X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/29accf743f29aaef9825ab94b03dcf26614b931f..e45da4d6928b5f35b9add90897665eaec43ac108:/ChangeLog diff --git a/ChangeLog b/ChangeLog index bba41890..8e5af010 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,55 @@ +20051129 + - (tim) [ssh-keygen.c] Move DSA length test after setting default when + bits == 0. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2005/11/29 02:04:55 + [ssh-keygen.c] + Populate default key sizes before checking them; from & ok tim@ + - (tim) [configure.ac sshd.8] Enable locked account check (a "*LK*" string) + for UnixWare. + +20051128 + - (dtucker) [regress/yes-head.sh] Work around breakage caused by some + versions of GNU head. Based on patch from zappaman at buraphalinux.org + - (dtucker) [includes.h] Bug #1122: __USE_GNU is a glibc internal macro, use + _GNU_SOURCE instead. Patch from t8m at centrum.cz. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2005/11/28 05:16:53 + [ssh-keygen.1 ssh-keygen.c] + Enforce DSA key length of exactly 1024 bits to comply with FIPS-186-2, + increase minumum RSA key size to 768 bits and update man page to reflect + these. Patch originally bz#1119 (senthilkumar_sen at hotpop.com), + ok djm@, grudging ok deraadt@. + - dtucker@cvs.openbsd.org 2005/11/28 06:02:56 + [ssh-agent.1] + Update agent socket path templates to reflect reality, correct xref for + time formats. bz#1121, patch from openssh at roumenpetrov.info, ok djm@ + +20051126 + - (dtucker) [configure.ac] Bug #1126: AIX 5.2 and 5.3 (and presumably newer, + when they're available) need the real UID set otherwise pam_chauthtok will + set ADMCHG after changing the password, forcing the user to change it + again immediately. + +20051125 + - (dtucker) [configure.ac] Apply tim's fix for older systems where the + resolver state in resolv.h is "state" not "__res_state". With slight + modification by me to also work on old AIXes. ok djm@ + - (dtucker) [progressmeter.c scp.c sftp-server.c] Use correct casts for + snprintf formats, fixes warnings on some 64 bit platforms. Patch from + shaw at vranix.com, ok djm@ + +20051124 + - (djm) [configure.ac openbsd-compat/Makefile.in openbsd-compat/bsd-asprintf.c + openbsd-compat/bsd-snprintf.c openbsd-compat/openbsd-compat.h] Add an + asprintf() implementation, after syncing our {v,}snprintf() implementation + with some extra fixes from Samba's version. With help and debugging from + dtucker and tim; ok dtucker@ + - (dtucker) [configure.ac] Fix typos in comments and AC_SEARCH_LIB argument + order in Reliant Unix block. Patch from johane at lysator.liu.se. + - (dtucker) [regress/test-exec.sh] Use 1024 bit keys since we generate so + many and use them only once. Speeds up testing on older/slower hardware. + 20051122 - (dtucker) OpenBSD CVS Sync - deraadt@cvs.openbsd.org 2005/11/12 18:37:59 @@ -6,6 +58,24 @@ - deraadt@cvs.openbsd.org 2005/11/12 18:38:15 [scp.c] avoid close(-1), as in rcp; ok cloder + - millert@cvs.openbsd.org 2005/11/15 11:59:54 + [includes.h] + Include sys/queue.h explicitly instead of assuming some other header + will pull it in. At the moment it gets pulled in by sys/select.h + (which ssh has no business including) via event.h. OK markus@ + (ID sync only in -portable) + - dtucker@cvs.openbsd.org 2005/11/21 09:42:10 + [auth-krb5.c] + Perform Kerberos calls even for invalid users to prevent leaking + information about account validity. bz #975, patch originally from + Senthil Kumar, sanity checked by Simon Wilkinson, tested by djm@, biorn@, + ok markus@ + - dtucker@cvs.openbsd.org 2005/11/22 03:36:03 + [hostfile.c] + Correct format/arguments to debug call; spotted by shaw at vranix.com + ok djm@ + - (dtucker) [loginrec.c] Add casts to prevent compiler warnings, patch + from shaw at vranix.com. 20051120 - (dtucker) [openbsd-compat/openssl-compat.h] Add comment explaining what