+20050826
+ - (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c
+ openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
+ openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c
+ openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char)
+ on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing
+ by tim@. Feedback and OK dtucker@
+
+20050823
+ - (dtucker) [regress/test-exec.sh] Do not prepend an extra "/" to a fully-
+ qualified sshd pathname since some systems (eg Cygwin) may consider "/foo"
+ and "//foo" to be different. Spotted by vinschen at redhat.com.
+ - (tim) [configure.ac] Not all gcc's support -Wsign-compare. Enhancements
+ and OK dtucker@
+ - (tim) [defines.h] PATH_MAX bits for OpenServer OK dtucker@
+
+20050821
+ - (dtucker) [configure.ac defines.h includes.h sftp.c] Add support for
+ LynxOS, patch from Olli Savia (ops at iki.fi). ok djm@
+
+20050816
+ - (djm) [ttymodes.c] bugzilla #1054: Fix encoding of _POSIX_VDISABLE,
+ from Jacob Nevins; ok dtucker@
+
+20050815
+ - (tim) [sftp.c] wrap el_end() in #ifdef USE_LIBEDIT
+ - (tim) [configure.ac] corrections to libedit tests. Report and patches
+ by skeleten AT shillest.net
+
+20050812
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2005/07/28 17:36:22
+ [packet.c]
+ missing packet_init_compression(); from solar
+ - djm@cvs.openbsd.org 2005/07/30 01:26:16
+ [ssh.c]
+ fix -D listen_host initialisation, so it picks up gateway_ports setting
+ correctly
+ - djm@cvs.openbsd.org 2005/07/30 02:03:47
+ [readconf.c]
+ listen_hosts initialisation here too; spotted greg AT y2005.nest.cx
+ - dtucker@cvs.openbsd.org 2005/08/06 10:03:12
+ [servconf.c]
+ Unbreak sshd ListenAddress for bare IPv6 addresses.
+ Report from Janusz Mucka; ok djm@
+ - jaredy@cvs.openbsd.org 2005/08/08 13:22:48
+ [sftp.c]
+ sftp prompt enhancements:
+ - in non-interactive mode, do not print an empty prompt at the end
+ before finishing
+ - print newline after EOF in editline mode
+ - call el_end() in editline mode
+ ok dtucker djm
+
+20050810
+ - (dtucker) [configure.ac] Test libedit library and headers for compatibility.
+ Report from skeleten AT shillest.net, ok djm@
+ - (dtucker) [LICENCE configure.ac defines.h openbsd-compat/realpath.c]
+ Sync current (thread-safe) version of realpath.c from OpenBSD (which is
+ in turn based on FreeBSD's). ok djm@
+
+20050809
+ - (tim) [configure.ac] Allow --with-audit=no. OK dtucker@
+ Report by skeleten AT shillest.net
+
+20050803
+ - (dtucker) [openbsd-compat/fake-rfc2553.h] Check for EAI_* defines
+ individually and use a value less likely to collide with real values from
+ netdb.h. Fixes compile warnings on FreeBSD 5.3. ok djm@
+ - (dtucker) [openbsd-compat/fake-rfc2553.h] MAX_INT -> INT_MAX since the
+ latter is specified in the standard.
+
+20050802
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2005/07/27 10:39:03
+ [scp.c hostfile.c sftp-client.c]
+ Silence bogus -Wuninitialized warnings; ok djm@
+ - (dtucker) [configure.ac] Enable -Wuninitialized by default when compiling
+ with gcc. ok djm@
+ - (dtucker) [configure.ac] Add a --with-Werror option to configure for
+ adding -Werror to CFLAGS when all of the configure tests are done. ok djm@
+
+20050726
+ - (dtucker) [configure.ac] Update zlib warning message too, pointed out by
+ tim@.
+ - (djm) OpenBSD CVS Sync
+ - otto@cvs.openbsd.org 2005/07/19 15:32:26
+ [auth-passwd.c]
+ auth_usercheck(3) can return NULL, so check for that. Report from
+ mpech@. ok markus@
+ - markus@cvs.openbsd.org 2005/07/25 11:59:40
+ [kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
+ [sshconnect2.c sshd.c sshd_config sshd_config.5]
+ add a new compression method that delays compression until the user
+ has been authenticated successfully and set compression to 'delayed'
+ for sshd.
+ this breaks older openssh clients (< 3.5) if they insist on
+ compression, so you have to re-enable compression in sshd_config.
+ ok djm@
+
+20050725
+ - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096.
+
+20050717
+- OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2005/07/16 01:35:24
+ [auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
+ [sshconnect.c]
+ spacing
+ - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]
+ [cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL
+ in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
+ - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
+ - djm@cvs.openbsd.org 2005/07/17 06:49:04
+ [channels.c channels.h session.c session.h]
+ Fix a number of X11 forwarding channel leaks:
+ 1. Refuse multiple X11 forwarding requests on the same session
+ 2. Clean up all listeners after a single_connection X11 forward, not just
+ the one that made the single connection
+ 3. Destroy X11 listeners when the session owning them goes away
+ testing and ok dtucker@
+ - djm@cvs.openbsd.org 2005/07/17 07:17:55
+ [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
+ [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
+ [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
+ [sshconnect.c sshconnect2.c]
+ knf says that a 2nd level indent is four (not three or five) spaces
+ -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]
+ [ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
+ - (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls
+
+20050716
+ - (dtucker) [auth-pam.c] Ensure that only one side of the authentication
+ socketpair stays open on in both the monitor and PAM process. Patch from
+ Joerg Sonnenberger.
+
20050714
- (dtucker) OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2005/07/06 09:33:05
- dtucker@cvs.openbsd.org 2005/07/14 04:00:43
[misc.h]
use __sentinel__ attribute; ok deraadt@ djm@ markus@
+ - (dtucker) [configure.ac defines.h] Define __sentinel__ to nothing if the
+ compiler doesn't understand it to prevent warnings. If any mainstream
+ compiler versions acquire it we can test for those versions. Based on
+ discussion with djm@.
20050707
- dtucker [auth-krb5.c auth.h gss-serv-krb5.c] Move KRB5CCNAME generation for