+20000517
+ - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
+ - Fixes command line printing segfaults (spotter: Bladt Norbert)
+ - Fixes erroneous printing of debug messages to syslog
+ - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
+ - Gives useful error message if PRNG initialisation fails
+ - Reduced ssh startup delay
+ - Measures cumulative command time rather than the time between reads
+ after select()
+ - 'fixprogs' perl script to eliminate non-working entropy commands, and
+ optionally run 'ent' to measure command entropy
+
+20000513
+ - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
+ <misiek@pld.org.pl>
+
+20000511
+ - Fix for prng_seed permissions checking from Lutz Jaenicke
+ <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+ - "make host-key" fix for Irix
+
+20000509
+ - OpenBSD CVS update
+ - markus@cvs.openbsd.org
+ [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
+ [ssh.h sshconnect1.c sshconnect2.c sshd.8]
+ - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
+ - hugh@cvs.openbsd.org
+ [ssh.1]
+ - zap typo
+ [ssh-keygen.1]
+ - One last nit fix. (markus approved)
+ [sshd.8]
+ - some markus certified spelling adjustments
+ - markus@cvs.openbsd.org
+ [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
+ [sshconnect2.c ]
+ - bug compat w/ ssh-2.0.13 x11, split out bugs
+ [nchan.c]
+ - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
+ [ssh-keygen.c]
+ - handle escapes in real and original key format, ok millert@
+ [version.h]
+ - OpenSSH-2.1
+ - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
+ - Doc updates
+ - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported
+ by Andre Lucas <andre.lucas@dial.pipex.com>
+
+20000508
+ - Makefile and RPM spec fixes
+ - Generate DSA host keys during "make key" or RPM installs
+ - OpenBSD CVS update
+ - markus@cvs.openbsd.org
+ [clientloop.c sshconnect2.c]
+ - make x11-fwd interop w/ ssh-2.0.13
+ [README.openssh2]
+ - interop w/ SecureFX
+ - Release 2.0.0beta2
+
+ - Configure caching and cleanup patch from Andre Lucas'
+ <andre.lucas@dial.pipex.com>
+
+20000507
+ - Remove references to SSLeay.
+ - Big OpenBSD CVS update
+ - markus@cvs.openbsd.org
+ [clientloop.c]
+ - typo
+ [session.c]
+ - update proctitle on pty alloc/dealloc, e.g. w/ windows client
+ [session.c]
+ - update proctitle for proto 1, too
+ [channels.h nchan.c serverloop.c session.c sshd.c]
+ - use c-style comments
+ - deraadt@cvs.openbsd.org
+ [scp.c]
+ - more atomicio
+ - markus@cvs.openbsd.org
+ [channels.c]
+ - set O_NONBLOCK
+ [ssh.1]
+ - update AUTHOR
+ [readconf.c ssh-keygen.c ssh.h]
+ - default DSA key file ~/.ssh/id_dsa
+ [clientloop.c]
+ - typo, rm verbose debug
+ - deraadt@cvs.openbsd.org
+ [ssh-keygen.1]
+ - document DSA use of ssh-keygen
+ [sshd.8]
+ - a start at describing what i understand of the DSA side
+ [ssh-keygen.1]
+ - document -X and -x
+ [ssh-keygen.c]
+ - simplify usage
+ - markus@cvs.openbsd.org
+ [sshd.8]
+ - there is no rhosts_dsa
+ [ssh-keygen.1]
+ - document -y, update -X,-x
+ [nchan.c]
+ - fix close for non-open ssh1 channels
+ [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
+ - s/DsaKey/HostDSAKey/, document option
+ [sshconnect2.c]
+ - respect number_of_password_prompts
+ [channels.c channels.h servconf.c servconf.h session.c sshd.8]
+ - GatewayPorts for sshd, ok deraadt@
+ [ssh-add.1 ssh-agent.1 ssh.1]
+ - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
+ [ssh.1]
+ - more info on proto 2
+ [sshd.8]
+ - sync AUTHOR w/ ssh.1
+ [key.c key.h sshconnect.c]
+ - print key type when talking about host keys
+ [packet.c]
+ - clear padding in ssh2
+ [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
+ - replace broken uuencode w/ libc b64_ntop
+ [auth2.c]
+ - log failure before sending the reply
+ [key.c radix.c uuencode.c]
+ - remote trailing comments before calling __b64_pton
+ [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
+ [sshconnect2.c sshd.8]
+ - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
+ - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
+
+20000502
+ - OpenBSD CVS update
+ [channels.c]
+ - init all fds, close all fds.
+ [sshconnect2.c]
+ - check whether file exists before asking for passphrase
+ [servconf.c servconf.h sshd.8 sshd.c]
+ - PidFile, pr 1210
+ [channels.c]
+ - EINTR
+ [channels.c]
+ - unbreak, ok niels@
+ [sshd.c]
+ - unlink pid file, ok niels@
+ [auth2.c]
+ - Add missing #ifdefs; ok - markus
+ - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
+ gathering commands from a text file
+ - Release 2.0.0beta1
+
+20000501
+ - OpenBSD CVS update
+ [packet.c]
+ - send debug messages in SSH2 format
+ [scp.c]
+ - fix very rare EAGAIN/EINTR issues; based on work by djm
+ [packet.c]
+ - less debug, rm unused
+ [auth2.c]
+ - disable kerb,s/key in ssh2
+ [sshd.8]
+ - Minor tweaks and typo fixes.
+ [ssh-keygen.c]
+ - Put -d into usage and reorder. markus ok.
+ - Include missing headers for OpenSSL tests. Fix from Phil Karn
+ <karn@ka9q.ampr.org>
+ - Fixed __progname symbol collisions reported by Andre Lucas
+ <andre.lucas@dial.pipex.com>
+ - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
+ <gd@hilb1.medat.de>
+ - Add some missing ifdefs to auth2.c
+ - Deprecate perl-tk askpass.
+ - Irix portability fixes - don't include netinet headers more than once
+ - Make sure we don't save PRNG seed more than once
+
+20000430
+ - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
+ - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
+ patch.
+ - Adds timeout to entropy collection
+ - Disables slow entropy sources
+ - Load and save seed file
+ - Changed entropy seed code to user per-user seeds only (server seed is
+ saved in root's .ssh directory)
+ - Use atexit() and fatal cleanups to save seed on exit
+ - More OpenBSD updates:
+ [session.c]
+ - don't call chan_write_failed() if we are not writing
+ [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
+ - keysize warnings error() -> log()
+
+20000429
+ - Merge big update to OpenSSH-2.0 from OpenBSD CVS
+ [README.openssh2]
+ - interop w/ F-secure windows client
+ - sync documentation
+ - ssh_host_dsa_key not ssh_dsa_key
+ [auth-rsa.c]
+ - missing fclose
+ [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
+ [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
+ [sshd.c uuencode.c uuencode.h authfile.h]
+ - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
+ for trading keys with the real and the original SSH, directly from the
+ people who invented the SSH protocol.
+ [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
+ [sshconnect1.c sshconnect2.c]
+ - split auth/sshconnect in one file per protocol version
+ [sshconnect2.c]
+ - remove debug
+ [uuencode.c]
+ - add trailing =
+ [version.h]
+ - OpenSSH-2.0
+ [ssh-keygen.1 ssh-keygen.c]
+ - add -R flag: exit code indicates if RSA is alive
+ [sshd.c]
+ - remove unused
+ silent if -Q is specified
+ [ssh.h]
+ - host key becomes /etc/ssh_host_dsa_key
+ [readconf.c servconf.c ]
+ - ssh/sshd default to proto 1 and 2
+ [uuencode.c]
+ - remove debug
+ [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
+ - xfree DSA blobs
+ [auth2.c serverloop.c session.c]
+ - cleanup logging for sshd/2, respect PasswordAuth no
+ [sshconnect2.c]
+ - less debug, respect .ssh/config
+ [README.openssh2 channels.c channels.h]
+ - clientloop.c session.c ssh.c
+ - support for x11-fwding, client+server
+
20000421
- Merge fix from OpenBSD CVS
[ssh-agent.c]
- Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
via Debian bug #59926
+ - Define __progname in session.c if libc doesn't
+ - Remove indentation on autoconf #include statements to avoid bug in
+ DEC Tru64 compiler. Report and fix from David Del Piero
+ <David.DelPiero@qed.qld.gov.au>
20000420
- Make fixpaths work with perl4, patch from Andre Lucas