X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/c7724abb6e1bff3b642465ae6156b8c5b3746d76..65a4b4af81a9828d0a11a52cd5b48e4689ed05a7:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 5075991e..4a181381 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,310 @@ +20030103 + - (djm) Rework openbsd-compat/setproctitle.c a bit: move emulation type + detection to configure.ac. Prompted by stevesk@ + - (djm) Bug #467: Add a --disable-strip option to turn off stripping of + installed binaries. From mdev@idg.nl + +20030110 + - (djm) Enable new setproctitle emulation for Linux, AIX and HP/UX. More + systems may be added later. + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2003/01/08 23:53:26 + [sftp.1 sftp.c sftp-int.c sftp-int.h] + Cleanup error handling for batchmode + Allow blank lines and comments in input + Ability to suppress abort on error in batchmode ("-put blah") + Fixes mindrot bug #452; markus@ ok + - fgsch@cvs.openbsd.org 2003/01/10 08:19:07 + [scp.c sftp.1 sftp.c sftp-client.c sftp-int.c progressmeter.c] + [progressmeter.h] + sftp progress meter support. + original diffs by Nils Nordman via + markus@, merged to -current by me, djm@ ok. + - djm@cvs.openbsd.org 2003/01/10 08:48:15 + [sftp-client.c] + Simplify and avoid redundancy in packet send and receive + functions; ok fgs@ + - djm@cvs.openbsd.org 2003/01/10 10:29:35 + [scp.c] + Don't ftruncate after write error, creating sparse files of + incorrect length + mindrot bug #403, reported by rusr@cup.hp.com; ok markus@ + - djm@cvs.openbsd.org 2003/01/10 10:32:54 + [channels.c] + hush socket() errors, except last. Fixes mindrot bug #408; ok markus@ + +20030108 + - (djm) Sync openbsd-compat/ with OpenBSD -current + - (djm) Avoid redundant xstrdup/xfree in auth2-pam.c. From Solar via markus@ + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2003/01/01 18:08:52 + [channels.c] + move big output buffer messages to debug2 + - djm@cvs.openbsd.org 2003/01/06 23:51:22 + [sftp-client.c] + Fix "get -p" download to not add user-write perm. mindrot bug #426 + reported by gfernandez@livevault.com; ok markus@ + - fgsch@cvs.openbsd.org 2003/01/07 23:42:54 + [sftp.1] + add version; from Nils Nordman via markus@. + markus@ ok + - (djm) Update README to reflect AIX's status as a well supported platform. + From dtucker@zip.com.au + - (tim) [Makefile.in configure.ac] replace fixpath with sed script. Patch + by Mo DeJong. + - (tim) [auth.c] declare today at top of allowed_user() to keep + older compilers happy. + - (tim) [scp.c] make compilers without long long happy. + +20030107 + - (djm) Bug #401: Work around Linux breakage with IPv6 mapped addresses. + Based on fix from yoshfuji@linux-ipv6.org + - (djm) Bug #442: Check for and deny access to accounts with locked + passwords. Patch from dtucker@zip.com.au + - (djm) Bug #26: Use local mkstemp() rather than glibc's silly one. Fixes + Can't pass KRB4 TGT passing. Fix from: jan.iven@cern.ch + - (djm) Fix Bug #442 for PAM case + - (djm) Bug #110: bogus error messages in lastlog_get_entry(). Fix based + on one by peak@argo.troja.mff.cuni.cz + - (djm) Bug #111: Run syslog and stderr logging through strnvis to eliminate + nasties. Report from peak@argo.troja.mff.cuni.cz + - (djm) Bug #178: On AIX /etc/nologin wasnt't shown to users. Fix from + Ralf.Wenk@fh-karlsruhe.de and dtucker@zip.com.au + - (djm) Fix my fix of the fix for the Bug #442 for PAM case. Spotted by + dtucker@zip.com.au. Reorder for clarity too. + +20030103 + - (djm) Bug #461: ssh-copy-id fails with no arguments. Patch from + cjwatson@debian.org + - (djm) Bug #460: Filling utmp[x]->ut_addr_v6 if present. Patch from + cjwatson@debian.org + - (djm) Bug #446: Set LOGIN env var to pw_name on AIX. Patch from + mii@ornl.gov + +20030101 + - (stevesk) [session.c sshlogin.c sshlogin.h] complete portable + parts of pass addrlen with sockaddr * fix. + from Hajimu UMEMOTO + +20021222 + - (bal) OpenBSD CVS Sync + - fgsch@cvs.openbsd.org 2002/11/15 10:03:09 + [authfile.c] + lseek(2) may return -1 when getting the public/private key lenght. + Simplify the code and check for errors using fstat(2). + + Problem reported by Mauricio Sanchez, markus@ ok. + - markus@cvs.openbsd.org 2002/11/18 16:43:44 + [clientloop.c] + don't overwrite SIG{INT,QUIT,TERM} handler if set to SIG_IGN; + e.g. if ssh is used for backup; report Joerg Schilling; ok millert@ + - markus@cvs.openbsd.org 2002/11/21 22:22:50 + [dh.c] + debug->debug2 + - markus@cvs.openbsd.org 2002/11/21 22:45:31 + [cipher.c kex.c packet.c sshconnect.c sshconnect2.c] + debug->debug2, unify debug messages + - deraadt@cvs.openbsd.org 2002/11/21 23:03:51 + [auth-krb5.c auth1.c hostfile.h monitor_wrap.c sftp-client.c sftp-int.c ssh-add.c ssh-rsa.c + sshconnect.c] + KNF + - markus@cvs.openbsd.org 2002/11/21 23:04:33 + [ssh.c] + debug->debug2 + - stevesk@cvs.openbsd.org 2002/11/24 21:46:24 + [ssh-keysign.8] + typo: "the the" + - wcobb@cvs.openbsd.org 2002/11/26 00:45:03 + [scp.c ssh-keygen.c] + Remove unnecessary fflush(stderr) calls, stderr is unbuffered by default. + ok markus@ + - stevesk@cvs.openbsd.org 2002/11/26 02:35:30 + [ssh-keygen.1] + remove outdated statement; ok markus@ deraadt@ + - stevesk@cvs.openbsd.org 2002/11/26 02:38:54 + [canohost.c] + KNF, comment and error message repair; ok markus@ + - markus@cvs.openbsd.org 2002/11/27 17:53:35 + [scp.c sftp.c ssh.c] + allow usernames with embedded '@', e.g. scp user@vhost@realhost:file /tmp; + http://bugzilla.mindrot.org/show_bug.cgi?id=447; ok mouring@, millert@ + - stevesk@cvs.openbsd.org 2002/12/04 04:36:47 + [session.c] + remove xauth entries before add; PR 2994 from janjaap@stack.nl. + ok markus@ + - markus@cvs.openbsd.org 2002/12/05 11:08:35 + [scp.c] + use roundup() similar to rcp/util.c and avoid problems with strange + filesystem block sizes, noted by tjr@freebsd.org; ok djm@ + - djm@cvs.openbsd.org 2002/12/06 05:20:02 + [sftp.1] + Fix cut'n'paste error, spotted by matthias.riese@b-novative.de; ok deraadt@ + - millert@cvs.openbsd.org 2002/12/09 16:50:30 + [ssh.c] + Avoid setting optind to 0 as GNU getopt treats that like we do optreset. + markus@ OK + - markus@cvs.openbsd.org 2002/12/10 08:56:00 + [session.c] + Make sure $SHELL points to the shell from the password file, even if shell + is overridden from login.conf; bug#453; semen at online.sinor.ru; ok millert@ + - markus@cvs.openbsd.org 2002/12/10 19:26:50 + [packet.c] + move tos handling to packet_set_tos; ok provos/henning/deraadt + - markus@cvs.openbsd.org 2002/12/10 19:47:14 + [packet.c] + static + - markus@cvs.openbsd.org 2002/12/13 10:03:15 + [channels.c misc.c sshconnect2.c] + cleanup debug messages, more useful information for the client user. + - markus@cvs.openbsd.org 2002/12/13 15:20:52 + [scp.c] + 1) include stalling time in total time + 2) truncate filenames to 45 instead of 20 characters + 3) print rate instead of progress bar, no more stars + 4) scale output to tty width + based on a patch from Niels; ok fries@ lebel@ fgs@ millert@ + - (bal) [msg.c msg.h scp.c ssh-keysign.c sshconnect2.c] Resync CVS IDs since + we already did s/msg_send/ssh_msg_send/ + +20021205 + - (djm) PERL-free fixpaths from stuge-openssh-unix-dev@cdy.org + +20021122 + - (tim) [configure.ac] fix STDPATH test for IRIX. First reported by + advax@triumf.ca. This type of solution tested by + +20021113 + - (tim) [configure.ac] remove unused variables no_libsocket and no_libnsl + +20021111 + - (tim) [contrib/solaris/opensshd.in] add umask 022 so sshd.pid is + not world writable. + +20021109 + - (bal) OpenBSD CVS Sync + - itojun@cvs.openbsd.org 2002/10/16 14:31:48 + [sftp-common.c] + 64bit pedant. %llu is "unsigned long long". markus ok + - markus@cvs.openbsd.org 2002/10/23 10:32:13 + [packet.c] + use %u for u_int + - markus@cvs.openbsd.org 2002/10/23 10:40:16 + [bufaux.c] + %u for u_int + - markus@cvs.openbsd.org 2002/11/04 10:07:53 + [auth.c] + don't compare against pw_home if realpath fails for pw_home (seen + on AFS); ok djm@ + - markus@cvs.openbsd.org 2002/11/04 10:09:51 + [packet.c] + log before send disconnect; ok djm@ + - markus@cvs.openbsd.org 2002/11/05 19:45:20 + [monitor.c] + handle overflows for size_t larger than u_int; siw@goneko.de, bug #425 + - markus@cvs.openbsd.org 2002/11/05 20:10:37 + [sftp-client.c] + typo; GaryF@livevault.com + - markus@cvs.openbsd.org 2002/11/07 16:28:47 + [sshd.c] + log to stderr if -ie is given, bug #414, prj@po.cwru.edu + - markus@cvs.openbsd.org 2002/11/07 22:08:07 + [readconf.c readconf.h ssh-keysign.8 ssh-keysign.c] + we cannot use HostbasedAuthentication for enabling ssh-keysign(8), + because HostbasedAuthentication might be enabled based on the + target host and ssh-keysign(8) does not know the remote hostname + and not trust ssh(1) about the hostname, so we add a new option + EnableSSHKeysign; ok djm@, report from zierke@informatik.uni-hamburg.de + - markus@cvs.openbsd.org 2002/11/07 22:35:38 + [scp.c] + check exit status from ssh, and exit(1) if ssh fails; bug#369; + binder@arago.de + - (bal) Update ssh-host-config and minor rewrite of bsd-cygwin_util.c + ntsec now default if cygwin version beginning w/ version 56. Patch + by Corinna Vinschen + - (bal) AIX does not log login attempts for unknown users (bug #432). + patch by dtucker@zip.com.au + +20021021 + - (djm) Bug #400: Kill ssh-rand-helper children on timeout, patch from + dtucker@zip.com.au + - (djm) Bug #317: FreeBSD needs libutil.h for openpty() Report from + dirk.meyer@dinoex.sub.org + +20021015 + - (bal) Fix bug id 383 and only call loginrestrict for AIX if not root. + - (bal) More advanced strsep test by Darren Tucker + +20021015 + - (tim) [contrib/caldera/openssh.spec] make ssh-agent setgid nobody + +20021004 + - (bal) Disable post-authentication Privsep for OSF/1. It conflicts with + SIA. + +20021003 + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/10/01 20:34:12 + [ssh-agent.c] + allow root to access the agent, since there is no protection from root. + - markus@cvs.openbsd.org 2002/10/01 13:24:50 + [version.h] + OpenSSH 3.5 + - (djm) Bump RPM spec version numbers + - (djm) Bug #406: s/msg_send/ssh_msg_send/ for Mac OS X 1.2 + +20020930 + - (djm) Tidy contrib/, add Makefile for GNOME passphrase dialogs, + tweak README + - (djm) OpenBSD CVS Sync + - mickey@cvs.openbsd.org 2002/09/27 10:42:09 + [compat.c compat.h sshd.c] + add a generic match for a prober, such as sie big brother; + idea from stevesk@; markus@ ok + - stevesk@cvs.openbsd.org 2002/09/27 15:46:21 + [ssh.1] + clarify compression level protocol 1 only; ok markus@ deraadt@ + +20020927 + - (djm) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2002/09/25 11:17:16 + [sshd_config] + sync LoginGraceTime with default + - markus@cvs.openbsd.org 2002/09/25 15:19:02 + [sshd.c] + typo; pilot@monkey.org + - markus@cvs.openbsd.org 2002/09/26 11:38:43 + [auth1.c auth.h auth-krb4.c monitor.c monitor.h monitor_wrap.c] + [monitor_wrap.h] + krb4 + privsep; ok dugsong@, deraadt@ + +20020925 + - (bal) Fix issue where successfull login does not clear failure counts + in AIX. Patch by dtucker@zip.com.au ok by djm + - (tim) Cray fixes (bug 367) based on patch from Wendy Palm @ cray. + This does not include the deattack.c fixes. + +20020923 + - (djm) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2002/09/23 20:46:27 + [canohost.c] + change get_peer_ipaddr() and get_local_ipaddr() to not return NULL for + non-sockets; fixes a problem passing NULL to snprintf(). ok markus@ + - markus@cvs.openbsd.org 2002/09/23 22:11:05 + [monitor.c] + only call auth_krb5 if kerberos is enabled; ok deraadt@ + - markus@cvs.openbsd.org 2002/09/24 08:46:04 + [monitor.c] + only call kerberos code for authctxt->valid + - todd@cvs.openbsd.org 2002/09/24 20:59:44 + [sshd.8] + tweak the example $HOME/.ssh/rc script to not show on any cmdline the + sensitive data it handles. This fixes bug # 402 as reported by + kolya@mit.edu (Nickolai Zeldovich). + ok markus@ and stevesk@ + +20020923 + - (tim) [configure.ac] s/return/exit/ patch by dtucker@zip.com.au + 20020922 - (djm) OpenBSD CVS Sync - stevesk@cvs.openbsd.org 2002/09/19 14:53:14 @@ -5,6 +312,13 @@ - markus@cvs.openbsd.org 2002/09/19 15:51:23 [ssh-add.c] typo; cd@kalkatraz.de + - stevesk@cvs.openbsd.org 2002/09/19 16:03:15 + [serverloop.c] + log IP address also; ok markus@ + - stevesk@cvs.openbsd.org 2002/09/20 18:41:29 + [auth.c] + log illegal user here for missing privsep case (ssh2). + this is executed in the monitor. ok markus@ 20020919 - (djm) OpenBSD CVS Sync