X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/578d2b99b26cf425bf28310d57b61fef7affc75b..e07335e2b6b82e8af62ee5f4e917e2f9e93b9ed9:/ChangeLog

diff --git a/ChangeLog b/ChangeLog
index fdc63f85..9fa65236 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,190 @@
+20060818
+ - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Resync with
+   closefrom.c from sudo.
+ - (dtucker) [openbsd-compat/bsd-closefrom.c] Comment out rcsid.
+ - (dtucker) [openbsd-compat/regress/snprintftest.c] Newline on error.
+ - (dtucker) [openbsd-compat/regress/Makefile.in] Use implicit rules for the
+   test progs instead; they work better than what we have.
+ - (djm) OpenBSD CVS Sync
+   - stevesk@cvs.openbsd.org 2006/08/06 01:13:32
+     [compress.c monitor.c monitor_wrap.c]
+     "zlib.h" can be <zlib.h>; ok djm@ markus@
+   - miod@cvs.openbsd.org 2006/08/12 20:46:46
+     [monitor.c monitor_wrap.c]
+     Revert previous include file ordering change, for ssh to compile under
+     gcc2 (or until openssl include files are cleaned of parameter names
+     in function prototypes)
+   - dtucker@cvs.openbsd.org 2006/08/14 12:40:25
+     [servconf.c servconf.h sshd_config.5]
+     Add ability to match groups to Match keyword in sshd_config.  Feedback
+     djm@, stevesk@, ok stevesk@.
+   - djm@cvs.openbsd.org 2006/08/16 11:47:15
+     [sshd.c]
+     factor inetd connection, TCP listen and main TCP accept loop out of
+     main() into separate functions to improve readability; ok markus@
+
+20060817
+ - (dtucker) [openbsd-compat/fake-rfc2553.c openbsd-compat/setproctitle.c]
+   Include stdlib.h for malloc and friends.
+ - (dtucker) [configure.ac openbsd-compat/bsd-closefrom.c] Use F_CLOSEM fcntl
+   for closefrom() on AIX.  Pointed out by William Ahern.
+ - (dtucker) [openbsd-compat/regress/{Makefile.in,closefromtest.c}] Regress
+   test for closefrom() in compat code.
+
+20060816
+ - (djm) [audit-bsm.c] Sprinkle in some headers
+
+20060815
+ - (dtucker) [LICENCE] Add Reyk to the list for the compat dir.
+
+20060806
+ - (djm) [openbsd-compat/bsd-getpeereid.c] Add some headers to quiet warnings
+   on Solaris 10
+
+20060806
+ - (dtucker) [defines.h] With the includes.h changes we no longer get the
+   name clash on "YES" so we can remove the workaround for it.
+ - (dtucker) [openbsd-compat/{bsd-asprintf.c,bsd-openpty.c,bsd-snprintf.c,
+   glob.c}] Include stdlib.h for malloc and friends in compat code.
+
+20060805
+ - (djm) OpenBSD CVS Sync
+   - stevesk@cvs.openbsd.org 2006/07/24 13:58:22
+     [sshconnect.c]
+     disable tunnel forwarding when no strict host key checking
+     and key changed; ok djm@ markus@ dtucker@
+   - stevesk@cvs.openbsd.org 2006/07/25 02:01:34
+     [scard.c]
+     need #include <string.h>
+   - stevesk@cvs.openbsd.org 2006/07/25 02:59:21
+     [channels.c clientloop.c packet.c scp.c serverloop.c sftp-client.c]
+     [sftp-server.c ssh-agent.c ssh-keyscan.c sshconnect.c sshd.c]
+     move #include <sys/time.h> out of includes.h
+   - stevesk@cvs.openbsd.org 2006/07/26 02:35:17
+     [atomicio.c auth.c dh.c authfile.c buffer.c clientloop.c kex.c]
+     [groupaccess.c gss-genr.c kexgexs.c misc.c monitor.c monitor_mm.c]
+     [packet.c scp.c serverloop.c session.c sftp-client.c sftp-common.c]
+     [sftp-server.c sftp.c ssh-add.c ssh-agent.c ssh-keygen.c sshlogin.c]
+     [uidswap.c xmalloc.c]
+     move #include <sys/param.h> out of includes.h
+   - stevesk@cvs.openbsd.org 2006/07/26 13:57:17
+     [authfd.c authfile.c dh.c canohost.c channels.c clientloop.c compat.c]
+     [hostfile.c kex.c log.c misc.c moduli.c monitor.c packet.c readpass.c]
+     [scp.c servconf.c session.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
+     [ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh.c sshconnect.c]
+     [sshconnect1.c sshd.c xmalloc.c]
+     move #include <stdlib.h> out of includes.h
+   - jmc@cvs.openbsd.org 2006/07/27 08:00:50
+     [ssh_config.5]
+     avoid confusing wording in HashKnownHosts:
+     originally spotted by alan amesbury;
+     ok deraadt
+   - jmc@cvs.openbsd.org 2006/07/27 08:00:50
+     [ssh_config.5]
+     avoid confusing wording in HashKnownHosts:
+     originally spotted by alan amesbury;
+     ok deraadt
+   - dtucker@cvs.openbsd.org 2006/08/01 11:34:36
+     [sshconnect.c]
+     Allow fallback to known_hosts entries without port qualifiers for
+     non-standard ports too, so that all existing known_hosts entries will be
+     recognised.  Requested by, feedback and ok markus@
+   - stevesk@cvs.openbsd.org 2006/08/01 23:22:48
+     [auth-passwd.c auth-rhosts.c auth-rsa.c auth.c auth.h auth1.c]
+     [auth2-chall.c auth2-pubkey.c authfile.c buffer.c canohost.c]
+     [channels.c clientloop.c dh.c dns.c dns.h hostfile.c kex.c kexdhc.c]
+     [kexgexc.c kexgexs.c key.c key.h log.c misc.c misc.h moduli.c]
+     [monitor_wrap.c packet.c progressmeter.c readconf.c readpass.c scp.c]
+     [servconf.c session.c sftp-client.c sftp-common.c sftp-server.c sftp.c]
+     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keyscan.c ssh.c sshconnect.c]
+     [sshconnect1.c sshconnect2.c sshd.c sshlogin.c sshtty.c uuencode.c]
+     [uuencode.h xmalloc.c]
+     move #include <stdio.h> out of includes.h
+   - stevesk@cvs.openbsd.org 2006/08/01 23:36:12
+     [authfile.c channels.c progressmeter.c scard.c servconf.c ssh.c]
+     clean extra spaces
+   - deraadt@cvs.openbsd.org 2006/08/03 03:34:42
+     [OVERVIEW atomicio.c atomicio.h auth-bsdauth.c auth-chall.c auth-krb5.c]
+     [auth-options.c auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
+     [auth-rsa.c auth-skey.c auth.c auth.h auth1.c auth2-chall.c auth2-gss.c]
+     [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c ]
+     [auth2-pubkey.c auth2.c authfd.c authfd.h authfile.c bufaux.c bufbn.c]
+     [buffer.c buffer.h canohost.c channels.c channels.h cipher-3des1.c]
+     [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c]
+     [compress.c deattack.c dh.c dispatch.c dns.c dns.h fatal.c groupaccess.c]
+     [groupaccess.h gss-genr.c gss-serv-krb5.c gss-serv.c hostfile.c kex.c]
+     [kex.h kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c]
+     [key.h log.c log.h mac.c match.c md-sha256.c misc.c misc.h moduli.c]
+     [monitor.c monitor_fdpass.c monitor_mm.c monitor_mm.h monitor_wrap.c]
+     [monitor_wrap.h msg.c nchan.c packet.c progressmeter.c readconf.c]
+     [readconf.h readpass.c rsa.c scard.c scard.h scp.c servconf.c servconf.h]
+     [serverloop.c session.c session.h sftp-client.c sftp-common.c]
+     [sftp-common.h sftp-glob.c sftp-server.c sftp.c ssh-add.c ssh-agent.c]
+     [ssh-dss.c ssh-gss.h ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rsa.c]
+     [ssh.c ssh.h sshconnect.c sshconnect.h sshconnect1.c sshconnect2.c]
+     [sshd.c sshlogin.c sshlogin.h sshpty.c sshpty.h sshtty.c ttymodes.c]
+     [uidswap.c uidswap.h uuencode.c uuencode.h xmalloc.c xmalloc.h]
+     [loginrec.c loginrec.h openbsd-compat/port-aix.c openbsd-compat/port-tun.h]
+     almost entirely get rid of the culture of ".h files that include .h files"
+     ok djm, sort of ok stevesk
+     makes the pain stop in one easy step
+     NB. portable commit contains everything *except* removing includes.h, as
+     that will take a fair bit more work as we move headers that are required
+     for portability workarounds to defines.h. (also, this step wasn't "easy")
+   - stevesk@cvs.openbsd.org 2006/08/04 20:46:05
+     [monitor.c session.c ssh-agent.c]
+     spaces
+ - (djm) [auth-pam.c defines.h] Move PAM related bits to auth-pam.c
+ - (djm) [auth-pam.c auth.c bufaux.h entropy.c openbsd-compat/port-tun.c]
+   remove last traces of bufaux.h - it was merged into buffer.h in the big
+   includes.h commit
+ - (djm) [auth.c loginrec.c] Missing netinet/in.h for loginrec
+ - (djm) [openbsd-compat/regress/snprintftest.c]
+   [openbsd-compat/regress/strduptest.c] Add missing includes so they pass
+   compilation with "-Wall -Werror"
+ - (djm) [auth-pam.c auth-shadow.c auth2-none.c cleanup.c sshd.c]
+   [openbsd-compat/port-tun.c openbsd-compat/port-tun.h] Sprinkle more
+   includes for Linux in
+ - (dtucker) [cleanup.c] Need defines.h for __dead.
+ - (dtucker) [auth2-gss.c] We still need the #ifdef GSSAPI in -portable.
+ - (dtucker) [openbsd-compat/{bsd-arc4random.c,port-tun.c,xmmap.c}] Lots of
+   #include stdarg.h, needed for log.h.
+ - (dtucker) [entropy.c] Needs unistd.h too.
+ - (dtucker) [ssh-rand-helper.c] Needs stdarg.h for log.h.
+ - (dtucker) [openbsd-compat/getrrsetbyname.c] Nees stdlib.h for malloc.
+ - (dtucker) [openbsd-compat/strtonum.c] Include stdlib.h for strtoll,
+   otherwise it is implicitly declared as returning an int.
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2006/08/05 07:52:52
+     [auth2-none.c sshd.c monitor_wrap.c]
+     Add headers required to build with KERBEROS5=no.  ok djm@
+   - dtucker@cvs.openbsd.org 2006/08/05 08:00:33
+     [auth-skey.c]
+     Add headers required to build with -DSKEY.  ok djm@
+   - dtucker@cvs.openbsd.org 2006/08/05 08:28:24
+     [monitor_wrap.c auth-skey.c auth2-chall.c]
+     Zap unused variables in -DSKEY code.  ok djm@
+   - dtucker@cvs.openbsd.org 2006/08/05 08:34:04
+     [packet.c]
+     Typo in comment
+ - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Add headers required to compile
+   on Cygwin.
+ - (dtucker) [openbsd-compat/fake-rfc2553.c] Add headers needed for inet_ntoa.
+ - (dtucker) [auth-skey.c] monitor_wrap.h needs ssh-gss.h.
+ - (dtucker) [audit.c audit.h] Repair headers.
+ - (dtucker) [audit-bsm.c] Add additional headers now required.
+
+20060804
+ - (dtucker) [configure.ac] The "crippled AES" test does not work on recent
+   versions of Solaris, so use AC_LINK_IFELSE to actually link the test program
+   rather than just compiling it.  Spotted by dlg@.
+
+20060802
+ - (dtucker) [openbsd-compat/daemon.c] Add unistd.h for fork() prototype.
+
+20060725
+ - (dtucker) [openbsd-compat/xmmap.c] Need fcntl.h for O_RDRW.
+
 20060724
  - (djm) OpenBSD CVS Sync
    - jmc@cvs.openbsd.org 2006/07/12 13:39:55
@@ -43,6 +230,101 @@
    - jmc@cvs.openbsd.org 2006/07/18 07:56:28
      [scp.1]
      replace DIAGNOSTICS with .Ex;
+   - jmc@cvs.openbsd.org 2006/07/18 08:03:09
+     [ssh-agent.1 sshd_config.5]
+     mark up angle brackets;
+   - dtucker@cvs.openbsd.org 2006/07/18 08:22:23
+     [sshd_config.5]
+     Clarify description of Match, with minor correction from jmc@
+   - stevesk@cvs.openbsd.org 2006/07/18 22:27:55
+     [dh.c]
+     remove unneeded includes; ok djm@
+   - dtucker@cvs.openbsd.org 2006/07/19 08:56:41
+     [servconf.c sshd_config.5]
+     Add support for X11Forwaring, X11DisplayOffset and X11UseLocalhost to
+     Match.  ok djm@
+   - dtucker@cvs.openbsd.org 2006/07/19 13:07:10
+     [servconf.c servconf.h session.c sshd.8 sshd_config sshd_config.5]
+     Add ForceCommand keyword to sshd_config, equivalent to the "command="
+     key option, man page entry and example in sshd_config.
+     Feedback & ok djm@, man page corrections & ok jmc@
+   - stevesk@cvs.openbsd.org 2006/07/20 15:26:15
+     [auth1.c serverloop.c session.c sshconnect2.c]
+     missed some needed #include <unistd.h> when KERBEROS5=no; issue from
+     massimo@cedoc.mo.it
+   - dtucker@cvs.openbsd.org 2006/07/21 12:43:36
+     [channels.c channels.h servconf.c servconf.h sshd_config.5]
+     Make PermitOpen take a list of permitted ports and act more like most
+     other keywords (ie the first match is the effective setting). This
+     also makes it easier to override a previously set PermitOpen. ok djm@
+   - stevesk@cvs.openbsd.org 2006/07/21 21:13:30
+     [channels.c]
+     more ARGSUSED (lint) for dispatch table-driven functions; ok djm@
+   - stevesk@cvs.openbsd.org 2006/07/21 21:26:55
+     [progressmeter.c]
+     ARGSUSED for signal handler
+   - stevesk@cvs.openbsd.org 2006/07/22 19:08:54
+     [includes.h moduli.c progressmeter.c scp.c sftp-common.c]
+     [sftp-server.c ssh-agent.c sshlogin.c]
+     move #include <time.h> out of includes.h
+   - stevesk@cvs.openbsd.org 2006/07/22 20:48:23
+     [atomicio.c auth-options.c auth-passwd.c auth-rhosts.c auth-rsa.c]
+     [auth.c auth1.c auth2-chall.c auth2-hostbased.c auth2-passwd.c auth2.c]
+     [authfd.c authfile.c bufaux.c bufbn.c buffer.c canohost.c channels.c]
+     [cipher-3des1.c cipher-bf1.c cipher-ctr.c cipher.c clientloop.c]
+     [compat.c deattack.c dh.c dns.c gss-genr.c gss-serv.c hostfile.c]
+     [includes.h kex.c kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c log.c]
+     [mac.c match.c md-sha256.c misc.c moduli.c monitor.c monitor_fdpass.c]
+     [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c rsa.c]
+     [progressmeter.c readconf.c readpass.c scp.c servconf.c serverloop.c]
+     [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c sftp.c]
+     [ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c]
+     [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c sshconnect2.c]
+     [sshd.c sshlogin.c sshpty.c ttymodes.c uidswap.c xmalloc.c]
+     move #include <string.h> out of includes.h
+   - stevesk@cvs.openbsd.org 2006/07/23 01:11:05
+     [auth.h dispatch.c kex.h sftp-client.c]
+     #include <signal.h> for sig_atomic_t; need this prior to <sys/param.h>
+     move
+ - (djm) [acss.c auth-krb5.c auth-options.c auth-pam.c auth-shadow.c]
+   [canohost.c channels.c cipher-acss.c defines.h dns.c gss-genr.c]
+   [gss-serv-krb5.c gss-serv.c log.h loginrec.c logintest.c readconf.c]
+   [servconf.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c ssh-rand-helper.c]
+   [ssh.c sshconnect.c sshd.c openbsd-compat/bindresvport.c]
+   [openbsd-compat/bsd-arc4random.c openbsd-compat/bsd-misc.c]
+   [openbsd-compat/getrrsetbyname.c openbsd-compat/glob.c]
+   [openbsd-compat/mktemp.c openbsd-compat/port-linux.c]
+   [openbsd-compat/port-tun.c openbsd-compat/readpassphrase.c]
+   [openbsd-compat/setproctitle.c openbsd-compat/xmmap.c]
+   make the portable tree compile again - sprinkle unistd.h and string.h 
+   back in. Don't redefine __unused, as it turned out to be used in
+   headers on Linux, and replace its use in auth-pam.c with ARGSUSED
+ - (djm) [openbsd-compat/glob.c]
+   Move get_arg_max() into the ifdef HAVE_GLOB block so that it compiles
+   on OpenBSD (or other platforms with a decent glob implementation) with
+   -Werror
+ - (djm) [uuencode.c]
+   Add resolv.h, is it contains the prototypes for __b64_ntop/__b64_pton on
+   some platforms
+ - (djm) [session.c]
+   fix compile error with -Werror -Wall: 'path' is only used in
+   do_setup_env() if HAVE_LOGIN_CAP is not defined
+ - (djm) [openbsd-compat/basename.c openbsd-compat/bsd-closefrom.c]
+   [openbsd-compat/bsd-cray.c openbsd-compat/bsd-openpty.c]
+   [openbsd-compat/bsd-snprintf.c openbsd-compat/fake-rfc2553.c]
+   [openbsd-compat/port-aix.c openbsd-compat/port-irix.c]
+   [openbsd-compat/rresvport.c]
+   These look to need string.h and/or unistd.h (based on a grep for function
+   names)
+ - (djm) [Makefile.in]
+   Remove generated openbsd-compat/regress/Makefile in distclean target
+ - (djm) [regress/Makefile regress/agent-getpeereid.sh regress/cfgmatch.sh]
+   [regress/cipher-speed.sh regress/forcecommand.sh regress/forwarding.sh]
+   Sync regress tests to -current; include dtucker@'s new cfgmatch and 
+   forcecommand tests. Add cipher-speed.sh test (not linked in yet)
+ - (dtucker) [cleanup.c] Since config.h defines _LARGE_FILES on AIX, including
+   system headers before defines.h will cause conflicting definitions.
+ - (dtucker) [regress/forcecommand.sh] Portablize.
 
 20060713
  - (dtucker) [auth-krb5.c auth-pam.c] Still more errno.h