+20000627
+ - (djm) Fixes to login code - not setting li->uid, cleanups
+ - (djm) Formatting
+
+20000626
+ - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net>
+ - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
+ - (djm) Added password expiry checking (no password change support)
+ - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK
+ based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+ - (djm) Fix fixed EGD code.
+ - OpenBSD CVS update
+ - provos@cvs.openbsd.org 2000/06/25 14:17:58
+ [channels.c]
+ correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
+
+20000623
+ - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
+ Svante Signell <svante.signell@telia.com>
+ - (djm) Autoconf logic to define sa_family_t if it is missing
+ - OpenBSD CVS Updates:
+ - markus@cvs.openbsd.org 2000/06/22 10:32:27
+ [sshd.c]
+ missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL
+ - djm@cvs.openbsd.org 2000/06/22 17:55:00
+ [auth-krb4.c key.c radix.c uuencode.c]
+ Missing CVS idents; ok markus
+
+20000622
+ - (djm) Automatically generate host key during "make install". Suggested
+ by Gary E. Miller <gem@rellim.com>
+ - (djm) Paranoia before kill() system call
+ - OpenBSD CVS Updates:
+ - markus@cvs.openbsd.org 2000/06/18 18:50:11
+ [auth2.c compat.c compat.h sshconnect2.c]
+ make userauth+pubkey interop with ssh.com-2.2.0
+ - markus@cvs.openbsd.org 2000/06/18 20:56:17
+ [dsa.c]
+ mem leak + be more paranoid in dsa_verify.
+ - markus@cvs.openbsd.org 2000/06/18 21:29:50
+ [key.c]
+ cleanup fingerprinting, less hardcoded sizes
+ - markus@cvs.openbsd.org 2000/06/19 19:39:45
+ [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
+ [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
+ [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
+ [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
+ [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
+ [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
+ [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
+ [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
+ [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
+ OpenBSD tag
+ - markus@cvs.openbsd.org 2000/06/21 10:46:10
+ sshconnect2.c missing free; nuke old comment
+
+20000620
+ - (djm) Replace use of '-o' and '-a' logical operators in configure tests
+ with '||' and '&&'. As suggested by Jim Knoble <jmknoble@pint-stowp.cx>
+ to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
+ - (djm) Typo in loginrec.c
+
+20000618
+ - (djm) Add summary of configure options to end of ./configure run
+ - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
+ Michael Stone <mstone@cs.loyola.edu>
+ - (djm) rusage is a privileged operation on some Unices (incl.
+ Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
+ - (djm) Avoid PAM failures when running without a TTY. Report from
+ Martin Petrak <petrak@spsknm.schools.sk>
+ - (djm) Include sys/types.h when including netinet/in.h in configure tests.
+ Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
+ - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support
+ - OpenBSD CVS updates:
+ - deraadt@cvs.openbsd.org 2000/06/17 09:58:46
+ [channels.c]
+ everyone says "nix it" (remove protocol 2 debugging message)
+ - markus@cvs.openbsd.org 2000/06/17 13:24:34
+ [sshconnect.c]
+ allow extended server banners
+ - markus@cvs.openbsd.org 2000/06/17 14:30:10
+ [sshconnect.c]
+ missing atomicio, typo
+ - jakob@cvs.openbsd.org 2000/06/17 16:52:34
+ [servconf.c servconf.h session.c sshd.8 sshd_config]
+ add support for ssh v2 subsystems. ok markus@.
+ - deraadt@cvs.openbsd.org 2000/06/17 18:57:48
+ [readconf.c servconf.c]
+ include = in WHITESPACE; markus ok
+ - markus@cvs.openbsd.org 2000/06/17 19:09:10
+ [auth2.c]
+ implement bug compatibility with ssh-2.0.13 pubkey, server side
+ - markus@cvs.openbsd.org 2000/06/17 21:00:28
+ [compat.c]
+ initial support for ssh.com's 2.2.0
+ - markus@cvs.openbsd.org 2000/06/17 21:16:09
+ [scp.c]
+ typo
+ - markus@cvs.openbsd.org 2000/06/17 22:05:02
+ [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
+ split auth-rsa option parsing into auth-options
+ add options support to authorized_keys2
+ - markus@cvs.openbsd.org 2000/06/17 22:42:54
+ [session.c]
+ typo
+
+20000613
+ - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
+ - Platform define for SCO 3.x which breaks on /dev/ptmx
+ - Detect and try to fix missing MAXPATHLEN
+ - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
+ <P.S.S.Camp@ukc.ac.uk>
+
+20000612
+ - (djm) Glob manpages in RPM spec files to catch compressed files
+ - (djm) Full license in auth-pam.c
+ - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
+ - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>:
+ - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
+ def'd
+ - Set AIX to use preformatted manpages
+
+20000610
+ - (djm) Minor doc tweaks
+ - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
+
+20000609
+ - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
+ (in favour of utmpx) on Solaris 8
+
+20000606
+ - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
+ list of commands (by default). Removed verbose debugging (by default).
+ - (djm) Increased command entropy estimates and default entropy collection
+ timeout
+ - (djm) Remove duplicate headers from loginrec.c
+ - (djm) Don't add /usr/local/lib to library search path on Irix
+ - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
+ <tibbs@math.uh.edu>
+ - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
+ <zack@wolery.cumb.org>
+ - (djm) OpenBSD CVS updates:
+ - todd@cvs.openbsd.org
+ [sshconnect2.c]
+ teach protocol v2 to count login failures properly and also enable an
+ explanation of why the password prompt comes up again like v1; this is NOT
+ crypto
+ - markus@cvs.openbsd.org
+ [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
+ xauth_location support; pr 1234
+ [readconf.c sshconnect2.c]
+ typo, unused
+ [session.c]
+ allow use_login only for login sessions, otherwise remote commands are
+ execed with uid==0
+ [sshd.8]
+ document UseLogin better
+ [version.h]
+ OpenSSH 2.1.1
+ [auth-rsa.c]
+ fix match_hostname() logic for auth-rsa: deny access if we have a
+ negative match or no match at all
+ [channels.c hostfile.c match.c]
+ don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
+ kris@FreeBSD.org
+
+20000606
+ - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
+ configure.
+
+20000604
+ - Configure tweaking for new login code on Irix 5.3
+ - (andre) login code changes based on djm feedback
+
+20000603
+ - (andre) New login code
+ - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c
+ - Add loginrec.[ch], logintest.c and autoconf code
+
+20000531
+ - Cleanup of auth.c, login.c and fake-*
+ - Cleanup of auth-pam.c, save and print "account expired" error messages
+ - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp>
+ - Rewrote bsd-login to use proper utmp API if available. Major cleanup
+ of fallback DIY code.
+
+20000530
+ - Define atexit for old Solaris
+ - Fix buffer overrun in login.c for systems which use syslen in utmpx.
+ patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
+ - OpenBSD CVS updates:
+ - markus@cvs.openbsd.org
+ [session.c]
+ make x11-fwd work w/ localhost (xauth add host/unix:11)
+ [cipher.c compat.c readconf.c servconf.c]
+ check strtok() != NULL; ok niels@
+ [key.c]
+ fix key_read() for uuencoded keys w/o '='
+ [serverloop.c]
+ group ssh1 vs. ssh2 in serverloop
+ [kex.c kex.h myproposal.h sshconnect2.c sshd.c]
+ split kexinit/kexdh, factor out common code
+ [readconf.c ssh.1 ssh.c]
+ forwardagent defaults to no, add ssh -A
+ - theo@cvs.openbsd.org
+ [session.c]
+ just some line shortening
+ - Released 2.1.0p3
+
+20000520
+ - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
+ - Don't touch utmp if USE_UTMPX defined
+ - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
+ - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com>
+ - HPUX and Configure fixes from Lutz Jaenicke
+ <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+ - Use mkinstalldirs script to make directories instead of non-portable
+ "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+ - Doc cleanup
+
+20000518
+ - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
+ - OpenBSD CVS updates:
+ - markus@cvs.openbsd.org
+ [sshconnect.c]
+ copy only ai_addrlen bytes; misiek@pld.org.pl
+ [auth.c]
+ accept an empty shell in authentication; bug reported by
+ chris@tinker.ucr.edu
+ [serverloop.c]
+ we don't have stderr for interactive terminal sessions (fcntl errors)
+
20000517
- Fix from Andre Lucas <andre.lucas@dial.pipex.com>
- Fixes command line printing segfaults (spotter: Bladt Norbert)
- Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
- Avoid WCOREDUMP complation errors for systems that lack it
- Avoid SIGCHLD warnings from entropy commands
+ - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
+ - OpenBSD CVS update:
+ - markus@cvs.openbsd.org
+ [ssh.c]
+ fix usage()
+ [ssh2.h]
+ draft-ietf-secsh-architecture-05.txt
+ [ssh.1]
+ document ssh -T -N (ssh2 only)
+ [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
+ enable nonblocking IO for sshd w/ proto 1, too; split out common code
+ [aux.c]
+ missing include
+ - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
+ - INSTALL typo and URL fix
+ - Makefile fix
+ - Solaris fixes
+ - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
+ <ksakai@kso.netwk.ntt-at.co.jp>
+ - RSAless operation patch from kevin_oconnor@standardandpoors.com
+ - Detect OpenSSL seperatly from RSA
+ - Better test for RSA (more compatible with RSAref). Based on work by
+ Ed Eden <ede370@stl.rural.usda.gov>
20000513
- Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
andersk / openssh.git / blobdiff