X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/3ca1f5b0215543dbadd1cfb44a1309d80a94dc8a..95d46d8f412295be2756bfab1a351c6b9d15a652:/ChangeLog

diff --git a/ChangeLog b/ChangeLog
index f211ebcd..260afe11 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,260 @@
+20060315
+ - (djm) OpenBSD CVS Sync:
+   - msf@cvs.openbsd.org 2006/02/06 15:54:07
+     [ssh.1]
+     - typo fix
+     ok jmc@
+   - jmc@cvs.openbsd.org 2006/02/06 21:44:47
+     [ssh.1]
+     make this a little less ambiguous...
+   - stevesk@cvs.openbsd.org 2006/02/07 01:08:04
+     [auth-rhosts.c includes.h]
+     move #include <netgroup.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/07 01:18:09
+     [includes.h ssh-agent.c ssh-keyscan.c sshconnect2.c]
+     move #include <sys/queue.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/07 01:42:00
+     [channels.c clientloop.c clientloop.h includes.h packet.h]
+     [serverloop.c sshpty.c sshpty.h sshtty.c ttymodes.c]
+     move #include <termios.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/07 01:52:50
+     [sshtty.c]
+     "log.h" not needed
+   - stevesk@cvs.openbsd.org 2006/02/07 03:47:05
+     [hostfile.c]
+     "packet.h" not needed
+   - stevesk@cvs.openbsd.org 2006/02/07 03:59:20
+     [deattack.c]
+     duplicate #include
+   - stevesk@cvs.openbsd.org 2006/02/08 12:15:27
+     [auth.c clientloop.c includes.h misc.c monitor.c readpass.c]
+     [session.c sftp.c ssh-agent.c ssh-keysign.c ssh.c sshconnect.c]
+     [sshd.c sshpty.c]
+     move #include <paths.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/08 12:32:49
+     [includes.h misc.c]
+     move #include <netinet/tcp.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/08 13:15:44
+     [gss-serv.c monitor.c]
+     small KNF
+   - stevesk@cvs.openbsd.org 2006/02/08 14:16:59
+     [sshconnect.c]
+     <openssl/bn.h> not needed
+   - stevesk@cvs.openbsd.org 2006/02/08 14:31:30
+     [includes.h ssh-agent.c ssh-keyscan.c ssh.c]
+     move #include <sys/resource.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/08 14:38:18
+     [includes.h packet.c]
+     move #include <netinet/in_systm.h> and <netinet/ip.h> out of
+     includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/08 23:51:24
+     [includes.h scp.c sftp-glob.c sftp-server.c]
+     move #include <dirent.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/09 00:32:07
+     [includes.h]
+     #include <sys/endian.h> not needed; ok djm@
+     NB. ID Sync only - we still need this (but it may move later)
+   - jmc@cvs.openbsd.org 2006/02/09 10:10:47
+     [sshd.8]
+     - move some text into a CAVEATS section
+     - merge the COMMAND EXECUTION... section into AUTHENTICATION
+   - stevesk@cvs.openbsd.org 2006/02/10 00:27:13
+     [channels.c clientloop.c includes.h misc.c progressmeter.c sftp.c]
+     [ssh.c sshd.c sshpty.c]
+     move #include <sys/ioctl.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/10 01:44:27
+     [includes.h monitor.c readpass.c scp.c serverloop.c session.c]
+     [sftp.c sshconnect.c sshconnect2.c sshd.c]
+     move #include <sys/wait.h> out of includes.h; ok markus@
+   - otto@cvs.openbsd.org 2006/02/11 19:31:18
+     [atomicio.c]
+     type correctness; from Ray Lai in PR 5011; ok millert@
+   - djm@cvs.openbsd.org 2006/02/12 06:45:34
+     [ssh.c ssh_config.5]
+     add a %l expansion code to the ControlPath, which is filled in with the
+     local hostname at runtime. Requested by henning@ to avoid some problems
+     with /home on NFS; ok dtucker@
+   - djm@cvs.openbsd.org 2006/02/12 10:44:18
+     [readconf.c]
+     raise error when the user specifies a RekeyLimit that is smaller than 16
+     (the smallest of our cipher's blocksize) or big enough to cause integer
+     wraparound; ok & feedback dtucker@
+   - jmc@cvs.openbsd.org 2006/02/12 10:49:44
+     [ssh_config.5]
+     slight rewording; ok djm
+   - jmc@cvs.openbsd.org 2006/02/12 10:52:41
+     [sshd.8]
+     rework the description of authorized_keys a little;
+   - jmc@cvs.openbsd.org 2006/02/12 17:57:19
+     [sshd.8]
+     sort the list of options permissable w/ authorized_keys;
+     ok djm dtucker
+   - jmc@cvs.openbsd.org 2006/02/13 10:16:39
+     [sshd.8]
+     no need to subsection the authorized_keys examples - instead, convert
+     this to look like an actual file. also use proto 2 keys, and use IETF
+     example addresses;
+   - jmc@cvs.openbsd.org 2006/02/13 10:21:25
+     [sshd.8]
+     small tweaks for the ssh_known_hosts section;
+   - jmc@cvs.openbsd.org 2006/02/13 11:02:26
+     [sshd.8]
+     turn this into an example ssh_known_hosts file; ok djm
+   - jmc@cvs.openbsd.org 2006/02/13 11:08:43
+     [sshd.8]
+     - avoid nasty line split
+     - `*' does not need to be escaped
+   - jmc@cvs.openbsd.org 2006/02/13 11:27:25
+     [sshd.8]
+     sort FILES and use a -compact list;
+   - david@cvs.openbsd.org 2006/02/15 05:08:24
+     [sftp-client.c]
+     typo in comment; ok djm@
+   - jmc@cvs.openbsd.org 2006/02/15 16:53:20
+     [ssh.1]
+     remove the IETF draft references and replace them with some updated RFCs;
+   - jmc@cvs.openbsd.org 2006/02/15 16:55:33
+     [sshd.8]
+     remove ietf draft references; RFC list now maintained in ssh.1;
+   - jmc@cvs.openbsd.org 2006/02/16 09:05:34
+     [sshd.8]
+     sync some of the FILES entries w/ ssh.1;
+   - jmc@cvs.openbsd.org 2006/02/19 19:52:10
+     [sshd.8]
+     move the sshrc stuff out of FILES, and into its own section:
+     FILES is not a good place to document how stuff works;
+   - jmc@cvs.openbsd.org 2006/02/19 20:02:17
+     [sshd.8]
+     sync the (s)hosts.equiv FILES entries w/ those from ssh.1;
+   - jmc@cvs.openbsd.org 2006/02/19 20:05:00
+     [sshd.8]
+     grammar;
+   - jmc@cvs.openbsd.org 2006/02/19 20:12:25
+     [ssh_config.5]
+     add some vertical space;
+   - stevesk@cvs.openbsd.org 2006/02/20 16:36:15
+     [authfd.c channels.c includes.h session.c ssh-agent.c ssh.c]
+     move #include <sys/un.h> out of includes.h; ok djm@
+   - stevesk@cvs.openbsd.org 2006/02/20 17:02:44
+     [clientloop.c includes.h monitor.c progressmeter.c scp.c]
+     [serverloop.c session.c sftp.c ssh-agent.c ssh.c sshd.c]
+     move #include <signal.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/20 17:19:54
+     [auth-rhosts.c auth-rsa.c auth.c auth2-none.c auth2-pubkey.c]
+     [authfile.c clientloop.c includes.h readconf.c scp.c session.c]
+     [sftp-client.c sftp-common.c sftp-common.h sftp-glob.c]
+     [sftp-server.c sftp.c ssh-add.c ssh-keygen.c ssh.c sshconnect.c]
+     [sshconnect2.c sshd.c sshpty.c]
+     move #include <sys/stat.h> out of includes.h; ok markus@
+   - stevesk@cvs.openbsd.org 2006/02/22 00:04:45
+     [canohost.c clientloop.c includes.h match.c readconf.c scp.c ssh.c]
+     [sshconnect.c]
+     move #include <ctype.h> out of includes.h; ok djm@
+   - jmc@cvs.openbsd.org 2006/02/24 10:25:14
+     [ssh_config.5]
+     add section on patterns;
+     from dtucker + myself
+
+20060313
+ - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)
+   since not all platforms support it.  Instead, use internal equivalent while
+   computing LLONG_MIN and LLONG_MAX.  Remove special case for alpha-dec-osf*
+   as it's no longer required.  Tested by Bernhard Simon, ok djm@
+
+20060304
+ - (dtucker) [contrib/cygwin/ssh-host-config] Require use of lastlog as a
+   file rather than directory, required as Cygwin will be importing lastlog(1).
+   Also tightens up permissions on the file.  Patch from vinschen@redhat.com.
+ - (dtucker) [gss-serv-krb5.c] Bug #1166: Correct #ifdefs for gssapi_krb5.h
+   includes.  Patch from gentoo.riverrat at gmail.com.
+
+20060226
+ - (dtucker) [configure.ac] Bug #1156: QNX apparently needs SSHD_ACQUIRES_CTTY
+   patch from kraai at ftbfs.org.
+
+20060223
+ - (dtucker) [sshd_config sshd_config.5] Update UsePAM to reflect current
+   reality.  Pointed out by tryponraj at gmail.com.
+
+20060222
+ - (dtucker) [openbsd-compat/openssl-compat.{c,h}] Minor tidy up: only
+   compile in compat code if required.
+
+20060221
+ - (dtucker) [openbsd-compat/openssl-compat.h] Prevent warning about
+   redefinition of SSLeay_add_all_algorithms.
+
+20060220
+ - (dtucker) [INSTALL configure.ac openbsd-compat/openssl-compat.{c,h}]
+   Add optional enabling of OpenSSL's (hardware) Engine support, via
+   configure --with-ssl-engine.  Based in part on a diff by michal at
+   logix.cz.
+
+20060219
+ - (dtucker) [Makefile.in configure.ac, added openbsd-compat/regress/]
+   Add first attempt at regress tests for compat library.  ok djm@
+
+20060214
+ - (tim) [buildpkg.sh.in] Make the names consistent.
+   s/pkg_post_make_install_fixes.sh/pkg-post-make-install-fixes.sh/ OK dtucker@
+
+20060212
+ - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Make loop counter unsigned
+   to silence compiler warning, from vinschen at redhat.com.
+ - (tim) [configure.ac] Bug #1149. Disable /etc/default/login check for QNX.
+ - (dtucker) [README version.h contrib/caldera/openssh.spec
+   contrib/redhat/openssh.spec contrib/suse/openssh.spec] Bump version
+   strings to match 4.3p2 release.
+
+20060208
+ - (tim) [session.c] Logout records were not updated on systems with
+   post auth privsep disabled due to bug 1086 changes. Analysis and patch
+   by vinschen at redhat.com. OK tim@, dtucker@.
+ - (dtucker) [configure.ac] Typo in Ultrix and NewsOS sections (NEED_SETPRGP
+   -> NEED_SETPGRP), reported by Bernhard Simon.  ok tim@
+
+20060206
+ - (tim) [configure.ac] Remove unnecessary tests for net/if.h and 
+   netinet/in_systm.h. OK dtucker@.
+
+20060205
+ - (tim) [configure.ac] Add AC_REVISION. Add sys/time.h to lastlog.h test
+   for Solaris. OK dtucker@.
+ - (tim) [configure.ac] Bug #1149. Changes in QNX section only. Patch by
+   kraai at ftbfs.org.
+
+20060203
+ - (tim) [configure.ac] test for egrep (AC_PROG_EGREP) before first
+   AC_CHECK_HEADERS test. Without it, if AC_CHECK_HEADERS is first run
+   by a platform specific check, builtin standard includes tests will be
+   skipped on the other platforms.
+   Analysis and suggestion by vinschen at redhat.com, patch by dtucker@.
+   OK tim@, djm@.
+
+20060202
+ - (dtucker) [configure.ac] Bug #1148: Fix "crippled AES" test so that it
+   works with picky compilers.  Patch from alex.kiernan at thus.net.
+
+20060201
+ - (djm) [regress/test-exec.sh] Try 'logname' as well as 'whoami' to 
+   determine the user's login name - needed for regress tests on Solaris 
+   10 and OpenSolaris
+ - (djm) OpenBSD CVS Sync
+   - jmc@cvs.openbsd.org 2006/02/01 09:06:50
+     [sshd.8]
+     - merge sections on protocols 1 and 2 into a single section
+     - remove configuration file section
+     ok markus
+   - jmc@cvs.openbsd.org 2006/02/01 09:11:41
+     [sshd.8]
+     small tweak;
+ - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+   [contrib/suse/openssh.spec] Update versions ahead of release
+   - markus@cvs.openbsd.org 2006/02/01 11:27:22
+     [version.h]
+     openssh 4.3
+ - (djm) Release OpenSSH 4.3p1
+
 20060131
  - (djm) OpenBSD CVS Sync
    - jmc@cvs.openbsd.org 2006/01/20 11:21:45
@@ -33,6 +290,10 @@
      fix local arbitrary command execution vulnerability on local/local and
      remote/remote copies (CVE-2006-0225, bz #1094), patch by
      t8m AT centrum.cz, polished by dtucker@ and myself; ok markus@
+   - djm@cvs.openbsd.org 2006/01/31 10:35:43
+     [scp.c]
+     "scp a b c" shouldn't clobber "c" when it is not a directory, report and
+     fix from biorn@; ok markus@
  - (djm) Sync regress tests to OpenBSD:
    - dtucker@cvs.openbsd.org 2005/03/10 10:20:39
      [regress/forwarding.sh]
@@ -66,6 +327,9 @@
    - djm@cvs.openbsd.org 2006/01/31 10:23:23
      [scp.sh]
      regression test for CVE-2006-0225 written by dtucker@
+   - djm@cvs.openbsd.org 2006/01/31 10:36:33
+     [scp.sh]
+     regress test for "scp a b c" where "c" is not a directory
 
 20060129
  - (dtucker) [configure.ac opensshd.init.in] Bug #1144: Use /bin/sh for the