]>
Commit | Line | Data |
---|---|---|
0ce43ae4 | 1 | 19991125 |
2 | - More reformatting merged from OpenBSD CVS | |
3 | - Merged OpenBSD CVS changes: | |
4 | - [channels.c] | |
5 | fix packet_integrity_check() for !have_hostname_in_open. | |
6 | report from mrwizard@psu.edu via djm@ibs.com.au | |
7 | - [channels.c] | |
8 | set SO_REUSEADDR and SO_LINGER for forwarded ports. | |
9 | chip@valinux.com via damien@ibs.com.au | |
10 | - [nchan.c] | |
11 | it's not an error() if shutdown_write failes in nchan. | |
12 | - [readconf.c] | |
13 | remove dead #ifdef-0-code | |
14 | - [readconf.c servconf.c] | |
15 | strcasecmp instead of tolower | |
16 | - [scp.c] | |
17 | progress meter overflow fix from damien@ibs.com.au | |
18 | - [ssh-add.1 ssh-add.c] | |
19 | SSH_ASKPASS support | |
20 | - [ssh.1 ssh.c] | |
21 | postpone fork_after_authentication until command execution, | |
22 | request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au | |
23 | plus: use daemon() for backgrounding | |
cf8dd513 | 24 | - Added BSD compatible install program and autoconf test, thanks to |
25 | Niels Kristian Bech Jensen <nkbj@image.dk> | |
26 | - Solaris fixing, thanks to Ben Taylor <bent@clark.net> | |
0ce43ae4 | 27 | |
5260325f | 28 | 19991124 |
29 | - Merged very large OpenBSD source code reformat | |
30 | - OpenBSD CVS updates | |
31 | - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c] | |
32 | [ssh.h sshd.8 sshd.c] | |
33 | syslog changes: | |
34 | * Unified Logmessage for all auth-types, for success and for failed | |
35 | * Standard connections get only ONE line in the LOG when level==LOG: | |
36 | Auth-attempts are logged only, if authentication is: | |
37 | a) successfull or | |
38 | b) with passwd or | |
39 | c) we had more than AUTH_FAIL_LOG failues | |
40 | * many log() became verbose() | |
41 | * old behaviour with level=VERBOSE | |
42 | - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c] | |
43 | tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE | |
44 | messages. allows use of s/key in windows (ttssh, securecrt) and | |
45 | ssh-1.2.27 clients without 'ssh -v', ok: niels@ | |
46 | - [sshd.8] | |
47 | -V, for fallback to openssh in SSH2 compatibility mode | |
48 | - [sshd.c] | |
49 | fix sigchld race; cjc5@po.cwru.edu | |
50 | ||
4655fe80 | 51 | 19991123 |
52 | - Added SuSE package files from Chris Saia <csaia@wtower.com> | |
8b241e50 | 53 | - Restructured package-related files under packages/* |
4655fe80 | 54 | - Added generic PAM config |
8b241e50 | 55 | - Numerous little Solaris fixes |
9c08d6ce | 56 | - Add recommendation to use GNU make to INSTALL document |
4655fe80 | 57 | |
60bed5fd | 58 | 19991122 |
59 | - Make <enter> close gnome-ssh-askpass (Debian bug #50299) | |
2f2cc3f9 | 60 | - OpenBSD CVS Changes |
61 | - [ssh-keygen.c] | |
62 | don't create ~/.ssh only if the user wants to store the private | |
63 | key there. show fingerprint instead of public-key after | |
64 | keygeneration. ok niels@ | |
b09a984b | 65 | - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h |
96ad4350 | 66 | - Added timersub() macro |
b09a984b | 67 | - Tidy RCSIDs of bsd-*.c |
96ad4350 | 68 | - Added autoconf test and macro to deal with old PAM libraries |
69 | pam_strerror definition (one arg vs two). | |
530f1889 | 70 | - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>) |
71 | - Retry /dev/urandom reads interrupted by signal (report from | |
72 | Robert Hardy <rhardy@webcon.net>) | |
1647c2b5 | 73 | - Added a setenv replacement for systems which lack it |
d84a9a44 | 74 | - Only display public key comment when presenting ssh-askpass dialog |
75 | - Released 1.2pre14 | |
60bed5fd | 76 | |
2ddcfdf3 | 77 | - Configure, Make and changelog corrections from Tudor Bosman |
78 | <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk> | |
79 | ||
9d6b7add | 80 | 19991121 |
2f2cc3f9 | 81 | - OpenBSD CVS Changes: |
60bed5fd | 82 | - [channels.c] |
83 | make this compile, bad markus | |
84 | - [log.c readconf.c servconf.c ssh.h] | |
85 | bugfix: loglevels are per host in clientconfig, | |
86 | factor out common log-level parsing code. | |
87 | - [servconf.c] | |
88 | remove unused index (-Wall) | |
89 | - [ssh-agent.c] | |
90 | only one 'extern char *__progname' | |
91 | - [sshd.8] | |
92 | document SIGHUP, -Q to synopsis | |
93 | - [sshconnect.c serverloop.c sshd.c packet.c packet.h] | |
94 | [channels.c clientloop.c] | |
95 | SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@ | |
96 | [hope this time my ISP stays alive during commit] | |
97 | - [OVERVIEW README] typos; green@freebsd | |
98 | - [ssh-keygen.c] | |
99 | replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me) | |
100 | exit if writing the key fails (no infinit loop) | |
101 | print usage() everytime we get bad options | |
102 | - [ssh-keygen.c] overflow, djm@mindrot.org | |
103 | - [sshd.c] fix sigchld race; cjc5@po.cwru.edu | |
104 | ||
2b942fe0 | 105 | 19991120 |
106 | - Merged more Solaris support from Marc G. Fournier | |
107 | <marc.fournier@acadiau.ca> | |
108 | - Wrote autoconf tests for integer bit-types | |
109 | - Fixed enabling kerberos support | |
13c36c4c | 110 | - Fix segfault in ssh-keygen caused by buffer overrun in filename |
111 | handling. | |
2b942fe0 | 112 | |
06479889 | 113 | 19991119 |
114 | - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com> | |
2ad77510 | 115 | - Merged OpenBSD CVS changes |
116 | - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c] | |
117 | more %d vs. %s in fmt-strings | |
118 | - [authfd.c] | |
119 | Integers should not be printed with %s | |
7b1cc56c | 120 | - EGD uses a socket, not a named pipe. Duh. |
121 | - Fix includes in fingerprint.c | |
29dbde15 | 122 | - Fix scp progress bar bug again. |
2ddcfdf3 | 123 | - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of |
736890c4 | 124 | David Rankin <drankin@bohemians.lexington.ky.us> |
91b8065d | 125 | - Added autoconf option to enable Kerberos 4 support (untested) |
126 | - Added autoconf option to enable AFS support (untested) | |
127 | - Added autoconf option to enable S/Key support (untested) | |
128 | - Added autoconf option to enable TCP wrappers support (compiles OK) | |
beb43d31 | 129 | - Renamed BSD helper function files to bsd-* |
caf3bc51 | 130 | - Added tests for login and daemon and enable OpenBSD replacements for |
131 | when they are absent. | |
132 | - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu> | |
06479889 | 133 | |
2bd61362 | 134 | 19991118 |
135 | - Merged OpenBSD CVS changes | |
136 | - [scp.c] foregroundproc() in scp | |
137 | - [sshconnect.h] include fingerprint.h | |
138 | - [sshd.c] bugfix: the log() for passwd-auth escaped during logging | |
139 | changes. | |
0c16a097 | 140 | - [ssh.1] Spell my name right. |
2bd61362 | 141 | - Added openssh.com info to README |
142 | ||
f095fcc7 | 143 | 19991117 |
144 | - Merged OpenBSD CVS changes | |
145 | - [ChangeLog.Ylonen] noone needs this anymore | |
146 | - [authfd.c] close-on-exec for auth-socket, ok deraadt | |
147 | - [hostfile.c] | |
148 | in known_hosts key lookup the entry for the bits does not need | |
149 | to match, all the information is contained in n and e. This | |
150 | solves the problem with buggy servers announcing the wrong | |
151 | modulus length. markus and me. | |
152 | - [serverloop.c] | |
153 | bugfix: check for space if child has terminated, from: | |
154 | iedowse@maths.tcd.ie | |
155 | - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] | |
156 | [fingerprint.c fingerprint.h] | |
157 | rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se> | |
158 | - [ssh-agent.1] typo | |
159 | - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ | |
160 | - [sshd.c] | |
161 | force logging to stderr while loading private key file | |
162 | (lost while converting to new log-levels) | |
163 | ||
4d195447 | 164 | 19991116 |
165 | - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com> | |
166 | - Merged OpenBSD CVS changes: | |
167 | - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c] | |
168 | [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c] | |
169 | the keysize of rsa-parameter 'n' is passed implizit, | |
170 | a few more checks and warnings about 'pretended' keysizes. | |
171 | - [cipher.c cipher.h packet.c packet.h sshd.c] | |
172 | remove support for cipher RC4 | |
173 | - [ssh.c] | |
174 | a note for legay systems about secuity issues with permanently_set_uid(), | |
175 | the private hostkey and ptrace() | |
176 | - [sshconnect.c] | |
177 | more detailed messages about adding and checking hostkeys | |
178 | ||
dad9a31e | 179 | 19991115 |
180 | - Merged OpenBSD CVS changes: | |
181 | - [ssh-add.c] change passphrase loop logic and remove ref to | |
182 | $DISPLAY, ok niels | |
183 | - Changed to ssh-add.c broke askpass support. Revised it to be a little more | |
184 | modular. | |
185 | - Revised autoconf support for enabling/disabling askpass support. | |
e7c0f9d5 | 186 | - Merged more OpenBSD CVS changes: |
187 | [auth-krb4.c] | |
188 | - disconnect if getpeername() fails | |
189 | - missing xfree(*client) | |
190 | [canohost.c] | |
191 | - disconnect if getpeername() fails | |
192 | - fix comment: we _do_ disconnect if ip-options are set | |
193 | [sshd.c] | |
194 | - disconnect if getpeername() fails | |
195 | - move checking of remote port to central place | |
196 | [auth-rhosts.c] move checking of remote port to central place | |
197 | [log-server.c] avoid extra fd per sshd, from millert@ | |
198 | [readconf.c] print _all_ bad config-options in ssh(1), too | |
199 | [readconf.h] print _all_ bad config-options in ssh(1), too | |
200 | [ssh.c] print _all_ bad config-options in ssh(1), too | |
201 | [sshconnect.c] disconnect if getpeername() fails | |
202 | - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it. | |
c75a1a66 | 203 | - Various small cleanups to bring diff (against OpenBSD) size down. |
f601d847 | 204 | - Merged more Solaris compability from Marc G. Fournier |
205 | <marc.fournier@acadiau.ca> | |
206 | - Wrote autoconf tests for __progname symbol | |
8c119fd0 | 207 | - RPM spec file fixes from Jim Knoble <jmknoble@pobox.com> |
0c372277 | 208 | - Released 1.2pre12 |
209 | ||
210 | - Another OpenBSD CVS update: | |
211 | - [ssh-keygen.1] fix .Xr | |
dad9a31e | 212 | |
92da7197 | 213 | 19991114 |
214 | - Solaris compilation fixes (still imcomplete) | |
215 | ||
94f7bb9e | 216 | 19991113 |
dd092f97 | 217 | - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk> |
218 | - Don't install config files if they already exist | |
219 | - Fix inclusion of additional preprocessor directives from acconfig.h | |
94f7bb9e | 220 | - Removed redundant inclusions of config.h |
e9c75a39 | 221 | - Added 'Obsoletes' lines to RPM spec file |
94f7bb9e | 222 | - Merged OpenBSD CVS changes: |
223 | - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels | |
224 | - [scp.c] fix overflow reported by damien@ibs.com.au: off_t | |
225 | totalsize, ok niels,aaron | |
226 | - Delay fork (-f option) in ssh until after port forwarded connections | |
227 | have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi> | |
b2344d54 | 228 | - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de> |
229 | - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled | |
dd092f97 | 230 | - Tidied default config file some more |
231 | - Revised Redhat initscript to fix bug: sshd (re)start would fail | |
232 | if executed from inside a ssh login. | |
94f7bb9e | 233 | |
e35c1dc2 | 234 | 19991112 |
235 | - Merged changes from OpenBSD CVS | |
236 | - [sshd.c] session_key_int may be zero | |
b4748e2f | 237 | - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] |
238 | IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok | |
239 | deraadt,millert | |
240 | - Brought default sshd_config more in line with OpenBSD's | |
547c9f30 | 241 | - Grab server in gnome-ssh-askpass (Debian bug #49872) |
242 | - Released 1.2pre10 | |
e35c1dc2 | 243 | |
8bc7973f | 244 | - Added INSTALL documentation |
6fa724bc | 245 | - Merged yet more changes from OpenBSD CVS |
246 | - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] | |
247 | [ssh.c ssh.h sshconnect.c sshd.c] | |
248 | make all access to options via 'extern Options options' | |
249 | and 'extern ServerOptions options' respectively; | |
250 | options are no longer passed as arguments: | |
251 | * make options handling more consistent | |
252 | * remove #include "readconf.h" from ssh.h | |
253 | * readconf.h is only included if necessary | |
254 | - [mpaux.c] clear temp buffer | |
255 | - [servconf.c] print _all_ bad options found in configfile | |
045672f9 | 256 | - Make ssh-askpass support optional through autoconf |
59b0f0d4 | 257 | - Fix nasty division-by-zero error in scp.c |
258 | - Released 1.2pre11 | |
8bc7973f | 259 | |
4cca272e | 260 | 19991111 |
261 | - Added (untested) Entropy Gathering Daemon (EGD) support | |
67d68e3a | 262 | - Fixed /dev/urandom fd leak (Debian bug #49722) |
5bbb5681 | 263 | - Merged OpenBSD CVS changes: |
264 | - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
265 | - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
266 | - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too | |
505fed0a | 267 | - Fix integer overflow which was messing up scp's progress bar for large |
268 | file transfers. Fix submitted to OpenBSD developers. | |
6a17f9c2 | 269 | - Merged more OpenBSD CVS changes: |
270 | - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() | |
271 | + krb-cleanup cleanup | |
272 | - [clientloop.c log-client.c log-server.c ] | |
273 | [readconf.c readconf.h servconf.c servconf.h ] | |
274 | [ssh.1 ssh.c ssh.h sshd.8] | |
275 | add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, | |
276 | obsoletes QuietMode and FascistLogging in sshd. | |
e35c1dc2 | 277 | - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: |
278 | allow session_key_int != sizeof(session_key) | |
279 | [this should fix the pre-assert-removal-core-files] | |
280 | - Updated default config file to use new LogLevel option and to improve | |
281 | readability | |
282 | ||
f370266e | 283 | 19991110 |
67d68e3a | 284 | - Merged several minor fixes: |
f370266e | 285 | - ssh-agent commandline parsing |
286 | - RPM spec file now installs ssh setuid root | |
287 | - Makefile creates libdir | |
4cca272e | 288 | - Merged beginnings of Solaris compability from Marc G. Fournier |
289 | <marc.fournier@acadiau.ca> | |
f370266e | 290 | |
d4f11b59 | 291 | 19991109 |
292 | - Autodetection of SSL/Crypto library location via autoconf | |
293 | - Fixed location of ssh-askpass to follow autoconf | |
294 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
295 | - Autodetection of RSAref library for US users | |
296 | - Minor doc updates | |
560557bb | 297 | - Merged OpenBSD CVS changes: |
298 | - [rsa.c] bugfix: use correct size for memset() | |
299 | - [sshconnect.c] warn if announced size of modulus 'n' != real size | |
f025becb | 300 | - Added GNOME passphrase requestor (use --with-gnome-askpass) |
d397b172 | 301 | - RPM build now creates subpackages |
aa51e7cc | 302 | - Released 1.2pre9 |
d4f11b59 | 303 | |
e1a9c08d | 304 | 19991108 |
305 | - Removed debian/ directory. This is now being maintained separately. | |
306 | - Added symlinks for slogin in RPM spec file | |
307 | - Fixed permissions on manpages in RPM spec file | |
308 | - Added references to required libraries in README file | |
309 | - Removed config.h.in from CVS | |
310 | - Removed pwdb support (better pluggable auth is provided by glibc) | |
311 | - Made PAM and requisite libdl optional | |
312 | - Removed lots of unnecessary checks from autoconf | |
313 | - Added support and autoconf test for openpty() function (Unix98 pty support) | |
314 | - Fix for scp not finding ssh if not installed as /usr/bin/ssh | |
315 | - Added TODO file | |
316 | - Merged parts of Debian patch From Phil Hands <phil@hands.com>: | |
317 | - Added ssh-askpass program | |
318 | - Added ssh-askpass support to ssh-add.c | |
319 | - Create symlinks for slogin on install | |
320 | - Fix "distclean" target in makefile | |
321 | - Added example for ssh-agent to manpage | |
322 | - Added support for PAM_TEXT_INFO messages | |
323 | - Disable internal /etc/nologin support if PAM enabled | |
324 | - Merged latest OpenBSD CVS changes: | |
5bae4ab8 | 325 | - [all] replace assert() with error, fatal or packet_disconnect |
e1a9c08d | 326 | - [sshd.c] don't send fail-msg but disconnect if too many authentication |
327 | failures | |
e1a9c08d | 328 | - [sshd.c] remove unused argument. ok dugsong |
329 | - [sshd.c] typo | |
330 | - [rsa.c] clear buffers used for encryption. ok: niels | |
331 | - [rsa.c] replace assert() with error, fatal or packet_disconnect | |
ade6fccd | 332 | - [auth-krb4.c] remove unused argument. ok dugsong |
e1a9c08d | 333 | - Fixed coredump after merge of OpenBSD rsa.c patch |
9010d60a | 334 | - Released 1.2pre8 |
e1a9c08d | 335 | |
3028328e | 336 | 19991102 |
337 | - Merged change from OpenBSD CVS | |
338 | - One-line cleanup in sshd.c | |
339 | ||
474832c5 | 340 | 19991030 |
341 | - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com> | |
69256d9d | 342 | - Merged latest updates for OpenBSD CVS: |
343 | - channels.[ch] - remove broken x11 fix and document istate/ostate | |
344 | - ssh-agent.c - call setsid() regardless of argv[] | |
345 | - ssh.c - save a few lines when disabling rhosts-{rsa-}auth | |
346 | - Documentation cleanups | |
347 | - Renamed README -> README.Ylonen | |
348 | - Renamed README.openssh ->README | |
474832c5 | 349 | |
339660f6 | 350 | 19991029 |
351 | - Renamed openssh* back to ssh* at request of Theo de Raadt | |
352 | - Incorporated latest changes from OpenBSD's CVS | |
353 | - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk> | |
354 | - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com> | |
549b3eed | 355 | - Make distclean now removed configure script |
356 | - Improved PAM logging | |
357 | - Added some debug() calls for PAM | |
4ecd19ea | 358 | - Removed redundant subdirectories |
359 | - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for | |
360 | building on Debian. | |
242588e6 | 361 | - Fixed off-by-one error in PAM env patch |
362 | - Released 1.2pre6 | |
339660f6 | 363 | |
5881cd60 | 364 | 19991028 |
365 | - Further PAM enhancements. | |
366 | - Much cleaner | |
367 | - Now uses account and session modules for all logins. | |
368 | - Integrated patch from Dan Brosemer <odin@linuxfreak.com> | |
369 | - Build fixes | |
370 | - Autoconf | |
371 | - Change binary names to open* | |
372 | - Fixed autoconf script to detect PAM on RH6.1 | |
373 | - Added tests for libpwdb, and OpenBSD functions to autoconf | |
221395b3 | 374 | - Released 1.2pre4 |
fca82d2e | 375 | |
376 | - Imported latest OpenBSD CVS code | |
377 | - Updated README.openssh | |
93f04616 | 378 | - Released 1.2pre5 |
fca82d2e | 379 | |
5881cd60 | 380 | 19991027 |
381 | - Adapted PAM patch. | |
382 | - Released 1.0pre2 | |
383 | ||
384 | - Excised my buggy replacements for strlcpy and mkdtemp | |
385 | - Imported correct OpenBSD strlcpy and mkdtemp routines. | |
386 | - Reduced arc4random_stir entropy read to 32 bytes (256 bits) | |
387 | - Picked up correct version number from OpenBSD | |
388 | - Added sshd.pam PAM configuration file | |
389 | - Added sshd.init Redhat init script | |
390 | - Added openssh.spec RPM spec file | |
391 | - Released 1.2pre3 | |
392 | ||
393 | 19991026 | |
394 | - Fixed include paths of OpenSSL functions | |
395 | - Use OpenSSL MD5 routines | |
396 | - Imported RC4 code from nanocrypt | |
397 | - Wrote replacements for OpenBSD arc4random* functions | |
398 | - Wrote replacements for strlcpy and mkdtemp | |
399 | - Released 1.0pre1 |