+20001210
+ - (bal) OpenBSD CVS updates
+ - markus@cvs.openbsd.org 2000/12/09 13:41:51
+ [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
+ undo rijndael changes
+ - markus@cvs.openbsd.org 2000/12/09 13:48:31
+ [rijndael.c]
+ fix byte order bug w/o introducing new implementation
+ - markus@cvs.openbsd.org 2000/12/09 14:08:27
+ [sftp-server.c]
+ "" -> "." for realpath; from vinschen@redhat.com
+ - markus@cvs.openbsd.org 2000/12/09 14:06:54
+ [ssh-agent.c]
+ extern int optind; from stevesk@sweden.hp.com
+
+20001209
+ - (bal) OpenBSD CVS updates:
+ - djm@cvs.openbsd.org 2000/12/07 4:24:59
+ [ssh.1]
+ Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo
+
+20001207
+ - (bal) OpenBSD CVS updates:
+ - markus@cvs.openbsd.org 2000/12/06 22:58:14
+ [compat.c compat.h packet.c]
+ disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
+ - markus@cvs.openbsd.org 2000/12/06 23:10:39
+ [rijndael.c]
+ unexpand(1)
+ - markus@cvs.openbsd.org 2000/12/06 23:05:43
+ [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
+ new rijndael implementation. fixes endian bugs
+
+20001206
+ - (bal) OpenBSD CVS updates:
+ - markus@cvs.openbsd.org 2000/12/05 20:34:09
+ [channels.c channels.h clientloop.c serverloop.c]
+ async connects for -R/-L; ok deraadt@
+ - todd@cvs.openssh.org 2000/12/05 16:47:28
+ [sshd.c]
+ tweak comment to reflect real location of pid file; ok provos@
+ - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't
+ have it (used in ssh-keyscan).
+ - (stevesk) OpenSSH CVS update:
+ - markus@cvs.openbsd.org 2000/12/06 19:57:48
+ [ssh-keyscan.c]
+ err(3) -> internal error(), from stevesk@sweden.hp.com
+
+20001205
+ - (bal) OpenBSD CVS updates:
+ - markus@cvs.openbsd.org 2000/12/04 19:24:02
+ [ssh-keyscan.c ssh-keyscan.1]
+ David Maziere's ssh-keyscan, ok niels@
+ - (bal) Updated Makefile.in to include ssh-keyscan that was just added
+ to the recent OpenBSD source tree.
+ - (stevesk) fix typos in contrib/hpux/README
+
+20001204
+ - (bal) More C functions defined in NeXT that are unaccessable without
+ defining -POSIX.
+ - (bal) OpenBSD CVS updates:
+ - markus@cvs.openbsd.org 2000/12/03 11:29:04
+ [compat.c]
+ remove fallback to SSH_BUG_HMAC now that the drafts are updated
+ - markus@cvs.openbsd.org 2000/12/03 11:27:55
+ [compat.c]
+ correctly match "2.1.0.pl2 SSH" etc; from
+ pekkas@netcore.fi/bugzilla.redhat
+ - markus@cvs.openbsd.org 2000/12/03 11:15:03
+ [auth2.c compat.c compat.h sshconnect2.c]
+ support f-secure/ssh.com 2.0.12; ok niels@
+
+20001203
+ - (bal) OpenBSD CVS updates:
+ - markus@cvs.openbsd.org 2000/11/30 22:54:31
+ [channels.c]
+ debug->warn if tried to do -R style fwd w/o client requesting this;
+ ok neils@
+ - markus@cvs.openbsd.org 2000/11/29 20:39:17
+ [cipher.c]
+ des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
+ - markus@cvs.openbsd.org 2000/11/30 18:33:05
+ [ssh-agent.c]
+ agents must not dump core, ok niels@
+ - markus@cvs.openbsd.org 2000/11/30 07:04:02
+ [ssh.1]
+ T is for both protocols
+ - markus@cvs.openbsd.org 2000/12/01 00:00:51
+ [ssh.1]
+ typo; from green@FreeBSD.org
+ - markus@cvs.openbsd.org 2000/11/30 07:02:35
+ [ssh.c]
+ check -T before isatty()
+ - provos@cvs.openbsd.org 2000/11/29 13:51:27
+ [sshconnect.c]
+ show IP address and hostname when new key is encountered. okay markus@
+ - markus@cvs.openbsd.org 2000/11/30 22:53:35
+ [sshconnect.c]
+ disable agent/x11/port fwding if hostkey has changed; ok niels@
+ - marksu@cvs.openbsd.org 2000/11/29 21:11:59
+ [sshd.c]
+ sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
+ from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
+ - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable
+ PAM authentication using KbdInteractive.
+ - (djm) Added another TODO
+
+20001202
+ - (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
+ - (bal) Irix need some sort of mansubdir, patch by Michael Stone
+ <mstone@cs.loyola.edu>
+
+20001129
+ - (djm) Back out all the serverloop.c hacks. sshd will now hang again
+ if there are background children with open fds.
+ - (djm) bsd-rresvport.c bzero -> memset
+ - (djm) Don't fail in defines.h on absence of 64 bit types (we will
+ still fail during compilation of sftp-server).
+ - (djm) Fail if ar is not found during configure
+ - (djm) OpenBSD CVS updates:
+ - provos@cvs.openbsd.org 2000/11/22 08:38:31
+ [sshd.8]
+ talk about /etc/primes, okay markus@
+ - markus@cvs.openbsd.org 2000/11/23 14:03:48
+ [ssh.c sshconnect1.c sshconnect2.c]
+ complain about invalid ciphers for ssh1/ssh2, fall back to reasonable
+ defaults
+ - markus@cvs.openbsd.org 2000/11/25 09:42:53
+ [sshconnect1.c]
+ reorder check for illegal ciphers, bugreport from espie@
+ - markus@cvs.openbsd.org 2000/11/25 10:19:34
+ [ssh-keygen.c ssh.h]
+ print keytype when generating a key.
+ reasonable defaults for RSA1/RSA/DSA keys.
+ - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few
+ more manpage paths in fixpaths calls
+ - (djm) Also add xauth path at Pekka's suggestion.
+ - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility
+
+20001125
+ - (djm) Give up privs when reading seed file
+
+20001123
+ - (bal) Merge OpenBSD changes:
+ - markus@cvs.openbsd.org 2000/11/15 22:31:36
+ [auth-options.c]
+ case insensitive key options; from stevesk@sweeden.hp.com
+ - markus@cvs.openbsd.org 2000/11/16 17:55:43
+ [dh.c]
+ do not use perror() in sshd, after child is forked()
+ - markus@cvs.openbsd.org 2000/11/14 23:42:40
+ [auth-rsa.c]
+ parse option only if key matches; fix some confusing seen by the client
+ - markus@cvs.openbsd.org 2000/11/14 23:44:19
+ [session.c]
+ check no_agent_forward_flag for ssh-2, too
+ - markus@cvs.openbsd.org 2000/11/15
+ [ssh-agent.1]
+ reorder SYNOPSIS; typo, use .It
+ - markus@cvs.openbsd.org 2000/11/14 23:48:55
+ [ssh-agent.c]
+ do not reorder keys if a key is removed
+ - markus@cvs.openbsd.org 2000/11/15 19:58:08
+ [ssh.c]
+ just ignore non existing user keys
+ - millert@cvs.openbsd.org 200/11/15 20:24:43
+ [ssh-keygen.c]
+ Add missing \n at end of error message.
+
+20001122
+ - (bal) Minor patch to ensure platforms lacking IRIX job limit supports
+ are compilable.
+ - (bal) Updated TODO as of 11/18/2000 with known things to resolve.
+
+20001117
+ - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It
+ has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com>
+ - (stevesk) Reworked progname support.
+ - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by
+ Shinichi Maruyama <marya@st.jip.co.jp>
+
+20001116
+ - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO
+ releases.
+ - (bal) Make builds work outside of source tree. Patch by Mark D. Roth
+ <roth@feep.net>
+
+20001113
+ - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to
+ contrib/README
+ - (djm) Merge OpenBSD changes:
+ - markus@cvs.openbsd.org 2000/11/06 16:04:56
+ [channels.c channels.h clientloop.c nchan.c serverloop.c]
+ [session.c ssh.c]
+ agent forwarding and -R for ssh2, based on work from
+ jhuuskon@messi.uku.fi
+ - markus@cvs.openbsd.org 2000/11/06 16:13:27
+ [ssh.c sshconnect.c sshd.c]
+ do not disabled rhosts(rsa) if server port > 1024; from
+ pekkas@netcore.fi
+ - markus@cvs.openbsd.org 2000/11/06 16:16:35
+ [sshconnect.c]
+ downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
+ - markus@cvs.openbsd.org 2000/11/09 18:04:40
+ [auth1.c]
+ typo; from mouring@pconline.com
+ - markus@cvs.openbsd.org 2000/11/12 12:03:28
+ [ssh-agent.c]
+ off-by-one when removing a key from the agent
+ - markus@cvs.openbsd.org 2000/11/12 12:50:39
+ [auth-rh-rsa.c auth2.c authfd.c authfd.h]
+ [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
+ [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
+ [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
+ [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
+ [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
+ add support for RSA to SSH2. please test.
+ there are now 3 types of keys: RSA1 is used by ssh-1 only,
+ RSA and DSA are used by SSH2.
+ you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
+ keys for SSH2 and use the RSA keys for hostkeys or for user keys.
+ SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
+ - (djm) Fix up Makefile and Redhat init script to create RSA host keys
+ - (djm) Change to interim version
+ - (djm) Fix RPM spec file stupidity
+ - (djm) fixpaths to DSA and RSA keys too
+
+20001112
+ - (bal) SCO Patch to add needed libraries for configure.in. Patch by
+ Phillips Porch <root@theporch.com>
+ - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker
+ <dcp@sgi.com>
+ - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to
+ failed ioctl(TIOCSCTTY) call.
+
+20001111
+ - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and
+ packaging files
+ - (djm) Fix new Makefile.in warnings
+ - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are
+ promoted to type int. Report and fix from Dan Astoorian
+ <djast@cs.toronto.edu>
+ - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get
+ it wrong. Report from Bennett Todd <bet@rahul.net>
+
+20001110
+ - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c
+ - (bal) Changed from --with-skey to --with-skey=PATH in configure.in
+ - (bal) Added in check to verify S/Key library is being detected in
+ configure.in
+ - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif.
+ Patch by Mark Miller <markm@swoon.net>
+ - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined
+ to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net>
+ - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs
+
+20001107
+ - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by
+ Mark Miller <markm@swoon.net>
+ - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by
+ Jarno Huuskonen <jhuuskon@messi.uku.fi>
+ - (bal) fixpaths fixed to stop it from quitely failing. Patch by
+ Mark D. Roth <roth@feep.net>
+
20001106
- (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs
- (djm) Manually fix up missed diff hunks (mainly RCS idents)
- (djm) Don't need X11-askpass in RPM spec file if building without it
from Pekka Savola <pekkas@netcore.fi>
- (djm) Release 2.3.0p1
+ - (bal) typo in configure.in in regards to --with-ldflags from Marko
+ Asplund <aspa@kronodoc.fi>
+ - (bal) fixed next-posix.h. Forgot prototype of getppid().
20001105
- (bal) Sync with OpenBSD: