+20040720
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2004/07/21 08:56:12
+ [auth.c]
+ s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas,
+ miod, ...
+ - djm@cvs.openbsd.org 2004/07/21 10:33:31
+ [auth1.c auth2.c]
+ bz#899: Don't display invalid usernames in setproctitle
+
+20040720
+ - (djm) [log.c] bz #111: Escape more control characters when sending data
+ to syslog; from peak AT argo.troja.mff.cuni.cz
+ - (djm) [contrib/redhat/sshd.pam] bz #903: Remove redundant entries; from
+ peak AT argo.troja.mff.cuni.cz
+ - (djm) [regress/README.regress] Remove caveat regarding TCP wrappers, now
+ that sshd is fixed to behave better; suggested by tim
+
+20040719
+ - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD
+ ok dtucker@
+ - (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function,
+ instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
+ - (tim) [configure.ac] updwtmpx() on OpenServer seems to add duplicate entry.
+ Report by rac AT tenzing.org
+
+20040717
+ - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
+ ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c
+ openbsd-compat/bsd-misc.c] Move "char *__progname" to bsd-misc.c. Reduces
+ diff vs OpenBSD; ok mouring@, tested by tim@ too.
+ - (dtucker) OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2004/07/11 17:48:47
+ [channels.c cipher.c clientloop.c clientloop.h compat.h moduli.c
+ readconf.c nchan.c pathnames.h progressmeter.c readconf.h servconf.c
+ session.c sftp-client.c sftp.c ssh-agent.1 ssh-keygen.c ssh.c ssh1.h
+ sshd.c ttymodes.h]
+ spaces
+ - brad@cvs.openbsd.org 2004/07/12 23:34:25
+ [ssh-keyscan.1]
+ Fix incorrect macro, .I -> .Em
+ From: Eric S. Raymond <esr at thyrsus dot com>
+ ok jmc@
+ - dtucker@cvs.openbsd.org 2004/07/17 05:31:41
+ [monitor.c monitor_wrap.c session.c session.h sshd.c sshlogin.c]
+ Move "Last logged in at.." message generation to the monitor, right
+ before recording the new login. Fixes missing lastlog message when
+ /var/log/lastlog is not world-readable and incorrect datestamp when
+ multiple sessions are used (bz #463); much assistance & ok markus@
+
+20040711
+ - (dtucker) [auth-pam.c] Check for zero from waitpid() too, which allows
+ the monitor to properly clean up the PAM thread (Debian bug #252676).
+
+20040709
+ - (tim) [contrib/cygwin/README] add minires-devel requirement. Patch from
+ vinschen AT redhat.com
+
+20040708
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2004/07/03 05:11:33
+ [sshlogin.c] (RCSID sync only, the corresponding code is not in Portable)
+ Use '\0' not 0 for string; ok djm@, deraadt@
+ - dtucker@cvs.openbsd.org 2004/07/03 11:02:25
+ [monitor_wrap.c]
+ Put s/key functions inside #ifdef SKEY same as monitor.c,
+ from des@freebsd via bz #330, ok markus@
+ - dtucker@cvs.openbsd.org 2004/07/08 12:47:21
+ [scp.c]
+ Prevent scp from skipping the file following a double-error.
+ bz #863, ok markus@
+
+20040702
+ - (dtucker) [mdoc2man.awk] Teach it to ignore .Bk -words, reported by
+ strube at physik3.gwdg.de a long time ago.
+
+20040701
+ - (dtucker) [session.c] Call display_loginmsg again after do_pam_session.
+ Ensures messages from PAM modules are displayed when privsep=no.
+ - (dtucker) [auth-pam.c] Bug #705: Make arguments match PAM specs, fixes
+ warnings on compliant platforms. From paul.a.bolton at bt.com. ok djm@
+ - (dtucker) [auth-pam.c] Bug #559 (last piece): Pass DISALLOW_NULL_AUTHTOK
+ to pam_authenticate for challenge-response auth too. Originally from
+ fcusack at fcusack.com, ok djm@
+ - (tim) [buildpkg.sh.in] Add $REV to bump the package revision within
+ the same version. Handle the case where someone uses --with-privsep-user=
+ and the user name does not match the group name. ok dtucker@
+
+20040630
+ - (dtucker) [auth-pam.c] Check for buggy PAM modules that return a NULL
+ appdata_ptr to the conversation function. ok djm@
+ - (djm) OpenBSD CVS Sync
+ - jmc@cvs.openbsd.org 2004/06/26 09:03:21
+ [ssh.1]
+ - remove double word
+ - rearrange .Bk to keep SYNOPSIS nice
+ - -M before -m in options description
+ - jmc@cvs.openbsd.org 2004/06/26 09:11:14
+ [ssh_config.5]
+ punctuation and grammar fixes. also, keep the options in order.
+ - jmc@cvs.openbsd.org 2004/06/26 09:14:40
+ [sshd_config.5]
+ new sentence, new line;
+ - avsm@cvs.openbsd.org 2004/06/26 20:07:16
+ [sshd.c]
+ initialise some fd variables to -1, djm@ ok
+ - djm@cvs.openbsd.org 2004/06/30 08:36:59
+ [session.c]
+ unbreak TTY break, diagnosed by darren AT dazwin.com; ok markus@
+
+20040627
+ - (tim) update README files.
+ - (dtucker) [mdoc2man.awk] Bug #883: correctly recognise .Pa and .Ev macros.
+ - (dtucker) [regress/README.regress] Document new variables.
+ - (dtucker) [acconfig.h configure.ac sftp-server.c] Bug #823: add sftp
+ rename handling for Linux which returns EPERM for link() on (at least some)
+ filesystems that do not support hard links. sftp-server will fall back to
+ stat+rename() in such cases.
+ - (dtucker) [openbsd-compat/port-aix.c] Missing __func__.
+
+20040626
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2004/06/25 18:43:36
+ [sshd.c]
+ fix broken fd handling in the re-exec fallback path, particularly when
+ /dev/crypto is in use; ok deraadt@ markus@
+ - djm@cvs.openbsd.org 2004/06/25 23:21:38
+ [sftp.c]
+ bz #875: fix bad escape char error message; reported by f_mohr AT yahoo.de
+
20040625
- (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2004/06/24 19:30:54
- djm@cvs.openbsd.org 2004/06/25 01:25:12
[regress/test-exec.sh]
clean reexec-specific junk out of text-exec.sh and simplify; idea markus@
+ - dtucker@cvs.openbsd.org 2004/06/25 05:38:48
+ [sftp-server.c]
+ Fall back to stat+rename if filesystem doesn't doesn't support hard
+ links. bz#823, ok djm@
- (dtucker) [configure.ac openbsd-compat/misc.c [openbsd-compat/misc.h]
Add closefrom() for platforms that don't have it.
+ - (dtucker) [sshd.c] add line missing from reexec sync.
20040623
- (dtucker) [auth1.c] Ensure do_pam_account is called for Protocol 1