+20030923
+ - (dtucker) [Makefile.in] Bug #644: Fix "make clean" for out-of-tree
+ builds. Portability corrections from tim@.
+ - (dtucker) [configure.ac] Bug #665: uid swapping issues on Mac OS X.
+ Patch from max at quendi.de.
+ - (dtucker) [configure.ac] Bug #657: uid swapping issues on BSDi.
+ - (dtucker) [configure.ac] Bug #653: uid swapping issues on Tru64.
+ - (dtucker) [configure.ac] Bug #693: uid swapping issues on NCR MP-RAS.
+ Patch from david.haughton at ncr.com
+ - (dtucker) [configure.ac] Bug #659: uid swapping issues on IRIX 6.
+ Part of patch supplied by bugzilla-openssh at thewrittenword.com
+ - (dtucker) [configure.ac openbsd-compat/fake-rfc2553.c
+ openbsd-compat/fake-rfc2553.h] Bug #659: Test for and handle systems with
+ where gai_strerror is defined as "const char *". Part of patch supplied
+ by bugzilla-openssh at thewrittenword.com
+ - (dtucker) [contrib/cygwin/README contrib/cygwin/ssh-host-config] Update
+ ssh-host-config to match current defaults, bump README version. Patch from
+ vinschen at redhat.com.
+ - (dtucker) [uidswap.c] Don't test restoration of uid on Cygwin since the
+ OS does not support permanently dropping privileges. Patch from
+ vinschen at redhat.com.
+ - (dtucker) [openbsd-compat/port-aix.c] Use correct include for xmalloc.h,
+ add canohost.h to stop warning. Based on patch from openssh-unix-dev at
+ thewrittenword.com
+ - (dtucker) [INSTALL] Bug #686: Document requirement for zlib 1.1.4 or
+ higher.
+ - (tim) Fix typo. s/SETEIUD_BREAKS_SETUID/SETEUID_BREAKS_SETUID/
+ - (tim) [configure.ac] Bug 665: move 3 new AC_DEFINES outside of AC_TRY_RUN.
+ Report by distler AT golem ph utexas edu.
+ - (dtucker) [contrib/aix/pam.conf] Include example pam.conf for AIX from
+ article by genty at austin.ibm.com, included with the author's permission.
+ - (dtucker) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/09/18 07:52:54
+ [sshconnect.c]
+ missing {}; bug #656; jclonguet at free.fr
+ - markus@cvs.openbsd.org 2003/09/18 07:54:48
+ [buffer.c]
+ protect against double free; #660; zardoz at users.sf.net
+ - markus@cvs.openbsd.org 2003/09/18 07:56:05
+ [authfile.c]
+ missing buffer_free(&encrypted); #662; zardoz at users.sf.net
+ - markus@cvs.openbsd.org 2003/09/18 08:49:45
+ [deattack.c misc.c session.c ssh-agent.c]
+ more buffer allocation fixes; from Solar Designer; CAN-2003-0682;
+ ok millert@
+ - miod@cvs.openbsd.org 2003/09/18 13:02:21
+ [authfd.c bufaux.c dh.c mac.c ssh-keygen.c]
+ A few signedness fixes for harmless situations; markus@ ok
+ - markus@cvs.openbsd.org 2003/09/19 09:02:02
+ [packet.c]
+ buffer_dump only if PACKET_DEBUG is defined; Jedi/Sector One; pr 3471
+ - markus@cvs.openbsd.org 2003/09/19 09:03:00
+ [buffer.c]
+ sign fix in buffer_dump; Jedi/Sector One; pr 3473
+ - markus@cvs.openbsd.org 2003/09/19 11:29:40
+ [ssh-agent.c]
+ provide a ssh-agent specific fatal() function; ok deraadt
+ - markus@cvs.openbsd.org 2003/09/19 11:30:39
+ [ssh-keyscan.c]
+ avoid fatal_cleanup, just call exit(); ok deraadt
+ - markus@cvs.openbsd.org 2003/09/19 11:31:33
+ [channels.c]
+ do not call channel_free_all on fatal; ok deraadt
+ - markus@cvs.openbsd.org 2003/09/19 11:33:09
+ [packet.c sshd.c]
+ do not call packet_close on fatal; ok deraadt
+
+20030919
+ - (djm) Bug #683: Remove reference to --with-ipv4-default from INSTALL;
+ djast AT cs.toronto.edu
+ - (djm) Bug #661: Remove duplicate check for basename; from
+ bugzilla-openssh AT thewrittenword.com
+ - (djm) Bug #641: Allow RedHat RPM building without GTK-2; Patch from
+ jason AT devrandom.org
+ - (djm) Bug #646: Fix location of x11-ssh-askpass; Jim
+ - (dtucker) [openbsd-compat/port-aix.h] Bug #640: Don't include audit.h
+ unless required. Reorder to reduce warnings.
+ - (dtucker) [session.c] Bug #643: Fix size_t -> u_int and fix null deref
+ when /etc/default/login doesn't exist or isn't readable. Fixes from
+ jparsons-lists at saffron.net and georg.oppenberg at deu mci com.
+ - (dtucker) [acconfig.h] Updated basename test needs HAVE_BASENAME
+
+20030918
+ - (djm) Bug #652: Fix empty password auth
+
+20030917
+ - (djm) Sync with V_3_7 branch
+ - (djm) OpenBSD Sync
+ - markus@cvs.openbsd.org 2003/09/16 21:02:40
+ [buffer.c channels.c version.h]
+ more malloc/fatal fixes; ok millert/deraadt; ghudson at MIT.EDU
+ - (djm) Crank RPM spec file versions
+ - (tim) [openbsd-compat/inet_ntoa.c] 20030917 "Sync with V_3_7 branch" undid
+ 20030916 "Missed dead header in inet_ntoa.c"
+
+20030916
+ - (dtucker) [acconfig.h configure.ac defines.h session.c] Bug #252: Retrieve
+ PATH (or SUPATH) and UMASK from /etc/default/login on platforms that have it
+ (eg Solaris, Reliant Unix). Patch from Robert.Dahlem at siemens.com.
+ ok djm@
+ - (bal) OpenBSD Sync
+ - deraadt@cvs.openbsd.org 2003/09/16 03:03:47
+ [buffer.c]
+ do not expand buffer before attempting to reallocate it; markus ok
+ - (tim) [configure.ac] Fix portability issues.
+ - (bal) Missed dead header in inet_ntoa.c
+
+20030914
+ - (dtucker) [Makefile regress/Makefile] Fix portability issues preventing
+ the regression tests from running with Solaris' make. Patch from Brian
+ Poole (raj at cerias.purdue.edu).
+ - (dtucker) [regress/Makefile] AIX's make doesn't like " +=", so replace
+ with vanilla "=".
+
+20030913
+ - (dtucker) [regress/agent-timeout.sh] Timeout of 5 sec is borderline for
+ slower hosts, increase to 10 sec.
+ - (dtucker) [auth-passwd.c] On AIX, call setauthdb() before loginsuccess(),
+ required to correctly reset failed login count when using a password
+ registry other than "files" (eg LDAP, see bug #543).
+ - (tim) [configure.ac] define WITH_ABBREV_NO_TTY for SCO.
+ Report by Roger Cornelius.
+ - (dtucker) [auth-pam.c] Use SSHD_PAM_SERVICE for PAM service name, patch
+ from cjwatson at debian.org.
+
+20030912
+ - (tim) [regress/agent-ptrace.sh] sh doesn't like "if ! shell_function; then".
+ - (tim) [Makefile.in] only mkdir regress if it does not exist.
+ - (tim) [regress/yes-head.sh] shell portability fix.
+
+20030911
+ - (dtucker) [configure.ac] Bug #588, #615: Move other libgen tests to after
+ the dirname test, to allow a broken dirname to be detected correctly.
+ Based partially on patch supplied by alex.kiernan at thus.net. ok djm@
+ - (tim) [configure.ac] Move libgen tests to before libwrap to unbreak
+ UnixWare 2.03 using --with-tcp-wrappers.
+ - (tim) [configure.ac] Prefer setuid/setgid on UnixWare and Open Server.
+ - (tim) [regress/agent-ptrace.sh regress/dynamic-forward.sh
+ regress/sftp-cmds.sh regress/stderr-after-eof.sh regress/test-exec.sh]
+ no longer depends on which(1). patch by dtucker@
+
+20030910
+ - (dtucker) [configure.ac] Bug #636: Add support for Cray's new X1 machine.
+ Patch from wendyp at cray.com.
+ - (dtucker) [configure.ac] Part of bug #615: tcsendbreak might be a macro.
+ - (dtucker) [regressh/yes-head.sh] Some platforms (eg Solaris) don't have
+ "yes".
+
+20030909
+ - (tim) [regress/Makefile] Fixes for building outside of a read-only
+ source tree.
+ - (tim) [regress/agent-timeout.sh] s/TIMEOUT/SSHAGENT_TIMEOUT/ Fixes conflict
+ with shell read-only variable.
+ - (tim) [regress/sftp-badcmds.sh regress/sftp-cmds.sh] Fix errors like
+ UX:rm: ERROR: Cannot remove '.' or '..'
+
+20030908
+ - (tim) [configure.ac openbsd-compat/getrrsetbyname.c] wrap _getshort and
+ _getlong in #ifndef
+ - (tim) [configure.ac acconfig.h openbsd-compat/getrrsetbyname.c] test for
+ HEADER.ad in arpa/nameser.h
+ - (tim) [ssh-keygen.c] s/PATH_MAX/MAXPATHLEN/ ok mouring@
+
+20030907
+ - (dtucker) [agent-ptrace.sh dynamic-forward.sh (all regress/)]
+ Put "which" inside quotes.
+ - (dtucker) [dynamic-forward.sh forwarding.sh sftp-batch.sh (all regress/)]
+ Add ${EXEEXT}: required to work on Cygwin.
+ - (dtucker) [regress/sftp-batch.sh] Make temporary batch file name more
+ distinctive, so "rm ${BATCH}.*" doesn't match the script itself.
+ - (dtucker) [regress/sftp-cmds.sh] Skip quoted file test on Cygwin.
+ - (dtucker) [openbsd-compat/xcrypt.c] #elsif -> #elif
+ - (dtucker) [acconfig.h] Typo.
+ - (dtucker) [CREDITS Makefile.in configure.ac mdoc2man.awk mdoc2man.pl]
+ Replace mdoc2man.pl with mdoc2man.awk, provided by Peter Stuge.
+
+20030906
+ - (dtucker) [acconfig.h configure.ac uidswap.c] Prefer setuid/setgid on AIX.
+
+20030905
+ - (dtucker) [Makefile.in] Add distclean target for regress/, fix clean target.
+
+20030904
+ - (dtucker) Portablize regression tests. Parts contributed by Roumen
+ Petrov, David M. Williams and Corinna Vinschen.
+ - [Makefile.in] Add "make tests" target and "make clean" hooks.
+ - [regress/agent-getpeereid.sh] Skip test on platforms that don't support
+ getpeereid.
+ - [regress/agent-ptrace.sh] Skip tests if platform doesn't support it or
+ gdb cannot be found.
+ - [regress/reconfigure/sh] Make path to sshd fully qualified if required.
+ - [regress/rekey.sh] Remove dependence on /dev/zero (not all platforms have
+ it). The sparse file will take less disk space too.
+ - [regress/sftp-cmds.sh] Ensure files used for test are readable.
+ - [regress/stderr-after-eof.sh] Search for a usable checksum program.
+ - [regress/sftp-badcmds.sh regress/sftp-cmds.sh regress/sftp.sh
+ regress/ssh-com-client.sh regress/ssh-com-sftp.sh regress/stderr-data.sh
+ regress/transfer.sh] Use ${EXEEXT} where appropriate.
+ - [regress/sftp.sh regress/ssh-com-sftp.sh] Remove dependency on /dev/stdin.
+ - [regress/agent-ptrace.sh regress/agent-timeout.sh]
+ "grep -q" -> "grep >/dev/null"
+ - [regress/agent.sh regress/proto-version.sh regress/ssh-com.sh
+ regress/test-exec.sh] Handle different ways of echoing without newlines.
+ - [regress/dynamic-forward.sh] Some "which" programs output on stderr.
+ - [regress/sftp-cmds.sh] Use portable "test" option.
+ - [regress/test-exec.sh] Use sudo, search for "whoami" equivalent, always
+ use Strictmodes no, wait longer for sshd startup.
+ - [regress/Makefile] Remove BSDisms.
+ - [regress/README.regress] Add a basic readme.
+ - [Makefile.in regress/agent-getpeereid.sh] config.h is now in $BUILDDIR
+ not $OBJ.
+ - [Makefile.in regress/agent-ptrace] Fix minor regress issues on Cygwin.
+
+20030903
+ - (djm) OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2003/08/26 09:58:43
+ [auth-passwd.c auth.c auth.h auth1.c auth2-none.c auth2-passwd.c]
+ [auth2.c monitor.c]
+ fix passwd auth for 'username leaks via timing'; with djm@, original
+ patches from solar
+ - markus@cvs.openbsd.org 2003/08/28 12:54:34
+ [auth.h]
+ remove kerberos support from ssh1, since it has been replaced with GSSAPI;
+ but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
+ - markus@cvs.openbsd.org 2003/09/02 16:40:29
+ [version.h]
+ enter 3.7
+ - jmc@cvs.openbsd.org 2003/09/02 18:50:06
+ [sftp.1 ssh_config.5]
+ escape punctuation;
+ ok deraadt@
+
+20030902