X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/140e3e97454ecb8ce6e4df6e407352d4e42bf5b0..4297b666620fbeb53d0bf652a4f211dd8b47826d:/ChangeLog diff --git a/ChangeLog b/ChangeLog index ac4feb7d..dc5aba31 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,177 @@ +20050706 + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2005/07/01 13:19:47 + [channels.c] + don't free() if getaddrinfo() fails; report mpech@ + - djm@cvs.openbsd.org 2005/07/04 00:58:43 + [channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5] + implement support for X11 and agent forwarding over multiplex slave + connections. Because of protocol limitations, the slave connections inherit + the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding + their own. + ok dtucker@ "put it in" deraadt@ + - jmc@cvs.openbsd.org 2005/07/04 11:29:51 + [ssh_config.5] + fix Xr and a little grammar; + - markus@cvs.openbsd.org 2005/07/04 14:04:11 + [channels.c] + don't forget to set x11_saved_display + +20050626 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2005/06/17 22:53:47 + [ssh.c sshconnect.c] + Fix ControlPath's %p expanding to "0" for a default port, + spotted dwmw2 AT infradead.org; ok markus@ + - djm@cvs.openbsd.org 2005/06/18 04:30:36 + [ssh.c ssh_config.5] + allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@ + - djm@cvs.openbsd.org 2005/06/25 22:47:49 + [ssh.c] + do the default port filling code a few lines earlier, so it really + does fix %p + +20050618 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2005/05/20 12:57:01; + [auth1.c] split protocol 1 auth methods into separate functions, makes + authloop much more readable; fixes and ok markus@ (portable ok & + polish dtucker@) + - djm@cvs.openbsd.org 2005/06/17 02:44:33 + [auth1.c] make this -Wsign-compare clean; ok avsm@ markus@ + - (djm) [loginrec.c ssh-rand-helper.c] Fix -Wsign-compare for portable, + tested and fixes tim@ + +20050617 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2005/06/16 03:38:36 + [channels.c channels.h clientloop.c clientloop.h ssh.c] + move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd + easier later; ok deraadt@ + - markus@cvs.openbsd.org 2005/06/16 08:00:00 + [canohost.c channels.c sshd.c] + don't exit if getpeername fails for forwarded ports; bugzilla #1054; + ok djm + - djm@cvs.openbsd.org 2005/06/17 02:44:33 + [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] + [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] + [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] + [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] + [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] + make this -Wsign-compare clean; ok avsm@ markus@ + NB. auth1.c changes not committed yet (conflicts with uncommitted sync) + NB2. more work may be needed to make portable Wsign-compare clean + - (dtucker) [cipher.c openbsd-compat/openbsd-compat.h + openbsd-compat/openssl-compat.c] only include openssl compat stuff where + it's needed as it can cause conflicts elsewhere (eg xcrypt.c). Found by + and ok tim@ + +20050616 + - (djm) OpenBSD CVS Sync + - jaredy@cvs.openbsd.org 2005/06/07 13:25:23 + [progressmeter.c] + catch SIGWINCH and resize progress meter accordingly; ok markus dtucker + - djm@cvs.openbsd.org 2005/06/06 11:20:36 + [auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c] + introduce a generic %foo expansion function. replace existing % expansion + and add expansion to ControlPath; ok markus@ + - djm@cvs.openbsd.org 2005/06/08 03:50:00 + [ssh-keygen.1 ssh-keygen.c sshd.8] + increase default rsa/dsa key length from 1024 to 2048 bits; + ok markus@ deraadt@ + - djm@cvs.openbsd.org 2005/06/08 11:25:09 + [clientloop.c readconf.c readconf.h ssh.c ssh_config.5] + add ControlMaster=auto/autoask options to support opportunistic + multiplexing; tested avsm@ and jakob@, ok markus@ + - dtucker@cvs.openbsd.org 2005/06/09 13:43:49 + [cipher.c] + Correctly initialize end of array sentinel; ok djm@ + (Id sync only, change already in portable) + +20050609 + - (dtucker) [cipher.c openbsd-compat/Makefile.in + openbsd-compat/openbsd-compat.h openbsd-compat/openssl-compat.{c,h}] + Move compatibility code for supporting older OpenSSL versions to the + compat layer. Suggested by and "no objection" djm@ + +20050607 + - (dtucker) [configure.ac] Continue the hunt for LLONG_MIN and LLONG_MAX: + in today's episode we attempt to coax it from limits.h where it may be + hiding, failing that we take the DIY approach. Tested by tim@ + +20050603 + - (dtucker) [configure.ac] Only try gcc -std=gnu99 if LLONG_MAX isn't + defined, and check that it helps before keeping it in CFLAGS. Some old + gcc's don't set an error code when encountering an unknown value in -std. + Found and tested by tim@. + - (dtucker) [configure.ac] Point configure's reporting address at the + openssh-unix-dev list. ok tim@ djm@ + +20050602 + - (tim) [configure.ac] Some platforms need sys/types.h for arpa/nameser.h. + Take AC_CHECK_HEADERS test out of ultrix section. It caused other platforms + to skip builtin standard includes tests. (first AC_CHECK_HEADERS test + must be run on all platforms) Add missing ;; to case statement. OK dtucker@ + +20050601 + - (dtucker) [configure.ac] Look for _getshort and _getlong in + arpa/nameser.h. + - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoll.c] + Add strtoll to the compat library, from OpenBSD. + - (dtucker) OpenBSD CVS Sync + - avsm@cvs.openbsd.org 2005/05/26 02:08:05 + [scp.c] + If copying multiple files to a target file (which normally fails, as it + must be a target directory), kill the spawned ssh child before exiting. + This stops it trying to authenticate and spewing lots of output. + deraadt@ ok + - dtucker@cvs.openbsd.org 2005/05/26 09:08:12 + [ssh-keygen.c] + uint32_t -> u_int32_t for consistency; ok djm@ + - djm@cvs.openbsd.org 2005/05/27 08:30:37 + [ssh.c] + fix -O for cases where no ControlPath has been specified or socket at + ControlPath is not contactable; spotted by and ok avsm@ + - (tim) [config.guess config.sub] Update to '2005-05-27' version. + - (tim) [configure.ac] set TEST_SHELL for OpenServer 6 + +20050531 + - (dtucker) [contrib/aix/pam.conf] Correct comments. From davidl at + vintela.com. + - (dtucker) [mdoc2man.awk] Teach it to understand .Ox. + +20050530 + - (dtucker) [README] Link to new release notes. Beter late than never... + +20050529 + - (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the + argument to passwdexpired to be initialized to NULL. Suggested by tim@ + While at it, initialize the other arguments to auth functions in case they + ever acquire this behaviour. + - (dtucker) [openbsd-compat/port-aix.c] Whitespace cleanups while there. + - (dtucker) [openbsd-compat/port-aix.c] Minor correction to debug message, + spotted by tim@. + +20050528 + - (dtucker) [configure.ac] For AC_CHECK_HEADERS() and AC_CHECK_FUNCS() have + one entry per line to make it easier to merge changes. ok djm@ + - (dtucker) [configure.ac] strsep() may be defined in string.h, so check + for its presence and include it in the strsep check. + - (dtucker) [configure.ac] getpgrp may be defined in unistd.h, so check for + its presence before doing AC_FUNC_GETPGRP. + - (dtucker) [configure.ac] Merge HP-UX blocks into a common block with minor + version-specific variations as required. + - (dtucker) [openbsd-compat/port-aix.h] Use the HAVE_DECL_* definitions as + per the autoconf man page. Configure should always define them but it + doesn't hurt to check. + +20050527 + - (djm) [defines.h] Use our realpath if we have to define PATH_MAX, spotted by + David Leach; ok dtucker@ + - (dtucker) [acconfig.h configure.ac defines.h includes.h sshpty.c + openbsd-compat/bsd-misc.c] Add support for Ultrix. No, that's not a typo. + Required changes from Bernhard Simon, integrated by me. ok djm@ + 20050525 - (djm) [mpaux.c mpaux.h Makefile.in] Remove old mpaux.[ch] code, it has not been used for a while @@ -27,6 +201,88 @@ [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8] [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment variable, so don't say that we do (bz #623); ok deraadt@ + - djm@cvs.openbsd.org 2005/04/21 11:47:19 + [ssh.c] + don't allocate a pty when -n flag (/dev/null stdin) is set, patch from + ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@ + - dtucker@cvs.openbsd.org 2005/04/23 23:43:47 + [readpass.c] + Add debug message if read_passphrase can't open /dev/tty; bz #471; + ok djm@ + - jmc@cvs.openbsd.org 2005/04/26 12:59:02 + [sftp-client.h] + spelling correction in comment from wiz@netbsd; + - jakob@cvs.openbsd.org 2005/04/26 13:08:37 + [ssh.c ssh_config.5] + fallback gracefully if client cannot connect to ControlPath. ok djm@ + - moritz@cvs.openbsd.org 2005/04/28 10:17:56 + [progressmeter.c ssh-keyscan.c] + add snprintf checks. ok djm@ markus@ + - markus@cvs.openbsd.org 2005/05/02 21:13:22 + [readpass.c] + missing {} + - djm@cvs.openbsd.org 2005/05/10 10:28:11 + [ssh.c] + print nice error message for EADDRINUSE as well (ID sync only) + - djm@cvs.openbsd.org 2005/05/10 10:30:43 + [ssh.c] + report real errors on fallback from ControlMaster=no to normal connect + - markus@cvs.openbsd.org 2005/05/16 15:30:51 + [readconf.c servconf.c] + check return value from strdelim() for NULL (AddressFamily); mpech + - djm@cvs.openbsd.org 2005/05/19 02:39:55 + [sshd_config.5] + sort config options, from grunk AT pestilenz.org; ok jmc@ + - djm@cvs.openbsd.org 2005/05/19 02:40:52 + [sshd_config] + whitespace nit, from grunk AT pestilenz.org + - djm@cvs.openbsd.org 2005/05/19 02:42:26 + [includes.h] + fix cast, from grunk AT pestilenz.org + - djm@cvs.openbsd.org 2005/05/20 10:50:55 + [ssh_config.5] + give a ProxyCommand example using nc(1), with and ok jmc@ + - jmc@cvs.openbsd.org 2005/05/20 11:23:32 + [ssh_config.5] + oops - article and spacing; + - avsm@cvs.openbsd.org 2005/05/23 22:44:01 + [moduli.c ssh-keygen.c] + - removes signed/unsigned comparisons in moduli generation + - use strtonum instead of atoi where its easier + - check some strlcpy overflow and fatal instead of truncate + - djm@cvs.openbsd.org 2005/05/23 23:32:46 + [cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5] + add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes; + ok markus@ + - avsm@cvs.openbsd.org 2005/05/24 02:05:09 + [ssh-keygen.c] + some style nits from dmiller@, and use a fatal() instead of a printf()/exit + - avsm@cvs.openbsd.org 2005/05/24 17:32:44 + [atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c] + [ssh-keyscan.c sshconnect.c] + Switch atomicio to use a simpler interface; it now returns a size_t + (containing number of bytes read/written), and indicates error by + returning 0. EOF is signalled by errno==EPIPE. + Typical use now becomes: + + if (atomicio(read, ..., len) != len) + err(1,"read"); + + ok deraadt@, cloder@, djm@ + - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on + Cygwin. + - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux: + warning: dereferencing type-punned pointer will break strict-aliasing rules + warning: passing arg 3 of `pam_get_item' from incompatible pointer type + The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@ + - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1033: Provide + templates for _getshort and _getlong if missing to prevent compiler warnings + on Linux. + - (djm) [configure.ac openbsd-compat/Makefile.in] + [openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c] + Add strtonum(3) from OpenBSD libc, new code needs it. + Unfortunately Linux forces us to do a bizarre dance with compiler + options to get LLONG_MIN/MAX; Spotted by and ok dtucker@ 20050524 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]