+20020626
+ - (stevesk) [monitor.c] remove duplicate proto15 dispatch entry for PAM
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/06/23 21:34:07
+ [channels.c]
+ tcode is u_int
+ - markus@cvs.openbsd.org 2002/06/24 13:12:23
+ [ssh-agent.1]
+ the socket name contains ssh-agent's ppid; via mpech@ from form@
+
+20020625
+ - (stevesk) [INSTALL acconfig.h configure.ac defines.h] remove --with-rsh
+ - (stevesk) [README.privsep] minor updates
+ - (djm) Create privsep directory and warn if privsep user is missing
+ during make install
+ - (bal) Started list of PrivSep issues in TODO
+ - (bal) if mmap() is substandard, don't allow compression on server side.
+ Post 'event' we will add more options.
+ - (tim) [contrib/caldera/openssh.spec] Sync with Caldera
+ - (bal) moved aix_usrinfo() and noted not setting real TTY. Patch by
+ dtucker@zip.com.au
+ - (tim) [acconfig.h configure.ac sshd.c] BROKEN_FD_PASSING fix from Markus
+ for Cygwin, Cray, & SCO
+
+20020624
+ - OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2002/06/23 03:25:50
+ [tildexpand.c]
+ KNF
+ - deraadt@cvs.openbsd.org 2002/06/23 03:26:19
+ [cipher.c key.c]
+ KNF
+ - deraadt@cvs.openbsd.org 2002/06/23 03:30:58
+ [scard.c ssh-dss.c ssh-rsa.c sshconnect.c sshconnect2.c sshd.c sshlogin.c
+ sshpty.c]
+ various KNF and %d for unsigned
+ - deraadt@cvs.openbsd.org 2002/06/23 09:30:14
+ [sftp-client.c sftp-client.h sftp-common.c sftp-int.c sftp-server.c
+ sftp.c]
+ bunch of u_int vs int stuff
+ - deraadt@cvs.openbsd.org 2002/06/23 09:39:55
+ [ssh-keygen.c]
+ u_int stuff
+ - deraadt@cvs.openbsd.org 2002/06/23 09:46:51
+ [bufaux.c servconf.c]
+ minor KNF. things the fingers do while you read
+ - deraadt@cvs.openbsd.org 2002/06/23 10:29:52
+ [ssh-agent.c sshd.c]
+ some minor KNF and %u
+ - deraadt@cvs.openbsd.org 2002/06/23 20:39:45
+ [session.c]
+ compression_level is u_int
+ - deraadt@cvs.openbsd.org 2002/06/23 21:06:13
+ [sshpty.c]
+ KNF
+ - deraadt@cvs.openbsd.org 2002/06/23 21:06:41
+ [channels.c channels.h session.c session.h]
+ display, screen, row, col, xpixel, ypixel are u_int; markus ok
+ - deraadt@cvs.openbsd.org 2002/06/23 21:10:02
+ [packet.c]
+ packet_get_int() returns unsigned for reason & seqnr
+ - (bal) Also fixed IPADDR_IN_DISPLAY case where display, screen, row, col,
+ xpixel are u_int.
+
+
+20020623
+ - (stevesk) [configure.ac] bug #255 LOGIN_NEEDS_UTMPX for AIX.
+ - (bal) removed GNUism for getops in ssh-agent since glibc lacks optreset.
+ - (bal) add extern char *getopt. Based on report by dtucker@zip.com.au
+ - OpenBSD CVS Sync
+ - stevesk@cvs.openbsd.org 2002/06/22 02:00:29
+ [ssh.h]
+ correct comment
+ - stevesk@cvs.openbsd.org 2002/06/22 02:40:23
+ [ssh.1]
+ section 5 not 4 for ssh_config
+ - naddy@cvs.openbsd.org 2002/06/22 11:51:39
+ [ssh.1]
+ typo
+ - stevesk@cvs.openbsd.org 2002/06/22 16:32:54
+ [sshd.8]
+ add /var/empty in FILES section
+ - stevesk@cvs.openbsd.org 2002/06/22 16:40:19
+ [sshd.c]
+ check /var/empty owner mode; ok provos@
+ - stevesk@cvs.openbsd.org 2002/06/22 16:41:57
+ [scp.1]
+ typo
+ - stevesk@cvs.openbsd.org 2002/06/22 16:45:29
+ [ssh-agent.1 sshd.8 sshd_config.5]
+ use process ID vs. pid/PID/process identifier
+ - stevesk@cvs.openbsd.org 2002/06/22 20:05:27
+ [sshd.c]
+ don't call setsid() if debugging or run from inetd; no "Operation not
+ permitted" errors now; ok millert@ markus@
+ - stevesk@cvs.openbsd.org 2002/06/22 23:09:51
+ [monitor.c]
+ save auth method before monitor_reset_key_state(); bugzilla bug #284;
+ ok provos@
+
+20020622
+ - (djm) Update README.privsep; spotted by fries@
+ - (djm) Release 3.3p1
+ - (bal) getopt now can be staticly compiled on those platforms missing
+ optreset. Patch by binder@arago.de
+
+20020621
+ - (djm) Sync:
+ - djm@cvs.openbsd.org 2002/06/21 05:50:51
+ [monitor.c]
+ Don't initialise compression buffers when compression=no in sshd_config;
+ ok Niels@
+ - ID sync for auth-passwd.c
+ - (djm) Warn and disable compression on platforms which can't handle both
+ useprivilegeseparation=yes and compression=yes
+ - (djm) contrib/redhat/openssh.spec hacking:
+ - Merge in spec changes from seba@iq.pl (Sebastian Pachuta)
+ - Add new {ssh,sshd}_config.5 manpages
+ - Add new ssh-keysign program and remove setuid from ssh client
+
+20020620
+ - (bal) Fixed AIX environment handling, use setpcred() instead of existing
+ code. (Bugzilla Bug 261)
+ - (bal) OpenBSD CVS Sync
+ - todd@cvs.openbsd.org 2002/06/14 21:35:00
+ [monitor_wrap.c]
+ spelling; from Brian Poole <raj@cerias.purdue.edu>
+ - markus@cvs.openbsd.org 2002/06/15 00:01:36
+ [authfd.c authfd.h ssh-add.c ssh-agent.c]
+ break agent key lifetime protocol and allow other contraints for key
+ usage.
+ - markus@cvs.openbsd.org 2002/06/15 00:07:38
+ [authfd.c authfd.h ssh-add.c ssh-agent.c]
+ fix stupid typo
+ - markus@cvs.openbsd.org 2002/06/15 01:27:48
+ [authfd.c authfd.h ssh-add.c ssh-agent.c]
+ remove the CONSTRAIN_IDENTITY messages and introduce a new
+ ADD_ID message with contraints instead. contraints can be
+ only added together with the private key.
+ - itojun@cvs.openbsd.org 2002/06/16 21:30:58
+ [ssh-keyscan.c]
+ use TAILQ_xx macro. from lukem@netbsd. markus ok
+ - deraadt@cvs.openbsd.org 2002/06/17 06:05:56
+ [scp.c]
+ make usage like man page
+ - deraadt@cvs.openbsd.org 2002/06/19 00:27:55
+ [auth-bsdauth.c auth-skey.c auth1.c auth2-chall.c auth2-none.c authfd.c
+ authfd.h monitor_wrap.c msg.c nchan.c radix.c readconf.c scp.c sftp.1
+ ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c
+ ssh-keysign.c ssh.1 sshconnect.c sshconnect.h sshconnect2.c ttymodes.c
+ xmalloc.h]
+ KNF done automatically while reading....
+ - markus@cvs.openbsd.org 2002/06/19 18:01:00
+ [cipher.c monitor.c monitor_wrap.c packet.c packet.h]
+ make the monitor sync the transfer ssh1 session key;
+ transfer keycontext only for RC4 (this is still depends on EVP
+ implementation details and is broken).
+ - stevesk@cvs.openbsd.org 2002/06/20 19:56:07
+ [ssh.1 sshd.8]
+ move configuration file options from ssh.1/sshd.8 to
+ ssh_config.5/sshd_config.5; ok deraadt@ millert@
+ - stevesk@cvs.openbsd.org 2002/06/20 20:00:05
+ [scp.1 sftp.1]
+ ssh_config(5)
+ - stevesk@cvs.openbsd.org 2002/06/20 20:03:34
+ [ssh_config sshd_config]
+ refer to config file man page
+ - markus@cvs.openbsd.org 2002/06/20 23:05:56
+ [servconf.c servconf.h session.c sshd.c]
+ allow Compression=yes/no in sshd_config
+ - markus@cvs.openbsd.org 2002/06/20 23:37:12
+ [sshd_config]
+ add Compression
+ - stevesk@cvs.openbsd.org 2002/05/25 20:40:08
+ [LICENCE]
+ missed Per Allansson (auth2-chall.c)
+ - (bal) Cygwin special handling of empty passwords wrong. Patch by
+ vinschen@redhat.com
+ - (bal) Missed integrating ssh_config.5 and sshd_config.5
+ - (bal) Still more Makefile.in updates for ssh{d}_config.5
+
+20020613
+ - (bal) typo of setgroup for cygwin. Patch by vinschen@redhat.com
+
+20020612
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/06/11 23:03:54
+ [ssh.c]
+ remove unused cruft.
+ - markus@cvs.openbsd.org 2002/06/12 01:09:52
+ [ssh.c]
+ ssh_connect returns 0 on success
+ - (bal) Build noop setgroups() for cygwin to clean up code (For other
+ platforms without the setgroups() requirement, you MUST define
+ SETGROUPS_NOOP in the configure.ac) Based on patch by vinschen@redhat.com
+ - (bal) Some platforms don't have ONLCR (Notable Mint)
+
+20020611
+ - (bal) ssh-agent.c RCSD fix (|unexpand already done)
+ - (bal) OpenBSD CVS Sync
+ - stevesk@cvs.openbsd.org 2002/06/09 22:15:15
+ [ssh.1]
+ update for no setuid root and ssh-keysign; ok deraadt@
+ - itojun@cvs.openbsd.org 2002/06/09 22:17:21
+ [sshconnect.c]
+ pass salen to sockaddr_ntop so that we are happy on linux/solaris
+ - stevesk@cvs.openbsd.org 2002/06/10 16:53:06
+ [auth-rsa.c ssh-rsa.c]
+ display minimum RSA modulus in error(); ok markus@
+ - stevesk@cvs.openbsd.org 2002/06/10 16:56:30
+ [ssh-keysign.8]
+ merge in stuff from my man page; ok markus@
+ - stevesk@cvs.openbsd.org 2002/06/10 17:36:23
+ [ssh-add.1 ssh-add.c]
+ use convtime() to parse and validate key lifetime. can now
+ use '-t 2h' etc. ok markus@ provos@
+ - stevesk@cvs.openbsd.org 2002/06/10 17:45:20
+ [readconf.c ssh.1]
+ change RhostsRSAAuthentication and RhostsAuthentication default to no
+ since ssh is no longer setuid root by default; ok markus@
+ - stevesk@cvs.openbsd.org 2002/06/10 21:21:10
+ [ssh_config]
+ update defaults for RhostsRSAAuthentication and RhostsAuthentication
+ here too (all options commented out with default value).
+ - markus@cvs.openbsd.org 2002/06/10 22:28:41
+ [channels.c channels.h session.c]
+ move creation of agent socket to session.c; no need for uidswapping
+ in channel.c.
+ - markus@cvs.openbsd.org 2002/06/11 04:14:26
+ [ssh.c sshconnect.c sshconnect.h]
+ no longer use uidswap.[ch] from the ssh client
+ run less code with euid==0 if ssh is installed setuid root
+ just switch the euid, don't switch the complete set of groups
+ (this is only needed by sshd). ok provos@
+ - mpech@cvs.openbsd.org 2002/06/11 05:46:20
+ [auth-krb4.c monitor.h serverloop.c session.c ssh-agent.c sshd.c]
+ pid_t cleanup. Markus need this now to keep hacking.
+ markus@, millert@ ok
+ - itojun@cvs.openbsd.org 2002/06/11 08:11:45
+ [canohost.c]
+ use "ntop" only after initialized
+ - (bal) Cygwin fix up from swap uid clean up in ssh.c patch by
+ vinschen@redhat.com
+
+20020609
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/06/08 05:07:56
+ [ssh.c]
+ nuke ptrace comment
+ - markus@cvs.openbsd.org 2002/06/08 05:07:09
+ [ssh-keysign.c]
+ only accept 20 byte session ids
+ - markus@cvs.openbsd.org 2002/06/08 05:17:01
+ [readconf.c readconf.h ssh.1 ssh.c]
+ deprecate FallBackToRsh and UseRsh; patch from djm@
+ - markus@cvs.openbsd.org 2002/06/08 05:40:01
+ [readconf.c]
+ just warn about Deprecated options for now
+ - markus@cvs.openbsd.org 2002/06/08 05:41:18
+ [ssh_config]
+ remove FallBackToRsh/UseRsh
+ - markus@cvs.openbsd.org 2002/06/08 12:36:53
+ [scp.c]
+ remove FallBackToRsh
+ - markus@cvs.openbsd.org 2002/06/08 12:46:14
+ [readconf.c]
+ silently ignore deprecated options, since FallBackToRsh might be passed
+ by remote scp commands.
+ - itojun@cvs.openbsd.org 2002/06/08 21:15:27
+ [sshconnect.c]
+ always use getnameinfo. (diag message only)
+ - markus@cvs.openbsd.org 2002/06/09 04:33:27
+ [sshconnect.c]
+ abort() - > fatal()
+ - (bal) RCSID tag updates on channels.c, clientloop.c, nchan.c,
+ sftp-client.c, ssh-agenet.c, ssh-keygen.c and connect.h (we did unexpand
+ independant of them)
+
+20020607
+ - (bal) Removed --{enable/disable}-suid-ssh
+ - (bal) Missed __progname in ssh-keysign.c patch by dtucker@zip.com.au
+ - (bal) use 'LOGIN_PROGRAM' not '/usr/bin/login' in session.c patch by
+ Bertrand.Velle@apogee-com.fr
+
20020606
- (bal) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2002/05/15 21:56:38
use get_int() macro (hide iqueue)
- (bal) Missed msg.[ch] in merge. Required for ssh-keysign.
- (bal) Forgot to add msg.c Makefile.in.
+ - (bal) monitor_mm.c typos.
+ - (bal) Refixed auth2.c. It was never fully commited while spliting out
+ authentication to different files.
+ - (bal) ssh-keysign should build and install correctly now. Phase two
+ would be to clean out any dead wood and disable ssh setuid on install.
+ - (bal) Reverse logic, use __func__ first since it's C99
20020604
- (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed