+20010314
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/03/13 17:34:42
+ [auth-options.c]
+ missing xfree, deny key on parse error; ok stevesk@
+ - djm@cvs.openbsd.org 2001/03/13 22:42:54
+ [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
+ sftp client filename globbing for get, put, ch{mod,grp,own}. ok markus@
+
+20010313
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/03/12 22:02:02
+ [key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c]
+ remove old key_fingerprint interface, s/_ex//
+
+20010312
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/03/11 13:25:36
+ [auth2.c key.c]
+ debug
+ - jakob@cvs.openbsd.org 2001/03/11 15:03:16
+ [key.c key.h]
+ add improved fingerprint functions. based on work by Carsten
+ Raskgaard <cara@int.tele.dk> and modified by me. ok markus@.
+ - jakob@cvs.openbsd.org 2001/03/11 15:04:16
+ [ssh-keygen.1 ssh-keygen.c]
+ print both md5, sha1 and bubblebabble fingerprints when using
+ ssh-keygen -l -v. ok markus@.
+ - jakob@cvs.openbsd.org 2001/03/11 15:13:09
+ [key.c]
+ cleanup & shorten some var names key_fingerprint_bubblebabble.
+ - deraadt@cvs.openbsd.org 2001/03/11 16:39:03
+ [ssh-keygen.c]
+ KNF, and SHA1 binary output is just creeping featurism
+ - tim@mindrot.org 2001/03/11 17:29:32 [configure.in]
+ test if snprintf() supports %ll
+ add /dev to search path for PRNGD/EGD socket
+ fix my mistake in USER_PATH test program
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/03/11 18:29:51
+ [key.c]
+ style+cleanup
+ - markus@cvs.openbsd.org 2001/03/11 22:33:24
+ [ssh-keygen.1 ssh-keygen.c]
+ remove -v again. use -B instead for bubblebabble. make -B consistent
+ with -l and make -B work with /path/to/known_hosts. ok deraadt@
+ - (djm) Bump portable version number for generating test RPMs
+ - (djm) Add "static_openssl" RPM build option, remove rsh build dependency
+ - (bal) Reorder includes in Makefile.
+
+20010311
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/03/10 12:48:27
+ [sshconnect2.c]
+ ignore nonexisting private keys; report rjmooney@mediaone.net
+ - deraadt@cvs.openbsd.org 2001/03/10 12:53:51
+ [readconf.c ssh_config]
+ default to SSH2, now that m68k runs fast
+ - stevesk@cvs.openbsd.org 2001/03/10 15:02:05
+ [ttymodes.c ttymodes.h]
+ remove unused sgtty macros; ok markus@
+ - deraadt@cvs.openbsd.org 2001/03/10 15:31:00
+ [compat.c compat.h sshconnect.c]
+ all known netscreen ssh versions, and older versions of OSU ssh cannot
+ handle password padding (newer OSU is fixed)
+ - tim@mindrot.org 2001/03/10 16:33:42 [configure.in Makefile.in sshd_config]
+ make sure $bindir is in USER_PATH so scp will work
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/03/10 17:51:04
+ [kex.c match.c match.h readconf.c readconf.h sshconnect2.c]
+ add PreferredAuthentications
+
+20010310
+ - OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2001/03/09 03:14:39
+ [ssh-keygen.c]
+ create *.pub files with umask 0644, so that you can mv them to
+ authorized_keys
+ - deraadt@cvs.openbsd.org 2001/03/09 12:30:29
+ [sshd.c]
+ typo; slade@shore.net
+ - Removed log.o from sftp client. Not needed.
+
+20010309
+ - OpenBSD CVS Sync
+ - stevesk@cvs.openbsd.org 2001/03/08 18:47:12
+ [auth1.c]
+ unused; ok markus@
+ - stevesk@cvs.openbsd.org 2001/03/08 20:44:48
+ [sftp.1]
+ spelling, cleanup; ok deraadt@
+ - markus@cvs.openbsd.org 2001/03/08 21:42:33
+ [compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
+ implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
+ no need to do enter passphrase or do expensive sign operations if the
+ server does not accept key).
+
+20010308
+ - OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2001/03/07 10:11:23
+ [sftp-client.c sftp-client.h sftp-int.c sftp-server.c sftp.1 sftp.c sftp.h]
+ Support for new draft (draft-ietf-secsh-filexfer-01). New symlink handling
+ functions and small protocol change.
+ - markus@cvs.openbsd.org 2001/03/08 00:15:48
+ [readconf.c ssh.1]
+ turn off useprivilegedports by default. only rhost-auth needs
+ this. older sshd's may need this, too.
+ - (stevesk) Reliant Unix (SNI) needs HAVE_BOGUS_SYS_QUEUE_H;
+ Dirk Markwardt <D.Markwardt@tu-bs.de>
+
+20010307
+ - (bal) OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2001/03/06 06:11:18
+ [ssh-keyscan.c]
+ appease gcc
+ - deraadt@cvs.openbsd.org 2001/03/06 06:11:44
+ [sftp-int.c sftp.1 sftp.c]
+ sftp -b batchfile; mouring@etoh.eviladmin.org
+ - deraadt@cvs.openbsd.org 2001/03/06 15:10:42
+ [sftp.1]
+ order things
+ - deraadt@cvs.openbsd.org 2001/03/07 01:19:06
+ [ssh.1 sshd.8]
+ the name "secure shell" is boring, noone ever uses it
+ - deraadt@cvs.openbsd.org 2001/03/07 04:05:58
+ [ssh.1]
+ removed dated comment
+ - Cygwin contrib improvements from Corinna Vinschen <vinschen@redhat.com>
+
+20010306
+ - (bal) OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2001/03/05 14:28:47
+ [sshd.8]
+ alpha order; jcs@rt.fm
+ - stevesk@cvs.openbsd.org 2001/03/05 15:44:51
+ [servconf.c]
+ sync error message; ok markus@
+ - deraadt@cvs.openbsd.org 2001/03/05 15:56:16
+ [myproposal.h ssh.1]
+ switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
+ provos & markus ok
+ - deraadt@cvs.openbsd.org 2001/03/05 16:07:15
+ [sshd.8]
+ detail default hmac setup too
+ - markus@cvs.openbsd.org 2001/03/05 17:17:21
+ [kex.c kex.h sshconnect2.c sshd.c]
+ generate a 2*need size (~300 instead of 1024/2048) random private
+ exponent during the DH key agreement. according to Niels (the great
+ german advisor) this is safe since /etc/primes contains strong
+ primes only.
+
+ References:
+ P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key
+ agreement with short exponents, In Advances in Cryptology
+ - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
+ - stevesk@cvs.openbsd.org 2001/03/05 17:40:48
+ [ssh.1]
+ more ssh_known_hosts2 documentation; ok markus@
+ - stevesk@cvs.openbsd.org 2001/03/05 17:58:22
+ [dh.c]
+ spelling
+ - deraadt@cvs.openbsd.org 2001/03/06 00:33:04
+ [authfd.c cli.c ssh-agent.c]
+ EINTR/EAGAIN handling is required in more cases
+ - millert@cvs.openbsd.org 2001/03/06 01:06:03
+ [ssh-keyscan.c]
+ Don't assume we wil get the version string all in one read().
+ deraadt@ OK'd
+ - millert@cvs.openbsd.org 2001/03/06 01:08:27
+ [clientloop.c]
+ If read() fails with EINTR deal with it the same way we treat EAGAIN
+
20010305
- (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
- (bal) CVS ID touch up on sftp-int.c
- (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy()
- (bal) Fix up logging since it changed. removed log-*.c
- (djm) Fix up LOG_AUTHPRIV for systems that have it
+ - (stevesk) OpenBSD sync:
+ - deraadt@cvs.openbsd.org 2001/03/05 08:37:27
+ [ssh-keyscan.c]
+ skip inlining, why bother
+ - (stevesk) sftp.c: handle __progname
20010304
- (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.