X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/b655d28cbe101260c41e539ee6156eb3be8c6bd9..d740ec16d235be70918ab2538588f982c295ae12:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 0907dc55..e5e01cdc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,256 @@ +20040524 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2004/05/19 12:17:33 + [sftp-client.c sftp.c] + gracefully abort transfers on receipt of SIGINT, also ignore SIGINT while + waiting for a command; ok markus@ + - dtucker@cvs.openbsd.org 2004/05/20 10:58:05 + [clientloop.c] + Trivial type fix 0 -> '\0'; ok markus@ + - markus@cvs.openbsd.org 2004/05/21 08:43:03 + [kex.h moduli.c tildexpand.c] + add prototypes for -Wall; ok djm + - djm@cvs.openbsd.org 2004/05/21 11:33:11 + [channels.c channels.h clientloop.c serverloop.c ssh.1] + bz #756: add support for the cancel-tcpip-forward request for the server and + the client (through the ~C commandline). reported by z3p AT twistedmatrix.com; + ok markus@ + +20040523 + - (djm) [sshd_config] Explain consequences of UsePAM=yes a little better in + sshd_config; ok dtucker@ + - (djm) [configure.ac] Warn if the system has no known way of figuring out + which user is on the other end of a Unix domain socket; ok dtucker@ + - (bal) [openbsd-compat/sys-queue.h] Reintroduce machinary to handle + old/broken/incomplete . + +20040513 + - (dtucker) [configure.ac] Bug #867: Additional tests for res_query in + libresolv, fixes problems detecting it on some platforms + (eg Linux/x86-64). From Kurt Roeckx via Debian, ok mouring@ + - (dtucker) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2004/05/04 18:36:07 + [scp.1] + SendEnv here too; + - jmc@cvs.openbsd.org 2004/05/06 11:24:23 + [ssh_config.5] + typo from John Cosimano (PR 3770); + - deraadt@cvs.openbsd.org 2004/05/08 00:01:37 + [auth.c clientloop.c misc.h servconf.c ssh.c sshpty.h sshtty.c + tildexpand.c], removed: sshtty.h tildexpand.h + make two tiny header files go away; djm ok + - djm@cvs.openbsd.org 2004/05/08 00:21:31 + [clientloop.c misc.h readpass.c scard.c ssh-add.c ssh-agent.c ssh-keygen.c + sshconnect.c sshconnect1.c sshconnect2.c] removed: readpass.h + kill a tiny header; ok deraadt@ + - djm@cvs.openbsd.org 2004/05/09 00:06:47 + [moduli.c ssh-keygen.c] removed: moduli.h + zap another tiny header; ok deraadt@ + - djm@cvs.openbsd.org 2004/05/09 01:19:28 + [OVERVIEW auth-rsa.c auth1.c kex.c monitor.c session.c sshconnect1.c + sshd.c] removed: mpaux.c mpaux.h + kill some more tiny files; ok deraadt@ + - djm@cvs.openbsd.org 2004/05/09 01:26:48 + [kex.c] + don't overwrite what we are trying to compute + - deraadt@cvs.openbsd.org 2004/05/11 19:01:43 + [auth.c auth2-none.c authfile.c channels.c monitor.c monitor_mm.c + packet.c packet.h progressmeter.c session.c openbsd-compat/xmmap.c] + improve some code lint did not like; djm millert ok + - dtucker@cvs.openbsd.org 2004/05/13 02:47:50 + [ssh-agent.1] + Add examples to ssh-agent.1, bz#481 from Ralf Hauser; ok deraadt@ + - (dtucker) [sshd.8] Bug #843: Add warning about PasswordAuthentication to + UsePAM section. Parts from djm@ and jmc@. + - (dtucker) [auth-pam.c scard-opensc.c] Tinderbox says auth-pam.c uses + readpass.h, grep says scard-opensc.c does too. Replace with misc.h. + - (dtucker) [openbsd-compat/getrrsetbyname.c] Check that HAVE_DECL_H_ERROR + is defined before using. + - (dtucker) [openbsd-compat/getrrsetbyname.c] Fix typo too: HAVE_DECL_H_ERROR + -> HAVE_DECL_H_ERRNO. + +20040502 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2004/04/22 11:56:57 + [moduli.c] + Bugzilla #850: Sophie Germain is the correct name of the French + mathematician, "Sophie Germaine" isn't; from Luc.Maisonobe@c-s.fr + - djm@cvs.openbsd.org 2004/04/27 09:46:37 + [readconf.c readconf.h servconf.c servconf.h session.c session.h ssh.c + ssh_config.5 sshd_config.5] + bz #815: implement ability to pass specified environment variables from + the client to the server; ok markus@ + - djm@cvs.openbsd.org 2004/04/28 05:17:10 + [ssh_config.5 sshd_config.5] + manpage fixes in envpass stuff from Brian Poole (raj AT cerias.purdue.edu) + - jmc@cvs.openbsd.org 2004/04/28 07:02:56 + [sshd_config.5] + remove unnecessary .Pp; + - jmc@cvs.openbsd.org 2004/04/28 07:13:42 + [sftp.1 ssh.1] + add SendEnv to -o list; + - dtucker@cvs.openbsd.org 2004/05/02 11:54:31 + [sshd.8] + Man page grammar fix (bz #858), from damerell at chiark.greenend.org.uk + via Debian; ok djm@ + - dtucker@cvs.openbsd.org 2004/05/02 11:57:52 + [ssh.1] + ConnectionTimeout -> ConnectTimeout, from m.a.ellis at ncl.ac.uk via + Debian. ok djm@ + - dtucker@cvs.openbsd.org 2004/05/02 23:02:17 + [sftp.1] + ConnectionTimeout -> ConnectTimeout here too, pointed out by jmc@ + - dtucker@cvs.openbsd.org 2004/05/02 23:17:51 + [scp.1] + ConnectionTimeout -> ConnectTimeout for scp.1 too. + +20040423 + - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Declare h_errno + as extern int if not already declared. Fixes compile errors on old SCO + platforms. ok tim@ + - (dtucker) [README.platform] List prereqs for building on Cygwin. + +20040421 + - (djm) Update config.guess and config.sub to autoconf-2.59 versions; ok tim@ + +20040420 + - (djm) OpenBSD CVS Sync + - henning@cvs.openbsd.org 2004/04/08 16:08:21 + [sshconnect2.c] + swap the last two parameters to TAILQ_FOREACH_REVERSE. matches what + FreeBSD and NetBSD do. + ok millert@ mcbride@ markus@ ho@, checked to not affect ports by naddy@ + - djm@cvs.openbsd.org 2004/04/18 23:10:26 + [readconf.c readconf.h ssh-keysign.c ssh.c] + perform strict ownership and modes checks for ~/.ssh/config files, + as these can be used to execute arbitrary programs; ok markus@ + NB. ssh will now exit when it detects a config with poor permissions + - djm@cvs.openbsd.org 2004/04/19 13:02:40 + [ssh.1 ssh_config.5] + document strict permission checks on ~/.ssh/config; prompted by, + with & ok jmc@ + - jmc@cvs.openbsd.org 2004/04/19 16:12:14 + [ssh_config.5] + kill whitespace at eol; + - djm@cvs.openbsd.org 2004/04/19 21:51:49 + [ssh.c] + fix idiot typo that i introduced in my last commit; + spotted by cschneid AT cschneid.com + - (djm) [openbsd-compat/sys-queue.h] Sync with OpenBSD, needed for + above change + - (djm) [configure.ac] Check whether libroken is required when building + with Heimdal + +20040419 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2004/02/29 22:04:45 + [regress/login-timeout.sh] + Use sudo when restarting daemon during test. ok markus@ + - dtucker@cvs.openbsd.org 2004/03/08 10:17:12 + [regress/login-timeout.sh] + Missing OBJ, from tim@. ok markus@ (Already fixed, ID sync only) + - djm@cvs.openbsd.org 2004/03/30 12:41:56 + [sftp-client.c] + sync comment with reality + - djm@cvs.openbsd.org 2004/03/31 21:58:47 + [canohost.c] + don't skip ip options check when UseDNS=no; ok markus@ (ID sync only) + - markus@cvs.openbsd.org 2004/04/01 12:19:57 + [scp.c] + limit trust between local and remote rcp/scp process, + noticed by lcamtuf; ok deraadt@, djm@ + +20040418 + - (dtucker) [auth-pam.c] Log username and source host for failed PAM + authentication attempts. With & ok djm@ + - (djm) [openbsd-compat/bsd-cygwin_util.c] Recent versions of Cygwin allow + change of user context without a password, so relax auth method + restrictions; from vinschen AT redhat.com; ok dtucker@ + +20040416 + - (dtucker) [regress/sftp-cmds.sh] Skip quoting test on Cygwin, since + FAT/NTFS does not permit quotes in filenames. From vinschen at redhat.com + - (djm) [auth-krb5.c auth.h session.c] Explicitly refer to Kerberos ccache + file using FILE: method, fixes problems on Mac OSX. + Patch from simon@sxw.org.uk; ok dtucker@ + - (tim) [configure.ac] Set SETEUID_BREAKS_SETUID, BROKEN_SETREUID and + BROKEN_SETREGID for SCO OpenServer 3 + +20040412 + - (dtucker) [sshd_config.5] Add PermitRootLogin without-password warning + from bug #701 (text from jfh at cise.ufl.edu). + - (dtucker) [acconfig.h configure.ac defines.h] Bug #673: check for 4-arg + skeychallenge(), eg on NetBSD. ok mouring@ + - (dtucker) [auth-skey.c defines.h monitor.c] Make skeychallenge explicitly + 4-arg, with compatibility for 3-arg versions. From djm@, ok me. + - (djm) [configure.ac] Fix detection of libwrap on OpenBSD; ok dtucker@ + +20040408 + - (dtucker) [loginrec.c] Use UT_LINESIZE if available, prevents truncating + pty name on Linux 2.6.x systems. Patch from jpe at eisenmenger.org. + - (bal) [monitor.c monitor_wrap.c] Second try. Put the zlib.h headers + back and #undef TARGET_OS_MAC instead. (Bug report pending with Apple) + - (dtucker) [defines.h loginrec.c] Define UT_LINESIZE if not defined and + simplify loginrec.c. ok tim@ + - (bal) [monitor.c monitor_wrap.c] Ok.. Last time. Promise. Tim suggested + limiting scope and dtucker@ agreed. + +20040407 + - (dtucker) [session.c] Flush stdout after displaying loginmsg. From + f_mohr at yahoo.de. + - (bal) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Check to see + if Krb5 library exports krb5_init_etc() since some OSes (like MacOS/X) + are starting to restrict it as internal since it is not needed by + developers any more. (Patch based on Apple tree) + - (bal) [monitor.c monitor_wrap.c] monitor_wrap.c] moved zlib.h higher since + krb5 on MacOS/X conflicts. There may be a better solution, but this will + work for now. + +20040406 + - (dtucker) [acconfig.h configure.ac defines.h] Bug #820: don't use + updwtmpx() on IRIX since it seems to clobber utmp. ok djm@ + - (dtucker) [configure.ac] Bug #816, #748 (again): Attempt to detect + broken getaddrinfo and friends on HP-UX. ok djm@ + +20040330 + - (dtucker) [configure.ac] Bug #811: Use "!" for LOCKED_PASSWD_PREFIX on + Linuxes, since that's what many use. ok djm@ + - (dtucker) [auth-pam.c] rename the_authctxt to sshpam_authctxt in auth-pam.c + to reduce potential confusion with the one in sshd.c. ok djm@ + - (djm) Bug #825: Fix ip_options_check() for mapped IPv4/IPv6 connection; + with & ok dtucker@ + +20040327 + - (dtucker) [session.c] Bug #817: Clear loginmsg after fork to prevent + duplicate login messages for mutli-session logins. ok djm@ + +20040322 + - (djm) [sshd.c] Drop supplemental groups if started as root + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2004/03/09 22:11:05 + [ssh.c] + increase x11 cookie lifetime to 20 minutes; ok djm + - markus@cvs.openbsd.org 2004/03/10 09:45:06 + [ssh.c] + trim usage to match ssh(1) and look more like unix. ok djm@ + - markus@cvs.openbsd.org 2004/03/11 08:36:26 + [sshd.c] + trim usage; ok deraadt + - markus@cvs.openbsd.org 2004/03/11 10:21:17 + [ssh.c sshd.c] + ssh, sshd: sync version output, ok djm + - markus@cvs.openbsd.org 2004/03/20 10:40:59 + [version.h] + 3.8.1 + - (djm) Crank RPM spec versions + +20040311 + - (djm) [configure.ac] Add standard license to configure.ac; ok ben, dtucker + +20040310 + - (dtucker) [openbsd-compat/fake-rfc2553.h] Bug #812: #undef getaddrinfo + before redefining it, silences warnings on Tru64. + 20040308 - (dtucker) [sshd.c] Back out rev 1.270 as it caused problems on some platforms (eg SCO, HP-UX) with logging in the wrong TZ. ok djm@ @@ -27,6 +280,10 @@ [ssh-keyscan.c] explicitly initialise remote_major and remote_minor. from cjwatson AT debian.org; ok markus@ + - dtucker@cvs.openbsd.org 2004/03/08 10:18:57 + [sshd_config.5] + Document KerberosGetAFSToken; ok markus@ + - (tim) [regress/README.regress] Document ssh-rand-helper issue. ok bal 20040307 - (tim) [regress/login-timeout.sh] fix building outside of source tree.