-20050502
+20040622
+ - (dtucker) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2004/06/20 17:36:59
+ [ssh.c]
+ filter passed env vars at slave in connection sharing case; ok markus@
+ - djm@cvs.openbsd.org 2004/06/20 18:53:39
+ [sftp.c]
+ make "ls -l" listings print user/group names, add "ls -n" to show uid/gid
+ (like /bin/ls); idea & ok markus@
+ - djm@cvs.openbsd.org 2004/06/20 19:28:12
+ [sftp.1]
+ mention new -n flag
+ - avsm@cvs.openbsd.org 2004/06/21 17:36:31
+ [auth-rsa.c auth2-gss.c auth2-pubkey.c authfile.c canohost.c channels.c
+ cipher.c dns.c kex.c monitor.c monitor_fdpass.c monitor_wrap.c
+ monitor_wrap.h nchan.c packet.c progressmeter.c scp.c sftp-server.c sftp.c
+ ssh-gss.h ssh-keygen.c ssh.c sshconnect.c sshconnect1.c sshlogin.c
+ sshpty.c]
+ make ssh -Wshadow clean, no functional changes
+ markus@ ok
+ - djm@cvs.openbsd.org 2004/06/21 17:53:03
+ [session.c]
+ fix fd leak for multiple subsystem connections; with markus@
+ - djm@cvs.openbsd.org 2004/06/21 22:02:58
+ [log.h]
+ mark fatal and cleanup exit as __dead; ok markus@
+ - djm@cvs.openbsd.org 2004/06/21 22:04:50
+ [sftp.c]
+ introduce sorting for ls, same options as /bin/ls; ok markus@
+ - djm@cvs.openbsd.org 2004/06/21 22:30:45
+ [sftp.c]
+ prefix ls option flags with LS_
+ - djm@cvs.openbsd.org 2004/06/21 22:41:31
+ [sftp.1]
+ document sort options
+ - djm@cvs.openbsd.org 2004/06/22 01:16:39
+ [sftp.c]
+ don't show .files by default in ls, add -a option to turn them back on;
+ ok markus
+
+20040620
+ - (tim) [configure.ac Makefile.in] Only change TEST_SHELL on broken platforms.
+
+20040619
+ - (dtucker) [auth-pam.c] Don't use PAM namespace for
+ pam_password_change_required either.
+ - (tim) [configure.ac buildpkg.sh.in contrib/solaris/README] move opensshd
+ init script to top level directory. Add opensshd.init.in.
+ Remove contrib/solaris/buildpkg.sh, contrib/solaris/opensshd.in
+
+20040618
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2004/06/17 14:52:48
+ [clientloop.c clientloop.h ssh.c]
+ support environment passing over shared connections; ok markus@
+ - djm@cvs.openbsd.org 2004/06/17 15:10:14
+ [clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
+ Add option for confirmation (ControlMaster=ask) via ssh-askpass before
+ opening shared connections; ok markus@
+ - djm@cvs.openbsd.org 2004/06/17 14:53:27
+ [regress/multiplex.sh]
+ shared connection env passing regress test
+ - (dtucker) [regress/README.regress] Add detail on how to run a single
+ test from the top-level Makefile.
+ - (dtucker) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2004/06/17 23:56:57
+ [ssh.1 ssh.c]
+ sync usage() and SYNPOSIS with connection sharing changes
+ - dtucker@cvs.openbsd.org 2004/06/18 06:13:25
+ [sftp.c]
+ Use execvp instead of execv so sftp -S ssh works. "makes sense" markus@
+ - dtucker@cvs.openbsd.org 2004/06/18 06:15:51
+ [multiplex.sh]
+ Use -S for scp/sftp to force the use of the ssh being tested.
+ ok djm@,markus@
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2004/06/18 10:40:19
+ [ssh.c]
+ delay signal handler setup until we have finished talking to the master.
+ allow interrupting of setup (e.g. if master is stuck); ok markus@
+ - markus@cvs.openbsd.org 2004/06/18 10:55:43
+ [ssh.1 ssh.c]
+ trim synopsis for -S, allow -S and -oControlMaster, -MM means 'ask';
+ ok djm
+ - djm@cvs.openbsd.org 2004/06/18 11:11:54
+ [channels.c clientloop.c]
+ Don't explode in clientloop when we receive a bogus channel id, but
+ also don't generate them to begin with; ok markus@
+
+20040617
+ - (dtucker) [regress/scp.sh] diff -N is not portable (but needed for some
+ platforms), so test if diff understands it. Pointed out by tim@, ok djm@
+ - (dtucker) OpenBSD CVS Sync regress/
+ - dtucker@cvs.openbsd.org 2004/06/17 05:51:59
+ [regress/multiplex.sh]
+ Remove datafile between and after tests, kill sshd rather than wait;
+ ok djm@
+ - dtucker@cvs.openbsd.org 2004/06/17 06:00:05
+ [regress/multiplex.sh]
+ Use DATA and COPY for test data rather than hard-coded paths; ok djm@
+ - dtucker@cvs.openbsd.org 2004/06/17 06:19:06
+ [regress/multiplex.sh]
+ Add small description of failing test to failure message; ok djm@
+ - (dtucker) [regress/multiplex.sh] add EXEEXT for those platforms that need
+ it.
+ - (dtucker) [regress/multiplex.sh] Increase sleep time to 120 sec (60 is not
+ enough for slow systems, especially if they don't have a kernel RNG).
+
+20040616
+ - (dtucker) [openbsd-compat/port-aix.c] Expand whitespace -> tabs. No
+ code changes.
+ - (dtucker) OpenBSD CVS Sync regress/
+ - djm@cvs.openbsd.org 2004/04/27 09:47:30
+ [regress/Makefile regress/test-exec.sh, added regress/envpass.sh]
+ regress test for environment passing, SendEnv & AcceptEnv options;
+ ok markus@
+ - dtucker@cvs.openbsd.org 2004/06/13 13:51:02
+ [regress/Makefile regress/test-exec.sh, added regress/scp-ssh-wrapper.sh
+ regress/scp.sh]
+ Add scp regression test; with & ok markus@
+ - djm@cvs.openbsd.org 2004/06/13 15:04:08
+ [regress/Makefile regress/test-exec.sh, added regress/envpass.sh]
+ regress test for client multiplexing; ok markus@
+ - djm@cvs.openbsd.org 2004/06/13 15:16:54
+ [regress/test-exec.sh]
+ remove duplicate setting of $SCP; spotted by markus@
+ - dtucker@cvs.openbsd.org 2004/06/16 13:15:09
+ [regress/scp.sh]
+ Make scp -r tests use diff -rN not cmp (which won't do dirs. ok markus@
+ - dtucker@cvs.openbsd.org 2004/06/16 13:16:40
+ [regress/multiplex.sh]
+ Silence multiplex sftp and scp tests. ok markus@
+ - (dtucker) [regress/test-exec.sh]
+ Move Portable-only StrictModes to top of list to make syncs easier.
+ - (dtucker) [regress/README.regress]
+ Add $TEST_SHELL to readme.
+
+20040615
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2004/05/26 08:59:57
+ [sftp.c]
+ exit -> _exit in forked child on error; from andrushock AT korovino.net
+ - markus@cvs.openbsd.org 2004/05/26 23:02:39
+ [channels.c]
+ missing freeaddrinfo; Andrey Matveev
+ - dtucker@cvs.openbsd.org 2004/05/27 00:50:13
+ [readconf.c]
+ Kill dead code after fatal(); ok djm@
+ - dtucker@cvs.openbsd.org 2004/06/01 14:20:45
+ [auth2-chall.c]
+ Remove redundant #include; ok markus@
+ - pedro@cvs.openbsd.org 2004/06/03 12:22:20
+ [sftp-client.c sftp.c]
+ initialize pointers, ok markus@
+ - djm@cvs.openbsd.org 2004/06/13 12:53:24
+ [dh.c dh.h kex.c kex.h kexdhc.c kexdhs.c monitor.c myproposal.h]
+ [ssh-keyscan.c sshconnect2.c sshd.c]
+ implement diffie-hellman-group14-sha1 kex method (trivial extension to
+ existing diffie-hellman-group1-sha1); ok markus@
+ - dtucker@cvs.openbsd.org 2004/06/13 14:01:42
+ [ssh.1 ssh_config.5 sshd_config.5]
+ List supported ciphers in man pages, tidy up ssh -c;
+ "looks fine" jmc@, ok markus@
+ - djm@cvs.openbsd.org 2004/06/13 15:03:02
+ [channels.c channels.h clientloop.c clientloop.h includes.h readconf.c]
+ [readconf.h scp.1 sftp.1 ssh.1 ssh.c ssh_config.5]
+ implement session multiplexing in the client (the server has supported
+ this since 2.0); ok markus@
+ - djm@cvs.openbsd.org 2004/06/14 01:44:39
+ [channels.c clientloop.c misc.c misc.h packet.c ssh-agent.c ssh-keyscan.c]
+ [sshd.c]
+ set_nonblock() instead of fnctl(...,O_NONBLOCK); "looks sane" deraadt@
+ - djm@cvs.openbsd.org 2004/06/15 05:45:04
+ [clientloop.c]
+ missed one unset_nonblock; spotted by Tim Rice
+ - (djm) Fix Makefile.in for connection sharing changes
+ - (djm) [ssh.c] Use separate var for address length
+
+20040603
+ - (dtucker) [auth-pam.c] Don't use pam_* namespace for sshd's PAM functions.
+ ok djm@
+
+20040601
+ - (djm) [auth-pam.c] Add copyright for local changes
+
+20040530
+ - (dtucker) [auth-pam.c auth-pam.h auth-passwd.c] Bug #874: Re-add PAM
+ support for PasswordAuthentication=yes. ok djm@
+ - (dtucker) [auth-pam.c] Use an invalid password for root if
+ PermitRootLogin != yes or the login is invalid, to prevent leaking
+ information. Based on Openwall's owl-always-auth patch. ok djm@
+ - (tim) [configure.ac Makefile.in] Add support for "make package" ok djm@
+ - (tim) [buildpkg.sh.in] New file. A more flexible version of
+ contrib/solaris/buildpkg.sh used for "make package".
+ - (tim) [buildpkg.sh.in] Last minute fix didn't make it in the .in file.
+
+20040527
+ - (dtucker) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec
+ contrib/README CREDITS INSTALL] Bug #873: Correct URLs for x11-ssh-askpass
+ and Jim Knoble's email address , from Jim himself.
+
+20040524
+ - (dtucker) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2004/05/19 12:17:33
+ [sftp-client.c sftp.c]
+ gracefully abort transfers on receipt of SIGINT, also ignore SIGINT while
+ waiting for a command; ok markus@
+ - dtucker@cvs.openbsd.org 2004/05/20 10:58:05
+ [clientloop.c]
+ Trivial type fix 0 -> '\0'; ok markus@
+ - markus@cvs.openbsd.org 2004/05/21 08:43:03
+ [kex.h moduli.c tildexpand.c]
+ add prototypes for -Wall; ok djm
+ - djm@cvs.openbsd.org 2004/05/21 11:33:11
+ [channels.c channels.h clientloop.c serverloop.c ssh.1]
+ bz #756: add support for the cancel-tcpip-forward request for the server
+ and the client (through the ~C commandline). reported by z3p AT
+ twistedmatrix.com; ok markus@
+ - djm@cvs.openbsd.org 2004/05/22 06:32:12
+ [clientloop.c ssh.1]
+ use '-h' for help in ~C commandline instead of '-?'; inspired by jmc@
+ - jmc@cvs.openbsd.org 2004/05/22 16:01:05
+ [ssh.1]
+ kill whitespace at eol;
+ - dtucker@cvs.openbsd.org 2004/05/23 23:59:53
+ [auth.c auth.h auth1.c auth2.c servconf.c servconf.h sshd_config
+ sshd_config.5]
+ Add MaxAuthTries sshd config option; ok markus@
+ - (dtucker) [auth-pam.c] Bug #839: Ensure that pam authentication "thread"
+ is terminated if the privsep slave exits during keyboard-interactive
+ authentication. ok djm@
+ - (dtucker) [sshd.c] Fix typo in comment.
+
+20040523
+ - (djm) [sshd_config] Explain consequences of UsePAM=yes a little better in
+ sshd_config; ok dtucker@
+ - (djm) [configure.ac] Warn if the system has no known way of figuring out
+ which user is on the other end of a Unix domain socket; ok dtucker@
+ - (bal) [openbsd-compat/sys-queue.h] Reintroduce machinary to handle
+ old/broken/incomplete <sys/queue.h>.
+
+20040513
+ - (dtucker) [configure.ac] Bug #867: Additional tests for res_query in
+ libresolv, fixes problems detecting it on some platforms
+ (eg Linux/x86-64). From Kurt Roeckx via Debian, ok mouring@
+ - (dtucker) OpenBSD CVS Sync
+ - jmc@cvs.openbsd.org 2004/05/04 18:36:07
+ [scp.1]
+ SendEnv here too;
+ - jmc@cvs.openbsd.org 2004/05/06 11:24:23
+ [ssh_config.5]
+ typo from John Cosimano (PR 3770);
+ - deraadt@cvs.openbsd.org 2004/05/08 00:01:37
+ [auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c
+ tildexpand.c], removed: sshtty.h tildexpand.h
+ make two tiny header files go away; djm ok
+ - djm@cvs.openbsd.org 2004/05/08 00:21:31
+ [clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c
+ sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h
+ kill a tiny header; ok deraadt@
+ - djm@cvs.openbsd.org 2004/05/09 00:06:47
+ [moduli.c ssh-keygen.c] removed: moduli.h
+ zap another tiny header; ok deraadt@
+ - djm@cvs.openbsd.org 2004/05/09 01:19:28
+ [OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c
+ sshd.c] removed: mpaux.c mpaux.h
+ kill some more tiny files; ok deraadt@
+ - djm@cvs.openbsd.org 2004/05/09 01:26:48
+ [kex.c]
+ don't overwrite what we are trying to compute
+ - deraadt@cvs.openbsd.org 2004/05/11 19:01:43
+ [auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c
+ packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c]
+ improve some code lint did not like; djm millert ok
+ - dtucker@cvs.openbsd.org 2004/05/13 02:47:50
+ [ssh-agent.1]
+ Add examples to ssh-agent.1, bz#481 from Ralf Hauser; ok deraadt@
+ - (dtucker) [sshd.8] Bug #843: Add warning about PasswordAuthentication to
+ UsePAM section. Parts from djm@ and jmc@.
+ - (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses
+ readpass.h, grep says scard-opensc.c does too. Replace with misc.h.
+ - (dtucker) [openbsd-compat/getrrsetbyname.c] Check that HAVE_DECL_H_ERROR
+ is defined before using.
+ - (dtucker) [openbsd-compat/getrrsetbyname.c] Fix typo too: HAVE_DECL_H_ERROR
+ -> HAVE_DECL_H_ERRNO.
+
+20040502
- (dtucker) OpenBSD CVS Sync
- djm@cvs.openbsd.org 2004/04/22 11:56:57
[moduli.c]
Bugzilla #850: Sophie Germain is the correct name of the French
mathematician, "Sophie Germaine" isn't; from Luc.Maisonobe@c-s.fr
+ - djm@cvs.openbsd.org 2004/04/27 09:46:37
+ [readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c
+ ssh_config.5 sshd_config.5]
+ bz #815: implement ability to pass specified environment variables from
+ the client to the server; ok markus@
+ - djm@cvs.openbsd.org 2004/04/28 05:17:10
+ [ssh_config.5 sshd_config.5]
+ manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu)
+ - jmc@cvs.openbsd.org 2004/04/28 07:02:56
+ [sshd_config.5]
+ remove unnecessary .Pp;
+ - jmc@cvs.openbsd.org 2004/04/28 07:13:42
+ [sftp.1 ssh.1]
+ add SendEnv to -o list;
+ - dtucker@cvs.openbsd.org 2004/05/02 11:54:31
+ [sshd.8]
+ Man page grammar fix (bz #858), from damerell at chiark.greenend.org.uk
+ via Debian; ok djm@
+ - dtucker@cvs.openbsd.org 2004/05/02 11:57:52
+ [ssh.1]
+ ConnectionTimeout -> ConnectTimeout, from m.a.ellis at ncl.ac.uk via
+ Debian. ok djm@
+ - dtucker@cvs.openbsd.org 2004/05/02 23:02:17
+ [sftp.1]
+ ConnectionTimeout -> ConnectTimeout here too, pointed out by jmc@
+ - dtucker@cvs.openbsd.org 2004/05/02 23:17:51
+ [scp.1]
+ ConnectionTimeout -> ConnectTimeout for scp.1 too.
20040423
- (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Declare h_errno