+20020707
+ - (tim) [Makefile.in] use umask instead of chmod on $(PRIVSEP_PATH)
+ - (tim) [acconfig.h configure.ac sshd.c]
+ s/BROKEN_FD_PASSING/DISABLE_FD_PASSING/
+ - (tim) [contrib/cygwin/ssh-host-config] sshd account creation fixes
+ patch from vinschen@redhat.com
+ - (bal) [realpath.c] Updated with OpenBSD tree.
+ - (bal) OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2002/07/04 04:15:33
+ [key.c monitor_wrap.c sftp-glob.c ssh-dss.c ssh-rsa.c]
+ patch memory leaks; grendel@zeitbombe.org
+ - deraadt@cvs.openbsd.org 2002/07/04 08:12:15
+ [channels.c packet.c]
+ blah blah minor nothing as i read and re-read and re-read...
+ - markus@cvs.openbsd.org 2002/07/04 10:41:47
+ [key.c monitor_wrap.c ssh-dss.c ssh-rsa.c]
+ don't allocate, copy, and discard if there is not interested in the data;
+ ok deraadt@
+ - deraadt@cvs.openbsd.org 2002/07/06 01:00:49
+ [log.c]
+ KNF
+
+20020705
+ - (tim) [configure.ac] AIX 4.2.1 has authenticate() in libs.
+ Reported by Darren Tucker <dtucker@zip.com.au>
+ - (tim) [contrib/cygwin/ssh-host-config] double slash corrction
+ from vinschen@redhat.com
+
+20020704
+ - (bal) Limit data to TTY for AIX only (Newer versions can't handle the
+ faster data rate) Bug #124
+ - (bal) glob.c defines TILDE and AIX also defines it. #undef it first.
+ bug #265
+ - (bal) One too many nulls in ports-aix.c
+
20020703
- (bal) Updated contrib/cygwin/ patch by vinschen@redhat.com
- (bal) minor correction to utimes() replacement. Patch by
- stevesk@cvs.openbsd.org 2002/06/27 19:49:08
[ssh-keyscan.c]
use convtime(); ok markus@
-
+ - millert@cvs.openbsd.org 2002/06/28 01:49:31
+ [monitor_mm.c]
+ tree(3) wants an int return value for its compare functions and
+ the difference between two pointers is not an int. Just do the
+ safest thing and store the result in a long and then return 0,
+ -1, or 1 based on that result.
+ - deraadt@cvs.openbsd.org 2002/06/28 01:50:37
+ [monitor_wrap.c]
+ use ssize_t
+ - deraadt@cvs.openbsd.org 2002/06/28 10:08:25
+ [sshd.c]
+ range check -u option at invocation
+ - deraadt@cvs.openbsd.org 2002/06/28 23:05:06
+ [sshd.c]
+ gidset[2] -> gidset[1]; markus ok
+ - deraadt@cvs.openbsd.org 2002/06/30 21:54:16
+ [auth2.c session.c sshd.c]
+ lint asks that we use names that do not overlap
+ - deraadt@cvs.openbsd.org 2002/06/30 21:59:45
+ [auth-bsdauth.c auth-skey.c auth2-chall.c clientloop.c key.c
+ monitor_wrap.c monitor_wrap.h scard.h session.h sftp-glob.c ssh.c
+ sshconnect2.c sshd.c]
+ minor KNF
+ - deraadt@cvs.openbsd.org 2002/07/01 16:15:25
+ [msg.c]
+ %u
+ - markus@cvs.openbsd.org 2002/07/01 19:48:46
+ [sshconnect2.c]
+ for compression=yes, we fallback to no-compression if the server does
+ not support compression, vice versa for compression=no. ok mouring@
+ - markus@cvs.openbsd.org 2002/07/03 09:55:38
+ [ssh-keysign.c]
+ use RSA_blinding_on() for rsa hostkeys (suggested by Bill Sommerfeld)
+ in order to avoid a possible Kocher timing attack pointed out by Charles
+ Hannum; ok provos@
+ - markus@cvs.openbsd.org 2002/07/03 14:21:05
+ [ssh-keysign.8 ssh-keysign.c ssh.c ssh_config]
+ re-enable ssh-keysign's sbit, but make ssh-keysign read
+ /etc/ssh/ssh_config and exit if HostbasedAuthentication is disabled
+ globally. based on discussions with deraadt, itojun and sommerfeld;
+ ok itojun@
+ - (bal) Failed password attempts don't increment counter on AIX. Bug #145
+ - (bal) Missed Makefile.in change. keysign needs readconf.o
+ - (bal) Clean up aix_usrinfo(). Ignore TTY= period I guess.
+
20020702
- (djm) Use PAM_MSG_MEMBER for PAM_TEXT_INFO messages, use xmalloc &
friends consistently. Spotted by Solar Designer <solar@openwall.com>