+20080519
+ - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
+ [openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h]
+ Fix compilation on Linux, including pulling in fmt_scaled(3)
+ implementation from OpenBSD's libutil.
+
+20080518
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2008/04/04 05:14:38
+ [sshd_config.5]
+ ChrootDirectory is supported in Match blocks (in fact, it is most useful
+ there). Spotted by Minstrel AT minstrel.org.uk
+ - djm@cvs.openbsd.org 2008/04/04 06:44:26
+ [sshd_config.5]
+ oops, some unrelated stuff crept into that commit - backout.
+ spotted by jmc@
+ - djm@cvs.openbsd.org 2008/04/05 02:46:02
+ [sshd_config.5]
+ HostbasedAuthentication is supported under Match too
+ - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
+ [configure.ac] Implement arc4random_buf(), import implementation of
+ arc4random_uniform() from OpenBSD
+ - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes
+ - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2008/04/13 00:22:17
+ [dh.c sshd.c]
+ Use arc4random_buf() when requesting more than a single word of output
+ Use arc4random_uniform() when the desired random number upper bound
+ is not a power of two
+ ok deraadt@ millert@
+ - djm@cvs.openbsd.org 2008/04/18 12:32:11
+ [sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h]
+ introduce sftp extension methods statvfs@openssh.com and
+ fstatvfs@openssh.com that implement statvfs(2)-like operations,
+ based on a patch from miklos AT szeredi.hu (bz#1399)
+ also add a "df" command to the sftp client that uses the
+ statvfs@openssh.com to produce a df(1)-like display of filesystem
+ space and inode utilisation
+ ok markus@
+ - jmc@cvs.openbsd.org 2008/04/18 17:15:47
+ [sftp.1]
+ macro fixage;
+ - djm@cvs.openbsd.org 2008/04/18 22:01:33
+ [session.c]
+ remove unneccessary parentheses
+ - otto@cvs.openbsd.org 2008/04/29 11:20:31
+ [monitor_mm.h]
+ garbage collect two unused fields in struct mm_master; ok markus@
+ - djm@cvs.openbsd.org 2008/04/30 10:14:03
+ [ssh-keyscan.1 ssh-keyscan.c]
+ default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by
+ larsnooden AT openoffice.org
+ - pyr@cvs.openbsd.org 2008/05/07 05:49:37
+ [servconf.c servconf.h session.c sshd_config.5]
+ Enable the AllowAgentForwarding option in sshd_config (global and match
+ context), to specify if agents should be permitted on the server.
+ As the man page states:
+ ``Note that disabling Agent forwarding does not improve security
+ unless users are also denied shell access, as they can always install
+ their own forwarders.''
+ ok djm@, ok and a mild frown markus@
+ - pyr@cvs.openbsd.org 2008/05/07 06:43:35
+ [sshd_config]
+ push the sshd_config bits in, spotted by ajacoutot@
+ - jmc@cvs.openbsd.org 2008/05/07 08:00:14
+ [sshd_config.5]
+ sort;
+ - markus@cvs.openbsd.org 2008/05/08 06:59:01
+ [bufaux.c buffer.h channels.c packet.c packet.h]
+ avoid extra malloc/copy/free when receiving data over the net;
+ ~10% speedup for localhost-scp; ok djm@
+ - djm@cvs.openbsd.org 2008/05/08 12:02:23
+ [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
+ [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
+ [ssh.c sshd.c]
+ Implement a channel success/failure status confirmation callback
+ mechanism. Each channel maintains a queue of callbacks, which will
+ be drained in order (RFC4253 guarantees confirm messages are not
+ reordered within an channel).
+ Also includes a abandonment callback to clean up if a channel is
+ closed without sending confirmation messages. This probably
+ shouldn't happen in compliant implementations, but it could be
+ abused to leak memory.
+ ok markus@ (as part of a larger diff)
+ - djm@cvs.openbsd.org 2008/05/08 12:21:16
+ [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
+ [sshd_config sshd_config.5]
+ Make the maximum number of sessions run-time controllable via
+ a sshd_config MaxSessions knob. This is useful for disabling
+ login/shell/subsystem access while leaving port-forwarding working
+ (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
+ simply increasing the number of allows multiplexed sessions.
+ Because some bozos are sure to configure MaxSessions in excess of the
+ number of available file descriptors in sshd (which, at peak, might be
+ as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
+ on error paths, and make it fail gracefully on out-of-fd conditions -
+ sending channel errors instead of than exiting with fatal().
+ bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
+ ok markus@
+ - djm@cvs.openbsd.org 2008/05/08 13:06:11
+ [clientloop.c clientloop.h ssh.c]
+ Use new channel status confirmation callback system to properly deal
+ with "important" channel requests that fail, in particular command exec,
+ shell and subsystem requests. Previously we would optimistically assume
+ that the requests would always succeed, which could cause hangs if they
+ did not (e.g. when the server runs out of fds) or were unimplemented by
+ the server (bz #1384)
+ Also, properly report failing multiplex channel requests via the mux
+ client stderr (subject to LogLevel in the mux master) - better than
+ silently failing.
+ most bits ok markus@ (as part of a larger diff)
+ - djm@cvs.openbsd.org 2008/05/09 04:55:56
+ [channels.c channels.h clientloop.c serverloop.c]
+ Try additional addresses when connecting to a port forward destination
+ whose DNS name resolves to more than one address. The previous behaviour
+ was to try the first address and give up.
+ Reported by stig AT venaas.com in bz#343
+ great feedback and ok markus@
+ - djm@cvs.openbsd.org 2008/05/09 14:18:44
+ [clientloop.c clientloop.h ssh.c mux.c]
+ tidy up session multiplexing code, moving it into its own file and
+ making the function names more consistent - making ssh.c and
+ clientloop.c a fair bit more readable.
+ ok markus@
+ - djm@cvs.openbsd.org 2008/05/09 14:26:08
+ [ssh.c]
+ dingo stole my diff hunk
+ - markus@cvs.openbsd.org 2008/05/09 16:16:06
+ [session.c]
+ re-add the USE_PIPES code and enable it.
+ without pipes shutdown-read from the sshd does not trigger
+ a SIGPIPE when the forked program does a write.
+ ok djm@
+ (Id sync only, USE_PIPES never left portable OpenSSH)
+ - markus@cvs.openbsd.org 2008/05/09 16:17:51
+ [channels.c]
+ error-fd race: don't enable the error fd in the select bitmask
+ for channels with both in- and output closed, since the channel
+ will go away before we call select();
+ report, lots of debugging help and ok djm@
+ - markus@cvs.openbsd.org 2008/05/09 16:21:13
+ [channels.h clientloop.c nchan.c serverloop.c]
+ unbreak
+ ssh -2 localhost od /bin/ls | true
+ ignoring SIGPIPE by adding a new channel message (EOW) that signals
+ the peer that we're not interested in any data it might send.
+ fixes bz #85; discussion, debugging and ok djm@
+ - pvalchev@cvs.openbsd.org 2008/05/12 20:52:20
+ [umac.c]
+ Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
+ on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@
+ - djm@cvs.openbsd.org 2008/05/15 23:52:24
+ [nchan2.ms]
+ document eow message in ssh protocol 2 channel state machine;
+ feedback and ok markus@
+ - djm@cvs.openbsd.org 2008/05/18 21:29:05
+ [sftp-server.c]
+ comment extension announcement
+ - djm@cvs.openbsd.org 2008/05/16 08:30:42
+ [PROTOCOL]
+ document our protocol extensions and deviations; ok markus@
+ - djm@cvs.openbsd.org 2008/05/17 01:31:56
+ [PROTOCOL]
+ grammar and correctness fixes from stevesk@
+
+20080403
+ - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
+ time warnings on LynxOS. Patch from ops AT iki.fi
+ - (djm) Force string arguments to replacement setproctitle() though
+ strnvis first. Ok dtucker@
+
+20080403
+ - (djm) OpenBSD CVS sync:
+ - markus@cvs.openbsd.org 2008/04/02 15:36:51
+ [channels.c]
+ avoid possible hijacking of x11-forwarded connections (back out 1.183)
+ CVE-2008-1483; ok djm@
+ - jmc@cvs.openbsd.org 2008/03/27 22:37:57
+ [sshd.8]
+ remove trailing whitespace;
+ - djm@cvs.openbsd.org 2008/04/03 09:50:14
+ [version.h]
+ openssh-5.0
+ - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+ [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
+ - (djm) [README] Update link to release notes
+ - (djm) Release 5.0p1
+
+20080315
+ - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
+ empty; report and patch from Peter Stuge
+ - (djm) [regress/test-exec.sh] Silence noise from detection of putty
+ commands; report from Peter Stuge
+ - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing
+ crashes when used with ChrootDirectory
+
+
+20080327
+ - (dtucker) Cache selinux status earlier so we know if it's enabled after a
+ chroot. Allows ChrootDirectory to work with selinux support compiled in
+ but not enabled. Using it with selinux enabled will require some selinux
+ support inside the chroot. "looks sane" djm@
+ - (djm) Fix RCS ident in sftp-server-main.c
+ - (djm) OpenBSD CVS sync:
+ - jmc@cvs.openbsd.org 2008/02/11 07:58:28
+ [ssh.1 sshd.8 sshd_config.5]
+ bump Mdocdate for pages committed in "febuary", necessary because
+ of a typo in rcs.c;
+ - deraadt@cvs.openbsd.org 2008/03/13 01:49:53
+ [monitor_fdpass.c]
+ Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to
+ an extensive discussion with otto, kettenis, millert, and hshoexer
+ - deraadt@cvs.openbsd.org 2008/03/15 16:19:02
+ [monitor_fdpass.c]
+ Repair the simple cases for msg_controllen where it should just be
+ CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because
+ of alignment; ok kettenis hshoexer
+ - djm@cvs.openbsd.org 2008/03/23 12:54:01
+ [sftp-client.c]
+ prefer POSIX-style file renaming over filexfer rename behaviour if the
+ server supports the posix-rename@openssh.com extension.
+ Note that the old (filexfer) behaviour would refuse to clobber an
+ existing file. Users who depended on this should adjust their sftp(1)
+ usage.
+ ok deraadt@ markus@
+ - deraadt@cvs.openbsd.org 2008/03/24 16:11:07
+ [monitor_fdpass.c]
+ msg_controllen has to be CMSG_SPACE so that the kernel can account for
+ each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This
+ works now that kernel fd passing has been fixed to accept a bit of
+ sloppiness because of this ABI repair.
+ lots of discussion with kettenis
+ - djm@cvs.openbsd.org 2008/03/25 11:58:02
+ [session.c sshd_config.5]
+ ignore ~/.ssh/rc if a sshd_config ForceCommand is specified;
+ from dtucker@ ok deraadt@ djm@
+ - djm@cvs.openbsd.org 2008/03/25 23:01:41
+ [session.c]
+ last patch had backwards test; spotted by termim AT gmail.com
+ - djm@cvs.openbsd.org 2008/03/26 21:28:14
+ [auth-options.c auth-options.h session.c sshd.8]
+ add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc
+ - djm@cvs.openbsd.org 2008/03/27 00:16:49
+ [version.h]
+ openssh-4.9
+ - djm@cvs.openbsd.org 2008/03/24 21:46:54
+ [regress/sftp-badcmds.sh]
+ disable no-replace rename test now that we prefer a POSIX rename; spotted
+ by dkrause@
+ - (djm) [configure.ac] fix alignment of --without-stackprotect description
+ - (djm) [configure.ac] --with-selinux too
+ - (djm) [regress/Makefile] cleanup PuTTY interop test droppings
+ - (djm) [README] Update link to release notes
+ - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+ [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
+ - (djm) Release 4.9p1
+
+20080315
+ - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are
+ empty; report and patch from Peter Stuge
+ - (djm) [regress/test-exec.sh] Silence noise from detection of putty
+ commands; report from Peter Stuge
+ - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing
+ crashes when used with ChrootDirectory
+
+20080314
+ - (tim) [regress/sftp-cmds.sh] s/cd/lcd/ in lls test. Reported by
+ vinschen at redhat.com. Add () to put echo commands in subshell for lls test
+ I mistakenly left out of last commit.
+ - (tim) [regress/localcommand.sh] Shell portability fix. Reported by imorgan at
+ nas.nasa.gov
+
+20080313
+ - (djm) [Makefile.in regress/Makefile] Fix interop-tests target (note to
+ self: make changes to Makefile.in next time, not the generated Makefile).
+ - (djm) [Makefile.in regress/test-exec.sh] Find installed plink(1) and
+ puttygen(1) by $PATH
+ - (tim) [scp.c] Use poll.h if available, fall back to sys/poll.h if not. Patch
+ by vinschen at redhat.com.
+ - (tim) [regress/sftp-cmds.sh regress/ssh2putty.sh] Shell portability fixes
+ from vinschen at redhat.com and imorgan at nas.nasa.gov
+
+20080312
+ - (djm) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2007/10/29 06:57:13
+ [regress/Makefile regress/localcommand.sh]
+ Add simple regress test for LocalCommand; ok djm@
+ - jmc@cvs.openbsd.org 2007/11/25 15:35:09
+ [regress/agent-getpeereid.sh regress/agent.sh]
+ more existant -> existent, from Martynas Venckus;
+ pfctl changes: ok henning
+ ssh changes: ok deraadt
+ - djm@cvs.openbsd.org 2007/12/12 05:04:03
+ [regress/sftp-cmds.sh]
+ unbreak lls command and add a regress test that would have caught the
+ breakage; spotted by mouring@
+ NB. sftp code change already committed.
+ - djm@cvs.openbsd.org 2007/12/21 04:13:53
+ [regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh]
+ [regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh]
+ basic (crypto, kex and transfer) interop regression tests against putty
+ To run these, install putty and run "make interop-tests" from the build
+ directory - the tests aren't run by default yet.
+
+20080311
+ - (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move
+ pam_open_session and pam_close_session into the privsep monitor, which
+ will ensure that pam_session_close is called as root. Patch from Tomas
+ Mraz.
+
+20080309
+ - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't
+ always work for all platforms and versions, so test what we can and
+ add a configure flag to turn it of if needed. ok djm@
+ - (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups
+ implementation. It's not needed to fix bug #1081 and breaks the build
+ on some AIX configurations.
+ - (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's
+ equivalent of LLONG_MAX for the compat regression tests, which makes them
+ run on AIX and HP-UX. Patch from David Leonard.
+ - (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch
+ platforms where gcc understands the option but it's not supported (and
+ thus generates a warning).
+
+20080307
+ - (djm) OpenBSD CVS Sync
+ - jmc@cvs.openbsd.org 2008/02/11 07:58:28
+ [ssh.1 sshd.8 sshd_config.5]
+ bump Mdocdate for pages committed in "febuary", necessary because
+ of a typo in rcs.c;
+ - djm@cvs.openbsd.org 2008/02/13 22:38:17
+ [servconf.h session.c sshd.c]
+ rekey arc4random and OpenSSL RNG in postauth child
+ closefrom fds > 2 before shell/command execution
+ ok markus@
+ - mbalmer@cvs.openbsd.org 2008/02/14 13:10:31
+ [sshd.c]
+ When started in configuration test mode (-t) do not check that sshd is
+ being started with an absolute path.
+ ok djm
+ - markus@cvs.openbsd.org 2008/02/20 15:25:26
+ [session.c]
+ correct boolean encoding for coredump; der Mouse via dugsong
+ - djm@cvs.openbsd.org 2008/02/22 05:58:56
+ [session.c]
+ closefrom() call was too early, delay it until just before we execute
+ the user's rc files (if any).
+ - dtucker@cvs.openbsd.org 2008/02/22 20:44:02
+ [clientloop.c packet.c packet.h serverloop.c]
+ Allow all SSH2 packet types, including UNIMPLEMENTED to reset the
+ keepalive timer (bz #1307). ok markus@
+ - djm@cvs.openbsd.org 2008/02/27 20:21:15
+ [sftp-server.c]
+ add an extension method "posix-rename@openssh.com" to perform POSIX atomic
+ rename() operations. based on patch from miklos AT szeredi.hu in bz#1400;
+ ok dtucker@ markus@
+ - deraadt@cvs.openbsd.org 2008/03/02 18:19:35
+ [monitor_fdpass.c]
+ use a union to ensure alignment of the cmsg (pay attention: various other
+ parts of the tree need this treatment too); ok djm
+ - deraadt@cvs.openbsd.org 2008/03/04 21:15:42
+ [version.h]
+ crank version; from djm
+ - (tim) [regress/sftp-glob.sh] Shell portability fix.
+
+20080302
+ - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect
+ either, so use our own.
+
+20080229
+ - (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in
+ configure (and there's not much point, as openssh won't work without it)
+ so HAVE_SELECT is not defined and the poll(2) compat code doesn't get
+ built in. Remove HAVE_SELECT so we can build on platforms without poll.
+ - (dtucker) [scp.c] Include sys/poll.h inside HAVE_SYS_POLL_H.
+ - (djm) [contrib/gnome-ssh-askpass2.h] Keep askpass windown on top. From
+ Debian patch via bernd AT openbsd.org
+
+20080228
+ - (dtucker) [configure.ac] Add -fstack-protector to LDFLAGS too, fixes
+ linking problems on AIX with gcc 4.1.x.
+ - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c
+ openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat
+ header to after OpenSSL headers, since some versions of OpenSSL have
+ SSLeay_add_all_algorithms as a macro already.
+ - (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL
+ compat glue into openssl-compat.h.
+ - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081: Implement
+ getgrouplist via getgrset on AIX, rather than iterating over getgrent.
+ This allows, eg, Match and AllowGroups directives to work with NIS and
+ LDAP groups.
+ - (dtucker) [sshd.c] Bug #1042: make log messages for tcpwrappers use the
+ same SyslogFacility as the rest of sshd. Patch from William Knox,
+ ok djm@.
+
+20080225
+ - (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack
+ since it now conflicts with the helper function in misc.c. From
+ vinschen AT redhat.com.
+ - (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a local implementation
+ of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD).
+ Help and testing from csjp at FreeBSD org, vgiffin at apple com. ok djm@
+ - (dtucker) [includes.h openbsd-compat/openssl-compat.c] Bug #1437: reshuffle
+ headers so ./configure --with-ssl-engine actually works. Patch from
+ Ian Lister.
+
+20080224
+ - (tim) [contrib/cygwin/ssh-host-config]
+ Grammar changes on SYSCONFDIR LOCALSTATEDIR messages.
+ Check more thoroughly that it's possible to create the /var/empty directory.
+ Patch by vinschen AT redhat.com
+
+20080210
+ - OpenBSD CVS Sync
+ - chl@cvs.openbsd.org 2008/01/11 07:22:28
+ [sftp-client.c sftp-client.h]
+ disable unused functions
+ initially from tobias@, but disabled them by placing them in
+ "#ifdef notyet" which was asked by djm@
+ ok djm@ tobias@
+ - djm@cvs.openbsd.org 2008/01/19 19:13:28
+ [ssh.1]
+ satisfy the pedants: -q does not suppress all diagnostic messages (e.g.
+ some commandline parsing warnings go unconditionally to stdout).
+ - djm@cvs.openbsd.org 2008/01/19 20:48:53
+ [clientloop.c]
+ fd leak on session multiplexing error path. Report and patch from
+ gregory_shively AT fanniemae.com
+ - djm@cvs.openbsd.org 2008/01/19 20:51:26
+ [ssh.c]
+ ignore SIGPIPE in multiplex client mode - we can receive this if the
+ server runs out of fds on us midway. Report and patch from
+ gregory_shively AT fanniemae.com
+ - djm@cvs.openbsd.org 2008/01/19 22:04:57
+ [sftp-client.c]
+ fix remote handle leak in do_download() local file open error path;
+ report and fix from sworley AT chkno.net
+ - djm@cvs.openbsd.org 2008/01/19 22:22:58
+ [ssh-keygen.c]
+ when hashing individual hosts (ssh-keygen -Hf hostname), make sure we
+ hash just the specified hostname and not the entire hostspec from the
+ keyfile. It may be of the form "hostname,ipaddr", which would lead to
+ a hash that never matches. report and fix from jp AT devnull.cz
+ - djm@cvs.openbsd.org 2008/01/19 22:37:19
+ [ssh-keygen.c]
+ unbreak line numbering (broken in revision 1.164), fix error message
+ - djm@cvs.openbsd.org 2008/01/19 23:02:40
+ [channels.c]
+ When we added support for specified bind addresses for port forwards, we
+ added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of
+ this for -L port forwards that causes the client to listen on both v4
+ and v6 addresses when connected to a server with this quirk, despite
+ having set 0.0.0.0 as a bind_address.
+ report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@
+ - djm@cvs.openbsd.org 2008/01/19 23:09:49
+ [readconf.c readconf.h sshconnect2.c]
+ promote rekeylimit to a int64 so it can hold the maximum useful limit
+ of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@
+ - djm@cvs.openbsd.org 2008/01/20 00:38:30
+ [sftp.c]
+ When uploading, correctly handle the case of an unquoted filename with
+ glob metacharacters that match a file exactly but not as a glob, e.g. a
+ file called "[abcd]". report and test cases from duncan2nd AT gmx.de
+ - djm@cvs.openbsd.org 2008/01/21 17:24:30
+ [sftp-server.c]
+ Remove the fixed 100 handle limit in sftp-server and allocate as many
+ as we have available file descriptors. Patch from miklos AT szeredi.hu;
+ ok dtucker@ markus@
+ - djm@cvs.openbsd.org 2008/01/21 19:20:17
+ [sftp-client.c]
+ when a remote write error occurs during an upload, ensure that ACKs for
+ all issued requests are properly drained. patch from t8m AT centrum.cz
+ - dtucker@cvs.openbsd.org 2008/01/23 01:56:54
+ [clientloop.c packet.c serverloop.c]
+ Revert the change for bz #1307 as it causes connection aborts if an IGNORE
+ packet arrives while we're waiting in packet_read_expect (and possibly
+ elsewhere).
+ - jmc@cvs.openbsd.org 2008/01/31 20:06:50
+ [scp.1]
+ explain how to handle local file names containing colons;
+ requested by Tamas TEVESZ
+ ok dtucker
+ - markus@cvs.openbsd.org 2008/02/04 21:53:00
+ [session.c sftp-server.c sftp.h]
+ link sftp-server into sshd; feedback and ok djm@
+ - mcbride@cvs.openbsd.org 2008/02/09 12:15:43
+ [ssh.1 sshd.8]
+ Document the correct permissions for the ~/.ssh/ directory.
+ ok jmc
+ - djm@cvs.openbsd.org 2008/02/10 09:55:37
+ [sshd_config.5]
+ mantion that "internal-sftp" is useful with ForceCommand too
+ - djm@cvs.openbsd.org 2008/02/10 10:54:29
+ [servconf.c session.c]
+ delay ~ expansion for ChrootDirectory so it expands to the logged-in user's
+ home, rather than the user who starts sshd (probably root)
+
+20080119
+ - (djm) Silence noice from expr in ssh-copy-id; patch from
+ mikel AT mikelward.com
+ - (djm) Only listen for IPv6 connections on AF_INET6 sockets; patch from
+ tsr2600 AT gmail.com
+
+20080102
+ - (dtucker) [configure.ac] Fix message for -fstack-protector-all test.
+
+20080101
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2007/12/31 10:41:31
+ [readconf.c servconf.c]
+ Prevent strict-aliasing warnings on newer gcc versions. bz #1355, patch
+ from Dmitry V. Levin, ok djm@
+ - dtucker@cvs.openbsd.org 2007/12/31 15:27:04
+ [sshd.c]
+ When in inetd mode, have sshd generate a Protocol 1 ephemeral server
+ key only for connections where the client chooses Protocol 1 as opposed
+ to when it's enabled in the server's config. Speeds up Protocol 2
+ connections to inetd-mode servers that also allow Protocol 1. bz #440,
+ based on a patch from bruno at wolff.to, ok markus@
+ - dtucker@cvs.openbsd.org 2008/01/01 08:47:04
+ [misc.c]
+ spaces -> tabs from my previous commit
+ - dtucker@cvs.openbsd.org 2008/01/01 09:06:39
+ [scp.c]
+ If scp -p encounters a pre-epoch timestamp, use the epoch which is
+ as close as we can get given that it's used unsigned. Add a little
+ debugging while there. bz #828, ok djm@
+ - dtucker@cvs.openbsd.org 2008/01/01 09:27:33
+ [sshd_config.5 servconf.c]
+ Allow PermitRootLogin in a Match block. Allows for, eg, permitting root
+ only from the local network. ok markus@, man page bit ok jmc@
+ - dtucker@cvs.openbsd.org 2008/01/01 08:51:20
+ [moduli]
+ Updated moduli file; ok djm@
+
+20071231
+ - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of
+ builtin glob implementation on Mac OS X. Based on a patch from
+ vgiffin at apple.
+
+20071229
+ - (dtucker) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2007/12/12 05:04:03
+ [sftp.c]
+ unbreak lls command and add a regress test that would have caught the
+ breakage; spotted by mouring@
+ - dtucker@cvs.openbsd.org 2007/12/27 14:22:08
+ [servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c
+ sshd.c]
+ Add a small helper function to consistently handle the EAI_SYSTEM error
+ code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417.
+ ok markus@ stevesk@
+ - dtucker@cvs.openbsd.org 2007/12/28 15:32:24
+ [clientloop.c serverloop.c packet.c]
+ Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the
+ ServerAlive and ClientAlive timers. Prevents dropping a connection
+ when these are enabled but the peer does not support our keepalives.
+ bz #1307, ok djm@.
+ - dtucker@cvs.openbsd.org 2007/12/28 22:34:47
+ [clientloop.c]
+ Use the correct packet maximum sizes for remote port and agent forwarding.
+ Prevents the server from killing the connection if too much data is queued
+ and an excessively large packet gets sent. bz #1360, ok djm@.
+
+20071202
+ - (dtucker) [configure.ac] Enable -fstack-protector-all on systems where
+ gcc supports it. ok djm@
+ - (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and remove
+ leftover debug code.
+ - (dtucker) OpenBSD CVS Sync
+ - dtucker@cvs.openbsd.org 2007/10/29 00:52:45
+ [auth2-gss.c]
+ Allow build without -DGSSAPI; ok deraadt@
+ (Id sync only, Portable already has the ifdefs)
+ - dtucker@cvs.openbsd.org 2007/10/29 01:55:04
+ [ssh.c]
+ Plug tiny mem leaks in ControlPath and ProxyCommand option processing;
+ ok djm@
+ - dtucker@cvs.openbsd.org 2007/10/29 04:08:08
+ [monitor_wrap.c monitor.c]
+ Send config block back to slave for invalid users too so options
+ set by a Match block (eg Banner) behave the same for non-existent
+ users. Found by and ok djm@
+ - dtucker@cvs.openbsd.org 2007/10/29 06:51:59
+ [ssh_config.5]
+ ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@
+ - dtucker@cvs.openbsd.org 2007/10/29 06:54:50
+ [ssh.c]
+ Make LocalCommand work for Protocol 1 too; ok djm@
+ - jmc@cvs.openbsd.org 2007/10/29 07:48:19
+ [ssh_config.5]
+ clean up after previous macro removal;
+ - djm@cvs.openbsd.org 2007/11/03 00:36:14
+ [clientloop.c]
+ fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM;
+ ok dtucker@
+ - deraadt@cvs.openbsd.org 2007/11/03 01:24:06
+ [ssh.c]
+ bz #1377: getpwuid results were being clobbered by another getpw* call
+ inside tilde_expand_filename(); save the data we need carefully
+ ok djm
+ - dtucker@cvs.openbsd.org 2007/11/03 02:00:32
+ [ssh.c]
+ Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@
+ - deraadt@cvs.openbsd.org 2007/11/03 02:03:49
+ [ssh.c]
+ avoid errno trashing in signal handler; ok dtucker
+
+20071030
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2007/10/29 23:49:41
+ [openbsd-compat/sys-tree.h]
+ remove extra backslash at the end of RB_PROTOTYPE, report from
+ Jan.Pechanec AT Sun.COM; ok deraadt@
+
+20071026
+ - (djm) OpenBSD CVS Sync
+ - stevesk@cvs.openbsd.org 2007/09/11 23:49:09
+ [sshpty.c]
+ remove #if defined block not needed; ok markus@ dtucker@
+ (NB. RCD ID sync only for portable)
+ - djm@cvs.openbsd.org 2007/09/21 03:05:23
+ [ssh_config.5]
+ document KbdInteractiveAuthentication in ssh_config.5;
+ patch from dkg AT fifthhorseman.net
+ - djm@cvs.openbsd.org 2007/09/21 08:15:29
+ [auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c]
+ [monitor.c monitor_wrap.c]
+ unifdef -DBSD_AUTH
+ unifdef -USKEY
+ These options have been in use for some years;
+ ok markus@ "no objection" millert@
+ (NB. RCD ID sync only for portable)
+ - canacar@cvs.openbsd.org 2007/09/25 23:48:57
+ [ssh-agent.c]
+ When adding a key that already exists, update the properties
+ (time, confirm, comment) instead of discarding them. ok djm@ markus@
+ - ray@cvs.openbsd.org 2007/09/27 00:15:57
+ [dh.c]
+ Don't return -1 on error in dh_pub_is_valid(), since it evaluates
+ to true.
+ Also fix a typo.
+ Initial diff from Matthew Dempsky, input from djm.
+ OK djm, markus.
+ - dtucker@cvs.openbsd.org 2007/09/29 00:25:51
+ [auth2.c]
+ Remove unused prototype. ok djm@
+ - chl@cvs.openbsd.org 2007/10/02 17:49:58
+ [ssh-keygen.c]
+ handles zero-sized strings that fgets can return
+ properly removes trailing newline
+ removes an unused variable
+ correctly counts line number
+ "looks ok" ray@ markus@
+ - markus@cvs.openbsd.org 2007/10/22 19:10:24
+ [readconf.c]
+ make sure that both the local and remote port are correct when
+ parsing -L; Jan Pechanec (bz #1378)
+ - djm@cvs.openbsd.org 2007/10/24 03:30:02
+ [sftp.c]
+ rework argument splitting and parsing to cope correctly with common
+ shell escapes and make handling of escaped characters consistent
+ with sh(1) and between sftp commands (especially between ones that
+ glob their arguments and ones that don't).
+ parse command flags using getopt(3) rather than hand-rolled parsers.
+ ok dtucker@
+ - djm@cvs.openbsd.org 2007/10/24 03:44:02
+ [scp.c]
+ factor out network read/write into an atomicio()-like function, and
+ use it to handle short reads, apply bandwidth limits and update
+ counters. make network IO non-blocking, so a small trickle of
+ reads/writes has a chance of updating the progress meter; bz #799
+ ok dtucker@
+ - djm@cvs.openbsd.org 2006/08/29 09:44:00
+ [regress/sftp-cmds.sh]
+ clean up our mess
+ - markus@cvs.openbsd.org 2006/11/06 09:27:43
+ [regress/cfgmatch.sh]
+ fix quoting for non-(c)sh login shells.
+ - dtucker@cvs.openbsd.org 2006/12/13 08:36:36
+ [regress/cfgmatch.sh]
+ Additional test for multiple PermitOpen entries. ok djm@
+ - pvalchev@cvs.openbsd.org 2007/06/07 19:41:46
+ [regress/cipher-speed.sh regress/try-ciphers.sh]
+ test umac-64@openssh.com
+ ok djm@
+ - djm@cvs.openbsd.org 2007/10/24 03:32:35
+ [regress/sftp-cmds.sh regress/sftp-glob.sh regress/test-exec.sh]
+ comprehensive tests for sftp escaping its interaction with globbing;
+ ok dtucker@
+ - djm@cvs.openbsd.org 2007/10/26 05:30:01
+ [regress/sftp-glob.sh regress/test-exec.sh]
+ remove "echo -E" crap that I added in last commit and use printf(1) for
+ cases where we strictly require echo not to reprocess escape characters.
+ - deraadt@cvs.openbsd.org 2005/11/28 17:50:12
+ [openbsd-compat/glob.c]
+ unused arg in internal static API
+ - jakob@cvs.openbsd.org 2007/10/11 18:36:41
+ [openbsd-compat/getrrsetbyname.c openbsd-compat/getrrsetbyname.h]
+ use RRSIG instead of SIG for DNSSEC. ok djm@
+ - otto@cvs.openbsd.org 2006/10/21 09:55:03
+ [openbsd-compat/base64.c]
+ remove calls to abort(3) that can't happen anyway; from
+ <bret dot lambert at gmail.com>; ok millert@ deraadt@
+ - frantzen@cvs.openbsd.org 2004/04/24 18:11:46
+ [openbsd-compat/sys-tree.h]
+ sync to Niels Provos' version. avoid unused variable warning in
+ RB_NEXT()
+ - tdeval@cvs.openbsd.org 2004/11/24 18:10:42
+ [openbsd-compat/sys-tree.h]
+ typo
+ - grange@cvs.openbsd.org 2004/05/04 16:59:32
+ [openbsd-compat/sys-queue.h]
+ Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro.
+ This matches our SLIST behaviour and NetBSD's SIMPLEQ as well.
+ ok millert krw deraadt
+ - deraadt@cvs.openbsd.org 2005/02/25 13:29:30
+ [openbsd-compat/sys-queue.h]
+ minor white spacing
+ - otto@cvs.openbsd.org 2005/10/17 20:19:42
+ [openbsd-compat/sys-queue.h]
+ Performing certain operations on queue.h data structurs produced
+ funny results. An example is calling LIST_REMOVE on the same
+ element twice. This will not fail, but result in a data structure
+ referencing who knows what. Prevent these accidents by NULLing some
+ fields on remove and replace. This way, either a panic or segfault
+ will be produced on the faulty operation.
+ - otto@cvs.openbsd.org 2005/10/24 20:25:14
+ [openbsd-compat/sys-queue.h]
+ Partly backout. NOLIST, used in LISTs is probably interfering.
+ requested by deraadt@
+ - otto@cvs.openbsd.org 2005/10/25 06:37:47
+ [openbsd-compat/sys-queue.h]
+ Some uvm problem is being exposed with the more strict macros.
+ Revert until we've found out what's causing the panics.
+ - otto@cvs.openbsd.org 2005/11/25 08:06:25
+ [openbsd-compat/sys-queue.h]
+ Introduce debugging aid for queue macros. Disabled by default; but
+ developers are encouraged to run with this enabled.
+ ok krw@ fgsch@ deraadt@
+ - otto@cvs.openbsd.org 2007/04/30 18:42:34
+ [openbsd-compat/sys-queue.h]
+ Enable QUEUE_MACRO_DEBUG on DIAGNOSTIC kernels.
+ Input and okays from krw@, millert@, otto@, deraadt@, miod@.
+ - millert@cvs.openbsd.org 2004/10/07 16:56:11
+ GLOB_NOESCAPE is POSIX so move it out of the #ifndef _POSIX_SOURCE
+ block.
+ (NB. mostly an RCS ID sync, as portable strips out the conditionals)
+ - (djm) [regress/sftp-cmds.sh]
+ Use more restrictive glob to pick up test files from /bin - some platforms
+ ship broken symlinks there which could spoil the test.
+ - (djm) [openbsd-compat/bindresvport.c]
+ Sync RCS ID after irrelevant (for portable OpenSSH) header shuffling
+
+20070927
+ - (dtucker) [configure.ac atomicio.c] Fall back to including <sys/poll.h> if
+ we don't have <poll.h> (eq QNX). From bacon at cs nyu edu.
+ - (dtucker) [configure.ac defines.h] Shadow expiry does not work on QNX6
+ so disable it for that platform. From bacon at cs nyu edu.
+
+20070921
+ - (djm) [atomicio.c] Fix spin avoidance for platforms that define
+ EWOULDBLOCK; patch from ben AT psc.edu
+
+20070917
+ - (djm) OpenBSD CVS Sync
+ - djm@cvs.openbsd.org 2007/08/23 02:49:43
+ [auth-passwd.c auth.c session.c]
+ unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@
+ NB. RCS ID sync only for portable
+ - djm@cvs.openbsd.org 2007/08/23 02:55:51
+ [auth-passwd.c auth.c session.c]
+ missed include bits from last commit
+ NB. RCS ID sync only for portable
+ - djm@cvs.openbsd.org 2007/08/23 03:06:10
+ [auth.h]
+ login_cap.h doesn't belong here
+ NB. RCS ID sync only for portable
+ - djm@cvs.openbsd.org 2007/08/23 03:22:16
+ [auth2-none.c sshd_config sshd_config.5]
+ Support "Banner=none" to disable displaying of the pre-login banner;
+ ok dtucker@ deraadt@
+ - djm@cvs.openbsd.org 2007/08/23 03:23:26
+ [sshconnect.c]
+ Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally
+ - djm@cvs.openbsd.org 2007/09/04 03:21:03
+ [clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h]
+ [monitor_wrap.c ssh.c]
+ make file descriptor passing code return an error rather than call fatal()
+ when it encounters problems, and use this to make session multiplexing
+ masters survive slaves failing to pass all stdio FDs; ok markus@
+ - djm@cvs.openbsd.org 2007/09/04 11:15:56
+ [ssh.c sshconnect.c sshconnect.h]
+ make ssh(1)'s ConnectTimeout option apply to both the TCP connection and
+ SSH banner exchange (previously it just covered the TCP connection).
+ This allows callers of ssh(1) to better detect and deal with stuck servers
+ that accept a TCP connection but don't progress the protocol, and also
+ makes ConnectTimeout useful for connections via a ProxyCommand;
+ feedback and "looks ok" markus@
+ - sobrado@cvs.openbsd.org 2007/09/09 11:38:01
+ [ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c]
+ sort synopsis and options in ssh-agent(1); usage is lowercase
+ ok jmc@
+ - stevesk@cvs.openbsd.org 2007/09/11 04:36:29
+ [sshpty.c]
+ sort #include
+ NB. RCS ID sync only
+ - gilles@cvs.openbsd.org 2007/09/11 15:47:17
+ [session.c ssh-keygen.c sshlogin.c]
+ use strcspn to properly overwrite '\n' in fgets returned buffer
+ ok pyr@, ray@, millert@, moritz@, chl@
+ - stevesk@cvs.openbsd.org 2007/09/11 23:49:09
+ [sshpty.c]
+ remove #if defined block not needed; ok markus@ dtucker@
+ NB. RCS ID sync only
+ - stevesk@cvs.openbsd.org 2007/09/12 19:39:19
+ [umac.c]
+ use xmalloc() and xfree(); ok markus@ pvalchev@
+ - djm@cvs.openbsd.org 2007/09/13 04:39:04
+ [sftp-server.c]
+ fix incorrect test when setting syslog facility; from Jan Pechanec
+ - djm@cvs.openbsd.org 2007/09/16 00:55:52
+ [sftp-client.c]
+ use off_t instead of u_int64_t for file offsets, matching what the
+ progressmeter code expects; bz #842
+ - (tim) [defines.h] Fix regression in long password support on OpenServer 6.
+ Problem report and additional testing rac AT tenzing.org.
+
20070914
- (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path.
Patch from Jan.Pechanec at sun com.