]> andersk Git - openssh.git/blame - ChangeLog
andersk / openssh.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
- deraadt@cvs.openbsd.org 2001/02/22 08:03:51
[openssh.git] / ChangeLog
CommitLineData
1a2936c4 120010305
2 - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
778f6940 3 - (bal) OpenBSD CVS Sync
dcb971e1 4 - deraadt@cvs.openbsd.org 2001/02/17 23:48:48
5 [sshd.8]
6 it's the OpenSSH one
778f6940 7 - deraadt@cvs.openbsd.org 2001/02/21 07:37:04
8 [ssh-keyscan.c]
9 inline -> __inline__, and some indent
81333640 10 - deraadt@cvs.openbsd.org 2001/02/21 09:05:54
11 [authfile.c]
12 improve fd handling
79ddf6db 13 - deraadt@cvs.openbsd.org 2001/02/21 09:12:56
14 [sftp-server.c]
15 careful with & and &&; markus ok
96ee8386 16 - stevesk@cvs.openbsd.org 2001/02/21 21:14:04
17 [ssh.c]
18 -i supports DSA identities now; ok markus@
0c126dc9 19 - deraadt@cvs.openbsd.org 2001/02/22 04:29:37
20 [servconf.c]
21 grammar; slade@shore.net
ed2166d8 22 - deraadt@cvs.openbsd.org 2001/02/22 06:43:55
23 [ssh-keygen.1 ssh-keygen.c]
24 document -d, and -t defaults to rsa1
b07ae1e9 25 - deraadt@cvs.openbsd.org 2001/02/22 08:03:51
26 [ssh-keygen.1 ssh-keygen.c]
27 bye bye -d
1a2936c4 28
40edd7ef 2920010304
30 - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
889fbcd3 31 - (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and
32 give Mark Roth credit for mdoc2man.pl
40edd7ef 33
9817de5f 3420010303
40edd7ef 35 - (djm) Remove make-ssh-known-hosts.pl, ssh-keyscan is better.
36 - (djm) Document PAM ChallengeResponseAuthentication in sshd.8
37 - (djm) Disable and comment ChallengeResponseAuthentication in sshd_config
38 - (djm) Allow PRNGd entropy collection from localhost TCP socket. Replace
9bdd5929 39 "--with-egd-pool" configure option with "--with-prngd-socket" and
40 "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
41 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
9817de5f 42
20cad736 4320010301
44 - (djm) Properly add -lcrypt if needed.
5f404be3 45 - (djm) Force standard PAM conversation function in a few more places.
46 Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai
47 <nalin@redhat.com>
480eb294 48 - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen
49 <vinschen@redhat.com>
ad1f4a20 50 - (djm) Released 2.5.1p2
20cad736 51
cf0c5df5 5220010228
53 - (djm) Detect endianness in configure and use it in rijndael.c. Fixes
54 "Bad packet length" bugs.
403f5a8e 55 - (djm) Fully revert PAM session patch (again). All PAM session init is
56 now done before the final fork().
065ef9b1 57 - (djm) EGD detection patch from Tim Rice <tim@multitalents.net>
d9b1f19a 58 - (djm) Remove /tmp from EGD socket search list
cf0c5df5 59
86b416a7 6020010227
51fb577a 61 - (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen
62 <vinschen@redhat.com>
2af09193 63 - (bal) OpenBSD Sync
64 - markus@cvs.openbsd.org 2001/02/23 15:37:45
65 [session.c]
66 handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
a892c46e 67 - (bal) sshd.init support for all Redhat release. Patch by Jim Knoble
68 <jmknoble@jmknoble.cx>
f4e9a0e1 69 - (djm) Fix up POSIX saved uid support. Report from Mark Miller
70 <markm@swoon.net>
71 - (djm) Search for -lcrypt on FreeBSD too
c7c72446 72 - (djm) fatal() on OpenSSL version mismatch
27cf96de 73 - (djm) Move PAM init to after fork for non-Solaris derived PAMs
d5c4c52e 74 - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
75 <markm@swoon.net>
4bc6dd70 76 - (djm) Fix PAM fix
4236bde4 77 - (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This
78 change is being made as 2.5.x configfiles are not back-compatible with
64e0e67e 79 2.3.x.
80 - (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller
81 <markm@swoon.net>
a29d3f1c 82 - (djm) Open Server 5 doesn't need BROKEN_SAVED_UIDS. Patch from Tim Rice
83 <tim@multitalents.net>
84 - (djm) Avoid multiple definition of _PATH_LS. Patch from Tim Rice
85 <tim@multitalents.net>
51fb577a 86
4925395f 8720010226
88 - (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.
e9a13ac1 89 - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
90 Based on patch from Tim Rice <tim@multitalents.net>
4925395f 91
1eb4ec64 9220010225
93 - (djm) Use %{_libexecdir} rather than hardcoded path in RPM specfile
94 Patch from Adrian Ho <lexfiend@usa.net>
490cad94 95 - (bal) Replace 'unsigned long long' to 'u_int64_t' since not every
96 platform defines u_int64_t as being that.
1eb4ec64 97
a738c3b0 9820010224
99 - (bal) Missed part of the UNIX sockets patch. Patch by Corinna
100 Vinschen <vinschen@redhat.com>
101 - (bal) Reorder where 'strftime' is detected to resolve linking
102 issues on SCO. Patch by Tim Rice <tim@multitalents.net>
103
8fd97cc4 10420010224
105 - (bal) pam_stack fix to correctly detect between RH7 and older RHs.
106 Patch by Pekka Savola <pekkas@netcore.fi>
8f0b3553 107 - (bal) Renamed sigaction.[ch] to sigact.[ch]. Causes problems with
108 some platforms.
3d114925 109 - (bal) Generalize lack of UNIX sockets since this also effects Cray
110 not just Cygwin. Based on patch by Wendy Palm <wendyp@cray.com>
8fd97cc4 111
14a49e44 11220010223
113 - (bal) Fix --define rh7 in openssh.spec file. Patch by Steve Tell
114 <tell@telltronics.org>
cb291102 115 - (bal) Patch to force OpenSSH rpm to require the same version of OpenSSL
116 that it was compiled against. Patch by Pekka Savola <pekkas@netcore.fi>
5a67331c 117 - (bal) Double -I for OpenSSL on SCO. Patch by Tim Rice
118 <tim@multitalents.net>
14a49e44 119
73d6d7fa 12020010222
121 - (bal) Corrected SCO luid patch by svaughan <svaughan@asterion.com>
ca742b3b 122 - (bal) Added mdoc2man.pl from Mark Roth <roth@feep.net>
123 - (bal) Removed reference to liblogin from contrib/README. It was
124 integrated into OpenSSH a long while ago.
2a81eb9f 125 - (stevesk) remove erroneous #ifdef sgi code.
126 Michael Stone <mstone@cs.loyola.edu>
73d6d7fa 127
fbf305f1 12820010221
129 - (bal) Removed -L/usr/ucblib -R/usr/ucblib for Solaris platform.
9dd3bc84 130 - (bal) Fixed OpenSSL rework to use $saved_*. Patch by Tim Rice
131 <tim@multitalents.net>
1fe61b2e 132 - (bal) Reverted out of 2001/02/15 patch by djm below because it
133 breaks Solaris.
134 - (djm) Move PAM session setup back to before setuid to user.
135 fixes problems on Solaris-drived PAMs.
266140a8 136 - (stevesk) session.c: back out to where we were before:
137 - (djm) Move PAM session initialisation until after fork in sshd. Patch
138 from Nalin Dahyabhai <nalin@redhat.com>
9dd3bc84 139
8b3319f4 14020010220
141 - (bal) Fix mixed up params to memmove() from Jan 5th in setenv.c and
142 getcwd.c.
c2b544a5 143 - (bal) OpenBSD CVS Sync:
144 - deraadt@cvs.openbsd.org 2001/02/19 23:09:05
145 [sshd.c]
146 clarify message to make it not mention "ident"
8b3319f4 147
1729c161 14820010219
149 - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and
150 pty.[ch] -> sshpty.[ch]
d6f13fbb 151 - (djm) Rework search for OpenSSL location. Skip directories which don't
152 exist, don't add -L$ssldir/lib if it doesn't exist. Should help SCO
153 with its limit of 6 -L options.
0476625f 154 - OpenBSD CVS Sync:
155 - reinhard@cvs.openbsd.org 2001/02/17 08:24:40
156 [sftp.1]
157 typo
158 - deraadt@cvs.openbsd.org 2001/02/17 16:28:58
159 [ssh.c]
160 cleanup -V output; noted by millert
161 - deraadt@cvs.openbsd.org 2001/02/17 16:48:48
162 [sshd.8]
163 it's the OpenSSH one
164 - markus@cvs.openbsd.org 2001/02/18 11:33:54
165 [dispatch.c]
166 typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi
167 - markus@cvs.openbsd.org 2001/02/19 02:53:32
168 [compat.c compat.h serverloop.c]
169 ssh-1.2.{18-22} has broken handling of ignore messages; report from
170 itojun@
171 - markus@cvs.openbsd.org 2001/02/19 03:35:23
172 [version.h]
173 OpenSSH_2.5.1 adds bug compat with 1.2.{18-22}
174 - deraadt@cvs.openbsd.org 2001/02/19 03:36:25
175 [scp.c]
176 np is changed by recursion; vinschen@redhat.com
177 - Update versions in RPM spec files
178 - Release 2.5.1p1
1729c161 179
663fd560 18020010218
181 - (bal) Patch for fix FCHMOD reference in ftp-client.c by Tim Rice
182 <tim@multitalents.net>
25cd3375 183 - (Bal) Patch for lack of RA_RESTART in misc.c for mysignal by
184 stevesk
58e7f038 185 - (djm) Fix my breaking of cygwin builds, Patch from Corinna Vinschen
186 <vinschen@redhat.com> and myself.
32ced054 187 - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz
188 Miskiewicz <misiek@pld.ORG.PL>
6a951840 189 - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from
190 Todd C. Miller <Todd.Miller@courtesan.com>
b82f1310 191 - (djm) Use ttyname() to determine name of tty returned by openpty()
192 rather then risking overflow. Patch from Marek Michalkiewicz
193 <marekm@amelek.gda.pl>
bdf80b2c 194 - (djm) Swapped tests for no_libsocket and no_libnsl in configure.in.
195 Patch from Marek Michalkiewicz <marekm@amelek.gda.pl>
af8fda37 196 - (djm) Doc fixes from Pekka Savola <pekkas@netcore.fi>
df538d55 197 - (djm) Use SA_INTERRUPT along SA_RESTART if present (equivalent for
198 SunOS)
f61d6b17 199 - (djm) SCO needs librpc for libwrap. Patch from Tim Rice
200 <tim@multitalents.net>
dfef7e7e 201 - (stevesk) misc.c: cpp rework of SA_(INTERRUPT|RESTART) handling.
36a358ca 202 - (stevesk) scp.c: use mysignal() for updateprogressmeter() handler.
d54d99a3 203 - (djm) SA_INTERRUPT is the converse of SA_RESTART, apply it only for
204 SIGALRM.
e1a023df 205 - (djm) Move entropy.c over to mysignal()
667beaa9 206 - (djm) SunOS 4.x also needs to define HAVE_BOGUS_SYS_QUEUE_H as it has
207 a <sys/queue.h> that lacks the TAILQ_* macros. Patch from Todd C.
208 Miller <Todd.Miller@courtesan.com>
ecdde3d8 209 - (djm) Update RPM spec files for 2.5.0p1
51ee9048 210 - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
211 enable with --with-bsd-auth.
2adddc78 212 - (stevesk) entropy.c: typo; should be SIGPIPE
663fd560 213
0b1728c5 21420010217
215 - (bal) OpenBSD Sync:
216 - markus@cvs.openbsd.org 2001/02/16 13:38:18
217 [channel.c]
218 remove debug
c8b058b4 219 - markus@cvs.openbsd.org 2001/02/16 14:03:43
220 [session.c]
221 proper payload-length check for x11 w/o screen-number
0b1728c5 222
b41d8d4d 22320010216
224 - (bal) added '--with-prce' to allow overriding of system regex when
225 required (tested by David Dulek <ddulek@fastenal.com>)
d6fdb079 226 - (bal) Added DG/UX case and set that they have a broken IPTOS.
278588d8 227 - (djm) Mini-configure reorder patch from Tim Rice <tim@multitalents.net>
228 Fixes linking on SCO.
0ceb21d6 229 - (djm) Make gnome-ssh-askpass handle multi-line prompts. Patch from
230 Nalin Dahyabhai <nalin@redhat.com>
231 - (djm) BSD license for gnome-ssh-askpass (was X11)
232 - (djm) KNF on gnome-ssh-askpass
ed6553e2 233 - (djm) USE_PIPES for a few more sysv platforms
234 - (djm) Cleanup configure.in a little
235 - (djm) Ask users to check config.log when we can't find necessary libs
aca75d94 236 - (djm) Set "login ID" on systems with setluid. Only enabled for SCO
237 OpenServer for now. Based on patch from svaughan <svaughan@asterion.com>
0ae4fe1d 238 - (djm) OpenBSD CVS:
239 - markus@cvs.openbsd.org 2001/02/15 16:19:59
240 [channels.c channels.h serverloop.c sshconnect.c sshconnect.h]
241 [sshconnect1.c sshconnect2.c]
242 genericize password padding function for SSH1 and SSH2.
243 add stylized echo to 2, too.
244 - (djm) Add roundup() macro to defines.h
9535dddf 245 - (stevesk) set SA_RESTART flag in mysignal() for SIGCHLD;
246 needed on Unixware 2.x.
b41d8d4d 247
0086bfaf 24820010215
249 - (djm) Move PAM session setup back to before setuid to user. Fixes
250 problems on Solaris-derived PAMs.
e11aab29 251 - (djm) Clean up PAM namespace. Suggested by Darren Moffat
252 <Darren.Moffat@eng.sun.com>
9e3c31f7 253 - (bal) Sync w/ OpenSSH for new release
254 - markus@cvs.openbsd.org 2001/02/12 12:45:06
255 [sshconnect1.c]
256 fix xmalloc(0), ok dugsong@
b2552997 257 - markus@cvs.openbsd.org 2001/02/11 12:59:25
258 [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
259 sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
260 1) clean up the MAC support for SSH-2
261 2) allow you to specify the MAC with 'ssh -m'
262 3) or the 'MACs' keyword in ssh(d)_config
263 4) add hmac-{md5,sha1}-96
264 ok stevesk@, provos@
15853e93 265 - markus@cvs.openbsd.org 2001/02/12 16:16:23
266 [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
267 ssh-keygen.c sshd.8]
268 PermitRootLogin={yes,without-password,forced-commands-only,no}
269 (before this change, root could login even if PermitRootLogin==no)
7cc4cf0a 270 - deraadt@cvs.openbsd.org 2001/02/12 22:56:09
fd193ca4 271 [clientloop.c packet.c ssh-keyscan.c]
272 deal with EAGAIN/EINTR selects which were skipped
7cc4cf0a 273 - markus@cvs.openssh.org 2001/02/13 22:49:40
274 [auth1.c auth2.c]
275 setproctitle(user) only if getpwnam succeeds
276 - markus@cvs.openbsd.org 2001/02/12 23:26:20
277 [sshd.c]
278 missing memset; from solar@openwall.com
279 - stevesk@cvs.openbsd.org 2001/02/12 20:53:33
280 [sftp-int.c]
281 lumask now works with 1 numeric arg; ok markus@, djm@
282 - djm@cvs.openbsd.org 2001/02/14 9:46:03
283 [sftp-client.c sftp-int.c sftp.1]
284 Fix and document 'preserve modes & times' option ('-p' flag in sftp);
285 ok markus@
0b16bb01 286 - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN.
287 - (djm) Move to Jim's 1.2.0 X11 askpass program
62da27dd 288 - (stevesk) OpenBSD sync:
289 - deraadt@cvs.openbsd.org 2001/02/15 01:38:04
290 [serverloop.c]
291 indent
0b16bb01 292
1c2d0a13 29320010214
294 - (djm) Don't try to close PAM session or delete credentials if the
295 session has not been open or credentials not set. Based on patch from
296 Andrew Bartlett <abartlet@pcug.org.au>
0ab1bcba 297 - (djm) Move PAM session initialisation until after fork in sshd. Patch
298 from Nalin Dahyabhai <nalin@redhat.com>
958e5ae4 299 - (bal) Missing function prototype in bsd-snprintf.c patch by
300 Mark Miller <markm@swoon.net>
b7ccb051 301 - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams
302 <cmadams@hiwaay.net> with a little modification and KNF.
815800e1 303 - (stevesk) fix for SIA patch, misplaced session_setup_sia()
1c2d0a13 304
0610439b 30520010213
84eb157c 306 - (djm) Only test -S potential EGD sockets if they exist and are readable.
f1312c76 307 - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and
308 I did a base KNF over the whe whole file to make it more acceptable.
309 (backed out of original patch and removed it from ChangeLog)
01f13020 310 - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by
311 Tim Rice <tim@multitalents.net>
8d60e965 312 - (stevesk) auth1.c: fix PAM passwordless check.
0610439b 313
894a4851 31420010212
315 - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1",
316 --define "skip_gnome_askpass 1", --define "rh7 1" and make the
317 implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from
318 Pekka Savola <pekkas@netcore.fi>
782d6a0d 319 - (djm) Clean up PCRE text in INSTALL
77db6c3f 320 - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby
321 <mib@unimelb.edu.au>
6f68f28a 322 - (bal) NCR SVR4 compatiblity provide by Don Bragg <thewizarddon@yahoo.com>
01a7bc9a 323 - (stevesk) session.c: remove debugging code.
894a4851 324
abf1f107 32520010211
326 - (bal) OpenBSD Sync
327 - markus@cvs.openbsd.org 2001/02/07 22:35:46
328 [auth1.c auth2.c sshd.c]
329 move k_setpag() to a central place; ok dugsong@
c845316f 330 - markus@cvs.openbsd.org 2001/02/10 12:52:02
331 [auth2.c]
332 offer passwd before s/key
e6fa162e 333 - markus@cvs.openbsd.org 2001/02/8 22:37:10
334 [canohost.c]
335 remove last call to sprintf; ok deraadt@
0ab4b0f0 336 - markus@cvs.openbsd.org 2001/02/10 1:33:32
337 [canohost.c]
338 add debug message, since sshd blocks here if DNS is not available
7f8ea238 339 - markus@cvs.openbsd.org 2001/02/10 12:44:02
340 [cli.c]
341 don't call vis() for \r
5c470997 342 - danh@cvs.openbsd.org 2001/02/10 0:12:43
343 [scp.c]
344 revert a small change to allow -r option to work again; ok deraadt@
345 - danh@cvs.openbsd.org 2001/02/10 15:14:11
346 [scp.c]
347 fix memory leak; ok markus@
a0e6fead 348 - djm@cvs.openbsd.org 2001/02/10 0:45:52
349 [scp.1]
350 Mention that you can quote pathnames with spaces in them
b3106440 351 - markus@cvs.openbsd.org 2001/02/10 1:46:28
352 [ssh.c]
353 remove mapping of argv[0] -> hostname
f72e01a5 354 - markus@cvs.openbsd.org 2001/02/06 22:26:17
355 [sshconnect2.c]
356 do not ask for passphrase in batch mode; report from ejb@ql.org
357 - itojun@cvs.opebsd.org 2001/02/08 10:47:05
5d1d11d1 358 [sshconnect.c sshconnect1.c sshconnect2.c]
f72e01a5 359 %.30s is too short for IPv6 numeric address. use %.128s for now.
360 markus ok
361 - markus@cvs.openbsd.org 2001/02/09 12:28:35
362 [sshconnect2.c]
363 do not free twice, thanks to /etc/malloc.conf
364 - markus@cvs.openbsd.org 2001/02/09 17:10:53
365 [sshconnect2.c]
366 partial success: debug->log; "Permission denied" if no more auth methods
367 - markus@cvs.openbsd.org 2001/02/10 12:09:21
368 [sshconnect2.c]
369 remove some lines
e0b2cf6b 370 - markus@cvs.openbsd.org 2001/02/09 13:38:07
371 [auth-options.c]
372 reset options if no option is given; from han.holl@prismant.nl
ca910e13 373 - markus@cvs.openbsd.org 2001/02/08 21:58:28
374 [channels.c]
375 nuke sprintf, ok deraadt@
376 - markus@cvs.openbsd.org 2001/02/08 21:58:28
377 [channels.c]
378 nuke sprintf, ok deraadt@
affa8be4 379 - markus@cvs.openbsd.org 2001/02/06 22:43:02
380 [clientloop.h]
381 remove confusing callback code
d2c46e77 382 - deraadt@cvs.openbsd.org 2001/02/08 14:39:36
383 [readconf.c]
384 snprintf
cc8aca8a 385 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
386 sync with netbsd tree changes.
387 - more strict prototypes, include necessary headers
388 - use paths.h/pathnames.h decls
389 - size_t typecase to int -> u_long
5be2ec5e 390 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
391 [ssh-keyscan.c]
392 fix size_t -> int cast (use u_long). markus ok
393 - markus@cvs.openbsd.org 2001/02/07 22:43:16
394 [ssh-keyscan.c]
395 s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com
396 - itojun@cvs.openbsd.org 2001/02/09 9:04:59
397 [ssh-keyscan.c]
398 do not assume malloc() returns zero-filled region. found by
399 malloc.conf=AJ.
f21032a6 400 - markus@cvs.openbsd.org 2001/02/08 22:35:30
401 [sshconnect.c]
402 don't connect if batch_mode is true and stricthostkeychecking set to
403 'ask'
7bbcc167 404 - djm@cvs.openbsd.org 2001/02/04 21:26:07
405 [sshd_config]
406 type: ok markus@
407 - deraadt@cvs.openbsd.org 2001/02/06 22:07:50
408 [sshd_config]
409 enable sftp-server by default
a2e6d17d 410 - deraadt 2001/02/07 8:57:26
411 [xmalloc.c]
412 deal with new ANSI malloc stuff
413 - markus@cvs.openbsd.org 2001/02/07 16:46:08
414 [xmalloc.c]
415 typo in fatal()
416 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
417 [xmalloc.c]
418 fix size_t -> int cast (use u_long). markus ok
4ef922e3 419 - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong
420 [serverloop.c sshconnect1.c]
421 mitigate SSH1 traffic analysis - from Solar Designer
422 <solar@openwall.com>, ok provos@
ca910e13 423 - (bal) fixed sftp-client.c. Return 'status' instead of '0'
424 (from the OpenBSD tree)
6b442913 425 - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD
27df9d4a 426 - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync)
17321afe 427 - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace.
f98d56f0 428 - (bal) A bit more whitespace cleanup
e275684f 429 - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett
430 <abartlet@pcug.org.au>
b27e97b1 431 - (stevesk) misc.c: ssh.h not needed.
38a316c0 432 - (stevesk) compat.c: more friendly cpp error
94f38e16 433 - (stevesk) OpenBSD sync:
434 - stevesk@cvs.openbsd.org 2001/02/11 06:15:57
435 [LICENSE]
436 typos and small cleanup; ok deraadt@
abf1f107 437
0426a3b4 43820010210
439 - (djm) Sync sftp and scp stuff from OpenBSD:
440 - djm@cvs.openbsd.org 2001/02/07 03:55:13
441 [sftp-client.c]
442 Don't free handles before we are done with them. Based on work from
443 Corinna Vinschen <vinschen@redhat.com>. ok markus@
444 - djm@cvs.openbsd.org 2001/02/06 22:32:53
445 [sftp.1]
446 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
447 - deraadt@cvs.openbsd.org 2001/02/07 04:07:29
448 [sftp.1]
449 pretty up significantly
450 - itojun@cvs.openbsd.org 2001/02/07 06:49:42
451 [sftp.1]
452 .Bl-.El mismatch. markus ok
453 - djm@cvs.openbsd.org 2001/02/07 06:12:30
454 [sftp-int.c]
455 Check that target is a directory before doing ls; ok markus@
456 - itojun@cvs.openbsd.org 2001/02/07 11:01:18
457 [scp.c sftp-client.c sftp-server.c]
458 unsigned long long -> %llu, not %qu. markus ok
459 - stevesk@cvs.openbsd.org 2001/02/07 11:10:39
460 [sftp.1 sftp-int.c]
461 more man page cleanup and sync of help text with man page; ok markus@
462 - markus@cvs.openbsd.org 2001/02/07 14:58:34
463 [sftp-client.c]
464 older servers reply with SSH2_FXP_NAME + count==0 instead of EOF
465 - djm@cvs.openbsd.org 2001/02/07 15:27:19
466 [sftp.c]
467 Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov
468 <roumen.petrov@skalasoft.com>
469 - stevesk@cvs.openbsd.org 2001/02/07 15:36:04
470 [sftp-int.c]
471 portable; ok markus@
472 - stevesk@cvs.openbsd.org 2001/02/07 15:55:47
473 [sftp-int.c]
474 lowercase cmds[].c also; ok markus@
475 - markus@cvs.openbsd.org 2001/02/07 17:04:52
476 [pathnames.h sftp.c]
477 allow sftp over ssh protocol 1; ok djm@
478 - deraadt@cvs.openbsd.org 2001/02/08 07:38:55
479 [scp.c]
480 memory leak fix, and snprintf throughout
481 - deraadt@cvs.openbsd.org 2001/02/08 08:02:02
482 [sftp-int.c]
483 plug a memory leak
484 - stevesk@cvs.openbsd.org 2001/02/08 10:11:23
485 [session.c sftp-client.c]
486 %i -> %d
487 - stevesk@cvs.openbsd.org 2001/02/08 10:57:59
488 [sftp-int.c]
489 typo
490 - stevesk@cvs.openbsd.org 2001/02/08 15:28:07
491 [sftp-int.c pathnames.h]
492 _PATH_LS; ok markus@
493 - djm@cvs.openbsd.org 2001/02/09 04:46:25
494 [sftp-int.c]
495 Check for NULL attribs for chown, chmod & chgrp operations, only send
496 relevant attribs back to server; ok markus@
96b64eb0 497 - djm@cvs.openbsd.org 2001/02/06 15:05:25
498 [sftp.c]
499 Use getopt to process commandline arguments
500 - djm@cvs.openbsd.org 2001/02/06 15:06:21
501 [sftp.c ]
502 Wait for ssh subprocess at exit
503 - djm@cvs.openbsd.org 2001/02/06 15:18:16
504 [sftp-int.c]
505 stat target for remote chdir before doing chdir
506 - djm@cvs.openbsd.org 2001/02/06 15:32:54
507 [sftp.1]
508 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
509 - provos@cvs.openbsd.org 2001/02/05 22:22:02
510 [sftp-int.c]
511 cleanup get_pathname, fix pwd after failed cd. okay djm@
0426a3b4 512 - (djm) Update makefile.in for _PATH_SFTP_SERVER
c9f5e42e 513 - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree)
0426a3b4 514
6d1e1d2b 51520010209
516 - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney
517 <rjmooney@mediaone.net>
bb0c1991 518 - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the
519 main tree while porting forward. Pointed out by Lutz Jaenicke
520 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
f902d909 521 - (bal) double entry in configure.in. Pointed out by Lutz Jaenicke
522 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
25f4c264 523 - (stevesk) OpenBSD sync:
524 - markus@cvs.openbsd.org 2001/02/08 11:20:01
525 [auth2.c]
526 strict checking
527 - markus@cvs.openbsd.org 2001/02/08 11:15:22
528 [version.h]
529 update to 2.3.2
530 - markus@cvs.openbsd.org 2001/02/08 11:12:30
531 [auth2.c]
532 fix typo
72b3f75d 533 - (djm) Update spec files
0ed28836 534 - (bal) OpenBSD sync:
535 - deraadt@cvs.openbsd.org 2001/02/08 14:38:54
536 [scp.c]
537 memory leak fix, and snprintf throughout
1fc8ccdf 538 - markus@cvs.openbsd.org 2001/02/06 22:43:02
539 [clientloop.c]
540 remove confusing callback code
0b202697 541 - (djm) Add CVS Id's to files that we have missed
5ca51e19 542 - (bal) OpenBSD Sync (more):
543 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
544 sync with netbsd tree changes.
545 - more strict prototypes, include necessary headers
546 - use paths.h/pathnames.h decls
547 - size_t typecase to int -> u_long
1f3bf5aa 548 - markus@cvs.openbsd.org 2001/02/06 22:07:42
549 [ssh.c]
550 fatal() if subsystem fails
551 - markus@cvs.openbsd.org 2001/02/06 22:43:02
552 [ssh.c]
553 remove confusing callback code
554 - jakob@cvs.openbsd.org 2001/02/06 23:03:24
555 [ssh.c]
556 add -1 option (force protocol version 1). ok markus@
557 - jakob@cvs.openbsd.org 2001/02/06 23:06:21
558 [ssh.c]
559 reorder -{1,2,4,6} options. ok markus@
e6aa01b4 560 - (bal) Missing 'const' in readpass.h
9c5a8165 561 - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =)
562 - djm@cvs.openbsd.org 2001/02/06 23:30:28
563 [sftp-client.c]
564 replace arc4random with counter for request ids; ok markus@
bc79ed5c 565 - (djm) Define _PATH_TTY for systems that don't. Report from Lutz
566 Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
6d1e1d2b 567
6a25c04c 56820010208
569 - (djm) Don't delete external askpass program in make uninstall target.
570 Report and fix from Roumen Petrov <roumen.petrov@skalasoft.com>
6958bd37 571 - (djm) Fix linking of sftp, don't need arc4random any more.
572 - (djm) Try to use shell that supports "test -S" for EGD socket search.
573 Based on patch from Tim Rice <tim@multitalents.net>
6a25c04c 574
547519f0 57520010207
bee0a37e 576 - (bal) Save the whole path to AR in configure. Some Solaris 2.7 installs
577 seem lose track of it while in openbsd-compat/ (two confirmed reports)
5c377b3b 578 - (djm) Much KNF on PAM code
547519f0 579 - (djm) Revise auth-pam.c conversation function to be a little more
580 readable.
5c377b3b 581 - (djm) Revise kbd-int PAM conversation function to fold all text messages
582 to before first prompt. Fixes hangs if last pam_message did not require
583 a reply.
584 - (djm) Fix password changing when using PAM kbd-int authentication
bee0a37e 585
547519f0 58620010205
2b87da3b 587 - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms
99286dc8 588 that don't have NGROUPS_MAX.
57559587 589 - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu>
2b87da3b 590 - (stevesk) OpenBSD sync:
591 - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
592 [many files; did this manually to our top-level source dir]
593 unexpand and remove end-of-line whitespace; ok markus@
408ba72f 594 - stevesk@cvs.openbsd.org 2001/02/04 15:21:19
595 [sftp-server.c]
596 SSH2_FILEXFER_ATTR_UIDGID support; ok markus@
ec2a033a 597 - deraadt@cvs.openbsd.org 2001/02/04 17:02:32
598 [sftp-int.c]
599 ? == help
600 - deraadt@cvs.openbsd.org 2001/02/04 16:47:46
601 [sftp-int.c]
602 sort commands, so that abbreviations work as expected
603 - stevesk@cvs.openbsd.org 2001/02/04 15:17:52
604 [sftp-int.c]
605 debugging sftp: precedence and missing break. chmod, chown, chgrp
606 seem to be working now.
607 - markus@cvs.openbsd.org 2001/02/04 14:41:21
608 [sftp-int.c]
609 use base 8 for umask/chmod
610 - markus@cvs.openbsd.org 2001/02/04 11:11:54
611 [sftp-int.c]
612 fix LCD
c44559d2 613 - markus@cvs.openbsd.org 2001/02/04 08:10:44
614 [ssh.1]
615 typo; dpo@club-internet.fr
a5930351 616 - stevesk@cvs.openbsd.org 2001/02/04 06:30:12
617 [auth2.c authfd.c packet.c]
618 remove duplicate #include's; ok markus@
6a416424 619 - deraadt@cvs.openbsd.org 2001/02/04 16:56:23
620 [scp.c sshd.c]
621 alpha happiness
622 - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
623 [sshd.c]
624 precedence; ok markus@
02a024dd 625 - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
6a416424 626 [ssh.c sshd.c]
627 make the alpha happy
02a024dd 628 - markus@cvs.openbsd.org 2001/01/31 13:37:24
629 [channels.c channels.h serverloop.c ssh.c]
547519f0 630 do not disconnect if local port forwarding fails, e.g. if port is
631 already in use
02a024dd 632 - markus@cvs.openbsd.org 2001/02/01 14:58:09
633 [channels.c]
634 use ipaddr in channel messages, ietf-secsh wants this
635 - markus@cvs.openbsd.org 2001/01/31 12:26:20
636 [channels.c]
547519f0 637 ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE
638 messages; bug report from edmundo@rano.org
a741554f 639 - markus@cvs.openbsd.org 2001/01/31 13:48:09
640 [sshconnect2.c]
641 unused
9378f292 642 - deraadt@cvs.openbsd.org 2001/02/04 08:23:08
643 [sftp-client.c sftp-server.c]
644 make gcc on the alpha even happier
1fc243d1 645
547519f0 64620010204
781a0585 647 - (bal) I think this is the last of the bsd-*.h that don't belong.
634e0b53 648 - (bal) Minor Makefile fix
f0f14bea 649 - (bal) openbsd-compat/Makefile minor fix. Ensure dependancies are done
61e96248 650 right.
78987b57 651 - (bal) Changed order of LIB="" in -with-skey due to library resolving.
166e4f2a 652 - (bal) next-posix.h changed to bsd-nextstep.h
61e96248 653 - (djm) OpenBSD CVS sync:
654 - markus@cvs.openbsd.org 2001/02/03 03:08:38
655 [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
656 [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
657 [sshd_config]
658 make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
659 - markus@cvs.openbsd.org 2001/02/03 03:19:51
660 [ssh.1 sshd.8 sshd_config]
661 Skey is now called ChallengeResponse
662 - markus@cvs.openbsd.org 2001/02/03 03:43:09
663 [sshd.8]
664 use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
665 channel. note from Erik.Anggard@cygate.se (pr/1659)
666 - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
667 [ssh.1]
668 typos; ok markus@
669 - djm@cvs.openbsd.org 2001/02/04 04:11:56
670 [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
671 [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
672 Basic interactive sftp client; ok theo@
673 - (djm) Update RPM specs for new sftp binary
674 - (djm) Update several bits for new optional reverse lookup stuff. I
675 think I got them all.
8b061486 676 - (djm) Makefile.in fixes
1aa00dcb 677 - (stevesk) add mysignal() wrapper and use it for the protocol 2
678 SIGCHLD handler.
408ba72f 679 - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@
781a0585 680
547519f0 68120010203
63fe0529 682 - (bal) Cygwin clean up by Corinna Vinschen <vinschen@redhat.com>
bf3db92d 683 - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD
684 based file) to ensure #include space does not get confused.
f78888c7 685 - (bal) Minor Makefile.in tweak. dirname may not exist on some
686 platforms so builds fail. (NeXT being a well known one)
63fe0529 687
547519f0 68820010202
61e96248 689 - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen
c85a87f2 690 <vinschen@redhat.com>
71301416 691 - (bal) Makefile fix to use $(MAKE) instead of 'make' for platforms
692 that use 'gmake'. Patch by Tim Rice <tim@multitalents.net>
c85a87f2 693
547519f0 69420010201
ad5075bd 695 - (bal) Minor fix to Makefile to stop rebuilding executables if no
696 changes have occured to any of the supporting code. Patch by
697 Roumen Petrov <roumen.petrov@skalasoft.com>
698
9c8dbb1b 69920010131
37845585 700 - (djm) OpenBSD CVS Sync:
701 - djm@cvs.openbsd.org 2001/01/30 15:48:53
702 [sshconnect.c]
703 Make warning message a little more consistent. ok markus@
8c89dd2b 704 - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from
705 Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com>
706 respectively.
c59dc6bd 707 - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain
708 passwords.
9c8dbb1b 709 - (bal) Reorder. Move all bsd-*, fake-*, next-*, and cygwin* stuff to
710 openbsd-compat/. And resolve all ./configure and Makefile.in issues
711 assocated.
37845585 712
9c8dbb1b 71320010130
39929cdb 714 - (djm) OpenBSD CVS Sync:
715 - markus@cvs.openbsd.org 2001/01/29 09:55:37
716 [channels.c channels.h clientloop.c serverloop.c]
717 fix select overflow; ok deraadt@ and stevesk@
865ac82e 718 - markus@cvs.openbsd.org 2001/01/29 12:42:35
719 [canohost.c canohost.h channels.c clientloop.c]
720 add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
46aa2d1f 721 - markus@cvs.openbsd.org 2001/01/29 12:47:32
722 [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
723 handle rsa_private_decrypt failures; helps against the Bleichenbacher
724 pkcs#1 attack
ae810de7 725 - djm@cvs.openbsd.org 2001/01/29 05:36:11
726 [ssh.1 ssh.c]
727 Allow invocation of sybsystem by commandline (-s); ok markus@
83bc57f9 728 - (stevesk) configure.in: remove duplicate PROG_LS
39929cdb 729
9c8dbb1b 73020010129
f29ef605 731 - (stevesk) sftp-server.c: use %lld vs. %qd
732
cb9da0fc 73320010128
734 - (bal) Put USE_PIPES back into sco3.2v5
23c2a7a5 735 - (bal) OpenBSD Sync
9bd5b720 736 - markus@cvs.openbsd.org 2001/01/28 10:15:34
737 [dispatch.c]
738 re-keying is not supported; ok deraadt@
5fb622e4 739 - markus@cvs.openbsd.org 2001/01/28 10:24:04
7f5c4295 740 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
5fb622e4 741 cleanup AUTHORS sections
9bd5b720 742 - markus@cvs.openbsd.org 2001/01/28 10:37:26
ab60252b 743 [sshd.c sshd.8]
9bd5b720 744 remove -Q, no longer needed
745 - stevesk@cvs.openbsd.org 2001/01/28 20:36:16
a877488a 746 [readconf.c ssh.1]
9bd5b720 747 ``StrictHostKeyChecking ask'' documentation and small cleanup.
748 ok markus@
6f37606e 749 - stevesk@cvs.openbsd.org 2001/01/28 20:43:25
61e96248 750 [sshd.8]
6f37606e 751 spelling. ok markus@
95f4ccfb 752 - stevesk@cvs.openbsd.org 2001/01/28 20:53:21
753 [xmalloc.c]
754 use size_t for strlen() return. ok markus@
6f37606e 755 - stevesk@cvs.openbsd.org 2001/01/28 22:27:05
756 [authfile.c]
757 spelling. use sizeof vs. strlen(). ok markus@
9bd5b720 758 - niklas@cvs.openbsd.org 2001/01/29 1:59:14
23c2a7a5 759 [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h
760 groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h
761 key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h
762 radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1
763 ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config
764 sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h]
765 $OpenBSD$
b0e305c9 766 - (bal) Minor auth2.c resync. Whitespace and moving of an #include.
cb9da0fc 767
c9606e03 76820010126
61e96248 769 - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen
c9606e03 770 Petrov <roumen.petrov@skalasoft.com>
2f4b2e38 771 - (bal) OpenBSD Sync
772 - deraadt@cvs.openbsd.org 2001/01/25 8:06:33
773 [ssh-agent.c]
774 call _exit() in signal handler
c9606e03 775
d7d5f0b2 77620010125
777 - (djm) Sync bsd-* support files:
778 - deraadt@cvs.openbsd.org 2000/01/26 03:43:20
779 [rresvport.c bindresvport.c]
61e96248 780 new bindresvport() semantics that itojun, shin, jean-luc and i have
d7d5f0b2 781 agreed on, which will be happy for the future. bindresvport_sa() for
782 sockaddr *, too. docs later..
783 - deraadt@cvs.openbsd.org 2000/01/24 02:24:21
784 [bindresvport.c]
61e96248 785 in bindresvport(), if sin is non-NULL, example sin->sin_family for
d7d5f0b2 786 the actual family being processed
e1dd3a7a 787 - (djm) Mention PRNGd in documentation, it is nicer than EGD
788 - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf
8080699b 789 - (bal) AC_FUNC_STRFTIME added to autoconf
4ccb01d6 790 - (bal) OpenBSD Resync
791 - stevesk@cvs.openbsd.org 2001/01/24 21:03:50
792 [channels.c]
793 missing freeaddrinfo(); ok markus@
d7d5f0b2 794
556eb464 79520010124
796 - (bal) OpenBSD Resync
797 - markus@cvs.openbsd.org 2001/01/23 10:45:10
798 [ssh.h]
61e96248 799 nuke comment
1aecda34 800 - (bal) no 64bit support patch from Tim Rice <tim@multitalents.net>
801 - (bal) #ifdef around S_IFSOCK if platform does not support it.
802 patch by Tim Rice <tim@multitalents.net>
803 - (bal) fake-regex.h cleanup based on Tim Rice's patch.
c33f0b36 804 - (stevesk) sftp-server.c: fix chmod() mode mask
556eb464 805
effa6591 80620010123
807 - (bal) regexp.h typo in configure.in. Should have been regex.h
808 - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
61e96248 809 - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT
53a24016 810 - (bal) OpenBSD Resync
811 - markus@cvs.openbsd.org 2001/01/22 8:15:00
812 [auth-krb4.c sshconnect1.c]
813 only AFS needs radix.[ch]
814 - markus@cvs.openbsd.org 2001/01/22 8:32:53
815 [auth2.c]
816 no need to include; from mouring@etoh.eviladmin.org
817 - stevesk@cvs.openbsd.org 2001/01/22 16:55:21
818 [key.c]
819 free() -> xfree(); ok markus@
820 - stevesk@cvs.openbsd.org 2001/01/22 17:22:28
821 [sshconnect2.c sshd.c]
822 fix memory leaks in SSH2 key exchange; ok markus@
d464095c 823 - markus@cvs.openbsd.org 2001/01/22 23:06:39
824 [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
825 sshconnect1.c sshconnect2.c sshd.c]
826 rename skey -> challenge response.
827 auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
53a24016 828
effa6591 829
42f11eb2 83020010122
831 - (bal) OpenBSD Resync
832 - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
833 [servconf.c ssh.h sshd.c]
834 only auth-chall.c needs #ifdef SKEY
835 - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
836 [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
837 auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
838 packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
839 session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
840 ssh1.h sshconnect1.c sshd.c ttymodes.c]
841 move ssh1 definitions to ssh1.h, pathnames to pathnames.h
842 - markus@cvs.openbsd.org 2001/01/19 16:48:14
843 [sshd.8]
844 fix typo; from stevesk@
845 - markus@cvs.openbsd.org 2001/01/19 16:50:58
846 [ssh-dss.c]
61e96248 847 clear and free digest, make consistent with other code (use dlen); from
42f11eb2 848 stevesk@
849 - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
850 [auth-options.c auth-options.h auth-rsa.c auth2.c]
851 pass the filename to auth_parse_options()
61e96248 852 - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
42f11eb2 853 [readconf.c]
854 fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
855 - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
856 [sshconnect2.c]
857 dh_new_group() does not return NULL. ok markus@
858 - markus@cvs.openbsd.org 2001/01/20 21:33:42
859 [ssh-add.c]
61e96248 860 do not loop forever if askpass does not exist; from
42f11eb2 861 andrew@pimlott.ne.mediaone.net
862 - djm@cvs.openbsd.org 2001/01/20 23:00:56
863 [servconf.c]
864 Check for NULL return from strdelim; ok markus
865 - djm@cvs.openbsd.org 2001/01/20 23:02:07
866 [readconf.c]
867 KNF; ok markus
868 - jakob@cvs.openbsd.org 2001/01/21 9:00:33
869 [ssh-keygen.1]
870 remove -R flag; ok markus@
871 - markus@cvs.openbsd.org 2001/01/21 19:05:40
872 [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
873 auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
874 auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
875 bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
876 cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
877 deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
878 key.c key.h log-client.c log-server.c log.c log.h login.c login.h
879 match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
880 readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
881 session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
61e96248 882 ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
42f11eb2 883 sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
884 ttysmodes.c uidswap.c xmalloc.c]
61e96248 885 split ssh.h and try to cleanup the #include mess. remove unnecessary
42f11eb2 886 #includes. rename util.[ch] -> misc.[ch]
887 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
61e96248 888 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
42f11eb2 889 conflict when compiling for non-kerb install
890 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
891 on 1/19.
892
6005a40c 89320010120
894 - (bal) OpenBSD Resync
895 - markus@cvs.openbsd.org 2001/01/19 12:45:26
896 [ssh-chall.c servconf.c servconf.h ssh.h sshd.c]
897 only auth-chall.c needs #ifdef SKEY
47af6577 898 - (bal) Slight auth2-pam.c clean up.
899 - (bal) Includes a fake-regexp.h to be only used if regcomp() is found,
900 but no 'regexp.h' found (SCO OpenServer 3 lacks the header).
6005a40c 901
922e6493 90220010119
903 - (djm) Update versions in RPM specfiles
59c97189 904 - (bal) OpenBSD Resync
905 - markus@cvs.openbsd.org 2001/01/18 16:20:21
906 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
907 sshd.8 sshd.c]
61e96248 908 log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
59c97189 909 systems
910 - markus@cvs.openbsd.org 2001/01/18 16:59:59
911 [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
912 session.h sshconnect1.c]
913 1) removes fake skey from sshd, since this will be much
914 harder with /usr/libexec/auth/login_XXX
915 2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
916 3) make addition of BSD_AUTH and other challenge reponse methods
917 easier.
918 - markus@cvs.openbsd.org 2001/01/18 17:12:43
919 [auth-chall.c auth2-chall.c]
920 rename *-skey.c *-chall.c since the files are not skey specific
04fc7a67 921 - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>)
922 to fix NULL pointer deref and fake authloop breakage in PAM code.
f4ebf0e8 923 - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
3c418020 924 - (bal) Minor cygwin patch to auth1.c. Suggested by djm.
61e96248 925
b5c334cc 92620010118
927 - (bal) Super Sized OpenBSD Resync
928 - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
929 [sshd.c]
930 maxfd+1
931 - markus@cvs.openbsd.org 2001/01/13 17:59:18
932 [ssh-keygen.1]
933 small ssh-keygen manpage cleanup; stevesk@pobox.com
934 - markus@cvs.openbsd.org 2001/01/13 18:03:07
935 [scp.c ssh-keygen.c sshd.c]
936 getopt() returns -1 not EOF; stevesk@pobox.com
937 - markus@cvs.openbsd.org 2001/01/13 18:06:54
938 [ssh-keyscan.c]
939 use SSH_DEFAULT_PORT; from stevesk@pobox.com
940 - markus@cvs.openbsd.org 2001/01/13 18:12:47
941 [ssh-keyscan.c]
942 free() -> xfree(); fix memory leak; from stevesk@pobox.com
943 - markus@cvs.openbsd.org 2001/01/13 18:14:13
944 [ssh-add.c]
945 typo, from stevesk@sweden.hp.com
946 - markus@cvs.openbsd.org 2001/01/13 18:32:50
61e96248 947 [packet.c session.c ssh.c sshconnect.c sshd.c]
b5c334cc 948 split out keepalive from packet_interactive (from dale@accentre.com)
949 set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
950 - markus@cvs.openbsd.org 2001/01/13 18:36:45
951 [packet.c packet.h]
952 reorder, typo
953 - markus@cvs.openbsd.org 2001/01/13 18:38:00
954 [auth-options.c]
955 fix comment
956 - markus@cvs.openbsd.org 2001/01/13 18:43:31
957 [session.c]
958 Wall
61e96248 959 - markus@cvs.openbsd.org 2001/01/13 19:14:08
b5c334cc 960 [clientloop.h clientloop.c ssh.c]
961 move callback to headerfile
962 - markus@cvs.openbsd.org 2001/01/15 21:40:10
963 [ssh.c]
964 use log() instead of stderr
965 - markus@cvs.openbsd.org 2001/01/15 21:43:51
966 [dh.c]
967 use error() not stderr!
968 - markus@cvs.openbsd.org 2001/01/15 21:45:29
969 [sftp-server.c]
970 rename must fail if newpath exists, debug off by default
971 - markus@cvs.openbsd.org 2001/01/15 21:46:38
972 [sftp-server.c]
973 readable long listing for sftp-server, ok deraadt@
974 - markus@cvs.openbsd.org 2001/01/16 19:20:06
975 [key.c ssh-rsa.c]
61e96248 976 make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
977 galb@vandyke.com. note that you have to delete older ssh2-rsa keys,
978 since they are in the wrong format, too. they must be removed from
b5c334cc 979 .ssh/authorized_keys2 and .ssh/known_hosts2, etc.
61e96248 980 (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
981 .ssh/authorized_keys2) additionally, we now check that
b5c334cc 982 BN_num_bits(rsa->n) >= 768.
983 - markus@cvs.openbsd.org 2001/01/16 20:54:27
984 [sftp-server.c]
985 remove some statics. simpler handles; idea from nisse@lysator.liu.se
986 - deraadt@cvs.openbsd.org 2001/01/16 23:58:08
987 [bufaux.c radix.c sshconnect.h sshconnect1.c]
988 indent
989 - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
990 be missing such feature.
991
61e96248 992
52ce34a2 99320010117
994 - (djm) Only write random seed file at exit
717057b6 995 - (djm) Make PAM support optional, enable with --with-pam
61e96248 996 - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
717057b6 997 provides a crypt() of its own)
998 - (djm) Avoid a warning in bsd-bindresvport.c
999 - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
61e96248 1000 can cause weird segfaults errors on Solaris
8694a1ce 1001 - (djm) Avoid warning in PAM code by making read_passphrase arguments const
d748039d 1002 - (djm) Add --with-pam to RPM spec files
52ce34a2 1003
2fd3c144 100420010115
1005 - (bal) sftp-server.c change to use chmod() if fchmod() does not exist.
89c7e31c 1006 - (bal) utimes() support via utime() interface on machine that lack utimes().
2fd3c144 1007
63b68889 100820010114
1009 - (stevesk) initial work for OpenBSD "support supplementary group in
1010 {Allow,Deny}Groups" patch:
1011 - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c)
1012 - add bsd-getgrouplist.h
1013 - new files groupaccess.[ch]
1014 - build but don't use yet (need to merge auth.c changes)
c6a69271 1015 - (stevesk) complete:
1016 - markus@cvs.openbsd.org 2001/01/13 11:56:48
1017 [auth.c sshd.8]
1018 support supplementary group in {Allow,Deny}Groups
1019 from stevesk@pobox.com
61e96248 1020
f546c780 102120010112
1022 - (bal) OpenBSD Sync
1023 - markus@cvs.openbsd.org 2001/01/10 22:56:22
1024 [bufaux.h bufaux.c sftp-server.c sftp.h getput.h]
1025 cleanup sftp-server implementation:
547519f0 1026 add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT
1027 parse SSH2_FILEXFER_ATTR_EXTENDED
1028 send SSH2_FX_EOF if readdir returns no more entries
1029 reply to SSH2_FXP_EXTENDED message
1030 use #defines from the draft
1031 move #definations to sftp.h
f546c780 1032 more info:
61e96248 1033 http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt
f546c780 1034 - markus@cvs.openbsd.org 2001/01/10 19:43:20
1035 [sshd.c]
1036 XXX - generate_empheral_server_key() is not safe against races,
61e96248 1037 because it calls log()
f546c780 1038 - markus@cvs.openbsd.org 2001/01/09 21:19:50
1039 [packet.c]
1040 allow TCP_NDELAY for ipv6; from netbsd via itojun@
1041
9548d6c8 104220010110
1043 - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from
1044 Bladt Norbert <Norbert.Bladt@adi.ch>
1045
af972861 104620010109
1047 - (bal) Resync CVS ID of cli.c
4b80e97b 1048 - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE
1049 code.
eea39c02 1050 - (bal) OpenBSD Sync
1051 - markus@cvs.openbsd.org 2001/01/08 22:29:05
1052 [auth2.c compat.c compat.h servconf.c servconf.h sshd.8
1053 sshd_config version.h]
1054 implement option 'Banner /etc/issue.net' for ssh2, move version to
1055 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
1056 is enabled).
1057 - markus@cvs.openbsd.org 2001/01/08 22:03:23
1058 [channels.c ssh-keyscan.c]
1059 O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com
1060 - markus@cvs.openbsd.org 2001/01/08 21:55:41
1061 [sshconnect1.c]
1062 more cleanups and fixes from stevesk@pobox.com:
1063 1) try_agent_authentication() for loop will overwrite key just
1064 allocated with key_new(); don't alloc
1065 2) call ssh_close_authentication_connection() before exit
1066 try_agent_authentication()
1067 3) free mem on bad passphrase in try_rsa_authentication()
1068 - markus@cvs.openbsd.org 2001/01/08 21:48:17
1069 [kex.c]
1070 missing free; thanks stevesk@pobox.com
f1c4659d 1071 - (bal) Detect if clock_t structure exists, if not define it.
1072 - (bal) Detect if O_NONBLOCK exists, if not define it.
1073 - (bal) removed news4-posix.h (now empty)
1074 - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t'
1075 instead of 'int'
adc83ebf 1076 - (stevesk) sshd_config: sync
4f771a33 1077 - (stevesk) defines.h: remove spurious ``;''
af972861 1078
bbcf899f 107920010108
1080 - (bal) Fixed another typo in cli.c
1081 - (bal) OpenBSD Sync
1082 - markus@cvs.openbsd.org 2001/01/07 21:26:55
1083 [cli.c]
1084 typo
1085 - markus@cvs.openbsd.org 2001/01/07 21:26:55
1086 [cli.c]
1087 missing free, stevesk@pobox.com
1088 - markus@cvs.openbsd.org 2001/01/07 19:06:25
1089 [auth1.c]
1090 missing free, stevesk@pobox.com
1091 - markus@cvs.openbsd.org 2001/01/07 11:28:04
1092 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1
1093 ssh.h sshd.8 sshd.c]
1094 rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
1095 syslog priority changes:
1096 fatal() LOG_ERR -> LOG_CRIT
1097 log() LOG_INFO -> LOG_NOTICE
b8c37305 1098 - Updated TODO
bbcf899f 1099
9616313f 110020010107
1101 - (bal) OpenBSD Sync
1102 - markus@cvs.openbsd.org 2001/01/06 11:23:27
1103 [ssh-rsa.c]
1104 remove unused
1105 - itojun@cvs.openbsd.org 2001/01/05 08:23:29
1106 [ssh-keyscan.1]
1107 missing .El
1108 - markus@cvs.openbsd.org 2001/01/04 22:41:03
1109 [session.c sshconnect.c]
1110 consistent use of _PATH_BSHELL; from stevesk@pobox.com
1111 - djm@cvs.openbsd.org 2001/01/04 22:35:32
1112 [ssh.1 sshd.8]
1113 Mention AES as available SSH2 Cipher; ok markus
1114 - markus@cvs.openbsd.org 2001/01/04 22:25:58
1115 [sshd.c]
1116 sync usage()/man with defaults; from stevesk@pobox.com
1117 - markus@cvs.openbsd.org 2001/01/04 22:21:26
1118 [sshconnect2.c]
1119 handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
1120 that prints a banner (e.g. /etc/issue.net)
61e96248 1121
1877dc0c 112220010105
1123 - (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net>
5a64a938 1124 - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove()
1877dc0c 1125
488c06c8 112620010104
1127 - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on
1128 work by Chris Vaughan <vaughan99@yahoo.com>
1129
7c49df64 113020010103
1131 - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
1132 tree (mainly positioning)
1133 - (bal) OpenSSH CVS Update
1134 - markus@cvs.openbsd.org 2001/01/02 20:41:02
1135 [packet.c]
1136 log remote ip on disconnect; PR 1600 from jcs@rt.fm
1137 - markus@cvs.openbsd.org 2001/01/02 20:50:56
1138 [sshconnect.c]
61e96248 1139 strict_host_key_checking for host_status != HOST_CHANGED &&
7c49df64 1140 ip_status == HOST_CHANGED
61e96248 1141 - (bal) authfile.c: Synced CVS ID tag
2c523de9 1142 - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net>
1143 - (bal) Disable sftp-server if no 64bit int support exists. Based on
1144 patch by Tim Rice <tim@multitalents.net>
1145 - (bal) Makefile.in changes to uninstall: target to remove sftp-server
1146 and sftp-server.8 manpage.
7c49df64 1147
a421e945 114820010102
1149 - (bal) OpenBSD CVS Update
1150 - markus@cvs.openbsd.org 2001/01/01 14:52:49
1151 [scp.c]
1152 use shared fatal(); from stevesk@pobox.com
1153
0efc80a7 115420001231
1155 - (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS.
1156 for multiple reasons.
b1335fdf 1157 - (bal) Reverted out of a partial NeXT patch.
0efc80a7 1158
efcae5b1 115920001230
1160 - (bal) OpenBSD CVS Update
1161 - markus@cvs.openbsd.org 2000/12/28 18:58:30
1162 [ssh-keygen.c]
1163 enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2}
b148018f 1164 - markus@cvs.openbsd.org 2000/12/29 22:19:13
1165 [channels.c]
1166 missing xfree; from vaughan99@yahoo.com
efcae5b1 1167 - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c
03a14cc9 1168 - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination.
34665bf7 1169 Suggested by Christian Kurz <shorty@debian.org>
cb6dabf4 1170 - (bal) Add in '.c.o' section to Makefile.in to address make programs that
61e96248 1171 don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke
cb6dabf4 1172 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
0dd78cd8 1173
117420001229
61e96248 1175 - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian
34665bf7 1176 Kurz <shorty@debian.org>
8abcdba4 1177 - (bal) OpenBSD CVS Update
1178 - markus@cvs.openbsd.org 2000/12/28 14:25:51
1179 [auth.h auth2.c]
1180 count authentication failures only
1181 - markus@cvs.openbsd.org 2000/12/28 14:25:03
1182 [sshconnect.c]
1183 fingerprint for MITM attacks, too.
1184 - markus@cvs.openbsd.org 2000/12/28 12:03:57
1185 [sshd.8 sshd.c]
1186 document -D
1187 - markus@cvs.openbsd.org 2000/12/27 14:19:21
1188 [serverloop.c]
1189 less chatty
1190 - markus@cvs.openbsd.org 2000/12/27 12:34
1191 [auth1.c sshconnect2.c sshd.c]
1192 typo
1193 - markus@cvs.openbsd.org 2000/12/27 12:30:19
1194 [readconf.c readconf.h ssh.1 sshconnect.c]
1195 new option: HostKeyAlias: allow the user to record the host key
1196 under a different name. This is useful for ssh tunneling over
1197 forwarded connections or if you run multiple sshd's on different
1198 ports on the same machine.
1199 - markus@cvs.openbsd.org 2000/12/27 11:51:53
1200 [ssh.1 ssh.c]
1201 multiple -t force pty allocation, document ORIGINAL_COMMAND
1202 - markus@cvs.openbsd.org 2000/12/27 11:41:31
1203 [sshd.8]
1204 update for ssh-2
c52c7082 1205 - (stevesk) compress.[ch] sync with openbsd; missed in prototype
1206 fix merge.
0dd78cd8 1207
8f523d67 120820001228
1209 - (bal) Patch to add libutil.h to loginrec.c only if the platform has
1210 libutil.h. Suggested by Pekka Savola <pekka@netcore.fi>
9fb76616 1211 - (djm) Update to new x11-askpass in RPM spec
0dd78cd8 1212 - (bal) SCO patch to not include <sys/queue.h> since it's unrelated
1213 header. Patch by Tim Rice <tim@multitalents.net>
1214 - Updated TODO w/ known HP/UX issue
1215 - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the
1216 bad reference to 'NeXT including it else were' on the #ifdef version.
8f523d67 1217
b03bd394 121820001227
61e96248 1219 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
b03bd394 1220 Takumi Yamane <yamtak@b-session.com>
1221 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
8f523d67 1222 by Corinna Vinschen <vinschen@redhat.com>
1223 - (djm) Fix catman-do target for non-bash
61e96248 1224 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
8f523d67 1225 Takumi Yamane <yamtak@b-session.com>
1226 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
b03bd394 1227 by Corinna Vinschen <vinschen@redhat.com>
13991f8e 1228 - (djm) Fix catman-do target for non-bash
61e96248 1229 - (bal) Fixed NeXT's lack of CPPFLAGS honoring.
1230 - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/
f318b98b 1231 'RLIMIT_NOFILE'
61e96248 1232 - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree,
1233 the info in COPYING.Ylonen has been moved to the start of each
3bdf55b1 1234 SSH1-derived file and README.Ylonen is well out of date.
b03bd394 1235
8d88011e 123620001223
1237 - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects
1238 if a change to config.h has occurred. Suggested by Gert Doering
1239 <gert@greenie.muc.de>
1240 - (bal) OpenBSD CVS Update:
1241 - markus@cvs.openbsd.org 2000/12/22 16:49:40
1242 [ssh-keygen.c]
1243 fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com
1244
1e3b8b07 124520001222
1246 - Updated RCSID for pty.c
1247 - (bal) OpenBSD CVS Updates:
1248 - markus@cvs.openbsd.org 2000/12/21 15:10:16
1249 [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
1250 print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
1251 - markus@cvs.openbsd.org 2000/12/20 19:26:56
1252 [authfile.c]
1253 allow ssh -i userkey for root
1254 - markus@cvs.openbsd.org 2000/12/20 19:37:21
1255 [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
1256 fix prototypes; from stevesk@pobox.com
1257 - markus@cvs.openbsd.org 2000/12/20 19:32:08
1258 [sshd.c]
1259 init pointer to NULL; report from Jan.Ivan@cern.ch
1260 - markus@cvs.openbsd.org 2000/12/19 23:17:54
1261 [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
1262 auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
1263 bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
1264 crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
1265 key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
1266 packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
1267 serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
1268 ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c
1269 uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
1270 replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
1271 unsigned' with u_char.
1272
67b0facb 127320001221
1274 - (stevesk) OpenBSD CVS updates:
1275 - markus@cvs.openbsd.org 2000/12/19 15:43:45
1276 [authfile.c channels.c sftp-server.c ssh-agent.c]
1277 remove() -> unlink() for consistency
1278 - markus@cvs.openbsd.org 2000/12/19 15:48:09
1279 [ssh-keyscan.c]
1280 replace <ssl/x.h> with <openssl/x.h>
1281 - markus@cvs.openbsd.org 2000/12/17 02:33:40
1282 [uidswap.c]
1283 typo; from wsanchez@apple.com
61e96248 1284
adeebd37 128520001220
61e96248 1286 - (djm) Workaround PAM inconsistencies between Solaris derived PAM code
adeebd37 1287 and Linux-PAM. Based on report and fix from Andrew Morgan
1288 <morgan@transmeta.com>
1289
f072c47a 129020001218
1291 - (stevesk) rsa.c: entropy.h not needed.
0c2fb82f 1292 - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile.
1293 Suggested by Wilfredo Sanchez <wsanchez@apple.com>
f072c47a 1294
731c1541 129520001216
1296 - (stevesk) OpenBSD CVS updates:
1297 - markus@cvs.openbsd.org 2000/12/16 02:53:57
1298 [scp.c]
1299 allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE
1300 - markus@cvs.openbsd.org 2000/12/16 02:39:57
1301 [scp.c]
1302 unused; from stevesk@pobox.com
1303
227e8e86 130420001215
9853409f 1305 - (stevesk) Old OpenBSD patch wasn't completely applied:
1306 - markus@cvs.openbsd.org 2000/01/24 22:11:20
1307 [scp.c]
1308 allow '.' in usernames; from jedgar@fxp.org
227e8e86 1309 - (stevesk) OpenBSD CVS updates:
1310 - markus@cvs.openbsd.org 2000/12/13 16:26:53
1311 [ssh-keyscan.c]
1312 fatal already adds \n; from stevesk@pobox.com
1313 - markus@cvs.openbsd.org 2000/12/13 16:25:44
1314 [ssh-agent.c]
1315 remove redundant spaces; from stevesk@pobox.com
1316 - ho@cvs.openbsd.org 2000/12/12 15:50:21
1317 [pty.c]
1318 When failing to set tty owner and mode on a read-only filesystem, don't
1319 abort if the tty already has correct owner and reasonably sane modes.
1320 Example; permit 'root' to login to a firewall with read-only root fs.
1321 (markus@ ok)
1322 - deraadt@cvs.openbsd.org 2000/12/13 06:36:05
1323 [pty.c]
1324 KNF
6ffc9c88 1325 - markus@cvs.openbsd.org 2000/12/12 14:45:21
1326 [sshd.c]
1327 source port < 1024 is no longer required for rhosts-rsa since it
1328 adds no additional security.
1329 - markus@cvs.openbsd.org 2000/12/12 16:11:49
1330 [ssh.1 ssh.c]
1331 rhosts-rsa is no longer automagically disabled if ssh is not privileged.
1332 UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
1333 these changes should not change the visible default behaviour of the ssh client.
71c0d06a 1334 - deraadt@cvs.openbsd.org 2000/12/11 10:27:33
1335 [scp.c]
1336 when copying 0-sized files, do not re-print ETA time at completion
3e1caa83 1337 - provos@cvs.openbsd.org 2000/12/15 10:30:15
1338 [kex.c kex.h sshconnect2.c sshd.c]
1339 compute diffie-hellman in parallel between server and client. okay markus@
227e8e86 1340
6c935fbd 134120001213
1342 - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report
1343 from Andreas M. Kirchwitz <amk@krell.zikzak.de>
227e8e86 1344 - (stevesk) OpenBSD CVS update:
1fe6a48f 1345 - markus@cvs.openbsd.org 2000/12/12 15:30:02
1346 [ssh-keyscan.c ssh.c sshd.c]
61e96248 1347 consistently use __progname; from stevesk@pobox.com
6c935fbd 1348
367d1840 134920001211
1350 - (bal) Applied patch to include ssh-keyscan into Redhat's package, and
1351 patch to install ssh-keyscan manpage. Patch by Pekka Savola
1352 <pekka@netcore.fi>
e3a70753 1353 - (bal) OpenbSD CVS update
1354 - markus@cvs.openbsd.org 2000/12/10 17:01:53
1355 [sshconnect1.c]
1356 always request new challenge for skey/tis-auth, fixes interop with
1357 other implementations; report from roth@feep.net
367d1840 1358
6b523bae 135920001210
1360 - (bal) OpenBSD CVS updates
61e96248 1361 - markus@cvs.openbsd.org 2000/12/09 13:41:51
6b523bae 1362 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
1363 undo rijndael changes
61e96248 1364 - markus@cvs.openbsd.org 2000/12/09 13:48:31
6b523bae 1365 [rijndael.c]
1366 fix byte order bug w/o introducing new implementation
61e96248 1367 - markus@cvs.openbsd.org 2000/12/09 14:08:27
6b523bae 1368 [sftp-server.c]
1369 "" -> "." for realpath; from vinschen@redhat.com
61e96248 1370 - markus@cvs.openbsd.org 2000/12/09 14:06:54
6b523bae 1371 [ssh-agent.c]
1372 extern int optind; from stevesk@sweden.hp.com
13af0aa2 1373 - provos@cvs.openbsd.org 2000/12/09 23:51:11
1374 [compat.c]
1375 remove unnecessary '\n'
6b523bae 1376
ce9c0b75 137720001209
6b523bae 1378 - (bal) OpenBSD CVS updates:
61e96248 1379 - djm@cvs.openbsd.org 2000/12/07 4:24:59
ce9c0b75 1380 [ssh.1]
1381 Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo
1382
f72fc97f 138320001207
6b523bae 1384 - (bal) OpenBSD CVS updates:
61e96248 1385 - markus@cvs.openbsd.org 2000/12/06 22:58:14
f72fc97f 1386 [compat.c compat.h packet.c]
1387 disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
dfe89252 1388 - markus@cvs.openbsd.org 2000/12/06 23:10:39
1389 [rijndael.c]
1390 unexpand(1)
61e96248 1391 - markus@cvs.openbsd.org 2000/12/06 23:05:43
dfe89252 1392 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
1393 new rijndael implementation. fixes endian bugs
f72fc97f 1394
97fb6912 139520001206
6b523bae 1396 - (bal) OpenBSD CVS updates:
97fb6912 1397 - markus@cvs.openbsd.org 2000/12/05 20:34:09
1398 [channels.c channels.h clientloop.c serverloop.c]
1399 async connects for -R/-L; ok deraadt@
1400 - todd@cvs.openssh.org 2000/12/05 16:47:28
1401 [sshd.c]
1402 tweak comment to reflect real location of pid file; ok provos@
bf5f69f7 1403 - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't
1404 have it (used in ssh-keyscan).
227e8e86 1405 - (stevesk) OpenBSD CVS update:
f20255cb 1406 - markus@cvs.openbsd.org 2000/12/06 19:57:48
1407 [ssh-keyscan.c]
1408 err(3) -> internal error(), from stevesk@sweden.hp.com
97fb6912 1409
f6fdbddf 141020001205
6b523bae 1411 - (bal) OpenBSD CVS updates:
f6fdbddf 1412 - markus@cvs.openbsd.org 2000/12/04 19:24:02
1413 [ssh-keyscan.c ssh-keyscan.1]
1414 David Maziere's ssh-keyscan, ok niels@
1415 - (bal) Updated Makefile.in to include ssh-keyscan that was just added
1416 to the recent OpenBSD source tree.
835d2104 1417 - (stevesk) fix typos in contrib/hpux/README
f6fdbddf 1418
cbc5abf9 141920001204
1420 - (bal) More C functions defined in NeXT that are unaccessable without
61e96248 1421 defining -POSIX.
1422 - (bal) OpenBSD CVS updates:
1423 - markus@cvs.openbsd.org 2000/12/03 11:29:04
cbc5abf9 1424 [compat.c]
1425 remove fallback to SSH_BUG_HMAC now that the drafts are updated
1426 - markus@cvs.openbsd.org 2000/12/03 11:27:55
1427 [compat.c]
61e96248 1428 correctly match "2.1.0.pl2 SSH" etc; from
97fb6912 1429 pekkas@netcore.fi/bugzilla.redhat
cbc5abf9 1430 - markus@cvs.openbsd.org 2000/12/03 11:15:03
1431 [auth2.c compat.c compat.h sshconnect2.c]
1432 support f-secure/ssh.com 2.0.12; ok niels@
1433
0b6fbf03 143420001203
cbc5abf9 1435 - (bal) OpenBSD CVS updates:
0b6fbf03 1436 - markus@cvs.openbsd.org 2000/11/30 22:54:31
1437 [channels.c]
61e96248 1438 debug->warn if tried to do -R style fwd w/o client requesting this;
0b6fbf03 1439 ok neils@
1440 - markus@cvs.openbsd.org 2000/11/29 20:39:17
1441 [cipher.c]
1442 des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
1443 - markus@cvs.openbsd.org 2000/11/30 18:33:05
1444 [ssh-agent.c]
1445 agents must not dump core, ok niels@
61e96248 1446 - markus@cvs.openbsd.org 2000/11/30 07:04:02
0b6fbf03 1447 [ssh.1]
1448 T is for both protocols
1449 - markus@cvs.openbsd.org 2000/12/01 00:00:51
1450 [ssh.1]
1451 typo; from green@FreeBSD.org
1452 - markus@cvs.openbsd.org 2000/11/30 07:02:35
1453 [ssh.c]
1454 check -T before isatty()
1455 - provos@cvs.openbsd.org 2000/11/29 13:51:27
1456 [sshconnect.c]
61e96248 1457 show IP address and hostname when new key is encountered. okay markus@
0b6fbf03 1458 - markus@cvs.openbsd.org 2000/11/30 22:53:35
1459 [sshconnect.c]
1460 disable agent/x11/port fwding if hostkey has changed; ok niels@
1461 - marksu@cvs.openbsd.org 2000/11/29 21:11:59
1462 [sshd.c]
1463 sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
1464 from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
8c9fe09e 1465 - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable
1466 PAM authentication using KbdInteractive.
1467 - (djm) Added another TODO
0b6fbf03 1468
90f4078a 146920001202
1470 - (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
61e96248 1471 - (bal) Irix need some sort of mansubdir, patch by Michael Stone
90f4078a 1472 <mstone@cs.loyola.edu>
1473
dcef6523 147420001129
7062c40f 1475 - (djm) Back out all the serverloop.c hacks. sshd will now hang again
1476 if there are background children with open fds.
c193d002 1477 - (djm) bsd-rresvport.c bzero -> memset
61e96248 1478 - (djm) Don't fail in defines.h on absence of 64 bit types (we will
c193d002 1479 still fail during compilation of sftp-server).
1480 - (djm) Fail if ar is not found during configure
c523303b 1481 - (djm) OpenBSD CVS updates:
1482 - provos@cvs.openbsd.org 2000/11/22 08:38:31
1483 [sshd.8]
1484 talk about /etc/primes, okay markus@
1485 - markus@cvs.openbsd.org 2000/11/23 14:03:48
1486 [ssh.c sshconnect1.c sshconnect2.c]
1487 complain about invalid ciphers for ssh1/ssh2, fall back to reasonable
1488 defaults
1489 - markus@cvs.openbsd.org 2000/11/25 09:42:53
1490 [sshconnect1.c]
1491 reorder check for illegal ciphers, bugreport from espie@
1492 - markus@cvs.openbsd.org 2000/11/25 10:19:34
1493 [ssh-keygen.c ssh.h]
1494 print keytype when generating a key.
1495 reasonable defaults for RSA1/RSA/DSA keys.
b3ec54b4 1496 - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few
1497 more manpage paths in fixpaths calls
1498 - (djm) Also add xauth path at Pekka's suggestion.
57ce3f00 1499 - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility
dcef6523 1500
e879a080 150120001125
1502 - (djm) Give up privs when reading seed file
1503
d343d900 150420001123
1505 - (bal) Merge OpenBSD changes:
1506 - markus@cvs.openbsd.org 2000/11/15 22:31:36
1507 [auth-options.c]
61e96248 1508 case insensitive key options; from stevesk@sweeden.hp.com
d343d900 1509 - markus@cvs.openbsd.org 2000/11/16 17:55:43
1510 [dh.c]
1511 do not use perror() in sshd, after child is forked()
1512 - markus@cvs.openbsd.org 2000/11/14 23:42:40
1513 [auth-rsa.c]
1514 parse option only if key matches; fix some confusing seen by the client
1515 - markus@cvs.openbsd.org 2000/11/14 23:44:19
1516 [session.c]
1517 check no_agent_forward_flag for ssh-2, too
1518 - markus@cvs.openbsd.org 2000/11/15
1519 [ssh-agent.1]
1520 reorder SYNOPSIS; typo, use .It
1521 - markus@cvs.openbsd.org 2000/11/14 23:48:55
1522 [ssh-agent.c]
1523 do not reorder keys if a key is removed
1524 - markus@cvs.openbsd.org 2000/11/15 19:58:08
1525 [ssh.c]
61e96248 1526 just ignore non existing user keys
d343d900 1527 - millert@cvs.openbsd.org 200/11/15 20:24:43
1528 [ssh-keygen.c]
1529 Add missing \n at end of error message.
1530
0b49a754 153120001122
1532 - (bal) Minor patch to ensure platforms lacking IRIX job limit supports
1533 are compilable.
1534 - (bal) Updated TODO as of 11/18/2000 with known things to resolve.
1535
fab2e5d3 153620001117
1537 - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It
1538 has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com>
61e96248 1539 - (stevesk) Reworked progname support.
260d427b 1540 - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by
1541 Shinichi Maruyama <marya@st.jip.co.jp>
fab2e5d3 1542
c2207f11 154320001116
1544 - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO
1545 releases.
1546 - (bal) Make builds work outside of source tree. Patch by Mark D. Roth
1547 <roth@feep.net>
1548
3d398e04 154920001113
61e96248 1550 - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to
3d398e04 1551 contrib/README
fa08c86b 1552 - (djm) Merge OpenBSD changes:
1553 - markus@cvs.openbsd.org 2000/11/06 16:04:56
1554 [channels.c channels.h clientloop.c nchan.c serverloop.c]
1555 [session.c ssh.c]
1556 agent forwarding and -R for ssh2, based on work from
1557 jhuuskon@messi.uku.fi
1558 - markus@cvs.openbsd.org 2000/11/06 16:13:27
1559 [ssh.c sshconnect.c sshd.c]
1560 do not disabled rhosts(rsa) if server port > 1024; from
1561 pekkas@netcore.fi
1562 - markus@cvs.openbsd.org 2000/11/06 16:16:35
1563 [sshconnect.c]
1564 downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
1565 - markus@cvs.openbsd.org 2000/11/09 18:04:40
1566 [auth1.c]
1567 typo; from mouring@pconline.com
1568 - markus@cvs.openbsd.org 2000/11/12 12:03:28
1569 [ssh-agent.c]
1570 off-by-one when removing a key from the agent
1571 - markus@cvs.openbsd.org 2000/11/12 12:50:39
1572 [auth-rh-rsa.c auth2.c authfd.c authfd.h]
1573 [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
1574 [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
1575 [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
1576 [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
61e96248 1577 [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
fa08c86b 1578 add support for RSA to SSH2. please test.
1579 there are now 3 types of keys: RSA1 is used by ssh-1 only,
1580 RSA and DSA are used by SSH2.
1581 you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
1582 keys for SSH2 and use the RSA keys for hostkeys or for user keys.
1583 SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
1584 - (djm) Fix up Makefile and Redhat init script to create RSA host keys
f001465f 1585 - (djm) Change to interim version
5733a41a 1586 - (djm) Fix RPM spec file stupidity
6fff1ac4 1587 - (djm) fixpaths to DSA and RSA keys too
3d398e04 1588
d287c664 158920001112
1590 - (bal) SCO Patch to add needed libraries for configure.in. Patch by
1591 Phillips Porch <root@theporch.com>
3d398e04 1592 - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker
1593 <dcp@sgi.com>
a3bf38d0 1594 - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to
1595 failed ioctl(TIOCSCTTY) call.
d287c664 1596
3c4d4fef 159720001111
1598 - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and
1599 packaging files
35325fd4 1600 - (djm) Fix new Makefile.in warnings
61e96248 1601 - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are
1602 promoted to type int. Report and fix from Dan Astoorian
027bf205 1603 <djast@cs.toronto.edu>
61e96248 1604 - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get
e3291159 1605 it wrong. Report from Bennett Todd <bet@rahul.net>
3c4d4fef 1606
3e366738 160720001110
1608 - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c
1609 - (bal) Changed from --with-skey to --with-skey=PATH in configure.in
1610 - (bal) Added in check to verify S/Key library is being detected in
1611 configure.in
61e96248 1612 - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif.
3e366738 1613 Patch by Mark Miller <markm@swoon.net>
1614 - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined
61e96248 1615 to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net>
3e366738 1616 - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs
1617
373998a4 161820001107
e506ee73 1619 - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by
1620 Mark Miller <markm@swoon.net>
373998a4 1621 - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by
1622 Jarno Huuskonen <jhuuskon@messi.uku.fi>
e506ee73 1623 - (bal) fixpaths fixed to stop it from quitely failing. Patch by
1624 Mark D. Roth <roth@feep.net>
373998a4 1625
ac89998a 162620001106
1627 - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs
6c09e23c 1628 - (djm) Manually fix up missed diff hunks (mainly RCS idents)
61e96248 1629 - (djm) Remove UPGRADING document in favour of a link to the better
d6846e6a 1630 maintained FAQ on www.openssh.com
73bd30fe 1631 - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola
1632 <pekkas@netcore.fi>
1633 - (djm) Don't need X11-askpass in RPM spec file if building without it
1634 from Pekka Savola <pekkas@netcore.fi>
c215ba3b 1635 - (djm) Release 2.3.0p1
97b378bf 1636 - (bal) typo in configure.in in regards to --with-ldflags from Marko
1637 Asplund <aspa@kronodoc.fi>
1638 - (bal) fixed next-posix.h. Forgot prototype of getppid().
68f189a9 1639
b850ecd9 164020001105
1641 - (bal) Sync with OpenBSD:
1642 - markus@cvs.openbsd.org 2000/10/31 9:31:58
1643 [compat.c]
1644 handle all old openssh versions
1645 - markus@cvs.openbsd.org 2000/10/31 13:1853
1646 [deattack.c]
1647 so that large packets do not wrap "n"; from netbsd
1648 - (bal) rijndel.c - fix up RCSID to match OpenBSD tree
a30ce26d 1649 - (bal) auth2-skey.c - Checked in. Missing from portable tree.
1650 - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and
1651 setsid() into more common files
96054e6f 1652 - (stevesk) pty.c: use __hpux to identify HP-UX.
d0127657 1653 - (bal) Missed auth-skey.o in Makefile.in and minor correction to
1654 bsd-waitpid.c
b850ecd9 1655
75b90ced 165620001029
1657 - (stevesk) Fix typo in auth.c: USE_PAM not PAM
95273555 1658 - (stevesk) Create contrib/cygwin/ directory; patch from
1659 Corinna Vinschen <vinschen@redhat.com>
e9e4a1c7 1660 - (bal) Resolved more $xno and $xyes issues in configure.in
fd5f0295 1661 - (bal) next-posix.h - spelling and forgot a prototype
75b90ced 1662
344f2b94 166320001028
61e96248 1664 - (djm) fix select hack in serverloop.c from Philippe WILLEM
344f2b94 1665 <Philippe.WILLEM@urssaf.fr>
240ae474 1666 - (djm) Fix mangled AIXAUTHENTICATE code
61e96248 1667 - (djm) authctxt->pw may be NULL. Fix from Markus Friedl
606ea390 1668 <markus.friedl@informatik.uni-erlangen.de>
a22aff1f 1669 - (djm) Sync with OpenBSD:
1670 - markus@cvs.openbsd.org 2000/10/16 15:46:32
1671 [ssh.1]
1672 fixes from pekkas@netcore.fi
1673 - markus@cvs.openbsd.org 2000/10/17 14:28:11
1674 [atomicio.c]
1675 return number of characters processed; ok deraadt@
1676 - markus@cvs.openbsd.org 2000/10/18 12:04:02
1677 [atomicio.c]
1678 undo
1679 - markus@cvs.openbsd.org 2000/10/18 12:23:02
1680 [scp.c]
1681 replace atomicio(read,...) with read(); ok deraadt@
1682 - markus@cvs.openbsd.org 2000/10/18 12:42:00
1683 [session.c]
1684 restore old record login behaviour
1685 - deraadt@cvs.openbsd.org 2000/10/19 10:41:13
1686 [auth-skey.c]
1687 fmt string problem in unused code
1688 - provos@cvs.openbsd.org 2000/10/19 10:45:16
1689 [sshconnect2.c]
1690 don't reference freed memory. okay deraadt@
1691 - markus@cvs.openbsd.org 2000/10/21 11:04:23
1692 [canohost.c]
1693 typo, eramore@era-t.ericsson.se; ok niels@
1694 - markus@cvs.openbsd.org 2000/10/23 13:31:55
1695 [cipher.c]
1696 non-alignment dependent swap_bytes(); from
1697 simonb@wasabisystems.com/netbsd
1698 - markus@cvs.openbsd.org 2000/10/26 12:38:28
1699 [compat.c]
1700 add older vandyke products
1701 - markus@cvs.openbsd.org 2000/10/27 01:32:19
1702 [channels.c channels.h clientloop.c serverloop.c session.c]
1703 [ssh.c util.c]
61e96248 1704 enable non-blocking IO on channels, and tty's (except for the
a22aff1f 1705 client ttys).
344f2b94 1706
ddc49b5c 170720001027
1708 - (djm) Increase REKEY_BYTES to 2^24 for arc4random
1709
48e7916f 171020001025
1711 - (djm) Added WARNING.RNG file and modified configure to ask users of the
1712 builtin entropy code to read it.
1713 - (djm) Prefer builtin regex to PCRE.
00937921 1714 - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly.
1715 - (bal) Apply fixes to configure.in pointed out by Pavel Roskin
1716 <proski@gnu.org>
48e7916f 1717
8dcda1e3 171820001020
1719 - (djm) Don't define _REENTRANT for SNI/Reliant Unix
07bee9a7 1720 - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation
1721 is more correct then current version.
8dcda1e3 1722
f5af5cd5 172320001018
1724 - (stevesk) Add initial support for setproctitle(). Current
1725 support is for the HP-UX pstat(PSTAT_SETCMD, ...) method.
134fd7f6 1726 - (stevesk) Add egd startup scripts to contrib/hpux/
f5af5cd5 1727
2f31bdd6 172820001017
1729 - (djm) Add -lregex to cywin libs from Corinna Vinschen
1730 <vinschen@cygnus.com>
ba7a3f40 1731 - (djm) Don't rely on atomicio's retval to determine length of askpass
1732 supplied passphrase. Problem report from Lutz Jaenicke
1733 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
66d6c27e 1734 - (bal) Changed from GNU rx to PCRE on suggestion from djm.
61e96248 1735 - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki
66d6c27e 1736 <nakaji@tutrp.tut.ac.jp>
2f31bdd6 1737
33de75a3 173820001016
1739 - (djm) Sync with OpenBSD:
1740 - markus@cvs.openbsd.org 2000/10/14 04:01:15
1741 [cipher.c]
1742 debug3
1743 - markus@cvs.openbsd.org 2000/10/14 04:07:23
1744 [scp.c]
1745 remove spaces from arguments; from djm@mindrot.org
1746 - markus@cvs.openbsd.org 2000/10/14 06:09:46
1747 [ssh.1]
1748 Cipher is for SSH-1 only
1749 - markus@cvs.openbsd.org 2000/10/14 06:12:09
1750 [servconf.c servconf.h serverloop.c session.c sshd.8]
1751 AllowTcpForwarding; from naddy@
1752 - markus@cvs.openbsd.org 2000/10/14 06:16:56
1753 [auth2.c compat.c compat.h sshconnect2.c version.h]
61e96248 1754 OpenSSH_2.3; note that is is not complete, but the version number
33de75a3 1755 needs to be changed for interoperability reasons
1756 - markus@cvs.openbsd.org 2000/10/14 06:19:45
1757 [auth-rsa.c]
1758 do not send RSA challenge if key is not allowed by key-options; from
1759 eivind@ThinkSec.com
1760 - markus@cvs.openbsd.org 2000/10/15 08:14:01
1761 [rijndael.c session.c]
1762 typos; from stevesk@sweden.hp.com
1763 - markus@cvs.openbsd.org 2000/10/15 08:18:31
1764 [rijndael.c]
1765 typo
61e96248 1766 - (djm) Copy manpages back over from OpenBSD - too tedious to wade
30d8b039 1767 through diffs
61e96248 1768 - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola
30d8b039 1769 <pekkas@netcore.fi>
aa0289fe 1770 - (djm) Update version in Redhat spec file
61e96248 1771 - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
aa0289fe 1772 Redhat 7.0 spec file
5b2d4b75 1773 - (djm) Make inability to read/write PRNG seedfile non-fatal
1774
33de75a3 1775
4d670c24 177620001015
1777 - (djm) Fix ssh2 hang on background processes at logout.
1778
71dfaf1c 177920001014
443172c4 1780 - (bal) Add support for realpath and getcwd for platforms with broken
1781 or missing realpath implementations for sftp-server.
1782 - (bal) Corrected mistake in INSTALL in regards to GNU rx library
61e96248 1783 - (bal) Add support for GNU rx library for those lacking regexp support
71dfaf1c 1784 - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
02323c45 1785 - (djm) Revert SSH2 serverloop hack, will find a better way.
4ee81249 1786 - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch
1787 from Martin Johansson <fatbob@acc.umu.se>
94ec8c6b 1788 - (djm) Big OpenBSD sync:
1789 - markus@cvs.openbsd.org 2000/09/30 10:27:44
1790 [log.c]
1791 allow loglevel debug
1792 - markus@cvs.openbsd.org 2000/10/03 11:59:57
1793 [packet.c]
1794 hmac->mac
1795 - markus@cvs.openbsd.org 2000/10/03 12:03:03
1796 [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
1797 move fake-auth from auth1.c to individual auth methods, disables s/key in
1798 debug-msg
1799 - markus@cvs.openbsd.org 2000/10/03 12:16:48
1800 ssh.c
1801 do not resolve canonname, i have no idea why this was added oin ossh
1802 - markus@cvs.openbsd.org 2000/10/09 15:30:44
1803 ssh-keygen.1 ssh-keygen.c
1804 -X now reads private ssh.com DSA keys, too.
1805 - markus@cvs.openbsd.org 2000/10/09 15:32:34
1806 auth-options.c
1807 clear options on every call.
1808 - markus@cvs.openbsd.org 2000/10/09 15:51:00
1809 authfd.c authfd.h
1810 interop with ssh-agent2, from <res@shore.net>
1811 - markus@cvs.openbsd.org 2000/10/10 14:20:45
1812 compat.c
1813 use rexexp for version string matching
1814 - provos@cvs.openbsd.org 2000/10/10 22:02:18
1815 [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
1816 First rough implementation of the diffie-hellman group exchange. The
1817 client can ask the server for bigger groups to perform the diffie-hellman
1818 in, thus increasing the attack complexity when using ciphers with longer
1819 keys. University of Windsor provided network, T the company.
1820 - markus@cvs.openbsd.org 2000/10/11 13:59:52
1821 [auth-rsa.c auth2.c]
1822 clear auth options unless auth sucessfull
1823 - markus@cvs.openbsd.org 2000/10/11 14:00:27
1824 [auth-options.h]
1825 clear auth options unless auth sucessfull
1826 - markus@cvs.openbsd.org 2000/10/11 14:03:27
1827 [scp.1 scp.c]
1828 support 'scp -o' with help from mouring@pconline.com
1829 - markus@cvs.openbsd.org 2000/10/11 14:11:35
1830 [dh.c]
1831 Wall
1832 - markus@cvs.openbsd.org 2000/10/11 14:14:40
1833 [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
1834 [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
1835 add support for s/key (kbd-interactive) to ssh2, based on work by
1836 mkiernan@avantgo.com and me
1837 - markus@cvs.openbsd.org 2000/10/11 14:27:24
1838 [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
1839 [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
1840 [sshconnect2.c sshd.c]
1841 new cipher framework
1842 - markus@cvs.openbsd.org 2000/10/11 14:45:21
1843 [cipher.c]
1844 remove DES
1845 - markus@cvs.openbsd.org 2000/10/12 03:59:20
1846 [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
1847 enable DES in SSH-1 clients only
1848 - markus@cvs.openbsd.org 2000/10/12 08:21:13
1849 [kex.h packet.c]
1850 remove unused
1851 - markus@cvs.openbsd.org 2000/10/13 12:34:46
1852 [sshd.c]
1853 Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se
1854 - markus@cvs.openbsd.org 2000/10/13 12:59:15
1855 [cipher.c cipher.h myproposal.h rijndael.c rijndael.h]
1856 rijndael/aes support
1857 - markus@cvs.openbsd.org 2000/10/13 13:10:54
1858 [sshd.8]
1859 more info about -V
1860 - markus@cvs.openbsd.org 2000/10/13 13:12:02
1861 [myproposal.h]
1862 prefer no compression
3ed32516 1863 - (djm) Fix scp user@host handling
1864 - (djm) Don't clobber ssh_prng_cmds on install
6bcf7caa 1865 - (stevesk) Include config.h in rijndael.c so we define intXX_t and
1866 u_intXX_t types on all platforms.
9ea53ba5 1867 - (stevesk) rijndael.c: cleanup missing declaration warnings.
2919e060 1868 - (stevesk) ~/.hushlogin shouldn't cause required password change to
1869 be bypassed.
f5665f6f 1870 - (stevesk) Display correct path to ssh-askpass in configure output.
1871 Report from Lutz Jaenicke.
71dfaf1c 1872
ebd782f7 187320001007
1874 - (stevesk) Print PAM return value in PAM log messages to aid
1875 with debugging.
97994d32 1876 - (stevesk) Fix detection of pw_class struct member in configure;
1877 patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp>
1878
47a134c1 187920001002
1880 - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com>
1881 - (djm) Add host system and CC to end-of-configure report. Suggested by
1882 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
1883
7322ef0e 188420000931
1885 - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com>
1886
6ac7829a 188720000930
b6490dcb 1888 - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi>
61e96248 1889 - (djm) Support in bsd-snprintf.c for long long conversions from
772bd898 1890 Ben Lindstrom <mouring@pconline.com>
1891 - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com>
857040fb 1892 - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with
61e96248 1893 very short lived X connections. Bug report from Tobias Oetiker
857040fb 1894 <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org>
bd2d7f6a 1895 - (djm) Add recent InitScripts as a RPM dependancy for openssh-server
1896 patch from Pekka Savola <pekkas@netcore.fi>
58665035 1897 - (djm) Forgot to cvs add LICENSE file
dc2901a0 1898 - (djm) Add LICENSE to RPM spec files
de273eef 1899 - (djm) CVS OpenBSD sync:
1900 - markus@cvs.openbsd.org 2000/09/26 13:59:59
1901 [clientloop.c]
1902 use debug2
1903 - markus@cvs.openbsd.org 2000/09/27 15:41:34
1904 [auth2.c sshconnect2.c]
1905 use key_type()
1906 - markus@cvs.openbsd.org 2000/09/28 12:03:18
1907 [channels.c]
1908 debug -> debug2 cleanup
61e96248 1909 - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only
2a7d529a 1910 strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis
1911 <Alain.St-Denis@ec.gc.ca>
61e96248 1912 - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass.
1913 Problem was caused by interrupted read in ssh-add. Report from Donald
2a7d529a 1914 J. Barry <don@astro.cornell.edu>
6ac7829a 1915
c5d85828 191620000929
1917 - (djm) Fix SSH2 not terminating until all background tasks done problem.
61e96248 1918 - (djm) Another off-by-one fix from Pavel Kankovsky
1919 <peak@argo.troja.mff.cuni.cz>
22d89d24 1920 - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
1921 tidy necessary differences. Use Markus' new debugN() in entropy.c
61e96248 1922 - (djm) Merged big SCO portability patch from Tim Rice
77bb0bca 1923 <tim@multitalents.net>
c5d85828 1924
6fd7f731 192520000926
1926 - (djm) Update X11-askpass to 1.0.2 in RPM spec file
c5ae7384 1927 - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX
61e96248 1928 - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c.
1929 Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
6fd7f731 1930
2f125ca1 193120000924
1932 - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net>
1933 - (djm) A bit more cleanup - created cygwin_util.h
bcdaaeab 1934 - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller
1935 <markm@swoon.net>
2f125ca1 1936
764d4113 193720000923
61e96248 1938 - (djm) Fix address logging in utmp from Kevin Steves
764d4113 1939 <stevesk@sweden.hp.com>
777319db 1940 - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi>
bd590612 1941 - (djm) Seperate tests for int64_t and u_int64_t types
61e96248 1942 - (djm) Tweak password expiry checking at suggestion of Kevin Steves
37c1c46d 1943 <stevesk@sweden.hp.com>
e79b44e1 1944 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
61e96248 1945 - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from
e2144f11 1946 Michael Stone <mstone@cs.loyola.edu>
188adeb2 1947 - (djm) OpenBSD CVS sync:
1948 - markus@cvs.openbsd.org 2000/09/17 09:38:59
1949 [sshconnect2.c sshd.c]
1950 fix DEBUG_KEXDH
1951 - markus@cvs.openbsd.org 2000/09/17 09:52:51
1952 [sshconnect.c]
1953 yes no; ok niels@
1954 - markus@cvs.openbsd.org 2000/09/21 04:55:11
1955 [sshd.8]
1956 typo
1957 - markus@cvs.openbsd.org 2000/09/21 05:03:54
1958 [serverloop.c]
1959 typo
1960 - markus@cvs.openbsd.org 2000/09/21 05:11:42
1961 scp.c
1962 utime() to utimes(); mouring@pconline.com
1963 - markus@cvs.openbsd.org 2000/09/21 05:25:08
1964 sshconnect2.c
1965 change login logic in ssh2, allows plugin of other auth methods
1966 - markus@cvs.openbsd.org 2000/09/21 05:25:35
1967 [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h]
1968 [serverloop.c]
1969 add context to dispatch_run
1970 - markus@cvs.openbsd.org 2000/09/21 05:07:52
1971 authfd.c authfd.h ssh-agent.c
1972 bug compat for old ssh.com software
764d4113 1973
7f377177 197420000920
1975 - (djm) Fix bad path substitution. Report from Andrew Miner
1976 <asminer@cs.iastate.edu>
1977
bcbf86ec 197820000916
61e96248 1979 - (djm) Fix SSL search order from Lutz Jaenicke
7950bf97 1980 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
19ece6d2 1981 - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de>
9cd45ea4 1982 - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com>
995edaac 1983 - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage.
1984 Patch from Larry Jones <larry.jones@sdrc.com>
61e96248 1985 - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM
ad55cd03 1986 password change patch.
1987 - (djm) Bring licenses on my stuff in line with OpenBSD's
0bbfbdeb 1988 - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from
1989 Kevin Steves <stevesk@sweden.hp.com>
7f8f5e00 1990 - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz>
1991 - (djm) Re-enable int64_t types - we need them for sftp
1992 - (djm) Use libexecdir from configure , rather than libexecdir/ssh
1993 - (djm) Update Redhat SPEC file accordingly
1994 - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files
1995 - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch
61e96248 1996 - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter
7f8f5e00 1997 <Dirk.DeWachter@rug.ac.be>
61e96248 1998 - (djm) Fixprogs and entropy list fixes from Larry Jones
7f8f5e00 1999 <larry.jones@sdrc.com>
2000 - (djm) Fix for SuSE spec file from Takashi YOSHIDA
2001 <tyoshida@gemini.rc.kyushu-u.ac.jp>
bcbf86ec 2002 - (djm) Merge OpenBSD changes:
2003 - markus@cvs.openbsd.org 2000/09/05 02:59:57
2004 [session.c]
2005 print hostname (not hushlogin)
2006 - markus@cvs.openbsd.org 2000/09/05 13:18:48
2007 [authfile.c ssh-add.c]
2008 enable ssh-add -d for DSA keys
2009 - markus@cvs.openbsd.org 2000/09/05 13:20:49
2010 [sftp-server.c]
2011 cleanup
2012 - markus@cvs.openbsd.org 2000/09/06 03:46:41
2013 [authfile.h]
2014 prototype
2015 - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
2016 [ALL]
61e96248 2017 cleanup copyright notices on all files. I have attempted to be
2018 accurate with the details. everything is now under Tatu's licence
2019 (which I copied from his readme), and/or the core-sdi bsd-ish thing
2020 for deattack, or various openbsd developers under a 2-term bsd
bcbf86ec 2021 licence. We're not changing any rules, just being accurate.
2022 - markus@cvs.openbsd.org 2000/09/07 14:40:30
2023 [channels.c channels.h clientloop.c serverloop.c ssh.c]
2024 cleanup window and packet sizes for ssh2 flow control; ok niels
2025 - markus@cvs.openbsd.org 2000/09/07 14:53:00
2026 [scp.c]
2027 typo
2028 - markus@cvs.openbsd.org 2000/09/07 15:13:37
2029 [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
2030 [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
2031 [pty.c readconf.c]
2032 some more Copyright fixes
2033 - markus@cvs.openbsd.org 2000/09/08 03:02:51
2034 [README.openssh2]
2035 bye bye
2036 - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
2037 [LICENCE cipher.c]
2038 a few more comments about it being ARC4 not RC4
2039 - markus@cvs.openbsd.org 2000/09/12 14:53:11
2040 [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
2041 multiple debug levels
2042 - markus@cvs.openbsd.org 2000/09/14 14:25:15
2043 [clientloop.c]
2044 typo
2045 - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
2046 [ssh-agent.c]
2047 check return value for setenv(3) for failure, and deal appropriately
2048
deb8d717 204920000913
2050 - (djm) Fix server not exiting with jobs in background.
2051
b5e300c2 205220000905
2053 - (djm) Import OpenBSD CVS changes
2054 - markus@cvs.openbsd.org 2000/08/31 15:52:24
2055 [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
2056 implement a SFTP server. interops with sftp2, scp2 and the windows
2057 client from ssh.com
2058 - markus@cvs.openbsd.org 2000/08/31 15:56:03
2059 [README.openssh2]
2060 sync
2061 - markus@cvs.openbsd.org 2000/08/31 16:05:42
2062 [session.c]
2063 Wall
2064 - markus@cvs.openbsd.org 2000/08/31 16:09:34
2065 [authfd.c ssh-agent.c]
2066 add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
2067 - deraadt@cvs.openbsd.org 2000/09/01 09:25:13
2068 [scp.1 scp.c]
2069 cleanup and fix -S support; stevesk@sweden.hp.com
2070 - markus@cvs.openbsd.org 2000/09/01 16:29:32
2071 [sftp-server.c]
2072 portability fixes
2073 - markus@cvs.openbsd.org 2000/09/01 16:32:41
2074 [sftp-server.c]
2075 fix cast; mouring@pconline.com
2076 - itojun@cvs.openbsd.org 2000/09/03 09:23:28
2077 [ssh-add.1 ssh.1]
2078 add missing .El against .Bl.
2079 - markus@cvs.openbsd.org 2000/09/04 13:03:41
2080 [session.c]
2081 missing close; ok theo
2082 - markus@cvs.openbsd.org 2000/09/04 13:07:21
2083 [session.c]
2084 fix get_last_login_time order; from andre@van-veen.de
2085 - markus@cvs.openbsd.org 2000/09/04 13:10:09
2086 [sftp-server.c]
2087 more cast fixes; from mouring@pconline.com
2088 - markus@cvs.openbsd.org 2000/09/04 13:06:04
2089 [session.c]
2090 set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
2091 - (djm) Cleanup after import. Fix sftp-server compilation, Makefile
3c62e7eb 2092 - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com>
2093
1e61f54a 209420000903
2095 - (djm) Fix Redhat init script
2096
c80876b4 209720000901
2098 - (djm) Pick up Jim's new X11-askpass
2099 - (djm) Release 2.2.0p1
2100
8b4a0d08 210120000831
bcbf86ec 2102 - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox
8b4a0d08 2103 <acox@cv.telegroup.com>
b817711d 2104 - (djm) Pick up new version (2.2.0) from OpenBSD CVS
8b4a0d08 2105
0b65b628 210620000830
2107 - (djm) Compile warning fixes from Mark Miller <markm@swoon.net>
10fa00c8 2108 - (djm) Periodically rekey arc4random
2109 - (djm) Clean up diff against OpenBSD.
bcbf86ec 2110 - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves
2b10f47a 2111 <stevesk@sweden.hp.com>
b33a2e6e 2112 - (djm) Quieten the pam delete credentials error message
44839801 2113 - (djm) Fix printing of $DISPLAY hack if set by system type. Report from
2114 Kevin Steves <stevesk@sweden.hp.com>
84a770d1 2115 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
7efa2776 2116 - (djm) Fix doh in bsd-arc4random.c
0b65b628 2117
9aaf9be4 211820000829
bcbf86ec 2119 - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert
2120 Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and
9aaf9be4 2121 Garrick James <garrick@james.net>
b5f90139 2122 - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from
2123 Bastian Trompetter <btrompetter@firemail.de>
698d107e 2124 - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com>
14a9a859 2125 - More OpenBSD updates:
2126 - deraadt@cvs.openbsd.org 2000/08/24 15:46:59
2127 [scp.c]
2128 off_t in sink, to fix files > 2GB, i think, test is still running ;-)
2129 - deraadt@cvs.openbsd.org 2000/08/25 10:10:06
2130 [session.c]
2131 Wall
2132 - markus@cvs.openbsd.org 2000/08/26 04:33:43
2133 [compat.c]
2134 ssh.com-2.3.0
2135 - markus@cvs.openbsd.org 2000/08/27 12:18:05
2136 [compat.c]
2137 compatibility with future ssh.com versions
2138 - deraadt@cvs.openbsd.org 2000/08/27 21:50:55
2139 [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c]
2140 print uid/gid as unsigned
2141 - markus@cvs.openbsd.org 2000/08/28 13:51:00
2142 [ssh.c]
2143 enable -n and -f for ssh2
2144 - markus@cvs.openbsd.org 2000/08/28 14:19:53
2145 [ssh.c]
2146 allow combination of -N and -f
2147 - markus@cvs.openbsd.org 2000/08/28 14:20:56
2148 [util.c]
2149 util.c
2150 - markus@cvs.openbsd.org 2000/08/28 14:22:02
2151 [util.c]
2152 undo
2153 - markus@cvs.openbsd.org 2000/08/28 14:23:38
2154 [util.c]
2155 don't complain if setting NONBLOCK fails with ENODEV
9aaf9be4 2156
137d7b6c 215720000823
2158 - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4
bcbf86ec 2159 Avoids "scp never exits" problem. Reports from Lutz Jaenicke
2160 <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA
137d7b6c 2161 <kajiyama@grad.sccs.chukyo-u.ac.jp>
2e73a022 2162 - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
da40ab4d 2163 - (djm) Add local version to version.h
ea788c22 2164 - (djm) Don't reseed arc4random everytime it is used
2e73a022 2165 - (djm) OpenBSD CVS updates:
2166 - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
2167 [ssh.c]
2168 accept remsh as a valid name as well; roman@buildpoint.com
2169 - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
2170 [deattack.c crc32.c packet.c]
2171 rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to
2172 libz crc32 function yet, because it has ugly "long"'s in it;
2173 oneill@cs.sfu.ca
2174 - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
2175 [scp.1 scp.c]
2176 -S prog support; tv@debian.org
2177 - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
2178 [scp.c]
2179 knf
2180 - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
2181 [log-client.c]
2182 shorten
2183 - markus@cvs.openbsd.org 2000/08/19 12:48:11
2184 [channels.c channels.h clientloop.c ssh.c ssh.h]
2185 support for ~. in ssh2
2186 - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
2187 [crc32.h]
2188 proper prototype
2189 - markus@cvs.openbsd.org 2000/08/19 15:34:44
bcbf86ec 2190 [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
2191 [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
2e73a022 2192 [fingerprint.c fingerprint.h]
2193 add SSH2/DSA support to the agent and some other DSA related cleanups.
2194 (note that we cannot talk to ssh.com's ssh2 agents)
2195 - markus@cvs.openbsd.org 2000/08/19 15:55:52
2196 [channels.c channels.h clientloop.c]
2197 more ~ support for ssh2
2198 - markus@cvs.openbsd.org 2000/08/19 16:21:19
2199 [clientloop.c]
2200 oops
2201 - millert@cvs.openbsd.org 2000/08/20 12:25:53
2202 [session.c]
2203 We have to stash the result of get_remote_name_or_ip() before we
2204 close our socket or getpeername() will get EBADF and the process
2205 will exit. Only a problem for "UseLogin yes".
2206 - millert@cvs.openbsd.org 2000/08/20 12:30:59
2207 [session.c]
2208 Only check /etc/nologin if "UseLogin no" since login(1) may have its
2209 own policy on determining who is allowed to login when /etc/nologin
2210 is present. Also use the _PATH_NOLOGIN define.
2211 - millert@cvs.openbsd.org 2000/08/20 12:42:43
2212 [auth1.c auth2.c session.c ssh.c]
2213 Add calls to setusercontext() and login_get*(). We basically call
2214 setusercontext() in most places where previously we did a setlogin().
2215 Add default login.conf file and put root in the "daemon" login class.
2216 - millert@cvs.openbsd.org 2000/08/21 10:23:31
2217 [session.c]
2218 Fix incorrect PATH setting; noted by Markus.
137d7b6c 2219
c345cf9d 222020000818
2221 - (djm) OpenBSD CVS changes:
2222 - markus@cvs.openbsd.org 2000/07/22 03:14:37
2223 [servconf.c servconf.h sshd.8 sshd.c sshd_config]
2224 random early drop; ok theo, niels
2225 - deraadt@cvs.openbsd.org 2000/07/26 11:46:51
2226 [ssh.1]
2227 typo
2228 - deraadt@cvs.openbsd.org 2000/08/01 11:46:11
2229 [sshd.8]
2230 many fixes from pepper@mail.reppep.com
2231 - provos@cvs.openbsd.org 2000/08/01 13:01:42
2232 [Makefile.in util.c aux.c]
2233 rename aux.c to util.c to help with cygwin port
2234 - deraadt@cvs.openbsd.org 2000/08/02 00:23:31
2235 [authfd.c]
2236 correct sun_len; Alexander@Leidinger.net
2237 - provos@cvs.openbsd.org 2000/08/02 10:27:17
2238 [readconf.c sshd.8]
2239 disable kerberos authentication by default
2240 - provos@cvs.openbsd.org 2000/08/02 11:27:05
2241 [sshd.8 readconf.c auth-krb4.c]
2242 disallow kerberos authentication if we can't verify the TGT; from
2243 dugsong@
2244 kerberos authentication is on by default only if you have a srvtab.
2245 - markus@cvs.openbsd.org 2000/08/04 14:30:07
2246 [auth.c]
2247 unused
2248 - markus@cvs.openbsd.org 2000/08/04 14:30:35
2249 [sshd_config]
2250 MaxStartups
2251 - markus@cvs.openbsd.org 2000/08/15 13:20:46
2252 [authfd.c]
2253 cleanup; ok niels@
2254 - markus@cvs.openbsd.org 2000/08/17 14:05:10
2255 [session.c]
2256 cleanup login(1)-like jobs, no duplicate utmp entries
2257 - markus@cvs.openbsd.org 2000/08/17 14:06:34
2258 [session.c sshd.8 sshd.c]
2259 sshd -u len, similar to telnetd
1a022229 2260 - (djm) Lastlog was not getting closed after writing login entry
39987cc0 2261 - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com>
c345cf9d 2262
416ed5a7 226320000816
2264 - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
bcbf86ec 2265 - (djm) Fix strerror replacement for old SunOS. Based on patch from
416ed5a7 2266 Charles Levert <charles@comm.polymtl.ca>
bcbf86ec 2267 - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
416ed5a7 2268 implementation.
ba606eb2 2269 - (djm) SUN_LEN macro for systems which lack it
416ed5a7 2270
dbaa2e87 227120000815
2272 - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com>
cd352c82 2273 - (djm) Avoid failures on Irix when ssh is not setuid. Fix from
2274 Michael Stone <mstone@cs.loyola.edu>
d93a7e5a 2275 - (djm) Don't seek in directory based lastlogs
bcbf86ec 2276 - (djm) Fix --with-ipaddr-display configure option test. Patch from
d93a7e5a 2277 Jarno Huuskonen <jhuuskon@messi.uku.fi>
2a2cb9e7 2278 - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br>
dbaa2e87 2279
6c33bf70 228020000813
2281 - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from
2282 Fabrice bacchella <fabrice.bacchella@marchfirst.fr>
2283
3fcce26c 228420000809
bcbf86ec 2285 - (djm) Define AIX hard limits if headers don't. Report from
3fcce26c 2286 Bill Painter <william.t.painter@lmco.com>
bcbf86ec 2287 - (djm) utmp direct write & SunOS 4 patch from Charles Levert
32eec038 2288 <charles@comm.polymtl.ca>
3fcce26c 2289
71d43804 229020000808
2291 - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install
2292 time, spec file cleanup.
2293
f9bcea07 229420000807
378f2232 2295 - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke
47670e77 2296 - (djm) Suppress error messages on channel close shutdown() failurs
2297 works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org>
378f2232 2298 - (djm) Add some more entropy collection commands from Lutz Jaenicke
f9bcea07 2299
bcf89935 230020000725
2301 - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF
2302
4c8722d9 230320000721
2304 - (djm) OpenBSD CVS updates:
2305 - markus@cvs.openbsd.org 2000/07/16 02:27:22
2306 [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
2307 [sshconnect1.c sshconnect2.c]
2308 make ssh-add accept dsa keys (the agent does not)
2309 - djm@cvs.openbsd.org 2000/07/17 19:25:02
2310 [sshd.c]
2311 Another closing of stdin; ok deraadt
2312 - markus@cvs.openbsd.org 2000/07/19 18:33:12
2313 [dsa.c]
2314 missing free, reorder
2315 - markus@cvs.openbsd.org 2000/07/20 16:23:14
2316 [ssh-keygen.1]
2317 document input and output files
2318
240777b8 231920000720
4c8722d9 2320 - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz>
240777b8 2321
3c7def32 232220000716
4c8722d9 2323 - (djm) Release 2.1.1p4
3c7def32 2324
819b676f 232520000715
704b1659 2326 - (djm) OpenBSD CVS updates
2327 - provos@cvs.openbsd.org 2000/07/13 16:53:22
2328 [aux.c readconf.c servconf.c ssh.h]
2329 allow multiple whitespace but only one '=' between tokens, bug report from
2330 Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@
2331 - provos@cvs.openbsd.org 2000/07/13 17:14:09
2332 [clientloop.c]
2333 typo; todd@fries.net
2334 - provos@cvs.openbsd.org 2000/07/13 17:19:31
2335 [scp.c]
2336 close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu>
2337 - markus@cvs.openbsd.org 2000/07/14 16:59:46
2338 [readconf.c servconf.c]
2339 allow leading whitespace. ok niels
2340 - djm@cvs.openbsd.org 2000/07/14 22:01:38
2341 [ssh-keygen.c ssh.c]
2342 Always create ~/.ssh with mode 700; ok Markus
819b676f 2343 - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca>
2344 - Include floatingpoint.h for entropy.c
2345 - strerror replacement
704b1659 2346
3f7a7e4a 234720000712
c37fb3c1 2348 - (djm) Remove -lresolve for Reliant Unix
3f7a7e4a 2349 - (djm) OpenBSD CVS Updates:
2350 - deraadt@cvs.openbsd.org 2000/07/11 02:11:34
2351 [session.c sshd.c ]
2352 make MaxStartups code still work with -d; djm
2353 - deraadt@cvs.openbsd.org 2000/07/11 13:17:45
2354 [readconf.c ssh_config]
2355 disable FallBackToRsh by default
c37fb3c1 2356 - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from
2357 Ben Lindstrom <mouring@pconline.com>
1e970014 2358 - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM
2359 spec file.
dcb36e5d 2360 - (djm) Released 2.1.1p3
3f7a7e4a 2361
56118702 236220000711
2363 - (djm) Fixup for AIX getuserattr() support from Tom Bertelson
2364 <tbert@abac.com>
132dd316 2365 - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de>
bcbf86ec 2366 - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom
c99e5056 2367 <mouring@pconline.com>
bcbf86ec 2368 - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report
dc2a6d09 2369 from Jim Watt <jimw@peisj.pebio.com>
2d9a148e 2370 - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known
2371 to compile on more platforms (incl NeXT).
cc6f2c4c 2372 - (djm) Added bsd-inet_aton and configure support for NeXT
aae19451 2373 - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com>
089fbbd2 2374 - (djm) OpenBSD CVS updates:
2375 - markus@cvs.openbsd.org 2000/06/26 03:22:29
2376 [authfd.c]
2377 cleanup, less cut&paste
2378 - markus@cvs.openbsd.org 2000/06/26 15:59:19
2379 [servconf.c servconf.h session.c sshd.8 sshd.c]
bcbf86ec 2380 MaxStartups: limit number of unauthenticated connections, work by
089fbbd2 2381 theo and me
2382 - deraadt@cvs.openbsd.org 2000/07/05 14:18:07
2383 [session.c]
2384 use no_x11_forwarding_flag correctly; provos ok
2385 - provos@cvs.openbsd.org 2000/07/05 15:35:57
2386 [sshd.c]
2387 typo
2388 - aaron@cvs.openbsd.org 2000/07/05 22:06:58
2389 [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8]
bcbf86ec 2390 Insert more missing .El directives. Our troff really should identify
089fbbd2 2391 these and spit out a warning.
2392 - todd@cvs.openbsd.org 2000/07/06 21:55:04
2393 [auth-rsa.c auth2.c ssh-keygen.c]
2394 clean code is good code
2395 - deraadt@cvs.openbsd.org 2000/07/07 02:14:29
2396 [serverloop.c]
2397 sense of port forwarding flag test was backwards
2398 - provos@cvs.openbsd.org 2000/07/08 17:17:31
2399 [compat.c readconf.c]
2400 replace strtok with strsep; from David Young <dyoung@onthejob.net>
2401 - deraadt@cvs.openbsd.org 2000/07/08 19:21:15
2402 [auth.h]
2403 KNF
2404 - ho@cvs.openbsd.org 2000/07/08 19:27:33
2405 [compat.c readconf.c]
2406 Better conditions for strsep() ending.
2407 - ho@cvs.openbsd.org 2000/07/10 10:27:05
2408 [readconf.c]
2409 Get the correct message on errors. (niels@ ok)
2410 - ho@cvs.openbsd.org 2000/07/10 10:30:25
2411 [cipher.c kex.c servconf.c]
2412 strtok() --> strsep(). (niels@ ok)
5540ea9b 2413 - (djm) Fix problem with debug mode and MaxStartups
eb37534b 2414 - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM
2415 builds)
229f64ee 2416 - (djm) Add strsep function from OpenBSD libc for systems that lack it
56118702 2417
a8545c6c 241820000709
2419 - (djm) Only enable PAM_TTY kludge for Linux. Problem report from
2420 Kevin Steves <stevesk@sweden.hp.com>
ec90a7d6 2421 - (djm) Match prototype and function declaration for rresvport_af.
2422 Problem report from Niklas Edmundsson <nikke@ing.umu.se>
bcbf86ec 2423 - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM
732e8ac5 2424 builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu>
37f1df94 2425 - (djm) Replace ut_name with ut_user. Patch from Jim Watt
2426 <jimw@peisj.pebio.com>
264dce47 2427 - (djm) Fix pam sprintf fix
2428 - (djm) Cleanup entropy collection code a little more. Split initialisation
2429 from seeding, perform intialisation immediatly at start, be careful with
2430 uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
5bf9cfe9 2431 - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
2432 Including sigaction() et al. replacements
bcbf86ec 2433 - (djm) AIX getuserattr() session initialisation from Tom Bertelson
eeec075f 2434 <tbert@abac.com>
a8545c6c 2435
e2902a5b 243620000708
bcbf86ec 2437 - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from
e2902a5b 2438 Aaron Hopkins <aaron@die.net>
7a33f831 2439 - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from
2440 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
bcbf86ec 2441 - (djm) Fixed undefined variables for OSF SIA. Report from
b3f162ba 2442 Baars, Henk <Hendrik.Baars@nl.origin-it.com>
bcbf86ec 2443 - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c
b28e4a3b 2444 Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL>
bcbf86ec 2445 - (djm) Don't use inet_addr.
e2902a5b 2446
5637650d 244720000702
2448 - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com>
27494968 2449 - (djm) Stop shadow expiry checking from preventing logins with NIS. Based
2450 on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
a4070484 2451 - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from
2452 Chris, the Young One <cky@pobox.com>
bcbf86ec 2453 - (djm) Fix scp progress meter on really wide terminals. Based on patch
88726b31 2454 from James H. Cloos Jr. <cloos@jhcloos.com>
5637650d 2455
388e9f9f 245620000701
2457 - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu>
daaff4d5 2458 - (djm) Login fixes from Tom Bertelson <tbert@abac.com>
82258d68 2459 - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen
2460 <vinschen@cygnus.com>
30228d7c 2461 - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM
2647ae26 2462 - (djm) Added check for broken snprintf() functions which do not correctly
2463 terminate output string and attempt to use replacement.
46158300 2464 - (djm) Released 2.1.1p2
388e9f9f 2465
9f32ceb4 246620000628
2467 - (djm) Fixes to lastlog code for Irix
2468 - (djm) Use atomicio in loginrec
3206bb3b 2469 - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for
2470 Irix 6.x array sessions, project id's, and system audit trail id.
9e0c3e1f 2471 - (djm) Added 'distprep' make target to simplify packaging
bcbf86ec 2472 - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA
4d33e531 2473 support. Enable using "USE_SIA=1 ./configure [options]"
61e96248 2474
d8caae24 247520000627
2476 - (djm) Fixes to login code - not setting li->uid, cleanups
a05a70ab 2477 - (djm) Formatting
d8caae24 2478
fe30cc2e 247920000626
3e98362e 2480 - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net>
4cb5ffa0 2481 - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
2482 - (djm) Added password expiry checking (no password change support)
be0b9bb7 2483 - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK
2484 based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
b5b3f75d 2485 - (djm) Fix fixed EGD code.
3e98362e 2486 - OpenBSD CVS update
2487 - provos@cvs.openbsd.org 2000/06/25 14:17:58
2488 [channels.c]
2489 correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
2490
1c04b088 249120000623
bcbf86ec 2492 - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
1c04b088 2493 Svante Signell <svante.signell@telia.com>
2494 - (djm) Autoconf logic to define sa_family_t if it is missing
e5a0294f 2495 - OpenBSD CVS Updates:
2496 - markus@cvs.openbsd.org 2000/06/22 10:32:27
2497 [sshd.c]
2498 missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL
2499 - djm@cvs.openbsd.org 2000/06/22 17:55:00
2500 [auth-krb4.c key.c radix.c uuencode.c]
2501 Missing CVS idents; ok markus
1c04b088 2502
f528fdf2 250320000622
2504 - (djm) Automatically generate host key during "make install". Suggested
2505 by Gary E. Miller <gem@rellim.com>
2506 - (djm) Paranoia before kill() system call
74fc9186 2507 - OpenBSD CVS Updates:
2508 - markus@cvs.openbsd.org 2000/06/18 18:50:11
2509 [auth2.c compat.c compat.h sshconnect2.c]
2510 make userauth+pubkey interop with ssh.com-2.2.0
2511 - markus@cvs.openbsd.org 2000/06/18 20:56:17
2512 [dsa.c]
2513 mem leak + be more paranoid in dsa_verify.
2514 - markus@cvs.openbsd.org 2000/06/18 21:29:50
2515 [key.c]
2516 cleanup fingerprinting, less hardcoded sizes
2517 - markus@cvs.openbsd.org 2000/06/19 19:39:45
2518 [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
2519 [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
bcbf86ec 2520 [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
74fc9186 2521 [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
2522 [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
bcbf86ec 2523 [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
2524 [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
74fc9186 2525 [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
2526 [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
2527 OpenBSD tag
2528 - markus@cvs.openbsd.org 2000/06/21 10:46:10
2529 sshconnect2.c missing free; nuke old comment
f528fdf2 2530
e5fe9a1f 253120000620
2532 - (djm) Replace use of '-o' and '-a' logical operators in configure tests
986a22ec 2533 with '||' and '&&'. As suggested by Jim Knoble <jmknoble@jmknoble.cx>
e5fe9a1f 2534 to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
c03aced4 2535 - (djm) Typo in loginrec.c
e5fe9a1f 2536
cbd7492e 253720000618
2538 - (djm) Add summary of configure options to end of ./configure run
bcbf86ec 2539 - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
cbd7492e 2540 Michael Stone <mstone@cs.loyola.edu>
bcbf86ec 2541 - (djm) rusage is a privileged operation on some Unices (incl.
cbd7492e 2542 Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
bcbf86ec 2543 - (djm) Avoid PAM failures when running without a TTY. Report from
cbd7492e 2544 Martin Petrak <petrak@spsknm.schools.sk>
2545 - (djm) Include sys/types.h when including netinet/in.h in configure tests.
2546 Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
729bfe59 2547 - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support
38c295d6 2548 - OpenBSD CVS updates:
2549 - deraadt@cvs.openbsd.org 2000/06/17 09:58:46
2550 [channels.c]
2551 everyone says "nix it" (remove protocol 2 debugging message)
2552 - markus@cvs.openbsd.org 2000/06/17 13:24:34
2553 [sshconnect.c]
2554 allow extended server banners
2555 - markus@cvs.openbsd.org 2000/06/17 14:30:10
2556 [sshconnect.c]
2557 missing atomicio, typo
2558 - jakob@cvs.openbsd.org 2000/06/17 16:52:34
2559 [servconf.c servconf.h session.c sshd.8 sshd_config]
2560 add support for ssh v2 subsystems. ok markus@.
2561 - deraadt@cvs.openbsd.org 2000/06/17 18:57:48
2562 [readconf.c servconf.c]
2563 include = in WHITESPACE; markus ok
2564 - markus@cvs.openbsd.org 2000/06/17 19:09:10
2565 [auth2.c]
2566 implement bug compatibility with ssh-2.0.13 pubkey, server side
2567 - markus@cvs.openbsd.org 2000/06/17 21:00:28
2568 [compat.c]
2569 initial support for ssh.com's 2.2.0
2570 - markus@cvs.openbsd.org 2000/06/17 21:16:09
2571 [scp.c]
2572 typo
2573 - markus@cvs.openbsd.org 2000/06/17 22:05:02
2574 [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
2575 split auth-rsa option parsing into auth-options
2576 add options support to authorized_keys2
2577 - markus@cvs.openbsd.org 2000/06/17 22:42:54
2578 [session.c]
2579 typo
cbd7492e 2580
509b1f88 258120000613
2582 - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
2583 - Platform define for SCO 3.x which breaks on /dev/ptmx
2584 - Detect and try to fix missing MAXPATHLEN
a4d05724 2585 - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
2586 <P.S.S.Camp@ukc.ac.uk>
509b1f88 2587
09564242 258820000612
2589 - (djm) Glob manpages in RPM spec files to catch compressed files
2590 - (djm) Full license in auth-pam.c
08ae384f 2591 - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
383207f7 2592 - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>:
2593 - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
2594 def'd
2595 - Set AIX to use preformatted manpages
61e96248 2596
74b224a0 259720000610
2598 - (djm) Minor doc tweaks
217ab55e 2599 - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
74b224a0 2600
32c80420 260120000609
2602 - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
2603 (in favour of utmpx) on Solaris 8
2604
fa649821 260520000606
48c99b2c 2606 - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
2607 list of commands (by default). Removed verbose debugging (by default).
bcbf86ec 2608 - (djm) Increased command entropy estimates and default entropy collection
48c99b2c 2609 timeout
f988dce5 2610 - (djm) Remove duplicate headers from loginrec.c
c5fa2eb0 2611 - (djm) Don't add /usr/local/lib to library search path on Irix
bcbf86ec 2612 - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
fa649821 2613 <tibbs@math.uh.edu>
1e83f2a2 2614 - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
2615 <zack@wolery.cumb.org>
fa649821 2616 - (djm) OpenBSD CVS updates:
2617 - todd@cvs.openbsd.org
2618 [sshconnect2.c]
2619 teach protocol v2 to count login failures properly and also enable an
2620 explanation of why the password prompt comes up again like v1; this is NOT
2621 crypto
61e96248 2622 - markus@cvs.openbsd.org
fa649821 2623 [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
2624 xauth_location support; pr 1234
2625 [readconf.c sshconnect2.c]
2626 typo, unused
2627 [session.c]
2628 allow use_login only for login sessions, otherwise remote commands are
2629 execed with uid==0
2630 [sshd.8]
2631 document UseLogin better
2632 [version.h]
2633 OpenSSH 2.1.1
2634 [auth-rsa.c]
bcbf86ec 2635 fix match_hostname() logic for auth-rsa: deny access if we have a
fa649821 2636 negative match or no match at all
2637 [channels.c hostfile.c match.c]
bcbf86ec 2638 don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
fa649821 2639 kris@FreeBSD.org
2640
8e7b16f8 264120000606
bcbf86ec 2642 - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
8e7b16f8 2643 configure.
2644
d7c0f3d5 264520000604
2646 - Configure tweaking for new login code on Irix 5.3
2d6c411f 2647 - (andre) login code changes based on djm feedback
d7c0f3d5 2648
2d6c411f 264920000603
2650 - (andre) New login code
2651 - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c
2652 - Add loginrec.[ch], logintest.c and autoconf code
61e96248 2653
5daf7064 265420000531
2655 - Cleanup of auth.c, login.c and fake-*
2656 - Cleanup of auth-pam.c, save and print "account expired" error messages
e5662474 2657 - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp>
69134b9b 2658 - Rewrote bsd-login to use proper utmp API if available. Major cleanup
2659 of fallback DIY code.
5daf7064 2660
b9f446d1 266120000530
2662 - Define atexit for old Solaris
b02ebca1 2663 - Fix buffer overrun in login.c for systems which use syslen in utmpx.
2664 patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
71276795 2665 - OpenBSD CVS updates:
2666 - markus@cvs.openbsd.org
2667 [session.c]
2668 make x11-fwd work w/ localhost (xauth add host/unix:11)
2669 [cipher.c compat.c readconf.c servconf.c]
2670 check strtok() != NULL; ok niels@
2671 [key.c]
2672 fix key_read() for uuencoded keys w/o '='
2673 [serverloop.c]
2674 group ssh1 vs. ssh2 in serverloop
2675 [kex.c kex.h myproposal.h sshconnect2.c sshd.c]
2676 split kexinit/kexdh, factor out common code
2677 [readconf.c ssh.1 ssh.c]
2678 forwardagent defaults to no, add ssh -A
2679 - theo@cvs.openbsd.org
2680 [session.c]
2681 just some line shortening
60688ef9 2682 - Released 2.1.0p3
b9f446d1 2683
29611d9c 268420000520
2685 - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
25422c70 2686 - Don't touch utmp if USE_UTMPX defined
a423beaf 2687 - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
fc1e8bf4 2688 - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com>
bcbf86ec 2689 - HPUX and Configure fixes from Lutz Jaenicke
fc1e8bf4 2690 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
bcbf86ec 2691 - Use mkinstalldirs script to make directories instead of non-portable
fc1e8bf4 2692 "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
a905808d 2693 - Doc cleanup
29611d9c 2694
301e9b01 269520000518
2696 - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
2697 - OpenBSD CVS updates:
2698 - markus@cvs.openbsd.org
2699 [sshconnect.c]
2700 copy only ai_addrlen bytes; misiek@pld.org.pl
2701 [auth.c]
bcbf86ec 2702 accept an empty shell in authentication; bug reported by
301e9b01 2703 chris@tinker.ucr.edu
2704 [serverloop.c]
2705 we don't have stderr for interactive terminal sessions (fcntl errors)
2706
ad85db64 270720000517
2708 - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
2709 - Fixes command line printing segfaults (spotter: Bladt Norbert)
2710 - Fixes erroneous printing of debug messages to syslog
2711 - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
2712 - Gives useful error message if PRNG initialisation fails
2713 - Reduced ssh startup delay
2714 - Measures cumulative command time rather than the time between reads
704b1659 2715 after select()
ad85db64 2716 - 'fixprogs' perl script to eliminate non-working entropy commands, and
704b1659 2717 optionally run 'ent' to measure command entropy
c1ef8333 2718 - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
a64009ad 2719 - Avoid WCOREDUMP complation errors for systems that lack it
bcbf86ec 2720 - Avoid SIGCHLD warnings from entropy commands
28c1d5ce 2721 - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
0e73cc53 2722 - OpenBSD CVS update:
bcbf86ec 2723 - markus@cvs.openbsd.org
0e73cc53 2724 [ssh.c]
2725 fix usage()
2726 [ssh2.h]
2727 draft-ietf-secsh-architecture-05.txt
2728 [ssh.1]
2729 document ssh -T -N (ssh2 only)
2730 [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
2731 enable nonblocking IO for sshd w/ proto 1, too; split out common code
2732 [aux.c]
2733 missing include
c04f75f1 2734 - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
2735 - INSTALL typo and URL fix
2736 - Makefile fix
2737 - Solaris fixes
bcbf86ec 2738 - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
c04f75f1 2739 <ksakai@kso.netwk.ntt-at.co.jp>
afa5ee68 2740 - RSAless operation patch from kevin_oconnor@standardandpoors.com
d45e3d76 2741 - Detect OpenSSL seperatly from RSA
bcbf86ec 2742 - Better test for RSA (more compatible with RSAref). Based on work by
d45e3d76 2743 Ed Eden <ede370@stl.rural.usda.gov>
ad85db64 2744
3d1a1654 274520000513
bcbf86ec 2746 - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
3d1a1654 2747 <misiek@pld.org.pl>
2748
d02a3a00 274920000511
bcbf86ec 2750 - Fix for prng_seed permissions checking from Lutz Jaenicke
d02a3a00 2751 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
3d1a1654 2752 - "make host-key" fix for Irix
d02a3a00 2753
d0c832f3 275420000509
2755 - OpenBSD CVS update
2756 - markus@cvs.openbsd.org
2757 [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
2758 [ssh.h sshconnect1.c sshconnect2.c sshd.8]
2759 - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
2760 - hugh@cvs.openbsd.org
2761 [ssh.1]
2762 - zap typo
2763 [ssh-keygen.1]
2764 - One last nit fix. (markus approved)
2765 [sshd.8]
2766 - some markus certified spelling adjustments
2767 - markus@cvs.openbsd.org
2768 [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
2769 [sshconnect2.c ]
2770 - bug compat w/ ssh-2.0.13 x11, split out bugs
2771 [nchan.c]
2772 - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
2773 [ssh-keygen.c]
2774 - handle escapes in real and original key format, ok millert@
2775 [version.h]
2776 - OpenSSH-2.1
3dc1102e 2777 - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
e93ee87a 2778 - Doc updates
bcbf86ec 2779 - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported
21e5304a 2780 by Andre Lucas <andre.lucas@dial.pipex.com>
d0c832f3 2781
ebdeb9a8 278220000508
2783 - Makefile and RPM spec fixes
2784 - Generate DSA host keys during "make key" or RPM installs
f6cde515 2785 - OpenBSD CVS update
2786 - markus@cvs.openbsd.org
2787 [clientloop.c sshconnect2.c]
2788 - make x11-fwd interop w/ ssh-2.0.13
2789 [README.openssh2]
2790 - interop w/ SecureFX
2791 - Release 2.0.0beta2
ebdeb9a8 2792
bcbf86ec 2793 - Configure caching and cleanup patch from Andre Lucas'
58d100bf 2794 <andre.lucas@dial.pipex.com>
2795
1d1ffb87 279620000507
2797 - Remove references to SSLeay.
2798 - Big OpenBSD CVS update
2799 - markus@cvs.openbsd.org
2800 [clientloop.c]
2801 - typo
2802 [session.c]
2803 - update proctitle on pty alloc/dealloc, e.g. w/ windows client
2804 [session.c]
2805 - update proctitle for proto 1, too
2806 [channels.h nchan.c serverloop.c session.c sshd.c]
2807 - use c-style comments
2808 - deraadt@cvs.openbsd.org
2809 [scp.c]
2810 - more atomicio
bcbf86ec 2811 - markus@cvs.openbsd.org
1d1ffb87 2812 [channels.c]
2813 - set O_NONBLOCK
2814 [ssh.1]
2815 - update AUTHOR
2816 [readconf.c ssh-keygen.c ssh.h]
2817 - default DSA key file ~/.ssh/id_dsa
2818 [clientloop.c]
2819 - typo, rm verbose debug
2820 - deraadt@cvs.openbsd.org
2821 [ssh-keygen.1]
2822 - document DSA use of ssh-keygen
2823 [sshd.8]
2824 - a start at describing what i understand of the DSA side
2825 [ssh-keygen.1]
2826 - document -X and -x
2827 [ssh-keygen.c]
2828 - simplify usage
bcbf86ec 2829 - markus@cvs.openbsd.org
1d1ffb87 2830 [sshd.8]
2831 - there is no rhosts_dsa
2832 [ssh-keygen.1]
2833 - document -y, update -X,-x
2834 [nchan.c]
2835 - fix close for non-open ssh1 channels
2836 [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
2837 - s/DsaKey/HostDSAKey/, document option
2838 [sshconnect2.c]
2839 - respect number_of_password_prompts
2840 [channels.c channels.h servconf.c servconf.h session.c sshd.8]
2841 - GatewayPorts for sshd, ok deraadt@
2842 [ssh-add.1 ssh-agent.1 ssh.1]
2843 - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
2844 [ssh.1]
2845 - more info on proto 2
2846 [sshd.8]
2847 - sync AUTHOR w/ ssh.1
2848 [key.c key.h sshconnect.c]
2849 - print key type when talking about host keys
2850 [packet.c]
2851 - clear padding in ssh2
2852 [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
2853 - replace broken uuencode w/ libc b64_ntop
2854 [auth2.c]
2855 - log failure before sending the reply
2856 [key.c radix.c uuencode.c]
2857 - remote trailing comments before calling __b64_pton
2858 [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
2859 [sshconnect2.c sshd.8]
2860 - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
2861 - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
2862
1a11e1ae 286320000502
0fbe8c74 2864 - OpenBSD CVS update
2865 [channels.c]
2866 - init all fds, close all fds.
2867 [sshconnect2.c]
2868 - check whether file exists before asking for passphrase
2869 [servconf.c servconf.h sshd.8 sshd.c]
2870 - PidFile, pr 1210
2871 [channels.c]
2872 - EINTR
2873 [channels.c]
2874 - unbreak, ok niels@
2875 [sshd.c]
2876 - unlink pid file, ok niels@
2877 [auth2.c]
2878 - Add missing #ifdefs; ok - markus
bcbf86ec 2879 - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
d3083fbd 2880 gathering commands from a text file
1a11e1ae 2881 - Release 2.0.0beta1
2882
c4bc58eb 288320000501
2884 - OpenBSD CVS update
2885 [packet.c]
2886 - send debug messages in SSH2 format
3189621b 2887 [scp.c]
2888 - fix very rare EAGAIN/EINTR issues; based on work by djm
2889 [packet.c]
2890 - less debug, rm unused
2891 [auth2.c]
2892 - disable kerb,s/key in ssh2
2893 [sshd.8]
2894 - Minor tweaks and typo fixes.
2895 [ssh-keygen.c]
2896 - Put -d into usage and reorder. markus ok.
bcbf86ec 2897 - Include missing headers for OpenSSL tests. Fix from Phil Karn
44fb55e9 2898 <karn@ka9q.ampr.org>
bcbf86ec 2899 - Fixed __progname symbol collisions reported by Andre Lucas
3fd95d9a 2900 <andre.lucas@dial.pipex.com>
0d5f7abc 2901 - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
2902 <gd@hilb1.medat.de>
8cb940db 2903 - Add some missing ifdefs to auth2.c
8af50c98 2904 - Deprecate perl-tk askpass.
52bcc044 2905 - Irix portability fixes - don't include netinet headers more than once
2906 - Make sure we don't save PRNG seed more than once
c4bc58eb 2907
2b763e31 290820000430
2909 - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
b7a87eea 2910 - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
2911 patch.
2912 - Adds timeout to entropy collection
2913 - Disables slow entropy sources
2914 - Load and save seed file
bcbf86ec 2915 - Changed entropy seed code to user per-user seeds only (server seed is
b7a87eea 2916 saved in root's .ssh directory)
2917 - Use atexit() and fatal cleanups to save seed on exit
0b242b12 2918 - More OpenBSD updates:
2919 [session.c]
2920 - don't call chan_write_failed() if we are not writing
2921 [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
2922 - keysize warnings error() -> log()
2b763e31 2923
a306f2dd 292420000429
2925 - Merge big update to OpenSSH-2.0 from OpenBSD CVS
2926 [README.openssh2]
2927 - interop w/ F-secure windows client
2928 - sync documentation
2929 - ssh_host_dsa_key not ssh_dsa_key
2930 [auth-rsa.c]
2931 - missing fclose
2932 [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
2933 [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
2934 [sshd.c uuencode.c uuencode.h authfile.h]
2935 - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
2936 for trading keys with the real and the original SSH, directly from the
2937 people who invented the SSH protocol.
2938 [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
2939 [sshconnect1.c sshconnect2.c]
2940 - split auth/sshconnect in one file per protocol version
2941 [sshconnect2.c]
2942 - remove debug
2943 [uuencode.c]
2944 - add trailing =
2945 [version.h]
2946 - OpenSSH-2.0
2947 [ssh-keygen.1 ssh-keygen.c]
2948 - add -R flag: exit code indicates if RSA is alive
2949 [sshd.c]
2950 - remove unused
2951 silent if -Q is specified
2952 [ssh.h]
2953 - host key becomes /etc/ssh_host_dsa_key
2954 [readconf.c servconf.c ]
2955 - ssh/sshd default to proto 1 and 2
2956 [uuencode.c]
2957 - remove debug
2958 [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
2959 - xfree DSA blobs
2960 [auth2.c serverloop.c session.c]
2961 - cleanup logging for sshd/2, respect PasswordAuth no
2962 [sshconnect2.c]
2963 - less debug, respect .ssh/config
2964 [README.openssh2 channels.c channels.h]
bcbf86ec 2965 - clientloop.c session.c ssh.c
a306f2dd 2966 - support for x11-fwding, client+server
2967
0ac7199f 296820000421
2969 - Merge fix from OpenBSD CVS
2970 [ssh-agent.c]
2971 - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
2972 via Debian bug #59926
18ba2aab 2973 - Define __progname in session.c if libc doesn't
2974 - Remove indentation on autoconf #include statements to avoid bug in
bcbf86ec 2975 DEC Tru64 compiler. Report and fix from David Del Piero
18ba2aab 2976 <David.DelPiero@qed.qld.gov.au>
0ac7199f 2977
e1b37056 297820000420
bcbf86ec 2979 - Make fixpaths work with perl4, patch from Andre Lucas
e1b37056 2980 <andre.lucas@dial.pipex.com>
9da5c3c9 2981 - Sync with OpenBSD CVS:
2982 [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
2983 - pid_t
2984 [session.c]
2985 - remove bogus chan_read_failed. this could cause data
2986 corruption (missing data) at end of a SSH2 session.
4e577b89 2987 - Merge fixes from Debian patch from Phil Hands <phil@hands.com>
2988 - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
2989 - Use vhangup to clean up Linux ttys
2990 - Force posix getopt processing on GNU libc systems
371ecff9 2991 - Debian bug #55910 - remove references to ssl(8) manpages
247f1a89 2992 - Debian bug #58031 - ssh_config lies about default cipher
e1b37056 2993
d6f24e45 299420000419
2995 - OpenBSD CVS updates
2996 [channels.c]
2997 - fix pr 1196, listen_port and port_to_connect interchanged
2998 [scp.c]
bcbf86ec 2999 - after completion, replace the progress bar ETA counter with a final
d6f24e45 3000 elapsed time; my idea, aaron wrote the patch
3001 [ssh_config sshd_config]
3002 - show 'Protocol' as an example, ok markus@
3003 [sshd.c]
3004 - missing xfree()
3005 - Add missing header to bsd-misc.c
3006
35484284 300720000416
3008 - Reduce diff against OpenBSD source
bcbf86ec 3009 - All OpenSSL includes are now unconditionally referenced as
35484284 3010 openssl/foo.h
3011 - Pick up formatting changes
3012 - Other minor changed (typecasts, etc) that I missed
3013
6ae2364d 301420000415
3015 - OpenBSD CVS updates.
3016 [ssh.1 ssh.c]
3017 - ssh -2
3018 [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
3019 [session.c sshconnect.c]
3020 - check payload for (illegal) extra data
3021 [ALL]
3022 whitespace cleanup
3023
c323ac76 302420000413
3025 - INSTALL doc updates
f54651ce 3026 - Merged OpenBSD updates to include paths.
bcbf86ec 3027
a8be9f80 302820000412
3029 - OpenBSD CVS updates:
3030 - [channels.c]
3031 repair x11-fwd
3032 - [sshconnect.c]
3033 fix passwd prompt for ssh2, less debugging output.
3034 - [clientloop.c compat.c dsa.c kex.c sshd.c]
3035 less debugging output
3036 - [kex.c kex.h sshconnect.c sshd.c]
3037 check for reasonable public DH values
3038 - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
3039 [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
3040 add Cipher and Protocol options to ssh/sshd, e.g.:
3041 ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
3042 arcfour,3des-cbc'
3043 - [sshd.c]
3044 print 1.99 only if server supports both
3045
18e92801 304620000408
3047 - Avoid some compiler warnings in fake-get*.c
3048 - Add IPTOS macros for systems which lack them
9d98aaf6 3049 - Only set define entropy collection macros if they are found
e78a59f5 3050 - More large OpenBSD CVS updates:
3051 - [auth.c auth.h servconf.c servconf.h serverloop.c session.c]
3052 [session.h ssh.h sshd.c README.openssh2]
3053 ssh2 server side, see README.openssh2; enable with 'sshd -2'
3054 - [channels.c]
3055 no adjust after close
3056 - [sshd.c compat.c ]
3057 interop w/ latest ssh.com windows client.
61e96248 3058
8ce64345 305920000406
3060 - OpenBSD CVS update:
3061 - [channels.c]
3062 close efd on eof
3063 - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
3064 ssh2 client implementation, interops w/ ssh.com and lsh servers.
3065 - [sshconnect.c]
3066 missing free.
3067 - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
3068 remove unused argument, split cipher_mask()
3069 - [clientloop.c]
3070 re-order: group ssh1 vs. ssh2
3071 - Make Redhat spec require openssl >= 0.9.5a
3072
e7627112 307320000404
3074 - Add tests for RAND_add function when searching for OpenSSL
7e7327a1 3075 - OpenBSD CVS update:
3076 - [packet.h packet.c]
3077 ssh2 packet format
3078 - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
3079 [channels.h channels.c]
3080 channel layer support for ssh2
3081 - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
3082 DSA, keyexchange, algorithm agreement for ssh2
6c081128 3083 - Generate manpages before make install not at the end of make all
3084 - Don't seed the rng quite so often
3085 - Always reseed rng when requested
e7627112 3086
bfc9a610 308720000403
3088 - Wrote entropy collection routines for systems that lack /dev/random
3089 and EGD
837c30b8 3090 - Disable tests and typedefs for 64 bit types. They are currently unused.
bfc9a610 3091
7368a6c8 309220000401
3093 - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
3094 - [auth.c session.c sshd.c auth.h]
3095 split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
3096 - [bufaux.c bufaux.h]
3097 support ssh2 bignums
3098 - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
3099 [readconf.c ssh.c ssh.h serverloop.c]
3100 replace big switch() with function tables (prepare for ssh2)
3101 - [ssh2.h]
3102 ssh2 message type codes
3103 - [sshd.8]
3104 reorder Xr to avoid cutting
3105 - [serverloop.c]
3106 close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
3107 - [channels.c]
3108 missing close
3109 allow bigger packets
3110 - [cipher.c cipher.h]
3111 support ssh2 ciphers
3112 - [compress.c]
3113 cleanup, less code
3114 - [dispatch.c dispatch.h]
3115 function tables for different message types
3116 - [log-server.c]
3117 do not log() if debuggin to stderr
3118 rename a cpp symbol, to avoid param.h collision
3119 - [mpaux.c]
3120 KNF
3121 - [nchan.c]
3122 sync w/ channels.c
3123
f5238bee 312420000326
3125 - Better tests for OpenSSL w/ RSAref
bcbf86ec 3126 - Added replacement setenv() function from OpenBSD libc. Suggested by
f5238bee 3127 Ben Lindstrom <mouring@pconline.com>
4fe2af09 3128 - OpenBSD CVS update
3129 - [auth-krb4.c]
3130 -Wall
3131 - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
3132 [match.h ssh.c ssh.h sshconnect.c sshd.c]
3133 initial support for DSA keys. ok deraadt@, niels@
3134 - [cipher.c cipher.h]
3135 remove unused cipher_attack_detected code
3136 - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
3137 Fix some formatting problems I missed before.
3138 - [ssh.1 sshd.8]
3139 fix spelling errors, From: FreeBSD
3140 - [ssh.c]
3141 switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
f5238bee 3142
0024a081 314320000324
3144 - Released 1.2.3
3145
bd499f9e 314620000317
3147 - Clarified --with-default-path option.
3148 - Added -blibpath handling for AIX to work around stupid runtime linking.
3149 Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
986a22ec 3150 <jmknoble@jmknoble.cx>
474b5fef 3151 - Checks for 64 bit int types. Problem report from Mats Fredholm
3152 <matsf@init.se>
610cd5c6 3153 - OpenBSD CVS updates:
bcbf86ec 3154 - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
610cd5c6 3155 [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
3156 [sshd.c]
3157 pedantic: signed vs. unsigned, void*-arithm, etc
3158 - [ssh.1 sshd.8]
3159 Various cleanups and standardizations.
bcbf86ec 3160 - Runtime error fix for HPUX from Otmar Stahl
be48d23c 3161 <O.Stahl@lsw.uni-heidelberg.de>
bd499f9e 3162
4696775a 316320000316
bcbf86ec 3164 - Fixed configure not passing LDFLAGS to Solaris. Report from David G.
4696775a 3165 Hesprich <dghespri@sprintparanet.com>
d423d822 3166 - Propogate LD through to Makefile
b7a9ce47 3167 - Doc cleanups
2ba2a610 3168 - Added blurb about "scp: command not found" errors to UPGRADING
4696775a 3169
cb0b7ea4 317020000315
3171 - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
3172 problems with gcc/Solaris.
bcbf86ec 3173 - Don't free argument to putenv() after use (in setenv() replacement).
db55a3ea 3174 Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
bcbf86ec 3175 - Created contrib/ subdirectory. Included helpers from Phil Hands'
13652e52 3176 Debian package, README file and chroot patch from Ricardo Cerqueira
3177 <rmcc@clix.pt>
bcbf86ec 3178 - Moved gnome-ssh-askpass.c to contrib directory and removed config
13652e52 3179 option.
3180 - Slight cleanup to doc files
b14b2ae7 3181 - Configure fix from Bratislav ILICH <bilic@zepter.ru>
cb0b7ea4 3182
a8ed9fd9 318320000314
bcbf86ec 3184 - Include macro for IN6_IS_ADDR_V4MAPPED. Report from
a8ed9fd9 3185 peter@frontierflying.com
84afc958 3186 - Include /usr/local/include and /usr/local/lib for systems that don't
3187 do it themselves
3188 - -R/usr/local/lib for Solaris
3189 - Fix RSAref detection
3190 - Fix IN6_IS_ADDR_V4MAPPED macro
a8ed9fd9 3191
bcf36c78 319220000311
3193 - Detect RSAref
43e48848 3194 - OpenBSD CVS change
3195 [sshd.c]
3196 - disallow guessing of root password
867dbf40 3197 - More configure fixes
80faa19f 3198 - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
bcf36c78 3199
c8d54615 320020000309
3201 - OpenBSD CVS updates to v1.2.3
704b1659 3202 [ssh.h atomicio.c]
3203 - int atomicio -> ssize_t (for alpha). ok deraadt@
3204 [auth-rsa.c]
3205 - delay MD5 computation until client sends response, free() early, cleanup.
3206 [cipher.c]
3207 - void* -> unsigned char*, ok niels@
3208 [hostfile.c]
3209 - remove unused variable 'len'. fix comments.
3210 - remove unused variable
3211 [log-client.c log-server.c]
3212 - rename a cpp symbol, to avoid param.h collision
3213 [packet.c]
3214 - missing xfree()
3215 - getsockname() requires initialized tolen; andy@guildsoftware.com
3216 - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
3217 from Holger.Trapp@Informatik.TU-Chemnitz.DE
3218 [pty.c pty.h]
bcbf86ec 3219 - register cleanup for pty earlier. move code for pty-owner handling to
c8d54615 3220 pty.c ok provos@, dugsong@
704b1659 3221 [readconf.c]
3222 - turn off x11-fwd for the client, too.
3223 [rsa.c]
3224 - PKCS#1 padding
3225 [scp.c]
3226 - allow '.' in usernames; from jedgar@fxp.org
3227 [servconf.c]
3228 - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
3229 - sync with sshd_config
3230 [ssh-keygen.c]
3231 - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
3232 [ssh.1]
3233 - Change invalid 'CHAT' loglevel to 'VERBOSE'
3234 [ssh.c]
3235 - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
3236 - turn off x11-fwd for the client, too.
3237 [sshconnect.c]
3238 - missing xfree()
3239 - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
3240 - read error vs. "Connection closed by remote host"
3241 [sshd.8]
3242 - ie. -> i.e.,
3243 - do not link to a commercial page..
3244 - sync with sshd_config
3245 [sshd.c]
3246 - no need for poll.h; from bright@wintelcom.net
3247 - log with level log() not fatal() if peer behaves badly.
3248 - don't panic if client behaves strange. ok deraadt@
3249 - make no-port-forwarding for RSA keys deny both -L and -R style fwding
3250 - delay close() of pty until the pty has been chowned back to root
3251 - oops, fix comment, too.
3252 - missing xfree()
3253 - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
3254 (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
bcbf86ec 3255 - register cleanup for pty earlier. move code for pty-owner handling to
704b1659 3256 pty.c ok provos@, dugsong@
3257 - create x11 cookie file
3258 - fix pr 1113, fclose() -> pclose(), todo: remote popen()
3259 - version 1.2.3
c8d54615 3260 - Cleaned up
bcbf86ec 3261 - Removed warning workaround for Linux and devpts filesystems (no longer
d8223847 3262 required after OpenBSD updates)
c8d54615 3263
07055445 326420000308
3265 - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp>
3266
326720000307
3268 - Released 1.2.2p1
3269
9c8c3fc6 327020000305
3271 - Fix DEC compile fix
54096dcc 3272 - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
aa6bd60a 3273 - Check for getpagesize in libucb.a if not found in libc. Fix for old
3274 Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
bcbf86ec 3275 - Check for libwrap if --with-tcp-wrappers option specified. Suggestion
9fc7867e 3276 Mate Wierdl <mw@moni.msci.memphis.edu>
9c8c3fc6 3277
6bf4d066 327820000303
3279 - Added "make host-key" target, Suggestion from Dominik Brettnacher
3280 <domi@saargate.de>
bcbf86ec 3281 - Don't permanently fail on bind() if getaddrinfo has more choices left for
16218745 3282 us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
3283 Miskiewicz <misiek@pld.org.pl>
22fa590f 3284 - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
3285 - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
6bf4d066 3286
a0391976 328720000302
3288 - Big cleanup of autoconf code
3289 - Rearranged to be a little more logical
3290 - Added -R option for Solaris
3291 - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
3292 to detect library and header location _and_ ensure library has proper
3293 RSA support built in (this is a problem with OpenSSL 0.9.5).
817175bc 3294 - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de
0a1718dc 3295 - Avoid warning message with Unix98 ptys
bcbf86ec 3296 - Warning was valid - possible race condition on PTYs. Avoided using
3276571c 3297 platform-specific code.
3298 - Document some common problems
bcbf86ec 3299 - Allow root access to any key. Patch from
81eef326 3300 markus.friedl@informatik.uni-erlangen.de
a0391976 3301
f55afe71 330220000207
3303 - Removed SOCKS code. Will support through a ProxyCommand.
3304
d07d1c58 330520000203
3306 - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu
d581b7ae 3307 - Add --with-ssl-dir option
d07d1c58 3308
9d5f374b 330920000202
bcbf86ec 3310 - Fix lastlog code for directory based lastlogs. Fix from Josh Durham
9d5f374b 3311 <jmd@aoe.vt.edu>
6b1f3fdb 3312 - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
bcbf86ec 3313 - Added URLs to Japanese translations of documents by HARUYAMA Seigo
6b1f3fdb 3314 <haruyama@nt.phys.s.u-tokyo.ac.jp>
9d5f374b 3315
bc8c2601 331620000201
3317 - Use socket pairs by default (instead of pipes). Prevents race condition
3318 on several (buggy) OSs. Report and fix from tridge@linuxcare.com
3319
69c76614 332020000127
3321 - Seed OpenSSL's random number generator before generating RSA keypairs
3322 - Split random collector into seperate file
aaf2abd7 3323 - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com>
69c76614 3324
f9507c24 332520000126
3326 - Released 1.2.2 stable
3327
bcbf86ec 3328 - NeXT keeps it lastlog in /usr/adm. Report from
f9507c24 3329 mouring@newton.pconline.com
bcbf86ec 3330 - Added note in UPGRADING re interop with commercial SSH using idea.
986a22ec 3331 Report from Jim Knoble <jmknoble@jmknoble.cx>
587120ad 3332 - Fix linking order for Kerberos/AFS. Fix from Holget Trapp
3333 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
f9507c24 3334
bfae20ad 333520000125
bcbf86ec 3336 - Fix NULL pointer dereference in login.c. Fix from Andre Lucas
bfae20ad 3337 <andre.lucas@dial.pipex.com>
07b0cb78 3338 - Reorder PAM initialisation so it does not mess up lastlog. Reported
3339 by Andre Lucas <andre.lucas@dial.pipex.com>
bcbf86ec 3340 - Use preformatted manpages on SCO, report from Gary E. Miller
9755cbdb 3341 <gem@rellim.com>
3342 - New URL for x11-ssh-askpass.
bcbf86ec 3343 - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
986a22ec 3344 <jmknoble@jmknoble.cx>
bcbf86ec 3345 - Added 'DESTDIR' option to Makefile to ease package building. Patch from
986a22ec 3346 Jim Knoble <jmknoble@jmknoble.cx>
ff8ecdb8 3347 - Updated RPM spec files to use DESTDIR
bfae20ad 3348
bb58aa4b 334920000124
3350 - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
3351 increment)
3352
d45317d8 335320000123
3354 - OpenBSD CVS:
3355 - [packet.c]
3356 getsockname() requires initialized tolen; andy@guildsoftware.com
bcbf86ec 3357 - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
4c40f834 3358 <drankin@bohemians.lexington.ky.us>
12aa90af 3359 - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
d45317d8 3360
e844f761 336120000122
3362 - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
3363 <bent@clark.net>
c54a6257 3364 - Merge preformatted manpage patch from Andre Lucas
3365 <andre.lucas@dial.pipex.com>
8eb34e02 3366 - Make IPv4 use the default in RPM packages
3367 - Irix uses preformatted manpages
1e64903d 3368 - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
3369 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
9bc5ddfe 3370 - OpenBSD CVS updates:
3371 - [packet.c]
3372 use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
3373 from Holger.Trapp@Informatik.TU-Chemnitz.DE
3374 - [sshd.c]
3375 log with level log() not fatal() if peer behaves badly.
3376 - [readpass.c]
bcbf86ec 3377 instead of blocking SIGINT, catch it ourselves, so that we can clean
3378 the tty modes up and kill ourselves -- instead of our process group
61e96248 3379 leader (scp, cvs, ...) going away and leaving us in noecho mode.
9bc5ddfe 3380 people with cbreak shells never even noticed..
399d9d44 3381 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
3382 ie. -> i.e.,
e844f761 3383
4c8ef3fb 338420000120
3385 - Don't use getaddrinfo on AIX
7b2ea3a1 3386 - Update to latest OpenBSD CVS:
3387 - [auth-rsa.c]
3388 - fix user/1056, sshd keeps restrictions; dbt@meat.net
3389 - [sshconnect.c]
3390 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
3391 - destroy keys earlier
bcbf86ec 3392 - split key exchange (kex) and user authentication (user-auth),
d468fc76 3393 ok: provos@
7b2ea3a1 3394 - [sshd.c]
3395 - no need for poll.h; from bright@wintelcom.net
3396 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
bcbf86ec 3397 - split key exchange (kex) and user authentication (user-auth),
d468fc76 3398 ok: provos@
f3bba493 3399 - Big manpage and config file cleanup from Andre Lucas
3400 <andre.lucas@dial.pipex.com>
5f4fdfae 3401 - Re-added latest (unmodified) OpenBSD manpages
47f9a56a 3402 - Doc updates
d468fc76 3403 - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
3404 Christos Zoulas <christos@netbsd.org>
4c8ef3fb 3405
082bbfb3 340620000119
20af321f 3407 - SCO compile fixes from Gary E. Miller <gem@rellim.com>
082bbfb3 3408 - Compile fix from Darren_Hall@progressive.com
59e76f33 3409 - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
3410 addresses using getaddrinfo(). Added a configure switch to make the
3411 default lookup mode AF_INET
082bbfb3 3412
a63a7f37 341320000118
3414 - Fixed --with-pid-dir option
51a6baf8 3415 - Makefile fix from Gary E. Miller <gem@rellim.com>
61e96248 3416 - Compile fix for HPUX and Solaris from Andre Lucas
976f7e19 3417 <andre.lucas@dial.pipex.com>
a63a7f37 3418
f914c7fb 341920000117
3420 - Clean up bsd-bindresvport.c. Use arc4random() for picking initial
3421 port, ignore EINVAL errors (Linux) when searching for free port.
bcbf86ec 3422 - Revert __snprintf -> snprintf aliasing. Apparently Solaris
de93b046 3423 __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org>
9b363e1c 3424 - Document location of Redhat PAM file in INSTALL.
bcbf86ec 3425 - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6
3426 INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to
f4a7cf29 3427 deliver (no IPv6 kernel support)
80a44451 3428 - Released 1.2.1pre27
f914c7fb 3429
f4a7cf29 3430 - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c)
bcbf86ec 3431 - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
cf8ad170 3432 <jhuuskon@hytti.uku.fi>
bcbf86ec 3433 - Fix hang on logout if processes are still using the pty. Needs
691a8a9f 3434 further testing.
5957fd29 3435 - Patch from Christos Zoulas <christos@zoulas.com>
3436 - Try $prefix first when looking for OpenSSL.
3437 - Include sys/types.h when including sys/socket.h in test programs
bcbf86ec 3438 - Substitute PID directory in sshd.8. Suggestion from Andrew
19d9ac2a 3439 Stribblehill <a.d.stribblehill@durham.ac.uk>
f4a7cf29 3440
47e45e44 344120000116
3442 - Renamed --with-xauth-path to --with-xauth
3443 - Added --with-pid-dir option
3444 - Released 1.2.1pre26
3445
a82ef8ae 3446 - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
bcbf86ec 3447 - Fixed broken bugfix for /dev/ptmx on Linux systems which lack
66be05a1 3448 openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
a82ef8ae 3449
5cdfe03f 345020000115
3451 - Add --with-xauth-path configure directive and explicit test for
bcbf86ec 3452 /usr/openwin/bin/xauth for Solaris systems. Report from Anders
5cdfe03f 3453 Nordby <anders@fix.no>
bcbf86ec 3454 - Fix incorrect detection of /dev/ptmx on Linux systems that lack
5cdfe03f 3455 openpty. Report from John Seifarth <john@waw.be>
3456 - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in
bcbf86ec 3457 sys/types.h. Fixes problems on SCO, report from Gary E. Miller
5cdfe03f 3458 <gem@rellim.com>
3459 - Use __snprintf and __vnsprintf if they are found where snprintf and
3460 vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net>
3461 and others.
3462
48e671d5 346320000114
3464 - Merged OpenBSD IPv6 patch:
3465 - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
3466 [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
3467 [hostfile.c sshd_config]
3468 ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
bcbf86ec 3469 features: sshd allows multiple ListenAddress and Port options. note
3470 that libwrap is not IPv6-ready. (based on patches from
48e671d5 3471 fujiwara@rcac.tdi.co.jp)
3472 - [ssh.c canohost.c]
bcbf86ec 3473 more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
48e671d5 3474 from itojun@
3475 - [channels.c]
3476 listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
3477 - [packet.h]
3478 allow auth-kerberos for IPv4 only
3479 - [scp.1 sshd.8 servconf.h scp.c]
3480 document -4, -6, and 'ssh -L 2022/::1/22'
3481 - [ssh.c]
bcbf86ec 3482 'ssh @host' is illegal (null user name), from
48e671d5 3483 karsten@gedankenpolizei.de
3484 - [sshconnect.c]
3485 better error message
3486 - [sshd.c]
3487 allow auth-kerberos for IPv4 only
3488 - Big IPv6 merge:
3489 - Cleanup overrun in sockaddr copying on RHL 6.1
3490 - Replacements for getaddrinfo, getnameinfo, etc based on versions
3491 from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
3492 - Replacement for missing structures on systems that lack IPv6
3493 - record_login needed to know about AF_INET6 addresses
3494 - Borrowed more code from OpenBSD: rresvport_af and requisites
3495
2598df62 349620000110
3497 - Fixes to auth-skey to enable it to use the standard OpenSSL libraries
3498
b8a0310d 349920000107
3500 - New config.sub and config.guess to fix problems on SCO. Supplied
3501 by Gary E. Miller <gem@rellim.com>
b6a98a85 3502 - SCO build fix from Gary E. Miller <gem@rellim.com>
2598df62 3503 - Released 1.2.1pre25
b8a0310d 3504
dfb95100 350520000106
3506 - Documentation update & cleanup
3507 - Better KrbIV / AFS detection, based on patch from:
3508 Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
3509
b9795b89 351020000105
bcbf86ec 3511 - Fixed annoying DES corruption problem. libcrypt has been
b9795b89 3512 overriding symbols in libcrypto. Removed libcrypt and crypt.h
3513 altogether (libcrypto includes its own crypt(1) replacement)
3514 - Added platform-specific rules for Irix 6.x. Included warning that
3515 they are untested.
3516
a1ec4d79 351720000103
3518 - Add explicit make rules for files proccessed by fixpaths.
61e96248 3519 - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
a1ec4d79 3520 <tnh@kondara.org>
bcbf86ec 3521 - Removed "nullok" directive from default PAM configuration files.
3522 Added information on enabling EmptyPasswords on openssh+PAM in
607d73e6 3523 UPGRADING file.
e02735bb 3524 - OpenBSD CVS updates
3525 - [ssh-agent.c]
bcbf86ec 3526 cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and
e02735bb 3527 dgaudet@arctic.org
3528 - [sshconnect.c]
3529 compare correct version for 1.3 compat mode
a1ec4d79 3530
93c7f644 353120000102
3532 - Prevent multiple inclusion of config.h and defines.h. Suggested
3533 by Andre Lucas <andre.lucas@dial.pipex.com>
3534 - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet
3535 <dgaudet@arctic.org>
3536
76b8607f 353719991231
bcbf86ec 3538 - Fix password support on systems with a mixture of shadowed and
3539 non-shadowed passwords (e.g. NIS). Report and fix from
76b8607f 3540 HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
bcbf86ec 3541 - Fix broken autoconf typedef detection. Report from Marc G.
723221b5 3542 Fournier <marc.fournier@acadiau.ca>
b92964b7 3543 - Fix occasional crash on LinuxPPC. Patch from Franz Sirl
3544 <Franz.Sirl-kernel@lauterbach.com>
bcbf86ec 3545 - Prevent typedefs from being compiled more than once. Report from
a6ddc88b 3546 Marc G. Fournier <marc.fournier@acadiau.ca>
4811cc0b 3547 - Fill in ut_utaddr utmp field. Report from Benjamin Charron
3548 <iretd@bigfoot.com>
bcbf86ec 3549 - Really fix broken default path. Fix from Jim Knoble
986a22ec 3550 <jmknoble@jmknoble.cx>
ae3a3d31 3551 - Remove test for quad_t. No longer needed.
76a8e733 3552 - Released 1.2.1pre24
3553
3554 - Added support for directory-based lastlogs
3555 - Really fix typedefs, patch from Ben Taylor <bent@clark.net>
76b8607f 3556
13f825f4 355719991230
3558 - OpenBSD CVS updates:
3559 - [auth-passwd.c]
3560 check for NULL 1st
bcbf86ec 3561 - Removed most of the pam code into its own file auth-pam.[ch]. This
a5c9cd31 3562 cleaned up sshd.c up significantly.
bcbf86ec 3563 - PAM authentication was incorrectly interpreting
76b8607f 3564 "PermitRootLogin without-password". Report from Matthias Andree
3565 <ma@dt.e-technik.uni-dortmund.de
a5c9cd31 3566 - Several other cleanups
0bc5b6fb 3567 - Merged Dante SOCKS support patch from David Rankin
3568 <drankin@bohemians.lexington.ky.us>
3569 - Updated documentation with ./configure options
76b8607f 3570 - Released 1.2.1pre23
13f825f4 3571
c73a0cb5 357219991229
bcbf86ec 3573 - Applied another NetBSD portability patch from David Rankin
c73a0cb5 3574 <drankin@bohemians.lexington.ky.us>
3575 - Fix --with-default-path option.
bcbf86ec 3576 - Autodetect perl, patch from David Rankin
a0f84251 3577 <drankin@bohemians.lexington.ky.us>
bcbf86ec 3578 - Print whether OpenSSH was compiled with RSARef, patch from
0a2ff95d 3579 Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
bcbf86ec 3580 - Calls to pam_setcred, patch from Nalin Dahyabhai
f91bacbd 3581 <nalin@thermo.stat.ncsu.edu>
e3a93db0 3582 - Detect missing size_t and typedef it.
5ab44a92 3583 - Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
3584 - Minor Makefile cleaning
c73a0cb5 3585
b6019d68 358619991228
3587 - Replacement for getpagesize() for systems which lack it
bcbf86ec 3588 - NetBSD login.c compile fix from David Rankin
70e0115b 3589 <drankin@bohemians.lexington.ky.us>
3590 - Fully set ut_tv if present in utmp or utmpx
d94aa2ae 3591 - Portability fixes for Irix 5.3 (now compiles OK!)
3592 - autoconf and other misc cleanups
ea1970a3 3593 - Merged AIX patch from Darren Hall <dhall@virage.org>
3594 - Cleaned up defines.h
fa9a2dd6 3595 - Released 1.2.1pre22
b6019d68 3596
d2dcff5f 359719991227
3598 - Automatically correct paths in manpages and configuration files. Patch
3599 and script from Andre Lucas <andre.lucas@dial.pipex.com>
3600 - Removed credits from README to CREDITS file, updated.
cb807f40 3601 - Added --with-default-path to specify custom path for server
3602 - Removed #ifdef trickery from acconfig.h into defines.h
36a5b38e 3603 - PAM bugfix. PermitEmptyPassword was being ignored.
3604 - Fixed PAM config files to allow empty passwords if server does.
3605 - Explained spurious PAM auth warning workaround in UPGRADING
21feb5fa 3606 - Use last few chars of tty line as ut_id
5a7794be 3607 - New SuSE RPM spec file from Chris Saia <csaia@wtower.com>
00e6dd70 3608 - OpenBSD CVS updates:
3609 - [packet.h auth-rhosts.c]
3610 check format string for packet_disconnect and packet_send_debug, too
3611 - [channels.c]
3612 use packet_get_maxsize for channels. consistence.
d2dcff5f 3613
f74efc8d 361419991226
3615 - Enabled utmpx support by default for Solaris
3616 - Cleanup sshd.c PAM a little more
986a22ec 3617 - Revised RPM package to include Jim Knoble's <jmknoble@jmknoble.cx>
bc7ea646 3618 X11 ssh-askpass program.
20c43d8c 3619 - Disable logging of PAM success and failures, PAM is verbose enough.
bcbf86ec 3620 Unfortunatly there is currently no way to disable auth failure
3621 messages. Mention this in UPGRADING file and sent message to PAM
20c43d8c 3622 developers
83b7f649 3623 - OpenBSD CVS update:
3624 - [ssh-keygen.1 ssh.1]
bcbf86ec 3625 remove ref to .ssh/random_seed, mention .ssh/environment in
83b7f649 3626 .Sh FILES, too
72251cb6 3627 - Released 1.2.1pre21
bcbf86ec 3628 - Fixed implicit '.' in default path, report from Jim Knoble
986a22ec 3629 <jmknoble@jmknoble.cx>
3630 - Redhat RPM spec fixes from Jim Knoble <jmknoble@jmknoble.cx>
f74efc8d 3631
f498ed15 363219991225
3633 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
3634 - Cleanup of auth-passwd.c for shadow and MD5 passwords
3635 - Cleanup and bugfix of PAM authentication code
f74efc8d 3636 - Released 1.2.1pre20
3637
3638 - Merged fixes from Ben Taylor <bent@clark.net>
3639 - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
3640 - Disabled logging of PAM password authentication failures when password
3641 is empty. (e.g start of authentication loop). Reported by Naz
3642 <96na@eng.cam.ac.uk>)
f498ed15 3643
364419991223
bcbf86ec 3645 - Merged later HPUX patch from Andre Lucas
f498ed15 3646 <andre.lucas@dial.pipex.com>
3647 - Above patch included better utmpx support from Ben Taylor
f74efc8d 3648 <bent@clark.net>
f498ed15 3649
eef6f7e9 365019991222
bcbf86ec 3651 - Fix undefined fd_set type in ssh.h from Povl H. Pedersen
eef6f7e9 3652 <pope@netguide.dk>
ae28776a 3653 - Fix login.c breakage on systems which lack ut_host in struct
3654 utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
eef6f7e9 3655
a7effaac 365619991221
bcbf86ec 3657 - Integration of large HPUX patch from Andre Lucas
3658 <andre.lucas@dial.pipex.com>. Integrating it had a few other
a7effaac 3659 benefits:
3660 - Ability to disable shadow passwords at configure time
3661 - Ability to disable lastlog support at configure time
3662 - Support for IP address in $DISPLAY
ae2f7af7 3663 - OpenBSD CVS update:
3664 - [sshconnect.c]
3665 say "REMOTE HOST IDENTIFICATION HAS CHANGED"
59dd7a31 3666 - Fix DISABLE_SHADOW support
3667 - Allow MD5 passwords even if shadow passwords are disabled
16034de9 3668 - Release 1.2.1pre19
a7effaac 3669
3f1d9bcd 367019991218
bcbf86ec 3671 - Redhat init script patch from Chun-Chung Chen
3f1d9bcd 3672 <cjj@u.washington.edu>
7e1c2490 3673 - Avoid breakage on systems without IPv6 headers
3f1d9bcd 3674
60d804c8 367519991216
bcbf86ec 3676 - Makefile changes for Solaris from Peter Kocks
60d804c8 3677 <peter.kocks@baygate.com>
89cafde6 3678 - Minor updates to docs
3679 - Merged OpenBSD CVS changes:
3680 - [authfd.c ssh-agent.c]
3681 keysize warnings talk about identity files
3682 - [packet.c]
3683 "Connection closed by x.x.x.x": fatal() -> log()
bcbf86ec 3684 - Correctly handle empty passwords in shadow file. Patch from:
c9d323f0 3685 "Chris, the Young One" <cky@pobox.com>
3686 - Released 1.2.1pre18
60d804c8 3687
7dc6fc6d 368819991215
3689 - Integrated patchs from Juergen Keil <jk@tools.de>
3690 - Avoid void* pointer arithmatic
3691 - Use LDFLAGS correctly
68227e6d 3692 - Fix SIGIO error in scp
3693 - Simplify status line printing in scp
61e96248 3694 - Added better test for inline functions compiler support from
906a2515 3695 Darren_Hall@progressive.com
7dc6fc6d 3696
95f1eccc 369719991214
3698 - OpenBSD CVS Changes
3699 - [canohost.c]
bcbf86ec 3700 fix get_remote_port() and friends for sshd -i;
95f1eccc 3701 Holger.Trapp@Informatik.TU-Chemnitz.DE
3702 - [mpaux.c]
3703 make code simpler. no need for memcpy. niels@ ok
3704 - [pty.c]
3705 namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org
3706 fix proto; markus
3707 - [ssh.1]
3708 typo; mark.baushke@solipsa.com
3709 - [channels.c ssh.c ssh.h sshd.c]
3710 type conflict for 'extern Type *options' in channels.c; dot@dotat.at
3711 - [sshconnect.c]
3712 move checking of hostkey into own function.
3713 - [version.h]
3714 OpenSSH-1.2.1
884bcb37 3715 - Clean up broken includes in pty.c
7303768f 3716 - Some older systems don't have poll.h, they use sys/poll.h instead
3717 - Doc updates
95f1eccc 3718
847e8865 371919991211
bcbf86ec 3720 - Fix compilation on systems with AFS. Reported by
847e8865 3721 aloomis@glue.umd.edu
bcbf86ec 3722 - Fix installation on Solaris. Reported by
847e8865 3723 Gordon Rowell <gordonr@gormand.com.au>
3724 - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
3725 patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
3726 - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
3727 - Compile fix from David Agraz <dagraz@jahoopa.com>
3728 - Avoid compiler warning in bsd-snprintf.c
bcbf86ec 3729 - Added pam_limits.so to default PAM config. Suggested by
986a22ec 3730 Jim Knoble <jmknoble@jmknoble.cx>
847e8865 3731
8946db53 373219991209
3733 - Import of patch from Ben Taylor <bent@clark.net>:
3734 - Improved PAM support
3735 - "uninstall" rule for Makefile
3736 - utmpx support
3737 - Should fix PAM problems on Solaris
2d86a6cc 3738 - OpenBSD CVS updates:
3739 - [readpass.c]
3740 avoid stdio; based on work by markus, millert, and I
3741 - [sshd.c]
3742 make sure the client selects a supported cipher
3743 - [sshd.c]
bcbf86ec 3744 fix sighup handling. accept would just restart and daemon handled
3745 sighup only after the next connection was accepted. use poll on
2d86a6cc 3746 listen sock now.
3747 - [sshd.c]
3748 make that a fatal
87e91331 3749 - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us>
3750 to fix libwrap support on NetBSD
5001b9e4 3751 - Released 1.2pre17
8946db53 3752
6d8c4ea4 375319991208
bcbf86ec 3754 - Compile fix for Solaris with /dev/ptmx from
6d8c4ea4 3755 David Agraz <dagraz@jahoopa.com>
3756
4285816a 375719991207
986a22ec 3758 - sshd Redhat init script patch from Jim Knoble <jmknoble@jmknoble.cx>
4285816a 3759 fixes compatability with 4.x and 5.x
db28aeb5 3760 - Fixed default SSH_ASKPASS
bcbf86ec 3761 - Fix PAM account and session being called multiple times. Problem
d465f2ca 3762 reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk>
a408af76 3763 - Merged more OpenBSD changes:
3764 - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
bcbf86ec 3765 move atomicio into it's own file. wrap all socket write()s which
a408af76 3766 were doing write(sock, buf, len) != len, with atomicio() calls.
3767 - [auth-skey.c]
3768 fd leak
3769 - [authfile.c]
3770 properly name fd variable
3771 - [channels.c]
3772 display great hatred towards strcpy
3773 - [pty.c pty.h sshd.c]
3774 use openpty() if it exists (it does on BSD4_4)
3775 - [tildexpand.c]
3776 check for ~ expansion past MAXPATHLEN
3777 - Modified helper.c to use new atomicio function.
3778 - Reformat Makefile a little
3779 - Moved RC4 routines from rc4.[ch] into helper.c
3780 - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
9983a8ca 3781 - Updated SuSE spec from Chris Saia <csaia@wtower.com>
3782 - Tweaked Redhat spec
9158d92f 3783 - Clean up bad imports of a few files (forgot -kb)
3784 - Released 1.2pre16
4285816a 3785
9c7b6dfd 378619991204
3787 - Small cleanup of PAM code in sshd.c
57112b5a 3788 - Merged OpenBSD CVS changes:
3789 - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h]
3790 move skey-auth from auth-passwd.c to auth-skey.c, same for krb4
3791 - [auth-rsa.c]
3792 warn only about mismatch if key is _used_
3793 warn about keysize-mismatch with log() not error()
3794 channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c
3795 ports are u_short
3796 - [hostfile.c]
3797 indent, shorter warning
3798 - [nchan.c]
3799 use error() for internal errors
3800 - [packet.c]
3801 set loglevel for SSH_MSG_DISCONNECT to log(), not fatal()
3802 serverloop.c
3803 indent
3804 - [ssh-add.1 ssh-add.c ssh.h]
3805 document $SSH_ASKPASS, reasonable default
3806 - [ssh.1]
3807 CheckHostIP is not available for connects via proxy command
3808 - [sshconnect.c]
3809 typo
3810 easier to read client code for passwd and skey auth
3811 turn of checkhostip for proxy connects, since we don't know the remote ip
9c7b6dfd 3812
dad3b556 381319991126
3814 - Add definition for __P()
3815 - Added [v]snprintf() replacement for systems that lack it
3816
0ce43ae4 381719991125
3818 - More reformatting merged from OpenBSD CVS
3819 - Merged OpenBSD CVS changes:
3820 - [channels.c]
3821 fix packet_integrity_check() for !have_hostname_in_open.
3822 report from mrwizard@psu.edu via djm@ibs.com.au
3823 - [channels.c]
3824 set SO_REUSEADDR and SO_LINGER for forwarded ports.
3825 chip@valinux.com via damien@ibs.com.au
3826 - [nchan.c]
3827 it's not an error() if shutdown_write failes in nchan.
3828 - [readconf.c]
3829 remove dead #ifdef-0-code
3830 - [readconf.c servconf.c]
3831 strcasecmp instead of tolower
3832 - [scp.c]
3833 progress meter overflow fix from damien@ibs.com.au
3834 - [ssh-add.1 ssh-add.c]
3835 SSH_ASKPASS support
3836 - [ssh.1 ssh.c]
3837 postpone fork_after_authentication until command execution,
3838 request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
3839 plus: use daemon() for backgrounding
cf8dd513 3840 - Added BSD compatible install program and autoconf test, thanks to
3841 Niels Kristian Bech Jensen <nkbj@image.dk>
3842 - Solaris fixing, thanks to Ben Taylor <bent@clark.net>
09041313 3843 - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com>
3dbefdb8 3844 - Release 1.2pre15
0ce43ae4 3845
5260325f 384619991124
3847 - Merged very large OpenBSD source code reformat
3848 - OpenBSD CVS updates
3849 - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
3850 [ssh.h sshd.8 sshd.c]
3851 syslog changes:
3852 * Unified Logmessage for all auth-types, for success and for failed
3853 * Standard connections get only ONE line in the LOG when level==LOG:
3854 Auth-attempts are logged only, if authentication is:
3855 a) successfull or
3856 b) with passwd or
3857 c) we had more than AUTH_FAIL_LOG failues
3858 * many log() became verbose()
3859 * old behaviour with level=VERBOSE
3860 - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
3861 tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
3862 messages. allows use of s/key in windows (ttssh, securecrt) and
3863 ssh-1.2.27 clients without 'ssh -v', ok: niels@
3864 - [sshd.8]
3865 -V, for fallback to openssh in SSH2 compatibility mode
3866 - [sshd.c]
3867 fix sigchld race; cjc5@po.cwru.edu
3868
4655fe80 386919991123
3870 - Added SuSE package files from Chris Saia <csaia@wtower.com>
8b241e50 3871 - Restructured package-related files under packages/*
4655fe80 3872 - Added generic PAM config
8b241e50 3873 - Numerous little Solaris fixes
9c08d6ce 3874 - Add recommendation to use GNU make to INSTALL document
4655fe80 3875
60bed5fd 387619991122
3877 - Make <enter> close gnome-ssh-askpass (Debian bug #50299)
2f2cc3f9 3878 - OpenBSD CVS Changes
bcbf86ec 3879 - [ssh-keygen.c]
3880 don't create ~/.ssh only if the user wants to store the private
3881 key there. show fingerprint instead of public-key after
2f2cc3f9 3882 keygeneration. ok niels@
b09a984b 3883 - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h
96ad4350 3884 - Added timersub() macro
b09a984b 3885 - Tidy RCSIDs of bsd-*.c
bcbf86ec 3886 - Added autoconf test and macro to deal with old PAM libraries
96ad4350 3887 pam_strerror definition (one arg vs two).
530f1889 3888 - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>)
bcbf86ec 3889 - Retry /dev/urandom reads interrupted by signal (report from
530f1889 3890 Robert Hardy <rhardy@webcon.net>)
1647c2b5 3891 - Added a setenv replacement for systems which lack it
d84a9a44 3892 - Only display public key comment when presenting ssh-askpass dialog
3893 - Released 1.2pre14
60bed5fd 3894
bcbf86ec 3895 - Configure, Make and changelog corrections from Tudor Bosman
2ddcfdf3 3896 <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk>
3897
9d6b7add 389819991121
2f2cc3f9 3899 - OpenBSD CVS Changes:
60bed5fd 3900 - [channels.c]
3901 make this compile, bad markus
3902 - [log.c readconf.c servconf.c ssh.h]
3903 bugfix: loglevels are per host in clientconfig,
3904 factor out common log-level parsing code.
3905 - [servconf.c]
3906 remove unused index (-Wall)
3907 - [ssh-agent.c]
3908 only one 'extern char *__progname'
3909 - [sshd.8]
3910 document SIGHUP, -Q to synopsis
3911 - [sshconnect.c serverloop.c sshd.c packet.c packet.h]
3912 [channels.c clientloop.c]
3913 SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
3914 [hope this time my ISP stays alive during commit]
3915 - [OVERVIEW README] typos; green@freebsd
3916 - [ssh-keygen.c]
3917 replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me)
3918 exit if writing the key fails (no infinit loop)
3919 print usage() everytime we get bad options
3920 - [ssh-keygen.c] overflow, djm@mindrot.org
3921 - [sshd.c] fix sigchld race; cjc5@po.cwru.edu
61e96248 3922
2b942fe0 392319991120
bcbf86ec 3924 - Merged more Solaris support from Marc G. Fournier
2b942fe0 3925 <marc.fournier@acadiau.ca>
3926 - Wrote autoconf tests for integer bit-types
3927 - Fixed enabling kerberos support
bcbf86ec 3928 - Fix segfault in ssh-keygen caused by buffer overrun in filename
13c36c4c 3929 handling.
2b942fe0 3930
06479889 393119991119
3932 - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com>
2ad77510 3933 - Merged OpenBSD CVS changes
3934 - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c]
3935 more %d vs. %s in fmt-strings
3936 - [authfd.c]
3937 Integers should not be printed with %s
7b1cc56c 3938 - EGD uses a socket, not a named pipe. Duh.
3939 - Fix includes in fingerprint.c
29dbde15 3940 - Fix scp progress bar bug again.
bcbf86ec 3941 - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of
736890c4 3942 David Rankin <drankin@bohemians.lexington.ky.us>
91b8065d 3943 - Added autoconf option to enable Kerberos 4 support (untested)
3944 - Added autoconf option to enable AFS support (untested)
3945 - Added autoconf option to enable S/Key support (untested)
3946 - Added autoconf option to enable TCP wrappers support (compiles OK)
beb43d31 3947 - Renamed BSD helper function files to bsd-*
bcbf86ec 3948 - Added tests for login and daemon and enable OpenBSD replacements for
caf3bc51 3949 when they are absent.
3950 - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu>
06479889 3951
2bd61362 395219991118
3953 - Merged OpenBSD CVS changes
3954 - [scp.c] foregroundproc() in scp
3955 - [sshconnect.h] include fingerprint.h
bcbf86ec 3956 - [sshd.c] bugfix: the log() for passwd-auth escaped during logging
2bd61362 3957 changes.
0c16a097 3958 - [ssh.1] Spell my name right.
2bd61362 3959 - Added openssh.com info to README
3960
f095fcc7 396119991117
3962 - Merged OpenBSD CVS changes
3963 - [ChangeLog.Ylonen] noone needs this anymore
3964 - [authfd.c] close-on-exec for auth-socket, ok deraadt
bcbf86ec 3965 - [hostfile.c]
3966 in known_hosts key lookup the entry for the bits does not need
3967 to match, all the information is contained in n and e. This
3968 solves the problem with buggy servers announcing the wrong
f095fcc7 3969 modulus length. markus and me.
bcbf86ec 3970 - [serverloop.c]
3971 bugfix: check for space if child has terminated, from:
f095fcc7 3972 iedowse@maths.tcd.ie
3973 - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
3974 [fingerprint.c fingerprint.h]
3975 rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
3976 - [ssh-agent.1] typo
3977 - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
bcbf86ec 3978 - [sshd.c]
f095fcc7 3979 force logging to stderr while loading private key file
3980 (lost while converting to new log-levels)
3981
4d195447 398219991116
3983 - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com>
3984 - Merged OpenBSD CVS changes:
3985 - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
3986 [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
3987 the keysize of rsa-parameter 'n' is passed implizit,
3988 a few more checks and warnings about 'pretended' keysizes.
3989 - [cipher.c cipher.h packet.c packet.h sshd.c]
3990 remove support for cipher RC4
3991 - [ssh.c]
3992 a note for legay systems about secuity issues with permanently_set_uid(),
3993 the private hostkey and ptrace()
3994 - [sshconnect.c]
3995 more detailed messages about adding and checking hostkeys
3996
dad9a31e 399719991115
3998 - Merged OpenBSD CVS changes:
bcbf86ec 3999 - [ssh-add.c] change passphrase loop logic and remove ref to
dad9a31e 4000 $DISPLAY, ok niels
4001 - Changed to ssh-add.c broke askpass support. Revised it to be a little more
bcbf86ec 4002 modular.
dad9a31e 4003 - Revised autoconf support for enabling/disabling askpass support.
e7c0f9d5 4004 - Merged more OpenBSD CVS changes:
704b1659 4005 [auth-krb4.c]
4006 - disconnect if getpeername() fails
4007 - missing xfree(*client)
4008 [canohost.c]
4009 - disconnect if getpeername() fails
4010 - fix comment: we _do_ disconnect if ip-options are set
4011 [sshd.c]
4012 - disconnect if getpeername() fails
4013 - move checking of remote port to central place
4014 [auth-rhosts.c] move checking of remote port to central place
4015 [log-server.c] avoid extra fd per sshd, from millert@
4016 [readconf.c] print _all_ bad config-options in ssh(1), too
4017 [readconf.h] print _all_ bad config-options in ssh(1), too
4018 [ssh.c] print _all_ bad config-options in ssh(1), too
4019 [sshconnect.c] disconnect if getpeername() fails
e7c0f9d5 4020 - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
c75a1a66 4021 - Various small cleanups to bring diff (against OpenBSD) size down.
f601d847 4022 - Merged more Solaris compability from Marc G. Fournier
4023 <marc.fournier@acadiau.ca>
4024 - Wrote autoconf tests for __progname symbol
986a22ec 4025 - RPM spec file fixes from Jim Knoble <jmknoble@jmknoble.cx>
0c372277 4026 - Released 1.2pre12
4027
4028 - Another OpenBSD CVS update:
4029 - [ssh-keygen.1] fix .Xr
dad9a31e 4030
92da7197 403119991114
4032 - Solaris compilation fixes (still imcomplete)
4033
94f7bb9e 403419991113
dd092f97 4035 - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk>
4036 - Don't install config files if they already exist
4037 - Fix inclusion of additional preprocessor directives from acconfig.h
94f7bb9e 4038 - Removed redundant inclusions of config.h
e9c75a39 4039 - Added 'Obsoletes' lines to RPM spec file
94f7bb9e 4040 - Merged OpenBSD CVS changes:
4041 - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
bcbf86ec 4042 - [scp.c] fix overflow reported by damien@ibs.com.au: off_t
94f7bb9e 4043 totalsize, ok niels,aaron
bcbf86ec 4044 - Delay fork (-f option) in ssh until after port forwarded connections
94f7bb9e 4045 have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi>
b2344d54 4046 - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de>
4047 - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled
dd092f97 4048 - Tidied default config file some more
4049 - Revised Redhat initscript to fix bug: sshd (re)start would fail
4050 if executed from inside a ssh login.
94f7bb9e 4051
e35c1dc2 405219991112
4053 - Merged changes from OpenBSD CVS
4054 - [sshd.c] session_key_int may be zero
b4748e2f 4055 - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
bcbf86ec 4056 IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
b4748e2f 4057 deraadt,millert
4058 - Brought default sshd_config more in line with OpenBSD's
547c9f30 4059 - Grab server in gnome-ssh-askpass (Debian bug #49872)
4060 - Released 1.2pre10
e35c1dc2 4061
8bc7973f 4062 - Added INSTALL documentation
6fa724bc 4063 - Merged yet more changes from OpenBSD CVS
4064 - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c]
4065 [ssh.c ssh.h sshconnect.c sshd.c]
4066 make all access to options via 'extern Options options'
4067 and 'extern ServerOptions options' respectively;
4068 options are no longer passed as arguments:
4069 * make options handling more consistent
4070 * remove #include "readconf.h" from ssh.h
4071 * readconf.h is only included if necessary
4072 - [mpaux.c] clear temp buffer
4073 - [servconf.c] print _all_ bad options found in configfile
045672f9 4074 - Make ssh-askpass support optional through autoconf
59b0f0d4 4075 - Fix nasty division-by-zero error in scp.c
4076 - Released 1.2pre11
8bc7973f 4077
4cca272e 407819991111
4079 - Added (untested) Entropy Gathering Daemon (EGD) support
67d68e3a 4080 - Fixed /dev/urandom fd leak (Debian bug #49722)
5bbb5681 4081 - Merged OpenBSD CVS changes:
4082 - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
4083 - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
4084 - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
bcbf86ec 4085 - Fix integer overflow which was messing up scp's progress bar for large
3f1d9bcd 4086 file transfers. Fix submitted to OpenBSD developers. Report and fix
4087 from Kees Cook <cook@cpoint.net>
6a17f9c2 4088 - Merged more OpenBSD CVS changes:
bcbf86ec 4089 - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
6a17f9c2 4090 + krb-cleanup cleanup
4091 - [clientloop.c log-client.c log-server.c ]
4092 [readconf.c readconf.h servconf.c servconf.h ]
4093 [ssh.1 ssh.c ssh.h sshd.8]
4094 add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
4095 obsoletes QuietMode and FascistLogging in sshd.
e35c1dc2 4096 - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au:
4097 allow session_key_int != sizeof(session_key)
4098 [this should fix the pre-assert-removal-core-files]
4099 - Updated default config file to use new LogLevel option and to improve
4100 readability
4101
f370266e 410219991110
67d68e3a 4103 - Merged several minor fixes:
f370266e 4104 - ssh-agent commandline parsing
4105 - RPM spec file now installs ssh setuid root
4106 - Makefile creates libdir
4cca272e 4107 - Merged beginnings of Solaris compability from Marc G. Fournier
4108 <marc.fournier@acadiau.ca>
f370266e 4109
d4f11b59 411019991109
4111 - Autodetection of SSL/Crypto library location via autoconf
4112 - Fixed location of ssh-askpass to follow autoconf
4113 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
4114 - Autodetection of RSAref library for US users
4115 - Minor doc updates
560557bb 4116 - Merged OpenBSD CVS changes:
4117 - [rsa.c] bugfix: use correct size for memset()
4118 - [sshconnect.c] warn if announced size of modulus 'n' != real size
f025becb 4119 - Added GNOME passphrase requestor (use --with-gnome-askpass)
d397b172 4120 - RPM build now creates subpackages
aa51e7cc 4121 - Released 1.2pre9
d4f11b59 4122
e1a9c08d 412319991108
4124 - Removed debian/ directory. This is now being maintained separately.
4125 - Added symlinks for slogin in RPM spec file
4126 - Fixed permissions on manpages in RPM spec file
4127 - Added references to required libraries in README file
4128 - Removed config.h.in from CVS
4129 - Removed pwdb support (better pluggable auth is provided by glibc)
4130 - Made PAM and requisite libdl optional
4131 - Removed lots of unnecessary checks from autoconf
4132 - Added support and autoconf test for openpty() function (Unix98 pty support)
4133 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
4134 - Added TODO file
4135 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
4136 - Added ssh-askpass program
4137 - Added ssh-askpass support to ssh-add.c
4138 - Create symlinks for slogin on install
4139 - Fix "distclean" target in makefile
4140 - Added example for ssh-agent to manpage
4141 - Added support for PAM_TEXT_INFO messages
4142 - Disable internal /etc/nologin support if PAM enabled
4143 - Merged latest OpenBSD CVS changes:
5bae4ab8 4144 - [all] replace assert() with error, fatal or packet_disconnect
e1a9c08d 4145 - [sshd.c] don't send fail-msg but disconnect if too many authentication
4146 failures
e1a9c08d 4147 - [sshd.c] remove unused argument. ok dugsong
4148 - [sshd.c] typo
4149 - [rsa.c] clear buffers used for encryption. ok: niels
4150 - [rsa.c] replace assert() with error, fatal or packet_disconnect
ade6fccd 4151 - [auth-krb4.c] remove unused argument. ok dugsong
e1a9c08d 4152 - Fixed coredump after merge of OpenBSD rsa.c patch
9010d60a 4153 - Released 1.2pre8
e1a9c08d 4154
3028328e 415519991102
4156 - Merged change from OpenBSD CVS
4157 - One-line cleanup in sshd.c
4158
474832c5 415919991030
4160 - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com>
69256d9d 4161 - Merged latest updates for OpenBSD CVS:
4162 - channels.[ch] - remove broken x11 fix and document istate/ostate
4163 - ssh-agent.c - call setsid() regardless of argv[]
4164 - ssh.c - save a few lines when disabling rhosts-{rsa-}auth
4165 - Documentation cleanups
4166 - Renamed README -> README.Ylonen
4167 - Renamed README.openssh ->README
474832c5 4168
339660f6 416919991029
4170 - Renamed openssh* back to ssh* at request of Theo de Raadt
4171 - Incorporated latest changes from OpenBSD's CVS
4172 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
4173 - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
549b3eed 4174 - Make distclean now removed configure script
4175 - Improved PAM logging
4176 - Added some debug() calls for PAM
4ecd19ea 4177 - Removed redundant subdirectories
bcbf86ec 4178 - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
4ecd19ea 4179 building on Debian.
242588e6 4180 - Fixed off-by-one error in PAM env patch
4181 - Released 1.2pre6
339660f6 4182
5881cd60 418319991028
4184 - Further PAM enhancements.
4185 - Much cleaner
4186 - Now uses account and session modules for all logins.
4187 - Integrated patch from Dan Brosemer <odin@linuxfreak.com>
4188 - Build fixes
4189 - Autoconf
4190 - Change binary names to open*
4191 - Fixed autoconf script to detect PAM on RH6.1
4192 - Added tests for libpwdb, and OpenBSD functions to autoconf
221395b3 4193 - Released 1.2pre4
fca82d2e 4194
4195 - Imported latest OpenBSD CVS code
4196 - Updated README.openssh
93f04616 4197 - Released 1.2pre5
fca82d2e 4198
5881cd60 419919991027
4200 - Adapted PAM patch.
4201 - Released 1.0pre2
4202
4203 - Excised my buggy replacements for strlcpy and mkdtemp
4204 - Imported correct OpenBSD strlcpy and mkdtemp routines.
4205 - Reduced arc4random_stir entropy read to 32 bytes (256 bits)
4206 - Picked up correct version number from OpenBSD
4207 - Added sshd.pam PAM configuration file
4208 - Added sshd.init Redhat init script
4209 - Added openssh.spec RPM spec file
4210 - Released 1.2pre3
4211
421219991026
4213 - Fixed include paths of OpenSSL functions
4214 - Use OpenSSL MD5 routines
4215 - Imported RC4 code from nanocrypt
4216 - Wrote replacements for OpenBSD arc4random* functions
4217 - Wrote replacements for strlcpy and mkdtemp
4218 - Released 1.0pre1
0b202697 4219
4220$Id$
git-cvsimport mirror of OpenSSH
This page took 0.822258 seconds and 5 git commands to generate.