X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/012bc0e1ed84b29875d2dd8a2cdb0a2370f76bdb..7b518233b49af5985227a602d842137700669bf7:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 7c435a94..9b26c7af 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,498 @@ +20010625 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/21 21:08:25 + [session.c] + don't reset forced_command (we allow multiple login shells in + ssh2); dwd@bell-labs.com + - mpech@cvs.openbsd.org 2001/06/22 10:17:51 + [ssh.1 sshd.8 ssh-keyscan.1] + o) .Sh AUTHOR -> .Sh AUTHORS; + o) remove unnecessary .Pp; + o) better -mdoc style; + o) typo; + o) sort SEE ALSO; + + aaron@ ok + - provos@cvs.openbsd.org 2001/06/22 21:27:08 + [dh.c pathnames.h] + use /etc/moduli instead of /etc/primes, okay markus@ + - provos@cvs.openbsd.org 2001/06/22 21:28:53 + [sshd.8] + document /etc/moduli + - markus@cvs.openbsd.org 2001/06/22 21:55:49 + [auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config + ssh-keygen.1] + merge authorized_keys2 into authorized_keys. + authorized_keys2 is used for backward compat. + (just append authorized_keys2 to authorized_keys). + - provos@cvs.openbsd.org 2001/06/22 21:57:59 + [dh.c] + increase linebuffer to deal with larger moduli; use rewind instead of + close/open + - markus@cvs.openbsd.org 2001/06/22 22:21:20 + [sftp-server.c] + allow long usernames/groups in readdir + - markus@cvs.openbsd.org 2001/06/22 23:35:21 + [ssh.c] + don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@ + - deraadt@cvs.openbsd.org 2001/06/23 00:16:16 + [scp.c] + slightly better care + - markus@cvs.openbsd.org 2001/06/23 00:20:57 + [auth2.c auth.c auth.h auth-rh-rsa.c] + *known_hosts2 is obsolete for hostbased authentication and + only used for backward compat. merge ssh1/2 hostkey check + and move it to auth.c + - deraadt@cvs.openbsd.org 2001/06/23 02:33:05 + [sftp.1 sftp-server.8 ssh-keygen.1] + join .%A entries; most by bk@rt.fm + - markus@cvs.openbsd.org 2001/06/23 02:34:33 + [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 + sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] + get rid of known_hosts2, use it for hostkey lookup, but do not + modify. + - markus@cvs.openbsd.org 2001/06/23 03:03:59 + [sshd.8] + draft-ietf-secsh-dh-group-exchange-01.txt + - markus@cvs.openbsd.org 2001/06/23 03:04:42 + [auth2.c auth-rh-rsa.c] + restore correct ignore_user_known_hosts logic. + - markus@cvs.openbsd.org 2001/06/23 05:26:02 + [key.c] + handle sigature of size 0 (some broken clients send this). + - deraadt@cvs.openbsd.org 2001/06/23 05:57:09 + [sftp.1 sftp-server.8 ssh-keygen.1] + ok, tmac is now fixed + +20010622 + - (stevesk) handle systems without pw_expire and pw_change. + +20010621 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/16 08:49:38 + [misc.c] + typo; dunlap@apl.washington.edu + - markus@cvs.openbsd.org 2001/06/16 08:50:39 + [channels.h] + bad //-style comment; thx to stevev@darkwing.uoregon.edu + - markus@cvs.openbsd.org 2001/06/16 08:57:35 + [scp.c] + no stdio or exit() in signal handlers. + - markus@cvs.openbsd.org 2001/06/16 08:58:34 + [misc.c] + copy pw_expire and pw_change, too. + - markus@cvs.openbsd.org 2001/06/19 12:34:09 + [session.c] + cleanup forced command handling, from dwd@bell-labs.com + - markus@cvs.openbsd.org 2001/06/19 14:09:45 + [session.c sshd.8] + disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com + - markus@cvs.openbsd.org 2001/06/19 15:40:45 + [session.c] + allocate and free at the same level. + - markus@cvs.openbsd.org 2001/06/20 13:56:39 + [channels.c channels.h clientloop.c packet.c serverloop.c] + move from channel_stop_listening to channel_free_all, + call channel_free_all before calling waitpid() in serverloop. + fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE + +20010615 + - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL + around grantpt(). + - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now + +20010614 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/13 09:10:31 + [session.c] + typo, use pid not s->pid, mstone@cs.loyola.edu + +20010613 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/12 10:58:29 + [session.c] + merge session_free into session_close() + merge pty_cleanup_proc into session_pty_cleanup() + - markus@cvs.openbsd.org 2001/06/12 16:10:38 + [session.c] + merge ssh1/ssh2 tty msg parse and alloc code + - markus@cvs.openbsd.org 2001/06/12 16:11:26 + [packet.c] + do not log() packet_set_maxsize + - markus@cvs.openbsd.org 2001/06/12 21:21:29 + [session.c] + remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since + we do already trust $HOME/.ssh + you can use .ssh/sshrc and .ssh/environment if you want to customize + the location of the xauth cookies + - markus@cvs.openbsd.org 2001/06/12 21:30:57 + [session.c] + unused + +20010612 + - scp.c ID update (upstream synced vfsprintf() from us) + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/10 11:29:20 + [dispatch.c] + we support rekeying + protocol errors are fatal. + - markus@cvs.openbsd.org 2001/06/11 10:18:24 + [session.c] + reset pointer to NULL after xfree(); report from solar@openwall.com + - markus@cvs.openbsd.org 2001/06/11 16:04:38 + [sshd.8] + typo; bdubreuil@crrel.usace.army.mil + +20010611 + - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller + + - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t + types. Patch by Jan IVEN + - (bal) Fixed Makefile.in so that 'configure; make install' works. + +20010610 + - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c + +20010609 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/30 12:55:13 + [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c + packet.c serverloop.c session.c ssh.c ssh1.h] + channel layer cleanup: merge header files and split .c files + - markus@cvs.openbsd.org 2001/05/30 15:20:10 + [ssh.c] + merge functions, simplify. + - markus@cvs.openbsd.org 2001/05/31 10:30:17 + [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c + packet.c serverloop.c session.c ssh.c] + undo the .c file split, just merge the header and keep the cvs + history + - (bal) Channels.c and Channels.h -- "Merge Functions, simplify" (draged + out of ssh Attic) + - (bal) Ooops.. nchan.c (and remove nchan.h) resync from OpenBSD ssh + Attic. + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/31 13:08:04 + [sshd_config] + group options and add some more comments + - markus@cvs.openbsd.org 2001/06/03 14:55:39 + [channels.c channels.h session.c] + use fatal_register_cleanup instead of atexit, sync with x11 authdir + handling + - markus@cvs.openbsd.org 2001/06/03 19:36:44 + [ssh-keygen.1] + 1-2 bits of entrophy per character (not per word), ok stevesk@ + - markus@cvs.openbsd.org 2001/06/03 19:38:42 + [scp.c] + pass -v to ssh; from slade@shore.net + - markus@cvs.openbsd.org 2001/06/03 20:06:11 + [auth2-chall.c] + the challenge response device decides how to handle non-existing + users. + -> fake challenges for skey and cryptocard + - markus@cvs.openbsd.org 2001/06/04 21:59:43 + [channels.c channels.h session.c] + switch uid when cleaning up tmp files and sockets; reported by + zen-parse@gmx.net on bugtraq + - markus@cvs.openbsd.org 2001/06/04 23:07:21 + [clientloop.c serverloop.c sshd.c] + set flags in the signal handlers, do real work in the main loop, + ok provos@ + - markus@cvs.openbsd.org 2001/06/04 23:16:16 + [session.c] + merge ssh1/2 x11-fwd setup, create listener after tmp-dir + - pvalchev@cvs.openbsd.org 2001/06/05 05:05:39 + [ssh-keyscan.1 ssh-keyscan.c] + License clarification from David Mazieres, ok deraadt@ + - markus@cvs.openbsd.org 2001/06/05 10:24:32 + [channels.c] + don't delete the auth socket in channel_stop_listening() + auth_sock_cleanup_proc() will take care of this. + - markus@cvs.openbsd.org 2001/06/05 16:46:19 + [session.c] + let session_close() delete the pty. deny x11fwd if xauthfile is set. + - markus@cvs.openbsd.org 2001/06/06 23:13:54 + [ssh-dss.c ssh-rsa.c] + cleanup, remove old code + - markus@cvs.openbsd.org 2001/06/06 23:19:35 + [ssh-add.c] + remove debug message; Darren.Moffat@eng.sun.com + - markus@cvs.openbsd.org 2001/06/07 19:57:53 + [auth2.c] + style is used for bsdauth. + disconnect on user/service change (ietf-drafts) + - markus@cvs.openbsd.org 2001/06/07 20:23:05 + [authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c + sshconnect.c sshconnect1.c] + use xxx_put_cstring() + - markus@cvs.openbsd.org 2001/06/07 22:25:02 + [session.c] + don't overwrite errno + delay deletion of the xauth cookie + - markus@cvs.openbsd.org 2001/06/08 15:25:40 + [includes.h pathnames.h readconf.c servconf.c] + move the path for xauth to pathnames.h + - (bal) configure.in fix for Tru64 (forgeting to reset $LIB) + - (bal) ANSIify strmode() + - (bal) --with-catman should be --with-mantype patch by Dave + Dykstra + +20010606 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/17 21:34:15 + [ssh.1] + no spaces in PreferredAuthentications; + meixner@rbg.informatik.tu-darmstadt.de + - markus@cvs.openbsd.org 2001/05/18 14:13:29 + [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c + readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c] + improved kbd-interactive support. work by per@appgate.com and me + - djm@cvs.openbsd.org 2001/05/19 00:36:40 + [session.c] + Disable X11 forwarding if xauth binary is not found. Patch from Nalin + Dahyabhai ; ok markus@ + - markus@cvs.openbsd.org 2001/05/19 16:05:41 + [scp.c] + ftruncate() instead of open()+O_TRUNC like rcp.c does + allows scp /path/to/file localhost:/path/to/file + - markus@cvs.openbsd.org 2001/05/19 16:08:43 + [sshd.8] + sort options; Matthew.Stier@fnc.fujitsu.com + - markus@cvs.openbsd.org 2001/05/19 16:32:16 + [ssh.1 sshconnect2.c] + change preferredauthentication order to + publickey,hostbased,password,keyboard-interactive + document that hostbased defaults to no, document order + - markus@cvs.openbsd.org 2001/05/19 16:46:19 + [ssh.1 sshd.8] + document MACs defaults with .Dq + - stevesk@cvs.openbsd.org 2001/05/19 19:43:57 + [misc.c misc.h servconf.c sshd.8 sshd.c] + sshd command-line arguments and configuration file options that + specify time may be expressed using a sequence of the form: + time[qualifier], where time is a positive integer value and qualifier + is one of the following: + ,s,m,h,d,w + Examples: + 600 600 seconds (10 minutes) + 10m 10 minutes + 1h30m 1 hour 30 minutes (90 minutes) + ok markus@ + - stevesk@cvs.openbsd.org 2001/05/19 19:57:09 + [channels.c] + typo in error message + - markus@cvs.openbsd.org 2001/05/20 17:20:36 + [auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8 + sshd_config] + configurable authorized_keys{,2} location; originally from peter@; + ok djm@ + - markus@cvs.openbsd.org 2001/05/24 11:12:42 + [auth.c] + fix comment; from jakob@ + - stevesk@cvs.openbsd.org 2001/05/24 18:57:53 + [clientloop.c readconf.c ssh.c ssh.h] + don't perform escape processing when ``EscapeChar none''; ok markus@ + - markus@cvs.openbsd.org 2001/05/25 14:37:32 + [ssh-keygen.c] + use -P for -e and -y, too. + - markus@cvs.openbsd.org 2001/05/28 08:04:39 + [ssh.c] + fix usage() + - markus@cvs.openbsd.org 2001/05/28 10:08:55 + [authfile.c] + key_load_private: set comment to filename for PEM keys + - markus@cvs.openbsd.org 2001/05/28 22:51:11 + [cipher.c cipher.h] + simpler 3des for ssh1 + - markus@cvs.openbsd.org 2001/05/28 23:14:49 + [channels.c channels.h nchan.c] + undo broken channel fix and try a different one. there + should be still some select errors... + - markus@cvs.openbsd.org 2001/05/28 23:25:24 + [channels.c] + cleanup, typo + - markus@cvs.openbsd.org 2001/05/28 23:58:35 + [packet.c packet.h sshconnect.c sshd.c] + remove some lines, simplify. + - markus@cvs.openbsd.org 2001/05/29 12:31:27 + [authfile.c] + typo + +20010528 + - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c + Patch by Corinna Vinschen + +20010517 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/12 19:53:13 + [sftp-server.c] + readlink does not NULL-terminate; mhe@home.se + - deraadt@cvs.openbsd.org 2001/05/15 22:04:01 + [ssh.1] + X11 forwarding details improved + - markus@cvs.openbsd.org 2001/05/16 20:51:57 + [authfile.c] + return comments for private pem files, too; report from nolan@naic.edu + - markus@cvs.openbsd.org 2001/05/16 21:53:53 + [clientloop.c] + check for open sessions before we call select(); fixes the x11 client + bug reported by bowman@math.ualberta.ca + - markus@cvs.openbsd.org 2001/05/16 22:09:21 + [channels.c nchan.c] + more select() error fixes (don't set rfd/wfd to -1). + - (bal) Enabled USE_PIPES for Cygwin on Corinna Vinschen + - (bal) Corrected on_exit() emulation via atexit(). + +20010512 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/11 14:59:56 + [clientloop.c misc.c misc.h] + add unset_nonblock for stdout/err flushing in client_loop(). + - (bal) Patch to partial sync up contrib/solaris/ packaging software. + Patch by pete + +20010511 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/09 22:51:57 + [channels.c] + fix -R for protocol 2, noticed by greg@nest.cx. + bug was introduced with experimental dynamic forwarding. + - markus@cvs.openbsd.org 2001/05/09 23:01:31 + [rijndael.h] + fix prototype; J.S.Peatfield@damtp.cam.ac.uk + +20010509 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/06 21:23:31 + [cli.c] + cli_read() fails to catch SIGINT + overflow; from obdb@zzlevo.net + - markus@cvs.openbsd.org 2001/05/08 19:17:31 + [channels.c serverloop.c clientloop.c] + adds correct error reporting to async connect()s + fixes the server-discards-data-before-connected-bug found by + onoe@sm.sony.co.jp + - mouring@cvs.openbsd.org 2001/05/08 19:45:25 + [misc.c misc.h scp.c sftp.c] + Use addargs() in sftp plus some clean up of addargs(). OK Markus + - markus@cvs.openbsd.org 2001/05/06 21:45:14 + [clientloop.c] + use atomicio for flushing stdout/stderr bufs. thanks to + jbw@izanami.cee.hw.ac.uk + - markus@cvs.openbsd.org 2001/05/08 22:48:07 + [atomicio.c] + no need for xmalloc.h, thanks to espie@ + - (bal) UseLogin patch for Solaris/UNICOS. Patch by Wayne Davison + + - (bal) ./configure support to disable SIA on OSF1. Patch by + Chris Adams + - (bal) Updates from the Sony NEWS-OS platform by NAKAJI Hiroyuki + + +20010508 + - (bal) Fixed configure test for USE_SIA. + +20010506 + - (djm) Update config.guess and config.sub with latest versions (from + ftp://ftp.gnu.org/gnu/config/) to allow configure on ia64-hpux. + Suggested by Jason Mader + - (bal) White Space and #ifdef sync with OpenBSD + - (bal) Add 'seed_rng()' to ssh-add.c + - (bal) CVS ID updates for readpass.c, readpass.h, cli.c, and cli.h + - OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2001/05/05 13:42:52 + [sftp.1 ssh-add.1 ssh-keygen.1] + typos, grammar + +20010505 + - OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2001/05/04 14:21:56 + [ssh.1 sshd.8] + typos + - markus@cvs.openbsd.org 2001/05/04 14:34:34 + [channels.c] + channel_new() reallocs channels[], we cannot use Channel *c after + calling channel_new(), XXX fix this in the future... + - markus@cvs.openbsd.org 2001/05/04 23:47:34 + [channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c] + move to Channel **channels (instead of Channel *channels), fixes realloc + problems. channel_new now returns a Channel *, favour Channel * over + channel id. remove old channel_allocate interface. + +20010504 + - OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2001/05/03 15:07:39 + [channels.c] + typo in debug() string + - markus@cvs.openbsd.org 2001/05/03 15:45:15 + [session.c] + exec shell -c /bin/sh .ssh/sshrc, from abartlet@pcug.org.au + - stevesk@cvs.openbsd.org 2001/05/03 21:43:01 + [servconf.c] + remove "\n" from fatal() + - mouring@cvs.openbsd.org 2001/05/03 23:09:53 + [misc.c misc.h scp.c sftp.c] + Move colon() and cleanhost() to misc.c where I should I have put it in + the first place + - (bal) Updated Cygwin README by Corinna Vinschen + - (bal) Avoid socket file security issues in ssh-agent for Cygwin. + Patch by Egor Duda + +20010503 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/05/02 16:41:20 + [ssh-add.c] + fix prompt for ssh-add. + +20010502 + - OpenBSD CVS Sync + - mouring@cvs.openbsd.org 2001/05/02 01:25:39 + [readpass.c] + Put the 'const' back into ssh_askpass() function. Pointed out + by Mark Miller . OK Markus + +20010501 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/30 11:18:52 + [readconf.c readconf.h ssh.1 ssh.c sshconnect.c] + implement 'ssh -b bind_address' like 'telnet -b' + - markus@cvs.openbsd.org 2001/04/30 15:50:46 + [compat.c compat.h kex.c] + allow interop with weaker key generation used by ssh-2.0.x, x < 10 + - markus@cvs.openbsd.org 2001/04/30 16:02:49 + [compat.c] + ssh-2.0.10 has the weak-key-bug, too. + - (tim) [contrib/caldera/openssh.spec] add Requires line for Caldera 3.1 + +20010430 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/29 18:32:52 + [serverloop.c] + fix whitespace + - markus@cvs.openbsd.org 2001/04/29 19:16:52 + [channels.c clientloop.c compat.c compat.h serverloop.c] + more ssh.com-2.0.x bug-compat; from per@appgate.com + - (tim) New version of mdoc2man.pl from Mark D. Roth + - (djm) Add .cvsignore files, suggested by Wayne Davison + +20010429 + - (bal) Updated INSTALL. PCRE moved to a new place. + - (djm) Release OpenSSH-2.9p1 + +20010427 + - (bal) Fixed uidswap.c so it should work on non-posix complient systems. + patch based on 2.5.2 version by djm. + - (bal) Build manpages and config files once unless changed. Patch by + Carson Gaspar + - (bal) arpa/nameser.h does not exist on Cygwin. Patch by Corinna + Vinschen + - (bal) Add /etc/sysconfig/sshd support to redhat's sshd.init. Patch by + Pekka Savola + - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen + + - (bal) version.h synced, RPM specs updated for 2.9 + - (tim) update contrib/caldera files with what Caldera is using. + + 20010425 - OpenBSD CVS Sync - markus@cvs.openbsd.org 2001/04/23 21:57:07 @@ -6,6 +501,13 @@ - markus@cvs.openbsd.org 2001/04/23 22:14:13 [ssh-keygen.c] remove debug + - (bal) Whitespace resync w/ OpenBSD for uidswap.c + - (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt' + (default: off), implies KbdInteractiveAuthentication. Suggestion from + markus@ + - (djm) Include crypt.h if available in auth-passwd.c + - tim@mindrot.org 2001/04/25 21:38:01 [configure.in] + man page detection fixes for SCO 20010424 - OpenBSD CVS Sync