+20000815
+ - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com>
+ - (djm) Avoid failures on Irix when ssh is not setuid. Fix from
+ Michael Stone <mstone@cs.loyola.edu>
+ - (djm) Don't seek in directory based lastlogs
+ - (djm) Fix --with-ipaddr-display configure option test. Patch from
+ Jarno Huuskonen <jhuuskon@messi.uku.fi>
+ - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br>
+
+20000813
+ - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from
+ Fabrice bacchella <fabrice.bacchella@marchfirst.fr>
+
+20000809
+ - (djm) Define AIX hard limits if headers don't. Report from
+ Bill Painter <william.t.painter@lmco.com>
+ - (djm) utmp direct write & SunOS 4 patch from Charles Levert
+ <charles@comm.polymtl.ca>
+
+20000808
+ - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install
+ time, spec file cleanup.
+
+20000807
+ - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke
+ - (djm) Suppress error messages on channel close shutdown() failurs
+ works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org>
+ - (djm) Add some more entropy collection commands from Lutz Jaenicke
+
+20000725
+ - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF
+
+20000721
+ - (djm) OpenBSD CVS updates:
+ - markus@cvs.openbsd.org 2000/07/16 02:27:22
+ [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
+ [sshconnect1.c sshconnect2.c]
+ make ssh-add accept dsa keys (the agent does not)
+ - djm@cvs.openbsd.org 2000/07/17 19:25:02
+ [sshd.c]
+ Another closing of stdin; ok deraadt
+ - markus@cvs.openbsd.org 2000/07/19 18:33:12
+ [dsa.c]
+ missing free, reorder
+ - markus@cvs.openbsd.org 2000/07/20 16:23:14
+ [ssh-keygen.1]
+ document input and output files
+
+20000720
+ - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz>
+
+20000716
+ - (djm) Release 2.1.1p4
+
+20000715
+ - (djm) OpenBSD CVS updates
+ - provos@cvs.openbsd.org 2000/07/13 16:53:22
+ [aux.c readconf.c servconf.c ssh.h]
+ allow multiple whitespace but only one '=' between tokens, bug report from
+ Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@
+ - provos@cvs.openbsd.org 2000/07/13 17:14:09
+ [clientloop.c]
+ typo; todd@fries.net
+ - provos@cvs.openbsd.org 2000/07/13 17:19:31
+ [scp.c]
+ close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu>
+ - markus@cvs.openbsd.org 2000/07/14 16:59:46
+ [readconf.c servconf.c]
+ allow leading whitespace. ok niels
+ - djm@cvs.openbsd.org 2000/07/14 22:01:38
+ [ssh-keygen.c ssh.c]
+ Always create ~/.ssh with mode 700; ok Markus
+ - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca>
+ - Include floatingpoint.h for entropy.c
+ - strerror replacement
+
20000712
- (djm) Remove -lresolve for Reliant Unix
- (djm) OpenBSD CVS Updates:
- Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
def'd
- Set AIX to use preformatted manpages
-
+
20000610
- (djm) Minor doc tweaks
- (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
- (andre) New login code
- Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c
- Add loginrec.[ch], logintest.c and autoconf code
-
+
20000531
- Cleanup of auth.c, login.c and fake-*
- Cleanup of auth-pam.c, save and print "account expired" error messages
- Gives useful error message if PRNG initialisation fails
- Reduced ssh startup delay
- Measures cumulative command time rather than the time between reads
- after select()
+ after select()
- 'fixprogs' perl script to eliminate non-working entropy commands, and
- optionally run 'ent' to measure command entropy
+ optionally run 'ent' to measure command entropy
- Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
- Avoid WCOREDUMP complation errors for systems that lack it
- Avoid SIGCHLD warnings from entropy commands
20000309
- OpenBSD CVS updates to v1.2.3
- [ssh.h atomicio.c]
- - int atomicio -> ssize_t (for alpha). ok deraadt@
- [auth-rsa.c]
- - delay MD5 computation until client sends response, free() early, cleanup.
- [cipher.c]
- - void* -> unsigned char*, ok niels@
- [hostfile.c]
- - remove unused variable 'len'. fix comments.
- - remove unused variable
- [log-client.c log-server.c]
- - rename a cpp symbol, to avoid param.h collision
- [packet.c]
- - missing xfree()
- - getsockname() requires initialized tolen; andy@guildsoftware.com
- - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
- from Holger.Trapp@Informatik.TU-Chemnitz.DE
- [pty.c pty.h]
- - register cleanup for pty earlier. move code for pty-owner handling to
- pty.c ok provos@, dugsong@
- [readconf.c]
- - turn off x11-fwd for the client, too.
- [rsa.c]
- - PKCS#1 padding
- [scp.c]
- - allow '.' in usernames; from jedgar@fxp.org
- [servconf.c]
- - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
- - sync with sshd_config
- [ssh-keygen.c]
- - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
- [ssh.1]
- - Change invalid 'CHAT' loglevel to 'VERBOSE'
- [ssh.c]
- - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
- - turn off x11-fwd for the client, too.
- [sshconnect.c]
- - missing xfree()
- - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
- - read error vs. "Connection closed by remote host"
- [sshd.8]
- - ie. -> i.e.,
- - do not link to a commercial page..
- - sync with sshd_config
- [sshd.c]
- - no need for poll.h; from bright@wintelcom.net
- - log with level log() not fatal() if peer behaves badly.
- - don't panic if client behaves strange. ok deraadt@
- - make no-port-forwarding for RSA keys deny both -L and -R style fwding
- - delay close() of pty until the pty has been chowned back to root
- - oops, fix comment, too.
- - missing xfree()
- - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
- (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
- - register cleanup for pty earlier. move code for pty-owner handling to
+ [ssh.h atomicio.c]
+ - int atomicio -> ssize_t (for alpha). ok deraadt@
+ [auth-rsa.c]
+ - delay MD5 computation until client sends response, free() early, cleanup.
+ [cipher.c]
+ - void* -> unsigned char*, ok niels@
+ [hostfile.c]
+ - remove unused variable 'len'. fix comments.
+ - remove unused variable
+ [log-client.c log-server.c]
+ - rename a cpp symbol, to avoid param.h collision
+ [packet.c]
+ - missing xfree()
+ - getsockname() requires initialized tolen; andy@guildsoftware.com
+ - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
+ from Holger.Trapp@Informatik.TU-Chemnitz.DE
+ [pty.c pty.h]
+ - register cleanup for pty earlier. move code for pty-owner handling to
+ pty.c ok provos@, dugsong@
+ [readconf.c]
+ - turn off x11-fwd for the client, too.
+ [rsa.c]
+ - PKCS#1 padding
+ [scp.c]
+ - allow '.' in usernames; from jedgar@fxp.org
+ [servconf.c]
+ - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
+ - sync with sshd_config
+ [ssh-keygen.c]
+ - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
+ [ssh.1]
+ - Change invalid 'CHAT' loglevel to 'VERBOSE'
+ [ssh.c]
+ - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
+ - turn off x11-fwd for the client, too.
+ [sshconnect.c]
+ - missing xfree()
+ - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
+ - read error vs. "Connection closed by remote host"
+ [sshd.8]
+ - ie. -> i.e.,
+ - do not link to a commercial page..
+ - sync with sshd_config
+ [sshd.c]
+ - no need for poll.h; from bright@wintelcom.net
+ - log with level log() not fatal() if peer behaves badly.
+ - don't panic if client behaves strange. ok deraadt@
+ - make no-port-forwarding for RSA keys deny both -L and -R style fwding
+ - delay close() of pty until the pty has been chowned back to root
+ - oops, fix comment, too.
+ - missing xfree()
+ - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
+ (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
+ - register cleanup for pty earlier. move code for pty-owner handling to
pty.c ok provos@, dugsong@
- - create x11 cookie file
- - fix pr 1113, fclose() -> pclose(), todo: remote popen()
- - version 1.2.3
+ - create x11 cookie file
+ - fix pr 1113, fclose() -> pclose(), todo: remote popen()
+ - version 1.2.3
- Cleaned up
- Removed warning workaround for Linux and devpts filesystems (no longer
required after OpenBSD updates)
modular.
- Revised autoconf support for enabling/disabling askpass support.
- Merged more OpenBSD CVS changes:
- [auth-krb4.c]
- - disconnect if getpeername() fails
- - missing xfree(*client)
- [canohost.c]
- - disconnect if getpeername() fails
- - fix comment: we _do_ disconnect if ip-options are set
- [sshd.c]
- - disconnect if getpeername() fails
- - move checking of remote port to central place
- [auth-rhosts.c] move checking of remote port to central place
- [log-server.c] avoid extra fd per sshd, from millert@
- [readconf.c] print _all_ bad config-options in ssh(1), too
- [readconf.h] print _all_ bad config-options in ssh(1), too
- [ssh.c] print _all_ bad config-options in ssh(1), too
- [sshconnect.c] disconnect if getpeername() fails
+ [auth-krb4.c]
+ - disconnect if getpeername() fails
+ - missing xfree(*client)
+ [canohost.c]
+ - disconnect if getpeername() fails
+ - fix comment: we _do_ disconnect if ip-options are set
+ [sshd.c]
+ - disconnect if getpeername() fails
+ - move checking of remote port to central place
+ [auth-rhosts.c] move checking of remote port to central place
+ [log-server.c] avoid extra fd per sshd, from millert@
+ [readconf.c] print _all_ bad config-options in ssh(1), too
+ [readconf.h] print _all_ bad config-options in ssh(1), too
+ [ssh.c] print _all_ bad config-options in ssh(1), too
+ [sshconnect.c] disconnect if getpeername() fails
- OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
- Various small cleanups to bring diff (against OpenBSD) size down.
- Merged more Solaris compability from Marc G. Fournier