+20050301
+ - (djm) OpenBSD CVS sync:
+ - otto@cvs.openbsd.org 2005/02/16 09:56:44
+ [ssh.c]
+ Better diagnostic if an identity file is not accesible. ok markus@ djm@
+ - djm@cvs.openbsd.org 2005/02/18 03:05:53
+ [canohost.c]
+ better error messages for getnameinfo failures; ok dtucker@
+ - djm@cvs.openbsd.org 2005/02/20 22:59:06
+ [sftp.c]
+ turn on ssh batch mode when in sftp batch mode, patch from
+ jdmossh AT nand.net;
+ ok markus@
+ - jmc@cvs.openbsd.org 2005/02/25 10:55:13
+ [sshd.8]
+ add /etc/motd and $HOME/.hushlogin to FILES;
+ from michael knudsen;
+ - djm@cvs.openbsd.org 2005/02/28 00:54:10
+ [ssh_config.5]
+ bz#849: document timeout on untrusted x11 forwarding sessions. Reported by
+ orion AT cora.nwra.com; ok markus@
+ - djm@cvs.openbsd.org 2005/03/01 10:09:52
+ [auth-options.c channels.c channels.h clientloop.c compat.c compat.h]
+ [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5]
+ [sshd_config.5]
+ bz#413: allow optional specification of bind address for port forwardings.
+ Patch originally by Dan Astorian, but worked on by several people
+ Adds GatewayPorts=clientspecified option on server to allow remote
+ forwards to bind to client-specified ports.
+ - djm@cvs.openbsd.org 2005/03/01 10:40:27
+ [hostfile.c hostfile.h readconf.c readconf.h ssh.1 ssh_config.5]
+ [sshconnect.c sshd.8]
+ add support for hashing host names and addresses added to known_hosts
+ files, to improve privacy of which hosts user have been visiting; ok
+ markus@ deraadt@
+ - djm@cvs.openbsd.org 2005/03/01 10:41:28
+ [ssh-keyscan.1 ssh-keyscan.c]
+ option to hash hostnames output by ssh-keyscan; ok markus@ deraadt@
+
+20050226
+ - (dtucker) [openbsd-compat/bsd-openpty.c openbsd-compat/inet_ntop.c]
+ Remove two obsolete Cygwin #ifdefs. Patch from vinschen at redhat.com.
+ - (dtucker) [acconfig.h configure.ac openbsd-compat/bsd-misc.{c,h}]
+ Remove SETGROUPS_NOOP, was only used by Cygwin, which doesn't need it any
+ more. Patch from vinschen at redhat.com.
+ - (dtucker) [Makefile.in] Add a install-nosysconf target for installing the
+ binaries without the config files. Primarily useful for packaging.
+ Patch from phil at usc.edu. ok djm@
+
+20050224
+ - (djm) [configure.ac] in_addr_t test needs sys/types.h too
+
+20050222
+ - (dtucker) [uidswap.c] Skip uid restore test on Cygwin. Patch from
+ vinschen at redhat.com.
+
+20050220
+ - (dtucker) [LICENCE Makefile.in README.platform audit-bsm.c configure.ac
+ defines.h] Bug #125: Add *EXPERIMENTAL* BSM audit support. Configure
+ --with-audit=bsm to enable. Patch originally from Sun Microsystems,
+ parts by John R. Jackson. ok djm@
+ - (dtucker) [configure.ac] Missing comma in AIX section, somehow causes
+ unrelated platforms to be configured incorrectly.
+
+20050216
+ - (djm) write seed to temporary file and atomically rename into place;
+ ok dtucker@
+ - (dtucker) [ssh-rand-helper.c] Provide seed_rng since it may be called
+ via mkstemp in some configurations. ok djm@
+ - (dtucker) [auth-shadow.c] Prevent compiler warnings if "DAY" is defined
+ by the system headers.
+ - (dtucker) [configure.ac] Bug #893: check for libresolv early on Reliant
+ Unix; prevents problems relating to the location of -lresolv in the
+ link order.
+ - (dtucker) [session.c] Bug #918: store credentials from gssapi-with-mic
+ authentication early enough to be available to PAM session modules when
+ privsep=yes. Patch from deengert at anl.gov, ok'ed in principle by Sam
+ Hartman and similar to Debian's ssh-krb5 package.
+ - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Silence some more
+ compiler warnings on AIX.
+
+20050215
+ - (dtucker) [config.sh.in] Collect oslevel -r too.
+ - (dtucker) [README.platform auth.c configure.ac loginrec.c
+ openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #835: enable IPv6
+ on AIX where possible (see README.platform for details) and work around
+ a misfeature of AIX's getnameinfo. ok djm@
+ - (dtucker) [loginrec.c] Add missing #include.
+
+20050211
+ - (dtucker) [configure.ac] Tidy up configure --help output.
+ - (dtucker) [openbsd-compat/fake-rfc2553.h] We now need EAI_SYSTEM too.
+
+20050210
+ - (dtucker) [configure.ac] Bug #919: Provide visible feedback for the
+ --disable-etc-default-login configure option.
+
20050209
- (dtucker) OpenBSD CVS Sync
- dtucker@cvs.openbsd.org 2005/01/28 09:45:53
- dtucker@cvs.openbsd.org 2005/02/08 22:24:57
[sshd.c]
Provide reason in error message if getnameinfo fails; ok markus@
+ - (dtucker) [auth-passwd.c openbsd-compat/port-aix.c] Don't call
+ disable_forwarding() from compat library. Prevent linker errrors trying
+ to resolve it for binaries other than sshd. ok djm@
+ - (dtucker) [configure.ac] Bug #854: prepend pwd to relative --with-ssl-dir
+ paths. ok djm@
+ - (dtucker) [configure.ac session.c] Some platforms (eg some SCO) require
+ the username to be passed to the passwd command when changing expired
+ passwords. ok djm@
20050208
- (dtucker) [regress/test-exec.sh] Bug #912: Set _POSIX2_VERSION for the