+20010305
+ - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
+ - (bal) CVS ID touch up on sftp-int.c
+ - (bal) CVS ID touch up on uuencode.c
+ - (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
+ - (bal) OpenBSD CVS Sync
+ - deraadt@cvs.openbsd.org 2001/02/17 23:48:48
+ [sshd.8]
+ it's the OpenSSH one
+ - deraadt@cvs.openbsd.org 2001/02/21 07:37:04
+ [ssh-keyscan.c]
+ inline -> __inline__, and some indent
+ - deraadt@cvs.openbsd.org 2001/02/21 09:05:54
+ [authfile.c]
+ improve fd handling
+ - deraadt@cvs.openbsd.org 2001/02/21 09:12:56
+ [sftp-server.c]
+ careful with & and &&; markus ok
+ - stevesk@cvs.openbsd.org 2001/02/21 21:14:04
+ [ssh.c]
+ -i supports DSA identities now; ok markus@
+ - deraadt@cvs.openbsd.org 2001/02/22 04:29:37
+ [servconf.c]
+ grammar; slade@shore.net
+ - deraadt@cvs.openbsd.org 2001/02/22 06:43:55
+ [ssh-keygen.1 ssh-keygen.c]
+ document -d, and -t defaults to rsa1
+ - deraadt@cvs.openbsd.org 2001/02/22 08:03:51
+ [ssh-keygen.1 ssh-keygen.c]
+ bye bye -d
+ - deraadt@cvs.openbsd.org 2001/02/22 18:09:06
+ [sshd_config]
+ activate RSA 2 key
+ - markus@cvs.openbsd.org 2001/02/22 21:57:27
+ [ssh.1 sshd.8]
+ typos/grammar from matt@anzen.com
+ - markus@cvs.openbsd.org 2001/02/22 21:59:44
+ [auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
+ use pwcopy in ssh.c, too
+ - markus@cvs.openbsd.org 2001/02/23 15:34:53
+ [serverloop.c]
+ debug2->3
+ - markus@cvs.openbsd.org 2001/02/23 18:15:13
+ [sshd.c]
+ the random session key depends now on the session_key_int
+ sent by the 'attacker'
+ dig1 = md5(cookie|session_key_int);
+ dig2 = md5(dig1|cookie|session_key_int);
+ fake_session_key = dig1|dig2;
+ this change is caused by a mail from anakin@pobox.com
+ patch based on discussions with my german advisor niels@openbsd.org
+ - deraadt@cvs.openbsd.org 2001/02/24 10:37:55
+ [readconf.c]
+ look for id_rsa by default, before id_dsa
+ - deraadt@cvs.openbsd.org 2001/02/24 10:37:26
+ [sshd_config]
+ ssh2 rsa key before dsa key
+ - markus@cvs.openbsd.org 2001/02/27 10:35:27
+ [packet.c]
+ fix random padding
+ - markus@cvs.openbsd.org 2001/02/27 11:00:11
+ [compat.c]
+ support SSH-2.0-2.1 ; from Christophe_Moret@hp.com
+ - deraadt@cvs.openbsd.org 2001/02/28 05:34:28
+ [misc.c]
+ pull in protos
+ - deraadt@cvs.openbsd.org 2001/02/28 05:36:28
+ [sftp.c]
+ do not kill the subprocess on termination (we will see if this helps
+ things or hurts things)
+ - markus@cvs.openbsd.org 2001/02/28 08:45:39
+ [clientloop.c]
+ fix byte counts for ssh protocol v1
+ - markus@cvs.openbsd.org 2001/02/28 08:54:55
+ [channels.c nchan.c nchan.h]
+ make sure remote stderr does not get truncated.
+ remove closed fd's from the select mask.
+ - markus@cvs.openbsd.org 2001/02/28 09:57:07
+ [packet.c packet.h sshconnect2.c]
+ in ssh protocol v2 use ignore messages for padding (instead of
+ trailing \0).
+ - markus@cvs.openbsd.org 2001/02/28 12:55:07
+ [channels.c]
+ unify debug messages
+ - deraadt@cvs.openbsd.org 2001/02/28 17:52:54
+ [misc.c]
+ for completeness, copy pw_gecos too
+ - markus@cvs.openbsd.org 2001/02/28 21:21:41
+ [sshd.c]
+ generate a fake session id, too
+ - markus@cvs.openbsd.org 2001/02/28 21:27:48
+ [channels.c packet.c packet.h serverloop.c]
+ use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message
+ use random content in ignore messages.
+ - markus@cvs.openbsd.org 2001/02/28 21:31:32
+ [channels.c]
+ typo
+ - deraadt@cvs.openbsd.org 2001/03/01 02:11:25
+ [authfd.c]
+ split line so that p will have an easier time next time around
+ - deraadt@cvs.openbsd.org 2001/03/01 02:29:04
+ [ssh.c]
+ shorten usage by a line
+ - deraadt@cvs.openbsd.org 2001/03/01 02:45:10
+ [auth-rsa.c auth2.c deattack.c packet.c]
+ KNF
+ - deraadt@cvs.openbsd.org 2001/03/01 03:38:33
+ [cli.c cli.h rijndael.h ssh-keyscan.1]
+ copyright notices on all source files
+ - markus@cvs.openbsd.org 2001/03/01 22:46:37
+ [ssh.c]
+ don't truncate remote ssh-2 commands; from mkubita@securities.cz
+ use min, not max for logging, fixes overflow.
+ - deraadt@cvs.openbsd.org 2001/03/02 06:21:01
+ [sshd.8]
+ explain SIGHUP better
+ - deraadt@cvs.openbsd.org 2001/03/02 09:42:49
+ [sshd.8]
+ doc the dsa/rsa key pair files
+ - deraadt@cvs.openbsd.org 2001/03/02 18:54:31
+ [atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
+ scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
+ ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
+ make copyright lines the same format
+ - deraadt@cvs.openbsd.org 2001/03/03 06:53:12
+ [ssh-keyscan.c]
+ standard theo sweep
+ - millert@cvs.openbsd.org 2001/03/03 21:19:41
+ [ssh-keyscan.c]
+ Dynamically allocate read_wait and its copies. Since maxfd is
+ based on resource limits it is often (usually?) larger than FD_SETSIZE.
+ - millert@cvs.openbsd.org 2001/03/03 21:40:30
+ [sftp-server.c]
+ Dynamically allocate fd_set; deraadt@ OK
+ - millert@cvs.openbsd.org 2001/03/03 21:41:07
+ [packet.c]
+ Dynamically allocate fd_set; deraadt@ OK
+ - deraadt@cvs.openbsd.org 2001/03/03 22:07:50
+ [sftp-server.c]
+ KNF
+ - markus@cvs.openbsd.org 2001/03/03 23:52:22
+ [sftp.c]
+ clean up arg processing. based on work by Christophe_Moret@hp.com
+ - markus@cvs.openbsd.org 2001/03/03 23:59:34
+ [log.c ssh.c]
+ log*.c -> log.c
+ - markus@cvs.openbsd.org 2001/03/04 00:03:59
+ [channels.c]
+ debug1->2
+ - stevesk@cvs.openbsd.org 2001/03/04 10:57:53
+ [ssh.c]
+ add -m to usage; ok markus@
+ - stevesk@cvs.openbsd.org 2001/03/04 11:04:41
+ [sshd.8]
+ small cleanup and clarify for PermitRootLogin; ok markus@
+ - stevesk@cvs.openbsd.org 2001/03/04 11:16:06
+ [servconf.c sshd.8]
+ kill obsolete RandomSeed; ok markus@ deraadt@
+ - stevesk@cvs.openbsd.org 2001/03/04 12:54:04
+ [sshd.8]
+ spelling
+ - millert@cvs.openbsd.org 2001/03/04 17:42:28
+ [authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
+ ssh.c sshconnect.c sshd.c]
+ log functions should not be passed strings that end in newline as they
+ get passed on to syslog() and when logging to stderr, do_log() appends
+ its own newline.
+ - deraadt@cvs.openbsd.org 2001/03/04 18:21:28
+ [sshd.8]
+ list SSH2 ciphers
+ - (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy()
+
+20010304
+ - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
+ - (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and
+ give Mark Roth credit for mdoc2man.pl
+
+20010303
+ - (djm) Remove make-ssh-known-hosts.pl, ssh-keyscan is better.
+ - (djm) Document PAM ChallengeResponseAuthentication in sshd.8
+ - (djm) Disable and comment ChallengeResponseAuthentication in sshd_config
+ - (djm) Allow PRNGd entropy collection from localhost TCP socket. Replace
+ "--with-egd-pool" configure option with "--with-prngd-socket" and
+ "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
+ <Lutz.Jaenicke@aet.TU-Cottbus.DE>
+
+20010301
+ - (djm) Properly add -lcrypt if needed.
+ - (djm) Force standard PAM conversation function in a few more places.
+ Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai
+ <nalin@redhat.com>
+ - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen
+ <vinschen@redhat.com>
+ - (djm) Released 2.5.1p2
+
+20010228
+ - (djm) Detect endianness in configure and use it in rijndael.c. Fixes
+ "Bad packet length" bugs.
+ - (djm) Fully revert PAM session patch (again). All PAM session init is
+ now done before the final fork().
+ - (djm) EGD detection patch from Tim Rice <tim@multitalents.net>
+ - (djm) Remove /tmp from EGD socket search list
+
+20010227
+ - (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen
+ <vinschen@redhat.com>
+ - (bal) OpenBSD Sync
+ - markus@cvs.openbsd.org 2001/02/23 15:37:45
+ [session.c]
+ handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
+ - (bal) sshd.init support for all Redhat release. Patch by Jim Knoble
+ <jmknoble@jmknoble.cx>
+ - (djm) Fix up POSIX saved uid support. Report from Mark Miller
+ <markm@swoon.net>
+ - (djm) Search for -lcrypt on FreeBSD too
+ - (djm) fatal() on OpenSSL version mismatch
+ - (djm) Move PAM init to after fork for non-Solaris derived PAMs
+ - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
+ <markm@swoon.net>
+ - (djm) Fix PAM fix
+ - (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This
+ change is being made as 2.5.x configfiles are not back-compatible with
+ 2.3.x.
+ - (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller
+ <markm@swoon.net>
+ - (djm) Open Server 5 doesn't need BROKEN_SAVED_UIDS. Patch from Tim Rice
+ <tim@multitalents.net>
+ - (djm) Avoid multiple definition of _PATH_LS. Patch from Tim Rice
+ <tim@multitalents.net>
+
20010226
- (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.
- (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.