]>
Commit | Line | Data |
---|---|---|
0b6fbf03 | 1 | 20001203 |
2 | - (bal) OpenBSD CVS updates: | |
3 | - markus@cvs.openbsd.org 2000/11/30 22:54:31 | |
4 | [channels.c] | |
5 | debug->warn if tried to do -R style fwd w/o client requesting this; | |
6 | ok neils@ | |
7 | - markus@cvs.openbsd.org 2000/11/29 20:39:17 | |
8 | [cipher.c] | |
9 | des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV | |
10 | - markus@cvs.openbsd.org 2000/11/30 18:33:05 | |
11 | [ssh-agent.c] | |
12 | agents must not dump core, ok niels@ | |
13 | - markus@cvs.openbsd.org 2000/11/30 07:04:02 | |
14 | [ssh.1] | |
15 | T is for both protocols | |
16 | - markus@cvs.openbsd.org 2000/12/01 00:00:51 | |
17 | [ssh.1] | |
18 | typo; from green@FreeBSD.org | |
19 | - markus@cvs.openbsd.org 2000/11/30 07:02:35 | |
20 | [ssh.c] | |
21 | check -T before isatty() | |
22 | - provos@cvs.openbsd.org 2000/11/29 13:51:27 | |
23 | [sshconnect.c] | |
24 | show IP address and hostname when new key is encountered. okay markus@ | |
25 | - markus@cvs.openbsd.org 2000/11/30 22:53:35 | |
26 | [sshconnect.c] | |
27 | disable agent/x11/port fwding if hostkey has changed; ok niels@ | |
28 | - marksu@cvs.openbsd.org 2000/11/29 21:11:59 | |
29 | [sshd.c] | |
30 | sshd -D, startup w/o deamon(), for monitoring scripts or inittab; | |
31 | from handler@sub-rosa.com and eric@urbanrange.com; ok niels@ | |
8c9fe09e | 32 | - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable |
33 | PAM authentication using KbdInteractive. | |
34 | - (djm) Added another TODO | |
0b6fbf03 | 35 | |
90f4078a | 36 | 20001202 |
37 | - (bal) Backed out of part of Alain St-Denis' loginrec.c patch. | |
38 | - (bal) Irix need some sort of mansubdir, patch by Michael Stone | |
39 | <mstone@cs.loyola.edu> | |
40 | ||
dcef6523 | 41 | 20001129 |
7062c40f | 42 | - (djm) Back out all the serverloop.c hacks. sshd will now hang again |
43 | if there are background children with open fds. | |
c193d002 | 44 | - (djm) bsd-rresvport.c bzero -> memset |
45 | - (djm) Don't fail in defines.h on absence of 64 bit types (we will | |
46 | still fail during compilation of sftp-server). | |
47 | - (djm) Fail if ar is not found during configure | |
c523303b | 48 | - (djm) OpenBSD CVS updates: |
49 | - provos@cvs.openbsd.org 2000/11/22 08:38:31 | |
50 | [sshd.8] | |
51 | talk about /etc/primes, okay markus@ | |
52 | - markus@cvs.openbsd.org 2000/11/23 14:03:48 | |
53 | [ssh.c sshconnect1.c sshconnect2.c] | |
54 | complain about invalid ciphers for ssh1/ssh2, fall back to reasonable | |
55 | defaults | |
56 | - markus@cvs.openbsd.org 2000/11/25 09:42:53 | |
57 | [sshconnect1.c] | |
58 | reorder check for illegal ciphers, bugreport from espie@ | |
59 | - markus@cvs.openbsd.org 2000/11/25 10:19:34 | |
60 | [ssh-keygen.c ssh.h] | |
61 | print keytype when generating a key. | |
62 | reasonable defaults for RSA1/RSA/DSA keys. | |
b3ec54b4 | 63 | - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few |
64 | more manpage paths in fixpaths calls | |
65 | - (djm) Also add xauth path at Pekka's suggestion. | |
57ce3f00 | 66 | - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility |
dcef6523 | 67 | |
e879a080 | 68 | 20001125 |
69 | - (djm) Give up privs when reading seed file | |
70 | ||
d343d900 | 71 | 20001123 |
72 | - (bal) Merge OpenBSD changes: | |
73 | - markus@cvs.openbsd.org 2000/11/15 22:31:36 | |
74 | [auth-options.c] | |
75 | case insensitive key options; from stevesk@sweeden.hp.com | |
76 | - markus@cvs.openbsd.org 2000/11/16 17:55:43 | |
77 | [dh.c] | |
78 | do not use perror() in sshd, after child is forked() | |
79 | - markus@cvs.openbsd.org 2000/11/14 23:42:40 | |
80 | [auth-rsa.c] | |
81 | parse option only if key matches; fix some confusing seen by the client | |
82 | - markus@cvs.openbsd.org 2000/11/14 23:44:19 | |
83 | [session.c] | |
84 | check no_agent_forward_flag for ssh-2, too | |
85 | - markus@cvs.openbsd.org 2000/11/15 | |
86 | [ssh-agent.1] | |
87 | reorder SYNOPSIS; typo, use .It | |
88 | - markus@cvs.openbsd.org 2000/11/14 23:48:55 | |
89 | [ssh-agent.c] | |
90 | do not reorder keys if a key is removed | |
91 | - markus@cvs.openbsd.org 2000/11/15 19:58:08 | |
92 | [ssh.c] | |
93 | just ignore non existing user keys | |
94 | - millert@cvs.openbsd.org 200/11/15 20:24:43 | |
95 | [ssh-keygen.c] | |
96 | Add missing \n at end of error message. | |
97 | ||
0b49a754 | 98 | 20001122 |
99 | - (bal) Minor patch to ensure platforms lacking IRIX job limit supports | |
100 | are compilable. | |
101 | - (bal) Updated TODO as of 11/18/2000 with known things to resolve. | |
102 | ||
fab2e5d3 | 103 | 20001117 |
104 | - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It | |
105 | has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com> | |
260d427b | 106 | - (stevek) Reworked progname support. |
107 | - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by | |
108 | Shinichi Maruyama <marya@st.jip.co.jp> | |
fab2e5d3 | 109 | |
c2207f11 | 110 | 20001116 |
111 | - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO | |
112 | releases. | |
113 | - (bal) Make builds work outside of source tree. Patch by Mark D. Roth | |
114 | <roth@feep.net> | |
115 | ||
3d398e04 | 116 | 20001113 |
117 | - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to | |
118 | contrib/README | |
fa08c86b | 119 | - (djm) Merge OpenBSD changes: |
120 | - markus@cvs.openbsd.org 2000/11/06 16:04:56 | |
121 | [channels.c channels.h clientloop.c nchan.c serverloop.c] | |
122 | [session.c ssh.c] | |
123 | agent forwarding and -R for ssh2, based on work from | |
124 | jhuuskon@messi.uku.fi | |
125 | - markus@cvs.openbsd.org 2000/11/06 16:13:27 | |
126 | [ssh.c sshconnect.c sshd.c] | |
127 | do not disabled rhosts(rsa) if server port > 1024; from | |
128 | pekkas@netcore.fi | |
129 | - markus@cvs.openbsd.org 2000/11/06 16:16:35 | |
130 | [sshconnect.c] | |
131 | downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net | |
132 | - markus@cvs.openbsd.org 2000/11/09 18:04:40 | |
133 | [auth1.c] | |
134 | typo; from mouring@pconline.com | |
135 | - markus@cvs.openbsd.org 2000/11/12 12:03:28 | |
136 | [ssh-agent.c] | |
137 | off-by-one when removing a key from the agent | |
138 | - markus@cvs.openbsd.org 2000/11/12 12:50:39 | |
139 | [auth-rh-rsa.c auth2.c authfd.c authfd.h] | |
140 | [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h] | |
141 | [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c] | |
142 | [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config] | |
143 | [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c] | |
144 | [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h] | |
145 | add support for RSA to SSH2. please test. | |
146 | there are now 3 types of keys: RSA1 is used by ssh-1 only, | |
147 | RSA and DSA are used by SSH2. | |
148 | you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA | |
149 | keys for SSH2 and use the RSA keys for hostkeys or for user keys. | |
150 | SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before. | |
151 | - (djm) Fix up Makefile and Redhat init script to create RSA host keys | |
f001465f | 152 | - (djm) Change to interim version |
5733a41a | 153 | - (djm) Fix RPM spec file stupidity |
6fff1ac4 | 154 | - (djm) fixpaths to DSA and RSA keys too |
3d398e04 | 155 | |
d287c664 | 156 | 20001112 |
157 | - (bal) SCO Patch to add needed libraries for configure.in. Patch by | |
158 | Phillips Porch <root@theporch.com> | |
3d398e04 | 159 | - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker |
160 | <dcp@sgi.com> | |
a3bf38d0 | 161 | - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to |
162 | failed ioctl(TIOCSCTTY) call. | |
d287c664 | 163 | |
3c4d4fef | 164 | 20001111 |
165 | - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and | |
166 | packaging files | |
35325fd4 | 167 | - (djm) Fix new Makefile.in warnings |
027bf205 | 168 | - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are |
169 | promoted to type int. Report and fix from Dan Astoorian | |
170 | <djast@cs.toronto.edu> | |
d287c664 | 171 | - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get |
e3291159 | 172 | it wrong. Report from Bennett Todd <bet@rahul.net> |
3c4d4fef | 173 | |
3e366738 | 174 | 20001110 |
175 | - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c | |
176 | - (bal) Changed from --with-skey to --with-skey=PATH in configure.in | |
177 | - (bal) Added in check to verify S/Key library is being detected in | |
178 | configure.in | |
179 | - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif. | |
180 | Patch by Mark Miller <markm@swoon.net> | |
181 | - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined | |
182 | to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net> | |
183 | - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs | |
184 | ||
373998a4 | 185 | 20001107 |
e506ee73 | 186 | - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by |
187 | Mark Miller <markm@swoon.net> | |
373998a4 | 188 | - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by |
189 | Jarno Huuskonen <jhuuskon@messi.uku.fi> | |
e506ee73 | 190 | - (bal) fixpaths fixed to stop it from quitely failing. Patch by |
191 | Mark D. Roth <roth@feep.net> | |
373998a4 | 192 | |
ac89998a | 193 | 20001106 |
194 | - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs | |
6c09e23c | 195 | - (djm) Manually fix up missed diff hunks (mainly RCS idents) |
d6846e6a | 196 | - (djm) Remove UPGRADING document in favour of a link to the better |
197 | maintained FAQ on www.openssh.com | |
73bd30fe | 198 | - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola |
199 | <pekkas@netcore.fi> | |
200 | - (djm) Don't need X11-askpass in RPM spec file if building without it | |
201 | from Pekka Savola <pekkas@netcore.fi> | |
c215ba3b | 202 | - (djm) Release 2.3.0p1 |
97b378bf | 203 | - (bal) typo in configure.in in regards to --with-ldflags from Marko |
204 | Asplund <aspa@kronodoc.fi> | |
205 | - (bal) fixed next-posix.h. Forgot prototype of getppid(). | |
68f189a9 | 206 | |
b850ecd9 | 207 | 20001105 |
208 | - (bal) Sync with OpenBSD: | |
209 | - markus@cvs.openbsd.org 2000/10/31 9:31:58 | |
210 | [compat.c] | |
211 | handle all old openssh versions | |
212 | - markus@cvs.openbsd.org 2000/10/31 13:1853 | |
213 | [deattack.c] | |
214 | so that large packets do not wrap "n"; from netbsd | |
215 | - (bal) rijndel.c - fix up RCSID to match OpenBSD tree | |
a30ce26d | 216 | - (bal) auth2-skey.c - Checked in. Missing from portable tree. |
217 | - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and | |
218 | setsid() into more common files | |
96054e6f | 219 | - (stevesk) pty.c: use __hpux to identify HP-UX. |
d0127657 | 220 | - (bal) Missed auth-skey.o in Makefile.in and minor correction to |
221 | bsd-waitpid.c | |
b850ecd9 | 222 | |
75b90ced | 223 | 20001029 |
224 | - (stevesk) Fix typo in auth.c: USE_PAM not PAM | |
95273555 | 225 | - (stevesk) Create contrib/cygwin/ directory; patch from |
226 | Corinna Vinschen <vinschen@redhat.com> | |
e9e4a1c7 | 227 | - (bal) Resolved more $xno and $xyes issues in configure.in |
fd5f0295 | 228 | - (bal) next-posix.h - spelling and forgot a prototype |
75b90ced | 229 | |
344f2b94 | 230 | 20001028 |
231 | - (djm) fix select hack in serverloop.c from Philippe WILLEM | |
232 | <Philippe.WILLEM@urssaf.fr> | |
240ae474 | 233 | - (djm) Fix mangled AIXAUTHENTICATE code |
606ea390 | 234 | - (djm) authctxt->pw may be NULL. Fix from Markus Friedl |
235 | <markus.friedl@informatik.uni-erlangen.de> | |
a22aff1f | 236 | - (djm) Sync with OpenBSD: |
237 | - markus@cvs.openbsd.org 2000/10/16 15:46:32 | |
238 | [ssh.1] | |
239 | fixes from pekkas@netcore.fi | |
240 | - markus@cvs.openbsd.org 2000/10/17 14:28:11 | |
241 | [atomicio.c] | |
242 | return number of characters processed; ok deraadt@ | |
243 | - markus@cvs.openbsd.org 2000/10/18 12:04:02 | |
244 | [atomicio.c] | |
245 | undo | |
246 | - markus@cvs.openbsd.org 2000/10/18 12:23:02 | |
247 | [scp.c] | |
248 | replace atomicio(read,...) with read(); ok deraadt@ | |
249 | - markus@cvs.openbsd.org 2000/10/18 12:42:00 | |
250 | [session.c] | |
251 | restore old record login behaviour | |
252 | - deraadt@cvs.openbsd.org 2000/10/19 10:41:13 | |
253 | [auth-skey.c] | |
254 | fmt string problem in unused code | |
255 | - provos@cvs.openbsd.org 2000/10/19 10:45:16 | |
256 | [sshconnect2.c] | |
257 | don't reference freed memory. okay deraadt@ | |
258 | - markus@cvs.openbsd.org 2000/10/21 11:04:23 | |
259 | [canohost.c] | |
260 | typo, eramore@era-t.ericsson.se; ok niels@ | |
261 | - markus@cvs.openbsd.org 2000/10/23 13:31:55 | |
262 | [cipher.c] | |
263 | non-alignment dependent swap_bytes(); from | |
264 | simonb@wasabisystems.com/netbsd | |
265 | - markus@cvs.openbsd.org 2000/10/26 12:38:28 | |
266 | [compat.c] | |
267 | add older vandyke products | |
268 | - markus@cvs.openbsd.org 2000/10/27 01:32:19 | |
269 | [channels.c channels.h clientloop.c serverloop.c session.c] | |
270 | [ssh.c util.c] | |
271 | enable non-blocking IO on channels, and tty's (except for the | |
272 | client ttys). | |
344f2b94 | 273 | |
ddc49b5c | 274 | 20001027 |
275 | - (djm) Increase REKEY_BYTES to 2^24 for arc4random | |
276 | ||
48e7916f | 277 | 20001025 |
278 | - (djm) Added WARNING.RNG file and modified configure to ask users of the | |
279 | builtin entropy code to read it. | |
280 | - (djm) Prefer builtin regex to PCRE. | |
00937921 | 281 | - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly. |
282 | - (bal) Apply fixes to configure.in pointed out by Pavel Roskin | |
283 | <proski@gnu.org> | |
48e7916f | 284 | |
8dcda1e3 | 285 | 20001020 |
286 | - (djm) Don't define _REENTRANT for SNI/Reliant Unix | |
07bee9a7 | 287 | - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation |
288 | is more correct then current version. | |
8dcda1e3 | 289 | |
f5af5cd5 | 290 | 20001018 |
291 | - (stevesk) Add initial support for setproctitle(). Current | |
292 | support is for the HP-UX pstat(PSTAT_SETCMD, ...) method. | |
134fd7f6 | 293 | - (stevesk) Add egd startup scripts to contrib/hpux/ |
f5af5cd5 | 294 | |
2f31bdd6 | 295 | 20001017 |
296 | - (djm) Add -lregex to cywin libs from Corinna Vinschen | |
297 | <vinschen@cygnus.com> | |
ba7a3f40 | 298 | - (djm) Don't rely on atomicio's retval to determine length of askpass |
299 | supplied passphrase. Problem report from Lutz Jaenicke | |
300 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
66d6c27e | 301 | - (bal) Changed from GNU rx to PCRE on suggestion from djm. |
302 | - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki | |
303 | <nakaji@tutrp.tut.ac.jp> | |
2f31bdd6 | 304 | |
33de75a3 | 305 | 20001016 |
306 | - (djm) Sync with OpenBSD: | |
307 | - markus@cvs.openbsd.org 2000/10/14 04:01:15 | |
308 | [cipher.c] | |
309 | debug3 | |
310 | - markus@cvs.openbsd.org 2000/10/14 04:07:23 | |
311 | [scp.c] | |
312 | remove spaces from arguments; from djm@mindrot.org | |
313 | - markus@cvs.openbsd.org 2000/10/14 06:09:46 | |
314 | [ssh.1] | |
315 | Cipher is for SSH-1 only | |
316 | - markus@cvs.openbsd.org 2000/10/14 06:12:09 | |
317 | [servconf.c servconf.h serverloop.c session.c sshd.8] | |
318 | AllowTcpForwarding; from naddy@ | |
319 | - markus@cvs.openbsd.org 2000/10/14 06:16:56 | |
320 | [auth2.c compat.c compat.h sshconnect2.c version.h] | |
321 | OpenSSH_2.3; note that is is not complete, but the version number | |
322 | needs to be changed for interoperability reasons | |
323 | - markus@cvs.openbsd.org 2000/10/14 06:19:45 | |
324 | [auth-rsa.c] | |
325 | do not send RSA challenge if key is not allowed by key-options; from | |
326 | eivind@ThinkSec.com | |
327 | - markus@cvs.openbsd.org 2000/10/15 08:14:01 | |
328 | [rijndael.c session.c] | |
329 | typos; from stevesk@sweden.hp.com | |
330 | - markus@cvs.openbsd.org 2000/10/15 08:18:31 | |
331 | [rijndael.c] | |
332 | typo | |
30d8b039 | 333 | - (djm) Copy manpages back over from OpenBSD - too tedious to wade |
334 | through diffs | |
aa0289fe | 335 | - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola |
30d8b039 | 336 | <pekkas@netcore.fi> |
aa0289fe | 337 | - (djm) Update version in Redhat spec file |
338 | - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the | |
339 | Redhat 7.0 spec file | |
5b2d4b75 | 340 | - (djm) Make inability to read/write PRNG seedfile non-fatal |
341 | ||
33de75a3 | 342 | |
4d670c24 | 343 | 20001015 |
344 | - (djm) Fix ssh2 hang on background processes at logout. | |
345 | ||
71dfaf1c | 346 | 20001014 |
443172c4 | 347 | - (bal) Add support for realpath and getcwd for platforms with broken |
348 | or missing realpath implementations for sftp-server. | |
349 | - (bal) Corrected mistake in INSTALL in regards to GNU rx library | |
d8f1edd5 | 350 | - (bal) Add support for GNU rx library for those lacking regexp support |
71dfaf1c | 351 | - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth |
02323c45 | 352 | - (djm) Revert SSH2 serverloop hack, will find a better way. |
4ee81249 | 353 | - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch |
354 | from Martin Johansson <fatbob@acc.umu.se> | |
94ec8c6b | 355 | - (djm) Big OpenBSD sync: |
356 | - markus@cvs.openbsd.org 2000/09/30 10:27:44 | |
357 | [log.c] | |
358 | allow loglevel debug | |
359 | - markus@cvs.openbsd.org 2000/10/03 11:59:57 | |
360 | [packet.c] | |
361 | hmac->mac | |
362 | - markus@cvs.openbsd.org 2000/10/03 12:03:03 | |
363 | [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c] | |
364 | move fake-auth from auth1.c to individual auth methods, disables s/key in | |
365 | debug-msg | |
366 | - markus@cvs.openbsd.org 2000/10/03 12:16:48 | |
367 | ssh.c | |
368 | do not resolve canonname, i have no idea why this was added oin ossh | |
369 | - markus@cvs.openbsd.org 2000/10/09 15:30:44 | |
370 | ssh-keygen.1 ssh-keygen.c | |
371 | -X now reads private ssh.com DSA keys, too. | |
372 | - markus@cvs.openbsd.org 2000/10/09 15:32:34 | |
373 | auth-options.c | |
374 | clear options on every call. | |
375 | - markus@cvs.openbsd.org 2000/10/09 15:51:00 | |
376 | authfd.c authfd.h | |
377 | interop with ssh-agent2, from <res@shore.net> | |
378 | - markus@cvs.openbsd.org 2000/10/10 14:20:45 | |
379 | compat.c | |
380 | use rexexp for version string matching | |
381 | - provos@cvs.openbsd.org 2000/10/10 22:02:18 | |
382 | [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h] | |
383 | First rough implementation of the diffie-hellman group exchange. The | |
384 | client can ask the server for bigger groups to perform the diffie-hellman | |
385 | in, thus increasing the attack complexity when using ciphers with longer | |
386 | keys. University of Windsor provided network, T the company. | |
387 | - markus@cvs.openbsd.org 2000/10/11 13:59:52 | |
388 | [auth-rsa.c auth2.c] | |
389 | clear auth options unless auth sucessfull | |
390 | - markus@cvs.openbsd.org 2000/10/11 14:00:27 | |
391 | [auth-options.h] | |
392 | clear auth options unless auth sucessfull | |
393 | - markus@cvs.openbsd.org 2000/10/11 14:03:27 | |
394 | [scp.1 scp.c] | |
395 | support 'scp -o' with help from mouring@pconline.com | |
396 | - markus@cvs.openbsd.org 2000/10/11 14:11:35 | |
397 | [dh.c] | |
398 | Wall | |
399 | - markus@cvs.openbsd.org 2000/10/11 14:14:40 | |
400 | [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h] | |
401 | [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h] | |
402 | add support for s/key (kbd-interactive) to ssh2, based on work by | |
403 | mkiernan@avantgo.com and me | |
404 | - markus@cvs.openbsd.org 2000/10/11 14:27:24 | |
405 | [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h] | |
406 | [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c] | |
407 | [sshconnect2.c sshd.c] | |
408 | new cipher framework | |
409 | - markus@cvs.openbsd.org 2000/10/11 14:45:21 | |
410 | [cipher.c] | |
411 | remove DES | |
412 | - markus@cvs.openbsd.org 2000/10/12 03:59:20 | |
413 | [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c] | |
414 | enable DES in SSH-1 clients only | |
415 | - markus@cvs.openbsd.org 2000/10/12 08:21:13 | |
416 | [kex.h packet.c] | |
417 | remove unused | |
418 | - markus@cvs.openbsd.org 2000/10/13 12:34:46 | |
419 | [sshd.c] | |
420 | Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se | |
421 | - markus@cvs.openbsd.org 2000/10/13 12:59:15 | |
422 | [cipher.c cipher.h myproposal.h rijndael.c rijndael.h] | |
423 | rijndael/aes support | |
424 | - markus@cvs.openbsd.org 2000/10/13 13:10:54 | |
425 | [sshd.8] | |
426 | more info about -V | |
427 | - markus@cvs.openbsd.org 2000/10/13 13:12:02 | |
428 | [myproposal.h] | |
429 | prefer no compression | |
3ed32516 | 430 | - (djm) Fix scp user@host handling |
431 | - (djm) Don't clobber ssh_prng_cmds on install | |
6bcf7caa | 432 | - (stevesk) Include config.h in rijndael.c so we define intXX_t and |
433 | u_intXX_t types on all platforms. | |
9ea53ba5 | 434 | - (stevesk) rijndael.c: cleanup missing declaration warnings. |
2919e060 | 435 | - (stevesk) ~/.hushlogin shouldn't cause required password change to |
436 | be bypassed. | |
f5665f6f | 437 | - (stevesk) Display correct path to ssh-askpass in configure output. |
438 | Report from Lutz Jaenicke. | |
71dfaf1c | 439 | |
ebd782f7 | 440 | 20001007 |
441 | - (stevesk) Print PAM return value in PAM log messages to aid | |
442 | with debugging. | |
97994d32 | 443 | - (stevesk) Fix detection of pw_class struct member in configure; |
444 | patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp> | |
445 | ||
47a134c1 | 446 | 20001002 |
447 | - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com> | |
448 | - (djm) Add host system and CC to end-of-configure report. Suggested by | |
449 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
450 | ||
7322ef0e | 451 | 20000931 |
452 | - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com> | |
453 | ||
6ac7829a | 454 | 20000930 |
b6490dcb | 455 | - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi> |
772bd898 | 456 | - (djm) Support in bsd-snprintf.c for long long conversions from |
457 | Ben Lindstrom <mouring@pconline.com> | |
458 | - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com> | |
857040fb | 459 | - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with |
460 | very short lived X connections. Bug report from Tobias Oetiker | |
461 | <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org> | |
bd2d7f6a | 462 | - (djm) Add recent InitScripts as a RPM dependancy for openssh-server |
463 | patch from Pekka Savola <pekkas@netcore.fi> | |
58665035 | 464 | - (djm) Forgot to cvs add LICENSE file |
dc2901a0 | 465 | - (djm) Add LICENSE to RPM spec files |
de273eef | 466 | - (djm) CVS OpenBSD sync: |
467 | - markus@cvs.openbsd.org 2000/09/26 13:59:59 | |
468 | [clientloop.c] | |
469 | use debug2 | |
470 | - markus@cvs.openbsd.org 2000/09/27 15:41:34 | |
471 | [auth2.c sshconnect2.c] | |
472 | use key_type() | |
473 | - markus@cvs.openbsd.org 2000/09/28 12:03:18 | |
474 | [channels.c] | |
475 | debug -> debug2 cleanup | |
2a7d529a | 476 | - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only |
477 | strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis | |
478 | <Alain.St-Denis@ec.gc.ca> | |
479 | - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass. | |
480 | Problem was caused by interrupted read in ssh-add. Report from Donald | |
481 | J. Barry <don@astro.cornell.edu> | |
6ac7829a | 482 | |
c5d85828 | 483 | 20000929 |
484 | - (djm) Fix SSH2 not terminating until all background tasks done problem. | |
2ed85c06 | 485 | - (djm) Another off-by-one fix from Pavel Kankovsky |
486 | <peak@argo.troja.mff.cuni.cz> | |
22d89d24 | 487 | - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code, |
488 | tidy necessary differences. Use Markus' new debugN() in entropy.c | |
77bb0bca | 489 | - (djm) Merged big SCO portability patch from Tim Rice |
490 | <tim@multitalents.net> | |
c5d85828 | 491 | |
6fd7f731 | 492 | 20000926 |
493 | - (djm) Update X11-askpass to 1.0.2 in RPM spec file | |
c5ae7384 | 494 | - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX |
495 | - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c. | |
496 | Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz> | |
6fd7f731 | 497 | |
2f125ca1 | 498 | 20000924 |
499 | - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net> | |
500 | - (djm) A bit more cleanup - created cygwin_util.h | |
bcdaaeab | 501 | - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller |
502 | <markm@swoon.net> | |
2f125ca1 | 503 | |
764d4113 | 504 | 20000923 |
505 | - (djm) Fix address logging in utmp from Kevin Steves | |
506 | <stevesk@sweden.hp.com> | |
777319db | 507 | - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi> |
bd590612 | 508 | - (djm) Seperate tests for int64_t and u_int64_t types |
37c1c46d | 509 | - (djm) Tweak password expiry checking at suggestion of Kevin Steves |
510 | <stevesk@sweden.hp.com> | |
e79b44e1 | 511 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
e2144f11 | 512 | - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from |
513 | Michael Stone <mstone@cs.loyola.edu> | |
188adeb2 | 514 | - (djm) OpenBSD CVS sync: |
515 | - markus@cvs.openbsd.org 2000/09/17 09:38:59 | |
516 | [sshconnect2.c sshd.c] | |
517 | fix DEBUG_KEXDH | |
518 | - markus@cvs.openbsd.org 2000/09/17 09:52:51 | |
519 | [sshconnect.c] | |
520 | yes no; ok niels@ | |
521 | - markus@cvs.openbsd.org 2000/09/21 04:55:11 | |
522 | [sshd.8] | |
523 | typo | |
524 | - markus@cvs.openbsd.org 2000/09/21 05:03:54 | |
525 | [serverloop.c] | |
526 | typo | |
527 | - markus@cvs.openbsd.org 2000/09/21 05:11:42 | |
528 | scp.c | |
529 | utime() to utimes(); mouring@pconline.com | |
530 | - markus@cvs.openbsd.org 2000/09/21 05:25:08 | |
531 | sshconnect2.c | |
532 | change login logic in ssh2, allows plugin of other auth methods | |
533 | - markus@cvs.openbsd.org 2000/09/21 05:25:35 | |
534 | [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h] | |
535 | [serverloop.c] | |
536 | add context to dispatch_run | |
537 | - markus@cvs.openbsd.org 2000/09/21 05:07:52 | |
538 | authfd.c authfd.h ssh-agent.c | |
539 | bug compat for old ssh.com software | |
764d4113 | 540 | |
7f377177 | 541 | 20000920 |
542 | - (djm) Fix bad path substitution. Report from Andrew Miner | |
543 | <asminer@cs.iastate.edu> | |
544 | ||
bcbf86ec | 545 | 20000916 |
7950bf97 | 546 | - (djm) Fix SSL search order from Lutz Jaenicke |
547 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
19ece6d2 | 548 | - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de> |
9cd45ea4 | 549 | - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com> |
995edaac | 550 | - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage. |
551 | Patch from Larry Jones <larry.jones@sdrc.com> | |
ad55cd03 | 552 | - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM |
553 | password change patch. | |
554 | - (djm) Bring licenses on my stuff in line with OpenBSD's | |
0bbfbdeb | 555 | - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from |
556 | Kevin Steves <stevesk@sweden.hp.com> | |
7f8f5e00 | 557 | - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz> |
558 | - (djm) Re-enable int64_t types - we need them for sftp | |
559 | - (djm) Use libexecdir from configure , rather than libexecdir/ssh | |
560 | - (djm) Update Redhat SPEC file accordingly | |
561 | - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files | |
562 | - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch | |
563 | - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter | |
564 | <Dirk.DeWachter@rug.ac.be> | |
565 | - (djm) Fixprogs and entropy list fixes from Larry Jones | |
566 | <larry.jones@sdrc.com> | |
567 | - (djm) Fix for SuSE spec file from Takashi YOSHIDA | |
568 | <tyoshida@gemini.rc.kyushu-u.ac.jp> | |
bcbf86ec | 569 | - (djm) Merge OpenBSD changes: |
570 | - markus@cvs.openbsd.org 2000/09/05 02:59:57 | |
571 | [session.c] | |
572 | print hostname (not hushlogin) | |
573 | - markus@cvs.openbsd.org 2000/09/05 13:18:48 | |
574 | [authfile.c ssh-add.c] | |
575 | enable ssh-add -d for DSA keys | |
576 | - markus@cvs.openbsd.org 2000/09/05 13:20:49 | |
577 | [sftp-server.c] | |
578 | cleanup | |
579 | - markus@cvs.openbsd.org 2000/09/06 03:46:41 | |
580 | [authfile.h] | |
581 | prototype | |
582 | - deraadt@cvs.openbsd.org 2000/09/07 14:27:56 | |
583 | [ALL] | |
584 | cleanup copyright notices on all files. I have attempted to be | |
585 | accurate with the details. everything is now under Tatu's licence | |
586 | (which I copied from his readme), and/or the core-sdi bsd-ish thing | |
587 | for deattack, or various openbsd developers under a 2-term bsd | |
588 | licence. We're not changing any rules, just being accurate. | |
589 | - markus@cvs.openbsd.org 2000/09/07 14:40:30 | |
590 | [channels.c channels.h clientloop.c serverloop.c ssh.c] | |
591 | cleanup window and packet sizes for ssh2 flow control; ok niels | |
592 | - markus@cvs.openbsd.org 2000/09/07 14:53:00 | |
593 | [scp.c] | |
594 | typo | |
595 | - markus@cvs.openbsd.org 2000/09/07 15:13:37 | |
596 | [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c] | |
597 | [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h] | |
598 | [pty.c readconf.c] | |
599 | some more Copyright fixes | |
600 | - markus@cvs.openbsd.org 2000/09/08 03:02:51 | |
601 | [README.openssh2] | |
602 | bye bye | |
603 | - deraadt@cvs.openbsd.org 2000/09/11 18:38:33 | |
604 | [LICENCE cipher.c] | |
605 | a few more comments about it being ARC4 not RC4 | |
606 | - markus@cvs.openbsd.org 2000/09/12 14:53:11 | |
607 | [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c] | |
608 | multiple debug levels | |
609 | - markus@cvs.openbsd.org 2000/09/14 14:25:15 | |
610 | [clientloop.c] | |
611 | typo | |
612 | - deraadt@cvs.openbsd.org 2000/09/15 01:13:51 | |
613 | [ssh-agent.c] | |
614 | check return value for setenv(3) for failure, and deal appropriately | |
615 | ||
deb8d717 | 616 | 20000913 |
617 | - (djm) Fix server not exiting with jobs in background. | |
618 | ||
b5e300c2 | 619 | 20000905 |
620 | - (djm) Import OpenBSD CVS changes | |
621 | - markus@cvs.openbsd.org 2000/08/31 15:52:24 | |
622 | [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c] | |
623 | implement a SFTP server. interops with sftp2, scp2 and the windows | |
624 | client from ssh.com | |
625 | - markus@cvs.openbsd.org 2000/08/31 15:56:03 | |
626 | [README.openssh2] | |
627 | sync | |
628 | - markus@cvs.openbsd.org 2000/08/31 16:05:42 | |
629 | [session.c] | |
630 | Wall | |
631 | - markus@cvs.openbsd.org 2000/08/31 16:09:34 | |
632 | [authfd.c ssh-agent.c] | |
633 | add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions | |
634 | - deraadt@cvs.openbsd.org 2000/09/01 09:25:13 | |
635 | [scp.1 scp.c] | |
636 | cleanup and fix -S support; stevesk@sweden.hp.com | |
637 | - markus@cvs.openbsd.org 2000/09/01 16:29:32 | |
638 | [sftp-server.c] | |
639 | portability fixes | |
640 | - markus@cvs.openbsd.org 2000/09/01 16:32:41 | |
641 | [sftp-server.c] | |
642 | fix cast; mouring@pconline.com | |
643 | - itojun@cvs.openbsd.org 2000/09/03 09:23:28 | |
644 | [ssh-add.1 ssh.1] | |
645 | add missing .El against .Bl. | |
646 | - markus@cvs.openbsd.org 2000/09/04 13:03:41 | |
647 | [session.c] | |
648 | missing close; ok theo | |
649 | - markus@cvs.openbsd.org 2000/09/04 13:07:21 | |
650 | [session.c] | |
651 | fix get_last_login_time order; from andre@van-veen.de | |
652 | - markus@cvs.openbsd.org 2000/09/04 13:10:09 | |
653 | [sftp-server.c] | |
654 | more cast fixes; from mouring@pconline.com | |
655 | - markus@cvs.openbsd.org 2000/09/04 13:06:04 | |
656 | [session.c] | |
657 | set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net | |
658 | - (djm) Cleanup after import. Fix sftp-server compilation, Makefile | |
3c62e7eb | 659 | - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com> |
660 | ||
1e61f54a | 661 | 20000903 |
662 | - (djm) Fix Redhat init script | |
663 | ||
c80876b4 | 664 | 20000901 |
665 | - (djm) Pick up Jim's new X11-askpass | |
666 | - (djm) Release 2.2.0p1 | |
667 | ||
8b4a0d08 | 668 | 20000831 |
bcbf86ec | 669 | - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox |
8b4a0d08 | 670 | <acox@cv.telegroup.com> |
b817711d | 671 | - (djm) Pick up new version (2.2.0) from OpenBSD CVS |
8b4a0d08 | 672 | |
0b65b628 | 673 | 20000830 |
674 | - (djm) Compile warning fixes from Mark Miller <markm@swoon.net> | |
10fa00c8 | 675 | - (djm) Periodically rekey arc4random |
676 | - (djm) Clean up diff against OpenBSD. | |
bcbf86ec | 677 | - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves |
2b10f47a | 678 | <stevesk@sweden.hp.com> |
b33a2e6e | 679 | - (djm) Quieten the pam delete credentials error message |
44839801 | 680 | - (djm) Fix printing of $DISPLAY hack if set by system type. Report from |
681 | Kevin Steves <stevesk@sweden.hp.com> | |
84a770d1 | 682 | - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com> |
7efa2776 | 683 | - (djm) Fix doh in bsd-arc4random.c |
0b65b628 | 684 | |
9aaf9be4 | 685 | 20000829 |
bcbf86ec | 686 | - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert |
687 | Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and | |
9aaf9be4 | 688 | Garrick James <garrick@james.net> |
b5f90139 | 689 | - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from |
690 | Bastian Trompetter <btrompetter@firemail.de> | |
698d107e | 691 | - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com> |
14a9a859 | 692 | - More OpenBSD updates: |
693 | - deraadt@cvs.openbsd.org 2000/08/24 15:46:59 | |
694 | [scp.c] | |
695 | off_t in sink, to fix files > 2GB, i think, test is still running ;-) | |
696 | - deraadt@cvs.openbsd.org 2000/08/25 10:10:06 | |
697 | [session.c] | |
698 | Wall | |
699 | - markus@cvs.openbsd.org 2000/08/26 04:33:43 | |
700 | [compat.c] | |
701 | ssh.com-2.3.0 | |
702 | - markus@cvs.openbsd.org 2000/08/27 12:18:05 | |
703 | [compat.c] | |
704 | compatibility with future ssh.com versions | |
705 | - deraadt@cvs.openbsd.org 2000/08/27 21:50:55 | |
706 | [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c] | |
707 | print uid/gid as unsigned | |
708 | - markus@cvs.openbsd.org 2000/08/28 13:51:00 | |
709 | [ssh.c] | |
710 | enable -n and -f for ssh2 | |
711 | - markus@cvs.openbsd.org 2000/08/28 14:19:53 | |
712 | [ssh.c] | |
713 | allow combination of -N and -f | |
714 | - markus@cvs.openbsd.org 2000/08/28 14:20:56 | |
715 | [util.c] | |
716 | util.c | |
717 | - markus@cvs.openbsd.org 2000/08/28 14:22:02 | |
718 | [util.c] | |
719 | undo | |
720 | - markus@cvs.openbsd.org 2000/08/28 14:23:38 | |
721 | [util.c] | |
722 | don't complain if setting NONBLOCK fails with ENODEV | |
9aaf9be4 | 723 | |
137d7b6c | 724 | 20000823 |
725 | - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4 | |
bcbf86ec | 726 | Avoids "scp never exits" problem. Reports from Lutz Jaenicke |
727 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA | |
137d7b6c | 728 | <kajiyama@grad.sccs.chukyo-u.ac.jp> |
2e73a022 | 729 | - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers |
da40ab4d | 730 | - (djm) Add local version to version.h |
ea788c22 | 731 | - (djm) Don't reseed arc4random everytime it is used |
2e73a022 | 732 | - (djm) OpenBSD CVS updates: |
733 | - deraadt@cvs.openbsd.org 2000/08/18 20:07:23 | |
734 | [ssh.c] | |
735 | accept remsh as a valid name as well; roman@buildpoint.com | |
736 | - deraadt@cvs.openbsd.org 2000/08/18 20:17:13 | |
737 | [deattack.c crc32.c packet.c] | |
738 | rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to | |
739 | libz crc32 function yet, because it has ugly "long"'s in it; | |
740 | oneill@cs.sfu.ca | |
741 | - deraadt@cvs.openbsd.org 2000/08/18 20:26:08 | |
742 | [scp.1 scp.c] | |
743 | -S prog support; tv@debian.org | |
744 | - deraadt@cvs.openbsd.org 2000/08/18 20:50:07 | |
745 | [scp.c] | |
746 | knf | |
747 | - deraadt@cvs.openbsd.org 2000/08/18 20:57:33 | |
748 | [log-client.c] | |
749 | shorten | |
750 | - markus@cvs.openbsd.org 2000/08/19 12:48:11 | |
751 | [channels.c channels.h clientloop.c ssh.c ssh.h] | |
752 | support for ~. in ssh2 | |
753 | - deraadt@cvs.openbsd.org 2000/08/19 15:29:40 | |
754 | [crc32.h] | |
755 | proper prototype | |
756 | - markus@cvs.openbsd.org 2000/08/19 15:34:44 | |
bcbf86ec | 757 | [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1] |
758 | [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile] | |
2e73a022 | 759 | [fingerprint.c fingerprint.h] |
760 | add SSH2/DSA support to the agent and some other DSA related cleanups. | |
761 | (note that we cannot talk to ssh.com's ssh2 agents) | |
762 | - markus@cvs.openbsd.org 2000/08/19 15:55:52 | |
763 | [channels.c channels.h clientloop.c] | |
764 | more ~ support for ssh2 | |
765 | - markus@cvs.openbsd.org 2000/08/19 16:21:19 | |
766 | [clientloop.c] | |
767 | oops | |
768 | - millert@cvs.openbsd.org 2000/08/20 12:25:53 | |
769 | [session.c] | |
770 | We have to stash the result of get_remote_name_or_ip() before we | |
771 | close our socket or getpeername() will get EBADF and the process | |
772 | will exit. Only a problem for "UseLogin yes". | |
773 | - millert@cvs.openbsd.org 2000/08/20 12:30:59 | |
774 | [session.c] | |
775 | Only check /etc/nologin if "UseLogin no" since login(1) may have its | |
776 | own policy on determining who is allowed to login when /etc/nologin | |
777 | is present. Also use the _PATH_NOLOGIN define. | |
778 | - millert@cvs.openbsd.org 2000/08/20 12:42:43 | |
779 | [auth1.c auth2.c session.c ssh.c] | |
780 | Add calls to setusercontext() and login_get*(). We basically call | |
781 | setusercontext() in most places where previously we did a setlogin(). | |
782 | Add default login.conf file and put root in the "daemon" login class. | |
783 | - millert@cvs.openbsd.org 2000/08/21 10:23:31 | |
784 | [session.c] | |
785 | Fix incorrect PATH setting; noted by Markus. | |
137d7b6c | 786 | |
c345cf9d | 787 | 20000818 |
788 | - (djm) OpenBSD CVS changes: | |
789 | - markus@cvs.openbsd.org 2000/07/22 03:14:37 | |
790 | [servconf.c servconf.h sshd.8 sshd.c sshd_config] | |
791 | random early drop; ok theo, niels | |
792 | - deraadt@cvs.openbsd.org 2000/07/26 11:46:51 | |
793 | [ssh.1] | |
794 | typo | |
795 | - deraadt@cvs.openbsd.org 2000/08/01 11:46:11 | |
796 | [sshd.8] | |
797 | many fixes from pepper@mail.reppep.com | |
798 | - provos@cvs.openbsd.org 2000/08/01 13:01:42 | |
799 | [Makefile.in util.c aux.c] | |
800 | rename aux.c to util.c to help with cygwin port | |
801 | - deraadt@cvs.openbsd.org 2000/08/02 00:23:31 | |
802 | [authfd.c] | |
803 | correct sun_len; Alexander@Leidinger.net | |
804 | - provos@cvs.openbsd.org 2000/08/02 10:27:17 | |
805 | [readconf.c sshd.8] | |
806 | disable kerberos authentication by default | |
807 | - provos@cvs.openbsd.org 2000/08/02 11:27:05 | |
808 | [sshd.8 readconf.c auth-krb4.c] | |
809 | disallow kerberos authentication if we can't verify the TGT; from | |
810 | dugsong@ | |
811 | kerberos authentication is on by default only if you have a srvtab. | |
812 | - markus@cvs.openbsd.org 2000/08/04 14:30:07 | |
813 | [auth.c] | |
814 | unused | |
815 | - markus@cvs.openbsd.org 2000/08/04 14:30:35 | |
816 | [sshd_config] | |
817 | MaxStartups | |
818 | - markus@cvs.openbsd.org 2000/08/15 13:20:46 | |
819 | [authfd.c] | |
820 | cleanup; ok niels@ | |
821 | - markus@cvs.openbsd.org 2000/08/17 14:05:10 | |
822 | [session.c] | |
823 | cleanup login(1)-like jobs, no duplicate utmp entries | |
824 | - markus@cvs.openbsd.org 2000/08/17 14:06:34 | |
825 | [session.c sshd.8 sshd.c] | |
826 | sshd -u len, similar to telnetd | |
1a022229 | 827 | - (djm) Lastlog was not getting closed after writing login entry |
39987cc0 | 828 | - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com> |
c345cf9d | 829 | |
416ed5a7 | 830 | 20000816 |
831 | - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc) | |
bcbf86ec | 832 | - (djm) Fix strerror replacement for old SunOS. Based on patch from |
416ed5a7 | 833 | Charles Levert <charles@comm.polymtl.ca> |
bcbf86ec | 834 | - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4 |
416ed5a7 | 835 | implementation. |
ba606eb2 | 836 | - (djm) SUN_LEN macro for systems which lack it |
416ed5a7 | 837 | |
dbaa2e87 | 838 | 20000815 |
839 | - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com> | |
cd352c82 | 840 | - (djm) Avoid failures on Irix when ssh is not setuid. Fix from |
841 | Michael Stone <mstone@cs.loyola.edu> | |
d93a7e5a | 842 | - (djm) Don't seek in directory based lastlogs |
bcbf86ec | 843 | - (djm) Fix --with-ipaddr-display configure option test. Patch from |
d93a7e5a | 844 | Jarno Huuskonen <jhuuskon@messi.uku.fi> |
2a2cb9e7 | 845 | - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br> |
dbaa2e87 | 846 | |
6c33bf70 | 847 | 20000813 |
848 | - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from | |
849 | Fabrice bacchella <fabrice.bacchella@marchfirst.fr> | |
850 | ||
3fcce26c | 851 | 20000809 |
bcbf86ec | 852 | - (djm) Define AIX hard limits if headers don't. Report from |
3fcce26c | 853 | Bill Painter <william.t.painter@lmco.com> |
bcbf86ec | 854 | - (djm) utmp direct write & SunOS 4 patch from Charles Levert |
32eec038 | 855 | <charles@comm.polymtl.ca> |
3fcce26c | 856 | |
71d43804 | 857 | 20000808 |
858 | - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install | |
859 | time, spec file cleanup. | |
860 | ||
f9bcea07 | 861 | 20000807 |
378f2232 | 862 | - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke |
47670e77 | 863 | - (djm) Suppress error messages on channel close shutdown() failurs |
864 | works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org> | |
378f2232 | 865 | - (djm) Add some more entropy collection commands from Lutz Jaenicke |
f9bcea07 | 866 | |
bcf89935 | 867 | 20000725 |
868 | - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF | |
869 | ||
4c8722d9 | 870 | 20000721 |
871 | - (djm) OpenBSD CVS updates: | |
872 | - markus@cvs.openbsd.org 2000/07/16 02:27:22 | |
873 | [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c] | |
874 | [sshconnect1.c sshconnect2.c] | |
875 | make ssh-add accept dsa keys (the agent does not) | |
876 | - djm@cvs.openbsd.org 2000/07/17 19:25:02 | |
877 | [sshd.c] | |
878 | Another closing of stdin; ok deraadt | |
879 | - markus@cvs.openbsd.org 2000/07/19 18:33:12 | |
880 | [dsa.c] | |
881 | missing free, reorder | |
882 | - markus@cvs.openbsd.org 2000/07/20 16:23:14 | |
883 | [ssh-keygen.1] | |
884 | document input and output files | |
885 | ||
240777b8 | 886 | 20000720 |
4c8722d9 | 887 | - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz> |
240777b8 | 888 | |
3c7def32 | 889 | 20000716 |
4c8722d9 | 890 | - (djm) Release 2.1.1p4 |
3c7def32 | 891 | |
819b676f | 892 | 20000715 |
704b1659 | 893 | - (djm) OpenBSD CVS updates |
894 | - provos@cvs.openbsd.org 2000/07/13 16:53:22 | |
895 | [aux.c readconf.c servconf.c ssh.h] | |
896 | allow multiple whitespace but only one '=' between tokens, bug report from | |
897 | Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@ | |
898 | - provos@cvs.openbsd.org 2000/07/13 17:14:09 | |
899 | [clientloop.c] | |
900 | typo; todd@fries.net | |
901 | - provos@cvs.openbsd.org 2000/07/13 17:19:31 | |
902 | [scp.c] | |
903 | close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu> | |
904 | - markus@cvs.openbsd.org 2000/07/14 16:59:46 | |
905 | [readconf.c servconf.c] | |
906 | allow leading whitespace. ok niels | |
907 | - djm@cvs.openbsd.org 2000/07/14 22:01:38 | |
908 | [ssh-keygen.c ssh.c] | |
909 | Always create ~/.ssh with mode 700; ok Markus | |
819b676f | 910 | - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca> |
911 | - Include floatingpoint.h for entropy.c | |
912 | - strerror replacement | |
704b1659 | 913 | |
3f7a7e4a | 914 | 20000712 |
c37fb3c1 | 915 | - (djm) Remove -lresolve for Reliant Unix |
3f7a7e4a | 916 | - (djm) OpenBSD CVS Updates: |
917 | - deraadt@cvs.openbsd.org 2000/07/11 02:11:34 | |
918 | [session.c sshd.c ] | |
919 | make MaxStartups code still work with -d; djm | |
920 | - deraadt@cvs.openbsd.org 2000/07/11 13:17:45 | |
921 | [readconf.c ssh_config] | |
922 | disable FallBackToRsh by default | |
c37fb3c1 | 923 | - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from |
924 | Ben Lindstrom <mouring@pconline.com> | |
1e970014 | 925 | - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM |
926 | spec file. | |
dcb36e5d | 927 | - (djm) Released 2.1.1p3 |
3f7a7e4a | 928 | |
56118702 | 929 | 20000711 |
930 | - (djm) Fixup for AIX getuserattr() support from Tom Bertelson | |
931 | <tbert@abac.com> | |
132dd316 | 932 | - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de> |
bcbf86ec | 933 | - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom |
c99e5056 | 934 | <mouring@pconline.com> |
bcbf86ec | 935 | - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report |
dc2a6d09 | 936 | from Jim Watt <jimw@peisj.pebio.com> |
2d9a148e | 937 | - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known |
938 | to compile on more platforms (incl NeXT). | |
cc6f2c4c | 939 | - (djm) Added bsd-inet_aton and configure support for NeXT |
aae19451 | 940 | - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com> |
089fbbd2 | 941 | - (djm) OpenBSD CVS updates: |
942 | - markus@cvs.openbsd.org 2000/06/26 03:22:29 | |
943 | [authfd.c] | |
944 | cleanup, less cut&paste | |
945 | - markus@cvs.openbsd.org 2000/06/26 15:59:19 | |
946 | [servconf.c servconf.h session.c sshd.8 sshd.c] | |
bcbf86ec | 947 | MaxStartups: limit number of unauthenticated connections, work by |
089fbbd2 | 948 | theo and me |
949 | - deraadt@cvs.openbsd.org 2000/07/05 14:18:07 | |
950 | [session.c] | |
951 | use no_x11_forwarding_flag correctly; provos ok | |
952 | - provos@cvs.openbsd.org 2000/07/05 15:35:57 | |
953 | [sshd.c] | |
954 | typo | |
955 | - aaron@cvs.openbsd.org 2000/07/05 22:06:58 | |
956 | [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8] | |
bcbf86ec | 957 | Insert more missing .El directives. Our troff really should identify |
089fbbd2 | 958 | these and spit out a warning. |
959 | - todd@cvs.openbsd.org 2000/07/06 21:55:04 | |
960 | [auth-rsa.c auth2.c ssh-keygen.c] | |
961 | clean code is good code | |
962 | - deraadt@cvs.openbsd.org 2000/07/07 02:14:29 | |
963 | [serverloop.c] | |
964 | sense of port forwarding flag test was backwards | |
965 | - provos@cvs.openbsd.org 2000/07/08 17:17:31 | |
966 | [compat.c readconf.c] | |
967 | replace strtok with strsep; from David Young <dyoung@onthejob.net> | |
968 | - deraadt@cvs.openbsd.org 2000/07/08 19:21:15 | |
969 | [auth.h] | |
970 | KNF | |
971 | - ho@cvs.openbsd.org 2000/07/08 19:27:33 | |
972 | [compat.c readconf.c] | |
973 | Better conditions for strsep() ending. | |
974 | - ho@cvs.openbsd.org 2000/07/10 10:27:05 | |
975 | [readconf.c] | |
976 | Get the correct message on errors. (niels@ ok) | |
977 | - ho@cvs.openbsd.org 2000/07/10 10:30:25 | |
978 | [cipher.c kex.c servconf.c] | |
979 | strtok() --> strsep(). (niels@ ok) | |
5540ea9b | 980 | - (djm) Fix problem with debug mode and MaxStartups |
eb37534b | 981 | - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM |
982 | builds) | |
229f64ee | 983 | - (djm) Add strsep function from OpenBSD libc for systems that lack it |
56118702 | 984 | |
a8545c6c | 985 | 20000709 |
986 | - (djm) Only enable PAM_TTY kludge for Linux. Problem report from | |
987 | Kevin Steves <stevesk@sweden.hp.com> | |
ec90a7d6 | 988 | - (djm) Match prototype and function declaration for rresvport_af. |
989 | Problem report from Niklas Edmundsson <nikke@ing.umu.se> | |
bcbf86ec | 990 | - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM |
732e8ac5 | 991 | builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu> |
37f1df94 | 992 | - (djm) Replace ut_name with ut_user. Patch from Jim Watt |
993 | <jimw@peisj.pebio.com> | |
264dce47 | 994 | - (djm) Fix pam sprintf fix |
995 | - (djm) Cleanup entropy collection code a little more. Split initialisation | |
996 | from seeding, perform intialisation immediatly at start, be careful with | |
997 | uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com> | |
5bf9cfe9 | 998 | - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com> |
999 | Including sigaction() et al. replacements | |
bcbf86ec | 1000 | - (djm) AIX getuserattr() session initialisation from Tom Bertelson |
eeec075f | 1001 | <tbert@abac.com> |
a8545c6c | 1002 | |
e2902a5b | 1003 | 20000708 |
bcbf86ec | 1004 | - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from |
e2902a5b | 1005 | Aaron Hopkins <aaron@die.net> |
7a33f831 | 1006 | - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from |
1007 | Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
bcbf86ec | 1008 | - (djm) Fixed undefined variables for OSF SIA. Report from |
b3f162ba | 1009 | Baars, Henk <Hendrik.Baars@nl.origin-it.com> |
bcbf86ec | 1010 | - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c |
b28e4a3b | 1011 | Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL> |
bcbf86ec | 1012 | - (djm) Don't use inet_addr. |
e2902a5b | 1013 | |
5637650d | 1014 | 20000702 |
1015 | - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com> | |
27494968 | 1016 | - (djm) Stop shadow expiry checking from preventing logins with NIS. Based |
1017 | on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> | |
a4070484 | 1018 | - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from |
1019 | Chris, the Young One <cky@pobox.com> | |
bcbf86ec | 1020 | - (djm) Fix scp progress meter on really wide terminals. Based on patch |
88726b31 | 1021 | from James H. Cloos Jr. <cloos@jhcloos.com> |
5637650d | 1022 | |
388e9f9f | 1023 | 20000701 |
1024 | - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu> | |
daaff4d5 | 1025 | - (djm) Login fixes from Tom Bertelson <tbert@abac.com> |
82258d68 | 1026 | - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen |
1027 | <vinschen@cygnus.com> | |
30228d7c | 1028 | - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM |
2647ae26 | 1029 | - (djm) Added check for broken snprintf() functions which do not correctly |
1030 | terminate output string and attempt to use replacement. | |
46158300 | 1031 | - (djm) Released 2.1.1p2 |
388e9f9f | 1032 | |
9f32ceb4 | 1033 | 20000628 |
1034 | - (djm) Fixes to lastlog code for Irix | |
1035 | - (djm) Use atomicio in loginrec | |
3206bb3b | 1036 | - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for |
1037 | Irix 6.x array sessions, project id's, and system audit trail id. | |
9e0c3e1f | 1038 | - (djm) Added 'distprep' make target to simplify packaging |
bcbf86ec | 1039 | - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA |
4d33e531 | 1040 | support. Enable using "USE_SIA=1 ./configure [options]" |
bcbf86ec | 1041 | |
d8caae24 | 1042 | 20000627 |
1043 | - (djm) Fixes to login code - not setting li->uid, cleanups | |
a05a70ab | 1044 | - (djm) Formatting |
d8caae24 | 1045 | |
fe30cc2e | 1046 | 20000626 |
3e98362e | 1047 | - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net> |
4cb5ffa0 | 1048 | - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de> |
1049 | - (djm) Added password expiry checking (no password change support) | |
be0b9bb7 | 1050 | - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK |
1051 | based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> | |
b5b3f75d | 1052 | - (djm) Fix fixed EGD code. |
3e98362e | 1053 | - OpenBSD CVS update |
1054 | - provos@cvs.openbsd.org 2000/06/25 14:17:58 | |
1055 | [channels.c] | |
1056 | correct check for bad channel ids; from Wei Dai <weidai@eskimo.com> | |
1057 | ||
1c04b088 | 1058 | 20000623 |
bcbf86ec | 1059 | - (djm) Use sa_family_t in prototype for rresvport_af. Patch from |
1c04b088 | 1060 | Svante Signell <svante.signell@telia.com> |
1061 | - (djm) Autoconf logic to define sa_family_t if it is missing | |
e5a0294f | 1062 | - OpenBSD CVS Updates: |
1063 | - markus@cvs.openbsd.org 2000/06/22 10:32:27 | |
1064 | [sshd.c] | |
1065 | missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL | |
1066 | - djm@cvs.openbsd.org 2000/06/22 17:55:00 | |
1067 | [auth-krb4.c key.c radix.c uuencode.c] | |
1068 | Missing CVS idents; ok markus | |
1c04b088 | 1069 | |
f528fdf2 | 1070 | 20000622 |
1071 | - (djm) Automatically generate host key during "make install". Suggested | |
1072 | by Gary E. Miller <gem@rellim.com> | |
1073 | - (djm) Paranoia before kill() system call | |
74fc9186 | 1074 | - OpenBSD CVS Updates: |
1075 | - markus@cvs.openbsd.org 2000/06/18 18:50:11 | |
1076 | [auth2.c compat.c compat.h sshconnect2.c] | |
1077 | make userauth+pubkey interop with ssh.com-2.2.0 | |
1078 | - markus@cvs.openbsd.org 2000/06/18 20:56:17 | |
1079 | [dsa.c] | |
1080 | mem leak + be more paranoid in dsa_verify. | |
1081 | - markus@cvs.openbsd.org 2000/06/18 21:29:50 | |
1082 | [key.c] | |
1083 | cleanup fingerprinting, less hardcoded sizes | |
1084 | - markus@cvs.openbsd.org 2000/06/19 19:39:45 | |
1085 | [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c] | |
1086 | [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h] | |
bcbf86ec | 1087 | [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h] |
74fc9186 | 1088 | [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h] |
1089 | [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c] | |
bcbf86ec | 1090 | [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c] |
1091 | [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c] | |
74fc9186 | 1092 | [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c] |
1093 | [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h] | |
1094 | OpenBSD tag | |
1095 | - markus@cvs.openbsd.org 2000/06/21 10:46:10 | |
1096 | sshconnect2.c missing free; nuke old comment | |
f528fdf2 | 1097 | |
e5fe9a1f | 1098 | 20000620 |
1099 | - (djm) Replace use of '-o' and '-a' logical operators in configure tests | |
bcbf86ec | 1100 | with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx> |
e5fe9a1f | 1101 | to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com> |
c03aced4 | 1102 | - (djm) Typo in loginrec.c |
e5fe9a1f | 1103 | |
cbd7492e | 1104 | 20000618 |
1105 | - (djm) Add summary of configure options to end of ./configure run | |
bcbf86ec | 1106 | - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from |
cbd7492e | 1107 | Michael Stone <mstone@cs.loyola.edu> |
bcbf86ec | 1108 | - (djm) rusage is a privileged operation on some Unices (incl. |
cbd7492e | 1109 | Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com> |
bcbf86ec | 1110 | - (djm) Avoid PAM failures when running without a TTY. Report from |
cbd7492e | 1111 | Martin Petrak <petrak@spsknm.schools.sk> |
1112 | - (djm) Include sys/types.h when including netinet/in.h in configure tests. | |
1113 | Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net> | |
729bfe59 | 1114 | - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support |
38c295d6 | 1115 | - OpenBSD CVS updates: |
1116 | - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 | |
1117 | [channels.c] | |
1118 | everyone says "nix it" (remove protocol 2 debugging message) | |
1119 | - markus@cvs.openbsd.org 2000/06/17 13:24:34 | |
1120 | [sshconnect.c] | |
1121 | allow extended server banners | |
1122 | - markus@cvs.openbsd.org 2000/06/17 14:30:10 | |
1123 | [sshconnect.c] | |
1124 | missing atomicio, typo | |
1125 | - jakob@cvs.openbsd.org 2000/06/17 16:52:34 | |
1126 | [servconf.c servconf.h session.c sshd.8 sshd_config] | |
1127 | add support for ssh v2 subsystems. ok markus@. | |
1128 | - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 | |
1129 | [readconf.c servconf.c] | |
1130 | include = in WHITESPACE; markus ok | |
1131 | - markus@cvs.openbsd.org 2000/06/17 19:09:10 | |
1132 | [auth2.c] | |
1133 | implement bug compatibility with ssh-2.0.13 pubkey, server side | |
1134 | - markus@cvs.openbsd.org 2000/06/17 21:00:28 | |
1135 | [compat.c] | |
1136 | initial support for ssh.com's 2.2.0 | |
1137 | - markus@cvs.openbsd.org 2000/06/17 21:16:09 | |
1138 | [scp.c] | |
1139 | typo | |
1140 | - markus@cvs.openbsd.org 2000/06/17 22:05:02 | |
1141 | [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] | |
1142 | split auth-rsa option parsing into auth-options | |
1143 | add options support to authorized_keys2 | |
1144 | - markus@cvs.openbsd.org 2000/06/17 22:42:54 | |
1145 | [session.c] | |
1146 | typo | |
cbd7492e | 1147 | |
509b1f88 | 1148 | 20000613 |
1149 | - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>: | |
1150 | - Platform define for SCO 3.x which breaks on /dev/ptmx | |
1151 | - Detect and try to fix missing MAXPATHLEN | |
a4d05724 | 1152 | - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp |
1153 | <P.S.S.Camp@ukc.ac.uk> | |
509b1f88 | 1154 | |
09564242 | 1155 | 20000612 |
1156 | - (djm) Glob manpages in RPM spec files to catch compressed files | |
1157 | - (djm) Full license in auth-pam.c | |
08ae384f | 1158 | - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
383207f7 | 1159 | - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>: |
1160 | - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is | |
1161 | def'd | |
1162 | - Set AIX to use preformatted manpages | |
bcbf86ec | 1163 | |
74b224a0 | 1164 | 20000610 |
1165 | - (djm) Minor doc tweaks | |
217ab55e | 1166 | - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx> |
74b224a0 | 1167 | |
32c80420 | 1168 | 20000609 |
1169 | - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage | |
1170 | (in favour of utmpx) on Solaris 8 | |
1171 | ||
fa649821 | 1172 | 20000606 |
48c99b2c | 1173 | - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through |
1174 | list of commands (by default). Removed verbose debugging (by default). | |
bcbf86ec | 1175 | - (djm) Increased command entropy estimates and default entropy collection |
48c99b2c | 1176 | timeout |
f988dce5 | 1177 | - (djm) Remove duplicate headers from loginrec.c |
c5fa2eb0 | 1178 | - (djm) Don't add /usr/local/lib to library search path on Irix |
bcbf86ec | 1179 | - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III |
fa649821 | 1180 | <tibbs@math.uh.edu> |
1e83f2a2 | 1181 | - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg |
1182 | <zack@wolery.cumb.org> | |
fa649821 | 1183 | - (djm) OpenBSD CVS updates: |
1184 | - todd@cvs.openbsd.org | |
1185 | [sshconnect2.c] | |
1186 | teach protocol v2 to count login failures properly and also enable an | |
1187 | explanation of why the password prompt comes up again like v1; this is NOT | |
1188 | crypto | |
bcbf86ec | 1189 | - markus@cvs.openbsd.org |
fa649821 | 1190 | [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8] |
1191 | xauth_location support; pr 1234 | |
1192 | [readconf.c sshconnect2.c] | |
1193 | typo, unused | |
1194 | [session.c] | |
1195 | allow use_login only for login sessions, otherwise remote commands are | |
1196 | execed with uid==0 | |
1197 | [sshd.8] | |
1198 | document UseLogin better | |
1199 | [version.h] | |
1200 | OpenSSH 2.1.1 | |
1201 | [auth-rsa.c] | |
bcbf86ec | 1202 | fix match_hostname() logic for auth-rsa: deny access if we have a |
fa649821 | 1203 | negative match or no match at all |
1204 | [channels.c hostfile.c match.c] | |
bcbf86ec | 1205 | don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via |
fa649821 | 1206 | kris@FreeBSD.org |
1207 | ||
8e7b16f8 | 1208 | 20000606 |
bcbf86ec | 1209 | - (djm) Added --with-cflags, --with-ldflags and --with-libs options to |
8e7b16f8 | 1210 | configure. |
1211 | ||
d7c0f3d5 | 1212 | 20000604 |
1213 | - Configure tweaking for new login code on Irix 5.3 | |
2d6c411f | 1214 | - (andre) login code changes based on djm feedback |
d7c0f3d5 | 1215 | |
2d6c411f | 1216 | 20000603 |
1217 | - (andre) New login code | |
1218 | - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c | |
1219 | - Add loginrec.[ch], logintest.c and autoconf code | |
bcbf86ec | 1220 | |
5daf7064 | 1221 | 20000531 |
1222 | - Cleanup of auth.c, login.c and fake-* | |
1223 | - Cleanup of auth-pam.c, save and print "account expired" error messages | |
e5662474 | 1224 | - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp> |
69134b9b | 1225 | - Rewrote bsd-login to use proper utmp API if available. Major cleanup |
1226 | of fallback DIY code. | |
5daf7064 | 1227 | |
b9f446d1 | 1228 | 20000530 |
1229 | - Define atexit for old Solaris | |
b02ebca1 | 1230 | - Fix buffer overrun in login.c for systems which use syslen in utmpx. |
1231 | patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp> | |
71276795 | 1232 | - OpenBSD CVS updates: |
1233 | - markus@cvs.openbsd.org | |
1234 | [session.c] | |
1235 | make x11-fwd work w/ localhost (xauth add host/unix:11) | |
1236 | [cipher.c compat.c readconf.c servconf.c] | |
1237 | check strtok() != NULL; ok niels@ | |
1238 | [key.c] | |
1239 | fix key_read() for uuencoded keys w/o '=' | |
1240 | [serverloop.c] | |
1241 | group ssh1 vs. ssh2 in serverloop | |
1242 | [kex.c kex.h myproposal.h sshconnect2.c sshd.c] | |
1243 | split kexinit/kexdh, factor out common code | |
1244 | [readconf.c ssh.1 ssh.c] | |
1245 | forwardagent defaults to no, add ssh -A | |
1246 | - theo@cvs.openbsd.org | |
1247 | [session.c] | |
1248 | just some line shortening | |
60688ef9 | 1249 | - Released 2.1.0p3 |
b9f446d1 | 1250 | |
29611d9c | 1251 | 20000520 |
1252 | - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
25422c70 | 1253 | - Don't touch utmp if USE_UTMPX defined |
a423beaf | 1254 | - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com> |
fc1e8bf4 | 1255 | - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com> |
bcbf86ec | 1256 | - HPUX and Configure fixes from Lutz Jaenicke |
fc1e8bf4 | 1257 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
bcbf86ec | 1258 | - Use mkinstalldirs script to make directories instead of non-portable |
fc1e8bf4 | 1259 | "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
a905808d | 1260 | - Doc cleanup |
29611d9c | 1261 | |
301e9b01 | 1262 | 20000518 |
1263 | - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday | |
1264 | - OpenBSD CVS updates: | |
1265 | - markus@cvs.openbsd.org | |
1266 | [sshconnect.c] | |
1267 | copy only ai_addrlen bytes; misiek@pld.org.pl | |
1268 | [auth.c] | |
bcbf86ec | 1269 | accept an empty shell in authentication; bug reported by |
301e9b01 | 1270 | chris@tinker.ucr.edu |
1271 | [serverloop.c] | |
1272 | we don't have stderr for interactive terminal sessions (fcntl errors) | |
1273 | ||
ad85db64 | 1274 | 20000517 |
1275 | - Fix from Andre Lucas <andre.lucas@dial.pipex.com> | |
1276 | - Fixes command line printing segfaults (spotter: Bladt Norbert) | |
1277 | - Fixes erroneous printing of debug messages to syslog | |
1278 | - Fixes utmp for MacOS X (spotter: Aristedes Maniatis) | |
1279 | - Gives useful error message if PRNG initialisation fails | |
1280 | - Reduced ssh startup delay | |
1281 | - Measures cumulative command time rather than the time between reads | |
704b1659 | 1282 | after select() |
ad85db64 | 1283 | - 'fixprogs' perl script to eliminate non-working entropy commands, and |
704b1659 | 1284 | optionally run 'ent' to measure command entropy |
c1ef8333 | 1285 | - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix |
a64009ad | 1286 | - Avoid WCOREDUMP complation errors for systems that lack it |
bcbf86ec | 1287 | - Avoid SIGCHLD warnings from entropy commands |
28c1d5ce | 1288 | - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk> |
0e73cc53 | 1289 | - OpenBSD CVS update: |
bcbf86ec | 1290 | - markus@cvs.openbsd.org |
0e73cc53 | 1291 | [ssh.c] |
1292 | fix usage() | |
1293 | [ssh2.h] | |
1294 | draft-ietf-secsh-architecture-05.txt | |
1295 | [ssh.1] | |
1296 | document ssh -T -N (ssh2 only) | |
1297 | [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c] | |
1298 | enable nonblocking IO for sshd w/ proto 1, too; split out common code | |
1299 | [aux.c] | |
1300 | missing include | |
c04f75f1 | 1301 | - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp> |
1302 | - INSTALL typo and URL fix | |
1303 | - Makefile fix | |
1304 | - Solaris fixes | |
bcbf86ec | 1305 | - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka |
c04f75f1 | 1306 | <ksakai@kso.netwk.ntt-at.co.jp> |
afa5ee68 | 1307 | - RSAless operation patch from kevin_oconnor@standardandpoors.com |
d45e3d76 | 1308 | - Detect OpenSSL seperatly from RSA |
bcbf86ec | 1309 | - Better test for RSA (more compatible with RSAref). Based on work by |
d45e3d76 | 1310 | Ed Eden <ede370@stl.rural.usda.gov> |
ad85db64 | 1311 | |
3d1a1654 | 1312 | 20000513 |
bcbf86ec | 1313 | - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz |
3d1a1654 | 1314 | <misiek@pld.org.pl> |
1315 | ||
d02a3a00 | 1316 | 20000511 |
bcbf86ec | 1317 | - Fix for prng_seed permissions checking from Lutz Jaenicke |
d02a3a00 | 1318 | <Lutz.Jaenicke@aet.TU-Cottbus.DE> |
3d1a1654 | 1319 | - "make host-key" fix for Irix |
d02a3a00 | 1320 | |
d0c832f3 | 1321 | 20000509 |
1322 | - OpenBSD CVS update | |
1323 | - markus@cvs.openbsd.org | |
1324 | [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c] | |
1325 | [ssh.h sshconnect1.c sshconnect2.c sshd.8] | |
1326 | - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only) | |
1327 | - hugh@cvs.openbsd.org | |
1328 | [ssh.1] | |
1329 | - zap typo | |
1330 | [ssh-keygen.1] | |
1331 | - One last nit fix. (markus approved) | |
1332 | [sshd.8] | |
1333 | - some markus certified spelling adjustments | |
1334 | - markus@cvs.openbsd.org | |
1335 | [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c] | |
1336 | [sshconnect2.c ] | |
1337 | - bug compat w/ ssh-2.0.13 x11, split out bugs | |
1338 | [nchan.c] | |
1339 | - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@ | |
1340 | [ssh-keygen.c] | |
1341 | - handle escapes in real and original key format, ok millert@ | |
1342 | [version.h] | |
1343 | - OpenSSH-2.1 | |
3dc1102e | 1344 | - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a |
e93ee87a | 1345 | - Doc updates |
bcbf86ec | 1346 | - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported |
21e5304a | 1347 | by Andre Lucas <andre.lucas@dial.pipex.com> |
d0c832f3 | 1348 | |
ebdeb9a8 | 1349 | 20000508 |
1350 | - Makefile and RPM spec fixes | |
1351 | - Generate DSA host keys during "make key" or RPM installs | |
f6cde515 | 1352 | - OpenBSD CVS update |
1353 | - markus@cvs.openbsd.org | |
1354 | [clientloop.c sshconnect2.c] | |
1355 | - make x11-fwd interop w/ ssh-2.0.13 | |
1356 | [README.openssh2] | |
1357 | - interop w/ SecureFX | |
1358 | - Release 2.0.0beta2 | |
ebdeb9a8 | 1359 | |
bcbf86ec | 1360 | - Configure caching and cleanup patch from Andre Lucas' |
58d100bf | 1361 | <andre.lucas@dial.pipex.com> |
1362 | ||
1d1ffb87 | 1363 | 20000507 |
1364 | - Remove references to SSLeay. | |
1365 | - Big OpenBSD CVS update | |
1366 | - markus@cvs.openbsd.org | |
1367 | [clientloop.c] | |
1368 | - typo | |
1369 | [session.c] | |
1370 | - update proctitle on pty alloc/dealloc, e.g. w/ windows client | |
1371 | [session.c] | |
1372 | - update proctitle for proto 1, too | |
1373 | [channels.h nchan.c serverloop.c session.c sshd.c] | |
1374 | - use c-style comments | |
1375 | - deraadt@cvs.openbsd.org | |
1376 | [scp.c] | |
1377 | - more atomicio | |
bcbf86ec | 1378 | - markus@cvs.openbsd.org |
1d1ffb87 | 1379 | [channels.c] |
1380 | - set O_NONBLOCK | |
1381 | [ssh.1] | |
1382 | - update AUTHOR | |
1383 | [readconf.c ssh-keygen.c ssh.h] | |
1384 | - default DSA key file ~/.ssh/id_dsa | |
1385 | [clientloop.c] | |
1386 | - typo, rm verbose debug | |
1387 | - deraadt@cvs.openbsd.org | |
1388 | [ssh-keygen.1] | |
1389 | - document DSA use of ssh-keygen | |
1390 | [sshd.8] | |
1391 | - a start at describing what i understand of the DSA side | |
1392 | [ssh-keygen.1] | |
1393 | - document -X and -x | |
1394 | [ssh-keygen.c] | |
1395 | - simplify usage | |
bcbf86ec | 1396 | - markus@cvs.openbsd.org |
1d1ffb87 | 1397 | [sshd.8] |
1398 | - there is no rhosts_dsa | |
1399 | [ssh-keygen.1] | |
1400 | - document -y, update -X,-x | |
1401 | [nchan.c] | |
1402 | - fix close for non-open ssh1 channels | |
1403 | [servconf.c servconf.h ssh.h sshd.8 sshd.c ] | |
1404 | - s/DsaKey/HostDSAKey/, document option | |
1405 | [sshconnect2.c] | |
1406 | - respect number_of_password_prompts | |
1407 | [channels.c channels.h servconf.c servconf.h session.c sshd.8] | |
1408 | - GatewayPorts for sshd, ok deraadt@ | |
1409 | [ssh-add.1 ssh-agent.1 ssh.1] | |
1410 | - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2 | |
1411 | [ssh.1] | |
1412 | - more info on proto 2 | |
1413 | [sshd.8] | |
1414 | - sync AUTHOR w/ ssh.1 | |
1415 | [key.c key.h sshconnect.c] | |
1416 | - print key type when talking about host keys | |
1417 | [packet.c] | |
1418 | - clear padding in ssh2 | |
1419 | [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h] | |
1420 | - replace broken uuencode w/ libc b64_ntop | |
1421 | [auth2.c] | |
1422 | - log failure before sending the reply | |
1423 | [key.c radix.c uuencode.c] | |
1424 | - remote trailing comments before calling __b64_pton | |
1425 | [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1] | |
1426 | [sshconnect2.c sshd.8] | |
1427 | - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8 | |
1428 | - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch]) | |
1429 | ||
1a11e1ae | 1430 | 20000502 |
0fbe8c74 | 1431 | - OpenBSD CVS update |
1432 | [channels.c] | |
1433 | - init all fds, close all fds. | |
1434 | [sshconnect2.c] | |
1435 | - check whether file exists before asking for passphrase | |
1436 | [servconf.c servconf.h sshd.8 sshd.c] | |
1437 | - PidFile, pr 1210 | |
1438 | [channels.c] | |
1439 | - EINTR | |
1440 | [channels.c] | |
1441 | - unbreak, ok niels@ | |
1442 | [sshd.c] | |
1443 | - unlink pid file, ok niels@ | |
1444 | [auth2.c] | |
1445 | - Add missing #ifdefs; ok - markus | |
bcbf86ec | 1446 | - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy |
d3083fbd | 1447 | gathering commands from a text file |
1a11e1ae | 1448 | - Release 2.0.0beta1 |
1449 | ||
c4bc58eb | 1450 | 20000501 |
1451 | - OpenBSD CVS update | |
1452 | [packet.c] | |
1453 | - send debug messages in SSH2 format | |
3189621b | 1454 | [scp.c] |
1455 | - fix very rare EAGAIN/EINTR issues; based on work by djm | |
1456 | [packet.c] | |
1457 | - less debug, rm unused | |
1458 | [auth2.c] | |
1459 | - disable kerb,s/key in ssh2 | |
1460 | [sshd.8] | |
1461 | - Minor tweaks and typo fixes. | |
1462 | [ssh-keygen.c] | |
1463 | - Put -d into usage and reorder. markus ok. | |
bcbf86ec | 1464 | - Include missing headers for OpenSSL tests. Fix from Phil Karn |
44fb55e9 | 1465 | <karn@ka9q.ampr.org> |
bcbf86ec | 1466 | - Fixed __progname symbol collisions reported by Andre Lucas |
3fd95d9a | 1467 | <andre.lucas@dial.pipex.com> |
0d5f7abc | 1468 | - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering |
1469 | <gd@hilb1.medat.de> | |
8cb940db | 1470 | - Add some missing ifdefs to auth2.c |
8af50c98 | 1471 | - Deprecate perl-tk askpass. |
52bcc044 | 1472 | - Irix portability fixes - don't include netinet headers more than once |
1473 | - Make sure we don't save PRNG seed more than once | |
c4bc58eb | 1474 | |
2b763e31 | 1475 | 20000430 |
1476 | - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au> | |
b7a87eea | 1477 | - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection |
1478 | patch. | |
1479 | - Adds timeout to entropy collection | |
1480 | - Disables slow entropy sources | |
1481 | - Load and save seed file | |
bcbf86ec | 1482 | - Changed entropy seed code to user per-user seeds only (server seed is |
b7a87eea | 1483 | saved in root's .ssh directory) |
1484 | - Use atexit() and fatal cleanups to save seed on exit | |
0b242b12 | 1485 | - More OpenBSD updates: |
1486 | [session.c] | |
1487 | - don't call chan_write_failed() if we are not writing | |
1488 | [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c] | |
1489 | - keysize warnings error() -> log() | |
2b763e31 | 1490 | |
a306f2dd | 1491 | 20000429 |
1492 | - Merge big update to OpenSSH-2.0 from OpenBSD CVS | |
1493 | [README.openssh2] | |
1494 | - interop w/ F-secure windows client | |
1495 | - sync documentation | |
1496 | - ssh_host_dsa_key not ssh_dsa_key | |
1497 | [auth-rsa.c] | |
1498 | - missing fclose | |
1499 | [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c] | |
1500 | [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c] | |
1501 | [sshd.c uuencode.c uuencode.h authfile.h] | |
1502 | - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX] | |
1503 | for trading keys with the real and the original SSH, directly from the | |
1504 | people who invented the SSH protocol. | |
1505 | [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h] | |
1506 | [sshconnect1.c sshconnect2.c] | |
1507 | - split auth/sshconnect in one file per protocol version | |
1508 | [sshconnect2.c] | |
1509 | - remove debug | |
1510 | [uuencode.c] | |
1511 | - add trailing = | |
1512 | [version.h] | |
1513 | - OpenSSH-2.0 | |
1514 | [ssh-keygen.1 ssh-keygen.c] | |
1515 | - add -R flag: exit code indicates if RSA is alive | |
1516 | [sshd.c] | |
1517 | - remove unused | |
1518 | silent if -Q is specified | |
1519 | [ssh.h] | |
1520 | - host key becomes /etc/ssh_host_dsa_key | |
1521 | [readconf.c servconf.c ] | |
1522 | - ssh/sshd default to proto 1 and 2 | |
1523 | [uuencode.c] | |
1524 | - remove debug | |
1525 | [auth2.c ssh-keygen.c sshconnect2.c sshd.c] | |
1526 | - xfree DSA blobs | |
1527 | [auth2.c serverloop.c session.c] | |
1528 | - cleanup logging for sshd/2, respect PasswordAuth no | |
1529 | [sshconnect2.c] | |
1530 | - less debug, respect .ssh/config | |
1531 | [README.openssh2 channels.c channels.h] | |
bcbf86ec | 1532 | - clientloop.c session.c ssh.c |
a306f2dd | 1533 | - support for x11-fwding, client+server |
1534 | ||
0ac7199f | 1535 | 20000421 |
1536 | - Merge fix from OpenBSD CVS | |
1537 | [ssh-agent.c] | |
1538 | - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de> | |
1539 | via Debian bug #59926 | |
18ba2aab | 1540 | - Define __progname in session.c if libc doesn't |
1541 | - Remove indentation on autoconf #include statements to avoid bug in | |
bcbf86ec | 1542 | DEC Tru64 compiler. Report and fix from David Del Piero |
18ba2aab | 1543 | <David.DelPiero@qed.qld.gov.au> |
0ac7199f | 1544 | |
e1b37056 | 1545 | 20000420 |
bcbf86ec | 1546 | - Make fixpaths work with perl4, patch from Andre Lucas |
e1b37056 | 1547 | <andre.lucas@dial.pipex.com> |
9da5c3c9 | 1548 | - Sync with OpenBSD CVS: |
1549 | [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c] | |
1550 | - pid_t | |
1551 | [session.c] | |
1552 | - remove bogus chan_read_failed. this could cause data | |
1553 | corruption (missing data) at end of a SSH2 session. | |
4e577b89 | 1554 | - Merge fixes from Debian patch from Phil Hands <phil@hands.com> |
1555 | - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE) | |
1556 | - Use vhangup to clean up Linux ttys | |
1557 | - Force posix getopt processing on GNU libc systems | |
371ecff9 | 1558 | - Debian bug #55910 - remove references to ssl(8) manpages |
247f1a89 | 1559 | - Debian bug #58031 - ssh_config lies about default cipher |
e1b37056 | 1560 | |
d6f24e45 | 1561 | 20000419 |
1562 | - OpenBSD CVS updates | |
1563 | [channels.c] | |
1564 | - fix pr 1196, listen_port and port_to_connect interchanged | |
1565 | [scp.c] | |
bcbf86ec | 1566 | - after completion, replace the progress bar ETA counter with a final |
d6f24e45 | 1567 | elapsed time; my idea, aaron wrote the patch |
1568 | [ssh_config sshd_config] | |
1569 | - show 'Protocol' as an example, ok markus@ | |
1570 | [sshd.c] | |
1571 | - missing xfree() | |
1572 | - Add missing header to bsd-misc.c | |
1573 | ||
35484284 | 1574 | 20000416 |
1575 | - Reduce diff against OpenBSD source | |
bcbf86ec | 1576 | - All OpenSSL includes are now unconditionally referenced as |
35484284 | 1577 | openssl/foo.h |
1578 | - Pick up formatting changes | |
1579 | - Other minor changed (typecasts, etc) that I missed | |
1580 | ||
6ae2364d | 1581 | 20000415 |
1582 | - OpenBSD CVS updates. | |
1583 | [ssh.1 ssh.c] | |
1584 | - ssh -2 | |
1585 | [auth.c channels.c clientloop.c packet.c packet.h serverloop.c] | |
1586 | [session.c sshconnect.c] | |
1587 | - check payload for (illegal) extra data | |
1588 | [ALL] | |
1589 | whitespace cleanup | |
1590 | ||
c323ac76 | 1591 | 20000413 |
1592 | - INSTALL doc updates | |
f54651ce | 1593 | - Merged OpenBSD updates to include paths. |
bcbf86ec | 1594 | |
a8be9f80 | 1595 | 20000412 |
1596 | - OpenBSD CVS updates: | |
1597 | - [channels.c] | |
1598 | repair x11-fwd | |
1599 | - [sshconnect.c] | |
1600 | fix passwd prompt for ssh2, less debugging output. | |
1601 | - [clientloop.c compat.c dsa.c kex.c sshd.c] | |
1602 | less debugging output | |
1603 | - [kex.c kex.h sshconnect.c sshd.c] | |
1604 | check for reasonable public DH values | |
1605 | - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c] | |
1606 | [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c] | |
1607 | add Cipher and Protocol options to ssh/sshd, e.g.: | |
1608 | ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers | |
1609 | arcfour,3des-cbc' | |
1610 | - [sshd.c] | |
1611 | print 1.99 only if server supports both | |
1612 | ||
18e92801 | 1613 | 20000408 |
1614 | - Avoid some compiler warnings in fake-get*.c | |
1615 | - Add IPTOS macros for systems which lack them | |
9d98aaf6 | 1616 | - Only set define entropy collection macros if they are found |
e78a59f5 | 1617 | - More large OpenBSD CVS updates: |
1618 | - [auth.c auth.h servconf.c servconf.h serverloop.c session.c] | |
1619 | [session.h ssh.h sshd.c README.openssh2] | |
1620 | ssh2 server side, see README.openssh2; enable with 'sshd -2' | |
1621 | - [channels.c] | |
1622 | no adjust after close | |
1623 | - [sshd.c compat.c ] | |
1624 | interop w/ latest ssh.com windows client. | |
bcbf86ec | 1625 | |
8ce64345 | 1626 | 20000406 |
1627 | - OpenBSD CVS update: | |
1628 | - [channels.c] | |
1629 | close efd on eof | |
1630 | - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h] | |
1631 | ssh2 client implementation, interops w/ ssh.com and lsh servers. | |
1632 | - [sshconnect.c] | |
1633 | missing free. | |
1634 | - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c] | |
1635 | remove unused argument, split cipher_mask() | |
1636 | - [clientloop.c] | |
1637 | re-order: group ssh1 vs. ssh2 | |
1638 | - Make Redhat spec require openssl >= 0.9.5a | |
1639 | ||
e7627112 | 1640 | 20000404 |
1641 | - Add tests for RAND_add function when searching for OpenSSL | |
7e7327a1 | 1642 | - OpenBSD CVS update: |
1643 | - [packet.h packet.c] | |
1644 | ssh2 packet format | |
1645 | - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c] | |
1646 | [channels.h channels.c] | |
1647 | channel layer support for ssh2 | |
1648 | - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h] | |
1649 | DSA, keyexchange, algorithm agreement for ssh2 | |
6c081128 | 1650 | - Generate manpages before make install not at the end of make all |
1651 | - Don't seed the rng quite so often | |
1652 | - Always reseed rng when requested | |
e7627112 | 1653 | |
bfc9a610 | 1654 | 20000403 |
1655 | - Wrote entropy collection routines for systems that lack /dev/random | |
1656 | and EGD | |
837c30b8 | 1657 | - Disable tests and typedefs for 64 bit types. They are currently unused. |
bfc9a610 | 1658 | |
7368a6c8 | 1659 | 20000401 |
1660 | - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure) | |
1661 | - [auth.c session.c sshd.c auth.h] | |
1662 | split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal | |
1663 | - [bufaux.c bufaux.h] | |
1664 | support ssh2 bignums | |
1665 | - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c] | |
1666 | [readconf.c ssh.c ssh.h serverloop.c] | |
1667 | replace big switch() with function tables (prepare for ssh2) | |
1668 | - [ssh2.h] | |
1669 | ssh2 message type codes | |
1670 | - [sshd.8] | |
1671 | reorder Xr to avoid cutting | |
1672 | - [serverloop.c] | |
1673 | close(fdin) if fdin != fdout, shutdown otherwise, ok theo@ | |
1674 | - [channels.c] | |
1675 | missing close | |
1676 | allow bigger packets | |
1677 | - [cipher.c cipher.h] | |
1678 | support ssh2 ciphers | |
1679 | - [compress.c] | |
1680 | cleanup, less code | |
1681 | - [dispatch.c dispatch.h] | |
1682 | function tables for different message types | |
1683 | - [log-server.c] | |
1684 | do not log() if debuggin to stderr | |
1685 | rename a cpp symbol, to avoid param.h collision | |
1686 | - [mpaux.c] | |
1687 | KNF | |
1688 | - [nchan.c] | |
1689 | sync w/ channels.c | |
1690 | ||
f5238bee | 1691 | 20000326 |
1692 | - Better tests for OpenSSL w/ RSAref | |
bcbf86ec | 1693 | - Added replacement setenv() function from OpenBSD libc. Suggested by |
f5238bee | 1694 | Ben Lindstrom <mouring@pconline.com> |
4fe2af09 | 1695 | - OpenBSD CVS update |
1696 | - [auth-krb4.c] | |
1697 | -Wall | |
1698 | - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c] | |
1699 | [match.h ssh.c ssh.h sshconnect.c sshd.c] | |
1700 | initial support for DSA keys. ok deraadt@, niels@ | |
1701 | - [cipher.c cipher.h] | |
1702 | remove unused cipher_attack_detected code | |
1703 | - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] | |
1704 | Fix some formatting problems I missed before. | |
1705 | - [ssh.1 sshd.8] | |
1706 | fix spelling errors, From: FreeBSD | |
1707 | - [ssh.c] | |
1708 | switch to raw mode only if he _get_ a pty (not if we _want_ a pty). | |
f5238bee | 1709 | |
0024a081 | 1710 | 20000324 |
1711 | - Released 1.2.3 | |
1712 | ||
bd499f9e | 1713 | 20000317 |
1714 | - Clarified --with-default-path option. | |
1715 | - Added -blibpath handling for AIX to work around stupid runtime linking. | |
1716 | Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble | |
1717 | <jmknoble@pobox.com> | |
474b5fef | 1718 | - Checks for 64 bit int types. Problem report from Mats Fredholm |
1719 | <matsf@init.se> | |
610cd5c6 | 1720 | - OpenBSD CVS updates: |
bcbf86ec | 1721 | - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c] |
610cd5c6 | 1722 | [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c] |
1723 | [sshd.c] | |
1724 | pedantic: signed vs. unsigned, void*-arithm, etc | |
1725 | - [ssh.1 sshd.8] | |
1726 | Various cleanups and standardizations. | |
bcbf86ec | 1727 | - Runtime error fix for HPUX from Otmar Stahl |
be48d23c | 1728 | <O.Stahl@lsw.uni-heidelberg.de> |
bd499f9e | 1729 | |
4696775a | 1730 | 20000316 |
bcbf86ec | 1731 | - Fixed configure not passing LDFLAGS to Solaris. Report from David G. |
4696775a | 1732 | Hesprich <dghespri@sprintparanet.com> |
d423d822 | 1733 | - Propogate LD through to Makefile |
b7a9ce47 | 1734 | - Doc cleanups |
2ba2a610 | 1735 | - Added blurb about "scp: command not found" errors to UPGRADING |
4696775a | 1736 | |
cb0b7ea4 | 1737 | 20000315 |
1738 | - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list | |
1739 | problems with gcc/Solaris. | |
bcbf86ec | 1740 | - Don't free argument to putenv() after use (in setenv() replacement). |
db55a3ea | 1741 | Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp> |
bcbf86ec | 1742 | - Created contrib/ subdirectory. Included helpers from Phil Hands' |
13652e52 | 1743 | Debian package, README file and chroot patch from Ricardo Cerqueira |
1744 | <rmcc@clix.pt> | |
bcbf86ec | 1745 | - Moved gnome-ssh-askpass.c to contrib directory and removed config |
13652e52 | 1746 | option. |
1747 | - Slight cleanup to doc files | |
b14b2ae7 | 1748 | - Configure fix from Bratislav ILICH <bilic@zepter.ru> |
cb0b7ea4 | 1749 | |
a8ed9fd9 | 1750 | 20000314 |
bcbf86ec | 1751 | - Include macro for IN6_IS_ADDR_V4MAPPED. Report from |
a8ed9fd9 | 1752 | peter@frontierflying.com |
84afc958 | 1753 | - Include /usr/local/include and /usr/local/lib for systems that don't |
1754 | do it themselves | |
1755 | - -R/usr/local/lib for Solaris | |
1756 | - Fix RSAref detection | |
1757 | - Fix IN6_IS_ADDR_V4MAPPED macro | |
a8ed9fd9 | 1758 | |
bcf36c78 | 1759 | 20000311 |
1760 | - Detect RSAref | |
43e48848 | 1761 | - OpenBSD CVS change |
1762 | [sshd.c] | |
1763 | - disallow guessing of root password | |
867dbf40 | 1764 | - More configure fixes |
80faa19f | 1765 | - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp> |
bcf36c78 | 1766 | |
c8d54615 | 1767 | 20000309 |
1768 | - OpenBSD CVS updates to v1.2.3 | |
704b1659 | 1769 | [ssh.h atomicio.c] |
1770 | - int atomicio -> ssize_t (for alpha). ok deraadt@ | |
1771 | [auth-rsa.c] | |
1772 | - delay MD5 computation until client sends response, free() early, cleanup. | |
1773 | [cipher.c] | |
1774 | - void* -> unsigned char*, ok niels@ | |
1775 | [hostfile.c] | |
1776 | - remove unused variable 'len'. fix comments. | |
1777 | - remove unused variable | |
1778 | [log-client.c log-server.c] | |
1779 | - rename a cpp symbol, to avoid param.h collision | |
1780 | [packet.c] | |
1781 | - missing xfree() | |
1782 | - getsockname() requires initialized tolen; andy@guildsoftware.com | |
1783 | - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
1784 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
1785 | [pty.c pty.h] | |
bcbf86ec | 1786 | - register cleanup for pty earlier. move code for pty-owner handling to |
c8d54615 | 1787 | pty.c ok provos@, dugsong@ |
704b1659 | 1788 | [readconf.c] |
1789 | - turn off x11-fwd for the client, too. | |
1790 | [rsa.c] | |
1791 | - PKCS#1 padding | |
1792 | [scp.c] | |
1793 | - allow '.' in usernames; from jedgar@fxp.org | |
1794 | [servconf.c] | |
1795 | - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de | |
1796 | - sync with sshd_config | |
1797 | [ssh-keygen.c] | |
1798 | - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@ | |
1799 | [ssh.1] | |
1800 | - Change invalid 'CHAT' loglevel to 'VERBOSE' | |
1801 | [ssh.c] | |
1802 | - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp | |
1803 | - turn off x11-fwd for the client, too. | |
1804 | [sshconnect.c] | |
1805 | - missing xfree() | |
1806 | - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp. | |
1807 | - read error vs. "Connection closed by remote host" | |
1808 | [sshd.8] | |
1809 | - ie. -> i.e., | |
1810 | - do not link to a commercial page.. | |
1811 | - sync with sshd_config | |
1812 | [sshd.c] | |
1813 | - no need for poll.h; from bright@wintelcom.net | |
1814 | - log with level log() not fatal() if peer behaves badly. | |
1815 | - don't panic if client behaves strange. ok deraadt@ | |
1816 | - make no-port-forwarding for RSA keys deny both -L and -R style fwding | |
1817 | - delay close() of pty until the pty has been chowned back to root | |
1818 | - oops, fix comment, too. | |
1819 | - missing xfree() | |
1820 | - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too. | |
1821 | (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907) | |
bcbf86ec | 1822 | - register cleanup for pty earlier. move code for pty-owner handling to |
704b1659 | 1823 | pty.c ok provos@, dugsong@ |
1824 | - create x11 cookie file | |
1825 | - fix pr 1113, fclose() -> pclose(), todo: remote popen() | |
1826 | - version 1.2.3 | |
c8d54615 | 1827 | - Cleaned up |
bcbf86ec | 1828 | - Removed warning workaround for Linux and devpts filesystems (no longer |
d8223847 | 1829 | required after OpenBSD updates) |
c8d54615 | 1830 | |
07055445 | 1831 | 20000308 |
1832 | - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp> | |
1833 | ||
1834 | 20000307 | |
1835 | - Released 1.2.2p1 | |
1836 | ||
9c8c3fc6 | 1837 | 20000305 |
1838 | - Fix DEC compile fix | |
54096dcc | 1839 | - Explicitly seed OpenSSL's PRNG before checking rsa_alive() |
aa6bd60a | 1840 | - Check for getpagesize in libucb.a if not found in libc. Fix for old |
1841 | Solaris from Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 1842 | - Check for libwrap if --with-tcp-wrappers option specified. Suggestion |
9fc7867e | 1843 | Mate Wierdl <mw@moni.msci.memphis.edu> |
9c8c3fc6 | 1844 | |
6bf4d066 | 1845 | 20000303 |
1846 | - Added "make host-key" target, Suggestion from Dominik Brettnacher | |
1847 | <domi@saargate.de> | |
bcbf86ec | 1848 | - Don't permanently fail on bind() if getaddrinfo has more choices left for |
16218745 | 1849 | us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz |
1850 | Miskiewicz <misiek@pld.org.pl> | |
22fa590f | 1851 | - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au> |
1852 | - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au> | |
6bf4d066 | 1853 | |
a0391976 | 1854 | 20000302 |
1855 | - Big cleanup of autoconf code | |
1856 | - Rearranged to be a little more logical | |
1857 | - Added -R option for Solaris | |
1858 | - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program | |
1859 | to detect library and header location _and_ ensure library has proper | |
1860 | RSA support built in (this is a problem with OpenSSL 0.9.5). | |
817175bc | 1861 | - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de |
0a1718dc | 1862 | - Avoid warning message with Unix98 ptys |
bcbf86ec | 1863 | - Warning was valid - possible race condition on PTYs. Avoided using |
3276571c | 1864 | platform-specific code. |
1865 | - Document some common problems | |
bcbf86ec | 1866 | - Allow root access to any key. Patch from |
81eef326 | 1867 | markus.friedl@informatik.uni-erlangen.de |
a0391976 | 1868 | |
f55afe71 | 1869 | 20000207 |
1870 | - Removed SOCKS code. Will support through a ProxyCommand. | |
1871 | ||
d07d1c58 | 1872 | 20000203 |
1873 | - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu | |
d581b7ae | 1874 | - Add --with-ssl-dir option |
d07d1c58 | 1875 | |
9d5f374b | 1876 | 20000202 |
bcbf86ec | 1877 | - Fix lastlog code for directory based lastlogs. Fix from Josh Durham |
9d5f374b | 1878 | <jmd@aoe.vt.edu> |
6b1f3fdb | 1879 | - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 1880 | - Added URLs to Japanese translations of documents by HARUYAMA Seigo |
6b1f3fdb | 1881 | <haruyama@nt.phys.s.u-tokyo.ac.jp> |
9d5f374b | 1882 | |
bc8c2601 | 1883 | 20000201 |
1884 | - Use socket pairs by default (instead of pipes). Prevents race condition | |
1885 | on several (buggy) OSs. Report and fix from tridge@linuxcare.com | |
1886 | ||
69c76614 | 1887 | 20000127 |
1888 | - Seed OpenSSL's random number generator before generating RSA keypairs | |
1889 | - Split random collector into seperate file | |
aaf2abd7 | 1890 | - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com> |
69c76614 | 1891 | |
f9507c24 | 1892 | 20000126 |
1893 | - Released 1.2.2 stable | |
1894 | ||
bcbf86ec | 1895 | - NeXT keeps it lastlog in /usr/adm. Report from |
f9507c24 | 1896 | mouring@newton.pconline.com |
bcbf86ec | 1897 | - Added note in UPGRADING re interop with commercial SSH using idea. |
587120ad | 1898 | Report from Jim Knoble <jmknoble@pobox.com> |
1899 | - Fix linking order for Kerberos/AFS. Fix from Holget Trapp | |
1900 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
f9507c24 | 1901 | |
bfae20ad | 1902 | 20000125 |
bcbf86ec | 1903 | - Fix NULL pointer dereference in login.c. Fix from Andre Lucas |
bfae20ad | 1904 | <andre.lucas@dial.pipex.com> |
07b0cb78 | 1905 | - Reorder PAM initialisation so it does not mess up lastlog. Reported |
1906 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
bcbf86ec | 1907 | - Use preformatted manpages on SCO, report from Gary E. Miller |
9755cbdb | 1908 | <gem@rellim.com> |
1909 | - New URL for x11-ssh-askpass. | |
bcbf86ec | 1910 | - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble |
7e31dc81 | 1911 | <jmknoble@pobox.com> |
bcbf86ec | 1912 | - Added 'DESTDIR' option to Makefile to ease package building. Patch from |
ff8ecdb8 | 1913 | Jim Knoble <jmknoble@pobox.com> |
1914 | - Updated RPM spec files to use DESTDIR | |
bfae20ad | 1915 | |
bb58aa4b | 1916 | 20000124 |
1917 | - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number | |
1918 | increment) | |
1919 | ||
d45317d8 | 1920 | 20000123 |
1921 | - OpenBSD CVS: | |
1922 | - [packet.c] | |
1923 | getsockname() requires initialized tolen; andy@guildsoftware.com | |
bcbf86ec | 1924 | - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin |
4c40f834 | 1925 | <drankin@bohemians.lexington.ky.us> |
12aa90af | 1926 | - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com> |
d45317d8 | 1927 | |
e844f761 | 1928 | 20000122 |
1929 | - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor | |
1930 | <bent@clark.net> | |
c54a6257 | 1931 | - Merge preformatted manpage patch from Andre Lucas |
1932 | <andre.lucas@dial.pipex.com> | |
8eb34e02 | 1933 | - Make IPv4 use the default in RPM packages |
1934 | - Irix uses preformatted manpages | |
1e64903d | 1935 | - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp |
1936 | <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
9bc5ddfe | 1937 | - OpenBSD CVS updates: |
1938 | - [packet.c] | |
1939 | use getpeername() in packet_connection_is_on_socket(), fixes sshd -i; | |
1940 | from Holger.Trapp@Informatik.TU-Chemnitz.DE | |
1941 | - [sshd.c] | |
1942 | log with level log() not fatal() if peer behaves badly. | |
1943 | - [readpass.c] | |
bcbf86ec | 1944 | instead of blocking SIGINT, catch it ourselves, so that we can clean |
1945 | the tty modes up and kill ourselves -- instead of our process group | |
1946 | leader (scp, cvs, ...) going away and leaving us in noecho mode. | |
9bc5ddfe | 1947 | people with cbreak shells never even noticed.. |
399d9d44 | 1948 | - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] |
1949 | ie. -> i.e., | |
e844f761 | 1950 | |
4c8ef3fb | 1951 | 20000120 |
1952 | - Don't use getaddrinfo on AIX | |
7b2ea3a1 | 1953 | - Update to latest OpenBSD CVS: |
1954 | - [auth-rsa.c] | |
1955 | - fix user/1056, sshd keeps restrictions; dbt@meat.net | |
1956 | - [sshconnect.c] | |
1957 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
1958 | - destroy keys earlier | |
bcbf86ec | 1959 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 1960 | ok: provos@ |
7b2ea3a1 | 1961 | - [sshd.c] |
1962 | - no need for poll.h; from bright@wintelcom.net | |
1963 | - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags. | |
bcbf86ec | 1964 | - split key exchange (kex) and user authentication (user-auth), |
d468fc76 | 1965 | ok: provos@ |
f3bba493 | 1966 | - Big manpage and config file cleanup from Andre Lucas |
1967 | <andre.lucas@dial.pipex.com> | |
5f4fdfae | 1968 | - Re-added latest (unmodified) OpenBSD manpages |
47f9a56a | 1969 | - Doc updates |
d468fc76 | 1970 | - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and |
1971 | Christos Zoulas <christos@netbsd.org> | |
4c8ef3fb | 1972 | |
082bbfb3 | 1973 | 20000119 |
20af321f | 1974 | - SCO compile fixes from Gary E. Miller <gem@rellim.com> |
082bbfb3 | 1975 | - Compile fix from Darren_Hall@progressive.com |
59e76f33 | 1976 | - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC |
1977 | addresses using getaddrinfo(). Added a configure switch to make the | |
1978 | default lookup mode AF_INET | |
082bbfb3 | 1979 | |
a63a7f37 | 1980 | 20000118 |
1981 | - Fixed --with-pid-dir option | |
51a6baf8 | 1982 | - Makefile fix from Gary E. Miller <gem@rellim.com> |
bcbf86ec | 1983 | - Compile fix for HPUX and Solaris from Andre Lucas |
976f7e19 | 1984 | <andre.lucas@dial.pipex.com> |
a63a7f37 | 1985 | |
f914c7fb | 1986 | 20000117 |
1987 | - Clean up bsd-bindresvport.c. Use arc4random() for picking initial | |
1988 | port, ignore EINVAL errors (Linux) when searching for free port. | |
bcbf86ec | 1989 | - Revert __snprintf -> snprintf aliasing. Apparently Solaris |
de93b046 | 1990 | __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org> |
9b363e1c | 1991 | - Document location of Redhat PAM file in INSTALL. |
bcbf86ec | 1992 | - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6 |
1993 | INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to | |
f4a7cf29 | 1994 | deliver (no IPv6 kernel support) |
80a44451 | 1995 | - Released 1.2.1pre27 |
f914c7fb | 1996 | |
f4a7cf29 | 1997 | - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c) |
bcbf86ec | 1998 | - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen |
cf8ad170 | 1999 | <jhuuskon@hytti.uku.fi> |
bcbf86ec | 2000 | - Fix hang on logout if processes are still using the pty. Needs |
691a8a9f | 2001 | further testing. |
5957fd29 | 2002 | - Patch from Christos Zoulas <christos@zoulas.com> |
2003 | - Try $prefix first when looking for OpenSSL. | |
2004 | - Include sys/types.h when including sys/socket.h in test programs | |
bcbf86ec | 2005 | - Substitute PID directory in sshd.8. Suggestion from Andrew |
19d9ac2a | 2006 | Stribblehill <a.d.stribblehill@durham.ac.uk> |
f4a7cf29 | 2007 | |
47e45e44 | 2008 | 20000116 |
2009 | - Renamed --with-xauth-path to --with-xauth | |
2010 | - Added --with-pid-dir option | |
2011 | - Released 1.2.1pre26 | |
2012 | ||
a82ef8ae | 2013 | - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
bcbf86ec | 2014 | - Fixed broken bugfix for /dev/ptmx on Linux systems which lack |
66be05a1 | 2015 | openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp> |
a82ef8ae | 2016 | |
5cdfe03f | 2017 | 20000115 |
2018 | - Add --with-xauth-path configure directive and explicit test for | |
bcbf86ec | 2019 | /usr/openwin/bin/xauth for Solaris systems. Report from Anders |
5cdfe03f | 2020 | Nordby <anders@fix.no> |
bcbf86ec | 2021 | - Fix incorrect detection of /dev/ptmx on Linux systems that lack |
5cdfe03f | 2022 | openpty. Report from John Seifarth <john@waw.be> |
2023 | - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in | |
bcbf86ec | 2024 | sys/types.h. Fixes problems on SCO, report from Gary E. Miller |
5cdfe03f | 2025 | <gem@rellim.com> |
2026 | - Use __snprintf and __vnsprintf if they are found where snprintf and | |
2027 | vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net> | |
2028 | and others. | |
2029 | ||
48e671d5 | 2030 | 20000114 |
2031 | - Merged OpenBSD IPv6 patch: | |
2032 | - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1] | |
2033 | [scp.c packet.h packet.c login.c log.c canohost.c channels.c] | |
2034 | [hostfile.c sshd_config] | |
2035 | ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new | |
bcbf86ec | 2036 | features: sshd allows multiple ListenAddress and Port options. note |
2037 | that libwrap is not IPv6-ready. (based on patches from | |
48e671d5 | 2038 | fujiwara@rcac.tdi.co.jp) |
2039 | - [ssh.c canohost.c] | |
bcbf86ec | 2040 | more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, |
48e671d5 | 2041 | from itojun@ |
2042 | - [channels.c] | |
2043 | listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE) | |
2044 | - [packet.h] | |
2045 | allow auth-kerberos for IPv4 only | |
2046 | - [scp.1 sshd.8 servconf.h scp.c] | |
2047 | document -4, -6, and 'ssh -L 2022/::1/22' | |
2048 | - [ssh.c] | |
bcbf86ec | 2049 | 'ssh @host' is illegal (null user name), from |
48e671d5 | 2050 | karsten@gedankenpolizei.de |
2051 | - [sshconnect.c] | |
2052 | better error message | |
2053 | - [sshd.c] | |
2054 | allow auth-kerberos for IPv4 only | |
2055 | - Big IPv6 merge: | |
2056 | - Cleanup overrun in sockaddr copying on RHL 6.1 | |
2057 | - Replacements for getaddrinfo, getnameinfo, etc based on versions | |
2058 | from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp> | |
2059 | - Replacement for missing structures on systems that lack IPv6 | |
2060 | - record_login needed to know about AF_INET6 addresses | |
2061 | - Borrowed more code from OpenBSD: rresvport_af and requisites | |
2062 | ||
2598df62 | 2063 | 20000110 |
2064 | - Fixes to auth-skey to enable it to use the standard OpenSSL libraries | |
2065 | ||
b8a0310d | 2066 | 20000107 |
2067 | - New config.sub and config.guess to fix problems on SCO. Supplied | |
2068 | by Gary E. Miller <gem@rellim.com> | |
b6a98a85 | 2069 | - SCO build fix from Gary E. Miller <gem@rellim.com> |
2598df62 | 2070 | - Released 1.2.1pre25 |
b8a0310d | 2071 | |
dfb95100 | 2072 | 20000106 |
2073 | - Documentation update & cleanup | |
2074 | - Better KrbIV / AFS detection, based on patch from: | |
2075 | Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE> | |
2076 | ||
b9795b89 | 2077 | 20000105 |
bcbf86ec | 2078 | - Fixed annoying DES corruption problem. libcrypt has been |
b9795b89 | 2079 | overriding symbols in libcrypto. Removed libcrypt and crypt.h |
2080 | altogether (libcrypto includes its own crypt(1) replacement) | |
2081 | - Added platform-specific rules for Irix 6.x. Included warning that | |
2082 | they are untested. | |
2083 | ||
a1ec4d79 | 2084 | 20000103 |
2085 | - Add explicit make rules for files proccessed by fixpaths. | |
bcbf86ec | 2086 | - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori |
a1ec4d79 | 2087 | <tnh@kondara.org> |
bcbf86ec | 2088 | - Removed "nullok" directive from default PAM configuration files. |
2089 | Added information on enabling EmptyPasswords on openssh+PAM in | |
607d73e6 | 2090 | UPGRADING file. |
e02735bb | 2091 | - OpenBSD CVS updates |
2092 | - [ssh-agent.c] | |
bcbf86ec | 2093 | cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and |
e02735bb | 2094 | dgaudet@arctic.org |
2095 | - [sshconnect.c] | |
2096 | compare correct version for 1.3 compat mode | |
a1ec4d79 | 2097 | |
93c7f644 | 2098 | 20000102 |
2099 | - Prevent multiple inclusion of config.h and defines.h. Suggested | |
2100 | by Andre Lucas <andre.lucas@dial.pipex.com> | |
2101 | - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet | |
2102 | <dgaudet@arctic.org> | |
2103 | ||
76b8607f | 2104 | 19991231 |
bcbf86ec | 2105 | - Fix password support on systems with a mixture of shadowed and |
2106 | non-shadowed passwords (e.g. NIS). Report and fix from | |
76b8607f | 2107 | HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp> |
bcbf86ec | 2108 | - Fix broken autoconf typedef detection. Report from Marc G. |
723221b5 | 2109 | Fournier <marc.fournier@acadiau.ca> |
b92964b7 | 2110 | - Fix occasional crash on LinuxPPC. Patch from Franz Sirl |
2111 | <Franz.Sirl-kernel@lauterbach.com> | |
bcbf86ec | 2112 | - Prevent typedefs from being compiled more than once. Report from |
a6ddc88b | 2113 | Marc G. Fournier <marc.fournier@acadiau.ca> |
4811cc0b | 2114 | - Fill in ut_utaddr utmp field. Report from Benjamin Charron |
2115 | <iretd@bigfoot.com> | |
bcbf86ec | 2116 | - Really fix broken default path. Fix from Jim Knoble |
c43d69a9 | 2117 | <jmknoble@pobox.com> |
ae3a3d31 | 2118 | - Remove test for quad_t. No longer needed. |
76a8e733 | 2119 | - Released 1.2.1pre24 |
2120 | ||
2121 | - Added support for directory-based lastlogs | |
2122 | - Really fix typedefs, patch from Ben Taylor <bent@clark.net> | |
76b8607f | 2123 | |
13f825f4 | 2124 | 19991230 |
2125 | - OpenBSD CVS updates: | |
2126 | - [auth-passwd.c] | |
2127 | check for NULL 1st | |
bcbf86ec | 2128 | - Removed most of the pam code into its own file auth-pam.[ch]. This |
a5c9cd31 | 2129 | cleaned up sshd.c up significantly. |
bcbf86ec | 2130 | - PAM authentication was incorrectly interpreting |
76b8607f | 2131 | "PermitRootLogin without-password". Report from Matthias Andree |
2132 | <ma@dt.e-technik.uni-dortmund.de | |
a5c9cd31 | 2133 | - Several other cleanups |
0bc5b6fb | 2134 | - Merged Dante SOCKS support patch from David Rankin |
2135 | <drankin@bohemians.lexington.ky.us> | |
2136 | - Updated documentation with ./configure options | |
76b8607f | 2137 | - Released 1.2.1pre23 |
13f825f4 | 2138 | |
c73a0cb5 | 2139 | 19991229 |
bcbf86ec | 2140 | - Applied another NetBSD portability patch from David Rankin |
c73a0cb5 | 2141 | <drankin@bohemians.lexington.ky.us> |
2142 | - Fix --with-default-path option. | |
bcbf86ec | 2143 | - Autodetect perl, patch from David Rankin |
a0f84251 | 2144 | <drankin@bohemians.lexington.ky.us> |
bcbf86ec | 2145 | - Print whether OpenSSH was compiled with RSARef, patch from |
0a2ff95d | 2146 | Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu> |
bcbf86ec | 2147 | - Calls to pam_setcred, patch from Nalin Dahyabhai |
f91bacbd | 2148 | <nalin@thermo.stat.ncsu.edu> |
e3a93db0 | 2149 | - Detect missing size_t and typedef it. |
5ab44a92 | 2150 | - Rename helper.[ch] to (more appropriate) bsd-misc.[ch] |
2151 | - Minor Makefile cleaning | |
c73a0cb5 | 2152 | |
b6019d68 | 2153 | 19991228 |
2154 | - Replacement for getpagesize() for systems which lack it | |
bcbf86ec | 2155 | - NetBSD login.c compile fix from David Rankin |
70e0115b | 2156 | <drankin@bohemians.lexington.ky.us> |
2157 | - Fully set ut_tv if present in utmp or utmpx | |
d94aa2ae | 2158 | - Portability fixes for Irix 5.3 (now compiles OK!) |
2159 | - autoconf and other misc cleanups | |
ea1970a3 | 2160 | - Merged AIX patch from Darren Hall <dhall@virage.org> |
2161 | - Cleaned up defines.h | |
fa9a2dd6 | 2162 | - Released 1.2.1pre22 |
b6019d68 | 2163 | |
d2dcff5f | 2164 | 19991227 |
2165 | - Automatically correct paths in manpages and configuration files. Patch | |
2166 | and script from Andre Lucas <andre.lucas@dial.pipex.com> | |
2167 | - Removed credits from README to CREDITS file, updated. | |
cb807f40 | 2168 | - Added --with-default-path to specify custom path for server |
2169 | - Removed #ifdef trickery from acconfig.h into defines.h | |
36a5b38e | 2170 | - PAM bugfix. PermitEmptyPassword was being ignored. |
2171 | - Fixed PAM config files to allow empty passwords if server does. | |
2172 | - Explained spurious PAM auth warning workaround in UPGRADING | |
21feb5fa | 2173 | - Use last few chars of tty line as ut_id |
5a7794be | 2174 | - New SuSE RPM spec file from Chris Saia <csaia@wtower.com> |
00e6dd70 | 2175 | - OpenBSD CVS updates: |
2176 | - [packet.h auth-rhosts.c] | |
2177 | check format string for packet_disconnect and packet_send_debug, too | |
2178 | - [channels.c] | |
2179 | use packet_get_maxsize for channels. consistence. | |
d2dcff5f | 2180 | |
f74efc8d | 2181 | 19991226 |
2182 | - Enabled utmpx support by default for Solaris | |
2183 | - Cleanup sshd.c PAM a little more | |
bc7ea646 | 2184 | - Revised RPM package to include Jim Knoble's <jmknoble@pobox.com> |
2185 | X11 ssh-askpass program. | |
20c43d8c | 2186 | - Disable logging of PAM success and failures, PAM is verbose enough. |
bcbf86ec | 2187 | Unfortunatly there is currently no way to disable auth failure |
2188 | messages. Mention this in UPGRADING file and sent message to PAM | |
20c43d8c | 2189 | developers |
83b7f649 | 2190 | - OpenBSD CVS update: |
2191 | - [ssh-keygen.1 ssh.1] | |
bcbf86ec | 2192 | remove ref to .ssh/random_seed, mention .ssh/environment in |
83b7f649 | 2193 | .Sh FILES, too |
72251cb6 | 2194 | - Released 1.2.1pre21 |
bcbf86ec | 2195 | - Fixed implicit '.' in default path, report from Jim Knoble |
72251cb6 | 2196 | <jmknoble@pobox.com> |
30a39691 | 2197 | - Redhat RPM spec fixes from Jim Knoble <jmknoble@pobox.com> |
f74efc8d | 2198 | |
f498ed15 | 2199 | 19991225 |
2200 | - More fixes from Andre Lucas <andre.lucas@dial.pipex.com> | |
2201 | - Cleanup of auth-passwd.c for shadow and MD5 passwords | |
2202 | - Cleanup and bugfix of PAM authentication code | |
f74efc8d | 2203 | - Released 1.2.1pre20 |
2204 | ||
2205 | - Merged fixes from Ben Taylor <bent@clark.net> | |
2206 | - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk> | |
2207 | - Disabled logging of PAM password authentication failures when password | |
2208 | is empty. (e.g start of authentication loop). Reported by Naz | |
2209 | <96na@eng.cam.ac.uk>) | |
f498ed15 | 2210 | |
2211 | 19991223 | |
bcbf86ec | 2212 | - Merged later HPUX patch from Andre Lucas |
f498ed15 | 2213 | <andre.lucas@dial.pipex.com> |
2214 | - Above patch included better utmpx support from Ben Taylor | |
f74efc8d | 2215 | <bent@clark.net> |
f498ed15 | 2216 | |
eef6f7e9 | 2217 | 19991222 |
bcbf86ec | 2218 | - Fix undefined fd_set type in ssh.h from Povl H. Pedersen |
eef6f7e9 | 2219 | <pope@netguide.dk> |
ae28776a | 2220 | - Fix login.c breakage on systems which lack ut_host in struct |
2221 | utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com> | |
eef6f7e9 | 2222 | |
a7effaac | 2223 | 19991221 |
bcbf86ec | 2224 | - Integration of large HPUX patch from Andre Lucas |
2225 | <andre.lucas@dial.pipex.com>. Integrating it had a few other | |
a7effaac | 2226 | benefits: |
2227 | - Ability to disable shadow passwords at configure time | |
2228 | - Ability to disable lastlog support at configure time | |
2229 | - Support for IP address in $DISPLAY | |
ae2f7af7 | 2230 | - OpenBSD CVS update: |
2231 | - [sshconnect.c] | |
2232 | say "REMOTE HOST IDENTIFICATION HAS CHANGED" | |
59dd7a31 | 2233 | - Fix DISABLE_SHADOW support |
2234 | - Allow MD5 passwords even if shadow passwords are disabled | |
16034de9 | 2235 | - Release 1.2.1pre19 |
a7effaac | 2236 | |
3f1d9bcd | 2237 | 19991218 |
bcbf86ec | 2238 | - Redhat init script patch from Chun-Chung Chen |
3f1d9bcd | 2239 | <cjj@u.washington.edu> |
7e1c2490 | 2240 | - Avoid breakage on systems without IPv6 headers |
3f1d9bcd | 2241 | |
60d804c8 | 2242 | 19991216 |
bcbf86ec | 2243 | - Makefile changes for Solaris from Peter Kocks |
60d804c8 | 2244 | <peter.kocks@baygate.com> |
89cafde6 | 2245 | - Minor updates to docs |
2246 | - Merged OpenBSD CVS changes: | |
2247 | - [authfd.c ssh-agent.c] | |
2248 | keysize warnings talk about identity files | |
2249 | - [packet.c] | |
2250 | "Connection closed by x.x.x.x": fatal() -> log() | |
bcbf86ec | 2251 | - Correctly handle empty passwords in shadow file. Patch from: |
c9d323f0 | 2252 | "Chris, the Young One" <cky@pobox.com> |
2253 | - Released 1.2.1pre18 | |
60d804c8 | 2254 | |
7dc6fc6d | 2255 | 19991215 |
2256 | - Integrated patchs from Juergen Keil <jk@tools.de> | |
2257 | - Avoid void* pointer arithmatic | |
2258 | - Use LDFLAGS correctly | |
68227e6d | 2259 | - Fix SIGIO error in scp |
2260 | - Simplify status line printing in scp | |
bcbf86ec | 2261 | - Added better test for inline functions compiler support from |
906a2515 | 2262 | Darren_Hall@progressive.com |
7dc6fc6d | 2263 | |
95f1eccc | 2264 | 19991214 |
2265 | - OpenBSD CVS Changes | |
2266 | - [canohost.c] | |
bcbf86ec | 2267 | fix get_remote_port() and friends for sshd -i; |
95f1eccc | 2268 | Holger.Trapp@Informatik.TU-Chemnitz.DE |
2269 | - [mpaux.c] | |
2270 | make code simpler. no need for memcpy. niels@ ok | |
2271 | - [pty.c] | |
2272 | namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org | |
2273 | fix proto; markus | |
2274 | - [ssh.1] | |
2275 | typo; mark.baushke@solipsa.com | |
2276 | - [channels.c ssh.c ssh.h sshd.c] | |
2277 | type conflict for 'extern Type *options' in channels.c; dot@dotat.at | |
2278 | - [sshconnect.c] | |
2279 | move checking of hostkey into own function. | |
2280 | - [version.h] | |
2281 | OpenSSH-1.2.1 | |
884bcb37 | 2282 | - Clean up broken includes in pty.c |
7303768f | 2283 | - Some older systems don't have poll.h, they use sys/poll.h instead |
2284 | - Doc updates | |
95f1eccc | 2285 | |
847e8865 | 2286 | 19991211 |
bcbf86ec | 2287 | - Fix compilation on systems with AFS. Reported by |
847e8865 | 2288 | aloomis@glue.umd.edu |
bcbf86ec | 2289 | - Fix installation on Solaris. Reported by |
847e8865 | 2290 | Gordon Rowell <gordonr@gormand.com.au> |
2291 | - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com, | |
2292 | patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de> | |
2293 | - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com> | |
2294 | - Compile fix from David Agraz <dagraz@jahoopa.com> | |
2295 | - Avoid compiler warning in bsd-snprintf.c | |
bcbf86ec | 2296 | - Added pam_limits.so to default PAM config. Suggested by |
847e8865 | 2297 | Jim Knoble <jmknoble@pobox.com> |
2298 | ||
8946db53 | 2299 | 19991209 |
2300 | - Import of patch from Ben Taylor <bent@clark.net>: | |
2301 | - Improved PAM support | |
2302 | - "uninstall" rule for Makefile | |
2303 | - utmpx support | |
2304 | - Should fix PAM problems on Solaris | |
2d86a6cc | 2305 | - OpenBSD CVS updates: |
2306 | - [readpass.c] | |
2307 | avoid stdio; based on work by markus, millert, and I | |
2308 | - [sshd.c] | |
2309 | make sure the client selects a supported cipher | |
2310 | - [sshd.c] | |
bcbf86ec | 2311 | fix sighup handling. accept would just restart and daemon handled |
2312 | sighup only after the next connection was accepted. use poll on | |
2d86a6cc | 2313 | listen sock now. |
2314 | - [sshd.c] | |
2315 | make that a fatal | |
87e91331 | 2316 | - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us> |
2317 | to fix libwrap support on NetBSD | |
5001b9e4 | 2318 | - Released 1.2pre17 |
8946db53 | 2319 | |
6d8c4ea4 | 2320 | 19991208 |
bcbf86ec | 2321 | - Compile fix for Solaris with /dev/ptmx from |
6d8c4ea4 | 2322 | David Agraz <dagraz@jahoopa.com> |
2323 | ||
4285816a | 2324 | 19991207 |
2325 | - sshd Redhat init script patch from Jim Knoble <jmknoble@pobox.com> | |
2326 | fixes compatability with 4.x and 5.x | |
db28aeb5 | 2327 | - Fixed default SSH_ASKPASS |
bcbf86ec | 2328 | - Fix PAM account and session being called multiple times. Problem |
d465f2ca | 2329 | reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk> |
a408af76 | 2330 | - Merged more OpenBSD changes: |
2331 | - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c] | |
bcbf86ec | 2332 | move atomicio into it's own file. wrap all socket write()s which |
a408af76 | 2333 | were doing write(sock, buf, len) != len, with atomicio() calls. |
2334 | - [auth-skey.c] | |
2335 | fd leak | |
2336 | - [authfile.c] | |
2337 | properly name fd variable | |
2338 | - [channels.c] | |
2339 | display great hatred towards strcpy | |
2340 | - [pty.c pty.h sshd.c] | |
2341 | use openpty() if it exists (it does on BSD4_4) | |
2342 | - [tildexpand.c] | |
2343 | check for ~ expansion past MAXPATHLEN | |
2344 | - Modified helper.c to use new atomicio function. | |
2345 | - Reformat Makefile a little | |
2346 | - Moved RC4 routines from rc4.[ch] into helper.c | |
2347 | - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX) | |
9983a8ca | 2348 | - Updated SuSE spec from Chris Saia <csaia@wtower.com> |
2349 | - Tweaked Redhat spec | |
9158d92f | 2350 | - Clean up bad imports of a few files (forgot -kb) |
2351 | - Released 1.2pre16 | |
4285816a | 2352 | |
9c7b6dfd | 2353 | 19991204 |
2354 | - Small cleanup of PAM code in sshd.c | |
57112b5a | 2355 | - Merged OpenBSD CVS changes: |
2356 | - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h] | |
2357 | move skey-auth from auth-passwd.c to auth-skey.c, same for krb4 | |
2358 | - [auth-rsa.c] | |
2359 | warn only about mismatch if key is _used_ | |
2360 | warn about keysize-mismatch with log() not error() | |
2361 | channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c | |
2362 | ports are u_short | |
2363 | - [hostfile.c] | |
2364 | indent, shorter warning | |
2365 | - [nchan.c] | |
2366 | use error() for internal errors | |
2367 | - [packet.c] | |
2368 | set loglevel for SSH_MSG_DISCONNECT to log(), not fatal() | |
2369 | serverloop.c | |
2370 | indent | |
2371 | - [ssh-add.1 ssh-add.c ssh.h] | |
2372 | document $SSH_ASKPASS, reasonable default | |
2373 | - [ssh.1] | |
2374 | CheckHostIP is not available for connects via proxy command | |
2375 | - [sshconnect.c] | |
2376 | typo | |
2377 | easier to read client code for passwd and skey auth | |
2378 | turn of checkhostip for proxy connects, since we don't know the remote ip | |
9c7b6dfd | 2379 | |
dad3b556 | 2380 | 19991126 |
2381 | - Add definition for __P() | |
2382 | - Added [v]snprintf() replacement for systems that lack it | |
2383 | ||
0ce43ae4 | 2384 | 19991125 |
2385 | - More reformatting merged from OpenBSD CVS | |
2386 | - Merged OpenBSD CVS changes: | |
2387 | - [channels.c] | |
2388 | fix packet_integrity_check() for !have_hostname_in_open. | |
2389 | report from mrwizard@psu.edu via djm@ibs.com.au | |
2390 | - [channels.c] | |
2391 | set SO_REUSEADDR and SO_LINGER for forwarded ports. | |
2392 | chip@valinux.com via damien@ibs.com.au | |
2393 | - [nchan.c] | |
2394 | it's not an error() if shutdown_write failes in nchan. | |
2395 | - [readconf.c] | |
2396 | remove dead #ifdef-0-code | |
2397 | - [readconf.c servconf.c] | |
2398 | strcasecmp instead of tolower | |
2399 | - [scp.c] | |
2400 | progress meter overflow fix from damien@ibs.com.au | |
2401 | - [ssh-add.1 ssh-add.c] | |
2402 | SSH_ASKPASS support | |
2403 | - [ssh.1 ssh.c] | |
2404 | postpone fork_after_authentication until command execution, | |
2405 | request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au | |
2406 | plus: use daemon() for backgrounding | |
cf8dd513 | 2407 | - Added BSD compatible install program and autoconf test, thanks to |
2408 | Niels Kristian Bech Jensen <nkbj@image.dk> | |
2409 | - Solaris fixing, thanks to Ben Taylor <bent@clark.net> | |
09041313 | 2410 | - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com> |
3dbefdb8 | 2411 | - Release 1.2pre15 |
0ce43ae4 | 2412 | |
5260325f | 2413 | 19991124 |
2414 | - Merged very large OpenBSD source code reformat | |
2415 | - OpenBSD CVS updates | |
2416 | - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] | |
2417 | [ssh.h sshd.8 sshd.c] | |
2418 | syslog changes: | |
2419 | * Unified Logmessage for all auth-types, for success and for failed | |
2420 | * Standard connections get only ONE line in the LOG when level==LOG: | |
2421 | Auth-attempts are logged only, if authentication is: | |
2422 | a) successfull or | |
2423 | b) with passwd or | |
2424 | c) we had more than AUTH_FAIL_LOG failues | |
2425 | * many log() became verbose() | |
2426 | * old behaviour with level=VERBOSE | |
2427 | - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] | |
2428 | tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE | |
2429 | messages. allows use of s/key in windows (ttssh, securecrt) and | |
2430 | ssh-1.2.27 clients without 'ssh -v', ok: niels@ | |
2431 | - [sshd.8] | |
2432 | -V, for fallback to openssh in SSH2 compatibility mode | |
2433 | - [sshd.c] | |
2434 | fix sigchld race; cjc5@po.cwru.edu | |
2435 | ||
4655fe80 | 2436 | 19991123 |
2437 | - Added SuSE package files from Chris Saia <csaia@wtower.com> | |
8b241e50 | 2438 | - Restructured package-related files under packages/* |
4655fe80 | 2439 | - Added generic PAM config |
8b241e50 | 2440 | - Numerous little Solaris fixes |
9c08d6ce | 2441 | - Add recommendation to use GNU make to INSTALL document |
4655fe80 | 2442 | |
60bed5fd | 2443 | 19991122 |
2444 | - Make <enter> close gnome-ssh-askpass (Debian bug #50299) | |
2f2cc3f9 | 2445 | - OpenBSD CVS Changes |
bcbf86ec | 2446 | - [ssh-keygen.c] |
2447 | don't create ~/.ssh only if the user wants to store the private | |
2448 | key there. show fingerprint instead of public-key after | |
2f2cc3f9 | 2449 | keygeneration. ok niels@ |
b09a984b | 2450 | - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h |
96ad4350 | 2451 | - Added timersub() macro |
b09a984b | 2452 | - Tidy RCSIDs of bsd-*.c |
bcbf86ec | 2453 | - Added autoconf test and macro to deal with old PAM libraries |
96ad4350 | 2454 | pam_strerror definition (one arg vs two). |
530f1889 | 2455 | - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>) |
bcbf86ec | 2456 | - Retry /dev/urandom reads interrupted by signal (report from |
530f1889 | 2457 | Robert Hardy <rhardy@webcon.net>) |
1647c2b5 | 2458 | - Added a setenv replacement for systems which lack it |
d84a9a44 | 2459 | - Only display public key comment when presenting ssh-askpass dialog |
2460 | - Released 1.2pre14 | |
60bed5fd | 2461 | |
bcbf86ec | 2462 | - Configure, Make and changelog corrections from Tudor Bosman |
2ddcfdf3 | 2463 | <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk> |
2464 | ||
9d6b7add | 2465 | 19991121 |
2f2cc3f9 | 2466 | - OpenBSD CVS Changes: |
60bed5fd | 2467 | - [channels.c] |
2468 | make this compile, bad markus | |
2469 | - [log.c readconf.c servconf.c ssh.h] | |
2470 | bugfix: loglevels are per host in clientconfig, | |
2471 | factor out common log-level parsing code. | |
2472 | - [servconf.c] | |
2473 | remove unused index (-Wall) | |
2474 | - [ssh-agent.c] | |
2475 | only one 'extern char *__progname' | |
2476 | - [sshd.8] | |
2477 | document SIGHUP, -Q to synopsis | |
2478 | - [sshconnect.c serverloop.c sshd.c packet.c packet.h] | |
2479 | [channels.c clientloop.c] | |
2480 | SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ | |
2481 | [hope this time my ISP stays alive during commit] | |
2482 | - [OVERVIEW README] typos; green@freebsd | |
2483 | - [ssh-keygen.c] | |
2484 | replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me) | |
2485 | exit if writing the key fails (no infinit loop) | |
2486 | print usage() everytime we get bad options | |
2487 | - [ssh-keygen.c] overflow, djm@mindrot.org | |
2488 | - [sshd.c] fix sigchld race; cjc5@po.cwru.edu | |
bcbf86ec | 2489 | |
2b942fe0 | 2490 | 19991120 |
bcbf86ec | 2491 | - Merged more Solaris support from Marc G. Fournier |
2b942fe0 | 2492 | <marc.fournier@acadiau.ca> |
2493 | - Wrote autoconf tests for integer bit-types | |
2494 | - Fixed enabling kerberos support | |
bcbf86ec | 2495 | - Fix segfault in ssh-keygen caused by buffer overrun in filename |
13c36c4c | 2496 | handling. |
2b942fe0 | 2497 | |
06479889 | 2498 | 19991119 |
2499 | - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com> | |
2ad77510 | 2500 | - Merged OpenBSD CVS changes |
2501 | - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] | |
2502 | more %d vs. %s in fmt-strings | |
2503 | - [authfd.c] | |
2504 | Integers should not be printed with %s | |
7b1cc56c | 2505 | - EGD uses a socket, not a named pipe. Duh. |
2506 | - Fix includes in fingerprint.c | |
29dbde15 | 2507 | - Fix scp progress bar bug again. |
bcbf86ec | 2508 | - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of |
736890c4 | 2509 | David Rankin <drankin@bohemians.lexington.ky.us> |
91b8065d | 2510 | - Added autoconf option to enable Kerberos 4 support (untested) |
2511 | - Added autoconf option to enable AFS support (untested) | |
2512 | - Added autoconf option to enable S/Key support (untested) | |
2513 | - Added autoconf option to enable TCP wrappers support (compiles OK) | |
beb43d31 | 2514 | - Renamed BSD helper function files to bsd-* |
bcbf86ec | 2515 | - Added tests for login and daemon and enable OpenBSD replacements for |
caf3bc51 | 2516 | when they are absent. |
2517 | - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu> | |
06479889 | 2518 | |
2bd61362 | 2519 | 19991118 |
2520 | - Merged OpenBSD CVS changes | |
2521 | - [scp.c] foregroundproc() in scp | |
2522 | - [sshconnect.h] include fingerprint.h | |
bcbf86ec | 2523 | - [sshd.c] bugfix: the log() for passwd-auth escaped during logging |
2bd61362 | 2524 | changes. |
0c16a097 | 2525 | - [ssh.1] Spell my name right. |
2bd61362 | 2526 | - Added openssh.com info to README |
2527 | ||
f095fcc7 | 2528 | 19991117 |
2529 | - Merged OpenBSD CVS changes | |
2530 | - [ChangeLog.Ylonen] noone needs this anymore | |
2531 | - [authfd.c] close-on-exec for auth-socket, ok deraadt | |
bcbf86ec | 2532 | - [hostfile.c] |
2533 | in known_hosts key lookup the entry for the bits does not need | |
2534 | to match, all the information is contained in n and e. This | |
2535 | solves the problem with buggy servers announcing the wrong | |
f095fcc7 | 2536 | modulus length. markus and me. |
bcbf86ec | 2537 | - [serverloop.c] |
2538 | bugfix: check for space if child has terminated, from: | |
f095fcc7 | 2539 | iedowse@maths.tcd.ie |
2540 | - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] | |
2541 | [fingerprint.c fingerprint.h] | |
2542 | rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se> | |
2543 | - [ssh-agent.1] typo | |
2544 | - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ | |
bcbf86ec | 2545 | - [sshd.c] |
f095fcc7 | 2546 | force logging to stderr while loading private key file |
2547 | (lost while converting to new log-levels) | |
2548 | ||
4d195447 | 2549 | 19991116 |
2550 | - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> | |
2551 | - Merged OpenBSD CVS changes: | |
2552 | - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] | |
2553 | [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] | |
2554 | the keysize of rsa-parameter 'n' is passed implizit, | |
2555 | a few more checks and warnings about 'pretended' keysizes. | |
2556 | - [cipher.c cipher.h packet.c packet.h sshd.c] | |
2557 | remove support for cipher RC4 | |
2558 | - [ssh.c] | |
2559 | a note for legay systems about secuity issues with permanently_set_uid(), | |
2560 | the private hostkey and ptrace() | |
2561 | - [sshconnect.c] | |
2562 | more detailed messages about adding and checking hostkeys | |
2563 | ||
dad9a31e | 2564 | 19991115 |
2565 | - Merged OpenBSD CVS changes: | |
bcbf86ec | 2566 | - [ssh-add.c] change passphrase loop logic and remove ref to |
dad9a31e | 2567 | $DISPLAY, ok niels |
2568 | - Changed to ssh-add.c broke askpass support. Revised it to be a little more | |
bcbf86ec | 2569 | modular. |
dad9a31e | 2570 | - Revised autoconf support for enabling/disabling askpass support. |
e7c0f9d5 | 2571 | - Merged more OpenBSD CVS changes: |
704b1659 | 2572 | [auth-krb4.c] |
2573 | - disconnect if getpeername() fails | |
2574 | - missing xfree(*client) | |
2575 | [canohost.c] | |
2576 | - disconnect if getpeername() fails | |
2577 | - fix comment: we _do_ disconnect if ip-options are set | |
2578 | [sshd.c] | |
2579 | - disconnect if getpeername() fails | |
2580 | - move checking of remote port to central place | |
2581 | [auth-rhosts.c] move checking of remote port to central place | |
2582 | [log-server.c] avoid extra fd per sshd, from millert@ | |
2583 | [readconf.c] print _all_ bad config-options in ssh(1), too | |
2584 | [readconf.h] print _all_ bad config-options in ssh(1), too | |
2585 | [ssh.c] print _all_ bad config-options in ssh(1), too | |
2586 | [sshconnect.c] disconnect if getpeername() fails | |
e7c0f9d5 | 2587 | - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. |
c75a1a66 | 2588 | - Various small cleanups to bring diff (against OpenBSD) size down. |
f601d847 | 2589 | - Merged more Solaris compability from Marc G. Fournier |
2590 | <marc.fournier@acadiau.ca> | |
2591 | - Wrote autoconf tests for __progname symbol | |
8c119fd0 | 2592 | - RPM spec file fixes from Jim Knoble <jmknoble@pobox.com> |
0c372277 | 2593 | - Released 1.2pre12 |
2594 | ||
2595 | - Another OpenBSD CVS update: | |
2596 | - [ssh-keygen.1] fix .Xr | |
dad9a31e | 2597 | |
92da7197 | 2598 | 19991114 |
2599 | - Solaris compilation fixes (still imcomplete) | |
2600 | ||
94f7bb9e | 2601 | 19991113 |
dd092f97 | 2602 | - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk> |
2603 | - Don't install config files if they already exist | |
2604 | - Fix inclusion of additional preprocessor directives from acconfig.h | |
94f7bb9e | 2605 | - Removed redundant inclusions of config.h |
e9c75a39 | 2606 | - Added 'Obsoletes' lines to RPM spec file |
94f7bb9e | 2607 | - Merged OpenBSD CVS changes: |
2608 | - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels | |
bcbf86ec | 2609 | - [scp.c] fix overflow reported by damien@ibs.com.au: off_t |
94f7bb9e | 2610 | totalsize, ok niels,aaron |
bcbf86ec | 2611 | - Delay fork (-f option) in ssh until after port forwarded connections |
94f7bb9e | 2612 | have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi> |
b2344d54 | 2613 | - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de> |
2614 | - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled | |
dd092f97 | 2615 | - Tidied default config file some more |
2616 | - Revised Redhat initscript to fix bug: sshd (re)start would fail | |
2617 | if executed from inside a ssh login. | |
94f7bb9e | 2618 | |
e35c1dc2 | 2619 | 19991112 |
2620 | - Merged changes from OpenBSD CVS | |
2621 | - [sshd.c] session_key_int may be zero | |
b4748e2f | 2622 | - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] |
bcbf86ec | 2623 | IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok |
b4748e2f | 2624 | deraadt,millert |
2625 | - Brought default sshd_config more in line with OpenBSD's | |
547c9f30 | 2626 | - Grab server in gnome-ssh-askpass (Debian bug #49872) |
2627 | - Released 1.2pre10 | |
e35c1dc2 | 2628 | |
8bc7973f | 2629 | - Added INSTALL documentation |
6fa724bc | 2630 | - Merged yet more changes from OpenBSD CVS |
2631 | - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] | |
2632 | [ssh.c ssh.h sshconnect.c sshd.c] | |
2633 | make all access to options via 'extern Options options' | |
2634 | and 'extern ServerOptions options' respectively; | |
2635 | options are no longer passed as arguments: | |
2636 | * make options handling more consistent | |
2637 | * remove #include "readconf.h" from ssh.h | |
2638 | * readconf.h is only included if necessary | |
2639 | - [mpaux.c] clear temp buffer | |
2640 | - [servconf.c] print _all_ bad options found in configfile | |
045672f9 | 2641 | - Make ssh-askpass support optional through autoconf |
59b0f0d4 | 2642 | - Fix nasty division-by-zero error in scp.c |
2643 | - Released 1.2pre11 | |
8bc7973f | 2644 | |
4cca272e | 2645 | 19991111 |
2646 | - Added (untested) Entropy Gathering Daemon (EGD) support | |
67d68e3a | 2647 | - Fixed /dev/urandom fd leak (Debian bug #49722) |
5bbb5681 | 2648 | - Merged OpenBSD CVS changes: |
2649 | - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
2650 | - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
2651 | - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
bcbf86ec | 2652 | - Fix integer overflow which was messing up scp's progress bar for large |
3f1d9bcd | 2653 | file transfers. Fix submitted to OpenBSD developers. Report and fix |
2654 | from Kees Cook <cook@cpoint.net> | |
6a17f9c2 | 2655 | - Merged more OpenBSD CVS changes: |
bcbf86ec | 2656 | - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() |
6a17f9c2 | 2657 | + krb-cleanup cleanup |
2658 | - [clientloop.c log-client.c log-server.c ] | |
2659 | [readconf.c readconf.h servconf.c servconf.h ] | |
2660 | [ssh.1 ssh.c ssh.h sshd.8] | |
2661 | add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, | |
2662 | obsoletes QuietMode and FascistLogging in sshd. | |
e35c1dc2 | 2663 | - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: |
2664 | allow session_key_int != sizeof(session_key) | |
2665 | [this should fix the pre-assert-removal-core-files] | |
2666 | - Updated default config file to use new LogLevel option and to improve | |
2667 | readability | |
2668 | ||
f370266e | 2669 | 19991110 |
67d68e3a | 2670 | - Merged several minor fixes: |
f370266e | 2671 | - ssh-agent commandline parsing |
2672 | - RPM spec file now installs ssh setuid root | |
2673 | - Makefile creates libdir | |
4cca272e | 2674 | - Merged beginnings of Solaris compability from Marc G. Fournier |
2675 | <marc.fournier@acadiau.ca> | |
f370266e | 2676 | |
d4f11b59 | 2677 | 19991109 |
2678 | - Autodetection of SSL/Crypto library location via autoconf | |
2679 | - Fixed location of ssh-askpass to follow autoconf | |
2680 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
2681 | - Autodetection of RSAref library for US users | |
2682 | - Minor doc updates | |
560557bb | 2683 | - Merged OpenBSD CVS changes: |
2684 | - [rsa.c] bugfix: use correct size for memset() | |
2685 | - [sshconnect.c] warn if announced size of modulus 'n' != real size | |
f025becb | 2686 | - Added GNOME passphrase requestor (use --with-gnome-askpass) |
d397b172 | 2687 | - RPM build now creates subpackages |
aa51e7cc | 2688 | - Released 1.2pre9 |
d4f11b59 | 2689 | |
e1a9c08d | 2690 | 19991108 |
2691 | - Removed debian/ directory. This is now being maintained separately. | |
2692 | - Added symlinks for slogin in RPM spec file | |
2693 | - Fixed permissions on manpages in RPM spec file | |
2694 | - Added references to required libraries in README file | |
2695 | - Removed config.h.in from CVS | |
2696 | - Removed pwdb support (better pluggable auth is provided by glibc) | |
2697 | - Made PAM and requisite libdl optional | |
2698 | - Removed lots of unnecessary checks from autoconf | |
2699 | - Added support and autoconf test for openpty() function (Unix98 pty support) | |
2700 | - Fix for scp not finding ssh if not installed as /usr/bin/ssh | |
2701 | - Added TODO file | |
2702 | - Merged parts of Debian patch From Phil Hands <phil@hands.com>: | |
2703 | - Added ssh-askpass program | |
2704 | - Added ssh-askpass support to ssh-add.c | |
2705 | - Create symlinks for slogin on install | |
2706 | - Fix "distclean" target in makefile | |
2707 | - Added example for ssh-agent to manpage | |
2708 | - Added support for PAM_TEXT_INFO messages | |
2709 | - Disable internal /etc/nologin support if PAM enabled | |
2710 | - Merged latest OpenBSD CVS changes: | |
5bae4ab8 | 2711 | - [all] replace assert() with error, fatal or packet_disconnect |
e1a9c08d | 2712 | - [sshd.c] don't send fail-msg but disconnect if too many authentication |
2713 | failures | |
e1a9c08d | 2714 | - [sshd.c] remove unused argument. ok dugsong |
2715 | - [sshd.c] typo | |
2716 | - [rsa.c] clear buffers used for encryption. ok: niels | |
2717 | - [rsa.c] replace assert() with error, fatal or packet_disconnect | |
ade6fccd | 2718 | - [auth-krb4.c] remove unused argument. ok dugsong |
e1a9c08d | 2719 | - Fixed coredump after merge of OpenBSD rsa.c patch |
9010d60a | 2720 | - Released 1.2pre8 |
e1a9c08d | 2721 | |
3028328e | 2722 | 19991102 |
2723 | - Merged change from OpenBSD CVS | |
2724 | - One-line cleanup in sshd.c | |
2725 | ||
474832c5 | 2726 | 19991030 |
2727 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> | |
69256d9d | 2728 | - Merged latest updates for OpenBSD CVS: |
2729 | - channels.[ch] - remove broken x11 fix and document istate/ostate | |
2730 | - ssh-agent.c - call setsid() regardless of argv[] | |
2731 | - ssh.c - save a few lines when disabling rhosts-{rsa-}auth | |
2732 | - Documentation cleanups | |
2733 | - Renamed README -> README.Ylonen | |
2734 | - Renamed README.openssh ->README | |
474832c5 | 2735 | |
339660f6 | 2736 | 19991029 |
2737 | - Renamed openssh* back to ssh* at request of Theo de Raadt | |
2738 | - Incorporated latest changes from OpenBSD's CVS | |
2739 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
2740 | - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | |
549b3eed | 2741 | - Make distclean now removed configure script |
2742 | - Improved PAM logging | |
2743 | - Added some debug() calls for PAM | |
4ecd19ea | 2744 | - Removed redundant subdirectories |
bcbf86ec | 2745 | - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for |
4ecd19ea | 2746 | building on Debian. |
242588e6 | 2747 | - Fixed off-by-one error in PAM env patch |
2748 | - Released 1.2pre6 | |
339660f6 | 2749 | |
5881cd60 | 2750 | 19991028 |
2751 | - Further PAM enhancements. | |
2752 | - Much cleaner | |
2753 | - Now uses account and session modules for all logins. | |
2754 | - Integrated patch from Dan Brosemer <odin@linuxfreak.com> | |
2755 | - Build fixes | |
2756 | - Autoconf | |
2757 | - Change binary names to open* | |
2758 | - Fixed autoconf script to detect PAM on RH6.1 | |
2759 | - Added tests for libpwdb, and OpenBSD functions to autoconf | |
221395b3 | 2760 | - Released 1.2pre4 |
fca82d2e | 2761 | |
2762 | - Imported latest OpenBSD CVS code | |
2763 | - Updated README.openssh | |
93f04616 | 2764 | - Released 1.2pre5 |
fca82d2e | 2765 | |
5881cd60 | 2766 | 19991027 |
2767 | - Adapted PAM patch. | |
2768 | - Released 1.0pre2 | |
2769 | ||
2770 | - Excised my buggy replacements for strlcpy and mkdtemp | |
2771 | - Imported correct OpenBSD strlcpy and mkdtemp routines. | |
2772 | - Reduced arc4random_stir entropy read to 32 bytes (256 bits) | |
2773 | - Picked up correct version number from OpenBSD | |
2774 | - Added sshd.pam PAM configuration file | |
2775 | - Added sshd.init Redhat init script | |
2776 | - Added openssh.spec RPM spec file | |
2777 | - Released 1.2pre3 | |
2778 | ||
2779 | 19991026 | |
2780 | - Fixed include paths of OpenSSL functions | |
2781 | - Use OpenSSL MD5 routines | |
2782 | - Imported RC4 code from nanocrypt | |
2783 | - Wrote replacements for OpenBSD arc4random* functions | |
2784 | - Wrote replacements for strlcpy and mkdtemp | |
2785 | - Released 1.0pre1 |