+20081228
+ - (djm) OpenBSD CVS Sync
+ - stevesk@cvs.openbsd.org 2008/12/09 03:20:42
+ [channels.c servconf.c]
+ channel_print_adm_permitted_opens() should deal with all the printing
+ for that config option. suggested by markus@; ok markus@ djm@
+ dtucker@
+
+20090107
+ - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X.
+ Patch based on one from vgiffin AT apple.com; ok dtucker@
+ - (djm) [channels.c] bz#1419: support "on demand" X11 forwarding via
+ launchd on OS X; patch from vgiffin AT apple.com, slightly tweaked;
+ ok dtucker@
+ - (djm) [contrib/ssh-copy-id.1 contrib/ssh-copy-id] bz#1492: Make
+ ssh-copy-id copy id_rsa.pub by default (instead of the legacy "identity"
+ key). Patch from cjwatson AT debian.org
+
+20090107
+ - (tim) [configure.ac defines.h openbsd-compat/port-uw.c
+ openbsd-compat/xcrypt.c] Add SECUREWARE support to OpenServer 6 SVR5 ABI.
+ OK djm@ dtucker@
+ - (tim) [configure.ac] Move check_for_libcrypt_later=1 in *-*-sysv5*) section.
+ OpenServer 6 doesn't need libcrypt.
+
+20081209
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2008/12/09 02:38:18
+ [clientloop.c]
+ The ~C escape handler does not work correctly for multiplexed sessions -
+ it opens a commandline on the master session, instead of on the slave
+ that requested it. Disable it on slave sessions until such time as it
+ is fixed; bz#1543 report from Adrian Bridgett via Colin Watson
+ ok markus@
+ - djm@cvs.openbsd.org 2008/12/09 02:39:59
+ [sftp.c]
+ Deal correctly with failures in remote stat() operation in sftp,
+ correcting fail-on-error behaviour in batchmode. bz#1541 report and
+ fix from anedvedicky AT gmail.com; ok markus@
+ - djm@cvs.openbsd.org 2008/12/09 02:58:16
+ [readconf.c]
+ don't leave junk (free'd) pointers around in Forward *fwd argument on
+ failure; avoids double-free in ~C -L handler when given an invalid
+ forwarding specification; bz#1539 report from adejong AT debian.org
+ via Colin Watson; ok markus@ dtucker@
+ - djm@cvs.openbsd.org 2008/12/09 03:02:37
+ [sftp.1 sftp.c]
+ correct sftp(1) and corresponding usage syntax;
+ bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@ improved diff jmc@
+
+20081208
+ - (djm) [configure.ac] bz#1538: better test for ProPolice/SSP: actually
+ use some stack in main().
+ Report and suggested fix from vapier AT gentoo.org
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2008/12/02 19:01:07
+ [clientloop.c]
+ we have to use the recipient's channel number (RFC 4254) for
+ SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages,
+ otherwise we trigger 'Non-public channel' error messages on sshd
+ systems with clientkeepalive enabled; noticed by sturm; ok djm;
+ - markus@cvs.openbsd.org 2008/12/02 19:08:59
+ [serverloop.c]
+ backout 1.149, since it's not necessary and openssh clients send
+ broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@
+ - markus@cvs.openbsd.org 2008/12/02 19:09:38
+ [channels.c]
+ s/remote_id/id/ to be more consistent with other code; ok djm@
+
+20081201
+ - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}] Add new doc files
+ and tweak the is-sshd-running check in ssh-host-config. Patch from
+ vinschen at redhat com.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2008/11/21 15:47:38
+ [packet.c]
+ packet_disconnect() on padding error, too. should reduce the success
+ probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
+ ok djm@
+ - dtucker@cvs.openbsd.org 2008/11/30 11:59:26
+ [monitor_fdpass.c]
+ Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@
+
+20081123
+ - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some
+ declarations, removing an unnecessary union member and adding whitespace.
+ cmsgbuf.tmp thing spotted by des at des no, ok djm some time ago.
+
+20081118
+ - (tim) [addrmatch.c configure.ac] Some platforms do not have sin6_scope_id
+ member of sockaddr_in6. Also reported in Bug 1491 by David Leonard. OK and
+ feedback by djm@
+
20081111
- (dtucker) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2008/11/05 11:22:54
USE_AFS not referenced so remove #ifdef. fixes sshd -T not printing
kerberosgetafstoken. ok dtucker@
(Id sync only, we still want the ifdef in portable)
+ - stevesk@cvs.openbsd.org 2008/11/11 03:55:11
+ [channels.c]
+ for sshd -T print 'permitopen any' vs. 'permitopen' for case of no
+ permitopen's; ok and input dtucker@
+ - djm@cvs.openbsd.org 2008/11/10 02:06:35
+ [regress/putty-ciphers.sh]
+ PuTTY supports AES CTR modes, so interop test against them too
20081105
- OpenBSD CVS Sync
passwords between UnixWare and OpenServer they will still work. OK dtucker@
$Id$
+
andersk / openssh.git / blobdiff