]>
Commit | Line | Data |
---|---|---|
d60e487c | 1 | 20030603 |
2 | - (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from | |
3 | simon@sxw.org.uk (Also matches a change in OpenBSD a while ago) | |
8acdec60 | 4 | - (djm) Bug #577 - wrong flag in scard-opensc.c sc_private_decrypt. |
5 | ok markus@ | |
d60e487c | 6 | |
3a2b2b44 | 7 | 20030603 |
8 | - (djm) Replace setproctitle replacement with code derived from | |
9 | UCB sendmail | |
c5a7d788 | 10 | - (djm) OpenBSD CVS Sync |
11 | - markus@cvs.openbsd.org 2003/06/02 09:17:34 | |
12 | [auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c] | |
13 | [canohost.c monitor.c servconf.c servconf.h session.c sshd_config] | |
14 | [sshd_config.5] | |
15 | deprecate VerifyReverseMapping since it's dangerous if combined | |
16 | with IP based access control as noted by Mike Harding; replace with | |
17 | a UseDNS option, UseDNS is on by default and includes the | |
18 | VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@ | |
19 | ok deraadt@, djm@ | |
d981089c | 20 | - millert@cvs.openbsd.org 2003/06/03 02:56:16 |
21 | [scp.c] | |
22 | Remove the advertising clause in the UCB license which Berkeley | |
23 | rescinded 22 July 1999. Proofed by myself and Theo. | |
c5a7d788 | 24 | - (djm) Fix portable-specific uses of verify_reverse_mapping too |
3e67f7df | 25 | - (djm) Sync openbsd-compat with OpenBSD CVS. |
484d59c7 | 26 | - No more 4-term BSD licenses in linked code |
5d8ca8c7 | 27 | - (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping. |
3a2b2b44 | 28 | |
aff561f9 | 29 | 20030602 |
30 | - (djm) Fix segv from bad reordering in auth-pam.c | |
416c732d | 31 | - (djm) Always use saved_argv in sshd.c as compat_init_setproctitle may |
32 | clobber | |
1b7342ab | 33 | - (tim) openbsd-compat/xmmap.[ch] License clarifications. Add missing |
34 | CVS ID. | |
8862e142 | 35 | - (djm) Remove "noip6" option from RedHat spec file. This may now be |
36 | set at runtime using AddressFamily option. | |
58ba3cb7 | 37 | - (djm) Fix use of macro before #define in cipher-aes.c |
382fe2fa | 38 | - (djm) Sync license on openbsd-compat/bindresvport.c with OpenBSD CVS |
b0545fe6 | 39 | - (djm) OpenBSD CVS Sync |
40 | - djm@cvs.openbsd.org 2003/05/26 12:54:40 | |
41 | [sshconnect.c] | |
42 | fix format strings; ok markus@ | |
fa5120a0 | 43 | - deraadt@cvs.openbsd.org 2003/05/29 16:58:45 |
44 | [sshd.c uidswap.c] | |
45 | seteuid and setegid; markus ok | |
0f92946c | 46 | - jakob@cvs.openbsd.org 2003/06/02 08:31:10 |
47 | [ssh_config.5] | |
48 | VerifyHostKeyDNS is v2 only. ok markus@ | |
aff561f9 | 49 | |
4f178be8 | 50 | 20030530 |
51 | - (dtucker) Add missing semicolon in md5crypt.c, patch from openssh at | |
52 | roumenpetrov.info | |
eabb99c6 | 53 | - (dtucker) Define SSHD_ACQUIRES_CTTY for NCR MP-RAS and Reliant Unix. |
4f178be8 | 54 | |
4881aebb | 55 | 20030526 |
56 | - (djm) Avoid auth2-chall.c warning when compiling without | |
57 | PAM, BSD_AUTH and SKEY | |
58 | ||
5b0fe364 | 59 | 20030525 |
60 | - (djm) OpenBSD CVS Sync | |
61 | - djm@cvs.openbsd.org 2003/05/24 09:02:22 | |
62 | [log.c] | |
63 | pass logged data through strnvis; ok markus | |
b9ed513a | 64 | - djm@cvs.openbsd.org 2003/05/24 09:30:40 |
65 | [authfile.c monitor.c sftp-common.c sshpty.c] | |
66 | cast some types for printing; ok markus@ | |
5b0fe364 | 67 | |
44c78996 | 68 | 20030524 |
69 | - (dtucker) Correct --osfsia in INSTALL. Patch by skeleten at shillest.net | |
70 | ||
d83ebe4a | 71 | 20030523 |
72 | - (djm) Use VIS_SAFE on logged strings rather than default strnvis | |
73 | encoding (which encodes many more characters) | |
bd47824b | 74 | - OpenBSD CVS Sync |
75 | - jmc@cvs.openbsd.org 2003/05/20 12:03:35 | |
76 | [sftp.1] | |
77 | - new sentence, new line | |
78 | - added .Xr's | |
79 | - typos | |
80 | ok djm@ | |
3cbc677d | 81 | - jmc@cvs.openbsd.org 2003/05/20 12:09:31 |
82 | [ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1] | |
83 | new sentence, new line | |
da54f5be | 84 | - djm@cvs.openbsd.org 2003/05/23 08:29:30 |
85 | [sshconnect.c] | |
86 | fix leak; ok markus@ | |
d83ebe4a | 87 | |
c453493f | 88 | 20030520 |
89 | - (djm) OpenBSD CVS Sync | |
90 | - deraadt@cvs.openbsd.org 2003/05/18 23:22:01 | |
91 | [log.c] | |
92 | use syslog_r() in a signal handler called place; markus ok | |
79d4fc55 | 93 | - (djm) Configure logic to detect syslog_r and friends |
c453493f | 94 | |
acb50584 | 95 | 20030519 |
96 | - (djm) Sync auth-pam.h with what we actually implement | |
97 | ||
98 | 20030518 | |
5ff453c0 | 99 | - (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in |
100 | recent merge | |
f811e52a | 101 | - (djm) OpenBSD CVS Sync |
102 | - djm@cvs.openbsd.org 2003/05/16 03:27:12 | |
103 | [readconf.c ssh_config ssh_config.5 ssh-keysign.c] | |
104 | add AddressFamily option to ssh_config (like -4, -6 on commandline). | |
105 | Portable bug #534; ok markus@ | |
013b1214 | 106 | - itojun@cvs.openbsd.org 2003/05/17 03:25:58 |
107 | [auth-rhosts.c] | |
108 | just in case, put numbers to sscanf %s arg. | |
25b66522 | 109 | - markus@cvs.openbsd.org 2003/05/17 04:27:52 |
110 | [cipher.c cipher-ctr.c myproposal.h] | |
111 | experimental support for aes-ctr modes from | |
112 | http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt | |
113 | ok djm@ | |
25351757 | 114 | - (djm) Remove IPv4 by default hack now that we can specify AF in config |
3bf784bc | 115 | - (djm) Tidy and trim TODO |
bffa6723 | 116 | - (djm) Sync openbsd-compat/ with OpenBSD CVS head |
9901cb37 | 117 | - (djm) Big KNF on openbsd-compat/ |
f1da2b8b | 118 | - (djm) KNF on md5crypt.[ch] |
119 | - (djm) KNF on auth-sia.[ch] | |
5ff453c0 | 120 | |
f123055b | 121 | 20030517 |
122 | - (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD) | |
123 | ||
c936c243 | 124 | 20030516 |
125 | - (djm) OpenBSD CVS Sync | |
126 | - djm@cvs.openbsd.org 2003/05/15 13:52:10 | |
127 | [ssh.c] | |
128 | Make "ssh -V" print the OpenSSL version in a human readable form. Patch | |
129 | from Craig Leres (mindrot at ee.lbl.gov); ok markus@ | |
a2144546 | 130 | - jakob@cvs.openbsd.org 2003/05/15 14:02:47 |
131 | [readconf.c servconf.c] | |
132 | warn for unsupported config option. ok markus@ | |
5bdfde81 | 133 | - markus@cvs.openbsd.org 2003/05/15 14:09:21 |
134 | [auth2-krb5.c] | |
135 | fix 64bit issue; report itojun@ | |
09ab3296 | 136 | - djm@cvs.openbsd.org 2003/05/15 14:55:25 |
137 | [readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c] | |
138 | add a ConnectTimeout option to ssh, based on patch from | |
139 | Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@ | |
b06b11ad | 140 | - (djm) Add warning for UsePAM when built without PAM support |
7be625e1 | 141 | - (djm) A few type mismatch fixes from Bug #565 |
0eb6370a | 142 | - (djm) Guard free_pam_environment against NULL argument. Works around |
143 | HP/UX PAM problems debugged by dtucker | |
c936c243 | 144 | |
7efc7f57 | 145 | 20030515 |
146 | - (djm) OpenBSD CVS Sync | |
147 | - jmc@cvs.openbsd.org 2003/05/14 13:11:56 | |
148 | [ssh-agent.1] | |
149 | setup -> set up; | |
150 | from wiz@netbsd | |
21289cd0 | 151 | - jakob@cvs.openbsd.org 2003/05/14 18:16:20 |
152 | [key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c] | |
153 | [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c] | |
154 | add experimental support for verifying hos keys using DNS as described | |
155 | in draft-ietf-secsh-dns-xx.txt. more information in README.dns. | |
156 | ok markus@ and henning@ | |
16a79097 | 157 | - markus@cvs.openbsd.org 2003/05/14 22:24:42 |
158 | [clientloop.c session.c ssh.1] | |
159 | allow to send a BREAK to the remote system; ok various | |
b8c2031b | 160 | - markus@cvs.openbsd.org 2003/05/15 00:28:28 |
161 | [sshconnect2.c] | |
162 | cleanup unregister of per-method packet handlers; ok djm@ | |
d0ec7f42 | 163 | - jakob@cvs.openbsd.org 2003/05/15 01:48:10 |
164 | [readconf.c readconf.h servconf.c servconf.h] | |
165 | always parse kerberos options. ok djm@ markus@ | |
b414a17b | 166 | - jakob@cvs.openbsd.org 2003/05/15 02:27:15 |
167 | [dns.c] | |
168 | add missing freerrset | |
3b6e3da9 | 169 | - markus@cvs.openbsd.org 2003/05/15 03:08:29 |
170 | [cipher.c cipher-bf1.c cipher-aes.c cipher-3des1.c] | |
171 | split out custom EVP ciphers | |
02159d9b | 172 | - djm@cvs.openbsd.org 2003/05/15 03:10:52 |
173 | [ssh-keygen.c] | |
174 | avoid warning; ok jakob@ | |
4a26f5c5 | 175 | - mouring@cvs.openbsd.org 2003/05/15 03:39:07 |
176 | [sftp-int.c] | |
177 | Make put/get (globed and nonglobed) code more consistant. OK djm@ | |
c44f10c6 | 178 | - mouring@cvs.openbsd.org 2003/05/15 03:43:59 |
dc69f53c | 179 | [sftp-int.c sftp.c] |
c44f10c6 | 180 | Teach ls how to display multiple column display and allow users |
181 | to return to single column format via 'ls -1'. OK @djm | |
1457e7ff | 182 | - jakob@cvs.openbsd.org 2003/05/15 04:08:44 |
183 | [readconf.c servconf.c] | |
184 | disable kerberos when not supported. ok markus@ | |
861f0365 | 185 | - markus@cvs.openbsd.org 2003/05/15 04:08:41 |
186 | [ssh.1] | |
187 | ~B is ssh2 only | |
d0ec7f42 | 188 | - (djm) Always parse UsePAM |
3e05e934 | 189 | - (djm) Configure glue for DNS support (code doesn't work in portable yet) |
4460d509 | 190 | - (djm) Import getrrsetbyname() function from OpenBSD libc (for DNS support) |
86ee6794 | 191 | - (djm) Tidy Makefile clean targets |
2636769c | 192 | - (djm) Adapt README.dns for portable |
2d2e4a34 | 193 | - (djm) Avoid uuencode.c warnings |
1457e7ff | 194 | - (djm) Enable UsePAM when built --with-pam |
67467c30 | 195 | - (djm) Only build getrrsetbyname replacement when using --with-dns |
f420d2ba | 196 | - (djm) Bug #529: sshd doesn't work correctly after SIGHUP (copy argv |
197 | correctly) | |
3c49ef10 | 198 | - (djm) Bug #444: Wrong paths after reconfigure |
321735c7 | 199 | - (dtucker) HP-UX needs to include <sys/strtio.h> for TIOCSBRK |
f420d2ba | 200 | |
dd3ebb5a | 201 | 20030514 |
202 | - (djm) Bug #117: Don't lie to PAM about username | |
0608f8a7 | 203 | - (djm) RCSID sync w/ OpenBSD |
204fde99 | 204 | - (djm) OpenBSD CVS Sync |
205 | - djm@cvs.openbsd.org 2003/04/09 12:00:37 | |
206 | [readconf.c] | |
207 | strip trailing whitespace from config lines before parsing. | |
208 | Fixes bz 528; ok markus@ | |
18ae3c67 | 209 | - markus@cvs.openbsd.org 2003/04/12 10:13:57 |
210 | [cipher.c] | |
211 | hide cipher details; ok djm@ | |
45c42d58 | 212 | - markus@cvs.openbsd.org 2003/04/12 10:15:36 |
213 | [misc.c] | |
214 | debug->debug2 | |
c825cd79 | 215 | - naddy@cvs.openbsd.org 2003/04/12 11:40:15 |
216 | [ssh.1] | |
217 | document -V switch, fix wording; ok markus@ | |
3e131a6d | 218 | - markus@cvs.openbsd.org 2003/04/14 14:17:50 |
219 | [channels.c sshconnect.c sshd.c ssh-keyscan.c] | |
220 | avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP | |
927e9f8b | 221 | - mouring@cvs.openbsd.org 2003/04/14 21:31:27 |
222 | [sftp-int.c] | |
223 | Missing globfree(&g) in process_put() spotted by Vince Brimhall | |
224 | <VBrimhall@novell.com>. ok@ Theo | |
225 | - markus@cvs.openbsd.org 2003/04/16 14:35:27 | |
226 | [auth.h] | |
227 | document struct Authctxt; with solar | |
b9e5aff6 | 228 | - deraadt@cvs.openbsd.org 2003/04/26 04:29:49 |
229 | [ssh-keyscan.c] | |
230 | -t in usage(); rogier@quaak.org | |
9a26a6e2 | 231 | - mouring@cvs.openbsd.org 2003/04/30 01:16:20 |
232 | [sshd.8 sshd_config.5] | |
233 | Escape ?, * and ! in .Ql for nroff compatibility. OpenSSH Portable | |
234 | Bug #550 and * escaping suggested by jmc@. | |
09dc8896 | 235 | - david@cvs.openbsd.org 2003/04/30 20:41:07 |
236 | [sshd.8] | |
237 | fix invalid .Pf macro usage introduced in previous commit | |
238 | ok jmc@ mouring@ | |
3566c73c | 239 | - markus@cvs.openbsd.org 2003/05/11 16:56:48 |
240 | [authfile.c ssh-keygen.c] | |
241 | change key_load_public to try to read a public from: | |
242 | rsa1 private or rsa1 public and ssh2 keys. | |
243 | this makes ssh-keygen -e fail for ssh1 keys more gracefully | |
244 | for example; report from itojun (netbsd pr 20550). | |
0d942eff | 245 | - markus@cvs.openbsd.org 2003/05/11 20:30:25 |
246 | [channels.c clientloop.c serverloop.c session.c ssh.c] | |
247 | make channel_new() strdup the 'remote_name' (not the caller); ok theo | |
43348518 | 248 | - markus@cvs.openbsd.org 2003/05/12 16:55:37 |
249 | [sshconnect2.c] | |
250 | for pubkey authentication try the user keys in the following order: | |
251 | 1. agent keys that are found in the config file | |
252 | 2. other agent keys | |
253 | 3. keys that are only listed in the config file | |
254 | this helps when an agent has many keys, where the server might | |
255 | close the connection before the correct key is used. report & ok pb@ | |
dc109cfe | 256 | - markus@cvs.openbsd.org 2003/05/12 18:35:18 |
257 | [ssh-keyscan.1] | |
258 | typo: DSA keys are of type ssh-dss; Brian Poole | |
81466908 | 259 | - markus@cvs.openbsd.org 2003/05/14 00:52:59 |
260 | [ssh2.h] | |
261 | ranges for per auth method messages | |
262 | - djm@cvs.openbsd.org 2003/05/14 01:00:44 | |
263 | [sftp.1] | |
264 | emphasise the batchmode functionality and make reference to pubkey auth, | |
265 | both of which are FAQs; ok markus@ | |
802e01b8 | 266 | - markus@cvs.openbsd.org 2003/05/14 02:15:47 |
267 | [auth2.c monitor.c sshconnect2.c auth2-krb5.c] | |
268 | implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@ | |
269 | server interops with commercial client; ok jakob@ djm@ | |
72c5fe79 | 270 | - jmc@cvs.openbsd.org 2003/05/14 08:25:39 |
271 | [sftp.1] | |
272 | - better formatting in SYNOPSIS | |
273 | - whitespace at EOL | |
274 | ok djm@ | |
3a39206f | 275 | - markus@cvs.openbsd.org 2003/05/14 08:57:49 |
276 | [monitor.c] | |
277 | http://bugzilla.mindrot.org/show_bug.cgi?id=560 | |
278 | Privsep child continues to run after monitor killed. | |
279 | Pass monitor signals through to child; Darren Tucker | |
751092f9 | 280 | - (djm) Make portable build with MIT krb5 (some issues remain) |
7fceb20d | 281 | - (djm) Add new UsePAM configuration directive to allow runtime control |
282 | over usage of PAM. This allows non-root use of sshd when built with | |
283 | --with-pam | |
817e6d38 | 284 | - (djm) Die screaming if start_pam() is called when UsePAM=no |
83ccf11a | 285 | - (djm) Avoid KrbV leak for MIT Kerberos |
b1848832 | 286 | - (dtucker) Set ai_socktype and ai_protocol in fake-getaddrinfo.c. ok djm@ |
fa065de2 | 287 | - (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability |
dd3ebb5a | 288 | |
91f3aa9b | 289 | 20030512 |
290 | - (djm) Redhat spec: Don't install profile.d scripts when not | |
291 | building with GNOME/GTK askpass (patch from bet@rahul.net) | |
292 | ||
5def520a | 293 | 20030510 |
294 | - (dtucker) Bug #318: Create ssh_prng_cmds.out during "make" rather than | |
295 | "make install". Patch by roth@feep.net. | |
ad84c479 | 296 | - (dtucker) Bug #536: Test for and work around openpty/controlling tty |
297 | problem on Linux (fixes "could not set controlling tty" errors). | |
05114c74 | 298 | - (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with |
299 | proper challenge-response module | |
23ab1f36 | 300 | - (djm) 2-clause license on loginrec.c, with permission from |
301 | andre@ae-35.com | |
5def520a | 302 | |
43ce025d | 303 | 20030504 |
dd594f99 | 304 | - (dtucker) Bug #497: Move #include of bsd-cygwin_util.h to openbsd-compat.h. |
305 | Patch from vinschen@redhat.com. | |
43ce025d | 306 | |
2cd5dbba | 307 | 20030503 |
308 | - (dtucker) Add missing "void" to record_failed_login in bsd-cray.c. Noted | |
309 | by wendyp@cray.com. | |
310 | ||
bf7c1e6c | 311 | 20030502 |
312 | - (dtucker) Bug #544: ignore invalid cmsg_type on Linux 2.0 kernels, | |
313 | privsep should now work. | |
73d9dad3 | 314 | - (dtucker) Move handling of bad password authentications into a platform |
990278ef | 315 | specific record_failed_login() function (affects AIX & Unicos). ok mouring@ |
bf7c1e6c | 316 | |
68ece370 | 317 | 20030429 |
318 | - (djm) Add back radix.o (used by AFS support), after it went missing from | |
319 | Makefile many moons ago | |
320 | - (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer | |
321 | - (djm) Fix blibpath specification for AIX/gcc | |
322 | - (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org | |
323 | ||
ded9dd18 | 324 | 20030428 |
325 | - (bal) [defines.h progressmeter.c scp.c] Some more culling of non 64bit | |
326 | hacked code. | |
327 | ||
aceb0423 | 328 | 20030427 |
329 | - (bal) Bug #541: return; was dropped by mistake. Reported by | |
330 | furrier@iglou.com | |
c8a50a34 | 331 | - (bal) Since we don't support platforms lacking u_int_64. We may |
332 | as well clean out some of those evil #ifdefs | |
9a6fee8b | 333 | - (bal) auth1.c minor resync while looking at the code. |
d7cf277b | 334 | - (bal) auth2.c same changed as above. |
aceb0423 | 335 | |
0a626302 | 336 | 20030409 |
337 | - (djm) Bug #539: Specify creation mode with O_CREAT for lastlog. Report | |
338 | from matth@eecs.berkeley.edu | |
d35929b5 | 339 | - (djm) Make the spec work with Redhat 9.0 (which renames sharutils) |
ffd7b36b | 340 | - (djm) OpenBSD CVS Sync |
341 | - markus@cvs.openbsd.org 2003/04/02 09:48:07 | |
342 | [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] | |
343 | [readconf.h serverloop.c sshconnect2.c] | |
344 | reapply rekeying chage, tested by henning@, ok djm@ | |
16f1b5ca | 345 | - markus@cvs.openbsd.org 2003/04/02 14:36:26 |
346 | [ssh-keysign.c] | |
347 | potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526 | |
6c1bc5c5 | 348 | - itojun@cvs.openbsd.org 2003/04/03 07:25:27 |
349 | [progressmeter.c] | |
350 | $OpenBSD$ | |
351 | - itojun@cvs.openbsd.org 2003/04/03 10:17:35 | |
352 | [progressmeter.c] | |
353 | remove $OpenBSD$, as other *.c does not have it. | |
806e4c11 | 354 | - markus@cvs.openbsd.org 2003/04/07 08:29:57 |
355 | [monitor_wrap.c] | |
356 | typo: get correct counters; introduced during rekeying change. | |
2f5b2528 | 357 | - millert@cvs.openbsd.org 2003/04/07 21:58:05 |
358 | [progressmeter.c] | |
359 | The UCB copyright here is incorrect. This code did not originate | |
360 | at UCB, it was written by Luke Mewburn. Updated the copyright at | |
361 | the author's request. markus@ OK | |
362 | - itojun@cvs.openbsd.org 2003/04/08 20:21:29 | |
363 | [*.c *.h] | |
364 | rename log() into logit() to avoid name conflict. markus ok, from | |
365 | netbsd | |
366 | - (djm) XXX - Performed locally using: | |
367 | "perl -p -i -e 's/(\s|^)log\(/$1logit\(/g' *.c *.h" | |
70e1f62f | 368 | - hin@cvs.openbsd.org 2003/04/09 08:23:52 |
369 | [servconf.c] | |
370 | Don't include <krb.h> when compiling with Kerberos 5 support | |
2f5b2528 | 371 | - (djm) Fix up missing include for packet.c |
a3568201 | 372 | - (djm) Fix missed log => logit occurance (reference by function pointer) |
0a626302 | 373 | |
4d0cb2e5 | 374 | 20030402 |
375 | - (bal) if IP_TOS is not found or broken don't try to compile in | |
376 | packet_set_tos() function call. bug #527 | |
377 | ||
a4e5acef | 378 | 20030401 |
379 | - (djm) OpenBSD CVS Sync | |
380 | - jmc@cvs.openbsd.org 2003/03/28 10:11:43 | |
381 | [scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5] | |
382 | [ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8] | |
383 | - killed whitespace | |
384 | - new sentence new line | |
385 | - .Bk for arguments | |
386 | ok markus@ | |
177f584b | 387 | - markus@cvs.openbsd.org 2003/04/01 10:10:23 |
388 | [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] | |
389 | [readconf.h serverloop.c sshconnect2.c] | |
390 | rekeying bugfixes and automatic rekeying: | |
391 | * both client and server rekey _automatically_ | |
392 | (a) after 2^31 packets, because after 2^32 packets | |
393 | the sequence number for packets wraps | |
394 | (b) after 2^(blocksize_in_bits/4) blocks | |
395 | (see: draft-ietf-secsh-newmodes-00.txt) | |
396 | (a) and (b) are _enabled_ by default, and only disabled for known | |
397 | openssh versions, that don't support rekeying properly. | |
398 | * client option 'RekeyLimit' | |
399 | * do not reply to requests during rekeying | |
400 | - markus@cvs.openbsd.org 2003/04/01 10:22:21 | |
401 | [clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c] | |
402 | [readconf.h serverloop.c sshconnect2.c] | |
403 | backout rekeying changes (for 3.6.1) | |
519bdfe8 | 404 | - markus@cvs.openbsd.org 2003/04/01 10:31:26 |
405 | [compat.c compat.h kex.c] | |
406 | bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@; | |
407 | tested by ho@ and myself | |
9dd240a3 | 408 | - markus@cvs.openbsd.org 2003/04/01 10:56:46 |
409 | [version.h] | |
410 | 3.6.1 | |
ac01b518 | 411 | - (djm) Crank spec file versions |
b32453fe | 412 | - (djm) Release 3.6.1p1 |
a4e5acef | 413 | |
fd77a40f | 414 | 20030326 |
415 | - (djm) OpenBSD CVS Sync | |
416 | - deraadt@cvs.openbsd.org 2003/03/26 04:02:51 | |
417 | [sftp-server.c] | |
418 | one last fix to the tree: race fix broke stuff; pr 3169; | |
419 | srp@srparish.net, help from djm | |
420 | ||
8021857c | 421 | 20030325 |
422 | - (djm) Fix getpeerid support for 64 bit BE systems. From | |
423 | Arnd Bergmann <arndb@de.ibm.com> | |
424 | ||
cdb64c4d | 425 | 20030324 |
426 | - (djm) OpenBSD CVS Sync | |
427 | - markus@cvs.openbsd.org 2003/03/23 19:02:00 | |
428 | [monitor.c] | |
429 | unbreak rekeying for privsep; ok millert@ | |
430 | - Release 3.6p1 | |
62086365 | 431 | - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. |
432 | Report from murple@murple.net, diagnosis from dtucker@zip.com.au | |
cdb64c4d | 433 | |
0b202697 | 434 | $Id$ |