+ - djm@cvs.openbsd.org 2006/04/01 05:51:34
+ [atomicio.c]
+ ANSIfy; requested deraadt@
+ - dtucker@cvs.openbsd.org 2006/04/02 08:34:52
+ [ssh-keysign.c]
+ sessionid can be 32 bytes now too when sha256 kex is used; ok djm@
+ - djm@cvs.openbsd.org 2006/04/03 07:10:38
+ [gss-genr.c]
+ GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066
+ by dleonard AT vintela.com. use xasprintf() to simplify code while in
+ there; "looks right" deraadt@
+ - djm@cvs.openbsd.org 2006/04/16 00:48:52
+ [buffer.c buffer.h channels.c]
+ Fix condition where we could exit with a fatal error when an input
+ buffer became too large and the remote end had advertised a big window.
+ The problem was a mismatch in the backoff math between the channels code
+ and the buffer code, so make a buffer_check_alloc() function that the
+ channels code can use to propsectivly check whether an incremental
+ allocation will succeed. bz #1131, debugged with the assistance of
+ cove AT wildpackets.com; ok dtucker@ deraadt@
+ - djm@cvs.openbsd.org 2006/04/16 00:52:55
+ [atomicio.c atomicio.h]
+ introduce atomiciov() function that wraps readv/writev to retry
+ interrupted transfers like atomicio() does for read/write;
+ feedback deraadt@ dtucker@ stevesk@ ok deraadt@
+ - djm@cvs.openbsd.org 2006/04/16 00:54:10
+ [sftp-client.c]
+ avoid making a tiny 4-byte write to send the packet length of sftp
+ commands, which would result in a separate tiny packet on the wire by
+ using atomiciov(writev, ...) to write the length and the command in one
+ pass; ok deraadt@
+ - djm@cvs.openbsd.org 2006/04/16 07:59:00
+ [atomicio.c]
+ reorder sanity test so that it cannot dereference past the end of the
+ iov array; well spotted canacar@!
+ - dtucker@cvs.openbsd.org 2006/04/18 10:44:28
+ [bufaux.c bufbn.c Makefile.in]
+ Move Buffer bignum functions into their own file, bufbn.c. This means
+ that sftp and sftp-server (which use the Buffer functions in bufaux.c
+ but not the bignum ones) no longer need to be linked with libcrypto.
+ ok markus@
+ - djm@cvs.openbsd.org 2006/04/20 09:27:09
+ [auth.h clientloop.c dispatch.c dispatch.h kex.h]
+ replace the last non-sig_atomic_t flag used in a signal handler with a
+ sig_atomic_t, unfortunately with some knock-on effects in other (non-
+ signal) contexts in which it is used; ok markus@
+ - markus@cvs.openbsd.org 2006/04/20 09:47:59
+ [sshconnect.c]
+ simplify; ok djm@
+ - djm@cvs.openbsd.org 2006/04/20 21:53:44
+ [includes.h session.c sftp.c]
+ Switch from using pipes to socketpairs for communication between
+ sftp/scp and ssh, and between sshd and its subprocesses. This saves
+ a file descriptor per session and apparently makes userland ppp over
+ ssh work; ok markus@ deraadt@ (ID Sync only - portable makes this
+ decision on a per-platform basis)
+ - djm@cvs.openbsd.org 2006/04/22 04:06:51
+ [uidswap.c]
+ use setres[ug]id() to permanently revoke privileges; ok deraadt@
+ (ID Sync only - portable already uses setres[ug]id() whenever possible)
+ - stevesk@cvs.openbsd.org 2006/04/22 18:29:33
+ [crc32.c]
+ remove extra spaces
+ - (djm) [auth.h dispatch.h kex.h] sprinkle in signal.h to get
+ sig_atomic_t