+20020903
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/08/12 10:46:35
+ [ssh-agent.c]
+ make ssh-agent setgid, disallow ptrace.
+ - espie@cvs.openbsd.org 2002/08/21 11:20:59
+ [sshd.8]
+ `RSA' updated to refer to `public key', where it matters.
+ okay markus@
+
+20020820
+ - OpenBSD CVS Sync
+ - millert@cvs.openbsd.org 2002/08/02 14:43:15
+ [monitor.c monitor_mm.c]
+ Change mm_zalloc() sanity checks to be more in line with what
+ we do in calloc() and add a check to monitor_mm.c.
+ OK provos@ and markus@
+ - marc@cvs.openbsd.org 2002/08/02 16:00:07
+ [ssh.1 sshd.8]
+ note that .ssh/environment is only read when
+ allowed (PermitUserEnvironment in sshd_config).
+ OK markus@
+ - markus@cvs.openbsd.org 2002/08/02 21:23:41
+ [ssh-rsa.c]
+ diff is u_int (2x); ok deraadt/provos
+ - markus@cvs.openbsd.org 2002/08/02 22:20:30
+ [ssh-rsa.c]
+ replace RSA_verify with our own version and avoid the OpenSSL ASN.1 parser
+ for authentication; ok deraadt/djm
+ - aaron@cvs.openbsd.org 2002/08/08 13:50:23
+ [sshconnect1.c]
+ Use & to test if bits are set, not &&; markus@ ok.
+ - stevesk@cvs.openbsd.org 2002/08/08 23:54:52
+ [auth.c]
+ typo in comment
+ - stevesk@cvs.openbsd.org 2002/08/09 17:21:42
+ [sshd_config.5]
+ use Op for mdoc conformance; from esr@golux.thyrsus.com
+ ok aaron@
+ - stevesk@cvs.openbsd.org 2002/08/09 17:41:12
+ [sshd_config.5]
+ proxy vs. fake display
+ - stevesk@cvs.openbsd.org 2002/08/12 17:30:35
+ [ssh.1 sshd.8 sshd_config.5]
+ more PermitUserEnvironment; ok markus@
+ - stevesk@cvs.openbsd.org 2002/08/17 23:07:14
+ [ssh.1]
+ ForwardAgent has defaulted to no for over 2 years; be more clear here.
+ - stevesk@cvs.openbsd.org 2002/08/17 23:55:01
+ [ssh_config.5]
+ ordered list here
+ - (bal) [defines.h] Some platforms don't have SIZE_T_MAX. So assign
+ it to ULONG_MAX.
+
+20020813
+ - (tim) [configure.ac] Display OpenSSL header/library version.
+ Patch by dtucker@zip.com.au
+
+20020731
+ - (bal) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2002/07/24 16:11:18
+ [hostfile.c hostfile.h sshconnect.c]
+ print out all known keys for a host if we get a unknown host key,
+ see discussion at http://marc.theaimsgroup.com/?t=101069210100016&r=1&w=4
+
+ the ssharp mitm tool attacks users in a similar way, so i'd like to
+ pointed out again:
+ A MITM attack is always possible if the ssh client prints:
+ The authenticity of host 'bla' can't be established.
+ (protocol version 2 with pubkey authentication allows you to detect
+ MITM attacks)
+ - mouring@cvs.openbsd.org 2002/07/25 01:16:59
+ [sftp.c]
+ FallBackToRsh does not exist anywhere else. Remove it from here.
+ OK deraadt.
+ - markus@cvs.openbsd.org 2002/07/29 18:57:30
+ [sshconnect.c]
+ print file:line
+ - markus@cvs.openbsd.org 2002/07/30 17:03:55
+ [auth-options.c servconf.c servconf.h session.c sshd_config sshd_config.5]
+ add PermitUserEnvironment (off by default!); from dot@dotat.at;
+ ok provos, deraadt
+
+20020730
+ - (bal) [uidswap.c] SCO compile correction by gert@greenie.muc.de
+
20020728
- (stevesk) [auth-pam.c] should use PAM_MSG_MEMBER(); from solar
- (stevesk) [CREDITS] solar
andersk / openssh.git / blobdiff