X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/8946db533c8ccfd990c2b87288df3acd01fa52ec..48e671d5303c70deea9cde5c1a785882c0501f6e:/ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 39304e24..701bf403 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,9 +1,292 @@
+20000114
+ - Merged OpenBSD IPv6 patch:
+   - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
+     [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
+     [hostfile.c sshd_config]
+     ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
+     features: sshd allows multiple ListenAddress and Port options. note 
+     that libwrap is not IPv6-ready. (based on patches from 
+     fujiwara@rcac.tdi.co.jp)
+   - [ssh.c canohost.c]
+     more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo, 
+     from itojun@
+   - [channels.c]
+     listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
+   - [packet.h]
+     allow auth-kerberos for IPv4 only
+   - [scp.1 sshd.8 servconf.h scp.c]
+     document -4, -6, and 'ssh -L 2022/::1/22'
+   - [ssh.c]
+     'ssh @host' is illegal (null user name), from 
+     karsten@gedankenpolizei.de
+   - [sshconnect.c]
+     better error message
+   - [sshd.c]
+     allow auth-kerberos for IPv4 only
+ - Big IPv6 merge:
+   - Cleanup overrun in sockaddr copying on RHL 6.1
+   - Replacements for getaddrinfo, getnameinfo, etc based on versions
+     from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
+   - Replacement for missing structures on systems that lack IPv6
+   - record_login needed to know about AF_INET6 addresses
+   - Borrowed more code from OpenBSD: rresvport_af and requisites
+
+20000110
+ - Fixes to auth-skey to enable it to use the standard OpenSSL libraries
+
+20000107
+ - New config.sub and config.guess to fix problems on SCO. Supplied
+   by Gary E. Miller <gem@rellim.com>
+ - SCO build fix from Gary E. Miller <gem@rellim.com>
+ - Released 1.2.1pre25
+
+20000106
+ - Documentation update & cleanup
+ - Better KrbIV / AFS detection, based on patch from:
+   Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
+
+20000105
+ - Fixed annoying DES corruption problem. libcrypt has been 
+   overriding symbols in libcrypto. Removed libcrypt and crypt.h
+   altogether (libcrypto includes its own crypt(1) replacement)
+ - Added platform-specific rules for Irix 6.x. Included warning that
+   they are untested.
+
+20000103
+ - Add explicit make rules for files proccessed by fixpaths.
+ - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori  
+   <tnh@kondara.org>
+ - Removed "nullok" directive from default PAM configuration files. 
+   Added information on enabling EmptyPasswords on openssh+PAM in 
+   UPGRADING file.
+ - OpenBSD CVS updates
+   - [ssh-agent.c]
+     cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and 
+     dgaudet@arctic.org
+   - [sshconnect.c]
+     compare correct version for 1.3 compat mode
+
+20000102
+ - Prevent multiple inclusion of config.h and defines.h. Suggested
+   by Andre Lucas <andre.lucas@dial.pipex.com>
+ - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet
+   <dgaudet@arctic.org>
+
+19991231
+ - Fix password support on systems with a mixture of shadowed and 
+   non-shadowed passwords (e.g. NIS). Report and fix from 
+   HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
+ - Fix broken autoconf typedef detection. Report from Marc G. 
+   Fournier <marc.fournier@acadiau.ca>
+ - Fix occasional crash on LinuxPPC. Patch from Franz Sirl
+   <Franz.Sirl-kernel@lauterbach.com>
+ - Prevent typedefs from being compiled more than once. Report from 
+   Marc G. Fournier <marc.fournier@acadiau.ca>
+ - Fill in ut_utaddr utmp field. Report from Benjamin Charron
+   <iretd@bigfoot.com>
+ - Really fix broken default path. Fix from Jim Knoble 
+   <jmknoble@pobox.com>
+ - Remove test for quad_t. No longer needed.
+ - Released 1.2.1pre24
+
+ - Added support for directory-based lastlogs
+ - Really fix typedefs, patch from Ben Taylor <bent@clark.net>
+
+19991230
+ - OpenBSD CVS updates:
+   - [auth-passwd.c]
+     check for NULL 1st
+ - Removed most of the pam code into its own file auth-pam.[ch]. This 
+   cleaned up sshd.c up significantly.
+ - PAM authentication was incorrectly interpreting 
+   "PermitRootLogin without-password". Report from Matthias Andree
+   <ma@dt.e-technik.uni-dortmund.de
+ - Several other cleanups
+ - Merged Dante SOCKS support patch from David Rankin
+  <drankin@bohemians.lexington.ky.us>
+ - Updated documentation with ./configure options
+ - Released 1.2.1pre23
+
+19991229
+ - Applied another NetBSD portability patch from David Rankin 
+   <drankin@bohemians.lexington.ky.us>
+ - Fix --with-default-path option.
+ - Autodetect perl, patch from David Rankin 
+   <drankin@bohemians.lexington.ky.us>
+ - Print whether OpenSSH was compiled with RSARef, patch from 
+   Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
+ - Calls to pam_setcred, patch from Nalin Dahyabhai 
+   <nalin@thermo.stat.ncsu.edu>
+ - Detect missing size_t and typedef it.
+ - Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
+ - Minor Makefile cleaning
+
+19991228
+ - Replacement for getpagesize() for systems which lack it
+ - NetBSD login.c compile fix from David Rankin 
+  <drankin@bohemians.lexington.ky.us>
+ - Fully set ut_tv if present in utmp or utmpx
+ - Portability fixes for Irix 5.3 (now compiles OK!)
+ - autoconf and other misc cleanups
+ - Merged AIX patch from Darren Hall <dhall@virage.org>
+ - Cleaned up defines.h
+ - Released 1.2.1pre22
+
+19991227
+ - Automatically correct paths in manpages and configuration files. Patch
+   and script from Andre Lucas <andre.lucas@dial.pipex.com>
+ - Removed credits from README to CREDITS file, updated.
+ - Added --with-default-path to specify custom path for server
+ - Removed #ifdef trickery from acconfig.h into defines.h
+ - PAM bugfix. PermitEmptyPassword was being ignored.
+ - Fixed PAM config files to allow empty passwords if server does.
+ - Explained spurious PAM auth warning workaround in UPGRADING
+ - Use last few chars of tty line as ut_id
+ - New SuSE RPM spec file from Chris Saia <csaia@wtower.com>
+ - OpenBSD CVS updates:
+   - [packet.h auth-rhosts.c]
+     check format string for packet_disconnect and packet_send_debug, too
+   - [channels.c]
+     use packet_get_maxsize for channels. consistence.
+
+19991226
+ - Enabled utmpx support by default for Solaris
+ - Cleanup sshd.c PAM a little more
+ - Revised RPM package to include Jim Knoble's <jmknoble@pobox.com>
+   X11 ssh-askpass program.
+ - Disable logging of PAM success and failures, PAM is verbose enough.
+   Unfortunatly there is currently no way to disable auth failure 
+   messages. Mention this in UPGRADING file and sent message to PAM 
+   developers
+ - OpenBSD CVS update:
+   - [ssh-keygen.1 ssh.1]
+     remove ref to .ssh/random_seed, mention .ssh/environment in 
+     .Sh FILES, too
+ - Released 1.2.1pre21
+ - Fixed implicit '.' in default path, report from Jim Knoble 
+   <jmknoble@pobox.com>
+ - Redhat RPM spec fixes from Jim Knoble <jmknoble@pobox.com>
+
+19991225
+ - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
+ - Cleanup of auth-passwd.c for shadow and MD5 passwords
+ - Cleanup and bugfix of PAM authentication code
+ - Released 1.2.1pre20
+
+ - Merged fixes from Ben Taylor <bent@clark.net>
+ - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
+ - Disabled logging of PAM password authentication failures when password
+   is empty. (e.g start of authentication loop). Reported by Naz
+   <96na@eng.cam.ac.uk>)
+
+19991223
+ - Merged later HPUX patch from Andre Lucas 
+   <andre.lucas@dial.pipex.com>
+ - Above patch included better utmpx support from Ben Taylor
+   <bent@clark.net>
+
+19991222
+ - Fix undefined fd_set type in ssh.h from Povl H. Pedersen 
+   <pope@netguide.dk>
+ - Fix login.c breakage on systems which lack ut_host in struct
+   utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
+
+19991221
+ - Integration of large HPUX patch from Andre Lucas 
+   <andre.lucas@dial.pipex.com>. Integrating it had a few other 
+   benefits:
+   - Ability to disable shadow passwords at configure time
+   - Ability to disable lastlog support at configure time
+   - Support for IP address in $DISPLAY
+ - OpenBSD CVS update:
+   - [sshconnect.c]
+   say "REMOTE HOST IDENTIFICATION HAS CHANGED"
+ - Fix DISABLE_SHADOW support
+ - Allow MD5 passwords even if shadow passwords are disabled
+ - Release 1.2.1pre19
+
+19991218
+ - Redhat init script patch from Chun-Chung Chen 
+   <cjj@u.washington.edu>
+ - Avoid breakage on systems without IPv6 headers
+
+19991216
+ - Makefile changes for Solaris from Peter Kocks 
+   <peter.kocks@baygate.com>
+ - Minor updates to docs
+ - Merged OpenBSD CVS changes:
+   - [authfd.c ssh-agent.c]
+     keysize warnings talk about identity files
+   - [packet.c]
+     "Connection closed by x.x.x.x": fatal() -> log()
+ - Correctly handle empty passwords in shadow file. Patch from: 
+   "Chris, the Young One" <cky@pobox.com>
+ - Released 1.2.1pre18
+
+19991215
+ - Integrated patchs from Juergen Keil <jk@tools.de>
+   - Avoid void* pointer arithmatic
+   - Use LDFLAGS correctly
+   - Fix SIGIO error in scp
+   - Simplify status line printing in scp
+ - Added better test for inline functions compiler support from  
+   Darren_Hall@progressive.com
+
+19991214
+ - OpenBSD CVS Changes
+   - [canohost.c]
+     fix get_remote_port() and friends for sshd -i; 
+     Holger.Trapp@Informatik.TU-Chemnitz.DE
+   - [mpaux.c]
+     make code simpler. no need for memcpy. niels@ ok
+   - [pty.c]
+     namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org
+     fix proto; markus
+   - [ssh.1]
+      typo; mark.baushke@solipsa.com
+   - [channels.c ssh.c ssh.h sshd.c]
+     type conflict for 'extern Type *options' in channels.c; dot@dotat.at
+   - [sshconnect.c]
+     move checking of hostkey into own function.
+   - [version.h]
+     OpenSSH-1.2.1
+ - Clean up broken includes in pty.c
+ - Some older systems don't have poll.h, they use sys/poll.h instead
+ - Doc updates
+
+19991211
+ - Fix compilation on systems with AFS. Reported by 
+   aloomis@glue.umd.edu
+ - Fix installation on Solaris. Reported by 
+   Gordon Rowell <gordonr@gormand.com.au>
+ - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
+   patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
+ - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
+ - Compile fix from David Agraz <dagraz@jahoopa.com>
+ - Avoid compiler warning in bsd-snprintf.c
+ - Added pam_limits.so to default PAM config. Suggested by 
+   Jim Knoble <jmknoble@pobox.com>
+
 19991209
  - Import of patch from Ben Taylor <bent@clark.net>:
    - Improved PAM support
    - "uninstall" rule for Makefile
    - utmpx support
    - Should fix PAM problems on Solaris
+ - OpenBSD CVS updates:
+   - [readpass.c]
+     avoid stdio; based on work by markus, millert, and I
+   - [sshd.c]
+     make sure the client selects a supported cipher
+   - [sshd.c]
+     fix sighup handling.  accept would just restart and daemon handled 
+     sighup only after the next connection was accepted. use poll on 
+     listen sock now.
+   - [sshd.c]
+     make that a fatal
+ - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us>
+   to fix libwrap support on NetBSD
+ - Released 1.2pre17
 
 19991208
  - Compile fix for Solaris with /dev/ptmx from 
@@ -338,7 +621,8 @@
    - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
    - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
  - Fix integer overflow which was messing up scp's progress bar for large 
-   file transfers. Fix submitted to OpenBSD developers.
+   file transfers. Fix submitted to OpenBSD developers. Report and fix
+   from Kees Cook <cook@cpoint.net>
  - Merged more OpenBSD CVS changes:
    - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal() 
      + krb-cleanup cleanup