-20091208
+20100126
+ - (djm) OpenBSD CVS Sync
+ - tedu@cvs.openbsd.org 2010/01/17 21:49:09
+ [ssh-agent.1]
+ Correct and clarify ssh-add's password asking behavior.
+ Improved text dtucker and ok jmc
+
+20100122
+ - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of
+ socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size
+ in Cygwin to 65535. Patch from Corinna Vinschen.
+
+20100117
+ - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too.
+ - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions
+ snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf().
+
+20100116
+ - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h
+ so we correctly detect whether or not we have a native user_from_uid.
+ - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid
+ and group_from_gid.
+ - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by
+ Tim.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2010/01/15 09:24:23
+ [sftp-common.c]
+ unused
+ - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused
+ variable warnings.
+ - (dtucker) [openbsd-compat/openbsd-compat.h] Typo.
+ - (tim) [regress/portnum.sh] Shell portability fix.
+ - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native
+ getaddrinfo() is too old and limited for addr_pton() in addrmatch.c.
+ - (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable so we
+ use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/
+ to keep USL compilers happy.
+
+20100115
+ - (dtucker) OpenBSD CVS Sync
+ - jmc@cvs.openbsd.org 2010/01/13 12:48:34
+ [sftp.1 sftp.c]
+ sftp.1: put ls -h in the right place
+ sftp.c: as above, plus add -p to get/put, and shorten their arg names
+ to keep the help usage nicely aligned
+ ok djm
+ - djm@cvs.openbsd.org 2010/01/13 23:47:26
+ [auth.c]
+ when using ChrootDirectory, make sure we test for the existence of the
+ user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
+ ok dtucker
+ - dtucker@cvs.openbsd.org 2010/01/14 23:41:49
+ [sftp-common.c]
+ use user_from{uid,gid} to lookup up ids since it keeps a small cache.
+ ok djm
+ - guenther@cvs.openbsd.org 2010/01/15 00:05:22
+ [sftp.c]
+ Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
+ inherited SIGTERM as ignored it will still be able to kill the ssh it
+ starts.
+ ok dtucker@
+ - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no
+ changes yet but there will be some to come).
+ - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability
+ for pwcache. Also, added caching of negative hits.
+
+20100114
+ - (djm) [platform.h] Add missing prototype for
+ platform_krb5_get_principal_name
+
+20100113
+ - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs.
+ - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18:
+ missing restore of SIGTTOU and some whitespace.
+ - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.
+ - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.
+ Fixes bz #1590, where sometimes you could not interrupt a connection while
+ ssh was prompting for a passphrase or password.
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2010/01/13 00:19:04
+ [sshconnect.c auth.c]
+ Fix a couple of typos/mispellings in comments
+ - dtucker@cvs.openbsd.org 2010/01/13 01:10:56
+ [key.c]
+ Ignore and log any Protocol 1 keys where the claimed size is not equal to
+ the actual size. Noted by Derek Martin, ok djm@
+ - dtucker@cvs.openbsd.org 2010/01/13 01:20:20
+ [canohost.c ssh-keysign.c sshconnect2.c]
+ Make HostBased authentication work with a ProxyCommand. bz #1569, patch
+ from imorgan at nas nasa gov, ok djm@
+ - djm@cvs.openbsd.org 2010/01/13 01:40:16
+ [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h]
+ support '-h' (human-readable units) for sftp's ls command, just like
+ ls(1); ok dtucker@
+ - djm@cvs.openbsd.org 2010/01/13 03:48:13
+ [servconf.c servconf.h sshd.c]
+ avoid run-time failures when specifying hostkeys via a relative
+ path by prepending the cwd in these cases; bz#1290; ok dtucker@
+ - djm@cvs.openbsd.org 2010/01/13 04:10:50
+ [sftp.c]
+ don't append a space after inserting a completion of a directory (i.e.
+ a path ending in '/') for a slightly better user experience; ok dtucker@
+ - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef.
+ - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG.
+ feedback and ok dtucker@
+
+20100112
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2010/01/11 01:39:46
+ [ssh_config channels.c ssh.1 channels.h ssh.c]
+ Add a 'netcat mode' (ssh -W). This connects stdio on the client to a
+ single port forward on the server. This allows, for example, using ssh as
+ a ProxyCommand to route connections via intermediate servers.
+ bz #1618, man page help from jmc@, ok markus@
+ - dtucker@cvs.openbsd.org 2010/01/11 04:46:45
+ [authfile.c sshconnect2.c]
+ Do not prompt for a passphrase if we fail to open a keyfile, and log the
+ reason the open failed to debug.
+ bz #1693, found by tj AT castaglia org, ok djm@
+ - djm@cvs.openbsd.org 2010/01/11 10:51:07
+ [ssh-keygen.c]
+ when converting keys, truncate key comments at 72 chars as per RFC4716;
+ bz#1630 reported by tj AT castaglia.org; ok markus@
+ - dtucker@cvs.openbsd.org 2010/01/12 00:16:47
+ [authfile.c]
+ Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.
+ Patch from joachim joachimschipper nl.
+ - djm@cvs.openbsd.org 2010/01/12 00:58:25
+ [monitor_fdpass.c]
+ avoid spinning when fd passing on nonblocking sockets by calling poll()
+ in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@
+ - djm@cvs.openbsd.org 2010/01/12 00:59:29
+ [roaming_common.c]
+ delete with extreme prejudice a debug() that fired with every keypress;
+ ok dtucker deraadt
+ - dtucker@cvs.openbsd.org 2010/01/12 01:31:05
+ [session.c]
+ Do not allow logins if /etc/nologin exists but is not readable by the user
+ logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
+ - djm@cvs.openbsd.org 2010/01/12 01:36:08
+ [buffer.h bufaux.c]
+ add a buffer_get_string_ptr_ret() that does the same as
+ buffer_get_string_ptr() but does not fatal() on error; ok dtucker@
+ - dtucker@cvs.openbsd.org 2010/01/12 08:33:17
+ [session.c]
+ Add explicit stat so we reliably detect nologin with bad perms.
+ ok djm markus
+
+20100110
+ - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
+ Remove hacks add for RoutingDomain in preparation for its removal.
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2010/01/09 23:04:13
+ [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
+ ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
+ readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
+ Remove RoutingDomain from ssh since it's now not needed. It can be
+ replaced with "route exec" or "nc -V" as a proxycommand. "route exec"
+ also ensures that trafic such as DNS lookups stays withing the specified
+ routingdomain. For example (from reyk):
+ # route -T 2 exec /usr/sbin/sshd
+ or inherited from the parent process
+ $ route -T 2 exec sh
+ $ ssh 10.1.2.3
+ ok deraadt@ markus@ stevesk@ reyk@
+ - dtucker@cvs.openbsd.org 2010/01/10 03:51:17
+ [servconf.c]
+ Add ChrootDirectory to sshd.c test-mode output
+ - dtucker@cvs.openbsd.org 2010/01/10 07:15:56
+ [auth.c]
+ Output a debug if we can't open an existing keyfile. bz#1694, ok djm@
+
+20100109
+ - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
+ have it.
+ - (dtucker) [defines.h] define PRIu64 for platforms that don't have it.
+ - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef.
+ - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name
+ when using utmpx. Patch from Ed Schouten.
+ - (dtucker) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2010/01/09 00:20:26
+ [sftp-server.c sftp-server.8]
+ add a 'read-only' mode to sftp-server(8) that disables open in write mode
+ and all other fs-modifying protocol methods. bz#430 ok dtucker@
+ - djm@cvs.openbsd.org 2010/01/09 00:57:10
+ [PROTOCOL]
+ tweak language
+ - jmc@cvs.openbsd.org 2010/01/09 03:36:00
+ [sftp-server.8]
+ bad place to forget a comma...
+ - djm@cvs.openbsd.org 2010/01/09 05:04:24
+ [mux.c sshpty.h clientloop.c sshtty.c]
+ quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
+ usually don't actually have a tty to read/set; bz#1686 ok dtucker@
+ - dtucker@cvs.openbsd.org 2010/01/09 05:17:00
+ [roaming_client.c]
+ Remove a PRIu64 format string that snuck in with roaming. ok djm@
+ - dtucker@cvs.openbsd.org 2010/01/09 11:13:02
+ [sftp.c]
+ Prevent sftp from derefing a null pointer when given a "-" without a
+ command. Also, allow whitespace to follow a "-". bz#1691, path from
+ Colin Watson via Debian. ok djm@ deraadt@
+ - dtucker@cvs.openbsd.org 2010/01/09 11:17:56
+ [sshd.c]
+ Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs
+ itself. Prevents two HUPs in quick succession from resulting in sshd
+ dying. bz#1692, patch from Colin Watson via Ubuntu.
+ - (dtucker) [defines.h] Remove now-undeeded PRIu64 define.
+
+20100108
- (dtucker) OpenBSD CVS Sync
- andreas@cvs.openbsd.org 2009/10/24 11:11:58
[roaming.h]
andersk / openssh.git / blobdiff