19991112 - Merged changes from OpenBSD CVS - [sshd.c] session_key_int may be zero - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config] IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok deraadt,millert - Brought default sshd_config more in line with OpenBSD's - Grab server in gnome-ssh-askpass (Debian bug #49872) - Released 1.2pre10 - Added INSTALL documentation - Merged yet more changes from OpenBSD CVS - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c] [ssh.c ssh.h sshconnect.c sshd.c] make all access to options via 'extern Options options' and 'extern ServerOptions options' respectively; options are no longer passed as arguments: * make options handling more consistent * remove #include "readconf.h" from ssh.h * readconf.h is only included if necessary - [mpaux.c] clear temp buffer - [servconf.c] print _all_ bad options found in configfile 19991111 - Added (untested) Entropy Gathering Daemon (EGD) support - Fixed /dev/urandom fd leak (Debian bug #49722) - Merged OpenBSD CVS changes: - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too - Fix integer overflow which was messing up scp's progress bar for large file transfers. Fix submitted to OpenBSD developers. - Merged more OpenBSD CVS changes: - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() + krb-cleanup cleanup - [clientloop.c log-client.c log-server.c ] [readconf.c readconf.h servconf.c servconf.h ] [ssh.1 ssh.c ssh.h sshd.8] add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd, obsoletes QuietMode and FascistLogging in sshd. - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au: allow session_key_int != sizeof(session_key) [this should fix the pre-assert-removal-core-files] - Updated default config file to use new LogLevel option and to improve readability 19991110 - Merged several minor fixes: - ssh-agent commandline parsing - RPM spec file now installs ssh setuid root - Makefile creates libdir - Merged beginnings of Solaris compability from Marc G. Fournier 19991109 - Autodetection of SSL/Crypto library location via autoconf - Fixed location of ssh-askpass to follow autoconf - Integrated Makefile patch from Niels Kristian Bech Jensen - Autodetection of RSAref library for US users - Minor doc updates - Merged OpenBSD CVS changes: - [rsa.c] bugfix: use correct size for memset() - [sshconnect.c] warn if announced size of modulus 'n' != real size - Added GNOME passphrase requestor (use --with-gnome-askpass) - RPM build now creates subpackages - Released 1.2pre9 19991108 - Removed debian/ directory. This is now being maintained separately. - Added symlinks for slogin in RPM spec file - Fixed permissions on manpages in RPM spec file - Added references to required libraries in README file - Removed config.h.in from CVS - Removed pwdb support (better pluggable auth is provided by glibc) - Made PAM and requisite libdl optional - Removed lots of unnecessary checks from autoconf - Added support and autoconf test for openpty() function (Unix98 pty support) - Fix for scp not finding ssh if not installed as /usr/bin/ssh - Added TODO file - Merged parts of Debian patch From Phil Hands : - Added ssh-askpass program - Added ssh-askpass support to ssh-add.c - Create symlinks for slogin on install - Fix "distclean" target in makefile - Added example for ssh-agent to manpage - Added support for PAM_TEXT_INFO messages - Disable internal /etc/nologin support if PAM enabled - Merged latest OpenBSD CVS changes: - [all] replace assert() with error, fatal or packet_disconnect - [sshd.c] don't send fail-msg but disconnect if too many authentication failures - [sshd.c] remove unused argument. ok dugsong - [sshd.c] typo - [rsa.c] clear buffers used for encryption. ok: niels - [rsa.c] replace assert() with error, fatal or packet_disconnect - [auth-krb4.c] remove unused argument. ok dugsong - Fixed coredump after merge of OpenBSD rsa.c patch - Released 1.2pre8 19991102 - Merged change from OpenBSD CVS - One-line cleanup in sshd.c 19991030 - Integrated debian package support from Dan Brosemer - Merged latest updates for OpenBSD CVS: - channels.[ch] - remove broken x11 fix and document istate/ostate - ssh-agent.c - call setsid() regardless of argv[] - ssh.c - save a few lines when disabling rhosts-{rsa-}auth - Documentation cleanups - Renamed README -> README.Ylonen - Renamed README.openssh ->README 19991029 - Renamed openssh* back to ssh* at request of Theo de Raadt - Incorporated latest changes from OpenBSD's CVS - Integrated Makefile patch from Niels Kristian Bech Jensen - Integrated PAM env patch from Nalin Dahyabhai - Make distclean now removed configure script - Improved PAM logging - Added some debug() calls for PAM - Removed redundant subdirectories - Integrated part of a patch from Dan Brosemer for building on Debian. - Fixed off-by-one error in PAM env patch - Released 1.2pre6 19991028 - Further PAM enhancements. - Much cleaner - Now uses account and session modules for all logins. - Integrated patch from Dan Brosemer - Build fixes - Autoconf - Change binary names to open* - Fixed autoconf script to detect PAM on RH6.1 - Added tests for libpwdb, and OpenBSD functions to autoconf - Released 1.2pre4 - Imported latest OpenBSD CVS code - Updated README.openssh - Released 1.2pre5 19991027 - Adapted PAM patch. - Released 1.0pre2 - Excised my buggy replacements for strlcpy and mkdtemp - Imported correct OpenBSD strlcpy and mkdtemp routines. - Reduced arc4random_stir entropy read to 32 bytes (256 bits) - Picked up correct version number from OpenBSD - Added sshd.pam PAM configuration file - Added sshd.init Redhat init script - Added openssh.spec RPM spec file - Released 1.2pre3 19991026 - Fixed include paths of OpenSSL functions - Use OpenSSL MD5 routines - Imported RC4 code from nanocrypt - Wrote replacements for OpenBSD arc4random* functions - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1