+20010704
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/06/25 08:25:41
+ [channels.c channels.h cipher.c clientloop.c compat.c compat.h
+ hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
+ session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
+ update copyright for 2001
+ - markus@cvs.openbsd.org 2001/06/25 17:18:27
+ [ssh-keygen.1]
+ sshd(8) will never read the private keys, but ssh(1) does;
+ hugh@mimosa.com
+ - provos@cvs.openbsd.org 2001/06/25 17:54:47
+ [auth.c auth.h auth-rsa.c]
+ terminate secure_filename checking after checking homedir. that way
+ it works on AFS. okay markus@
+ - stevesk@cvs.openbsd.org 2001/06/25 20:26:37
+ [auth2.c sshconnect2.c]
+ prototype cleanup; ok markus@
+ - markus@cvs.openbsd.org 2001/06/26 02:47:07
+ [ssh-keygen.c]
+ allow loading a private RSA key to a cyberflex card.
+ - markus@cvs.openbsd.org 2001/06/26 04:07:06
+ [ssh-agent.1 ssh-agent.c]
+ add debug flag
+ - markus@cvs.openbsd.org 2001/06/26 04:59:59
+ [authfd.c authfd.h ssh-add.c]
+ initial support for smartcards in the agent
+ - markus@cvs.openbsd.org 2001/06/26 05:07:43
+ [ssh-agent.c]
+ update usage
+ - markus@cvs.openbsd.org 2001/06/26 05:33:34
+ [ssh-agent.c]
+ more smartcard support.
+ - mpech@cvs.openbsd.org 2001/06/26 05:48:07
+ [sshd.8]
+ remove unnecessary .Pp between .It;
+ millert@ ok
+ - markus@cvs.openbsd.org 2001/06/26 05:50:11
+ [auth2.c]
+ new interface for secure_filename()
+ - itojun@cvs.openbsd.org 2001/06/26 06:32:58
+ [atomicio.h authfd.h authfile.h auth.h auth-options.h bufaux.h
+ buffer.h canohost.h channels.h cipher.h clientloop.h compat.h
+ compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.h
+ hostfile.h kex.h key.h log.h mac.h match.h misc.h mpaux.h packet.h
+ radix.h readconf.h readpass.h rsa.h]
+ prototype pedant. not very creative...
+ - () -> (void)
+ - no variable names
+ - itojun@cvs.openbsd.org 2001/06/26 06:33:07
+ [servconf.h serverloop.h session.h sftp-client.h sftp-common.h
+ sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h
+ ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h]
+ prototype pedant. not very creative...
+ - () -> (void)
+ - no variable names
+ - dugsong@cvs.openbsd.org 2001/06/26 16:15:25
+ [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
+ servconf.c servconf.h session.c sshconnect1.c sshd.c]
+ Kerberos v5 support for SSH1, mostly from Assar Westerlund
+ <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
+ - markus@cvs.openbsd.org 2001/06/26 17:25:34
+ [ssh.1]
+ document SSH_ASKPASS; fubob@MIT.EDU
+ - markus@cvs.openbsd.org 2001/06/26 17:27:25
+ [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h
+ canohost.h channels.h cipher.h clientloop.h compat.h compress.h
+ crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h
+ hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h
+ packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h
+ session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h
+ sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h
+ tildexpand.h uidswap.h uuencode.h xmalloc.h]
+ remove comments from .h, since they are cut&paste from the .c files
+ and out of sync
+ - dugsong@cvs.openbsd.org 2001/06/26 17:41:49
+ [servconf.c]
+ #include <kafs.h>
+ - markus@cvs.openbsd.org 2001/06/26 20:14:11
+ [key.c key.h ssh.c sshconnect1.c sshconnect2.c]
+ add smartcard support to the client, too (now you can use both
+ the agent and the client).
+ - markus@cvs.openbsd.org 2001/06/27 02:12:54
+ [serverloop.c serverloop.h session.c session.h]
+ quick hack to make ssh2 work again.
+ - markus@cvs.openbsd.org 2001/06/27 04:48:53
+ [auth.c match.c sshd.8]
+ tridge@samba.org
+ - markus@cvs.openbsd.org 2001/06/27 05:35:42
+ [ssh-keygen.c]
+ use cyberflex_inq_class to inquire class.
+
+20010629
+ - (bal) Removed net_aton() since we don't use it any more
+ - (bal) Fixed _DISABLE_VPOSIX in readpassphrase.c.
+ - (bal) Updated zlib's home. Thanks to David Howe <DaveHowe@gmx.co.uk>.
+ - (stevesk) remove _REENTRANT #define
+ - (stevesk) session.c: use u_int for envsize
+ - (stevesk) remove cli.[ch]
+
+20010628
+ - (djm) Sync openbsd-compat with -current libc
+ - (djm) Fix from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> for my
+ broken makefile
+ - (bal) Removed strtok_r() and inet_ntop() since they are no longer used.
+ - (bal) Remove getusershell() since it's no longer used.
+
+20010627
+ - (djm) Reintroduce pam_session call for non-pty sessions.
+ - (djm) Remove redundant and incorrect test for max auth attempts in
+ PAM kbdint code. Based on fix from Matthew Melvin
+ <matthewm@webcentral.com.au>
+ - (djm) Rename sysconfdir/primes => sysconfdir/moduli
+ - (djm) Oops, forgot make logic for primes=>moduli. Also try to rename
+ existing primes->moduli if it exists.
+ - (djm) Sync with -current openbsd-compat/readpassphrase.c:
+ - djm@cvs.openbsd.org 2001/06/27 13:23:30
+ typo, spotted by Tom Holroyd <tomh@po.crl.go.jp>; ok deraadt@
+ - (djm) Turn up warnings if gcc or egcs detected
+ - (stevesk) for HP-UX 11.X use X/Open socket interface;
+ pulls in modern socket prototypes and eliminates a number of compiler
+ warnings. see xopen_networking(7).
+ - (stevesk) fix x11 forwarding from _PATH_XAUTH change
+ - (stevesk) use X/Open socket interface for HP-UX 10.X also
+
+20010625
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/06/21 21:08:25
+ [session.c]
+ don't reset forced_command (we allow multiple login shells in
+ ssh2); dwd@bell-labs.com
+ - mpech@cvs.openbsd.org 2001/06/22 10:17:51
+ [ssh.1 sshd.8 ssh-keyscan.1]
+ o) .Sh AUTHOR -> .Sh AUTHORS;
+ o) remove unnecessary .Pp;
+ o) better -mdoc style;
+ o) typo;
+ o) sort SEE ALSO;
+ aaron@ ok
+ - provos@cvs.openbsd.org 2001/06/22 21:27:08
+ [dh.c pathnames.h]
+ use /etc/moduli instead of /etc/primes, okay markus@
+ - provos@cvs.openbsd.org 2001/06/22 21:28:53
+ [sshd.8]
+ document /etc/moduli
+ - markus@cvs.openbsd.org 2001/06/22 21:55:49
+ [auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
+ ssh-keygen.1]
+ merge authorized_keys2 into authorized_keys.
+ authorized_keys2 is used for backward compat.
+ (just append authorized_keys2 to authorized_keys).
+ - provos@cvs.openbsd.org 2001/06/22 21:57:59
+ [dh.c]
+ increase linebuffer to deal with larger moduli; use rewind instead of
+ close/open
+ - markus@cvs.openbsd.org 2001/06/22 22:21:20
+ [sftp-server.c]
+ allow long usernames/groups in readdir
+ - markus@cvs.openbsd.org 2001/06/22 23:35:21
+ [ssh.c]
+ don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
+ - deraadt@cvs.openbsd.org 2001/06/23 00:16:16
+ [scp.c]
+ slightly better care
+ - markus@cvs.openbsd.org 2001/06/23 00:20:57
+ [auth2.c auth.c auth.h auth-rh-rsa.c]
+ *known_hosts2 is obsolete for hostbased authentication and
+ only used for backward compat. merge ssh1/2 hostkey check
+ and move it to auth.c
+ - deraadt@cvs.openbsd.org 2001/06/23 02:33:05
+ [sftp.1 sftp-server.8 ssh-keygen.1]
+ join .%A entries; most by bk@rt.fm
+ - markus@cvs.openbsd.org 2001/06/23 02:34:33
+ [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
+ sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
+ get rid of known_hosts2, use it for hostkey lookup, but do not
+ modify.
+ - markus@cvs.openbsd.org 2001/06/23 03:03:59
+ [sshd.8]
+ draft-ietf-secsh-dh-group-exchange-01.txt
+ - markus@cvs.openbsd.org 2001/06/23 03:04:42
+ [auth2.c auth-rh-rsa.c]
+ restore correct ignore_user_known_hosts logic.
+ - markus@cvs.openbsd.org 2001/06/23 05:26:02
+ [key.c]
+ handle sigature of size 0 (some broken clients send this).
+ - deraadt@cvs.openbsd.org 2001/06/23 05:57:09
+ [sftp.1 sftp-server.8 ssh-keygen.1]
+ ok, tmac is now fixed
+ - markus@cvs.openbsd.org 2001/06/23 06:41:10
+ [ssh-keygen.c]
+ try to decode ssh-3.0.0 private rsa keys
+ (allow migration to openssh, not vice versa), #910
+ - itojun@cvs.openbsd.org 2001/06/23 15:12:20
+ [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
+ canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
+ hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
+ readpass.c scp.c servconf.c serverloop.c session.c sftp.c
+ sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
+ ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
+ ssh-keygen.c ssh-keyscan.c]
+ more strict prototypes. raise warning level in Makefile.inc.
+ markus ok'ed
+ TODO; cleanup headers
+ - markus@cvs.openbsd.org 2001/06/23 17:05:22
+ [ssh-keygen.c]
+ fix import for (broken?) ssh.com/f-secure private keys
+ (i tested > 1000 RSA keys)
+ - itojun@cvs.openbsd.org 2001/06/23 17:48:18
+ [sftp.1 ssh.1 sshd.8 ssh-keyscan.1]
+ kill whitespace at EOL.
+ - markus@cvs.openbsd.org 2001/06/23 19:12:43
+ [sshd.c]
+ pidfile/sigterm race; bbraun@synack.net
+ - markus@cvs.openbsd.org 2001/06/23 22:37:46
+ [sshconnect1.c]
+ consistent with ssh2: skip key if empty passphrase is entered,
+ retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@
+ - markus@cvs.openbsd.org 2001/06/24 05:25:10
+ [auth-options.c match.c match.h]
+ move ip+hostname check to match.c
+ - markus@cvs.openbsd.org 2001/06/24 05:35:33
+ [readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
+ switch to readpassphrase(3)
+ 2.7/8-stable needs readpassphrase.[ch] from libc
+ - markus@cvs.openbsd.org 2001/06/24 05:47:13
+ [sshconnect2.c]
+ oops, missing format string
+ - markus@cvs.openbsd.org 2001/06/24 17:18:31
+ [ttymodes.c]
+ passing modes works fine: debug2->3
+ - (djm) -Wall fix for session.c
+ - (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and
+ Solaris
+
+20010622
+ - (stevesk) handle systems without pw_expire and pw_change.
+
+20010621
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/06/16 08:49:38
+ [misc.c]
+ typo; dunlap@apl.washington.edu
+ - markus@cvs.openbsd.org 2001/06/16 08:50:39
+ [channels.h]
+ bad //-style comment; thx to stevev@darkwing.uoregon.edu
+ - markus@cvs.openbsd.org 2001/06/16 08:57:35
+ [scp.c]
+ no stdio or exit() in signal handlers.
+ - markus@cvs.openbsd.org 2001/06/16 08:58:34
+ [misc.c]
+ copy pw_expire and pw_change, too.
+ - markus@cvs.openbsd.org 2001/06/19 12:34:09
+ [session.c]
+ cleanup forced command handling, from dwd@bell-labs.com
+ - markus@cvs.openbsd.org 2001/06/19 14:09:45
+ [session.c sshd.8]
+ disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
+ - markus@cvs.openbsd.org 2001/06/19 15:40:45
+ [session.c]
+ allocate and free at the same level.
+ - markus@cvs.openbsd.org 2001/06/20 13:56:39
+ [channels.c channels.h clientloop.c packet.c serverloop.c]
+ move from channel_stop_listening to channel_free_all,
+ call channel_free_all before calling waitpid() in serverloop.
+ fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE
+
+20010615
+ - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL
+ around grantpt().
+ - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now
+
+20010614
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/06/13 09:10:31
+ [session.c]
+ typo, use pid not s->pid, mstone@cs.loyola.edu
+
+20010613
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/06/12 10:58:29
+ [session.c]
+ merge session_free into session_close()
+ merge pty_cleanup_proc into session_pty_cleanup()
+ - markus@cvs.openbsd.org 2001/06/12 16:10:38
+ [session.c]
+ merge ssh1/ssh2 tty msg parse and alloc code
+ - markus@cvs.openbsd.org 2001/06/12 16:11:26
+ [packet.c]
+ do not log() packet_set_maxsize
+ - markus@cvs.openbsd.org 2001/06/12 21:21:29
+ [session.c]
+ remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since
+ we do already trust $HOME/.ssh
+ you can use .ssh/sshrc and .ssh/environment if you want to customize
+ the location of the xauth cookies
+ - markus@cvs.openbsd.org 2001/06/12 21:30:57
+ [session.c]
+ unused
+
+20010612
+ - scp.c ID update (upstream synced vfsprintf() from us)
+ - OpenBSD CVS Sync
+ - markus@cvs.openbsd.org 2001/06/10 11:29:20
+ [dispatch.c]
+ we support rekeying
+ protocol errors are fatal.
+ - markus@cvs.openbsd.org 2001/06/11 10:18:24
+ [session.c]
+ reset pointer to NULL after xfree(); report from solar@openwall.com
+ - markus@cvs.openbsd.org 2001/06/11 16:04:38
+ [sshd.8]
+ typo; bdubreuil@crrel.usace.army.mil
+
+20010611
+ - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller
+ <markm@swoon.net>
+ - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t
+ types. Patch by Jan IVEN <Jan.Iven@cern.ch>
+ - (bal) Fixed Makefile.in so that 'configure; make install' works.
+
+20010610
+ - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c
+
20010609
- OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/05/30 12:55:13
- markus@cvs.openbsd.org 2001/06/08 15:25:40
[includes.h pathnames.h readconf.c servconf.c]
move the path for xauth to pathnames.h
+ - (bal) configure.in fix for Tru64 (forgeting to reset $LIB)
+ - (bal) ANSIify strmode()
+ - (bal) --with-catman should be --with-mantype patch by Dave
+ Dykstra <dwd@bell-labs.com>
20010606
- OpenBSD CVS Sync