+20030516
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2003/05/15 13:52:10
+ [ssh.c]
+ Make "ssh -V" print the OpenSSL version in a human readable form. Patch
+ from Craig Leres (mindrot at ee.lbl.gov); ok markus@
+ - jakob@cvs.openbsd.org 2003/05/15 14:02:47
+ [readconf.c servconf.c]
+ warn for unsupported config option. ok markus@
+ - markus@cvs.openbsd.org 2003/05/15 14:09:21
+ [auth2-krb5.c]
+ fix 64bit issue; report itojun@
+ - djm@cvs.openbsd.org 2003/05/15 14:55:25
+ [readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c]
+ add a ConnectTimeout option to ssh, based on patch from
+ Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
+ - (djm) Add warning for UsePAM when built without PAM support
+
+20030515
+ - (djm) OpenBSD CVS Sync
+ - jmc@cvs.openbsd.org 2003/05/14 13:11:56
+ [ssh-agent.1]
+ setup -> set up;
+ from wiz@netbsd
+ - jakob@cvs.openbsd.org 2003/05/14 18:16:20
+ [key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
+ [dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
+ add experimental support for verifying hos keys using DNS as described
+ in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
+ ok markus@ and henning@
+ - markus@cvs.openbsd.org 2003/05/14 22:24:42
+ [clientloop.c session.c ssh.1]
+ allow to send a BREAK to the remote system; ok various
+ - markus@cvs.openbsd.org 2003/05/15 00:28:28
+ [sshconnect2.c]
+ cleanup unregister of per-method packet handlers; ok djm@
+ - jakob@cvs.openbsd.org 2003/05/15 01:48:10
+ [readconf.c readconf.h servconf.c servconf.h]
+ always parse kerberos options. ok djm@ markus@
+ - jakob@cvs.openbsd.org 2003/05/15 02:27:15
+ [dns.c]
+ add missing freerrset
+ - markus@cvs.openbsd.org 2003/05/15 03:08:29
+ [cipher.c cipher-bf1.c cipher-aes.c cipher-3des1.c]
+ split out custom EVP ciphers
+ - djm@cvs.openbsd.org 2003/05/15 03:10:52
+ [ssh-keygen.c]
+ avoid warning; ok jakob@
+ - mouring@cvs.openbsd.org 2003/05/15 03:39:07
+ [sftp-int.c]
+ Make put/get (globed and nonglobed) code more consistant. OK djm@
+ - mouring@cvs.openbsd.org 2003/05/15 03:43:59
+ [sftp-int.c sftp.c]
+ Teach ls how to display multiple column display and allow users
+ to return to single column format via 'ls -1'. OK @djm
+ - jakob@cvs.openbsd.org 2003/05/15 04:08:44
+ [readconf.c servconf.c]
+ disable kerberos when not supported. ok markus@
+ - markus@cvs.openbsd.org 2003/05/15 04:08:41
+ [ssh.1]
+ ~B is ssh2 only
+ - (djm) Always parse UsePAM
+ - (djm) Configure glue for DNS support (code doesn't work in portable yet)
+ - (djm) Import getrrsetbyname() function from OpenBSD libc (for DNS support)
+ - (djm) Tidy Makefile clean targets
+ - (djm) Adapt README.dns for portable
+ - (djm) Avoid uuencode.c warnings
+ - (djm) Enable UsePAM when built --with-pam
+ - (djm) Only build getrrsetbyname replacement when using --with-dns
+ - (djm) Bug #529: sshd doesn't work correctly after SIGHUP (copy argv
+ correctly)
+ - (djm) Bug #444: Wrong paths after reconfigure
+ - (dtucker) HP-UX needs to include <sys/strtio.h> for TIOCSBRK
+
20030514
- (djm) Bug #117: Don't lie to PAM about username
- (djm) RCSID sync w/ OpenBSD
- markus@cvs.openbsd.org 2003/05/11 20:30:25
[channels.c clientloop.c serverloop.c session.c ssh.c]
make channel_new() strdup the 'remote_name' (not the caller); ok theo
+ - markus@cvs.openbsd.org 2003/05/12 16:55:37
+ [sshconnect2.c]
+ for pubkey authentication try the user keys in the following order:
+ 1. agent keys that are found in the config file
+ 2. other agent keys
+ 3. keys that are only listed in the config file
+ this helps when an agent has many keys, where the server might
+ close the connection before the correct key is used. report & ok pb@
+ - markus@cvs.openbsd.org 2003/05/12 18:35:18
+ [ssh-keyscan.1]
+ typo: DSA keys are of type ssh-dss; Brian Poole
+ - markus@cvs.openbsd.org 2003/05/14 00:52:59
+ [ssh2.h]
+ ranges for per auth method messages
+ - djm@cvs.openbsd.org 2003/05/14 01:00:44
+ [sftp.1]
+ emphasise the batchmode functionality and make reference to pubkey auth,
+ both of which are FAQs; ok markus@
+ - markus@cvs.openbsd.org 2003/05/14 02:15:47
+ [auth2.c monitor.c sshconnect2.c auth2-krb5.c]
+ implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
+ server interops with commercial client; ok jakob@ djm@
+ - jmc@cvs.openbsd.org 2003/05/14 08:25:39
+ [sftp.1]
+ - better formatting in SYNOPSIS
+ - whitespace at EOL
+ ok djm@
+ - markus@cvs.openbsd.org 2003/05/14 08:57:49
+ [monitor.c]
+ http://bugzilla.mindrot.org/show_bug.cgi?id=560
+ Privsep child continues to run after monitor killed.
+ Pass monitor signals through to child; Darren Tucker
+ - (djm) Make portable build with MIT krb5 (some issues remain)
+ - (djm) Add new UsePAM configuration directive to allow runtime control
+ over usage of PAM. This allows non-root use of sshd when built with
+ --with-pam
+ - (djm) Die screaming if start_pam() is called when UsePAM=no
+ - (djm) Avoid KrbV leak for MIT Kerberos
+ - (dtucker) Set ai_socktype and ai_protocol in fake-getaddrinfo.c. ok djm@
+ - (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability
20030512
- (djm) Redhat spec: Don't install profile.d scripts when not