+20031208
+ - (tim) [configure.ac] Bug 770. Fix --without-rpath.
+
+20031123
+ - (djm) [canohost.c] Move IPv4inV6 mapped address normalisation to its own
+ function and call it unconditionally
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2003/11/23 23:17:34
+ [ssh-keyscan.c]
+ from portable - use sysconf to detect fd limit; ok markus@
+ (tidy diff by adding SSH_SSFDMAX macro to defines.h)
+ - djm@cvs.openbsd.org 2003/11/23 23:18:45
+ [ssh-keygen.c]
+ consistency PATH_MAX -> MAXPATHLEN; ok markus@
+ (RCS ID sync only)
+ - djm@cvs.openbsd.org 2003/11/23 23:21:21
+ [scp.c]
+ from portable: rename clashing variable limit-> limit_rate; ok markus@
+ (RCS ID sync only)
+ - dtucker@cvs.openbsd.org 2003/11/24 00:16:35
+ [ssh.1 ssh.c]
+ Make ssh -k mean GSSAPIDelegateCredentials=no. Suggestion & ok markus@
+ - (djm) Annotate OpenBSD-derived files in openbsd-compat/ with original
+ source file path (in OpenBSD tree).
+
+20031122
+ - (dtucker) [channels.c] Make AIX write limit code clearer. Suggested by djm@
+ - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
+ Move AIX specific password authentication code to port-aix.c, call
+ authenticate() until reenter flag is clear.
+ - (dtucker) [auth-sia.c configure.ac] Tru64 update from cmadams at hiwaay.net.
+ Use permanently_set_uid for SIA, only define DISABLE_FD_PASSING when SIA
+ is enabled, rely on SIA to check for locked accounts if enabled. ok djm@
+ - (djm) [scp.c] Rename limitbw -> limit_rate to match upstreamed patch
+ - (djm) [sftp-int.c] Remove duplicated code from bogus sync
+ - (djm) [packet.c] Shuffle #ifdef to reduce conditionally compiled code
+
+20031121
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/11/20 11:39:28
+ [progressmeter.c]
+ fix rounding errors; from andreas@
+ - djm@cvs.openbsd.org 2003/11/21 11:57:03
+ [everything]
+ unexpand and delete whitespace at EOL; ok markus@
+ (done locally and RCS IDs synced)
+
+20031118
+ - (djm) Fix early exit for root auth success when UsePAM=yes and
+ PermitRootLogin=no
+ - (dtucker) [auth-pam.c] Convert chauthtok_conv into a generic tty_conv,
+ and use it for do_pam_session. Fixes problems like pam_motd not
+ displaying anything. ok djm@
+ - (dtucker) [auth-pam.c] Only use pam_putenv if our platform has it. ok djm@
+ - (djm) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2003/11/18 00:40:05
+ [serverloop.c]
+ Correct check for authctxt->valid. ok djm@
+ - djm@cvs.openbsd.org 2003/11/18 10:53:07
+ [monitor.c]
+ unbreak fake authloop for non-existent users (my screwup). Spotted and
+ tested by dtucker@; ok markus@
+
+20031117
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2003/11/03 09:03:37
+ [auth-chall.c]
+ make this a little more idiot-proof; ok markus@
+ (includes portable-specific changes)
+ - jakob@cvs.openbsd.org 2003/11/03 09:09:41
+ [sshconnect.c]
+ move changed key warning into warn_changed_key(). ok markus@
+ - jakob@cvs.openbsd.org 2003/11/03 09:37:32
+ [sshconnect.c]
+ do not free static type pointer in warn_changed_key()
+ - djm@cvs.openbsd.org 2003/11/04 08:54:09
+ [auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c]
+ [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c]
+ [session.c]
+ standardise arguments to auth methods - they should all take authctxt.
+ check authctxt->valid rather then pw != NULL; ok markus@
+ - jakob@cvs.openbsd.org 2003/11/08 16:02:40
+ [auth1.c]
+ remove unused variable (pw). ok djm@
+ (id sync only - still used in portable)
+ - jmc@cvs.openbsd.org 2003/11/08 19:17:29
+ [sftp-int.c]
+ typos from Jonathon Gray;
+ - jakob@cvs.openbsd.org 2003/11/10 16:23:41
+ [bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c]
+ [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c]
+ [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h]
+ constify. ok markus@ & djm@
+ - dtucker@cvs.openbsd.org 2003/11/12 10:12:15
+ [scp.c]
+ When called with -q, pass -q to ssh; suppresses SSH2 banner. ok markus@
+ - jakob@cvs.openbsd.org 2003/11/12 16:39:58
+ [dns.c dns.h readconf.c ssh_config.5 sshconnect.c]
+ update SSHFP validation. ok markus@
+ - jmc@cvs.openbsd.org 2003/11/12 20:14:51
+ [ssh_config.5]
+ make verb agree with subject, and kill some whitespace;
+ - markus@cvs.openbsd.org 2003/11/14 13:19:09
+ [sshconnect2.c]
+ cleanup and minor fixes for the client code; from Simon Wilkinson
+ - djm@cvs.openbsd.org 2003/11/17 09:45:39
+ [msg.c msg.h sshconnect2.c ssh-keysign.c]
+ return error on msg send/receive failure (rather than fatal); ok markus@
+ - markus@cvs.openbsd.org 2003/11/17 11:06:07
+ [auth2-gss.c gss-genr.c gss-serv.c monitor.c monitor.h monitor_wrap.c]
+ [monitor_wrap.h sshconnect2.c ssh-gss.h]
+ replace "gssapi" with "gssapi-with-mic"; from Simon Wilkinson;
+ test + ok jakob.
+ - (djm) Bug #632: Don't call pam_end indirectly from within kbd-int
+ conversation function
+ - (djm) Export environment variables from authentication subprocess to
+ parent. Part of Bug #717
+
+20031115
+ - (dtucker) [regress/agent-ptrace.sh] Test for GDB output from Solaris and
+ HP-UX, skip test on AIX.
+
+20031113
+ - (dtucker) [auth-pam.c] Append newlines to lines output by the
+ pam_chauthtok_conv().
+ - (dtucker) [README ssh-host-config ssh-user-config Makefile] (All
+ contrib/cygwin). Major update from vinschen at redhat.com.
+ - Makefile provides a `cygwin-postinstall' target to run right after
+ `make install'.
+ - Better support for Windows 2003 Server.
+ - Try to get permissions as correct as possible.
+ - New command line options to allow full automated host configuration.
+ - Create configs from skeletons in /etc/defaults/etc.
+ - Use /bin/bash, allows reading user input with readline support.
+ - Remove really old configs from /usr/local.
+ - (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and
+ PAM_ERROR_MSG messages.
+
20031106
- (djm) Clarify UsePAM consequences a little more