+20020903
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/08/12 10:46:35
+ [ssh-agent.c]
+ make ssh-agent setgid, disallow ptrace.
+ - espie@cvs.openbsd.org 2002/08/21 11:20:59
+ [sshd.8]
+ `RSA' updated to refer to `public key', where it matters.
+ okay markus@
+
+20020820
+ - OpenBSD CVS Sync
+ - millert@cvs.openbsd.org 2002/08/02 14:43:15
+ [monitor.c monitor_mm.c]
+ Change mm_zalloc() sanity checks to be more in line with what
+ we do in calloc() and add a check to monitor_mm.c.
+ OK provos@ and markus@
+ - marc@cvs.openbsd.org 2002/08/02 16:00:07
+ [ssh.1 sshd.8]
+ note that .ssh/environment is only read when
+ allowed (PermitUserEnvironment in sshd_config).
+ OK markus@
+ - markus@cvs.openbsd.org 2002/08/02 21:23:41
+ [ssh-rsa.c]
+ diff is u_int (2x); ok deraadt/provos
+ - markus@cvs.openbsd.org 2002/08/02 22:20:30
+ [ssh-rsa.c]
+ replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser
+ for authentication; ok deraadt/djm
+ - aaron@cvs.openbsd.org 2002/08/08 13:50:23
+ [sshconnect1.c]
+ Use & to test if bits are set, not &&; markus@ ok.
+ - stevesk@cvs.openbsd.org 2002/08/08 23:54:52
+ [auth.c]
+ typo in comment
+ - stevesk@cvs.openbsd.org 2002/08/09 17:21:42
+ [sshd_config.5]
+ use Op for mdoc conformance; from esr@golux.thyrsus.com
+ ok aaron@
+ - stevesk@cvs.openbsd.org 2002/08/09 17:41:12
+ [sshd_config.5]
+ proxy vs. fake display
+ - stevesk@cvs.openbsd.org 2002/08/12 17:30:35
+ [ssh.1 sshd.8 sshd_config.5]
+ more PermitUserEnvironment; ok markus@
+ - stevesk@cvs.openbsd.org 2002/08/17 23:07:14
+ [ssh.1]
+ ForwardAgent has defaulted to no for over 2 years; be more clear here.
+ - stevesk@cvs.openbsd.org 2002/08/17 23:55:01
+ [ssh_config.5]
+ ordered list here
+ - (bal) [defines.h] Some platforms don't have SIZE_T_MAX. So assign
+ it to ULONG_MAX.
+
+20020813
+ - (tim) [configure.ac] Display OpenSSL header/library version.
+ Patch by dtucker@zip.com.au
+
+20020731
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/07/24 16:11:18
+ [hostfile.c hostfile.h sshconnect.c]
+ print out all known keys for a host if we get a unknown host key,
+ see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
+
+ the ssharp mitm tool attacks users in a similar way, so i'd like to
+ pointed out again:
+ A MITM attack is always possible if the ssh client prints:
+ The authenticity of host 'bla' can't be established.
+ (protocol version 2 with pubkey authentication allows you to detect
+ MITM attacks)
+ - mouring@cvs.openbsd.org 2002/07/25 01:16:59
+ [sftp.c]
+ FallBackToRsh does not exist anywhere else. Remove it from here.
+ OK deraadt.
+ - markus@cvs.openbsd.org 2002/07/29 18:57:30
+ [sshconnect.c]
+ print file:line
+ - markus@cvs.openbsd.org 2002/07/30 17:03:55
+ [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
+ add PermitUserEnvironment (off by default!); from dot@dotat.at;
+ ok provos, deraadt
+
+20020730
+ - (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de
+
+20020728
+ - (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar
+ - (stevesk) [CREDITS] solar
+ - (stevesk) [ssh-rand-helper.c] RAND_bytes() and SHA1_Final() unsigned
+ char arg.
+
+20020725
+ - (djm) Remove some cruft from INSTALL
+ - (djm) Latest config.guess and config.sub from ftp://ftp.gnu.org/gnu/config/
+
+20020723
+ - (bal) [bsd-cray.c bsd-cray.h] Part 2 of Cray merger.
+ - (bal) sync ID w/ ssh-agent.c
+ - (bal) OpenBSD Sync
+ - markus@cvs.openbsd.org 2002/07/19 15:43:33
+ [log.c log.h session.c sshd.c]
+ remove fatal cleanups after fork; based on discussions with and code
+ from solar.
+ - stevesk@cvs.openbsd.org 2002/07/19 17:42:40
+ [ssh.c]
+ display a warning from ssh when XAuthLocation does not exist or xauth
+ returned no authentication data. ok markus@
+ - stevesk@cvs.openbsd.org 2002/07/21 18:32:20
+ [auth-options.c]
+ unneeded includes
+ - stevesk@cvs.openbsd.org 2002/07/21 18:34:43
+ [auth-options.h]
+ remove invalid comment
+ - markus@cvs.openbsd.org 2002/07/22 11:03:06
+ [session.c]
+ fallback to _PATH_STDPATH on setusercontext+LOGIN_SETPATH errors;
+ - stevesk@cvs.openbsd.org 2002/07/22 17:32:56
+ [monitor.c]
+ u_int here; ok provos@
+ - stevesk@cvs.openbsd.org 2002/07/23 16:03:10
+ [sshd.c]
+ utmp_len is unsigned; display error consistent with other options.
+ ok markus@
+ - stevesk@cvs.openbsd.org 2002/07/15 17:15:31
+ [uidswap.c]
+ little more debugging; ok markus@
+
20020722
- (bal) AIX tty data limiting patch fix by leigh@solinno.co.uk
- (stevesk) [xmmap.c] missing prototype for fatal()