X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/a10be3577c6c176279221a2cb133d9e09545aa66..135113a3d273ffea30b1867a23e9252965d3f494:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 6342594c..5c31b058 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,106 @@ +20020122 + - (djm) autoconf hacking: + - We don't support --without-zlib currently, so don't allow it. + - Rework cryptographic random number support detection. We now detect + whether OpenSSL seeds itself. If it does, then we don't bother with + the ssh-rand-helper program. You can force the use of ssh-rand-helper + using the --with-rand-helper configure argument + - Simplify and clean up ssh-rand-helper configuration + - Add OpenSSL sanity check: verify that header version matches version + reported by library + - (djm) Fix some bugs I introduced into ssh-rand-helper yesterday + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2001/12/21 08:52:22 + [ssh-keygen.1 ssh-keygen.c] + Remove default (rsa1) key type; ok markus@ + - djm@cvs.openbsd.org 2001/12/21 08:53:45 + [readpass.c] + Avoid interruptable passphrase read; ok markus@ + - djm@cvs.openbsd.org 2001/12/21 10:06:43 + [ssh-add.1 ssh-add.c] + Try all standard key files (id_rsa, id_dsa, identity) when invoked with + no arguments; ok markus@ + - markus@cvs.openbsd.org 2001/12/21 12:17:33 + [serverloop.c] + remove ifdef for USE_PIPES since fdin != fdout; ok djm@ + - deraadt@cvs.openbsd.org 2001/12/24 07:29:43 + [ssh-add.c] + try all listed keys.. how did this get broken? + - markus@cvs.openbsd.org 2001/12/25 18:49:56 + [key.c] + be more careful on allocation + - markus@cvs.openbsd.org 2001/12/25 18:53:00 + [auth1.c] + be more carefull on allocation + - markus@cvs.openbsd.org 2001/12/27 18:10:29 + [ssh-keygen.c] + -t is only needed for key generation (unbreaks -i, -e, etc). + - markus@cvs.openbsd.org 2001/12/27 18:22:16 + [auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c] + [scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c] + call fatal() for openssl allocation failures + - stevesk@cvs.openbsd.org 2001/12/27 18:22:53 + [sshd.8] + clarify -p; ok markus@ + +20020121 + - (djm) Rework ssh-rand-helper: + - Reduce quantity of ifdef code, in preparation for ssh_rand_conf + - Always seed from system calls, even when doing PRNGd seeding + - Tidy and comment #define knobs + - Remove unused facility for multiple runs through command list + - KNF, cleanup, update copyright + +20020114 + - (djm) Bug #50 - make autoconf entropy path checks more robust + +20020108 + - (djm) Merge Cygwin copy_environment with do_pam_environment, removing + fixed env var size limit in the process. Report from Corinna Vinschen + + - (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. does + not depend on transition links. from Lutz Jaenicke. + +20020106 + - (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u" + for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u". + +20020105 + - (bal) NCR requies use_pipes to operate correctly. + - (stevesk) fix spurious ; from NCR change. + +20020103 + - (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from + Roger Cornelius + +20011229 + - (djm) Apply Cygwin pointer deref fix from Corinna Vinschen + Could be abused to guess valid usernames + - (djm) Typo in contrib/cygwin/README Fix from Corinna Vinschen + + +20011228 + - (djm) Remove recommendation to use GNU make, we should support most + make programs. + +20011225 + - (stevesk) [Makefile.in ssh-rand-helper.c] + portable lib and __progname support for ssh-rand-helper; ok djm@ + +20011223 + - (bal) Removed contrib/chroot.diff and noted in contrib/README that it + was not being maintained. + +20011222 + - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from + solar@openwall.com + - (djm) Rework entropy code. If the OpenSSL PRNG is has not been + internally seeded, execute a subprogram "ssh-rand-helper" to obtain + some entropy for us. Rewrite the old in-process entropy collecter as + an example ssh-rand-helper. + - (djm) Always perform ssh_prng_cmds path lookups in configure, even if + we don't end up using ssh_prng_cmds (so we always get a valid file) + 20011221 - (djm) Add option to gnome-ssh-askpass to stop it from grabbing the X server. I have found this necessary to avoid server hangs with X input @@ -44,6 +147,20 @@ to the pipe on SIGCHLD wakes up select(). using pselect() is not portable and siglongjmp() ugly. W. R. Stevens suggests similar solution. initial idea by pmenage@ensim.com; ok deraadt@, djm@ + - stevesk@cvs.openbsd.org 2001/12/19 17:16:13 + [authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c] + change the buffer/packet interface to use void* vs. char*; ok markus@ + - markus@cvs.openbsd.org 2001/12/20 16:37:29 + [channels.c channels.h session.c] + setup x11 listen socket for just one connect if the client requests so. + (v2 only, but the openssh client does not support this feature). + - djm@cvs.openbsd.org 2001/12/20 22:50:24 + [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c] + [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c] + [sshconnect2.c] + Conformance fix: we should send failing packet sequence number when + responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by + yakk@yakk.dot.net; ok markus@ 20011219 - (stevesk) OpenBSD CVS sync X11 localhost display