+20030902
+ - (djm) OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2003/08/24 17:36:51
+ [auth2-gss.c]
+ 64 bit cleanups; markus ok
+ - markus@cvs.openbsd.org 2003/08/28 12:54:34
+ [auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c]
+ [monitor_wrap.h readconf.c servconf.c session.c ssh_config.5]
+ [sshconnect1.c sshd.c sshd_config sshd_config.5]
+ remove kerberos support from ssh1, since it has been replaced with GSSAPI;
+ but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
+ - markus@cvs.openbsd.org 2003/08/29 10:03:15
+ [compat.c compat.h]
+ SSH_BUG_K5USER is unused; ok henning@
+ - markus@cvs.openbsd.org 2003/08/29 10:04:36
+ [channels.c nchan.c]
+ be less chatty; debug -> debug2, cleanup; ok henning@
+ - markus@cvs.openbsd.org 2003/08/31 10:26:04
+ [progressmeter.c]
+ pass file_size + 1 to snprintf: fixes printing of truncated
+ file names; fix based on patch/report from sturm@;
+ - markus@cvs.openbsd.org 2003/08/31 12:14:22
+ [progressmeter.c]
+ do write to buf[-1]
+ - markus@cvs.openbsd.org 2003/08/31 13:29:05
+ [session.c]
+ call ssh_gssapi_storecreds conditionally from do_exec();
+ with sxw@inf.ed.ac.uk
+ - markus@cvs.openbsd.org 2003/08/31 13:30:18
+ [gss-serv.c]
+ correct string termination in parse_ename(); sxw@inf.ed.ac.uk
+ - markus@cvs.openbsd.org 2003/08/31 13:31:57
+ [gss-serv.c]
+ whitspace KNF
+ - markus@cvs.openbsd.org 2003/09/01 09:50:04
+ [sshd_config.5]
+ gss kex is not supported; sxw@inf.ed.ac.uk
+ - markus@cvs.openbsd.org 2003/09/01 12:50:46
+ [readconf.c]
+ rm gssapidelegatecreds alias; never supported before
+ - markus@cvs.openbsd.org 2003/09/01 13:52:18
+ [ssh.h]
+ rm whitespace
+ - markus@cvs.openbsd.org 2003/09/01 18:15:50
+ [readconf.c readconf.h servconf.c servconf.h ssh.c]
+ remove unused kerberos code; ok henning@
+ - markus@cvs.openbsd.org 2003/09/01 20:44:54
+ [auth2-gss.c]
+ fix leak
+ - (djm) Don't initialise pam_conv structures inline. Avoids HP/UX compiler
+ error. Part of Bug #423, patch from michael_steffens AT hp.com
+ - (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM session
+ management (now done in do_setusercontext). Largely from
+ michael_steffens AT hp.com
+
+20030829
+ - (bal) openbsd-compat/ clean up. Considate headers, add in Id on our
+ files, and added missing license to header.
+
+20030826
+ - (djm) Bug #629: Mark ssh_config option "pamauthenticationviakbdint"
+ as deprecated. Remove mention from README.privsep. Patch from
+ aet AT cc.hut.fi
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/08/22 10:56:09
+ [auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
+ gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
+ readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
+ ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
+ support GSS API user authentication; patches from Simon Wilkinson,
+ stripped down and tested by Jakob and myself.
+ - markus@cvs.openbsd.org 2003/08/22 13:20:03
+ [sshconnect2.c]
+ remove support for "kerberos-2@ssh.com"
+ - markus@cvs.openbsd.org 2003/08/22 13:22:27
+ [auth2.c] (auth2-krb5.c removed)
+ nuke "kerberos-2@ssh.com"
+ - markus@cvs.openbsd.org 2003/08/22 20:55:06
+ [LICENCE]
+ add Simon Wilkinson
+ - deraadt@cvs.openbsd.org 2003/08/24 17:36:52
+ [monitor.c monitor_wrap.c sshconnect2.c]
+ 64 bit cleanups; markus ok
+ - fgsch@cvs.openbsd.org 2003/08/25 08:13:09
+ [sftp-int.c]
+ fix div by zero when listing for filename lengths longer than width.
+ markus@ ok.
+ - djm@cvs.openbsd.org 2003/08/25 10:33:33
+ [sshconnect2.c]
+ fprintf->logit to silence login banner with "ssh -q"; ok markus@
+ - (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
+ configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
+ sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
+ - (dtucker) [Makefile.in] Remove auth2-krb5.
+ - (dtucker) [contrib/aix/inventory.sh] Add public domain notice. ok mouring@
+ (the original author)
+ - (dtucker) [auth.c] Do not check for locked accounts when PAM is enabled.
+
+20030825
+ - (djm) Bug #621: Select OpenSC keys by usage attributes. Patch from
+ larsch@trustcenter.de
+ - (bal) openbsd-compat/ OpenBSD updates. Mostly licensing, ansifications
+ and minor fixes. OK djm@
+ - (bal) redo how we handle 'mysignal()'. Move it to
+ openbsd-compat/bsd-misc.c, s/mysignal/signal/ and #define signal to
+ be our 'mysignal' by default. OK djm@
+ - (dtucker) [acconfig.h auth.c configure.ac sshd.8] Bug #422 again: deny
+ any access to locked accounts. ok djm@
+ - (djm) Bug #564: Perform PAM account checks for all authentications when
+ UsePAM=yes; ok dtucker
+ - (dtucker) [configure.ac] Bug #533, #551: define BROKEN_GETADDRINFO on
+ Tru64, solves getnameinfo and "bad addr or host" errors. ok djm@
+ - (dtucker) [README buildbff.sh inventory.sh] (all in contrib/aix)
+ Update package builder: correctly handle config variables, use lsuser
+ rather than /etc/passwd, fix typos, add Id's.
+
+20030822
+ - (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal
+ -lbroken; ok dtucker
+ - (dtucker) [contrib/cygwin/ssh-user-config] Put keys in authorized_keys
+ rather that authorized_keys2. Patch from vinschen@redhat.com.
+
+20030821
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/08/14 16:08:58
+ [ssh-keygen.c]
+ exit after primetest, ok djm@
+ - (dtucker) [defines.h] Put CMSG_DATA, CMSG_FIRSTHDR with other CMSG* macros,
+ change CMSG_DATA to use __CMSG_ALIGN (and thus work properly), reformat for
+ consistency.
+ - (dtucker) [configure.ac] Move openpty/ctty test outside of case statement
+ and after normal openpty test.
+
+20030813
+ - (dtucker) [session.c] Remove #ifdef TIOCSBRK kludge.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/08/13 08:33:02
+ [session.c]
+ use more portable tcsendbreak(3) and ignore break_length;
+ ok deraadt, millert
+ - markus@cvs.openbsd.org 2003/08/13 08:46:31
+ [auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
+ ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
+ remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,
+ fgsch@, miod@, henning@, jakob@ and others
+ - markus@cvs.openbsd.org 2003/08/13 09:07:10
+ [readconf.c ssh.c]
+ socks4->socks, since with support both 4 and 5; dtucker@zip.com.au
+ - (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
+ Add a tcsendbreak function for platforms that don't have one, based on the
+ one from OpenBSD.
+
+20030811
+ - (dtucker) OpenBSD CVS Sync
+ (thanks to Simon Wilkinson for help with this -dt)
+ - markus@cvs.openbsd.org 2003/07/16 15:02:06
+ [auth-krb5.c]
+ mcc -> fcc; from Love Hörnquist Åstrand <lha@it.su.se>
+ otherwise the kerberos credentinal is stored in a memory cache
+ in the privileged sshd. ok jabob@, hin@ (some time ago)
+ - (dtucker) [openbsd-compat/xcrypt.c] Remove Cygwin #ifdef block (duplicate
+ in bsd-cygwin_util.h).
+
+20030808
+ - (dtucker) [openbsd-compat/fake-rfc2553.h] Older Linuxes have AI_PASSIVE and
+ AI_CANONNAME in netdb.h but not AI_NUMERICHOST, so check each definition
+ separately before defining them.
+ - (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@
+
+20030807
+ - (dtucker) [session.c] Have session_break_req not attempt to send a break
+ if TIOCSBRK and TIOCCBRK are not defined (eg Cygwin).
+ - (dtucker) [canohost.c] Bug #336: Only check ip options if IP_OPTIONS is
+ defined (fixes compile error on really old Linuxes).
+ - (dtucker) [defines.h] Bug #336: Add CMSG_DATA and CMSG_FIRSTHDR macros if
+ not already defined (eg Linux with some versions of libc5), based on those
+ from OpenBSD.
+ - (dtucker) [openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
+ Remove incorrect filenames from comments (file names are in Id tags).
+ - (dtucker) [session.c openbsd-compat/bsd-cygwin_util.h] Move Cygwin
+ specific defines and includes to bsd-cygwin_util.h. Fixes build error too.
+
+20030802
+ - (dtucker) [monitor.h monitor_wrap.h] Remove excess ident tags.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/07/22 13:35:22
+ [auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
+ monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
+ ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
+ remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
+ test+ok henning@
+ - (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
+ - (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/07/23 07:42:43
+ [sshd_config]
+ remove AFS; itojun@
+ - djm@cvs.openbsd.org 2003/07/28 09:49:56
+ [ssh-keygen.1 ssh-keygen.c]
+ Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen.
+ Based on code from Phil Karn, William Allen Simpson and Niels Provos.
+ ok markus@, thanks jmc@
+ - markus@cvs.openbsd.org 2003/07/29 18:24:00
+ [LICENCE progressmeter.c]
+ replace 4 clause BSD licensed progressmeter code with a replacement
+ from Nils Nordman and myself; ok deraadt@
+ (copied from OpenBSD an re-applied portable changes)
+ - markus@cvs.openbsd.org 2003/07/29 18:26:46
+ [progressmeter.c]
+ fix length for "- stalled -" (included with previous import)
+ - markus@cvs.openbsd.org 2003/07/30 07:44:14
+ [progressmeter.c]
+ use only 4 digits in format_size (included with previous import)
+ - markus@cvs.openbsd.org 2003/07/30 07:53:27
+ [progressmeter.c]
+ whitespace (included with previous import)
+ - markus@cvs.openbsd.org 2003/07/31 09:21:02
+ [auth2-none.c]
+ check whether passwd auth is allowd, similar to proto 1; rob@pitman.co.za
+ ok henning
+ - avsm@cvs.openbsd.org 2003/07/31 15:50:16
+ [atomicio.c]
+ correct comment: atomicio takes vwrite, not write; deraadt@ ok
+ - markus@cvs.openbsd.org 2003/07/31 22:34:03
+ [progressmeter.c]
+ print rate similar old version; round instead truncate;
+ (included in previous progressmeter.c commit)
+ - (dtucker) [openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
+ Add a tcgetpgrp function.
+ - (dtucker) [Makefile.in moduli.c moduli.h] Add new files and to Makefile.
+ - (dtucker) [openbsd-compat/bsd-misc.c] Fix cut-and-paste bug in tcgetpgrp.
+
+20030730
+ - (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal
+
+20030726
+ - (dtucker) [openbsd-compat/xcrypt.c] Fix typo: DISABLED_SHADOW ->
+ DISABLE_SHADOW. Fixes HP-UX compile error.
+
+20030724
+ - (bal) [auth-passwd.c openbsd-compat/Makefile.in openbsd-compat/xcrypt.c
+ openbsd-compat/xcrypt.h] Split off encryption into xcrypt() interface,
+ and isolate shadow password functions. Tested in Solaris, but should
+ not break other platforms too badly (except maybe HP =). Also brings
+ auth-passwd.c into full sync with OpenBSD tree.
+
+20030723
+ - (dtucker) [configure.ac] Back out change for bug #620.
+
+20030719
+ - (dtucker) [configure.ac] Bug #620: Define BROKEN_GETADDRINFO for
+ Solaris/x86. Patch from jrhett at isite.net.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/07/14 12:36:37
+ [sshd.c]
+ remove undocumented -V option. would be only useful if openssh is used
+ as ssh v1 server for ssh.com's ssh v2.
+ - markus@cvs.openbsd.org 2003/07/16 10:34:53
+ [ssh.c sshd.c]
+ don't exit on multiple -v or -d; ok deraadt@
+ - markus@cvs.openbsd.org 2003/07/16 10:36:28
+ [sshtty.c]
+ clear IUCLC in enter_raw_mode; from rob@pitman.co.za; ok deraadt@, fgs@
+ - deraadt@cvs.openbsd.org 2003/07/18 01:54:25
+ [scp.c]
+ userid is unsigned, but well, force it anyways; andrushock@korovino.net
+ - djm@cvs.openbsd.org 2003/07/19 00:45:53
+ [sftp-int.c]
+ fix sftp filename parsing for arguments with escaped quotes. bz #517;
+ ok markus
+ - djm@cvs.openbsd.org 2003/07/19 00:46:31
+ [regress/sftp-cmds.sh]
+ regress test for sftp arguments with escaped quotes; ok markus
+
+20030714
+ - (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare
+ loginfailed at all, so assume 3-arg loginfailed if not declared.
+ - (dtucker) [port-aix.h] Work around name collision on AIX for r_type by
+ undef'ing it.
+ - (dtucker) Bug #543: [configure.ac port-aix.c port-aix.h]
+ Call setauthdb() before loginfailed(), which may load password registry-
+ specific functions. Based on patch by cawlfiel at us.ibm.com.
+ - (dtucker) [port-aix.h] Fix prototypes.
+ - (dtucker) OpenBSD CVS Sync
+ - avsm@cvs.openbsd.org 2003/07/09 13:58:19
+ [key.c]
+ minor tweak: when generating the hex fingerprint, give strlcat the full
+ bound to the buffer, and add a comment below explaining why the
+ zero-termination is one less than the bound. markus@ ok
+ - markus@cvs.openbsd.org 2003/07/10 14:42:28
+ [packet.c]
+ the 2^(blocksize*2) rekeying limit is too expensive for 3DES,
+ blowfish, etc, so enforce a 1GB limit for small blocksizes.
+ - markus@cvs.openbsd.org 2003/07/10 20:05:55
+ [sftp.c]
+ sync usage with manpage, add missing -R
+
+20030708
+ - (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]]
+ Include AIX headers for authentication functions and make calls match
+ prototypes. Test for and handle 3-arg and 4-arg variants of loginfailed.
+ - (dtucker) [session.c] Check return value of setpcred().
+ - (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h]
+ Convert aixloginmsg into platform-independant Buffer loginmsg.
+
+20030707
+ - (dtucker) [configure.ac] Bug #600: Check that getrusage is declared before
+ searching libraries for it. Fixes build errors on NCR MP-RAS.
+
+20030706
+ - (dtucker) [ssh-rand-helper.c loginrec.c]
+ Apply atomicio typing change to these too.
+
20030703
- (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2003/06/28 07:48:10
progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
sshd.c]
deal with typing of write vs read in atomicio
+ - markus@cvs.openbsd.org 2003/06/29 12:44:38
+ [sshconnect.c]
+ memset 0, not \0; andrushock@korovino.net
+ - markus@cvs.openbsd.org 2003/07/02 12:56:34
+ [channels.c]
+ deny dynamic forwarding with -R for v1, too; ok djm@
+ - markus@cvs.openbsd.org 2003/07/02 14:51:16
+ [channels.c ssh.1 ssh_config.5]
+ (re)add socks5 suppport to -D; ok djm@
+ now ssh(1) can act both as a socks 4 and socks 5 server and
+ dynamically forward ports.
+ - markus@cvs.openbsd.org 2003/07/02 20:37:48
+ [ssh.c]
+ convert hostkeyalias to lowercase, otherwise uppercase aliases will
+ not match at all; ok henning@
+ - markus@cvs.openbsd.org 2003/07/03 08:21:46
+ [regress/dynamic-forward.sh]
+ add socks5; speedup; reformat; based on patch from dtucker@zip.com.au
+ - markus@cvs.openbsd.org 2003/07/03 08:24:13
+ [regress/Makefile]
+ enable tests for dynamic fwd via socks (-D), uses nc(1)
+ - djm@cvs.openbsd.org 2003/07/03 08:09:06
+ [readconf.c readconf.h ssh-keysign.c ssh.c]
+ fix AddressFamily option in config file, from brent@graveland.net;
+ ok markus@
20030630
- (djm) Search for support functions necessary to build our
andersk / openssh.git / blobdiff