- (dtucker) [openbsd-compat/bindresvport.c] Add "OPENBSD ORIGINAL" marker.

[openssh.git] / ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 45613948a422b61355b51981d67c915fe7fbb37e..3b522b0f67da1aa79f961f13f0e342ba0d36588c 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,283 @@
+20051110
+ - (dtucker) [openbsd-compat/setenv.c] Merge changes for __findenv from
+   OpenBSD getenv.c revs 1.4 - 1.8 (ANSIfication of arguments, removal of
+   "register").
+ - (dtucker) [openbsd-compat/setenv.c] Make __findenv static, remove
+   unnecessary prototype.
+ - (dtucker) [openbsd-compat/setenv.c] Sync changes from OpenBSD setenv.c
+   revs 1.7 - 1.9.
+ - (dtucker) [auth-krb5.c] Fix -Wsign-compare warning in non-Heimdal path.
+   Patch from djm@.
+ - (dtucker) [configure.ac] Disable pointer-sign warnings on gcc 4.0+
+   since they're not useful right now.  Patch from djm@.
+ - (dtucker) [openbsd-compat/getgrouplist.c] Sync OpenBSD revs 1.10 - 1.2 (ANSI
+   prototypes, removal of "register").
+ - (dtucker) [openbsd-compat/strlcat.c] Sync OpenBSD revs 1.11 - 1.12 (removal
+   of "register").
+ - (dtucker) [openbsd-compat/{LOTS}] Move the "OPENBSD ORIGINAL" markers to
+   after the copyright notices.  Having them at the top next to the CVSIDs
+   guarantees a conflict for each and every sync.
+ - (dtucker) [openbsd-compat/strlcpy.c] Update from OpenBSD 1.8 -> 1.10.
+ - (dtucker) [openbsd-compat/sigact.h] Add "OPENBSD ORIGINAL" marker.
+ - (dtucker) [openbsd-compat/strmode.c] Update from OpenBSD 1.5 -> 1.7.
+   Removal of rcsid, "whiteout" inode type.
+ - (dtucker) [openbsd-compat/basename.c] Update from OpenBSD 1.11 -> 1.14.
+   Removal of rcsid, will no longer strlcpy parts of the string.
+ - (dtucker) [openbsd-compat/strtoll.c] Update from OpenBSD 1.4 -> 1.5.
+ - (dtucker) [openbsd-compat/strtoul.c] Update from OpenBSD 1.5 -> 1.7.
+ - (dtucker) [openbsd-compat/readpassphrase.c] Update from OpenBSD 1.16 -> 1.18.
+ - (dtucker) [openbsd-compat/readpassphrase.h] Update from OpenBSD 1.3 -> 1.5.
+ - (dtucker) [openbsd-compat/glob.c] Update from OpenBSD 1.22 -> 1.25.
+ - (dtucker) [openbsd-compat/glob.h] Update from OpenBSD 1.8 -> 1.9.
+ - (dtucker) [openbsd-compat/getcwd.c] Update from OpenBSD 1.9 -> 1.14.
+ - (dtucker) [openbsd-compat/getcwd.c] Replace lstat with fstat to match up
+   with OpenBSD code since we don't support platforms without fstat any more.
+ - (dtucker) [openbsd-compat/inet_aton.c] Update from OpenBSD 1.7 -> 1.9.
+ - (dtucker) [openbsd-compat/inet_ntoa.c] Update from OpenBSD 1.4 -> 1.6.
+ - (dtucker) [openbsd-compat/inet_ntop.c] Update from OpenBSD 1.5 -> 1.7.
+ - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.5 -> 1.6.
+ - (dtucker) [openbsd-compat/strsep.c] Update from OpenBSD 1.5 -> 1.6.
+ - (dtucker) [openbsd-compat/daemon.c] Update from OpenBSD 1.10 -> 1.13.
+ - (dtucker) [openbsd-compat/mktemp.c] Update from OpenBSD 1.17 -> 1.19.
+ - (dtucker) [openbsd-compat/rresvport.c] Update from OpenBSD 1.6 -> 1.8.
+ - (dtucker) [openbsd-compat/bindresvport.c] Add "OPENBSD ORIGINAL" marker.
+
+20051105
+ - (djm) OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2005/10/07 11:13:57
+     [ssh-keygen.c]
+     change DSA default back to 1024, as it's defined for 1024 bits only
+     and this causes interop problems with other clients.  moreover,
+     in order to improve the security of DSA you need to change more
+     components of DSA key generation (e.g. the internal SHA1 hash);
+     ok deraadt
+   - djm@cvs.openbsd.org 2005/10/10 10:23:08
+     [channels.c channels.h clientloop.c serverloop.c session.c]
+     fix regression I introduced in 4.2: X11 forwardings initiated after
+     a session has exited (e.g. "(sleep 5; xterm) &") would not start.
+     bz #1086 reported by t8m AT centrum.cz; ok markus@ dtucker@
+   - djm@cvs.openbsd.org 2005/10/11 23:37:37
+     [channels.c]
+     bz #1076 set SO_REUSEADDR on X11 forwarding listner sockets, preventing
+     bind() failure when a previous connection's listeners are in TIME_WAIT,
+     reported by plattner AT inf.ethz.ch; ok dtucker@
+   - stevesk@cvs.openbsd.org 2005/10/13 14:03:01
+     [auth2-gss.c gss-genr.c gss-serv.c]
+     remove unneeded #includes; ok markus@
+   - stevesk@cvs.openbsd.org 2005/10/13 14:20:37
+     [gss-serv.c]
+     spelling in comments
+   - stevesk@cvs.openbsd.org 2005/10/13 19:08:08
+     [gss-serv-krb5.c gss-serv.c]
+     unused declarations; ok deraadt@
+     (id sync only for gss-serv-krb5.c)
+   - stevesk@cvs.openbsd.org 2005/10/13 19:13:41
+     [dns.c]
+     unneeded #include, unused declaration, little knf; ok deraadt@
+   - stevesk@cvs.openbsd.org 2005/10/13 22:24:31
+     [auth2-gss.c gss-genr.c gss-serv.c monitor.c]
+     KNF; ok djm@
+   - stevesk@cvs.openbsd.org 2005/10/14 02:17:59
+     [ssh-keygen.c ssh.c sshconnect2.c]
+     no trailing "\n" for log functions; ok djm@
+   - stevesk@cvs.openbsd.org 2005/10/14 02:29:37
+     [channels.c clientloop.c]
+     free()->xfree(); ok djm@
+   - stevesk@cvs.openbsd.org 2005/10/15 15:28:12
+     [sshconnect.c]
+     make external definition static; ok deraadt@
+   - stevesk@cvs.openbsd.org 2005/10/17 13:45:05
+     [dns.c]
+     fix memory leaks from 2 sources:
+         1) key_fingerprint_raw()
+         2) malloc in dns_read_rdata()
+     ok jakob@
+   - stevesk@cvs.openbsd.org 2005/10/17 14:01:28
+     [dns.c]
+     remove #ifdef LWRES; ok jakob@
+   - stevesk@cvs.openbsd.org 2005/10/17 14:13:35
+     [dns.c dns.h]
+     more cleanups; ok jakob@
+   - djm@cvs.openbsd.org 2005/10/30 01:23:19
+     [ssh_config.5]
+     mention control socket fallback behaviour, reported by 
+     tryponraj AT gmail.com
+   - djm@cvs.openbsd.org 2005/10/30 04:01:03
+     [ssh-keyscan.c]
+     make ssh-keygen discard junk from server before SSH- ident, spotted by
+     dave AT cirt.net; ok dtucker@
+   - djm@cvs.openbsd.org 2005/10/30 04:03:24
+     [ssh.c]
+     fix misleading debug message; ok dtucker@
+   - dtucker@cvs.openbsd.org 2005/10/30 08:29:29
+     [canohost.c sshd.c]
+     Check for connections with IP options earlier and drop silently.  ok djm@
+   - jmc@cvs.openbsd.org 2005/10/30 08:43:47
+     [ssh_config.5]
+     remove trailing whitespace;
+   - djm@cvs.openbsd.org 2005/10/30 08:52:18
+     [clientloop.c packet.c serverloop.c session.c ssh-agent.c ssh-keygen.c]
+     [ssh.c sshconnect.c sshconnect1.c sshd.c]
+     no need to escape single quotes in comments, no binary change
+   - dtucker@cvs.openbsd.org 2005/10/31 06:15:04
+     [sftp.c]
+     Fix sorting with "ls -1" command. From Robert Tsai, "looks right" deraadt@
+   - djm@cvs.openbsd.org 2005/10/31 11:12:49
+     [ssh-keygen.1 ssh-keygen.c]
+     generate a protocol 2 RSA key by default
+   - djm@cvs.openbsd.org 2005/10/31 11:48:29
+     [serverloop.c]
+     make sure we clean up wtmp, etc. file when we receive a SIGTERM,
+     SIGINT or SIGQUIT when running without privilege separation (the
+     normal privsep case is already OK). Patch mainly by dtucker@ and
+     senthilkumar_sen AT hotpop.com; ok dtucker@
+   - jmc@cvs.openbsd.org 2005/10/31 19:55:25
+     [ssh-keygen.1]
+     grammar;
+   - dtucker@cvs.openbsd.org 2005/11/03 13:38:29
+     [canohost.c]
+     Cache reverse lookups with and without DNS separately; ok markus@
+   - djm@cvs.openbsd.org 2005/11/04 05:15:59
+     [kex.c kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c]
+     remove hardcoded hash lengths in key exchange code, allowing
+     implementation of KEX methods with different hashes (e.g. SHA-256);
+     ok markus@ dtucker@ stevesk@
+   - djm@cvs.openbsd.org 2005/11/05 05:01:15
+     [bufaux.c]
+     Fix leaks in error paths, bz #1109 and #1110 reported by kremenek AT
+     cs.stanford.edu; ok dtucker@
+ - (dtucker) [README.platform] Add PAM section.
+ - (djm) [openbsd-compat/getrrsetbyname.c] Sync to latest OpenBSD version,
+   resolving memory leak bz#1111 reported by kremenek AT cs.stanford.edu;
+   ok dtucker@
+
+20051102
+ - (dtucker) [openbsd-compat/bsd-misc.c] Bug #1108: fix broken strdup().
+   Reported by olavi at ipunplugged.com and antoine.brodin at laposte.net
+   via FreeBSD.
+
+20051030
+ - (djm) [contrib/suse/openssh.spec contrib/suse/rc.
+   sshd contrib/suse/sysconfig.ssh] Bug #1106: Updated SuSE spec and init 
+   files from imorgan AT nas.nasa.gov
+ - (dtucker) [session.c] Bug #1045do not check /etc/nologin when PAM is
+   enabled, instead allow PAM to handle it.  Note that on platforms using PAM,
+   the pam_nologin module should be added to sshd's session stack in order to
+   maintain exising behaviour.  Based on patch and discussion from t8m at
+   centrum.cz, ok djm@
+
+20051025
+ - (dtucker) [configure.ac] Relocate LLONG_MAX calculation to after the
+   sizeof(long long) checks, to make fixing bug #1104 easier (no changes
+   yet).
+ - (dtucker) [configure.ac] Bug #1104: Tru64's printf family doesn't
+   understand "%lld", even though the compiler has "long long", so handle
+   it as a special case.  Patch tested by mcaskill.scott at epa.gov.
+ - (dtucker) [contrib/cygwin/ssh-user-config] Remove duplicate yes/no
+   prompt.  Patch from vinschen at redhat.com.
+
+20051017
+ - (dtucker) [configure.ac] Bug #1097: Fix configure for cross-compiling.
+   /etc/default/login report and testing from aabaker at iee.org, corrections
+   from tim@.
+
+20051009
+ - (dtucker) [configure.ac defines.h openbsd-compat/vis.{c,h}] Sync current
+   versions from OpenBSD.  ok djm@
+
+20051008
+ - (dtucker) [configure.ac] Bug #1098: define $MAIL for HP-UX; report from
+   brian.smith at agilent com.
+ - (djm) [configure.ac] missing 'test' call for -with-Werror test
+
+20051005
+ - (dtucker) [configure.ac sshd.8] Enable locked account check (a prepended
+   "*LOCKED*" string) for FreeBSD.  Patch jeremie at le-hen.org and
+   senthilkumar_sen at hotpop.com.
+
+20051003
+ - (dtucker) OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2005/09/07 08:53:53
+     [channels.c]
+     enforce chanid != NULL; ok djm
+   - markus@cvs.openbsd.org 2005/09/09 19:18:05
+     [clientloop.c]
+     typo; from mark at mcs.vuw.ac.nz, bug #1082
+   - djm@cvs.openbsd.org 2005/09/13 23:40:07
+     [sshd.c ssh.c misc.h sftp.c ssh-keygen.c ssh-keysign.c sftp-server.c
+     scp.c misc.c ssh-keyscan.c ssh-add.c ssh-agent.c]
+     ensure that stdio fds are attached; ok deraadt@
+   - djm@cvs.openbsd.org 2005/09/19 11:37:34
+     [ssh_config.5 ssh.1]
+     mention ability to specify bind_address for DynamicForward and -D options;
+     bz#1077 spotted by Haruyama Seigo
+   - djm@cvs.openbsd.org 2005/09/19 11:47:09
+     [sshd.c]
+     stop connection abort on rekey with delayed compression enabled when
+     post-auth privsep is disabled (e.g. when root is logged in); ok dtucker@
+   - djm@cvs.openbsd.org 2005/09/19 11:48:10
+     [gss-serv.c]
+     typo
+   - jmc@cvs.openbsd.org 2005/09/19 15:38:27
+     [ssh.1]
+     some more .Bk/.Ek to avoid ugly line split;
+   - jmc@cvs.openbsd.org 2005/09/19 15:42:44
+     [ssh.c]
+     update -D usage here too;
+   - djm@cvs.openbsd.org 2005/09/19 23:31:31
+     [ssh.1]
+     spelling nit from stevesk@
+   - djm@cvs.openbsd.org 2005/09/21 23:36:54
+     [sshd_config.5]
+     aquire -> acquire, from stevesk@
+   - djm@cvs.openbsd.org 2005/09/21 23:37:11
+     [sshd.c]
+     change label at markus@'s request
+   - jaredy@cvs.openbsd.org 2005/09/30 20:34:26
+     [ssh-keyscan.1]
+     deploy .An -nosplit; ok jmc
+   - dtucker@cvs.openbsd.org 2005/10/03 07:44:42
+     [canohost.c]
+     Relocate check_ip_options call to prevent logging of garbage for
+     connections with IP options set.  bz#1092 from David Leonard,
+     "looks good" deraadt@
+ - (dtucker) [regress/README.regress] Bug #989: Document limitation that scp
+   is required in the system path for the multiplex test to work.
+
+20050930
+ - (dtucker) [openbsd-compat/openbsd-compat.h] Bug #1096: Add prototype
+   for strtoll.  Patch from o.flebbe at science-computing.de.
+ - (dtucker) [monitor.c] Bug #1087: Send loginmsg to preauth privsep
+   child during PAM account check without clearing it.  This restores the
+   post-login warnings such as LDAP password expiry.  Patch from Tomas Mraz
+   with help from several others.
+
+20050929
+ - (dtucker) [monitor_wrap.c] Remove duplicate definition of loginmsg
+   introduced during sync.
+
+20050928
+ - (dtucker) [entropy.c] Use u_char for receiving RNG seed for consistency.
+ - (dtucker) [auth-pam.c] Bug #1028: send final non-query messages from
+   PAM via keyboard-interactive.  Patch tested by the folks at Vintela.
+
+20050927
+ - (dtucker) [entropy.c] Remove unnecessary tests for getuid and geteuid
+   calls, since they can't possibly fail.  ok djm@
+ - (dtucker) [entropy.c entropy.h sshd.c] Pass RNG seed to the reexec'ed
+   process when sshd relies on ssh-random-helper.  Should result in faster
+   logins on systems without a real random device or prngd.  ok djm@
+
+20050924
+ - (dtucker) [auth2.c] Move start_pam() calls out of if-else block to remove
+   duplicate call.  ok djm@
+
+20050922
+ - (dtucker) [configure.ac] Use -R linker flag for libedit too; patch from
+   skeleten at shillest.net.
+ - (dtucker) [configure.ac] Fix help for --with-opensc; patch from skeleten at
+   shillest.net.
+
 20050919
  - (tim) [aclocal.m4 configure.ac] Delete acconfig.h and add templates to
    AC_DEFINE and AC_DEFINE_UNQUOTED to quiet autoconf 2.59 warning messages.