+20001105
+ - (bal) Sync with OpenBSD:
+ - markus@cvs.openbsd.org 2000/10/31 9:31:58
+ [compat.c]
+ handle all old openssh versions
+ - markus@cvs.openbsd.org 2000/10/31 13:1853
+ [deattack.c]
+ so that large packets do not wrap "n"; from netbsd
+ - (bal) rijndel.c - fix up RCSID to match OpenBSD tree
+
+20001029
+ - (stevesk) Fix typo in auth.c: USE_PAM not PAM
+ - (stevesk) Create contrib/cygwin/ directory; patch from
+ Corinna Vinschen <vinschen@redhat.com>
+ - (bal) Resolved more $xno and $xyes issues in configure.in
+ - (bal) next-posix.h - spelling and forgot a prototype
+
+20001028
+ - (djm) fix select hack in serverloop.c from Philippe WILLEM
+ <Philippe.WILLEM@urssaf.fr>
+ - (djm) Fix mangled AIXAUTHENTICATE code
+ - (djm) authctxt->pw may be NULL. Fix from Markus Friedl
+ <markus.friedl@informatik.uni-erlangen.de>
+ - (djm) Sync with OpenBSD:
+ - markus@cvs.openbsd.org 2000/10/16 15:46:32
+ [ssh.1]
+ fixes from pekkas@netcore.fi
+ - markus@cvs.openbsd.org 2000/10/17 14:28:11
+ [atomicio.c]
+ return number of characters processed; ok deraadt@
+ - markus@cvs.openbsd.org 2000/10/18 12:04:02
+ [atomicio.c]
+ undo
+ - markus@cvs.openbsd.org 2000/10/18 12:23:02
+ [scp.c]
+ replace atomicio(read,...) with read(); ok deraadt@
+ - markus@cvs.openbsd.org 2000/10/18 12:42:00
+ [session.c]
+ restore old record login behaviour
+ - deraadt@cvs.openbsd.org 2000/10/19 10:41:13
+ [auth-skey.c]
+ fmt string problem in unused code
+ - provos@cvs.openbsd.org 2000/10/19 10:45:16
+ [sshconnect2.c]
+ don't reference freed memory. okay deraadt@
+ - markus@cvs.openbsd.org 2000/10/21 11:04:23
+ [canohost.c]
+ typo, eramore@era-t.ericsson.se; ok niels@
+ - markus@cvs.openbsd.org 2000/10/23 13:31:55
+ [cipher.c]
+ non-alignment dependent swap_bytes(); from
+ simonb@wasabisystems.com/netbsd
+ - markus@cvs.openbsd.org 2000/10/26 12:38:28
+ [compat.c]
+ add older vandyke products
+ - markus@cvs.openbsd.org 2000/10/27 01:32:19
+ [channels.c channels.h clientloop.c serverloop.c session.c]
+ [ssh.c util.c]
+ enable non-blocking IO on channels, and tty's (except for the
+ client ttys).
+
+20001027
+ - (djm) Increase REKEY_BYTES to 2^24 for arc4random
+
+20001025
+ - (djm) Added WARNING.RNG file and modified configure to ask users of the
+ builtin entropy code to read it.
+ - (djm) Prefer builtin regex to PCRE.
+ - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly.
+ - (bal) Apply fixes to configure.in pointed out by Pavel Roskin
+ <proski@gnu.org>
+
+20001020
+ - (djm) Don't define _REENTRANT for SNI/Reliant Unix
+ - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation
+ is more correct then current version.
+
+20001018
+ - (stevesk) Add initial support for setproctitle(). Current
+ support is for the HP-UX pstat(PSTAT_SETCMD, ...) method.
+ - (stevesk) Add egd startup scripts to contrib/hpux/
+
+20001017
+ - (djm) Add -lregex to cywin libs from Corinna Vinschen
+ <vinschen@cygnus.com>
+ - (djm) Don't rely on atomicio's retval to determine length of askpass
+ supplied passphrase. Problem report from Lutz Jaenicke
+ <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+ - (bal) Changed from GNU rx to PCRE on suggestion from djm.
+ - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki
+ <nakaji@tutrp.tut.ac.jp>
+
+20001016
+ - (djm) Sync with OpenBSD:
+ - markus@cvs.openbsd.org 2000/10/14 04:01:15
+ [cipher.c]
+ debug3
+ - markus@cvs.openbsd.org 2000/10/14 04:07:23
+ [scp.c]
+ remove spaces from arguments; from djm@mindrot.org
+ - markus@cvs.openbsd.org 2000/10/14 06:09:46
+ [ssh.1]
+ Cipher is for SSH-1 only
+ - markus@cvs.openbsd.org 2000/10/14 06:12:09
+ [servconf.c servconf.h serverloop.c session.c sshd.8]
+ AllowTcpForwarding; from naddy@
+ - markus@cvs.openbsd.org 2000/10/14 06:16:56
+ [auth2.c compat.c compat.h sshconnect2.c version.h]
+ OpenSSH_2.3; note that is is not complete, but the version number
+ needs to be changed for interoperability reasons
+ - markus@cvs.openbsd.org 2000/10/14 06:19:45
+ [auth-rsa.c]
+ do not send RSA challenge if key is not allowed by key-options; from
+ eivind@ThinkSec.com
+ - markus@cvs.openbsd.org 2000/10/15 08:14:01
+ [rijndael.c session.c]
+ typos; from stevesk@sweden.hp.com
+ - markus@cvs.openbsd.org 2000/10/15 08:18:31
+ [rijndael.c]
+ typo
+ - (djm) Copy manpages back over from OpenBSD - too tedious to wade
+ through diffs
+ - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola
+ <pekkas@netcore.fi>
+ - (djm) Update version in Redhat spec file
+ - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
+ Redhat 7.0 spec file
+ - (djm) Make inability to read/write PRNG seedfile non-fatal
+
+
+20001015
+ - (djm) Fix ssh2 hang on background processes at logout.
+
+20001014
+ - (bal) Add support for realpath and getcwd for platforms with broken
+ or missing realpath implementations for sftp-server.
+ - (bal) Corrected mistake in INSTALL in regards to GNU rx library
+ - (bal) Add support for GNU rx library for those lacking regexp support
+ - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
+ - (djm) Revert SSH2 serverloop hack, will find a better way.
+ - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch
+ from Martin Johansson <fatbob@acc.umu.se>
+ - (djm) Big OpenBSD sync:
+ - markus@cvs.openbsd.org 2000/09/30 10:27:44
+ [log.c]
+ allow loglevel debug
+ - markus@cvs.openbsd.org 2000/10/03 11:59:57
+ [packet.c]
+ hmac->mac
+ - markus@cvs.openbsd.org 2000/10/03 12:03:03
+ [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
+ move fake-auth from auth1.c to individual auth methods, disables s/key in
+ debug-msg
+ - markus@cvs.openbsd.org 2000/10/03 12:16:48
+ ssh.c
+ do not resolve canonname, i have no idea why this was added oin ossh
+ - markus@cvs.openbsd.org 2000/10/09 15:30:44
+ ssh-keygen.1 ssh-keygen.c
+ -X now reads private ssh.com DSA keys, too.
+ - markus@cvs.openbsd.org 2000/10/09 15:32:34
+ auth-options.c
+ clear options on every call.
+ - markus@cvs.openbsd.org 2000/10/09 15:51:00
+ authfd.c authfd.h
+ interop with ssh-agent2, from <res@shore.net>
+ - markus@cvs.openbsd.org 2000/10/10 14:20:45
+ compat.c
+ use rexexp for version string matching
+ - provos@cvs.openbsd.org 2000/10/10 22:02:18
+ [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
+ First rough implementation of the diffie-hellman group exchange. The
+ client can ask the server for bigger groups to perform the diffie-hellman
+ in, thus increasing the attack complexity when using ciphers with longer
+ keys. University of Windsor provided network, T the company.
+ - markus@cvs.openbsd.org 2000/10/11 13:59:52
+ [auth-rsa.c auth2.c]
+ clear auth options unless auth sucessfull
+ - markus@cvs.openbsd.org 2000/10/11 14:00:27
+ [auth-options.h]
+ clear auth options unless auth sucessfull
+ - markus@cvs.openbsd.org 2000/10/11 14:03:27
+ [scp.1 scp.c]
+ support 'scp -o' with help from mouring@pconline.com
+ - markus@cvs.openbsd.org 2000/10/11 14:11:35
+ [dh.c]
+ Wall
+ - markus@cvs.openbsd.org 2000/10/11 14:14:40
+ [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
+ [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
+ add support for s/key (kbd-interactive) to ssh2, based on work by
+ mkiernan@avantgo.com and me
+ - markus@cvs.openbsd.org 2000/10/11 14:27:24
+ [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
+ [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
+ [sshconnect2.c sshd.c]
+ new cipher framework
+ - markus@cvs.openbsd.org 2000/10/11 14:45:21
+ [cipher.c]
+ remove DES
+ - markus@cvs.openbsd.org 2000/10/12 03:59:20
+ [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
+ enable DES in SSH-1 clients only
+ - markus@cvs.openbsd.org 2000/10/12 08:21:13
+ [kex.h packet.c]
+ remove unused
+ - markus@cvs.openbsd.org 2000/10/13 12:34:46
+ [sshd.c]
+ Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se
+ - markus@cvs.openbsd.org 2000/10/13 12:59:15
+ [cipher.c cipher.h myproposal.h rijndael.c rijndael.h]
+ rijndael/aes support
+ - markus@cvs.openbsd.org 2000/10/13 13:10:54
+ [sshd.8]
+ more info about -V
+ - markus@cvs.openbsd.org 2000/10/13 13:12:02
+ [myproposal.h]
+ prefer no compression
+ - (djm) Fix scp user@host handling
+ - (djm) Don't clobber ssh_prng_cmds on install
+ - (stevesk) Include config.h in rijndael.c so we define intXX_t and
+ u_intXX_t types on all platforms.
+ - (stevesk) rijndael.c: cleanup missing declaration warnings.
+ - (stevesk) ~/.hushlogin shouldn't cause required password change to
+ be bypassed.
+ - (stevesk) Display correct path to ssh-askpass in configure output.
+ Report from Lutz Jaenicke.
+
+20001007
+ - (stevesk) Print PAM return value in PAM log messages to aid
+ with debugging.
+ - (stevesk) Fix detection of pw_class struct member in configure;
+ patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp>
+
+20001002
+ - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com>
+ - (djm) Add host system and CC to end-of-configure report. Suggested by
+ Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+
+20000931
+ - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com>
+
+20000930
+ - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi>
+ - (djm) Support in bsd-snprintf.c for long long conversions from
+ Ben Lindstrom <mouring@pconline.com>
+ - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com>
+ - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with
+ very short lived X connections. Bug report from Tobias Oetiker
+ <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org>
+ - (djm) Add recent InitScripts as a RPM dependancy for openssh-server
+ patch from Pekka Savola <pekkas@netcore.fi>
+ - (djm) Forgot to cvs add LICENSE file
+ - (djm) Add LICENSE to RPM spec files
+ - (djm) CVS OpenBSD sync:
+ - markus@cvs.openbsd.org 2000/09/26 13:59:59
+ [clientloop.c]
+ use debug2
+ - markus@cvs.openbsd.org 2000/09/27 15:41:34
+ [auth2.c sshconnect2.c]
+ use key_type()
+ - markus@cvs.openbsd.org 2000/09/28 12:03:18
+ [channels.c]
+ debug -> debug2 cleanup
+ - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only
+ strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis
+ <Alain.St-Denis@ec.gc.ca>
+ - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass.
+ Problem was caused by interrupted read in ssh-add. Report from Donald
+ J. Barry <don@astro.cornell.edu>
+
+20000929
+ - (djm) Fix SSH2 not terminating until all background tasks done problem.
+ - (djm) Another off-by-one fix from Pavel Kankovsky
+ <peak@argo.troja.mff.cuni.cz>
+ - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
+ tidy necessary differences. Use Markus' new debugN() in entropy.c
+ - (djm) Merged big SCO portability patch from Tim Rice
+ <tim@multitalents.net>
+
+20000926
+ - (djm) Update X11-askpass to 1.0.2 in RPM spec file
+ - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX
+ - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c.
+ Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
+
+20000924
+ - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net>
+ - (djm) A bit more cleanup - created cygwin_util.h
+ - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller
+ <markm@swoon.net>
+
+20000923
+ - (djm) Fix address logging in utmp from Kevin Steves
+ <stevesk@sweden.hp.com>
+ - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi>
+ - (djm) Seperate tests for int64_t and u_int64_t types
+ - (djm) Tweak password expiry checking at suggestion of Kevin Steves
+ <stevesk@sweden.hp.com>
+ - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
+ - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from
+ Michael Stone <mstone@cs.loyola.edu>
+ - (djm) OpenBSD CVS sync:
+ - markus@cvs.openbsd.org 2000/09/17 09:38:59
+ [sshconnect2.c sshd.c]
+ fix DEBUG_KEXDH
+ - markus@cvs.openbsd.org 2000/09/17 09:52:51
+ [sshconnect.c]
+ yes no; ok niels@
+ - markus@cvs.openbsd.org 2000/09/21 04:55:11
+ [sshd.8]
+ typo
+ - markus@cvs.openbsd.org 2000/09/21 05:03:54
+ [serverloop.c]
+ typo
+ - markus@cvs.openbsd.org 2000/09/21 05:11:42
+ scp.c
+ utime() to utimes(); mouring@pconline.com
+ - markus@cvs.openbsd.org 2000/09/21 05:25:08
+ sshconnect2.c
+ change login logic in ssh2, allows plugin of other auth methods
+ - markus@cvs.openbsd.org 2000/09/21 05:25:35
+ [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h]
+ [serverloop.c]
+ add context to dispatch_run
+ - markus@cvs.openbsd.org 2000/09/21 05:07:52
+ authfd.c authfd.h ssh-agent.c
+ bug compat for old ssh.com software
+
+20000920
+ - (djm) Fix bad path substitution. Report from Andrew Miner
+ <asminer@cs.iastate.edu>
+
+20000916
+ - (djm) Fix SSL search order from Lutz Jaenicke
+ <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+ - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de>
+ - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com>
+ - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage.
+ Patch from Larry Jones <larry.jones@sdrc.com>
+ - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM
+ password change patch.
+ - (djm) Bring licenses on my stuff in line with OpenBSD's
+ - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from
+ Kevin Steves <stevesk@sweden.hp.com>
+ - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz>
+ - (djm) Re-enable int64_t types - we need them for sftp
+ - (djm) Use libexecdir from configure , rather than libexecdir/ssh
+ - (djm) Update Redhat SPEC file accordingly
+ - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files
+ - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch
+ - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter
+ <Dirk.DeWachter@rug.ac.be>
+ - (djm) Fixprogs and entropy list fixes from Larry Jones
+ <larry.jones@sdrc.com>
+ - (djm) Fix for SuSE spec file from Takashi YOSHIDA
+ <tyoshida@gemini.rc.kyushu-u.ac.jp>
+ - (djm) Merge OpenBSD changes:
+ - markus@cvs.openbsd.org 2000/09/05 02:59:57
+ [session.c]
+ print hostname (not hushlogin)
+ - markus@cvs.openbsd.org 2000/09/05 13:18:48
+ [authfile.c ssh-add.c]
+ enable ssh-add -d for DSA keys
+ - markus@cvs.openbsd.org 2000/09/05 13:20:49
+ [sftp-server.c]
+ cleanup
+ - markus@cvs.openbsd.org 2000/09/06 03:46:41
+ [authfile.h]
+ prototype
+ - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
+ [ALL]
+ cleanup copyright notices on all files. I have attempted to be
+ accurate with the details. everything is now under Tatu's licence
+ (which I copied from his readme), and/or the core-sdi bsd-ish thing
+ for deattack, or various openbsd developers under a 2-term bsd
+ licence. We're not changing any rules, just being accurate.
+ - markus@cvs.openbsd.org 2000/09/07 14:40:30
+ [channels.c channels.h clientloop.c serverloop.c ssh.c]
+ cleanup window and packet sizes for ssh2 flow control; ok niels
+ - markus@cvs.openbsd.org 2000/09/07 14:53:00
+ [scp.c]
+ typo
+ - markus@cvs.openbsd.org 2000/09/07 15:13:37
+ [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
+ [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
+ [pty.c readconf.c]
+ some more Copyright fixes
+ - markus@cvs.openbsd.org 2000/09/08 03:02:51
+ [README.openssh2]
+ bye bye
+ - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
+ [LICENCE cipher.c]
+ a few more comments about it being ARC4 not RC4
+ - markus@cvs.openbsd.org 2000/09/12 14:53:11
+ [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
+ multiple debug levels
+ - markus@cvs.openbsd.org 2000/09/14 14:25:15
+ [clientloop.c]
+ typo
+ - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
+ [ssh-agent.c]
+ check return value for setenv(3) for failure, and deal appropriately
+
+20000913
+ - (djm) Fix server not exiting with jobs in background.
+
+20000905
+ - (djm) Import OpenBSD CVS changes
+ - markus@cvs.openbsd.org 2000/08/31 15:52:24
+ [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
+ implement a SFTP server. interops with sftp2, scp2 and the windows
+ client from ssh.com
+ - markus@cvs.openbsd.org 2000/08/31 15:56:03
+ [README.openssh2]
+ sync
+ - markus@cvs.openbsd.org 2000/08/31 16:05:42
+ [session.c]
+ Wall
+ - markus@cvs.openbsd.org 2000/08/31 16:09:34
+ [authfd.c ssh-agent.c]
+ add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
+ - deraadt@cvs.openbsd.org 2000/09/01 09:25:13
+ [scp.1 scp.c]
+ cleanup and fix -S support; stevesk@sweden.hp.com
+ - markus@cvs.openbsd.org 2000/09/01 16:29:32
+ [sftp-server.c]
+ portability fixes
+ - markus@cvs.openbsd.org 2000/09/01 16:32:41
+ [sftp-server.c]
+ fix cast; mouring@pconline.com
+ - itojun@cvs.openbsd.org 2000/09/03 09:23:28
+ [ssh-add.1 ssh.1]
+ add missing .El against .Bl.
+ - markus@cvs.openbsd.org 2000/09/04 13:03:41
+ [session.c]
+ missing close; ok theo
+ - markus@cvs.openbsd.org 2000/09/04 13:07:21
+ [session.c]
+ fix get_last_login_time order; from andre@van-veen.de
+ - markus@cvs.openbsd.org 2000/09/04 13:10:09
+ [sftp-server.c]
+ more cast fixes; from mouring@pconline.com
+ - markus@cvs.openbsd.org 2000/09/04 13:06:04
+ [session.c]
+ set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
+ - (djm) Cleanup after import. Fix sftp-server compilation, Makefile
+ - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com>
+
+20000903
+ - (djm) Fix Redhat init script
+
+20000901
+ - (djm) Pick up Jim's new X11-askpass
+ - (djm) Release 2.2.0p1
+
+20000831
+ - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox
+ <acox@cv.telegroup.com>
+ - (djm) Pick up new version (2.2.0) from OpenBSD CVS
+
+20000830
+ - (djm) Compile warning fixes from Mark Miller <markm@swoon.net>
+ - (djm) Periodically rekey arc4random
+ - (djm) Clean up diff against OpenBSD.
+ - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves
+ <stevesk@sweden.hp.com>
+ - (djm) Quieten the pam delete credentials error message
+ - (djm) Fix printing of $DISPLAY hack if set by system type. Report from
+ Kevin Steves <stevesk@sweden.hp.com>
+ - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
+ - (djm) Fix doh in bsd-arc4random.c
+
+20000829
+ - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert
+ Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and
+ Garrick James <garrick@james.net>
+ - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from
+ Bastian Trompetter <btrompetter@firemail.de>
+ - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com>
+ - More OpenBSD updates:
+ - deraadt@cvs.openbsd.org 2000/08/24 15:46:59
+ [scp.c]
+ off_t in sink, to fix files > 2GB, i think, test is still running ;-)
+ - deraadt@cvs.openbsd.org 2000/08/25 10:10:06
+ [session.c]
+ Wall
+ - markus@cvs.openbsd.org 2000/08/26 04:33:43
+ [compat.c]
+ ssh.com-2.3.0
+ - markus@cvs.openbsd.org 2000/08/27 12:18:05
+ [compat.c]
+ compatibility with future ssh.com versions
+ - deraadt@cvs.openbsd.org 2000/08/27 21:50:55
+ [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c]
+ print uid/gid as unsigned
+ - markus@cvs.openbsd.org 2000/08/28 13:51:00
+ [ssh.c]
+ enable -n and -f for ssh2
+ - markus@cvs.openbsd.org 2000/08/28 14:19:53
+ [ssh.c]
+ allow combination of -N and -f
+ - markus@cvs.openbsd.org 2000/08/28 14:20:56
+ [util.c]
+ util.c
+ - markus@cvs.openbsd.org 2000/08/28 14:22:02
+ [util.c]
+ undo
+ - markus@cvs.openbsd.org 2000/08/28 14:23:38
+ [util.c]
+ don't complain if setting NONBLOCK fails with ENODEV
+
+20000823
+ - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4
+ Avoids "scp never exits" problem. Reports from Lutz Jaenicke
+ <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA
+ <kajiyama@grad.sccs.chukyo-u.ac.jp>
+ - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
+ - (djm) Add local version to version.h
+ - (djm) Don't reseed arc4random everytime it is used
+ - (djm) OpenBSD CVS updates:
+ - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
+ [ssh.c]
+ accept remsh as a valid name as well; roman@buildpoint.com
+ - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
+ [deattack.c crc32.c packet.c]
+ rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to
+ libz crc32 function yet, because it has ugly "long"'s in it;
+ oneill@cs.sfu.ca
+ - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
+ [scp.1 scp.c]
+ -S prog support; tv@debian.org
+ - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
+ [scp.c]
+ knf
+ - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
+ [log-client.c]
+ shorten
+ - markus@cvs.openbsd.org 2000/08/19 12:48:11
+ [channels.c channels.h clientloop.c ssh.c ssh.h]
+ support for ~. in ssh2
+ - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
+ [crc32.h]
+ proper prototype
+ - markus@cvs.openbsd.org 2000/08/19 15:34:44
+ [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
+ [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
+ [fingerprint.c fingerprint.h]
+ add SSH2/DSA support to the agent and some other DSA related cleanups.
+ (note that we cannot talk to ssh.com's ssh2 agents)
+ - markus@cvs.openbsd.org 2000/08/19 15:55:52
+ [channels.c channels.h clientloop.c]
+ more ~ support for ssh2
+ - markus@cvs.openbsd.org 2000/08/19 16:21:19
+ [clientloop.c]
+ oops
+ - millert@cvs.openbsd.org 2000/08/20 12:25:53
+ [session.c]
+ We have to stash the result of get_remote_name_or_ip() before we
+ close our socket or getpeername() will get EBADF and the process
+ will exit. Only a problem for "UseLogin yes".
+ - millert@cvs.openbsd.org 2000/08/20 12:30:59
+ [session.c]
+ Only check /etc/nologin if "UseLogin no" since login(1) may have its
+ own policy on determining who is allowed to login when /etc/nologin
+ is present. Also use the _PATH_NOLOGIN define.
+ - millert@cvs.openbsd.org 2000/08/20 12:42:43
+ [auth1.c auth2.c session.c ssh.c]
+ Add calls to setusercontext() and login_get*(). We basically call
+ setusercontext() in most places where previously we did a setlogin().
+ Add default login.conf file and put root in the "daemon" login class.
+ - millert@cvs.openbsd.org 2000/08/21 10:23:31
+ [session.c]
+ Fix incorrect PATH setting; noted by Markus.
+
20000818
- (djm) OpenBSD CVS changes:
- markus@cvs.openbsd.org 2000/07/22 03:14:37
[session.c sshd.8 sshd.c]
sshd -u len, similar to telnetd
- (djm) Lastlog was not getting closed after writing login entry
+ - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com>
20000816
- (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
- - (djm) Fix strerror replacement for old SunOS. Based on patch from
+ - (djm) Fix strerror replacement for old SunOS. Based on patch from
Charles Levert <charles@comm.polymtl.ca>
- - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
+ - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
implementation.
+ - (djm) SUN_LEN macro for systems which lack it
20000815
- (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com>
- (djm) Avoid failures on Irix when ssh is not setuid. Fix from
Michael Stone <mstone@cs.loyola.edu>
- (djm) Don't seek in directory based lastlogs
- - (djm) Fix --with-ipaddr-display configure option test. Patch from
+ - (djm) Fix --with-ipaddr-display configure option test. Patch from
Jarno Huuskonen <jhuuskon@messi.uku.fi>
- (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br>
Fabrice bacchella <fabrice.bacchella@marchfirst.fr>
20000809
- - (djm) Define AIX hard limits if headers don't. Report from
+ - (djm) Define AIX hard limits if headers don't. Report from
Bill Painter <william.t.painter@lmco.com>
- - (djm) utmp direct write & SunOS 4 patch from Charles Levert
+ - (djm) utmp direct write & SunOS 4 patch from Charles Levert
<charles@comm.polymtl.ca>
20000808
- (djm) Fixup for AIX getuserattr() support from Tom Bertelson
<tbert@abac.com>
- (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de>
- - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom
+ - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom
<mouring@pconline.com>
- - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report
+ - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report
from Jim Watt <jimw@peisj.pebio.com>
- (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known
to compile on more platforms (incl NeXT).
cleanup, less cut&paste
- markus@cvs.openbsd.org 2000/06/26 15:59:19
[servconf.c servconf.h session.c sshd.8 sshd.c]
- MaxStartups: limit number of unauthenticated connections, work by
+ MaxStartups: limit number of unauthenticated connections, work by
theo and me
- deraadt@cvs.openbsd.org 2000/07/05 14:18:07
[session.c]
typo
- aaron@cvs.openbsd.org 2000/07/05 22:06:58
[scp.1 ssh-agent.1 ssh-keygen.1 sshd.8]
- Insert more missing .El directives. Our troff really should identify
+ Insert more missing .El directives. Our troff really should identify
these and spit out a warning.
- todd@cvs.openbsd.org 2000/07/06 21:55:04
[auth-rsa.c auth2.c ssh-keygen.c]
Kevin Steves <stevesk@sweden.hp.com>
- (djm) Match prototype and function declaration for rresvport_af.
Problem report from Niklas Edmundsson <nikke@ing.umu.se>
- - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM
+ - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM
builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu>
- (djm) Replace ut_name with ut_user. Patch from Jim Watt
<jimw@peisj.pebio.com>
uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
- (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
Including sigaction() et al. replacements
- - (djm) AIX getuserattr() session initialisation from Tom Bertelson
+ - (djm) AIX getuserattr() session initialisation from Tom Bertelson
<tbert@abac.com>
20000708
- - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from
+ - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from
Aaron Hopkins <aaron@die.net>
- (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from
Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
- - (djm) Fixed undefined variables for OSF SIA. Report from
+ - (djm) Fixed undefined variables for OSF SIA. Report from
Baars, Henk <Hendrik.Baars@nl.origin-it.com>
- - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c
+ - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c
Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL>
- - (djm) Don't use inet_addr.
+ - (djm) Don't use inet_addr.
20000702
- (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com>
on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
- (djm) Use standard OpenSSL functions in auth-skey.c. Patch from
Chris, the Young One <cky@pobox.com>
- - (djm) Fix scp progress meter on really wide terminals. Based on patch
+ - (djm) Fix scp progress meter on really wide terminals. Based on patch
from James H. Cloos Jr. <cloos@jhcloos.com>
20000701
- (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for
Irix 6.x array sessions, project id's, and system audit trail id.
- (djm) Added 'distprep' make target to simplify packaging
- - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA
+ - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA
support. Enable using "USE_SIA=1 ./configure [options]"
-
+
20000627
- (djm) Fixes to login code - not setting li->uid, cleanups
- (djm) Formatting
correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
20000623
- - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
+ - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
Svante Signell <svante.signell@telia.com>
- (djm) Autoconf logic to define sa_family_t if it is missing
- OpenBSD CVS Updates:
- markus@cvs.openbsd.org 2000/06/19 19:39:45
[atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
[auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
- [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
+ [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
[clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
[deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
- [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
- [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
+ [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
+ [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
[rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
[ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
OpenBSD tag
20000620
- (djm) Replace use of '-o' and '-a' logical operators in configure tests
- with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx>
+ with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx>
to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
- (djm) Typo in loginrec.c
20000618
- (djm) Add summary of configure options to end of ./configure run
- - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
+ - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
Michael Stone <mstone@cs.loyola.edu>
- - (djm) rusage is a privileged operation on some Unices (incl.
+ - (djm) rusage is a privileged operation on some Unices (incl.
Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
- - (djm) Avoid PAM failures when running without a TTY. Report from
+ - (djm) Avoid PAM failures when running without a TTY. Report from
Martin Petrak <petrak@spsknm.schools.sk>
- (djm) Include sys/types.h when including netinet/in.h in configure tests.
Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
- Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
def'd
- Set AIX to use preformatted manpages
-
+
20000610
- (djm) Minor doc tweaks
- (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
20000606
- (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
list of commands (by default). Removed verbose debugging (by default).
- - (djm) Increased command entropy estimates and default entropy collection
+ - (djm) Increased command entropy estimates and default entropy collection
timeout
- (djm) Remove duplicate headers from loginrec.c
- (djm) Don't add /usr/local/lib to library search path on Irix
- - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
+ - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
<tibbs@math.uh.edu>
- (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
<zack@wolery.cumb.org>
teach protocol v2 to count login failures properly and also enable an
explanation of why the password prompt comes up again like v1; this is NOT
crypto
- - markus@cvs.openbsd.org
+ - markus@cvs.openbsd.org
[readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
xauth_location support; pr 1234
[readconf.c sshconnect2.c]
[version.h]
OpenSSH 2.1.1
[auth-rsa.c]
- fix match_hostname() logic for auth-rsa: deny access if we have a
+ fix match_hostname() logic for auth-rsa: deny access if we have a
negative match or no match at all
[channels.c hostfile.c match.c]
- don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
+ don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
kris@FreeBSD.org
20000606
- - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
+ - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
configure.
20000604
- (andre) New login code
- Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c
- Add loginrec.[ch], logintest.c and autoconf code
-
+
20000531
- Cleanup of auth.c, login.c and fake-*
- Cleanup of auth-pam.c, save and print "account expired" error messages
- Don't touch utmp if USE_UTMPX defined
- SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
- SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com>
- - HPUX and Configure fixes from Lutz Jaenicke
+ - HPUX and Configure fixes from Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- - Use mkinstalldirs script to make directories instead of non-portable
+ - Use mkinstalldirs script to make directories instead of non-portable
"install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
- Doc cleanup
[sshconnect.c]
copy only ai_addrlen bytes; misiek@pld.org.pl
[auth.c]
- accept an empty shell in authentication; bug reported by
+ accept an empty shell in authentication; bug reported by
chris@tinker.ucr.edu
[serverloop.c]
we don't have stderr for interactive terminal sessions (fcntl errors)
optionally run 'ent' to measure command entropy
- Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
- Avoid WCOREDUMP complation errors for systems that lack it
- - Avoid SIGCHLD warnings from entropy commands
+ - Avoid SIGCHLD warnings from entropy commands
- Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
- OpenBSD CVS update:
- - markus@cvs.openbsd.org
+ - markus@cvs.openbsd.org
[ssh.c]
fix usage()
[ssh2.h]
- INSTALL typo and URL fix
- Makefile fix
- Solaris fixes
- - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
+ - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
<ksakai@kso.netwk.ntt-at.co.jp>
- RSAless operation patch from kevin_oconnor@standardandpoors.com
- Detect OpenSSL seperatly from RSA
- - Better test for RSA (more compatible with RSAref). Based on work by
+ - Better test for RSA (more compatible with RSAref). Based on work by
Ed Eden <ede370@stl.rural.usda.gov>
20000513
- - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
+ - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
<misiek@pld.org.pl>
20000511
- - Fix for prng_seed permissions checking from Lutz Jaenicke
+ - Fix for prng_seed permissions checking from Lutz Jaenicke
<Lutz.Jaenicke@aet.TU-Cottbus.DE>
- "make host-key" fix for Irix
- OpenSSH-2.1
- Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
- Doc updates
- - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported
+ - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported
by Andre Lucas <andre.lucas@dial.pipex.com>
20000508
- interop w/ SecureFX
- Release 2.0.0beta2
- - Configure caching and cleanup patch from Andre Lucas'
+ - Configure caching and cleanup patch from Andre Lucas'
<andre.lucas@dial.pipex.com>
20000507
- deraadt@cvs.openbsd.org
[scp.c]
- more atomicio
- - markus@cvs.openbsd.org
+ - markus@cvs.openbsd.org
[channels.c]
- set O_NONBLOCK
[ssh.1]
- document -X and -x
[ssh-keygen.c]
- simplify usage
- - markus@cvs.openbsd.org
+ - markus@cvs.openbsd.org
[sshd.8]
- there is no rhosts_dsa
[ssh-keygen.1]
- unlink pid file, ok niels@
[auth2.c]
- Add missing #ifdefs; ok - markus
- - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
+ - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
gathering commands from a text file
- Release 2.0.0beta1
- Minor tweaks and typo fixes.
[ssh-keygen.c]
- Put -d into usage and reorder. markus ok.
- - Include missing headers for OpenSSL tests. Fix from Phil Karn
+ - Include missing headers for OpenSSL tests. Fix from Phil Karn
<karn@ka9q.ampr.org>
- - Fixed __progname symbol collisions reported by Andre Lucas
+ - Fixed __progname symbol collisions reported by Andre Lucas
<andre.lucas@dial.pipex.com>
- Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
<gd@hilb1.medat.de>
- Adds timeout to entropy collection
- Disables slow entropy sources
- Load and save seed file
- - Changed entropy seed code to user per-user seeds only (server seed is
+ - Changed entropy seed code to user per-user seeds only (server seed is
saved in root's .ssh directory)
- Use atexit() and fatal cleanups to save seed on exit
- More OpenBSD updates:
[sshconnect2.c]
- less debug, respect .ssh/config
[README.openssh2 channels.c channels.h]
- - clientloop.c session.c ssh.c
+ - clientloop.c session.c ssh.c
- support for x11-fwding, client+server
20000421
via Debian bug #59926
- Define __progname in session.c if libc doesn't
- Remove indentation on autoconf #include statements to avoid bug in
- DEC Tru64 compiler. Report and fix from David Del Piero
+ DEC Tru64 compiler. Report and fix from David Del Piero
<David.DelPiero@qed.qld.gov.au>
20000420
- - Make fixpaths work with perl4, patch from Andre Lucas
+ - Make fixpaths work with perl4, patch from Andre Lucas
<andre.lucas@dial.pipex.com>
- Sync with OpenBSD CVS:
[clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
[channels.c]
- fix pr 1196, listen_port and port_to_connect interchanged
[scp.c]
- - after completion, replace the progress bar ETA counter with a final
+ - after completion, replace the progress bar ETA counter with a final
elapsed time; my idea, aaron wrote the patch
[ssh_config sshd_config]
- show 'Protocol' as an example, ok markus@
20000416
- Reduce diff against OpenBSD source
- - All OpenSSL includes are now unconditionally referenced as
+ - All OpenSSL includes are now unconditionally referenced as
openssl/foo.h
- Pick up formatting changes
- Other minor changed (typecasts, etc) that I missed
20000413
- INSTALL doc updates
- Merged OpenBSD updates to include paths.
-
+
20000412
- OpenBSD CVS updates:
- [channels.c]
no adjust after close
- [sshd.c compat.c ]
interop w/ latest ssh.com windows client.
-
+
20000406
- OpenBSD CVS update:
- [channels.c]
20000326
- Better tests for OpenSSL w/ RSAref
- - Added replacement setenv() function from OpenBSD libc. Suggested by
+ - Added replacement setenv() function from OpenBSD libc. Suggested by
Ben Lindstrom <mouring@pconline.com>
- OpenBSD CVS update
- [auth-krb4.c]
- Checks for 64 bit int types. Problem report from Mats Fredholm
<matsf@init.se>
- OpenBSD CVS updates:
- - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
+ - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
[packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
[sshd.c]
pedantic: signed vs. unsigned, void*-arithm, etc
- [ssh.1 sshd.8]
Various cleanups and standardizations.
- - Runtime error fix for HPUX from Otmar Stahl
+ - Runtime error fix for HPUX from Otmar Stahl
<O.Stahl@lsw.uni-heidelberg.de>
20000316
- - Fixed configure not passing LDFLAGS to Solaris. Report from David G.
+ - Fixed configure not passing LDFLAGS to Solaris. Report from David G.
Hesprich <dghespri@sprintparanet.com>
- Propogate LD through to Makefile
- Doc cleanups
20000315
- Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
problems with gcc/Solaris.
- - Don't free argument to putenv() after use (in setenv() replacement).
+ - Don't free argument to putenv() after use (in setenv() replacement).
Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
- - Created contrib/ subdirectory. Included helpers from Phil Hands'
+ - Created contrib/ subdirectory. Included helpers from Phil Hands'
Debian package, README file and chroot patch from Ricardo Cerqueira
<rmcc@clix.pt>
- - Moved gnome-ssh-askpass.c to contrib directory and removed config
+ - Moved gnome-ssh-askpass.c to contrib directory and removed config
option.
- Slight cleanup to doc files
- Configure fix from Bratislav ILICH <bilic@zepter.ru>
20000314
- - Include macro for IN6_IS_ADDR_V4MAPPED. Report from
+ - Include macro for IN6_IS_ADDR_V4MAPPED. Report from
peter@frontierflying.com
- Include /usr/local/include and /usr/local/lib for systems that don't
do it themselves
- use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
from Holger.Trapp@Informatik.TU-Chemnitz.DE
[pty.c pty.h]
- - register cleanup for pty earlier. move code for pty-owner handling to
+ - register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
[readconf.c]
- turn off x11-fwd for the client, too.
- missing xfree()
- move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
(http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
- - register cleanup for pty earlier. move code for pty-owner handling to
+ - register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
- create x11 cookie file
- fix pr 1113, fclose() -> pclose(), todo: remote popen()
- version 1.2.3
- Cleaned up
- - Removed warning workaround for Linux and devpts filesystems (no longer
+ - Removed warning workaround for Linux and devpts filesystems (no longer
required after OpenBSD updates)
20000308
- Explicitly seed OpenSSL's PRNG before checking rsa_alive()
- Check for getpagesize in libucb.a if not found in libc. Fix for old
Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
- - Check for libwrap if --with-tcp-wrappers option specified. Suggestion
+ - Check for libwrap if --with-tcp-wrappers option specified. Suggestion
Mate Wierdl <mw@moni.msci.memphis.edu>
20000303
- Added "make host-key" target, Suggestion from Dominik Brettnacher
<domi@saargate.de>
- - Don't permanently fail on bind() if getaddrinfo has more choices left for
+ - Don't permanently fail on bind() if getaddrinfo has more choices left for
us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
Miskiewicz <misiek@pld.org.pl>
- DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
RSA support built in (this is a problem with OpenSSL 0.9.5).
- Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de
- Avoid warning message with Unix98 ptys
- - Warning was valid - possible race condition on PTYs. Avoided using
+ - Warning was valid - possible race condition on PTYs. Avoided using
platform-specific code.
- Document some common problems
- - Allow root access to any key. Patch from
+ - Allow root access to any key. Patch from
markus.friedl@informatik.uni-erlangen.de
20000207
- Add --with-ssl-dir option
20000202
- - Fix lastlog code for directory based lastlogs. Fix from Josh Durham
+ - Fix lastlog code for directory based lastlogs. Fix from Josh Durham
<jmd@aoe.vt.edu>
- Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
- - Added URLs to Japanese translations of documents by HARUYAMA Seigo
+ - Added URLs to Japanese translations of documents by HARUYAMA Seigo
<haruyama@nt.phys.s.u-tokyo.ac.jp>
20000201
20000126
- Released 1.2.2 stable
- - NeXT keeps it lastlog in /usr/adm. Report from
+ - NeXT keeps it lastlog in /usr/adm. Report from
mouring@newton.pconline.com
- - Added note in UPGRADING re interop with commercial SSH using idea.
+ - Added note in UPGRADING re interop with commercial SSH using idea.
Report from Jim Knoble <jmknoble@pobox.com>
- Fix linking order for Kerberos/AFS. Fix from Holget Trapp
<Holger.Trapp@Informatik.TU-Chemnitz.DE>
20000125
- - Fix NULL pointer dereference in login.c. Fix from Andre Lucas
+ - Fix NULL pointer dereference in login.c. Fix from Andre Lucas
<andre.lucas@dial.pipex.com>
- Reorder PAM initialisation so it does not mess up lastlog. Reported
by Andre Lucas <andre.lucas@dial.pipex.com>
- - Use preformatted manpages on SCO, report from Gary E. Miller
+ - Use preformatted manpages on SCO, report from Gary E. Miller
<gem@rellim.com>
- New URL for x11-ssh-askpass.
- - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
+ - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
<jmknoble@pobox.com>
- - Added 'DESTDIR' option to Makefile to ease package building. Patch from
+ - Added 'DESTDIR' option to Makefile to ease package building. Patch from
Jim Knoble <jmknoble@pobox.com>
- Updated RPM spec files to use DESTDIR
- OpenBSD CVS:
- [packet.c]
getsockname() requires initialized tolen; andy@guildsoftware.com
- - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
+ - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
<drankin@bohemians.lexington.ky.us>
- Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
- [sshd.c]
log with level log() not fatal() if peer behaves badly.
- [readpass.c]
- instead of blocking SIGINT, catch it ourselves, so that we can clean
- the tty modes up and kill ourselves -- instead of our process group
- leader (scp, cvs, ...) going away and leaving us in noecho mode.
+ instead of blocking SIGINT, catch it ourselves, so that we can clean
+ the tty modes up and kill ourselves -- instead of our process group
+ leader (scp, cvs, ...) going away and leaving us in noecho mode.
people with cbreak shells never even noticed..
- [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
ie. -> i.e.,
- [sshconnect.c]
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- destroy keys earlier
- - split key exchange (kex) and user authentication (user-auth),
+ - split key exchange (kex) and user authentication (user-auth),
ok: provos@
- [sshd.c]
- no need for poll.h; from bright@wintelcom.net
- disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
- - split key exchange (kex) and user authentication (user-auth),
+ - split key exchange (kex) and user authentication (user-auth),
ok: provos@
- Big manpage and config file cleanup from Andre Lucas
<andre.lucas@dial.pipex.com>
20000118
- Fixed --with-pid-dir option
- Makefile fix from Gary E. Miller <gem@rellim.com>
- - Compile fix for HPUX and Solaris from Andre Lucas
+ - Compile fix for HPUX and Solaris from Andre Lucas
<andre.lucas@dial.pipex.com>
20000117
- Clean up bsd-bindresvport.c. Use arc4random() for picking initial
port, ignore EINVAL errors (Linux) when searching for free port.
- - Revert __snprintf -> snprintf aliasing. Apparently Solaris
+ - Revert __snprintf -> snprintf aliasing. Apparently Solaris
__snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org>
- Document location of Redhat PAM file in INSTALL.
- - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6
- INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to
+ - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6
+ INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to
deliver (no IPv6 kernel support)
- Released 1.2.1pre27
- Fix rresvport_af failure errors (logic error in bsd-bindresvport.c)
- - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
+ - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
<jhuuskon@hytti.uku.fi>
- - Fix hang on logout if processes are still using the pty. Needs
+ - Fix hang on logout if processes are still using the pty. Needs
further testing.
- Patch from Christos Zoulas <christos@zoulas.com>
- Try $prefix first when looking for OpenSSL.
- Include sys/types.h when including sys/socket.h in test programs
- - Substitute PID directory in sshd.8. Suggestion from Andrew
+ - Substitute PID directory in sshd.8. Suggestion from Andrew
Stribblehill <a.d.stribblehill@durham.ac.uk>
20000116
- Released 1.2.1pre26
- Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
- - Fixed broken bugfix for /dev/ptmx on Linux systems which lack
+ - Fixed broken bugfix for /dev/ptmx on Linux systems which lack
openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
20000115
- Add --with-xauth-path configure directive and explicit test for
- /usr/openwin/bin/xauth for Solaris systems. Report from Anders
+ /usr/openwin/bin/xauth for Solaris systems. Report from Anders
Nordby <anders@fix.no>
- - Fix incorrect detection of /dev/ptmx on Linux systems that lack
+ - Fix incorrect detection of /dev/ptmx on Linux systems that lack
openpty. Report from John Seifarth <john@waw.be>
- Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in
- sys/types.h. Fixes problems on SCO, report from Gary E. Miller
+ sys/types.h. Fixes problems on SCO, report from Gary E. Miller
<gem@rellim.com>
- Use __snprintf and __vnsprintf if they are found where snprintf and
vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net>
[scp.c packet.h packet.c login.c log.c canohost.c channels.c]
[hostfile.c sshd_config]
ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
- features: sshd allows multiple ListenAddress and Port options. note
- that libwrap is not IPv6-ready. (based on patches from
+ features: sshd allows multiple ListenAddress and Port options. note
+ that libwrap is not IPv6-ready. (based on patches from
fujiwara@rcac.tdi.co.jp)
- [ssh.c canohost.c]
- more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
+ more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
from itojun@
- [channels.c]
listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
- [scp.1 sshd.8 servconf.h scp.c]
document -4, -6, and 'ssh -L 2022/::1/22'
- [ssh.c]
- 'ssh @host' is illegal (null user name), from
+ 'ssh @host' is illegal (null user name), from
karsten@gedankenpolizei.de
- [sshconnect.c]
better error message
Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
20000105
- - Fixed annoying DES corruption problem. libcrypt has been
+ - Fixed annoying DES corruption problem. libcrypt has been
overriding symbols in libcrypto. Removed libcrypt and crypt.h
altogether (libcrypto includes its own crypt(1) replacement)
- Added platform-specific rules for Irix 6.x. Included warning that
20000103
- Add explicit make rules for files proccessed by fixpaths.
- - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
+ - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
<tnh@kondara.org>
- - Removed "nullok" directive from default PAM configuration files.
- Added information on enabling EmptyPasswords on openssh+PAM in
+ - Removed "nullok" directive from default PAM configuration files.
+ Added information on enabling EmptyPasswords on openssh+PAM in
UPGRADING file.
- OpenBSD CVS updates
- [ssh-agent.c]
- cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and
+ cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and
dgaudet@arctic.org
- [sshconnect.c]
compare correct version for 1.3 compat mode
<dgaudet@arctic.org>
19991231
- - Fix password support on systems with a mixture of shadowed and
- non-shadowed passwords (e.g. NIS). Report and fix from
+ - Fix password support on systems with a mixture of shadowed and
+ non-shadowed passwords (e.g. NIS). Report and fix from
HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
- - Fix broken autoconf typedef detection. Report from Marc G.
+ - Fix broken autoconf typedef detection. Report from Marc G.
Fournier <marc.fournier@acadiau.ca>
- Fix occasional crash on LinuxPPC. Patch from Franz Sirl
<Franz.Sirl-kernel@lauterbach.com>
- - Prevent typedefs from being compiled more than once. Report from
+ - Prevent typedefs from being compiled more than once. Report from
Marc G. Fournier <marc.fournier@acadiau.ca>
- Fill in ut_utaddr utmp field. Report from Benjamin Charron
<iretd@bigfoot.com>
- - Really fix broken default path. Fix from Jim Knoble
+ - Really fix broken default path. Fix from Jim Knoble
<jmknoble@pobox.com>
- Remove test for quad_t. No longer needed.
- Released 1.2.1pre24
- OpenBSD CVS updates:
- [auth-passwd.c]
check for NULL 1st
- - Removed most of the pam code into its own file auth-pam.[ch]. This
+ - Removed most of the pam code into its own file auth-pam.[ch]. This
cleaned up sshd.c up significantly.
- - PAM authentication was incorrectly interpreting
+ - PAM authentication was incorrectly interpreting
"PermitRootLogin without-password". Report from Matthias Andree
<ma@dt.e-technik.uni-dortmund.de
- Several other cleanups
- Released 1.2.1pre23
19991229
- - Applied another NetBSD portability patch from David Rankin
+ - Applied another NetBSD portability patch from David Rankin
<drankin@bohemians.lexington.ky.us>
- Fix --with-default-path option.
- - Autodetect perl, patch from David Rankin
+ - Autodetect perl, patch from David Rankin
<drankin@bohemians.lexington.ky.us>
- - Print whether OpenSSH was compiled with RSARef, patch from
+ - Print whether OpenSSH was compiled with RSARef, patch from
Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
- - Calls to pam_setcred, patch from Nalin Dahyabhai
+ - Calls to pam_setcred, patch from Nalin Dahyabhai
<nalin@thermo.stat.ncsu.edu>
- Detect missing size_t and typedef it.
- Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
19991228
- Replacement for getpagesize() for systems which lack it
- - NetBSD login.c compile fix from David Rankin
+ - NetBSD login.c compile fix from David Rankin
<drankin@bohemians.lexington.ky.us>
- Fully set ut_tv if present in utmp or utmpx
- Portability fixes for Irix 5.3 (now compiles OK!)
- Revised RPM package to include Jim Knoble's <jmknoble@pobox.com>
X11 ssh-askpass program.
- Disable logging of PAM success and failures, PAM is verbose enough.
- Unfortunatly there is currently no way to disable auth failure
- messages. Mention this in UPGRADING file and sent message to PAM
+ Unfortunatly there is currently no way to disable auth failure
+ messages. Mention this in UPGRADING file and sent message to PAM
developers
- OpenBSD CVS update:
- [ssh-keygen.1 ssh.1]
- remove ref to .ssh/random_seed, mention .ssh/environment in
+ remove ref to .ssh/random_seed, mention .ssh/environment in
.Sh FILES, too
- Released 1.2.1pre21
- - Fixed implicit '.' in default path, report from Jim Knoble
+ - Fixed implicit '.' in default path, report from Jim Knoble
<jmknoble@pobox.com>
- Redhat RPM spec fixes from Jim Knoble <jmknoble@pobox.com>
<96na@eng.cam.ac.uk>)
19991223
- - Merged later HPUX patch from Andre Lucas
+ - Merged later HPUX patch from Andre Lucas
<andre.lucas@dial.pipex.com>
- Above patch included better utmpx support from Ben Taylor
<bent@clark.net>
19991222
- - Fix undefined fd_set type in ssh.h from Povl H. Pedersen
+ - Fix undefined fd_set type in ssh.h from Povl H. Pedersen
<pope@netguide.dk>
- Fix login.c breakage on systems which lack ut_host in struct
utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
19991221
- - Integration of large HPUX patch from Andre Lucas
- <andre.lucas@dial.pipex.com>. Integrating it had a few other
+ - Integration of large HPUX patch from Andre Lucas
+ <andre.lucas@dial.pipex.com>. Integrating it had a few other
benefits:
- Ability to disable shadow passwords at configure time
- Ability to disable lastlog support at configure time
- Release 1.2.1pre19
19991218
- - Redhat init script patch from Chun-Chung Chen
+ - Redhat init script patch from Chun-Chung Chen
<cjj@u.washington.edu>
- Avoid breakage on systems without IPv6 headers
19991216
- - Makefile changes for Solaris from Peter Kocks
+ - Makefile changes for Solaris from Peter Kocks
<peter.kocks@baygate.com>
- Minor updates to docs
- Merged OpenBSD CVS changes:
keysize warnings talk about identity files
- [packet.c]
"Connection closed by x.x.x.x": fatal() -> log()
- - Correctly handle empty passwords in shadow file. Patch from:
+ - Correctly handle empty passwords in shadow file. Patch from:
"Chris, the Young One" <cky@pobox.com>
- Released 1.2.1pre18
- Use LDFLAGS correctly
- Fix SIGIO error in scp
- Simplify status line printing in scp
- - Added better test for inline functions compiler support from
+ - Added better test for inline functions compiler support from
Darren_Hall@progressive.com
19991214
- OpenBSD CVS Changes
- [canohost.c]
- fix get_remote_port() and friends for sshd -i;
+ fix get_remote_port() and friends for sshd -i;
Holger.Trapp@Informatik.TU-Chemnitz.DE
- [mpaux.c]
make code simpler. no need for memcpy. niels@ ok
- Doc updates
19991211
- - Fix compilation on systems with AFS. Reported by
+ - Fix compilation on systems with AFS. Reported by
aloomis@glue.umd.edu
- - Fix installation on Solaris. Reported by
+ - Fix installation on Solaris. Reported by
Gordon Rowell <gordonr@gormand.com.au>
- Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
- Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
- Compile fix from David Agraz <dagraz@jahoopa.com>
- Avoid compiler warning in bsd-snprintf.c
- - Added pam_limits.so to default PAM config. Suggested by
+ - Added pam_limits.so to default PAM config. Suggested by
Jim Knoble <jmknoble@pobox.com>
19991209
- [sshd.c]
make sure the client selects a supported cipher
- [sshd.c]
- fix sighup handling. accept would just restart and daemon handled
- sighup only after the next connection was accepted. use poll on
+ fix sighup handling. accept would just restart and daemon handled
+ sighup only after the next connection was accepted. use poll on
listen sock now.
- [sshd.c]
make that a fatal
- Released 1.2pre17
19991208
- - Compile fix for Solaris with /dev/ptmx from
+ - Compile fix for Solaris with /dev/ptmx from
David Agraz <dagraz@jahoopa.com>
19991207
- sshd Redhat init script patch from Jim Knoble <jmknoble@pobox.com>
fixes compatability with 4.x and 5.x
- Fixed default SSH_ASKPASS
- - Fix PAM account and session being called multiple times. Problem
+ - Fix PAM account and session being called multiple times. Problem
reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk>
- Merged more OpenBSD changes:
- [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
- move atomicio into it's own file. wrap all socket write()s which
+ move atomicio into it's own file. wrap all socket write()s which
were doing write(sock, buf, len) != len, with atomicio() calls.
- [auth-skey.c]
fd leak
19991122
- Make <enter> close gnome-ssh-askpass (Debian bug #50299)
- OpenBSD CVS Changes
- - [ssh-keygen.c]
- don't create ~/.ssh only if the user wants to store the private
- key there. show fingerprint instead of public-key after
+ - [ssh-keygen.c]
+ don't create ~/.ssh only if the user wants to store the private
+ key there. show fingerprint instead of public-key after
keygeneration. ok niels@
- Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h
- Added timersub() macro
- Tidy RCSIDs of bsd-*.c
- - Added autoconf test and macro to deal with old PAM libraries
+ - Added autoconf test and macro to deal with old PAM libraries
pam_strerror definition (one arg vs two).
- Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>)
- - Retry /dev/urandom reads interrupted by signal (report from
+ - Retry /dev/urandom reads interrupted by signal (report from
Robert Hardy <rhardy@webcon.net>)
- Added a setenv replacement for systems which lack it
- Only display public key comment when presenting ssh-askpass dialog
- Released 1.2pre14
- - Configure, Make and changelog corrections from Tudor Bosman
+ - Configure, Make and changelog corrections from Tudor Bosman
<tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk>
19991121
print usage() everytime we get bad options
- [ssh-keygen.c] overflow, djm@mindrot.org
- [sshd.c] fix sigchld race; cjc5@po.cwru.edu
-
+
19991120
- - Merged more Solaris support from Marc G. Fournier
+ - Merged more Solaris support from Marc G. Fournier
<marc.fournier@acadiau.ca>
- Wrote autoconf tests for integer bit-types
- Fixed enabling kerberos support
- - Fix segfault in ssh-keygen caused by buffer overrun in filename
+ - Fix segfault in ssh-keygen caused by buffer overrun in filename
handling.
19991119
- EGD uses a socket, not a named pipe. Duh.
- Fix includes in fingerprint.c
- Fix scp progress bar bug again.
- - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of
+ - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of
David Rankin <drankin@bohemians.lexington.ky.us>
- Added autoconf option to enable Kerberos 4 support (untested)
- Added autoconf option to enable AFS support (untested)
- Added autoconf option to enable S/Key support (untested)
- Added autoconf option to enable TCP wrappers support (compiles OK)
- Renamed BSD helper function files to bsd-*
- - Added tests for login and daemon and enable OpenBSD replacements for
+ - Added tests for login and daemon and enable OpenBSD replacements for
when they are absent.
- Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu>
- Merged OpenBSD CVS changes
- [scp.c] foregroundproc() in scp
- [sshconnect.h] include fingerprint.h
- - [sshd.c] bugfix: the log() for passwd-auth escaped during logging
+ - [sshd.c] bugfix: the log() for passwd-auth escaped during logging
changes.
- [ssh.1] Spell my name right.
- Added openssh.com info to README
- Merged OpenBSD CVS changes
- [ChangeLog.Ylonen] noone needs this anymore
- [authfd.c] close-on-exec for auth-socket, ok deraadt
- - [hostfile.c]
- in known_hosts key lookup the entry for the bits does not need
- to match, all the information is contained in n and e. This
- solves the problem with buggy servers announcing the wrong
+ - [hostfile.c]
+ in known_hosts key lookup the entry for the bits does not need
+ to match, all the information is contained in n and e. This
+ solves the problem with buggy servers announcing the wrong
modulus length. markus and me.
- - [serverloop.c]
- bugfix: check for space if child has terminated, from:
+ - [serverloop.c]
+ bugfix: check for space if child has terminated, from:
iedowse@maths.tcd.ie
- [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
[fingerprint.c fingerprint.h]
rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
- [ssh-agent.1] typo
- [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
- - [sshd.c]
+ - [sshd.c]
force logging to stderr while loading private key file
(lost while converting to new log-levels)
19991115
- Merged OpenBSD CVS changes:
- - [ssh-add.c] change passphrase loop logic and remove ref to
+ - [ssh-add.c] change passphrase loop logic and remove ref to
$DISPLAY, ok niels
- Changed to ssh-add.c broke askpass support. Revised it to be a little more
- modular.
+ modular.
- Revised autoconf support for enabling/disabling askpass support.
- Merged more OpenBSD CVS changes:
[auth-krb4.c]
- Added 'Obsoletes' lines to RPM spec file
- Merged OpenBSD CVS changes:
- [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
- - [scp.c] fix overflow reported by damien@ibs.com.au: off_t
+ - [scp.c] fix overflow reported by damien@ibs.com.au: off_t
totalsize, ok niels,aaron
- - Delay fork (-f option) in ssh until after port forwarded connections
+ - Delay fork (-f option) in ssh until after port forwarded connections
have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi>
- Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de>
- Added ifdefs to auth-passwd.c to exclude it when PAM is enabled
- Merged changes from OpenBSD CVS
- [sshd.c] session_key_int may be zero
- [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
- IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
+ IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
deraadt,millert
- Brought default sshd_config more in line with OpenBSD's
- Grab server in gnome-ssh-askpass (Debian bug #49872)
- [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
- [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
- [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
- - Fix integer overflow which was messing up scp's progress bar for large
+ - Fix integer overflow which was messing up scp's progress bar for large
file transfers. Fix submitted to OpenBSD developers. Report and fix
from Kees Cook <cook@cpoint.net>
- Merged more OpenBSD CVS changes:
- - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
+ - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
+ krb-cleanup cleanup
- [clientloop.c log-client.c log-server.c ]
[readconf.c readconf.h servconf.c servconf.h ]
- Improved PAM logging
- Added some debug() calls for PAM
- Removed redundant subdirectories
- - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
+ - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
building on Debian.
- Fixed off-by-one error in PAM env patch
- Released 1.2pre6