrib/hpux/ |
f5af5cd5 | 417 | |
2f31bdd6 | 418 | 20001017 |
419 | - (djm) Add -lregex to cywin libs from Corinna Vinschen | |
420 | <vinschen@cygnus.com> | |
ba7a3f40 | 421 | - (djm) Don't rely on atomicio's retval to determine length of askpass |
422 | supplied passphrase. Problem report from Lutz Jaenicke | |
423 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
66d6c27e | 424 | - (bal) Changed from GNU rx to PCRE on suggestion from djm. |
425 | - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki | |
426 | <nakaji@tutrp.tut.ac.jp> | |
2f31bdd6 | 427 | |
33de75a3 | 428 | 20001016 |
429 | - (djm) Sync with OpenBSD: | |
430 | - markus@cvs.openbsd.org 2000/10/14 04:01:15 | |
431 | [cipher.c] | |
432 | debug3 | |
433 | - markus@cvs.openbsd.org 2000/10/14 04:07:23 | |
434 | [scp.c] | |
435 | remove spaces from arguments; from djm@mindrot.org | |
436 | - markus@cvs.openbsd.org 2000/10/14 06:09:46 | |
437 | [ssh.1] | |
438 | Cipher is for SSH-1 only | |
439 | - markus@cvs.openbsd.org 2000/10/14 06:12:09 | |
440 | [servconf.c servconf.h serverloop.c session.c sshd.8] | |
441 | AllowTcpForwarding; from naddy@ | |
442 | - markus@cvs.openbsd.org 2000/10/14 06:16:56 | |
443 | [auth2.c compat.c compat.h sshconnect2.c version.h] | |
444 | OpenSSH_2.3; note that is is not complete, but the version number | |
445 | needs to be changed for interoperability reasons | |
446 | - markus@cvs.openbsd.org 2000/10/14 06:19:45 | |
447 | [auth-rsa.c] | |
448 | do not send RSA challenge if key is not allowed by key-options; from | |
449 | eivind@ThinkSec.com | |
450 | - markus@cvs.openbsd.org 2000/10/15 08:14:01 | |
451 | [rijndael.c session.c] | |
452 | typos; from stevesk@sweden.hp.com | |
453 | - markus@cvs.openbsd.org 2000/10/15 08:18:31 | |
454 | [rijndael.c] | |
455 | typo | |
30d8b039 | 456 | - (djm) Copy manpages back over from OpenBSD - too tedious to wade |
457 | through diffs | |
aa0289fe | 458 | - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola |
30d8b039 | 459 | <pekkas@netcore.fi> |
aa0289fe | 460 | - (djm) Update version in Redhat spec file |
461 | - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the | |
462 | Redhat 7.0 spec file | |
5b2d4b75 | 463 | - (djm) Make inability to read/write PRNG seedfile non-fatal |
464 | ||
33de75a3 | 465 | |
4d670c24 | 466 | 20001015 |
467 | - (djm) Fix ssh2 hang on background processes at logout. | |
468 | ||
71dfaf1c | 469 | 20001014 |
443172c4 | 470 | - (bal) Add support for realpath and getcwd for platforms with broken |
471 | or missing realpath implementations for sftp-server. | |
472 | - (bal) Corrected mistake in INSTALL in regards to GNU rx library | |
d8f1edd5 | 473 | - (bal) Add support for GNU rx library for those lacking regexp support |
71dfaf1c | 474 | - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth |
02323c45 | 475 | - (djm) Revert SSH2 serverloop hack, will find a better way. |
4ee81249 | 476 | - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch |
477 | from Martin Johansson <fatbob@acc.umu.se> | |
94ec8c6b | 478 | - (djm) Big OpenBSD sync: |
479 | - markus@cvs.openbsd.org 2000/09/30 10:27:44 | |
480 | [log.c] | |
481 | allow loglevel debug | |
482 | - markus@cvs.openbsd.org 2000/10/03 11:59:57 | |
483 | [packet.c] | |
484 | hmac->mac | |
485 | - markus@cvs.openbsd.org 2000/10/03 12:03:03 | |
486 | [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] | |
487 | move fake-auth from auth1.c to individual auth methods, disables s/key in | |
488 | debug-msg | |
489 | - markus@cvs.openbsd.org 2000/10/03 12:16:48 | |
490 | ssh.c | |
491 | do not resolve canonname, i have no idea why this was added oin ossh | |
492 | - markus@cvs.openbsd.org 2000/10/09 15:30:44 | |
493 | ssh-keygen.1 ssh-keygen.c | |
494 | -X now reads private ssh.com DSA keys, too. | |
495 | - markus@cvs.openbsd.org 2000/10/09 15:32:34 | |
496 | auth-options.c | |
497 | clear options on every call. | |
498 | - markus@cvs.openbsd.org 2000/10/09 15:51:00 | |
499 | authfd.c authfd.h | |
500 | interop with ssh-agent2, from <res@shore.net> | |
501 | - markus@cvs.openbsd.org 2000/10/10 14:20:45 | |
502 | compat.c | |
503 | use rexexp for version string matching | |
504 | - provos@cvs.openbsd.org 2000/10/10 22:02:18 | |
505 | [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] | |
506 | First rough implementation of the diffie-hellman group exchange. The | |
507 | client can ask the server for bigger groups to perform the diffie-hellman | |
508 | in, thus increasing the attack complexity when using ciphers with longer | |
509 | keys. University of Windsor provided network, T the company. | |
510 | - markus@cvs.openbsd.org 2000/10/11 13:59:52 | |
511 | [auth-rsa.c auth2.c] | |
512 | clear auth options unless auth sucessfull | |
513 | - markus@cvs.openbsd.org 2000/10/11 14:00:27 | |
514 | [auth-options.h] | |
515 | clear auth options unless auth sucessfull | |
516 | - markus@cvs.openbsd.org 2000/10/11 14:03:27 | |
517 | [scp.1 scp.c] | |
518 | support 'scp -o' with help from mouring@pconline.com | |
519 | - markus@cvs.openbsd.org 2000/10/11 14:11:35 | |
520 | [dh.c] | |
521 | Wall | |
522 | - markus@cvs.openbsd.org 2000/10/11 14:14:40 | |
523 | [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] | |
524 | [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] | |
525 | add support for s/key (kbd-interactive) to ssh2, based on work by | |
526 | mkiernan@avantgo.com and me | |
527 | - markus@cvs.openbsd.org 2000/10/11 14:27:24 | |
528 | [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] | |
529 | [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] | |
530 | [sshconnect2.c sshd.c] | |
531 | new cipher framework | |
532 | - markus@cvs.openbsd.org 2000/10/11 14:45:21 | |
533 | [cipher.c] | |
534 | remove DES | |
535 | - markus@cvs.openbsd.org 2000/10/12 03:59:20 | |
536 | [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] | |
537 | enable DES in SSH-1 clients only | |
538 | - markus@cvs.openbsd.org 2000/10/12 08:21:13 | |
539 | [kex.h packet.c] | |
540 | remove unused | |
541 | - markus@cvs.openbsd.org 2000/10/13 12:34:46 | |
542 | [sshd.c] | |
543 | Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se | |
544 | - markus@cvs.openbsd.org 2000/10/13 12:59:15 | |
545 | [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] | |
546 | rijndael/aes support | |
547 | - markus@cvs.openbsd.org 2000/10/13 13:10:54 | |
548 | [sshd.8] | |
549 | more info about -V | |
550 | - markus@cvs.openbsd.org 2000/10/13 13:12:02 | |
551 | [myproposal.h] | |
552 | prefer no compression | |
3ed32516 | 553 | - (djm) Fix scp user@host handling |
554 | - (djm) Don't clobber ssh_prng_cmds on install | |
6bcf7caa | 555 | - (stevesk) Include config.h in rijndael.c so we define intXX_t and |
556 | u_intXX_t types on all platforms. | |
9ea53ba5 | 557 | - (stevesk) rijndael.c: cleanup missing declaration warnings. |
2919e060 | 558 | - (stevesk) ~/.hushlogin shouldn't cause required password change to |
559 | be bypassed. | |
f5665f6f | 560 | - (stevesk) Display correct path to ssh-askpass in configure output. |
561 | Report from Lutz Jaenicke. | |
71dfaf1c | 562 | |
ebd782f7 | 563 | 20001007 |
564 | - (stevesk) Print PAM return value in PAM log messages to aid | |
565 | with debugging. | |
97994d32 | 566 | - (stevesk) Fix detection of pw_class struct member in configure; |
567 | patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp> | |
568 | ||
47a134c1 | 569 | 20001002 |
570 | - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com> | |
571 | - (djm) Add host system and CC to end-of-configure report. Suggested by | |
572 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
573 | ||
7322ef0e | 574 | 20000931 |
575 | - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com> | |
576 | ||
6ac7829a | 577 | 20000930 |
b6490dcb | 578 | - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi> |
772bd898 | 579 | - (djm) Support in bsd-snprintf.c for long long conversions from |
580 | Ben Lindstrom <mouring@pconline.com> | |
581 | - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com> | |
857040fb | 582 | - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with |
583 | very short lived X connections. Bug report from Tobias Oetiker | |
584 | <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org> | |
bd2d7f6a | 585 | - (djm) Add recent InitScripts as a RPM dependancy for openssh-server |
586 | patch from Pekka Savola <pekkas@netcore.fi> | |
58665035 | 587 | - (djm) Forgot to cvs add LICENSE file |
dc2901a0 | 588 | - (djm) Add LICENSE to RPM spec files |
de273eef | 589 | - (djm) CVS OpenBSD sync: |
590 | - markus@cvs.openbsd.org 2000/09/26 13:59:59 | |
591 | [clientloop.c] | |
592 | use debug2 | |
593 | - markus@cvs.openbsd.org 2000/09/27 15:41:34 | |
594 | [auth2.c sshconnect2.c] | |
595 | use key_type() | |
596 | - markus@cvs.openbsd.org 2000/09/28 12:03:18 | |
597 | [channels.c] | |
598 | debug -> debug2 cleanup | |
2a7d529a | 599 | - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only |
600 | strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis | |
601 | <Alain.St-Denis@ec.gc.ca> | |
602 | - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass. | |
603 | Problem was caused by interrupted read in ssh-add. Report from Donald | |
604 | J. Barry <don@astro.cornell.edu> | |
6ac7829a | 605 | |
c5d85828 | 606 | 20000929 |
607 | - (djm) Fix SSH2 not terminating until all background tasks done problem. | |
2ed85c06 | 608 | - (djm) Another off-by-one fix from Pavel Kankovsky |
609 | <peak@argo.troja.mff.cuni.cz> | |
22d89d24 | 610 | - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, |
611 | tidy necessary differences. Use Markus' new debugN() in entropy.c | |
77bb0bca | 612 | - (djm) Merged big SCO portability patch from Tim Rice |
613 | <tim@multitalents.net> | |
c5d85828 | 614 | |
6fd7f731 | 615 | 20000926 |
616 | - (djm) Update X11-askpass to 1.0.2 in RPM spec file | |
c5ae7384 | 617 | - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX |
618 | - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c. | |
619 | Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> | |
6fd7f731 | 620 | |
2f125ca1 | 621 | 20000924 |
622 | - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net> | |
623 | - (djm) A bit more cleanup - created cygwin_util.h | |
bcdaaeab | 624 | - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller |
625 | <markm@swoon.net> | |
2f125ca1 | 626 | |
764d4113 | 627 | 20000923 |
628 | - (djm) Fix address logging in utmp from Kevin Steves | |
629 | <stevesk@sweden.hp.com> | |
777319db | 630 | - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi> |
bd590612 | 631 | - (djm) Seperate tests for int64_t and u_int64_t types |
37c1c46d | 632 | - (djm) Tweak password expiry checking at suggestion of Kevin Steves |
633 | <stevesk@sweden.hp.com> | |
e79b44e1 | 634 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
e2144f11 | 635 | - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from |
636 | Michael Stone <mstone@cs.loyola.edu> | |
188adeb2 | 637 | - (djm) OpenBSD CVS sync: |
638 | - markus@cvs.openbsd.org 2000/09/17 09:38:59 | |
639 | [sshconnect2.c sshd.c] | |
640 | fix DEBUG_KEXDH | |
641 | - markus@cvs.openbsd.org 2000/09/17 09:52:51 | |
642 | [sshconnect.c] | |
643 | yes no; ok niels@ | |
644 | - markus@cvs.openbsd.org 2000/09/21 04:55:11 | |
645 | [sshd.8] | |
646 | typo | |
647 | - markus@cvs.openbsd.org 2000/09/21 05:03:54 | |
648 | [serverloop.c] | |
649 | typo | |
650 | - markus@cvs.openbsd.org 2000/09/21 05:11:42 | |
651 | scp.c | |
652 | utime() to utimes(); mouring@pconline.com | |
653 | - markus@cvs.openbsd.org 2000/09/21 05:25:08 | |
654 | sshconnect2.c | |
655 | change login logic in ssh2, allows plugin of other auth methods | |
656 | - markus@cvs.openbsd.org 2000/09/21 05:25:35 | |
657 | [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h] | |
658 | [serverloop.c] | |
659 | add context to dispatch_run | |
660 | - markus@cvs.openbsd.org 2000/09/21 05:07:52 | |
661 | authfd.c authfd.h ssh-agent.c | |
662 | bug compat for old ssh.com software | |
764d4113 | 663 | |
7f377177 | 664 | 20000920 |
665 | - (djm) Fix bad path substitution. Report from Andrew Miner | |
666 | <asminer@cs.iastate.edu> | |
667 | ||
bcbf86ec | 668 | 20000916 |
7950bf97 | 669 | - (djm) Fix SSL search order from Lutz Jaenicke |
670 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
19ece6d2 | 671 | - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de> |
9cd45ea4 | 672 | - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com> |
995edaac | 673 | - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. |
674 | Patch from Larry Jones <larry.jones@sdrc.com> | |
ad55cd03 | 675 | - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM |
676 | password change patch. | |
677 | - (djm) Bring licenses on my stuff in line with OpenBSD's | |
0bbfbdeb | 678 | - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from |
679 | Kevin Steves <stevesk@sweden.hp.com> | |
7f8f5e00 | 680 | - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz> |
681 | - (djm) Re-enable int64_t types - we need them for sftp | |
682 | - (djm) Use libexecdir from configure , rather than libexecdir/ssh | |
683 | - (djm) Update Redhat SPEC file accordingly | |
684 | - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files | |
685 | - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch | |
686 | - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter | |
687 | <Dirk.DeWachter@rug.ac.be> | |
688 | - (djm) Fixprogs and entropy list fixes from Larry Jones | |
689 | <larry.jones@sdrc.com> | |
690 | - (djm) Fix for SuSE spec file from Takashi YOSHIDA | |
691 | <tyoshida@gemini.rc.kyushu-u.ac.jp> | |
bcbf86ec | 692 | - (djm) Merge OpenBSD changes: |
693 | - markus@cvs.openbsd.org 2000/09/05 02:59:57 | |
694 | [session.c] | |
695 | print hostname (not hushlogin) | |
696 | - markus@cvs.openbsd.org 2000/09/05 13:18:48 | |
697 | [authfile.c ssh-add.c] | |
698 | enable ssh-add -d for DSA keys | |
699 | - markus@cvs.openbsd.org 2000/09/05 13:20:49 | |
700 | [sftp-server.c] | |
701 | cleanup | |
702 | - markus@cvs.openbsd.org 2000/09/06 03:46:41 | |
703 | [authfile.h] | |
704 | prototype | |
705 | - deraadt@cvs.openbsd.org 2000/09/07 14:27:56 | |
706 | [ALL] | |
707 | cleanup copyright notices on all files. I have attempted to be | |
708 | accurate with the details. everything is now under Tatu's licence | |
709 | (which I copied from his readme), and/or the core-sdi bsd-ish thing | |
710 | for deattack, or various openbsd developers under a 2-term bsd | |
711 | licence. We're not changing any rules, just being accurate. | |
712 | - markus@cvs.openbsd.org 2000/09/07 14:40:30 | |
713 | [channels.c channels.h clientloop.c serverloop.c ssh.c] | |
714 | cleanup window and packet sizes for ssh2 flow control; ok niels | |
715 | - markus@cvs.openbsd.org 2000/09/07 14:53:00 | |
716 | [scp.c] | |
717 | typo | |
718 | - markus@cvs.openbsd.org 2000/09/07 15:13:37 | |
719 | [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] | |
720 | [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] | |
721 | [pty.c readconf.c] | |
722 | some more Copyright fixes | |
723 | - markus@cvs.openbsd.org 2000/09/08 03:02:51 | |
724 | [README.openssh2] | |
725 | bye bye | |
726 | - deraadt@cvs.openbsd.org 2000/09/11 18:38:33 | |
727 | [LICENCE cipher.c] | |
728 | a few more comments about it being ARC4 not RC4 | |
729 | - markus@cvs.openbsd.org 2000/09/12 14:53:11 | |
730 | [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] | |
731 | multiple debug levels | |
732 | - markus@cvs.openbsd.org 2000/09/14 14:25:15 | |
733 | [clientloop.c] | |
734 | typo | |
735 | - deraadt@cvs.openbsd.org 2000/09/15 01:13:51 | |
736 | [ssh-agent.c] | |
737 | check return value for setenv(3) for failure, and deal appropriately | |
738 | ||
deb8d717 | 739 | 20000913 |
740 | - (djm) Fix server not exiting with jobs in background. | |
741 | ||
b5e300c2 | 742 | 20000905 |
743 | - (djm) Import OpenBSD CVS changes | |
744 | - markus@cvs.openbsd.org 2000/08/31 15:52:24 | |
745 | [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c] | |
746 | implement a SFTP server. interops with sftp2, scp2 and the windows | |
747 | client from ssh.com | |
748 | - markus@cvs.openbsd.org 2000/08/31 15:56:03 | |
749 | [README.openssh2] | |
750 | sync | |
751 | - markus@cvs.openbsd.org 2000/08/31 16:05:42 | |
752 | [session.c] | |
753 | Wall | |
754 | - markus@cvs.openbsd.org 2000/08/31 16:09:34 | |
755 | [authfd.c ssh-agent.c] | |
756 | add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions | |
757 | - deraadt@cvs.openbsd.org 2000/09/01 09:25:13 | |
758 | [scp.1 scp.c] | |
759 | cleanup and fix -S support; stevesk@sweden.hp.com | |
760 | - markus@cvs.openbsd.org 2000/09/01 16:29:32 | |
761 | [sftp-server.c] | |
762 | portability fixes | |
763 | - markus@cvs.openbsd.org 2000/09/01 16:32:41 | |
764 | [sftp-server.c] | |
765 | fix cast; mouring@pconline.com | |
766 | - itojun@cvs.openbsd.org 2000/09/03 09:23:28 | |
767 | [ssh-add.1 ssh.1] | |
768 | add missing .El against .Bl. | |
769 | - markus@cvs.openbsd.org 2000/09/04 13:03:41 | |
770 | [session.c] | |
771 | missing close; ok theo | |
772 | - markus@cvs.openbsd.org 2000/09/04 13:07:21 | |
773 | [session.c] | |
774 | fix get_last_login_time order; from andre@van-veen.de | |
775 | - markus@cvs.openbsd.org 2000/09/04 13:10:09 | |
776 | [sftp-server.c] | |
777 | more cast fixes; from mouring@pconline.com | |
778 | - markus@cvs.openbsd.org 2000/09/04 13:06:04 | |
779 | [session.c] | |
780 | set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net | |
781 | - (djm) Cleanup after import. Fix sftp-server compilation, Makefile | |
3c62e7eb | 782 | - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> |
783 | ||
1e61f54a | 784 | 20000903 |
785 | - (djm) Fix Redhat init script | |
786 | ||
c80876b4 | 787 | 20000901 |
788 | - (djm) Pick up Jim's new X11-askpass | |
789 | - (djm) Release 2.2.0p1 | |
790 | ||
8b4a0d08 | 791 | 20000831 |
bcbf86ec | 792 | - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox |
8b4a0d08 | 793 | <acox@cv.telegroup.com> |
b817711d | 794 | - (djm) Pick up new version (2.2.0) from OpenBSD CVS |
8b4a0d08 | 795 | |
0b65b628 | 796 | 20000830 |
797 | - (djm) Compile warning fixes from Mark Miller <markm@swoon.net> | |
10fa00c8 | 798 | - (djm) Periodically rekey arc4random |
799 | - (djm) Clean up diff against OpenBSD. | |
bcbf86ec | 800 | - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves |
2b10f47a | 801 | <stevesk@sweden.hp.com> |
b33a2e6e | 802 | - (djm) Quieten the pam delete credentials error message |
44839801 | 803 | - (djm) Fix printing of $DISPLAY hack if set by system type. Report from |
804 | Kevin Steves <stevesk@sweden.hp.com> | |
84a770d1 | 805 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
7efa2776 | 806 | - (djm) Fix doh in bsd-arc4random.c |
0b65b628 | 807 | |
9aaf9be4 | 808 | 20000829 |
bcbf86ec | 809 | - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert |
810 | Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and | |
9aaf9be4 | 811 | Garrick James <garrick@james.net> |
b5f90139 | 812 | - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from |
813 | Bastian Trompetter <btrompetter@firemail.de> | |
698d107e | 814 | - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com> |
14a9a859 | 815 | - More OpenBSD updates: |
816 | - deraadt@cvs.openbsd.org 2000/08/24 15:46:59 | |
817 | [scp.c] | |
818 | off_t in sink, to fix files > 2GB, i think, test is still running ;-) | |
819 | - deraadt@cvs.openbsd.org 2000/08/25 10:10:06 | |
820 | [session.c] | |
821 | Wall | |
822 | - markus@cvs.openbsd.org 2000/08/26 04:33:43 | |
823 | [compat.c] | |
824 | ssh.com-2.3.0 | |
825 | - markus@cvs.openbsd.org 2000/08/27 12:18:05 | |
826 | [compat.c] | |
827 | compatibility with future ssh.com versions | |
828 | - deraadt@cvs.openbsd.org 2000/08/27 21:50:55 | |
829 | [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c] | |
830 | print uid/gid as unsigned | |
831 | - markus@cvs.openbsd.org 2000/08/28 13:51:00 | |
832 | [ssh.c] | |
833 | enable -n and -f for ssh2 | |
834 | - markus@cvs.openbsd.org 2000/08/28 14:19:53 | |
835 | [ssh.c] | |
836 | allow combination of -N and -f | |
837 | - markus@cvs.openbsd.org 2000/08/28 14:20:56 | |
838 | [util.c] | |
839 | util.c | |
840 | - markus@cvs.openbsd.org 2000/08/28 14:22:02 | |
841 | [util.c] | |
842 | undo | |
843 | - markus@cvs.openbsd.org 2000/08/28 14:23:38 | |
844 | [util.c] | |
845 | don't complain if setting NONBLOCK fails with ENODEV | |
9aaf9be4 | 846 | |
137d7b6c | 847 | 20000823 |
848 | - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4 | |
bcbf86ec | 849 | Avoids "scp never exits" problem. Reports from Lutz Jaenicke |
850 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA | |
137d7b6c | 851 | <kajiyama@grad.sccs.chukyo-u.ac.jp> |
2e73a022 | 852 | - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers |
da40ab4d | 853 | - (djm) Add local version to version.h |
ea788c22 | 854 | - (djm) Don't reseed arc4random everytime it is used |
2e73a022 | 855 | - (djm) OpenBSD CVS updates: |
856 | - deraadt@cvs.openbsd.org 2000/08/18 20:07:23 | |
857 | [ssh.c] | |
858 | accept remsh as a valid name as well; roman@buildpoint.com | |
859 | - deraadt@cvs.openbsd.org 2000/08/18 20:17:13 | |
860 | [deattack.c crc32.c packet.c] | |
861 | rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to | |
862 | libz crc32 function yet, because it has ugly "long"'s in it; | |
863 | oneill@cs.sfu.ca | |
864 | - deraadt@cvs.openbsd.org 2000/08/18 20:26:08 | |
865 | [scp.1 scp.c] | |
866 | -S prog support; tv@debian.org | |
867 | - deraadt@cvs.openbsd.org 2000/08/18 20:50:07 | |
868 | [scp.c] | |
869 | knf | |
870 | - deraadt@cvs.openbsd.org 2000/08/18 20:57:33 | |
871 | [log-client.c] | |
872 | shorten | |
873 | - markus@cvs.openbsd.org 2000/08/19 12:48:11 | |
874 | [channels.c channels.h clientloop.c ssh.c ssh.h] | |
875 | support for ~. in ssh2 | |
876 | - deraadt@cvs.openbsd.org 2000/08/19 15:29:40 | |
877 | [crc32.h] | |
878 | proper prototype | |
879 | - markus@cvs.openbsd.org 2000/08/19 15:34:44 | |
bcbf86ec | 880 | [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1] |
881 | [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile] | |
2e73a022 | 882 | [fingerprint.c fingerprint.h] |
883 | add SSH2/DSA support to the agent and some other DSA related cleanups. | |
884 | (note that we cannot talk to ssh.com's ssh2 agents) | |
885 | - markus@cvs.openbsd.org 2000/08/19 15:55:52 | |
886 | [channels.c channels.h clientloop.c] | |
887 | more ~ support for ssh2 | |
888 | - markus@cvs.openbsd.org 2000/08/19 16:21:19 | |
889 | [clientloop.c] | |
890 | oops | |
891 | - millert@cvs.openbsd.org 2000/08/20 12:25:53 | |
892 | [session.c] | |
893 | We have to stash the result of get_remote_name_or_ip() before we | |
894 | close our socket or getpeername() will get EBADF and the process | |
895 | will exit. Only a problem for "UseLogin yes". | |
896 | - millert@cvs.openbsd.org 2000/08/20 12:30:59 | |
897 | [session.c] | |
898 | Only check /etc/nologin if "UseLogin no" since login(1) may have its | |
899 | own policy on determining who is allowed to login when /etc/nologin | |
900 | is present. Also use the _PATH_NOLOGIN define. | |
901 | - millert@cvs.openbsd.org 2000/08/20 12:42:43 | |
902 | [auth1.c auth2.c session.c ssh.c] | |
903 | Add calls to setusercontext() and login_get*(). We basically call | |
904 | setusercontext() in most places where previously we did a setlogin(). | |
905 | Add default login.conf file and put root in the "daemon" login class. | |
906 | - millert@cvs.openbsd.org 2000/08/21 10:23:31 | |
907 | [session.c] | |
908 | Fix incorrect PATH setting; noted by Markus. | |
137d7b6c | 909 | |
c345cf9d | 910 | 20000818 |
911 | - (djm) OpenBSD CVS changes: | |
912 | - markus@cvs.openbsd.org 2000/07/22 03:14:37 | |
913 | [servconf.c servconf.h sshd.8 sshd.c sshd_config] | |
914 | random early drop; ok theo, niels | |
915 | - deraadt@cvs.openbsd.org 2000/07/26 11:46:51 | |
916 | [ssh.1] | |
917 | typo | |
918 | - deraadt@cvs.openbsd.org 2000/08/01 11:46:11 | |
919 | [sshd.8] | |
920 | many fixes from pepper@mail.reppep.com | |
921 | - provos@cvs.openbsd.org 2000/08/01 13:01:42 | |
922 | [Makefile.in util.c aux.c] | |
923 | rename aux.c to util.c to help with cygwin port | |
924 | - deraadt@cvs.openbsd.org 2000/08/02 00:23:31 | |
925 | [authfd.c] | |
926 | correct sun_len; Alexander@Leidinger.net | |
927 | - provos@cvs.openbsd.org 2000/08/02 10:27:17 | |
928 | [readconf.c sshd.8] | |
929 | disable kerberos authentication by default | |
930 | - provos@cvs.openbsd.org 2000/08/02 11:27:05 | |
931 | [sshd.8 readconf.c auth-krb4.c] | |
932 | disallow kerberos authentication if we can't verify the TGT; from | |
933 | dugsong@ | |
934 | kerberos authentication is on by default only if you have a srvtab. | |
935 | - markus@cvs.openbsd.org 2000/08/04 14:30:07 | |
936 | [auth.c] | |
937 | unused | |
938 | - markus@cvs.openbsd.org 2000/08/04 14:30:35 | |
939 | [sshd_config] | |
940 | MaxStartups | |
941 | - markus@cvs.openbsd.org 2000/08/15 13:20:46 | |
942 | [authfd.c] | |
943 | cleanup; ok niels@ | |
944 | - markus@cvs.openbsd.org 2000/08/17 14:05:10 | |
945 | [session.c] | |
946 | cleanup login(1)-like jobs, no duplicate utmp entries | |
947 | - markus@cvs.openbsd.org 2000/08/17 14:06:34 | |
948 | [session.c sshd.8 sshd.c] | |
949 | sshd -u len, similar to telnetd | |
1a022229 | 950 | - (djm) Lastlog was not getting closed after writing login entry |
39987cc0 | 951 | - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com> |
c345cf9d | 952 | |
416ed5a7 | 953 | 20000816 |
954 | - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc) | |
bcbf86ec | 955 | - (djm) Fix strerror replacement for old SunOS. Based on patch from |
416ed5a7 | 956 | Charles Levert <charles@comm.polymtl.ca> |
bcbf86ec | 957 | - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4 |
416ed5a7 | 958 | implementation. |
ba606eb2 | 959 | - (djm) SUN_LEN macro for systems which lack it |
416ed5a7 | 960 | |
dbaa2e87 | 961 | 20000815 |
962 | - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> | |
cd352c82 | 963 | - (djm) Avoid failures on Irix when ssh is not setuid. Fix from |
964 | Michael Stone <mstone@cs.loyola.edu> | |
d93a7e5a | 965 | - (djm) Don't seek in directory based lastlogs |
bcbf86ec | 966 | - (djm) Fix --with-ipaddr-display configure option test. Patch from |
d93a7e5a | 967 | Jarno Huuskonen <jhuuskon@messi.uku.fi> |
2a2cb9e7 | 968 | - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br> |
dbaa2e87 | 969 | |
6c33bf70 | 970 | 20000813 |
971 | - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from | |
972 | Fabrice bacchella <fabrice.bacchella@marchfirst.fr> | |
973 | ||
3fcce26c | 974 | 20000809 |
bcbf86ec | 975 | - (djm) Define AIX hard limits if headers don't. Report from |
3fcce26c | 976 | Bill Painter <william.t.painter@lmco.com> |
bcbf86ec | 977 | - (djm) utmp direct write & SunOS 4 patch from Charles Levert |
32eec038 | 978 | <charles@comm.polymtl.ca> |
3fcce26c | 979 | |
71d43804 | 980 | 20000808 |
981 | - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install | |
982 | time, spec file cleanup. | |
983 | ||
f9bcea07 | 984 | 20000807 |
378f2232 | 985 | - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke |
47670e77 | 986 | - (djm) Suppress error messages on channel close shutdown() failurs |
987 | works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org> | |
378f2232 | 988 | - (djm) Add some more entropy collection commands from Lutz Jaenicke |
f9bcea07 | 989 | |
bcf89935 | 990 | 20000725 |
991 | - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF | |
992 | ||
4c8722d9 | 993 | 20000721 |
994 | - (djm) OpenBSD CVS updates: | |
995 | - markus@cvs.openbsd.org 2000/07/16 02:27:22 | |
996 | [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] | |
997 | [sshconnect1.c sshconnect2.c] | |
998 | make ssh-add accept dsa keys (the agent does not) | |
999 | - djm@cvs.openbsd.org 2000/07/17 19:25:02 | |
1000 | [sshd.c] | |
1001 | Another closing of stdin; ok deraadt | |
1002 | - markus@cvs.openbsd.org 2000/07/19 18:33:12 | |
1003 | [dsa.c] | |
1004 | missing free, reorder | |
1005 | - markus@cvs.openbsd.org 2000/07/20 16:23:14 | |
1006 | [ssh-keygen.1] | |
1007 | document input and output files | |
1008 | ||
240777b8 | 1009 | 20000720 |
4c8722d9 | 1010 | - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz> |
240777b8 | 1011 | |
3c7def32 | 1012 | 20000716 |
4c8722d9 | 1013 | - (djm) Release 2.1.1p4 |
3c7def32 | 1014 | |
819b676f | 1015 | 20000715 |
704b1659 | 1016 | - (djm) OpenBSD CVS updates |
1017 | - provos@cvs.openbsd.org 2000/07/13 16:53:22 | |
1018 | [aux.c readconf.c servconf.c ssh.h] | |
1019 | allow multiple whitespace but only one '=' between tokens, bug report from | |
1020 | Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@ | |
1021 | - provos@cvs.openbsd.org 2000/07/13 17:14:09 | |
1022 | [clientloop.c] | |
1023 | typo; todd@fries.net | |
1024 | - provos@cvs.openbsd.org 2000/07/13 17:19:31 | |
1025 | [scp.c] | |
1026 | close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu> | |
1027 | - markus@cvs.openbsd.org 2000/07/14 16:59:46 | |
1028 | [readconf.c servconf.c] | |
1029 | allow leading whitespace. ok niels | |
1030 | - djm@cvs.openbsd.org 2000/07/14 22:01:38 | |
1031 | [ssh-keygen.c ssh.c] | |
1032 | Always create ~/.ssh with mode 700; ok Markus | |
819b676f | 1033 | - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca> |
1034 | - Include floatingpoint.h for entropy.c | |
1035 | - strerror replacement | |
704b1659 | 1036 | |
3f7a7e4a | 1037 | 20000712 |
c37fb3c1 | 1038 | - (djm) Remove -lresolve for Reliant Unix |
3f7a7e4a | 1039 | - (djm) OpenBSD CVS Updates: |
1040 | - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 | |
1041 | [session.c sshd.c ] | |
1042 | make MaxStartups code still work with -d; djm | |
1043 | - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 | |
1044 | [readconf.c ssh_config] | |
1045 | disable FallBackToRsh by default | |
c37fb3c1 | 1046 | - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from |
1047 | Ben Lindstrom <mouring@pconline.com> | |
1e970014 | 1048 | - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM |
1049 | spec file. | |
dcb36e5d | 1050 | - (djm) Released 2.1.1p3 |
3f7a7e4a | 1051 | |
56118702 | 1052 | 20000711 |
1053 | - (djm) Fixup for AIX getuserattr() support from Tom Bertelson | |
1054 | <tbert@abac.com> | |
132dd316 | 1055 | - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de> |
bcbf86ec | 1056 | - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom |
c99e5056 | 1057 | <mouring@pconline.com> |
bcbf86ec | 1058 | - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report |
dc2a6d09 | 1059 | from Jim Watt <jimw@peisj.pebio.com> |
2d9a148e | 1060 | - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known |
1061 | to compile on more platforms (incl NeXT). | |
cc6f2c4c | 1062 | - (djm) Added bsd-inet_aton and configure support for NeXT |
aae19451 | 1063 | - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> |
089fbbd2 | 1064 | - (djm) OpenBSD CVS updates: |
1065 | - markus@cvs.openbsd.org 2000/06/26 03:22:29 | |
1066 | [authfd.c] | |
1067 | cleanup, less cut&paste | |
1068 | - markus@cvs.openbsd.org 2000/06/26 15:59:19 | |
1069 | [servconf.c servconf.h session.c sshd.8 sshd.c] | |
bcbf86ec | 1070 | MaxStartups: limit number of unauthenticated connections, work by |
089fbbd2 | 1071 | theo and me |
1072 | - deraadt@cvs.openbsd.org 2000/07/05 14:18:07 | |
1073 | [session.c] | |
1074 | use no_x11_forwarding_flag correctly; provos ok | |
1075 | - provos@cvs.openbsd.org 2000/07/05 15:35:57 | |
1076 | [sshd.c] | |
1077 | typo | |
1078 | - aaron@cvs.openbsd.org 2000/07/05 22:06:58 | |
1079 | [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8] | |
bcbf86ec | 1080 | Insert more missing .El directives. Our troff really should identify |
089fbbd2 | 1081 | these and spit out a warning. |
1082 | - todd@cvs.openbsd.org 2000/07/06 21:55:04 | |
1083 | [auth-rsa.c auth2.c ssh-keygen.c] | |
1084 | clean code is good code | |
1085 | - deraadt@cvs.openbsd.org 2000/07/07 02:14:29 | |
1086 | [serverloop.c] | |
1087 | sense of port forwarding flag test was backwards | |
1088 | - provos@cvs.openbsd.org 2000/07/08 17:17:31 | |
1089 | [compat.c readconf.c] | |
1090 | replace strtok with strsep; from David Young <dyoung@onthejob.net> | |
1091 | - deraadt@cvs.openbsd.org 2000/07/08 19:21:15 | |
1092 | [auth.h] | |
1093 | KNF | |
1094 | - ho@cvs.openbsd.org 2000/07/08 19:27:33 | |
1095 | [compat.c readconf.c] | |
1096 | Better conditions for strsep() ending. | |
1097 | - ho@cvs.openbsd.org 2000/07/10 10:27:05 | |
1098 | [readconf.c] | |
1099 | Get the correct message on errors. (niels@ ok) | |
1100 | - ho@cvs.openbsd.org 2000/07/10 10:30:25 | |
1101 | [cipher.c kex.c servconf.c] | |
1102 | strtok() --> strsep(). (niels@ ok) | |
5540ea9b | 1103 | - (djm) Fix problem with debug mode and MaxStartups |
eb37534b | 1104 | - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM |
1105 | builds) | |
229f64ee | 1106 | - (djm) Add strsep function from OpenBSD libc for systems that lack it |
56118702 | 1107 | |
a8545c6c | 1108 | 20000709 |
1109 | - (djm) Only enable PAM_TTY kludge for Linux. Problem report from | |
1110 | Kevin Steves <stevesk@sweden.hp.com> | |
ec90a7d6 | 1111 | - (djm) Match prototype and function declaration for rresvport_af. |
1112 | Problem report from Niklas Edmundsson <nikke@ing.umu.se> | |
bcbf86ec | 1113 | - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM |
732e8ac5 | 1114 | builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu> |
37f1df94 | 1115 | - (djm) Replace ut_name with ut_user. Patch from Jim Watt |
1116 | <jimw@peisj.pebio.com> | |
264dce47 | 1117 | - (djm) Fix pam sprintf fix |
1118 | - (djm) Cleanup entropy collection code a little more. Split initialisation | |
1119 | from seeding, perform intialisation immediatly at start, be careful with | |
1120 | uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com> | |
5bf9cfe9 | 1121 | - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com> |
1122 | Including sigaction() et al. replacements | |
bcbf86ec | 1123 | - (djm) AIX getuserattr() session initialisation from Tom Bertelson |
eeec075f | 1124 | <tbert@abac.com> |
a8545c6c | 1125 | |
e2902a5b | 1126 | 20000708 |
bcbf86ec | 1127 | - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from |
e2902a5b | 1128 | Aaron Hopkins <aaron@die.net> |
7a33f831 | 1129 | - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from |
1130 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
bcbf86ec | 1131 | - (djm) Fixed undefined variables for OSF SIA. Report from |
b3f162ba | 1132 | Baars, Henk <Hendrik.Baars@nl.origin-it.com> |
bcbf86ec | 1133 | - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c |
b28e4a3b | 1134 | Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL> |
bcbf86ec | 1135 | - (djm) Don't use inet_addr. |
e2902a5b | 1136 | |
5637650d | 1137 | 20000702 |
1138 | - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com> | |
27494968 | 1139 | - (djm) Stop shadow expiry checking from preventing logins with NIS. Based |
1140 | on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> | |
a4070484 | 1141 | - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from |
1142 | Chris, the Young One <cky@pobox.com> | |
bcbf86ec | 1143 | - (djm) Fix scp progress meter on really wide terminals. Based on patch |
88726b31 | 1144 | from James H. Cloos Jr. <cloos@jhcloos.com> |
5637650d | 1145 | |
388e9f9f | 1146 | 20000701 |
1147 | - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu> | |
daaff4d5 | 1148 | - (djm) Login fixes from Tom Bertelson <tbert@abac.com> |
82258d68 | 1149 | - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen |
1150 | <vinschen@cygnus.com> | |
30228d7c | 1151 | - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM |
2647ae26 | 1152 | - (djm) Added check for broken snprintf() functions which do not correctly |
1153 | terminate output string and attempt to use replacement. | |
46158300 | 1154 | - (djm) Released 2.1.1p2 |
388e9f9f | 1155 | |
9f32ceb4 | 1156 | 20000628 |
1157 | - (djm) Fixes to lastlog code for Irix | |
1158 | - (djm) Use atomicio in loginrec | |
3206bb3b | 1159 | - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for |
1160 | Irix 6.x array sessions, project id's, and system audit trail id. | |
9e0c3e1f | 1161 | - (djm) Added 'distprep' make target to simplify packaging |
bcbf86ec | 1162 | - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA |
4d33e531 | 1163 | support. Enable using "USE_SIA=1 ./configure [options]" |
bcbf86ec | 1164 | |
d8caae24 | 1165 | 20000627 |
1166 | - (djm) Fixes to login code - not setting li->uid, cleanups | |
a05a70ab | 1167 | - (djm) Formatting |
d8caae24 | 1168 | |
fe30cc2e | 1169 | 20000626 |
3e98362e | 1170 | - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net> |
4cb5ffa0 | 1171 | - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de> |
1172 | - (djm) Added password expiry checking (no password change support) | |
be0b9bb7 | 1173 | - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK |
1174 | based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
b5b3f75d | 1175 | - (djm) Fix fixed EGD code. |
3e98362e | 1176 | - OpenBSD CVS update |
1177 | - provos@cvs.openbsd.org 2000/06/25 14:17:58 | |
1178 | [channels.c] | |
1179 | correct check for bad channel ids; from Wei Dai <weidai@eskimo.com> | |
1180 | ||
1c04b088 | 1181 | 20000623 |
bcbf86ec | 1182 | - (djm) Use sa_family_t in prototype for rresvport_af. Patch from |
1c04b088 | 1183 | Svante Signell <svante.signell@telia.com> |
1184 | - (djm) Autoconf logic to define sa_family_t if it is missing | |
e5a0294f | 1185 | - OpenBSD CVS Updates: |
1186 | - markus@cvs.openbsd.org 2000/06/22 10:32:27 | |
1187 | [sshd.c] | |
1188 | missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL | |
1189 | - djm@cvs.openbsd.org 2000/06/22 17:55:00 | |
1190 | [auth-krb4.c key.c radix.c uuencode.c] | |
1191 | Missing CVS idents; ok markus | |
1c04b088 | 1192 | |
f528fdf2 | 1193 | 20000622 |
1194 | - (djm) Automatically generate host key during "make install". Suggested | |
1195 | by Gary E. Miller <gem@rellim.com> | |
1196 | - (djm) Paranoia before kill() system call | |
74fc9186 | 1197 | - OpenBSD CVS Updates: |
1198 | - markus@cvs.openbsd.org 2000/06/18 18:50:11 | |
1199 | [auth2.c compat.c compat.h sshconnect2.c] | |
1200 | make userauth+pubkey interop with ssh.com-2.2.0 | |
1201 | - markus@cvs.openbsd.org 2000/06/18 20:56:17 | |
1202 | [dsa.c] | |
1203 | mem leak + be more paranoid in dsa_verify. | |
1204 | - markus@cvs.openbsd.org 2000/06/18 21:29:50 | |
1205 | [key.c] | |
1206 | cleanup fingerprinting, less hardcoded sizes | |
1207 | - markus@cvs.openbsd.org 2000/06/19 19:39:45 | |
1208 | [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] | |
1209 | [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] | |
bcbf86ec | 1210 | [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] |
74fc9186 | 1211 | [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] |
1212 | [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] | |
bcbf86ec | 1213 | [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] |
1214 | [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] | |
74fc9186 | 1215 | [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] |
1216 | [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] | |
1217 | OpenBSD tag | |
1218 | - markus@cvs.openbsd.org 2000/06/21 10:46:10 | |
1219 | sshconnect2.c missing free; nuke old comment | |
f528fdf2 | 1220 | |
e5fe9a1f | 1221 | 20000620 |
1222 | - (djm) Replace use of '-o' and '-a' logical operators in configure tests | |
bcbf86ec | 1223 | with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx> |
e5fe9a1f | 1224 | to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com> |
c03aced4 | 1225 | - (djm) Typo in loginrec.c |
e5fe9a1f | 1226 | |
cbd7492e | 1227 | 20000618 |
1228 | - (djm) Add summary of configure options to end of ./configure run | |
bcbf86ec | 1229 | - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from |
cbd7492e | 1230 | Michael Stone <mstone@cs.loyola.edu> |
bcbf86ec | 1231 | - (djm) rusage is a privileged operation on some Unices (incl. |
cbd7492e | 1232 | Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com> |
bcbf86ec | 1233 | - (djm) Avoid PAM failures when running without a TTY. Report from |
cbd7492e | 1234 | Martin Petrak <petrak@spsknm.schools.sk> |
1235 | - (djm) Include sys/types.h when including netinet/in.h in configure tests. | |
1236 | Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net> | |
729bfe59 | 1237 | - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support |
38c295d6 | 1238 | - OpenBSD CVS updates: |
1239 | - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 | |
1240 | [channels.c] | |
1241 | everyone says "nix it" (remove protocol 2 debugging message) | |
1242 | - markus@cvs.openbsd.org 2000/06/17 13:24:34 | |
1243 | [sshconnect.c] | |
1244 | allow extended server banners | |
1245 | - markus@cvs.openbsd.org 2000/06/17 14:30:10 | |
1246 | [sshconnect.c] | |
1247 | missing atomicio, typo | |
1248 | - jakob@cvs.openbsd.org 2000/06/17 16:52:34 | |
1249 | [servconf.c servconf.h session.c sshd.8 sshd_config] | |
1250 | add support for ssh v2 subsystems. ok markus@. | |
1251 | - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 | |
1252 | [readconf.c servconf.c] | |
1253 | include = in WHITESPACE; markus ok | |
1254 | - markus@cvs.openbsd.org 2000/06/17 19:09:10 | |
1255 | [auth2.c] | |
1256 | implement bug compatibility with ssh-2.0.13 pubkey, server side | |
1257 | - markus@cvs.openbsd.org 2000/06/17 21:00:28 | |
1258 | [compat.c] | |
1259 | initial support for ssh.com's 2.2.0 | |
1260 | - markus@cvs.openbsd.org 2000/06/17 21:16:09 | |
1261 | [scp.c] | |
1262 | typo | |
1263 | - markus@cvs.openbsd.org 2000/06/17 22:05:02 | |
1264 | [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] | |
1265 | split auth-rsa option parsing into auth-options | |
1266 | add options support to authorized_keys2 | |
1267 | - markus@cvs.openbsd.org 2000/06/17 22:42:54 | |
1268 | [session.c] | |
1269 | typo | |
cbd7492e | 1270 | |
509b1f88 | 1271 | 20000613 |
1272 | - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>: | |
1273 | - Platform define for SCO 3.x which breaks on /dev/ptmx | |
1274 | - Detect and try to fix missing MAXPATHLEN | |
a4d05724 | 1275 | - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp |
1276 | <P.S.S.Camp@ukc.ac.uk> | |
509b1f88 | 1277 | |
09564242 | 1278 | 20000612 |
1279 | - (djm) Glob manpages in RPM spec files to catch compressed files | |
1280 | - (djm) Full license in auth-pam.c | |
08ae384f | 1281 | - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
383207f7 | 1282 | - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>: |
1283 | - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is | |
1284 | def'd | |
1285 | - Set AIX to use preformatted manpages | |
bcbf86ec | 1286 | |
74b224a0 | 1287 | 20000610 |
1288 | - (djm) Minor doc tweaks | |
217ab55e | 1289 | - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx> |
74b224a0 | 1290 | |
32c80420 | 1291 | 20000609 |
1292 | - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage | |
1293 | (in favour of utmpx) on Solaris 8 | |
1294 | ||
fa649821 | 1295 | 20000606 |
48c99b2c | 1296 | - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through |
1297 | list of commands (by default). Removed verbose debugging (by default). | |
bcbf86ec | 1298 | - (djm) Increased command entropy estimates and default entropy collection |
48c99b2c | 1299 | timeout |
f988dce5 | 1300 | - (djm) Remove duplicate headers from loginrec.c |
c5fa2eb0 | 1301 | - (djm) Don't add /usr/local/lib to library search path on Irix |
bcbf86ec | 1302 | - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III |
fa649821 | 1303 | <tibbs@math.uh.edu> |
1e83f2a2 | 1304 | - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg |
1305 | <zack@wolery.cumb.org> | |
fa649821 | 1306 | - (djm) OpenBSD CVS updates: |
1307 | - todd@cvs.openbsd.org | |
1308 | [sshconnect2.c] | |
1309 | teach protocol v2 to count login failures properly and also enable an | |
1310 | explanation of why the password prompt comes up again like v1; this is NOT | |
1311 | crypto | |
bcbf86ec | 1312 | - markus@cvs.openbsd.org |
fa649821 | 1313 | [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] |
1314 | xauth_location support; pr 1234 | |
1315 | [readconf.c sshconnect2.c] | |
1316 | typo, unused | |
1317 | [session.c] | |
1318 | allow use_login only for login sessions, otherwise remote commands are | |
1319 | execed with uid==0 | |
1320 | [sshd.8] | |
1321 | document UseLogin better | |
1322 | [version.h] | |
1323 | OpenSSH 2.1.1 | |
1324 | [auth-rsa.c] | |
bcbf86ec | 1325 | fix match_hostname() logic for auth-rsa: deny access if we have a |
fa649821 | 1326 | negative match or no match at all |
1327 | [channels.c hostfile.c match.c] | |
bcbf86ec | 1328 | don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via |
fa649821 | 1329 | kris@FreeBSD.org |
1330 | ||
8e7b16f8 | 1331 | 20000606 |
bcbf86ec | 1332 | - (djm) Added --with-cflags, --with-ldflags and --with-libs options to |
8e7b16f8 | 1333 | configure. |
1334 | ||
d7c0f3d5 | 1335 | 20000604 |
1336 | - Configure tweaking for new login code on Irix 5.3 | |
2d6c411f | 1337 | - (andre) login code changes based on djm feedback |
d7c0f3d5 | 1338 | |
2d6c411f | 1339 | 20000603 |
1340 | - (andre) New login code | |
1341 | - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c | |
1342 | - Add loginrec.[ch], logintest.c and autoconf code | |
bcbf86ec | 1343 | |
5daf7064 | 1344 | 20000531 |
1345 | - Cleanup of auth.c, login.c and fake-* | |
1346 | - Cleanup of auth-pam.c, save and print "account expired" error messages | |
e5662474 | 1347 | - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp> |
69134b9b | 1348 | - Rewrote bsd-login to use proper utmp API if available. Major cleanup |
1349 | of fallback DIY code. | |
5daf7064 | 1350 | |
b9f446d1 | 1351 | 20000530 |
1352 | - Define atexit for old Solaris | |
b02ebca1 | 1353 | - Fix buffer overrun in login.c for systems which use syslen in utmpx. |
1354 | patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp> | |
71276795 | 1355 | - OpenBSD CVS updates: |
1356 | - markus@cvs.openbsd.org | |
1357 | [session.c] | |
1358 | make x11-fwd work w/ localhost (xauth add host/unix:11) | |
1359 | [cipher.c compat.c readconf.c servconf.c] | |
1360 | check strtok() != NULL; ok niels@ | |
1361 | [key.c] | |
1362 | fix key_read() for uuencoded keys w/o '=' | |
1363 | [serverloop.c] | |
1364 | group ssh1 vs. ssh2 in serverloop | |
1365 | [kex.c kex.h myproposal.h sshconnect2.c sshd.c] | |
1366 | split kexinit/kexdh, factor out common code | |
1367 | [readconf.c ssh.1 ssh.c] | |
1368 | forwardagent defaults to no, add ssh -A | |
1369 | - theo@cvs.openbsd.org | |
1370 | [session.c] | |
1371 | just some line shortening | |
60688ef9 | 1372 | - Released 2.1.0p3 |
b9f446d1 | 1373 | |
29611d9c | 1374 | 20000520 |
1375 | - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
25422c70 | 1376 | - Don't touch utmp if USE_UTMPX defined |
a423beaf | 1377 | - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com> |
fc1e8bf4 | 1378 | - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com> |
bcbf86ec | 1379 | - HPUX and Configure fixes from Lutz Jaenicke |
fc1e8bf4 | 1380 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
bcbf86ec | 1381 | - Use mkinstalldirs script to make directories instead of non-portable |
fc1e8bf4 | 1382 | "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
a905808d | 1383 | - Doc cleanup |
29611d9c | 1384 | |
301e9b01 | 1385 | 20000518 |
1386 | - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday | |
1387 | - OpenBSD CVS updates: | |
1388 | - markus@cvs.openbsd.org | |
1389 | [sshconnect.c] | |
1390 | copy only ai_addrlen bytes; misiek@pld.org.pl | |
1391 | [auth.c] | |
bcbf86ec | 1392 | accept an empty shell in authentication; bug reported by |
301e9b01 | 1393 | chris@tinker.ucr.edu |
1394 | [serverloop.c] | |
1395 | we don't have stderr for interactive terminal sessions (fcntl errors) | |
1396 | ||
ad85db64 | 1397 | 20000517 |
1398 | - Fix from Andre Lucas <andre.lucas@dial.pipex.com> | |
1399 | - Fixes command line printing segfaults (spotter: Bladt Norbert) | |
1400 | - Fixes erroneous printing of debug messages to syslog | |
1401 | - Fixes utmp for MacOS X (spotter: Aristedes Maniatis) | |
1402 | - Gives useful error message if PRNG initialisation fails | |
1403 | - Reduced ssh startup delay | |
1404 | - Measures cumulative command time rather than the time between reads | |
704b1659 | 1405 | after select() |
ad85db64 | 1406 | - 'fixprogs' perl script to eliminate non-working entropy commands, and |
704b1659 | 1407 | optionally run 'ent' to measure command entropy |
c1ef8333 | 1408 | - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix |
a64009ad | 1409 | - Avoid WCOREDUMP complation errors for systems that lack it |
bcbf86ec | 1410 | - Avoid SIGCHLD warnings from entropy commands |
28c1d5ce | 1411 | - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk> |
0e73cc53 | 1412 | - OpenBSD CVS update: |
bcbf86ec | 1413 | - markus@cvs.openbsd.org |
0e73cc53 | 1414 | [ssh.c] |
1415 | fix usage() | |
1416 | [ssh2.h] | |
1417 | draft-ietf-secsh-architecture-05.txt | |
1418 | [ssh.1] | |
1419 | document ssh -T -N (ssh2 only) | |
1420 | [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c] | |
1421 | enable nonblocking IO for sshd w/ proto 1, too; split out common code | |
1422 | [aux.c] | |
1423 | missing include | |
c04f75f1 | 1424 | - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
1425 | - INSTALL typo and URL fix | |
1426 | - Makefile fix | |
1427 | - Solaris fixes | |
bcbf86ec | 1428 | - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka |
c04f75f1 | 1429 | <ksakai@kso.netwk.ntt-at.co.jp> |
afa5ee68 | 1430 | - RSAless operation patch from kevin_oconnor@standardandpoors.com |
d45e3d76 | 1431 | - Detect OpenSSL seperatly from RSA |
bcbf86ec | 1432 | - Better test for RSA (more compatible with RSAref). Based on work by |
d45e3d76 | 1433 | Ed Eden <ede370@stl.rural.usda.gov> |
ad85db64 | 1434 | |
3d1a1654 | 1435 | 20000513 |
bcbf86ec | 1436 | - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz |
3d1a1654 | 1437 | <misiek@pld.org.pl> |
1438 | ||
d02a3a00 | 1439 | 20000511 |
bcbf86ec | 1440 | - Fix for prng_seed permissions checking from Lutz Jaenicke |
d02a3a00 | 1441 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
3d1a1654 | 1442 | - "make host-key" fix for Irix |
d02a3a00 | 1443 | |
d0c832f3 | 1444 | 20000509 |
1445 | - OpenBSD CVS update | |
1446 | - markus@cvs.openbsd.org | |
1447 | [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c] | |
1448 | [ssh.h sshconnect1.c sshconnect2.c sshd.8] | |
1449 | - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) | |
1450 | - hugh@cvs.openbsd.org | |
1451 | [ssh.1] | |
1452 | - zap typo | |
1453 | [ssh-keygen.1] | |
1454 | - One last nit fix. (markus approved) | |
1455 | [sshd.8] | |
1456 | - some markus certified spelling adjustments | |
1457 | - markus@cvs.openbsd.org | |
1458 | [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c] | |
1459 | [sshconnect2.c ] | |
1460 | - bug compat w/ ssh-2.0.13 x11, split out bugs | |
1461 | [nchan.c] | |
1462 | - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@ | |
1463 | [ssh-keygen.c] | |
1464 | - handle escapes in real and original key format, ok millert@ | |
1465 | [version.h] | |
1466 | - OpenSSH-2.1 | |
3dc1102e | 1467 | - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a |
e93ee87a | 1468 | - Doc updates |
bcbf86ec | 1469 | - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported |
21e5304a | 1470 | by Andre Lucas <andre.lucas@dial.pipex.com> |
d0c832f3 | 1471 | |
ebdeb9a8 | 1472 | 20000508 |
1473 | - Makefile and RPM spec fixes | |
1474 | - Generate DSA host keys during "make key" or RPM installs | |
f6cde515 | 1475 | - OpenBSD CVS update |
1476 | - markus@cvs.openbsd.org | |
1477 | [clientloop.c sshconnect2.c] | |
1478 | - make x11-fwd interop w/ ssh-2.0.13 | |
1479 | [README.openssh2] | |
1480 | - interop w/ SecureFX | |
1481 | - Release 2.0.0beta2 | |
ebdeb9a8 | 1482 | |
bcbf86ec | 1483 | - Configure caching and cleanup patch from Andre Lucas' |
58d100bf | 1484 | <andre.lucas@dial.pipex.com> |
1485 | ||
1d1ffb87 | 1486 | 20000507 |
1487 | - Remove references to SSLeay. | |
1488 | - Big OpenBSD CVS update | |
1489 | - markus@cvs.openbsd.org | |
1490 | [clientloop.c] | |
1491 | - typo | |
1492 | [session.c] | |
1493 | - update proctitle on pty alloc/dealloc, e.g. w/ windows client | |
1494 | [session.c] | |
1495 | - update proctitle for proto 1, too | |
1496 | [channels.h nchan.c serverloop.c session.c sshd.c] | |
1497 | - use c-style comments | |
1498 | - deraadt@cvs.openbsd.org | |
1499 | [scp.c] | |
1500 | - more atomicio | |
bcbf86ec | 1501 | - markus@cvs.openbsd.org |
1d1ffb87 | 1502 | [channels.c] |
1503 | - set O_NONBLOCK | |
1504 | [ssh.1] | |
1505 | - update AUTHOR | |
1506 | [readconf.c ssh-keygen.c ssh.h] | |
1507 | - default DSA key file ~/.ssh/id_dsa | |
1508 | [clientloop.c] | |
1509 | - typo, rm verbose debug | |
1510 | - deraadt@cvs.openbsd.org | |
1511 | [ssh-keygen.1] | |
1512 | - document DSA use of ssh-keygen | |
1513 | [sshd.8] | |
1514 | - a start at describing what i understand of the DSA side | |
1515 | [ssh-keygen.1] | |
1516 | - document -X and -x | |
1517 | [ssh-keygen.c] | |
1518 | - simplify usage | |
bcbf86ec | 1519 | - markus@cvs.openbsd.org |
1d1ffb87 | 1520 | [sshd.8] |
1521 | - there is no rhosts_dsa | |
1522 | [ssh-keygen.1] | |
1523 | - document -y, update -X,-x | |
1524 | [nchan.c] | |
1525 | - fix close for non-open ssh1 channels | |
1526 | [servconf.c servconf.h ssh.h sshd.8 sshd.c ] | |
1527 | - s/DsaKey/HostDSAKey/, document option | |
1528 | [sshconnect2.c] | |
1529 | - respect number_of_password_prompts | |
1530 | [channels.c channels.h servconf.c servconf.h session.c sshd.8] | |
1531 | - GatewayPorts for sshd, ok deraadt@ | |
1532 | [ssh-add.1 ssh-agent.1 ssh.1] | |
1533 | - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2 | |
1534 | [ssh.1] | |
1535 | - more info on proto 2 | |
1536 | [sshd.8] | |
1537 | - sync AUTHOR w/ ssh.1 | |
1538 | [key.c key.h sshconnect.c] | |
1539 | - print key type when talking about host keys | |
1540 | [packet.c] | |
1541 | - clear padding in ssh2 | |
1542 | [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h] | |
1543 | - replace broken uuencode w/ libc b64_ntop | |
1544 | [auth2.c] | |
1545 | - log failure before sending the reply | |
1546 | [key.c radix.c uuencode.c] | |
1547 | - remote trailing comments before calling __b64_pton | |
1548 | [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1] | |
1549 | [sshconnect2.c sshd.8] | |
1550 | - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8 | |
1551 | - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch]) | |
1552 | ||
1a11e1ae | 1553 | 20000502 |
0fbe8c74 | 1554 | - OpenBSD CVS update |
1555 | [channels.c] | |
1556 | - init all fds, close all fds. | |
1557 | [sshconnect2.c] | |
1558 | - check whether file exists before asking for passphrase | |
1559 | [servconf.c servconf.h sshd.8 sshd.c] | |
1560 | - PidFile, pr 1210 | |
1561 | [channels.c] | |
1562 | - EINTR | |
1563 | [channels.c] | |
1564 | - unbreak, ok niels@ | |
1565 | [sshd.c] | |
1566 | - unlink pid file, ok niels@ | |
1567 | [auth2.c] | |
1568 | - Add missing #ifdefs; ok - markus | |
bcbf86ec | 1569 | - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy |
d3083fbd | 1570 | gathering commands from a text file |
1a11e1ae | 1571 | - Release 2.0.0beta1 |
1572 | ||
c4bc58eb | 1573 | 20000501 |
1574 | - OpenBSD CVS update | |
1575 | [packet.c] | |
1576 | - send debug messages in SSH2 format | |
3189621b | 1577 | [scp.c] |
1578 | - fix very rare EAGAIN/EINTR issues; based on work by djm | |
1579 | [packet.c] | |
1580 | - less debug, rm unused | |
1581 | [auth2.c] | |
1582 | - disable kerb,s/key in ssh2 | |
1583 | [sshd.8] | |
1584 | - Minor tweaks and typo fixes. | |
1585 | [ssh-keygen.c] | |
1586 | - Put -d into usage and reorder. markus ok. | |
bcbf86ec | 1587 | - Include missing headers for OpenSSL tests. Fix from Phil Karn |
44fb55e9 | 1588 | <karn@ka9q.ampr.org> |
bcbf86ec | 1589 | - Fixed __progname symbol collisions reported by Andre Lucas |
3fd95d9a | 1590 | <andre.lucas@dial.pipex.com> |
0d5f7abc | 1591 | - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering |
1592 | <gd@hilb1.medat.de> | |
8cb940db | 1593 | - Add some missing ifdefs to auth2.c |
8af50c98 | 1594 | - Deprecate perl-tk askpass. |
52bcc044 | 1595 | - Irix portability fixes - don't include netinet headers more than once |
1596 | - Make sure we don't save PRNG seed more than once | |
c4bc58eb | 1597 | |
2b763e31 | 1598 | 20000430 |
1599 | - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au> | |
b7a87eea | 1600 | - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection |
1601 | patch. | |
1602 | - Adds timeout to entropy collection | |
1603 | - Disables slow entropy sources | |
1604 | - Load and save seed file | |
bcbf86ec | 1605 | - Changed entropy seed code to user per-user seeds only (server seed is |
b7a87eea | 1606 | saved in root's .ssh directory) |
1607 | - Use atexit() and fatal cleanups to save seed on exit | |
0b242b12 | 1608 | - More OpenBSD updates: |
1609 | [session.c] | |
1610 | - don't call chan_write_failed() if we are not writing | |
1611 | [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c] | |
1612 | - keysize warnings error() -> log() | |
2b763e31 | 1613 | |
a306f2dd | 1614 | 20000429 |
1615 | - Merge big update to OpenSSH-2.0 from OpenBSD CVS | |
1616 | [README.openssh2] | |
1617 | - interop w/ F-secure windows client | |
1618 | - sync documentation | |
1619 | - ssh_host_dsa_key not ssh_dsa_key | |
1620 | [auth-rsa.c] | |
1621 | - missing fclose | |
1622 | [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c] | |
1623 | [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c] | |
1624 | [sshd.c uuencode.c uuencode.h authfile.h] | |
1625 | - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] | |
1626 | for trading keys with the real and the original SSH, directly from the | |
1627 | people who invented the SSH protocol. | |
1628 | [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h] | |
1629 | [sshconnect1.c sshconnect2.c] | |
1630 | - split auth/sshconnect in one file per protocol version | |
1631 | [sshconnect2.c] | |
1632 | - remove debug | |
1633 | [uuencode.c] | |
1634 | - add trailing = | |
1635 | [version.h] | |
1636 | - OpenSSH-2.0 | |
1637 | [ssh-keygen.1 ssh-keygen.c] | |
1638 | - add -R flag: exit code indicates if RSA is alive | |
1639 | [sshd.c] | |
1640 | - remove unused | |
1641 | silent if -Q is specified | |
1642 | [ssh.h] | |
1643 | - host key becomes /etc/ssh_host_dsa_key | |
1644 | [readconf.c servconf.c ] | |
1645 | - ssh/sshd default to proto 1 and 2 | |
1646 | [uuencode.c] | |
1647 | - remove debug | |
1648 | [auth2.c ssh-keygen.c sshconnect2.c sshd.c] | |
1649 | - xfree DSA blobs | |
1650 | [auth2.c serverloop.c session.c] | |
1651 | - cleanup logging for sshd/2, respect PasswordAuth no | |
1652 | [sshconnect2.c] | |
1653 | - less debug, respect .ssh/config | |
1654 | [README.openssh2 channels.c channels.h] | |
bcbf86ec | 1655 | - clientloop.c session.c ssh.c |
a306f2dd | 1656 | - support for x11-fwding, client+server |
1657 | ||
0ac7199f | 1658 | 20000421 |
1659 | - Merge fix from OpenBSD CVS | |
1660 | [ssh-agent.c] | |
1661 | - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de> | |
1662 | via Debian bug #59926 | |
18ba2aab | 1663 | - Define __progname in session.c if libc doesn't |
1664 | - Remove indentation on autoconf #include statements to avoid bug in | |
bcbf86ec | 1665 | DEC Tru64 compiler. Report and fix from David Del Piero |
18ba2aab | 1666 | <David.DelPiero@qed.qld.gov.au> |
0ac7199f | 1667 | |
e1b37056 | 1668 | 20000420 |
bcbf86ec | 1669 | - Make fixpaths work with perl4, patch from Andre Lucas |
e1b37056 | 1670 | <andre.lucas@dial.pipex.com> |
9da5c3c9 | 1671 | - Sync with OpenBSD CVS: |
1672 | [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c] | |
1673 | - pid_t | |
1674 | [session.c] | |
1675 | - remove bogus chan_read_failed. this could cause data | |
1676 | corruption (missing data) at end of a SSH2 session. | |
4e577b89 | 1677 | - Merge fixes from Debian patch from Phil Hands <phil@hands.com> |
1678 | - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE) | |
1679 | - Use vhangup to clean up Linux ttys | |
1680 | - Force posix getopt processing on GNU libc systems | |
371ecff9 | 1681 | - Debian bug #55910 - remove references to ssl(8) manpages |
247f1a89 | 1682 | - Debian bug #58031 - ssh_config lies about default cipher |
e1b37056 | 1683 | |
d6f24e45 | 1684 | 20000419 |
1685 | - OpenBSD CVS updates | |
1686 | [channels.c] | |
1687 | - fix pr 1196, listen_port and port_to_connect interchanged | |
1688 | [scp.c] | |
bcbf86ec | 1689 | - after completion, replace the progress bar ETA counter with a final |
d6f24e45 | 1690 | elapsed time; my idea, aaron wrote the patch |
1691 | [ssh_config sshd_config] | |
1692 | - show 'Protocol' as an example, ok markus@ | |
1693 | [sshd.c] | |
1694 | - missing xfree() | |
1695 | - Add missing header to bsd-misc.c | |
1696 | ||
35484284 | 1697 | 20000416 |
1698 | - Reduce diff against OpenBSD source | |
bcbf86ec | 1699 | - All OpenSSL includes are now unconditionally referenced as |
35484284 | 1700 | openssl/foo.h |
1701 | - Pick up formatting changes | |
1702 | - Other minor changed (typecasts, etc) that I missed | |
1703 | ||
6ae2364d | 1704 | 20000415 |
1705 | - OpenBSD CVS updates. | |
1706 | [ssh.1 ssh.c] | |
1707 | - ssh -2 | |
1708 | [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] | |
1709 | [session.c sshconnect.c] | |
1710 | - check payload for (illegal) extra data | |
1711 | [ALL] | |
1712 | whitespace cleanup | |
1713 | ||
c323ac76 | 1714 | 20000413 |
1715 | - INSTALL doc updates | |
f54651ce | 1716 | - Merged OpenBSD updates to include paths. |
bcbf86ec | 1717 | |
a8be9f80 | 1718 | 20000412 |
1719 | - OpenBSD CVS updates: | |
1720 | - [channels.c] | |
1721 | repair x11-fwd | |
1722 | - [sshconnect.c] | |
1723 | fix passwd prompt for ssh2, less debugging output. | |
1724 | - [clientloop.c compat.c dsa.c kex.c sshd.c] | |
1725 | less debugging output | |
1726 | - [kex.c kex.h sshconnect.c sshd.c] | |
1727 | check for reasonable public DH values | |
1728 | - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] | |
1729 | [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] | |
1730 | add Cipher and Protocol options to ssh/sshd, e.g.: | |
1731 | ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers | |
1732 | arcfour,3des-cbc' | |
1733 | - [sshd.c] | |
1734 | print 1.99 only if server supports both | |
1735 | ||
18e92801 | 1736 | 20000408 |
1737 | - Avoid some compiler warnings in fake-get*.c | |
1738 | - Add IPTOS macros for systems which lack them | |
9d98aaf6 | 1739 | - Only set define entropy collection macros if they are found |
e78a59f5 | 1740 | - More large OpenBSD CVS updates: |
1741 | - [auth.c auth.h servconf.c servconf.h serverloop.c session.c] | |
1742 | [session.h ssh.h sshd.c README.openssh2] | |
1743 | ssh2 server side, see README.openssh2; enable with 'sshd -2' | |
1744 | - [channels.c] | |
1745 | no adjust after close | |
1746 | - [sshd.c compat.c ] | |
1747 | interop w/ latest ssh.com windows client. | |
bcbf86ec | 1748 | |
8ce64345 | 1749 | 20000406 |
1750 | - OpenBSD CVS update: | |
1751 | - [channels.c] | |
1752 | close efd on eof | |
1753 | - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h] | |
1754 | ssh2 client implementation, interops w/ ssh.com and lsh servers. | |
1755 | - [sshconnect.c] | |
1756 | missing free. | |
1757 | - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c] | |
1758 | remove unused argument, split cipher_mask() | |
1759 | - [clientloop.c] | |
1760 | re-order: group ssh1 vs. ssh2 | |
1761 | - Make Redhat spec require openssl >= 0.9.5a | |
1762 | ||
e7627112 | 1763 | 20000404 |
1764 | - Add tests for RAND_add function when searching for OpenSSL | |
7e7327a1 | 1765 | - OpenBSD CVS update: |
1766 | - [packet.h packet.c] | |
1767 | ssh2 packet format | |
1768 | - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c] | |
1769 | [channels.h channels.c] | |
1770 | channel layer support for ssh2 | |
1771 | - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] | |
1772 | DSA, keyexchange, algorithm agreement for ssh2 | |
6c081128 | 1773 | - Generate manpages before make install not at the end of make all |
1774 | - Don't seed the rng quite so often | |
1775 | - Always reseed rng when requested | |
e7627112 | 1776 | |
bfc9a610 | 1777 | 20000403 |
1778 | - Wrote entropy collection routines for systems that lack /dev/random | |
1779 | and EGD | |
837c30b8 | 1780 | - Disable tests and typedefs for 64 bit types. They are currently unused. |
bfc9a610 | 1781 | |
7368a6c8 | 1782 | 20000401 |
1783 | - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) | |
1784 | - [auth.c session.c sshd.c auth.h] | |
1785 | split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal | |
1786 | - [bufaux.c bufaux.h] | |
1787 | support ssh2 bignums | |
1788 | - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c] | |
1789 | [readconf.c ssh.c ssh.h serverloop.c] | |
1790 | replace big switch() with function tables (prepare for ssh2) | |
1791 | - [ssh2.h] | |
1792 | ssh2 message type codes | |
1793 | - [sshd.8] | |
1794 | reorder Xr to avoid cutting | |
1795 | - [serverloop.c] | |
1796 | close(fdin) if fdin != fdout, shutdown otherwise, ok theo@ | |
1797 | - [channels.c] | |
1798 | missing close | |
1799 | allow bigger packets | |
1800 | - [cipher.c cipher.h] | |
1801 | support ssh2 ciphers | |
1802 | - [compress.c] | |
1803 | cleanup, less code | |
1804 | - [dispatch.c dispatch.h] | |
1805 | function tables for different message types | |
1806 | - [log-server.c] | |
1807 | do not log() if debuggin to stderr | |
1808 | rename a cpp symbol, to avoid param.h collision | |
1809 | - [mpaux.c] | |
1810 | KNF | |
1811 | - [nchan.c] | |
1812 | sync w/ channels.c | |
1813 | ||
f5238bee | 1814 | 20000326 |
1815 | - Better tests for OpenSSL w/ RSAref | |
bcbf86ec | 1816 | - Added replacement setenv() function from OpenBSD libc. Suggested by |
f5238bee | 1817 | Ben Lindstrom <mouring@pconline.com> |
4fe2af09 | 1818 | - OpenBSD CVS update |
1819 | - [auth-krb4.c] | |
1820 | -Wall | |
1821 | - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c] | |
1822 | [match.h ssh.c ssh.h sshconnect.c sshd.c] | |
1823 | initial support for DSA keys. ok deraadt@, niels@ | |
1824 | - [cipher.c cipher.h] | |
1825 | remove unused cipher_attack_detected code | |
1826 | - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] | |
1827 | Fix some formatting problems I missed before. | |
1828 | - [ssh.1 sshd.8] | |
1829 | fix spelling errors, From: FreeBSD | |
1830 | - [ssh.c] | |
1831 | switch to raw mode only if he _get_ a pty (not if we _want_ a pty). | |
f5238bee | 1832 | |
0024a081 | 1833 | 20000324 |
1834 | - Released 1.2.3 | |
1835 | ||
bd499f9e | 1836 | 20000317 |
1837 | - Clarified --with-default-path option. | |
1838 | - Added -blibpath handling for AIX to work around stupid runtime linking. | |
1839 | Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble | |
1840 | <jmknoble@pobox.com> | |
474b5fef | 1841 | - Checks for 64 bit int types. Problem report from Mats Fredholm |
1842 | <matsf@init.se> | |
610cd5c6 | 1843 | - OpenBSD CVS updates: |
bcbf86ec | 1844 | - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] |
610cd5c6 | 1845 | [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] |
1846 | [sshd.c] | |
1847 | pedantic: signed vs. unsigned, void*-arithm, etc | |
1848 | - [ssh.1 sshd.8] | |
1849 | Various cleanups and standardizations. | |
bcbf86ec | 1850 | - Runtime error fix for HPUX from Otmar Stahl |
be48d23c | 1851 | <O.Stahl@lsw.uni-heidelberg.de> |
bd499f9e | 1852 | |
4696775a | 1853 | 20000316 |
bcbf86ec | 1854 | - Fixed configure not passing LDFLAGS to Solaris. Report from David G. |
4696775a | 1855 | Hesprich <dghespri@sprintparanet.com> |
d423d822 | 1856 | - Propogate LD through to Makefile |
b7a9ce47 | 1857 | - Doc cleanups |
2ba2a610 | 1858 | - Added blurb about "scp: command not found" errors to UPGRADING |
4696775a | 1859 | |
cb0b7ea4 | 1860 | 20000315 |
1861 | - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list | |
1862 | problems with gcc/Solaris. | |
bcbf86ec | 1863 | - Don't free argument to putenv() after use (in setenv() replacement). |
db55a3ea | 1864 | Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp> |
bcbf86ec | 1865 | - Created contrib/ subdirectory. Included helpers from Phil Hands' |
13652e52 | 1866 | Debian package, README file and chroot patch from Ricardo Cerqueira |
1867 | <rmcc@clix.pt> | |
bcbf86ec | 1868 | - Moved gnome-ssh-askpass.c to contrib directory and removed config |
13652e52 | 1869 | option. |
1870 | - Slight cleanup to doc files | |
b14b2ae7 | 1871 | - Configure fix from Bratislav ILICH <bilic@zepter.ru> |
cb0b7ea4 | 1872 | |
a8ed9fd9 | 1873 | 20000314 |
bcbf86ec | 1874 | - Include macro for IN6_IS_ADDR_V4MAPPED. Report from |
a8ed9fd9 | 1875 | peter@frontierflying.com |
84afc958 | 1876 | - Include /usr/local/include and /usr/local/lib for systems that don't |
1877 | do it themselves | |
1878 | - -R/usr/local/lib for Solaris | |
1879 | - Fix RSAref detection | |
1880 | - Fix IN6_IS_ADDR_V4MAPPED macro | |
a8ed9fd9 | 1881 | |
bcf36c78 | 1882 | 20000311 |
1883 | - Detect RSAref | |
43e48848 | 1884 | - OpenBSD CVS change |
1885 | [sshd.c] | |
1886 | - disallow guessing of root password | |
867dbf40 | 1887 | - More configure fixes |
80faa19f | 1888 | - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> |
bcf36c78 | 1889 | |
c8d54615 | 1890 | 20000309 |
1891 | - OpenBSD CVS updates to v1.2.3 | |
704b1659 | 1892 | [ssh.h atomicio.c] |
1893 | - int atomicio -> ssize_t (for alpha). ok deraadt@ | |
1894 | [auth-rsa.c] | |
1895 | - delay MD5 computation until client sends response, free() early, cleanup. | |
1896 | [cipher.c] | |
1897 | - void* -> unsigned char*, ok niels@ | |
1898 | [hostfile.c] | |
1899 | - remove unused variable 'len'. fix comments. | |
1900 | - remove unused variable | |
1901 | [log-client.c log-server.c] | |
1902 | - rename a cpp symbol, to avoid param.h collision | |
1903 | [packet.c] | |
1904 | - missing xfree() | |
1905 | - getsockname() requires initialized tolen; andy@guildsoftware.com | |
1906 | - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
1907 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
1908 | [pty.c pty.h] | |
bcbf86ec | 1909 | - register cleanup for pty earlier. move code for pty-owner handling to |
c8d54615 | 1910 | pty.c ok provos@, dugsong@ |
704b1659 | 1911 | [readconf.c] |
1912 | - turn off x11-fwd for the client, too. | |
1913 | [rsa.c] | |
1914 | - PKCS#1 padding | |
1915 | [scp.c] | |
1916 | - allow '.' in usernames; from jedgar@fxp.org | |
1917 | [servconf.c] | |
1918 | - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de | |
1919 | - sync with sshd_config | |
1920 | [ssh-keygen.c] | |
1921 | - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ | |
1922 | [ssh.1] | |
1923 | - Change invalid 'CHAT' loglevel to 'VERBOSE' | |
1924 | [ssh.c] | |
1925 | - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp | |
1926 | - turn off x11-fwd for the client, too. | |
1927 | [sshconnect.c] | |
1928 | - missing xfree() | |
1929 | - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. | |
1930 | - read error vs. "Connection closed by remote host" | |
1931 | [sshd.8] | |
1932 | - ie. -> i.e., | |
1933 | - do not link to a commercial page.. | |
1934 | - sync with sshd_config | |
1935 | [sshd.c] | |
1936 | - no need for poll.h; from bright@wintelcom.net | |
1937 | - log with level log() not fatal() if peer behaves badly. | |
1938 | - don't panic if client behaves strange. ok deraadt@ | |
1939 | - make no-port-forwarding for RSA keys deny both -L and -R style fwding | |
1940 | - delay close() of pty until the pty has been chowned back to root | |
1941 | - oops, fix comment, too. | |
1942 | - missing xfree() | |
1943 | - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. | |
1944 | (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) | |
bcbf86ec | 1945 | - register cleanup for pty earlier. move code for pty-owner handling to |
704b1659 | 1946 | pty.c ok provos@, dugsong@ |
1947 | - create x11 cookie file | |
1948 | - fix pr 1113, fclose() -> pclose(), todo: remote popen() | |
1949 | - version 1.2.3 | |
c8d54615 | 1950 | - Cleaned up |
bcbf86ec | 1951 | - Removed warning workaround for Linux and devpts filesystems (no longer |
d8223847 | 1952 | required after OpenBSD updates) |
c8d54615 | 1953 | |
07055445 | 1954 | 20000308 |
1955 | - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> | |
1956 | ||
1957 | 20000307 | |
1958 | - Released 1.2.2p1 | |
1959 | ||
9c8c3fc6 | 1960 | 20000305 |
1961 | - Fix DEC compile fix | |
54096dcc | 1962 | - Explicitly seed OpenSSL's PRNG before checking rsa_alive() |
aa6bd60a | 1963 | - Check for getpagesize in libucb.a if not found in libc. Fix for old |
1964 | Solaris from Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 1965 | - Check for libwrap if --with-tcp-wrappers option specified. Suggestion |
9fc7867e | 1966 | Mate Wierdl <mw@moni.msci.memphis.edu> |
9c8c3fc6 | 1967 | |
6bf4d066 | 1968 | 20000303 |
1969 | - Added "make host-key" target, Suggestion from Dominik Brettnacher | |
1970 | <domi@saargate.de> | |
bcbf86ec | 1971 | - Don't permanently fail on bind() if getaddrinfo has more choices left for |
16218745 | 1972 | us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz |
1973 | Miskiewicz <misiek@pld.org.pl> | |
22fa590f | 1974 | - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au> |
1975 | - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au> | |
6bf4d066 | 1976 | |
a0391976 | 1977 | 20000302 |
1978 | - Big cleanup of autoconf code | |
1979 | - Rearranged to be a little more logical | |
1980 | - Added -R option for Solaris | |
1981 | - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program | |
1982 | to detect library and header location _and_ ensure library has proper | |
1983 | RSA support built in (this is a problem with OpenSSL 0.9.5). | |
817175bc | 1984 | - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de |
0a1718dc | 1985 | - Avoid warning message with Unix98 ptys |
bcbf86ec | 1986 | - Warning was valid - possible race condition on PTYs. Avoided using |
3276571c | 1987 | platform-specific code. |
1988 | - Document some common problems | |
bcbf86ec | 1989 | - Allow root access to any key. Patch from |
81eef326 | 1990 | markus.friedl@informatik.uni-erlangen.de |
a0391976 | 1991 | |
f55afe71 | 1992 | 20000207 |
1993 | - Removed SOCKS code. Will support through a ProxyCommand. | |
1994 | ||
d07d1c58 | 1995 | 20000203 |
1996 | - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu | |
d581b7ae | 1997 | - Add --with-ssl-dir option |
d07d1c58 | 1998 | |
9d5f374b | 1999 | 20000202 |
bcbf86ec | 2000 | - Fix lastlog code for directory based lastlogs. Fix from Josh Durham |
9d5f374b | 2001 | <jmd@aoe.vt.edu> |
6b1f3fdb | 2002 | - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 2003 | - Added URLs to Japanese translations of documents by HARUYAMA Seigo |
6b1f3fdb | 2004 | <haruyama@nt.phys.s.u-tokyo.ac.jp> |
9d5f374b | 2005 | |
bc8c2601 | 2006 | 20000201 |
2007 | - Use socket pairs by default (instead of pipes). Prevents race condition | |
2008 | on several (buggy) OSs. Report and fix from tridge@linuxcare.com | |
2009 | ||
69c76614 | 2010 | 20000127 |
2011 | - Seed OpenSSL's random number generator before generating RSA keypairs | |
2012 | - Split random collector into seperate file | |
aaf2abd7 | 2013 | - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com> |
69c76614 | 2014 | |
f9507c24 | 2015 | 20000126 |
2016 | - Released 1.2.2 stable | |
2017 | ||
bcbf86ec | 2018 | - NeXT keeps it lastlog in /usr/adm. Report from |
f9507c24 | 2019 | mouring@newton.pconline.com |
bcbf86ec | 2020 | - Added note in UPGRADING re interop with commercial SSH using idea. |
587120ad | 2021 | Report from Jim Knoble <jmknoble@pobox.com> |
2022 | - Fix linking order for Kerberos/AFS. Fix from Holget Trapp | |
2023 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
f9507c24 | 2024 | |
bfae20ad | 2025 | 20000125 |
bcbf86ec | 2026 | - Fix NULL pointer dereference in login.c. Fix from Andre Lucas |
bfae20ad | 2027 | <andre.lucas@dial.pipex.com> |
07b0cb78 | 2028 | - Reorder PAM initialisation so it does not mess up lastlog. Reported |
2029 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 2030 | - Use preformatted manpages on SCO, report from Gary E. Miller |
9755cbdb | 2031 | <gem@rellim.com> |
2032 | - New URL for x11-ssh-askpass. | |
bcbf86ec | 2033 | - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble |
7e31dc81 | 2034 | <jmknoble@pobox.com> |
bcbf86ec | 2035 | - Added 'DESTDIR' option to Makefile to ease package building. Patch from |
ff8ecdb8 | 2036 | Jim Knoble <jmknoble@pobox.com> |
2037 | - Updated RPM spec files to use DESTDIR | |
bfae20ad | 2038 | |
bb58aa4b | 2039 | 20000124 |
2040 | - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number | |
2041 | increment) | |
2042 | ||
d45317d8 | 2043 | 20000123 |
2044 | - OpenBSD CVS: | |
2045 | - [packet.c] | |
2046 | getsockname() requires initialized tolen; andy@guildsoftware.com | |
bcbf86ec | 2047 | - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin |
4c40f834 | 2048 | <drankin@bohemians.lexington.ky.us> |
12aa90af | 2049 | - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com> |
d45317d8 | 2050 | |
e844f761 | 2051 | 20000122 |
2052 | - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor | |
2053 | <bent@clark.net> | |
c54a6257 | 2054 | - Merge preformatted manpage patch from Andre Lucas |
2055 | <andre.lucas@dial.pipex.com> | |
8eb34e02 | 2056 | - Make IPv4 use the default in RPM packages |
2057 | - Irix uses preformatted manpages | |
1e64903d | 2058 | - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp |
2059 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
9bc5ddfe | 2060 | - OpenBSD CVS updates: |
2061 | - [packet.c] | |
2062 | use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
2063 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
2064 | - [sshd.c] | |
2065 | log with level log() not fatal() if peer behaves badly. | |
2066 | - [readpass.c] | |
bcbf86ec | 2067 | instead of blocking SIGINT, catch it ourselves, so that we can clean |
2068 | the tty modes up and kill ourselves -- instead of our process group | |
2069 | leader (scp, cvs, ...) going away and leaving us in noecho mode. | |
9bc5ddfe | 2070 | people with cbreak shells never even noticed.. |
399d9d44 | 2071 | - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
2072 | ie. -> i.e., | |
e844f761 | 2073 | |
4c8ef3fb | 2074 | 20000120 |
2075 | - Don't use getaddrinfo on AIX | |
7b2ea3a1 | 2076 | - Update to latest OpenBSD CVS: |
2077 | - [auth-rsa.c] | |
2078 | - fix user/1056, sshd keeps restrictions; dbt@meat.net | |
2079 | - [sshconnect.c] | |
2080 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
2081 | - destroy keys earlier | |
bcbf86ec | 2082 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 2083 | ok: provos@ |
7b2ea3a1 | 2084 | - [sshd.c] |
2085 | - no need for poll.h; from bright@wintelcom.net | |
2086 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
bcbf86ec | 2087 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 2088 | ok: provos@ |
f3bba493 | 2089 | - Big manpage and config file cleanup from Andre Lucas |
2090 | <andre.lucas@dial.pipex.com> | |
5f4fdfae | 2091 | - Re-added latest (unmodified) OpenBSD manpages |
47f9a56a | 2092 | - Doc updates |
d468fc76 | 2093 | - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and |
2094 | Christos Zoulas <christos@netbsd.org> | |
4c8ef3fb | 2095 | |
082bbfb3 | 2096 | 20000119 |
20af321f | 2097 | - SCO compile fixes from Gary E. Miller <gem@rellim.com> |
082bbfb3 | 2098 | - Compile fix from Darren_Hall@progressive.com |
59e76f33 | 2099 | - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC |
2100 | addresses using getaddrinfo(). Added a configure switch to make the | |
2101 | default lookup mode AF_INET | |
082bbfb3 | 2102 | |
a63a7f37 | 2103 | 20000118 |
2104 | - Fixed --with-pid-dir option | |
51a6baf8 | 2105 | - Makefile fix from Gary E. Miller <gem@rellim.com> |
bcbf86ec | 2106 | - Compile fix for HPUX and Solaris from Andre Lucas |
976f7e19 | 2107 | <andre.lucas@dial.pipex.com> |
a63a7f37 | 2108 | |
f914c7fb | 2109 | 20000117 |
2110 | - Clean up bsd-bindresvport.c. Use arc4random() for picking initial | |
2111 | port, ignore EINVAL errors (Linux) when searching for free port. | |
bcbf86ec | 2112 | - Revert __snprintf -> snprintf aliasing. Apparently Solaris |
de93b046 | 2113 | __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org> |
9b363e1c | 2114 | - Document location of Redhat PAM file in INSTALL. |
bcbf86ec | 2115 | - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6 |
2116 | INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to | |
f4a7cf29 | 2117 | deliver (no IPv6 kernel support) |
80a44451 | 2118 | - Released 1.2.1pre27 |
f914c7fb | 2119 | |
f4a7cf29 | 2120 | - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c) |
bcbf86ec | 2121 | - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen |
cf8ad170 | 2122 | <jhuuskon@hytti.uku.fi> |
bcbf86ec | 2123 | - Fix hang on logout if processes are still using the pty. Needs |
691a8a9f | 2124 | further testing. |
5957fd29 | 2125 | - Patch from Christos Zoulas <christos@zoulas.com> |
2126 | - Try $prefix first when looking for OpenSSL. | |
2127 | - Include sys/types.h when including sys/socket.h in test programs | |
bcbf86ec | 2128 | - Substitute PID directory in sshd.8. Suggestion from Andrew |
19d9ac2a | 2129 | Stribblehill <a.d.stribblehill@durham.ac.uk> |
f4a7cf29 | 2130 | |
47e45e44 | 2131 | 20000116 |
2132 | - Renamed --with-xauth-path to --with-xauth | |
2133 | - Added --with-pid-dir option | |
2134 | - Released 1.2.1pre26 | |
2135 | ||
a82ef8ae | 2136 | - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
bcbf86ec | 2137 | - Fixed broken bugfix for /dev/ptmx on Linux systems which lack |
66be05a1 | 2138 | openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
a82ef8ae | 2139 | |
5cdfe03f | 2140 | 20000115 |
2141 | - Add --with-xauth-path configure directive and explicit test for | |
bcbf86ec | 2142 | /usr/openwin/bin/xauth for Solaris systems. Report from Anders |
5cdfe03f | 2143 | Nordby <anders@fix.no> |
bcbf86ec | 2144 | - Fix incorrect detection of /dev/ptmx on Linux systems that lack |
5cdfe03f | 2145 | openpty. Report from John Seifarth <john@waw.be> |
2146 | - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in | |
bcbf86ec | 2147 | sys/types.h. Fixes problems on SCO, report from Gary E. Miller |
5cdfe03f | 2148 | <gem@rellim.com> |
2149 | - Use __snprintf and __vnsprintf if they are found where snprintf and | |
2150 | vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net> | |
2151 | and others. | |
2152 | ||
48e671d5 | 2153 | 20000114 |
2154 | - Merged OpenBSD IPv6 patch: | |
2155 | - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] | |
2156 | [scp.c packet.h packet.c login.c log.c canohost.c channels.c] | |
2157 | [hostfile.c sshd_config] | |
2158 | ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new | |
bcbf86ec | 2159 | features: sshd allows multiple ListenAddress and Port options. note |
2160 | that libwrap is not IPv6-ready. (based on patches from | |
48e671d5 | 2161 | fujiwara@rcac.tdi.co.jp) |
2162 | - [ssh.c canohost.c] | |
bcbf86ec | 2163 | more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, |
48e671d5 | 2164 | from itojun@ |
2165 | - [channels.c] | |
2166 | listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) | |
2167 | - [packet.h] | |
2168 | allow auth-kerberos for IPv4 only | |
2169 | - [scp.1 sshd.8 servconf.h scp.c] | |
2170 | document -4, -6, and 'ssh -L 2022/::1/22' | |
2171 | - [ssh.c] | |
bcbf86ec | 2172 | 'ssh @host' is illegal (null user name), from |
48e671d5 | 2173 | karsten@gedankenpolizei.de |
2174 | - [sshconnect.c] | |
2175 | better error message | |
2176 | - [sshd.c] | |
2177 | allow auth-kerberos for IPv4 only | |
2178 | - Big IPv6 merge: | |
2179 | - Cleanup overrun in sockaddr copying on RHL 6.1 | |
2180 | - Replacements for getaddrinfo, getnameinfo, etc based on versions | |
2181 | from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp> | |
2182 | - Replacement for missing structures on systems that lack IPv6 | |
2183 | - record_login needed to know about AF_INET6 addresses | |
2184 | - Borrowed more code from OpenBSD: rresvport_af and requisites | |
2185 | ||
2598df62 | 2186 | 20000110 |
2187 | - Fixes to auth-skey to enable it to use the standard OpenSSL libraries | |
2188 | ||
b8a0310d | 2189 | 20000107 |
2190 | - New config.sub and config.guess to fix problems on SCO. Supplied | |
2191 | by Gary E. Miller <gem@rellim.com> | |
b6a98a85 | 2192 | - SCO build fix from Gary E. Miller <gem@rellim.com> |
2598df62 | 2193 | - Released 1.2.1pre25 |
b8a0310d | 2194 | |
dfb95100 | 2195 | 20000106 |
2196 | - Documentation update & cleanup | |
2197 | - Better KrbIV / AFS detection, based on patch from: | |
2198 | Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
2199 | ||
b9795b89 | 2200 | 20000105 |
bcbf86ec | 2201 | - Fixed annoying DES corruption problem. libcrypt has been |
b9795b89 | 2202 | overriding symbols in libcrypto. Removed libcrypt and crypt.h |
2203 | altogether (libcrypto includes its own crypt(1) replacement) | |
2204 | - Added platform-specific rules for Irix 6.x. Included warning that | |
2205 | they are untested. | |
2206 | ||
a1ec4d79 | 2207 | 20000103 |
2208 | - Add explicit make rules for files proccessed by fixpaths. | |
bcbf86ec | 2209 | - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori |
a1ec4d79 | 2210 | <tnh@kondara.org> |
bcbf86ec | 2211 | - Removed "nullok" directive from default PAM configuration files. |
2212 | Added information on enabling EmptyPasswords on openssh+PAM in | |
607d73e6 | 2213 | UPGRADING file. |
e02735bb | 2214 | - OpenBSD CVS updates |
2215 | - [ssh-agent.c] | |
bcbf86ec | 2216 | cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and |
e02735bb | 2217 | dgaudet@arctic.org |
2218 | - [sshconnect.c] | |
2219 | compare correct version for 1.3 compat mode | |
a1ec4d79 | 2220 | |
93c7f644 | 2221 | 20000102 |
2222 | - Prevent multiple inclusion of config.h and defines.h. Suggested | |
2223 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
2224 | - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet | |
2225 | <dgaudet@arctic.org> | |
2226 | ||
76b8607f | 2227 | 19991231 |
bcbf86ec | 2228 | - Fix password support on systems with a mixture of shadowed and |
2229 | non-shadowed passwords (e.g. NIS). Report and fix from | |
76b8607f | 2230 | HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 2231 | - Fix broken autoconf typedef detection. Report from Marc G. |
723221b5 | 2232 | Fournier <marc.fournier@acadiau.ca> |
b92964b7 | 2233 | - Fix occasional crash on LinuxPPC. Patch from Franz Sirl |
2234 | <Franz.Sirl-kernel@lauterbach.com> | |
bcbf86ec | 2235 | - Prevent typedefs from being compiled more than once. Report from |
a6ddc88b | 2236 | Marc G. Fournier <marc.fournier@acadiau.ca> |
4811cc0b | 2237 | - Fill in ut_utaddr utmp field. Report from Benjamin Charron |
2238 | <iretd@bigfoot.com> | |
bcbf86ec | 2239 | - Really fix broken default path. Fix from Jim Knoble |
c43d69a9 | 2240 | <jmknoble@pobox.com> |
ae3a3d31 | 2241 | - Remove test for quad_t. No longer needed. |
76a8e733 | 2242 | - Released 1.2.1pre24 |
2243 | ||
2244 | - Added support for directory-based lastlogs | |
2245 | - Really fix typedefs, patch from Ben Taylor <bent@clark.net> | |
76b8607f | 2246 | |
13f825f4 | 2247 | 19991230 |
2248 | - OpenBSD CVS updates: | |
2249 | - [auth-passwd.c] | |
2250 | check for NULL 1st | |
bcbf86ec | 2251 | - Removed most of the pam code into its own file auth-pam.[ch]. This |
a5c9cd31 | 2252 | cleaned up sshd.c up significantly. |
bcbf86ec | 2253 | - PAM authentication was incorrectly interpreting |
76b8607f | 2254 | "PermitRootLogin without-password". Report from Matthias Andree |
2255 | <ma@dt.e-technik.uni-dortmund.de | |
a5c9cd31 | 2256 | - Several other cleanups |
0bc5b6fb | 2257 | - Merged Dante SOCKS support patch from David Rankin |
2258 | <drankin@bohemians.lexington.ky.us> | |
2259 | - Updated documentation with ./configure options | |
76b8607f | 2260 | - Released 1.2.1pre23 |
13f825f4 | 2261 | |
c73a0cb5 | 2262 | 19991229 |
bcbf86ec | 2263 | - Applied another NetBSD portability patch from David Rankin |
c73a0cb5 | 2264 | <drankin@bohemians.lexington.ky.us> |
2265 | - Fix --with-default-path option. | |
bcbf86ec | 2266 | - Autodetect perl, patch from David Rankin |
a0f84251 | 2267 | <drankin@bohemians.lexington.ky.us> |
bcbf86ec | 2268 | - Print whether OpenSSH was compiled with RSARef, patch from |
0a2ff95d | 2269 | Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu> |
bcbf86ec | 2270 | - Calls to pam_setcred, patch from Nalin Dahyabhai |
f91bacbd | 2271 | <nalin@thermo.stat.ncsu.edu> |
e3a93db0 | 2272 | - Detect missing size_t and typedef it. |
5ab44a92 | 2273 | - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] |
2274 | - Minor Makefile cleaning | |
c73a0cb5 | 2275 | |
b6019d68 | 2276 | 19991228 |
2277 | - Replacement for getpagesize() for systems which lack it | |
bcbf86ec | 2278 | - NetBSD login.c compile fix from David Rankin |
70e0115b | 2279 | <drankin@bohemians.lexington.ky.us> |
2280 | - Fully set ut_tv if present in utmp or utmpx | |
d94aa2ae | 2281 | - Portability fixes for Irix 5.3 (now compiles OK!) |
2282 | - autoconf and other misc cleanups | |
ea1970a3 | 2283 | - Merged AIX patch from Darren Hall <dhall@virage.org> |
2284 | - Cleaned up defines.h | |
fa9a2dd6 | 2285 | - Released 1.2.1pre22 |
b6019d68 | 2286 | |
d2dcff5f | 2287 | 19991227 |
2288 | - Automatically correct paths in manpages and configuration files. Patch | |
2289 | and script from Andre Lucas <andre.lucas@dial.pipex.com> | |
2290 | - Removed credits from README to CREDITS file, updated. | |
cb807f40 | 2291 | - Added --with-default-path to specify custom path for server |
2292 | - Removed #ifdef trickery from acconfig.h into defines.h | |
36a5b38e | 2293 | - PAM bugfix. PermitEmptyPassword was being ignored. |
2294 | - Fixed PAM config files to allow empty passwords if server does. | |
2295 | - Explained spurious PAM auth warning workaround in UPGRADING | |
21feb5fa | 2296 | - Use last few chars of tty line as ut_id |
5a7794be | 2297 | - New SuSE RPM spec file from Chris Saia <csaia@wtower.com> |
00e6dd70 | 2298 | - OpenBSD CVS updates: |
2299 | - [packet.h auth-rhosts.c] | |
2300 | check format string for packet_disconnect and packet_send_debug, too | |
2301 | - [channels.c] | |
2302 | use packet_get_maxsize for channels. consistence. | |
d2dcff5f | 2303 | |
f74efc8d | 2304 | 19991226 |
2305 | - Enabled utmpx support by default for Solaris | |
2306 | - Cleanup sshd.c PAM a little more | |
bc7ea646 | 2307 | - Revised RPM package to include Jim Knoble's <jmknoble@pobox.com> |
2308 | X11 ssh-askpass program. | |
20c43d8c | 2309 | - Disable logging of PAM success and failures, PAM is verbose enough. |
bcbf86ec | 2310 | Unfortunatly there is currently no way to disable auth failure |
2311 | messages. Mention this in UPGRADING file and sent message to PAM | |
20c43d8c | 2312 | developers |
83b7f649 | 2313 | - OpenBSD CVS update: |
2314 | - [ssh-keygen.1 ssh.1] | |
bcbf86ec | 2315 | remove ref to .ssh/random_seed, mention .ssh/environment in |
83b7f649 | 2316 | .Sh FILES, too |
72251cb6 | 2317 | - Released 1.2.1pre21 |
bcbf86ec | 2318 | - Fixed implicit '.' in default path, report from Jim Knoble |
72251cb6 | 2319 | <jmknoble@pobox.com> |
30a39691 | 2320 | - Redhat RPM spec fixes from Jim Knoble <jmknoble@pobox.com> |
f74efc8d | 2321 | |
f498ed15 | 2322 | 19991225 |
2323 | - More fixes from Andre Lucas <andre.lucas@dial.pipex.com> | |
2324 | - Cleanup of auth-passwd.c for shadow and MD5 passwords | |
2325 | - Cleanup and bugfix of PAM authentication code | |
f74efc8d | 2326 | - Released 1.2.1pre20 |
2327 | ||
2328 | - Merged fixes from Ben Taylor <bent@clark.net> | |
2329 | - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> | |
2330 | - Disabled logging of PAM password authentication failures when password | |
2331 | is empty. (e.g start of authentication loop). Reported by Naz | |
2332 | <96na@eng.cam.ac.uk>) | |
f498ed15 | 2333 | |
2334 | 19991223 | |
bcbf86ec | 2335 | - Merged later HPUX patch from Andre Lucas |
f498ed15 | 2336 | <andre.lucas@dial.pipex.com> |
2337 | - Above patch included better utmpx support from Ben Taylor | |
f74efc8d | 2338 | <bent@clark.net> |
f498ed15 | 2339 | |
eef6f7e9 | 2340 | 19991222 |
bcbf86ec | 2341 | - Fix undefined fd_set type in ssh.h from Povl H. Pedersen |
eef6f7e9 | 2342 | <pope@netguide.dk> |
ae28776a | 2343 | - Fix login.c breakage on systems which lack ut_host in struct |
2344 | utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com> | |
eef6f7e9 | 2345 | |
a7effaac | 2346 | 19991221 |
bcbf86ec | 2347 | - Integration of large HPUX patch from Andre Lucas |
2348 | <andre.lucas@dial.pipex.com>. Integrating it had a few other | |
a7effaac | 2349 | benefits: |
2350 | - Ability to disable shadow passwords at configure time | |
2351 | - Ability to disable lastlog support at configure time | |
2352 | - Support for IP address in $DISPLAY | |
ae2f7af7 | 2353 | - OpenBSD CVS update: |
2354 | - [sshconnect.c] | |
2355 | say "REMOTE HOST IDENTIFICATION HAS CHANGED" | |
59dd7a31 | 2356 | - Fix DISABLE_SHADOW support |
2357 | - Allow MD5 passwords even if shadow passwords are disabled | |
16034de9 | 2358 | - Release 1.2.1pre19 |
a7effaac | 2359 | |
3f1d9bcd | 2360 | 19991218 |
bcbf86ec | 2361 | - Redhat init script patch from Chun-Chung Chen |
3f1d9bcd | 2362 | <cjj@u.washington.edu> |
7e1c2490 | 2363 | - Avoid breakage on systems without IPv6 headers |
3f1d9bcd | 2364 | |
60d804c8 | 2365 | 19991216 |
bcbf86ec | 2366 | - Makefile changes for Solaris from Peter Kocks |
60d804c8 | 2367 | <peter.kocks@baygate.com> |
89cafde6 | 2368 | - Minor updates to docs |
2369 | - Merged OpenBSD CVS changes: | |
2370 | - [authfd.c ssh-agent.c] | |
2371 | keysize warnings talk about identity files | |
2372 | - [packet.c] | |
2373 | "Connection closed by x.x.x.x": fatal() -> log() | |
bcbf86ec | 2374 | - Correctly handle empty passwords in shadow file. Patch from: |
c9d323f0 | 2375 | "Chris, the Young One" <cky@pobox.com> |
2376 | - Released 1.2.1pre18 | |
60d804c8 | 2377 | |
7dc6fc6d | 2378 | 19991215 |
2379 | - Integrated patchs from Juergen Keil <jk@tools.de> | |
2380 | - Avoid void* pointer arithmatic | |
2381 | - Use LDFLAGS correctly | |
68227e6d | 2382 | - Fix SIGIO error in scp |
2383 | - Simplify status line printing in scp | |
bcbf86ec | 2384 | - Added better test for inline functions compiler support from |
906a2515 | 2385 | Darren_Hall@progressive.com |
7dc6fc6d | 2386 | |
95f1eccc | 2387 | 19991214 |
2388 | - OpenBSD CVS Changes | |
2389 | - [canohost.c] | |
bcbf86ec | 2390 | fix get_remote_port() and friends for sshd -i; |
95f1eccc | 2391 | Holger.Trapp@Informatik.TU-Chemnitz.DE |
2392 | - [mpaux.c] | |
2393 | make code simpler. no need for memcpy. niels@ ok | |
2394 | - [pty.c] | |
2395 | namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org | |
2396 | fix proto; markus | |
2397 | - [ssh.1] | |
2398 | typo; mark.baushke@solipsa.com | |
2399 | - [channels.c ssh.c ssh.h sshd.c] | |
2400 | type conflict for 'extern Type *options' in channels.c; dot@dotat.at | |
2401 | - [sshconnect.c] | |
2402 | move checking of hostkey into own function. | |
2403 | - [version.h] | |
2404 | OpenSSH-1.2.1 | |
884bcb37 | 2405 | - Clean up broken includes in pty.c |
7303768f | 2406 | - Some older systems don't have poll.h, they use sys/poll.h instead |
2407 | - Doc updates | |
95f1eccc | 2408 | |
847e8865 | 2409 | 19991211 |
bcbf86ec | 2410 | - Fix compilation on systems with AFS. Reported by |
847e8865 | 2411 | aloomis@glue.umd.edu |
bcbf86ec | 2412 | - Fix installation on Solaris. Reported by |
847e8865 | 2413 | Gordon Rowell <gordonr@gormand.com.au> |
2414 | - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com, | |
2415 | patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
2416 | - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com> | |
2417 | - Compile fix from David Agraz <dagraz@jahoopa.com> | |
2418 | - Avoid compiler warning in bsd-snprintf.c | |
bcbf86ec | 2419 | - Added pam_limits.so to default PAM config. Suggested by |
847e8865 | 2420 | Jim Knoble <jmknoble@pobox.com> |
2421 | ||
8946db53 | 2422 | 19991209 |
2423 | - Import of patch from Ben Taylor <bent@clark.net>: | |
2424 | - Improved PAM support | |
2425 | - "uninstall" rule for Makefile | |
2426 | - utmpx support | |
2427 | - Should fix PAM problems on Solaris | |
2d86a6cc | 2428 | - OpenBSD CVS updates: |
2429 | - [readpass.c] | |
2430 | avoid stdio; based on work by markus, millert, and I | |
2431 | - [sshd.c] | |
2432 | make sure the client selects a supported cipher | |
2433 | - [sshd.c] | |
bcbf86ec | 2434 | fix sighup handling. accept would just restart and daemon handled |
2435 | sighup only after the next connection was accepted. use poll on | |
2d86a6cc | 2436 | listen sock now. |
2437 | - [sshd.c] | |
2438 | make that a fatal | |
87e91331 | 2439 | - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us> |
2440 | to fix libwrap support on NetBSD | |
5001b9e4 | 2441 | - Released 1.2pre17 |
8946db53 | 2442 | |
6d8c4ea4 | 2443 | 19991208 |
bcbf86ec | 2444 | - Compile fix for Solaris with /dev/ptmx from |
6d8c4ea4 | 2445 | David Agraz <dagraz@jahoopa.com> |
2446 | ||
4285816a | 2447 | 19991207 |
2448 | - sshd Redhat init script patch from Jim Knoble <jmknoble@pobox.com> | |
2449 | fixes compatability with 4.x and 5.x | |
db28aeb5 | 2450 | - Fixed default SSH_ASKPASS |
bcbf86ec | 2451 | - Fix PAM account and session being called multiple times. Problem |
d465f2ca | 2452 | reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk> |
a408af76 | 2453 | - Merged more OpenBSD changes: |
2454 | - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c] | |
bcbf86ec | 2455 | move atomicio into it's own file. wrap all socket write()s which |
a408af76 | 2456 | were doing write(sock, buf, len) != len, with atomicio() calls. |
2457 | - [auth-skey.c] | |
2458 | fd leak | |
2459 | - [authfile.c] | |
2460 | properly name fd variable | |
2461 | - [channels.c] | |
2462 | display great hatred towards strcpy | |
2463 | - [pty.c pty.h sshd.c] | |
2464 | use openpty() if it exists (it does on BSD4_4) | |
2465 | - [tildexpand.c] | |
2466 | check for ~ expansion past MAXPATHLEN | |
2467 | - Modified helper.c to use new atomicio function. | |
2468 | - Reformat Makefile a little | |
2469 | - Moved RC4 routines from rc4.[ch] into helper.c | |
2470 | - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX) | |
9983a8ca | 2471 | - Updated SuSE spec from Chris Saia <csaia@wtower.com> |
2472 | - Tweaked Redhat spec | |
9158d92f | 2473 | - Clean up bad imports of a few files (forgot -kb) |
2474 | - Released 1.2pre16 | |
4285816a | 2475 | |
9c7b6dfd | 2476 | 19991204 |
2477 | - Small cleanup of PAM code in sshd.c | |
57112b5a | 2478 | - Merged OpenBSD CVS changes: |
2479 | - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h] | |
2480 | move skey-auth from auth-passwd.c to auth-skey.c, same for krb4 | |
2481 | - [auth-rsa.c] | |
2482 | warn only about mismatch if key is _used_ | |
2483 | warn about keysize-mismatch with log() not error() | |
2484 | channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c | |
2485 | ports are u_short | |
2486 | - [hostfile.c] | |
2487 | indent, shorter warning | |
2488 | - [nchan.c] | |
2489 | use error() for internal errors | |
2490 | - [packet.c] | |
2491 | set loglevel for SSH_MSG_DISCONNECT to log(), not fatal() | |
2492 | serverloop.c | |
2493 | indent | |
2494 | - [ssh-add.1 ssh-add.c ssh.h] | |
2495 | document $SSH_ASKPASS, reasonable default | |
2496 | - [ssh.1] | |
2497 | CheckHostIP is not available for connects via proxy command | |
2498 | - [sshconnect.c] | |
2499 | typo | |
2500 | easier to read client code for passwd and skey auth | |
2501 | turn of checkhostip for proxy connects, since we don't know the remote ip | |
9c7b6dfd | 2502 | |
dad3b556 | 2503 | 19991126 |
2504 | - Add definition for __P() | |
2505 | - Added [v]snprintf() replacement for systems that lack it | |
2506 | ||
0ce43ae4 | 2507 | 19991125 |
2508 | - More reformatting merged from OpenBSD CVS | |
2509 | - Merged OpenBSD CVS changes: | |
2510 | - [channels.c] | |
2511 | fix packet_integrity_check() for !have_hostname_in_open. | |
2512 | report from mrwizard@psu.edu via djm@ibs.com.au | |
2513 | - [channels.c] | |
2514 | set SO_REUSEADDR and SO_LINGER for forwarded ports. | |
2515 | chip@valinux.com via damien@ibs.com.au | |
2516 | - [nchan.c] | |
2517 | it's not an error() if shutdown_write failes in nchan. | |
2518 | - [readconf.c] | |
2519 | remove dead #ifdef-0-code | |
2520 | - [readconf.c servconf.c] | |
2521 | strcasecmp instead of tolower | |
2522 | - [scp.c] | |
2523 | progress meter overflow fix from damien@ibs.com.au | |
2524 | - [ssh-add.1 ssh-add.c] | |
2525 | SSH_ASKPASS support | |
2526 | - [ssh.1 ssh.c] | |
2527 | postpone fork_after_authentication until command execution, | |
2528 | request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au | |
2529 | plus: use daemon() for backgrounding | |
cf8dd513 | 2530 | - Added BSD compatible install program and autoconf test, thanks to |
2531 | Niels Kristian Bech Jensen <nkbj@image.dk> | |
2532 | - Solaris fixing, thanks to Ben Taylor <bent@clark.net> | |
09041313 | 2533 | - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com> |
3dbefdb8 | 2534 | - Release 1.2pre15 |
0ce43ae4 | 2535 | |
5260325f | 2536 | 19991124 |
2537 | - Merged very large OpenBSD source code reformat | |
2538 | - OpenBSD CVS updates | |
2539 | - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] | |
2540 | [ssh.h sshd.8 sshd.c] | |
2541 | syslog changes: | |
2542 | * Unified Logmessage for all auth-types, for success and for failed | |
2543 | * Standard connections get only ONE line in the LOG when level==LOG: | |
2544 | Auth-attempts are logged only, if authentication is: | |
2545 | a) successfull or | |
2546 | b) with passwd or | |
2547 | c) we had more than AUTH_FAIL_LOG failues | |
2548 | * many log() became verbose() | |
2549 | * old behaviour with level=VERBOSE | |
2550 | - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] | |
2551 | tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE | |
2552 | messages. allows use of s/key in windows (ttssh, securecrt) and | |
2553 | ssh-1.2.27 clients without 'ssh -v', ok: niels@ | |
2554 | - [sshd.8] | |
2555 | -V, for fallback to openssh in SSH2 compatibility mode | |
2556 | - [sshd.c] | |
2557 | fix sigchld race; cjc5@po.cwru.edu | |
2558 | ||
4655fe80 | 2559 | 19991123 |
2560 | - Added SuSE package files from Chris Saia <csaia@wtower.com> | |
8b241e50 | 2561 | - Restructured package-related files under packages/* |
4655fe80 | 2562 | - Added generic PAM config |
8b241e50 | 2563 | - Numerous little Solaris fixes |
9c08d6ce | 2564 | - Add recommendation to use GNU make to INSTALL document |
4655fe80 | 2565 | |
60bed5fd | 2566 | 19991122 |
2567 | - Make <enter> close gnome-ssh-askpass (Debian bug #50299) | |
2f2cc3f9 | 2568 | - OpenBSD CVS Changes |
bcbf86ec | 2569 | - [ssh-keygen.c] |
2570 | don't create ~/.ssh only if the user wants to store the private | |
2571 | key there. show fingerprint instead of public-key after | |
2f2cc3f9 | 2572 | keygeneration. ok niels@ |
b09a984b | 2573 | - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h |
96ad4350 | 2574 | - Added timersub() macro |
b09a984b | 2575 | - Tidy RCSIDs of bsd-*.c |
bcbf86ec | 2576 | - Added autoconf test and macro to deal with old PAM libraries |
96ad4350 | 2577 | pam_strerror definition (one arg vs two). |
530f1889 | 2578 | - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>) |
bcbf86ec | 2579 | - Retry /dev/urandom reads interrupted by signal (report from |
530f1889 | 2580 | Robert Hardy <rhardy@webcon.net>) |
1647c2b5 | 2581 | - Added a setenv replacement for systems which lack it |
d84a9a44 | 2582 | - Only display public key comment when presenting ssh-askpass dialog |
2583 | - Released 1.2pre14 | |
60bed5fd | 2584 | |
bcbf86ec | 2585 | - Configure, Make and changelog corrections from Tudor Bosman |
2ddcfdf3 | 2586 | <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk> |
2587 | ||
9d6b7add | 2588 | 19991121 |
2f2cc3f9 | 2589 | - OpenBSD CVS Changes: |
60bed5fd | 2590 | - [channels.c] |
2591 | make this compile, bad markus | |
2592 | - [log.c readconf.c servconf.c ssh.h] | |
2593 | bugfix: loglevels are per host in clientconfig, | |
2594 | factor out common log-level parsing code. | |
2595 | - [servconf.c] | |
2596 | remove unused index (-Wall) | |
2597 | - [ssh-agent.c] | |
2598 | only one 'extern char *__progname' | |
2599 | - [sshd.8] | |
2600 | document SIGHUP, -Q to synopsis | |
2601 | - [sshconnect.c serverloop.c sshd.c packet.c packet.h] | |
2602 | [channels.c clientloop.c] | |
2603 | SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ | |
2604 | [hope this time my ISP stays alive during commit] | |
2605 | - [OVERVIEW README] typos; green@freebsd | |
2606 | - [ssh-keygen.c] | |
2607 | replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me) | |
2608 | exit if writing the key fails (no infinit loop) | |
2609 | print usage() everytime we get bad options | |
2610 | - [ssh-keygen.c] overflow, djm@mindrot.org | |
2611 | - [sshd.c] fix sigchld race; cjc5@po.cwru.edu | |
bcbf86ec | 2612 | |
2b942fe0 | 2613 | 19991120 |
bcbf86ec | 2614 | - Merged more Solaris support from Marc G. Fournier |
2b942fe0 | 2615 | <marc.fournier@acadiau.ca> |
2616 | - Wrote autoconf tests for integer bit-types | |
2617 | - Fixed enabling kerberos support | |
bcbf86ec | 2618 | - Fix segfault in ssh-keygen caused by buffer overrun in filename |
13c36c4c | 2619 | handling. |
2b942fe0 | 2620 | |
06479889 | 2621 | 19991119 |
2622 | - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com> | |
2ad77510 | 2623 | - Merged OpenBSD CVS changes |
2624 | - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] | |
2625 | more %d vs. %s in fmt-strings | |
2626 | - [authfd.c] | |
2627 | Integers should not be printed with %s | |
7b1cc56c | 2628 | - EGD uses a socket, not a named pipe. Duh. |
2629 | - Fix includes in fingerprint.c | |
29dbde15 | 2630 | - Fix scp progress bar bug again. |
bcbf86ec | 2631 | - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of |
736890c4 | 2632 | David Rankin <drankin@bohemians.lexington.ky.us> |
91b8065d | 2633 | - Added autoconf option to enable Kerberos 4 support (untested) |
2634 | - Added autoconf option to enable AFS support (untested) | |
2635 | - Added autoconf option to enable S/Key support (untested) | |
2636 | - Added autoconf option to enable TCP wrappers support (compiles OK) | |
beb43d31 | 2637 | - Renamed BSD helper function files to bsd-* |
bcbf86ec | 2638 | - Added tests for login and daemon and enable OpenBSD replacements for |
caf3bc51 | 2639 | when they are absent. |
2640 | - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu> | |
06479889 | 2641 | |
2bd61362 | 2642 | 19991118 |
2643 | - Merged OpenBSD CVS changes | |
2644 | - [scp.c] foregroundproc() in scp | |
2645 | - [sshconnect.h] include fingerprint.h | |
bcbf86ec | 2646 | - [sshd.c] bugfix: the log() for passwd-auth escaped during logging |
2bd61362 | 2647 | changes. |
0c16a097 | 2648 | - [ssh.1] Spell my name right. |
2bd61362 | 2649 | - Added openssh.com info to README |
2650 | ||
f095fcc7 | 2651 | 19991117 |
2652 | - Merged OpenBSD CVS changes | |
2653 | - [ChangeLog.Ylonen] noone needs this anymore | |
2654 | - [authfd.c] close-on-exec for auth-socket, ok deraadt | |
bcbf86ec | 2655 | - [hostfile.c] |
2656 | in known_hosts key lookup the entry for the bits does not need | |
2657 | to match, all the information is contained in n and e. This | |
2658 | solves the problem with buggy servers announcing the wrong | |
f095fcc7 | 2659 | modulus length. markus and me. |
bcbf86ec | 2660 | - [serverloop.c] |
2661 | bugfix: check for space if child has terminated, from: | |
f095fcc7 | 2662 | iedowse@maths.tcd.ie |
2663 | - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] | |
2664 | [fingerprint.c fingerprint.h] | |
2665 | rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se> | |
2666 | - [ssh-agent.1] typo | |
2667 | - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ | |
bcbf86ec | 2668 | - [sshd.c] |
f095fcc7 | 2669 | force logging to stderr while loading private key file |
2670 | (lost while converting to new log-levels) | |
2671 | ||
4d195447 | 2672 | 19991116 |
2673 | - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> | |
2674 | - Merged OpenBSD CVS changes: | |
2675 | - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] | |
2676 | [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] | |
2677 | the keysize of rsa-parameter 'n' is passed implizit, | |
2678 | a few more checks and warnings about 'pretended' keysizes. | |
2679 | - [cipher.c cipher.h packet.c packet.h sshd.c] | |
2680 | remove support for cipher RC4 | |
2681 | - [ssh.c] | |
2682 | a note for legay systems about secuity issues with permanently_set_uid(), | |
2683 | the private hostkey and ptrace() | |
2684 | - [sshconnect.c] | |
2685 | more detailed messages about adding and checking hostkeys | |
2686 | ||
dad9a31e | 2687 | 19991115 |
2688 | - Merged OpenBSD CVS changes: | |
bcbf86ec | 2689 | - [ssh-add.c] change passphrase loop logic and remove ref to |
dad9a31e | 2690 | $DISPLAY, ok niels |
2691 | - Changed to ssh-add.c broke askpass support. Revised it to be a little more | |
bcbf86ec | 2692 | modular. |
dad9a31e | 2693 | - Revised autoconf support for enabling/disabling askpass support. |
e7c0f9d5 | 2694 | - Merged more OpenBSD CVS changes: |
704b1659 | 2695 | [auth-krb4.c] |
2696 | - disconnect if getpeername() fails | |
2697 | - missing xfree(*client) | |
2698 | [canohost.c] | |
2699 | - disconnect if getpeername() fails | |
2700 | - fix comment: we _do_ disconnect if ip-options are set | |
2701 | [sshd.c] | |
2702 | - disconnect if getpeername() fails | |
2703 | - move checking of remote port to central place | |
2704 | [auth-rhosts.c] move checking of remote port to central place | |
2705 | [log-server.c] avoid extra fd per sshd, from millert@ | |
2706 | [readconf.c] print _all_ bad config-options in ssh(1), too | |
2707 | [readconf.h] print _all_ bad config-options in ssh(1), too | |
2708 | [ssh.c] print _all_ bad config-options in ssh(1), too | |
2709 | [sshconnect.c] disconnect if getpeername() fails | |
e7c0f9d5 | 2710 | - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. |
c75a1a66 | 2711 | - Various small cleanups to bring diff (against OpenBSD) size down. |
f601d847 | 2712 | - Merged more Solaris compability from Marc G. Fournier |
2713 | <marc.fournier@acadiau.ca> | |
2714 | - Wrote autoconf tests for __progname symbol | |
8c119fd0 | 2715 | - RPM spec file fixes from Jim Knoble <jmknoble@pobox.com> |
0c372277 | 2716 | - Released 1.2pre12 |
2717 | ||
2718 | - Another OpenBSD CVS update: | |
2719 | - [ssh-keygen.1] fix .Xr | |
dad9a31e | 2720 | |
92da7197 | 2721 | 19991114 |
2722 | - Solaris compilation fixes (still imcomplete) | |
2723 | ||
94f7bb9e | 2724 | 19991113 |
dd092f97 | 2725 | - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk> |
2726 | - Don't install config files if they already exist | |
2727 | - Fix inclusion of additional preprocessor directives from acconfig.h | |
94f7bb9e | 2728 | - Removed redundant inclusions of config.h |
e9c75a39 | 2729 | - Added 'Obsoletes' lines to RPM spec file |
94f7bb9e | 2730 | - Merged OpenBSD CVS changes: |
2731 | - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels | |
bcbf86ec | 2732 | - [scp.c] fix overflow reported by damien@ibs.com.au: off_t |
94f7bb9e | 2733 | totalsize, ok niels,aaron |
bcbf86ec | 2734 | - Delay fork (-f option) in ssh until after port forwarded connections |
94f7bb9e | 2735 | have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi> |
b2344d54 | 2736 | - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de> |
2737 | - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled | |
dd092f97 | 2738 | - Tidied default config file some more |
2739 | - Revised Redhat initscript to fix bug: sshd (re)start would fail | |
2740 | if executed from inside a ssh login. | |
94f7bb9e | 2741 | |
e35c1dc2 | 2742 | 19991112 |
2743 | - Merged changes from OpenBSD CVS | |
2744 | - [sshd.c] session_key_int may be zero | |
b4748e2f | 2745 | - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] |
bcbf86ec | 2746 | IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok |
b4748e2f | 2747 | deraadt,millert |
2748 | - Brought default sshd_config more in line with OpenBSD's | |
547c9f30 | 2749 | - Grab server in gnome-ssh-askpass (Debian bug #49872) |
2750 | - Released 1.2pre10 | |
e35c1dc2 | 2751 | |
8bc7973f | 2752 | - Added INSTALL documentation |
6fa724bc | 2753 | - Merged yet more changes from OpenBSD CVS |
2754 | - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] | |
2755 | [ssh.c ssh.h sshconnect.c sshd.c] | |
2756 | make all access to options via 'extern Options options' | |
2757 | and 'extern ServerOptions options' respectively; | |
2758 | options are no longer passed as arguments: | |
2759 | * make options handling more consistent | |
2760 | * remove #include "readconf.h" from ssh.h | |
2761 | * readconf.h is only included if necessary | |
2762 | - [mpaux.c] clear temp buffer | |
2763 | - [servconf.c] print _all_ bad options found in configfile | |
045672f9 | 2764 | - Make ssh-askpass support optional through autoconf |
59b0f0d4 | 2765 | - Fix nasty division-by-zero error in scp.c |
2766 | - Released 1.2pre11 | |
8bc7973f | 2767 | |
4cca272e | 2768 | 19991111 |
2769 | - Added (untested) Entropy Gathering Daemon (EGD) support | |
67d68e3a | 2770 | - Fixed /dev/urandom fd leak (Debian bug #49722) |
5bbb5681 | 2771 | - Merged OpenBSD CVS changes: |
2772 | - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
2773 | - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
2774 | - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
bcbf86ec | 2775 | - Fix integer overflow which was messing up scp's progress bar for large |
3f1d9bcd | 2776 | file transfers. Fix submitted to OpenBSD developers. Report and fix |
2777 | from Kees Cook <cook@cpoint.net> | |
6a17f9c2 | 2778 | - Merged more OpenBSD CVS changes: |
bcbf86ec | 2779 | - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() |
6a17f9c2 | 2780 | + krb-cleanup cleanup |
2781 | - [clientloop.c log-client.c log-server.c ] | |
2782 | [readconf.c readconf.h servconf.c servconf.h ] | |
2783 | [ssh.1 ssh.c ssh.h sshd.8] | |
2784 | add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, | |
2785 | obsoletes QuietMode and FascistLogging in sshd. | |
e35c1dc2 | 2786 | - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: |
2787 | allow session_key_int != sizeof(session_key) | |
2788 | [this should fix the pre-assert-removal-core-files] | |
2789 | - Updated default config file to use new LogLevel option and to improve | |
2790 | readability | |
2791 | ||
f370266e | 2792 | 19991110 |
67d68e3a | 2793 | - Merged several minor fixes: |
f370266e | 2794 | - ssh-agent commandline parsing |
2795 | - RPM spec file now installs ssh setuid root | |
2796 | - Makefile creates libdir | |
4cca272e | 2797 | - Merged beginnings of Solaris compability from Marc G. Fournier |
2798 | <marc.fournier@acadiau.ca> | |
f370266e | 2799 | |
d4f11b59 | 2800 | 19991109 |
2801 | - Autodetection of SSL/Crypto library location via autoconf | |
2802 | - Fixed location of ssh-askpass to follow autoconf | |
2803 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
2804 | - Autodetection of RSAref library for US users | |
2805 | - Minor doc updates | |
560557bb | 2806 | - Merged OpenBSD CVS changes: |
2807 | - [rsa.c] bugfix: use correct size for memset() | |
2808 | - [sshconnect.c] warn if announced size of modulus 'n' != real size | |
f025becb | 2809 | - Added GNOME passphrase requestor (use --with-gnome-askpass) |
d397b172 | 2810 | - RPM build now creates subpackages |
aa51e7cc | 2811 | - Released 1.2pre9 |
d4f11b59 | 2812 | |
e1a9c08d | 2813 | 19991108 |
2814 | - Removed debian/ directory. This is now being maintained separately. | |
2815 | - Added symlinks for slogin in RPM spec file | |
2816 | - Fixed permissions on manpages in RPM spec file | |
2817 | - Added references to required libraries in README file | |
2818 | - Removed config.h.in from CVS | |
2819 | - Removed pwdb support (better pluggable auth is provided by glibc) | |
2820 | - Made PAM and requisite libdl optional | |
2821 | - Removed lots of unnecessary checks from autoconf | |
2822 | - Added support and autoconf test for openpty() function (Unix98 pty support) | |
2823 | - Fix for scp not finding ssh if not installed as /usr/bin/ssh | |
2824 | - Added TODO file | |
2825 | - Merged parts of Debian patch From Phil Hands <phil@hands.com>: | |
2826 | - Added ssh-askpass program | |
2827 | - Added ssh-askpass support to ssh-add.c | |
2828 | - Create symlinks for slogin on install | |
2829 | - Fix "distclean" target in makefile | |
2830 | - Added example for ssh-agent to manpage | |
2831 | - Added support for PAM_TEXT_INFO messages | |
2832 | - Disable internal /etc/nologin support if PAM enabled | |
2833 | - Merged latest OpenBSD CVS changes: | |
5bae4ab8 | 2834 | - [all] replace assert() with error, fatal or packet_disconnect |
e1a9c08d | 2835 | - [sshd.c] don't send fail-msg but disconnect if too many authentication |
2836 | failures | |
e1a9c08d | 2837 | - [sshd.c] remove unused argument. ok dugsong |
2838 | - [sshd.c] typo | |
2839 | - [rsa.c] clear buffers used for encryption. ok: niels | |
2840 | - [rsa.c] replace assert() with error, fatal or packet_disconnect | |
ade6fccd | 2841 | - [auth-krb4.c] remove unused argument. ok dugsong |
e1a9c08d | 2842 | - Fixed coredump after merge of OpenBSD rsa.c patch |
9010d60a | 2843 | - Released 1.2pre8 |
e1a9c08d | 2844 | |
3028328e | 2845 | 19991102 |
2846 | - Merged change from OpenBSD CVS | |
2847 | - One-line cleanup in sshd.c | |
2848 | ||
474832c5 | 2849 | 19991030 |
2850 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> | |
69256d9d | 2851 | - Merged latest updates for OpenBSD CVS: |
2852 | - channels.[ch] - remove broken x11 fix and document istate/ostate | |
2853 | - ssh-agent.c - call setsid() regardless of argv[] | |
2854 | - ssh.c - save a few lines when disabling rhosts-{rsa-}auth | |
2855 | - Documentation cleanups | |
2856 | - Renamed README -> README.Ylonen | |
2857 | - Renamed README.openssh ->README | |
474832c5 | 2858 | |
339660f6 | 2859 | 19991029 |
2860 | - Renamed openssh* back to ssh* at request of Theo de Raadt | |
2861 | - Incorporated latest changes from OpenBSD's CVS | |
2862 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
2863 | - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | |
549b3eed | 2864 | - Make distclean now removed configure script |
2865 | - Improved PAM logging | |
2866 | - Added some debug() calls for PAM | |
4ecd19ea | 2867 | - Removed redundant subdirectories |
bcbf86ec | 2868 | - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for |
4ecd19ea | 2869 | building on Debian. |
242588e6 | 2870 | - Fixed off-by-one error in PAM env patch |
2871 | - Released 1.2pre6 | |
339660f6 | 2872 | |
5881cd60 | 2873 | 19991028 |
2874 | - Further PAM enhancements. | |
2875 | - Much cleaner | |
2876 | - Now uses account and session modules for all logins. | |
2877 | - Integrated patch from Dan Brosemer <odin@linuxfreak.com> | |
2878 | - Build fixes | |
2879 | - Autoconf | |
2880 | - Change binary names to open* | |
2881 | - Fixed autoconf script to detect PAM on RH6.1 | |
2882 | - Added tests for libpwdb, and OpenBSD functions to autoconf | |
221395b3 | 2883 | - Released 1.2pre4 |
fca82d2e | 2884 | |
2885 | - Imported latest OpenBSD CVS code | |
2886 | - Updated README.openssh | |
93f04616 | 2887 | - Released 1.2pre5 |
fca82d2e | 2888 | |
5881cd60 | 2889 | 19991027 |
2890 | - Adapted PAM patch. | |
2891 | - Released 1.0pre2 | |
2892 | ||
2893 | - Excised my buggy replacements for strlcpy and mkdtemp | |
2894 | - Imported correct OpenBSD strlcpy and mkdtemp routines. | |
2895 | - Reduced arc4random_stir entropy read to 32 bytes (256 bits) | |
2896 | - Picked up correct version number from OpenBSD | |
2897 | - Added sshd.pam PAM configuration file | |
2898 | - Added sshd.init Redhat init script | |
2899 | - Added openssh.spec RPM spec file | |
2900 | - Released 1.2pre3 | |
2901 | ||
2902 | 19991026 | |
2903 | - Fixed include paths of OpenSSL functions | |
2904 | - Use OpenSSL MD5 routines | |
2905 | - Imported RC4 code from nanocrypt | |
2906 | - Wrote replacements for OpenBSD arc4random* functions | |
2907 | - Wrote replacements for strlcpy and mkdtemp | |
2908 | - Released 1.0pre1 |