4 make this compile, bad markus
5 - [log.c readconf.c servconf.c ssh.h]
6 bugfix: loglevels are per host in clientconfig,
7 factor out common log-level parsing code.
9 remove unused index (-Wall)
11 only one 'extern char *__progname'
13 document SIGHUP, -Q to synopsis
14 - [sshconnect.c serverloop.c sshd.c packet.c packet.h]
15 [channels.c clientloop.c]
16 SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
17 [hope this time my ISP stays alive during commit]
20 - Merged more Solaris support from Marc G. Fournier
21 <marc.fournier@acadiau.ca>
22 - Wrote autoconf tests for integer bit-types
23 - Fixed enabling kerberos support
24 - Fix segfault in ssh-keygen caused by buffer overrun in filename
28 - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com>
29 - Merged OpenBSD CVS changes
30 - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c]
31 more %d vs. %s in fmt-strings
33 Integers should not be printed with %s
34 - EGD uses a socket, not a named pipe. Duh.
35 - Fix includes in fingerprint.c
36 - Fix scp progress bar bug again.
37 - Move scp from ${libdir}/ssh to ${libexecdir}/ssh at request of
38 David Rankin <drankin@bohemians.lexington.ky.us>
39 - Added autoconf option to enable Kerberos 4 support (untested)
40 - Added autoconf option to enable AFS support (untested)
41 - Added autoconf option to enable S/Key support (untested)
42 - Added autoconf option to enable TCP wrappers support (compiles OK)
43 - Renamed BSD helper function files to bsd-*
44 - Added tests for login and daemon and enable OpenBSD replacements for
46 - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu>
49 - Merged OpenBSD CVS changes
50 - [scp.c] foregroundproc() in scp
51 - [sshconnect.h] include fingerprint.h
52 - [sshd.c] bugfix: the log() for passwd-auth escaped during logging
54 - [ssh.1] Spell my name right.
55 - Added openssh.com info to README
58 - Merged OpenBSD CVS changes
59 - [ChangeLog.Ylonen] noone needs this anymore
60 - [authfd.c] close-on-exec for auth-socket, ok deraadt
62 in known_hosts key lookup the entry for the bits does not need
63 to match, all the information is contained in n and e. This
64 solves the problem with buggy servers announcing the wrong
65 modulus length. markus and me.
67 bugfix: check for space if child has terminated, from:
69 - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
70 [fingerprint.c fingerprint.h]
71 rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
73 - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
75 force logging to stderr while loading private key file
76 (lost while converting to new log-levels)
79 - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com>
80 - Merged OpenBSD CVS changes:
81 - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
82 [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
83 the keysize of rsa-parameter 'n' is passed implizit,
84 a few more checks and warnings about 'pretended' keysizes.
85 - [cipher.c cipher.h packet.c packet.h sshd.c]
86 remove support for cipher RC4
88 a note for legay systems about secuity issues with permanently_set_uid(),
89 the private hostkey and ptrace()
91 more detailed messages about adding and checking hostkeys
94 - Merged OpenBSD CVS changes:
95 - [ssh-add.c] change passphrase loop logic and remove ref to
97 - Changed to ssh-add.c broke askpass support. Revised it to be a little more
99 - Revised autoconf support for enabling/disabling askpass support.
100 - Merged more OpenBSD CVS changes:
102 - disconnect if getpeername() fails
103 - missing xfree(*client)
105 - disconnect if getpeername() fails
106 - fix comment: we _do_ disconnect if ip-options are set
108 - disconnect if getpeername() fails
109 - move checking of remote port to central place
110 [auth-rhosts.c] move checking of remote port to central place
111 [log-server.c] avoid extra fd per sshd, from millert@
112 [readconf.c] print _all_ bad config-options in ssh(1), too
113 [readconf.h] print _all_ bad config-options in ssh(1), too
114 [ssh.c] print _all_ bad config-options in ssh(1), too
115 [sshconnect.c] disconnect if getpeername() fails
116 - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
117 - Various small cleanups to bring diff (against OpenBSD) size down.
118 - Merged more Solaris compability from Marc G. Fournier
119 <marc.fournier@acadiau.ca>
120 - Wrote autoconf tests for __progname symbol
121 - RPM spec file fixes from Jim Knoble <jmknoble@pobox.com>
124 - Another OpenBSD CVS update:
125 - [ssh-keygen.1] fix .Xr
128 - Solaris compilation fixes (still imcomplete)
131 - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk>
132 - Don't install config files if they already exist
133 - Fix inclusion of additional preprocessor directives from acconfig.h
134 - Removed redundant inclusions of config.h
135 - Added 'Obsoletes' lines to RPM spec file
136 - Merged OpenBSD CVS changes:
137 - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
138 - [scp.c] fix overflow reported by damien@ibs.com.au: off_t
139 totalsize, ok niels,aaron
140 - Delay fork (-f option) in ssh until after port forwarded connections
141 have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi>
142 - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de>
143 - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled
144 - Tidied default config file some more
145 - Revised Redhat initscript to fix bug: sshd (re)start would fail
146 if executed from inside a ssh login.
149 - Merged changes from OpenBSD CVS
150 - [sshd.c] session_key_int may be zero
151 - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
152 IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
154 - Brought default sshd_config more in line with OpenBSD's
155 - Grab server in gnome-ssh-askpass (Debian bug #49872)
158 - Added INSTALL documentation
159 - Merged yet more changes from OpenBSD CVS
160 - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c]
161 [ssh.c ssh.h sshconnect.c sshd.c]
162 make all access to options via 'extern Options options'
163 and 'extern ServerOptions options' respectively;
164 options are no longer passed as arguments:
165 * make options handling more consistent
166 * remove #include "readconf.h" from ssh.h
167 * readconf.h is only included if necessary
168 - [mpaux.c] clear temp buffer
169 - [servconf.c] print _all_ bad options found in configfile
170 - Make ssh-askpass support optional through autoconf
171 - Fix nasty division-by-zero error in scp.c
175 - Added (untested) Entropy Gathering Daemon (EGD) support
176 - Fixed /dev/urandom fd leak (Debian bug #49722)
177 - Merged OpenBSD CVS changes:
178 - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
179 - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
180 - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
181 - Fix integer overflow which was messing up scp's progress bar for large
182 file transfers. Fix submitted to OpenBSD developers.
183 - Merged more OpenBSD CVS changes:
184 - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
185 + krb-cleanup cleanup
186 - [clientloop.c log-client.c log-server.c ]
187 [readconf.c readconf.h servconf.c servconf.h ]
188 [ssh.1 ssh.c ssh.h sshd.8]
189 add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
190 obsoletes QuietMode and FascistLogging in sshd.
191 - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au:
192 allow session_key_int != sizeof(session_key)
193 [this should fix the pre-assert-removal-core-files]
194 - Updated default config file to use new LogLevel option and to improve
198 - Merged several minor fixes:
199 - ssh-agent commandline parsing
200 - RPM spec file now installs ssh setuid root
201 - Makefile creates libdir
202 - Merged beginnings of Solaris compability from Marc G. Fournier
203 <marc.fournier@acadiau.ca>
206 - Autodetection of SSL/Crypto library location via autoconf
207 - Fixed location of ssh-askpass to follow autoconf
208 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
209 - Autodetection of RSAref library for US users
211 - Merged OpenBSD CVS changes:
212 - [rsa.c] bugfix: use correct size for memset()
213 - [sshconnect.c] warn if announced size of modulus 'n' != real size
214 - Added GNOME passphrase requestor (use --with-gnome-askpass)
215 - RPM build now creates subpackages
219 - Removed debian/ directory. This is now being maintained separately.
220 - Added symlinks for slogin in RPM spec file
221 - Fixed permissions on manpages in RPM spec file
222 - Added references to required libraries in README file
223 - Removed config.h.in from CVS
224 - Removed pwdb support (better pluggable auth is provided by glibc)
225 - Made PAM and requisite libdl optional
226 - Removed lots of unnecessary checks from autoconf
227 - Added support and autoconf test for openpty() function (Unix98 pty support)
228 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
230 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
231 - Added ssh-askpass program
232 - Added ssh-askpass support to ssh-add.c
233 - Create symlinks for slogin on install
234 - Fix "distclean" target in makefile
235 - Added example for ssh-agent to manpage
236 - Added support for PAM_TEXT_INFO messages
237 - Disable internal /etc/nologin support if PAM enabled
238 - Merged latest OpenBSD CVS changes:
239 - [all] replace assert() with error, fatal or packet_disconnect
240 - [sshd.c] don't send fail-msg but disconnect if too many authentication
242 - [sshd.c] remove unused argument. ok dugsong
244 - [rsa.c] clear buffers used for encryption. ok: niels
245 - [rsa.c] replace assert() with error, fatal or packet_disconnect
246 - [auth-krb4.c] remove unused argument. ok dugsong
247 - Fixed coredump after merge of OpenBSD rsa.c patch
251 - Merged change from OpenBSD CVS
252 - One-line cleanup in sshd.c
255 - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com>
256 - Merged latest updates for OpenBSD CVS:
257 - channels.[ch] - remove broken x11 fix and document istate/ostate
258 - ssh-agent.c - call setsid() regardless of argv[]
259 - ssh.c - save a few lines when disabling rhosts-{rsa-}auth
260 - Documentation cleanups
261 - Renamed README -> README.Ylonen
262 - Renamed README.openssh ->README
265 - Renamed openssh* back to ssh* at request of Theo de Raadt
266 - Incorporated latest changes from OpenBSD's CVS
267 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
268 - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
269 - Make distclean now removed configure script
270 - Improved PAM logging
271 - Added some debug() calls for PAM
272 - Removed redundant subdirectories
273 - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
275 - Fixed off-by-one error in PAM env patch
279 - Further PAM enhancements.
281 - Now uses account and session modules for all logins.
282 - Integrated patch from Dan Brosemer <odin@linuxfreak.com>
285 - Change binary names to open*
286 - Fixed autoconf script to detect PAM on RH6.1
287 - Added tests for libpwdb, and OpenBSD functions to autoconf
290 - Imported latest OpenBSD CVS code
291 - Updated README.openssh
298 - Excised my buggy replacements for strlcpy and mkdtemp
299 - Imported correct OpenBSD strlcpy and mkdtemp routines.
300 - Reduced arc4random_stir entropy read to 32 bytes (256 bits)
301 - Picked up correct version number from OpenBSD
302 - Added sshd.pam PAM configuration file
303 - Added sshd.init Redhat init script
304 - Added openssh.spec RPM spec file
308 - Fixed include paths of OpenSSL functions
309 - Use OpenSSL MD5 routines
310 - Imported RC4 code from nanocrypt
311 - Wrote replacements for OpenBSD arc4random* functions
312 - Wrote replacements for strlcpy and mkdtemp