+20040815
+ - (dtucker) [Makefile.in ssh-keysign.c ssh.c] Use permanently_set_uid() since
+ it does the right thing on all platforms. ok djm@
+
+20040814
+ - (dtucker) [auth-krb5.c gss-serv-krb5.c openbsd-compat/xmmap.c]
+ Explicitly set umask for mkstemp; ok djm@
+ - (dtucker) [includes.h] Undef _INCLUDE__STDC__ on HP-UX, otherwise
+ prot.h and shadow.h provide conflicting declarations of getspnam. ok djm@
+ - (dtucker) [loginrec.c openbsd-compat/port-aix.c openbsd-compat/port-aix.h]
+ Plug AIX login recording into login_write so logins will be recorded for
+ all auth types.
+
+20040813
+ - (dtucker) [openbsd-compat/bsd-misc.c] Typo in #ifdef; from vinschen at
+ redhat.com
+- (dtucker) OpenBSD CVS Sync
+ - avsm@cvs.openbsd.org 2004/08/11 21:43:05
+ [channels.c channels.h clientloop.c misc.c misc.h serverloop.c ssh-agent.c]
+ some signed/unsigned int comparison cleanups; markus@ ok
+ - avsm@cvs.openbsd.org 2004/08/11 21:44:32
+ [authfd.c scp.c ssh-keyscan.c]
+ use atomicio instead of homegrown equivalents or read/write.
+ markus@ ok
+ - djm@cvs.openbsd.org 2004/08/12 09:18:24
+ [sshlogin.c]
+ typo in error message, spotted by moritz AT jodeit.org (Id sync only)
+ - jakob@cvs.openbsd.org 2004/08/12 21:41:13
+ [ssh-keygen.1 ssh.1]
+ improve SSHFP documentation; ok deraadt@
+ - jmc@cvs.openbsd.org 2004/08/13 00:01:43
+ [ssh-keygen.1]
+ kill whitespace at eol;
+ - djm@cvs.openbsd.org 2004/08/13 02:51:48
+ [monitor_fdpass.c]
+ extra check for no message case; ok markus, deraadt, hshoexer, henning
+ - dtucker@cvs.openbsd.org 2004/08/13 11:09:24
+ [servconf.c]
+ Fix line numbers off-by-one in error messages, from tortay at cc.in2p3.fr
+ ok markus@, djm@
+
+20040812
+ - (dtucker) [sshd.c] Remove duplicate variable imported during sync.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2004/07/28 08:56:22
+ [sshd.c]
+ call setsid() _before_ re-exec
+ - markus@cvs.openbsd.org 2004/07/28 09:40:29
+ [auth.c auth1.c auth2.c cipher.c cipher.h key.c session.c ssh.c
+ sshconnect1.c]
+ more s/illegal/invalid/
+ - djm@cvs.openbsd.org 2004/08/04 10:37:52
+ [dh.c]
+ return group14 when no primes found - fixes hang on empty /etc/moduli;
+ ok markus@
+ - dtucker@cvs.openbsd.org 2004/08/11 11:09:54
+ [servconf.c]
+ Fix minor leak; "looks right" deraadt@
+ - dtucker@cvs.openbsd.org 2004/08/11 11:50:09
+ [sshd.c]
+ Don't try to close startup_pipe if it's not open; ok djm@
+ - djm@cvs.openbsd.org 2004/08/11 11:59:22
+ [sshlogin.c]
+ check that lseek went were we told it to; ok markus@
+ (Id sync only, but similar changes are needed in loginrec.c)
+ - djm@cvs.openbsd.org 2004/08/11 12:01:16
+ [sshlogin.c]
+ make store_lastlog_message() static to appease -Wall; ok markus
+ - (dtucker) [sshd.c] Clear loginmsg in postauth monitor, prevents doubling
+ messages generated before the postauth privsep split.
+
+20040720
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2004/07/21 08:56:12
+ [auth.c]
+ s/Illegal user/Invalid user/; many requests; ok djm, millert, niklas,
+ miod, ...
+ - djm@cvs.openbsd.org 2004/07/21 10:33:31
+ [auth1.c auth2.c]
+ bz#899: Don't display invalid usernames in setproctitle
+ from peak AT argo.troja.mff.cuni.cz; ok markus@
+ - djm@cvs.openbsd.org 2004/07/21 10:36:23
+ [gss-serv-krb5.c]
+ fix function declaration
+ - djm@cvs.openbsd.org 2004/07/21 11:51:29
+ [canohost.c]
+ bz#902: cache remote port so we don't fatal() in auth_log when remote
+ connection goes away quickly. from peak AT argo.troja.mff.cuni.cz;
+ ok markus@
+ - (djm) [auth-pam.c] Portable parts of bz#899: Don't display invalid
+ usernames in setproctitle from peak AT argo.troja.mff.cuni.cz;
+
+20040720
+ - (djm) [log.c] bz #111: Escape more control characters when sending data
+ to syslog; from peak AT argo.troja.mff.cuni.cz
+ - (djm) [contrib/redhat/sshd.pam] bz #903: Remove redundant entries; from
+ peak AT argo.troja.mff.cuni.cz
+ - (djm) [regress/README.regress] Remove caveat regarding TCP wrappers, now
+ that sshd is fixed to behave better; suggested by tim
+
+20040719
+ - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD
+ ok dtucker@
+ - (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function,
+ instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@
+ - (tim) [configure.ac] updwtmpx() on OpenServer seems to add duplicate entry.
+ Report by rac AT tenzing.org
+
20040717
- (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c
ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c ssh.c sshd.c