X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/cb2c61792afdc77cbdc6096648016937ab61ca0a..4439dde1e080622d91799d49dab6e8c96a1e9993:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 6358a9ad..60c4a102 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,396 @@ +20060423 + - (djm) OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2006/04/01 05:42:20 + [scp.c] + minimal lint cleanup (unused crud, and some size_t); ok djm + - djm@cvs.openbsd.org 2006/04/01 05:50:29 + [scp.c] + xasprintification; ok deraadt@ + - djm@cvs.openbsd.org 2006/04/01 05:51:34 + [atomicio.c] + ANSIfy; requested deraadt@ + - dtucker@cvs.openbsd.org 2006/04/02 08:34:52 + [ssh-keysign.c] + sessionid can be 32 bytes now too when sha256 kex is used; ok djm@ + - djm@cvs.openbsd.org 2006/04/03 07:10:38 + [gss-genr.c] + GSSAPI buffers shouldn't be nul-terminated, spotted in bugzilla #1066 + by dleonard AT vintela.com. use xasprintf() to simplify code while in + there; "looks right" deraadt@ + - djm@cvs.openbsd.org 2006/04/16 00:48:52 + [buffer.c buffer.h channels.c] + Fix condition where we could exit with a fatal error when an input + buffer became too large and the remote end had advertised a big window. + The problem was a mismatch in the backoff math between the channels code + and the buffer code, so make a buffer_check_alloc() function that the + channels code can use to propsectivly check whether an incremental + allocation will succeed. bz #1131, debugged with the assistance of + cove AT wildpackets.com; ok dtucker@ deraadt@ + - djm@cvs.openbsd.org 2006/04/16 00:52:55 + [atomicio.c atomicio.h] + introduce atomiciov() function that wraps readv/writev to retry + interrupted transfers like atomicio() does for read/write; + feedback deraadt@ dtucker@ stevesk@ ok deraadt@ + - djm@cvs.openbsd.org 2006/04/16 00:54:10 + [sftp-client.c] + avoid making a tiny 4-byte write to send the packet length of sftp + commands, which would result in a separate tiny packet on the wire by + using atomiciov(writev, ...) to write the length and the command in one + pass; ok deraadt@ + - djm@cvs.openbsd.org 2006/04/16 07:59:00 + [atomicio.c] + reorder sanity test so that it cannot dereference past the end of the + iov array; well spotted canacar@! + - dtucker@cvs.openbsd.org 2006/04/18 10:44:28 + [bufaux.c bufbn.c] + Move Buffer bignum functions into their own file, bufbn.c. This means + that sftp and sftp-server (which use the Buffer functions in bufaux.c + but not the bignum ones) no longer need to be linked with libcrypto. + ok markus@ + - djm@cvs.openbsd.org 2006/04/20 09:27:09 + [auth.h clientloop.c dispatch.c dispatch.h kex.h] + replace the last non-sig_atomic_t flag used in a signal handler with a + sig_atomic_t, unfortunately with some knock-on effects in other (non- + signal) contexts in which it is used; ok markus@ + - markus@cvs.openbsd.org 2006/04/20 09:47:59 + [sshconnect.c] + simplify; ok djm@ + +20060421 + - (djm) [Makefile.in configure.ac session.c sshpty.c] + [contrib/redhat/sshd.init openbsd-compat/Makefile.in] + [openbsd-compat/openbsd-compat.h openbsd-compat/port-linux.c] + [openbsd-compat/port-linux.h] Add support for SELinux, setting + the execution and TTY contexts. based on patch from Daniel Walsh, + bz #880; ok dtucker@ + +20060418 + - (djm) [canohost.c] Reorder IP options check so that it isn't broken + by mapped addresses; bz #1179 reported by markw wtech-llc.com; + ok dtucker@ + +20060331 + - OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2006/03/27 01:21:18 + [xmalloc.c] + we can do the size & nmemb check before the integer overflow check; + evol + - deraadt@cvs.openbsd.org 2006/03/27 13:03:54 + [dh.c] + use strtonum() instead of atoi(), limit dhg size to 64k; ok djm + - djm@cvs.openbsd.org 2006/03/27 23:15:46 + [sftp.c] + always use a format string for addargs; spotted by mouring@ + - deraadt@cvs.openbsd.org 2006/03/28 00:12:31 + [README.tun ssh.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/28 01:52:28 + [channels.c] + do not accept unreasonable X ports numbers; ok djm + - deraadt@cvs.openbsd.org 2006/03/28 01:53:43 + [ssh-agent.c] + use strtonum() to parse the pid from the file, and range check it + better; ok djm + - djm@cvs.openbsd.org 2006/03/30 09:41:25 + [channels.c] + ARGSUSED for dispatch table-driven functions + - djm@cvs.openbsd.org 2006/03/30 09:58:16 + [authfd.c bufaux.c deattack.c gss-serv.c mac.c misc.c misc.h] + [monitor_wrap.c msg.c packet.c sftp-client.c sftp-server.c ssh-agent.c] + replace {GET,PUT}_XXBIT macros with functionally similar functions, + silencing a heap of lint warnings. also allows them to use + __bounded__ checking which can't be applied to macros; requested + by and feedback from deraadt@ + - djm@cvs.openbsd.org 2006/03/30 10:41:25 + [ssh.c ssh_config.5] + add percent escape chars to the IdentityFile option, bz #1159 based + on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@ + - dtucker@cvs.openbsd.org 2006/03/30 11:05:17 + [ssh-keygen.c] + Correctly handle truncated files while converting keys; ok djm@ + - dtucker@cvs.openbsd.org 2006/03/30 11:40:21 + [auth.c monitor.c] + Prevent duplicate log messages when privsep=yes; ok djm@ + - jmc@cvs.openbsd.org 2006/03/31 09:09:30 + [ssh_config.5] + kill trailing whitespace; + - djm@cvs.openbsd.org 2006/03/31 09:13:56 + [ssh_config.5] + remote user escape is %r not %h; spotted by jmc@ + +20060326 + - OpenBSD CVS Sync + - jakob@cvs.openbsd.org 2006/03/15 08:46:44 + [ssh-keygen.c] + if no key file are given when printing the DNS host record, use the + host key file(s) as default. ok djm@ + - biorn@cvs.openbsd.org 2006/03/16 10:31:45 + [scp.c] + Try to display errormessage even if remout == -1 + ok djm@, markus@ + - djm@cvs.openbsd.org 2006/03/17 22:31:50 + [authfd.c] + another unreachable found by lint + - djm@cvs.openbsd.org 2006/03/17 22:31:11 + [authfd.c] + unreachanble statement, found by lint + - djm@cvs.openbsd.org 2006/03/19 02:22:32 + [serverloop.c] + memory leaks detected by Coverity via elad AT netbsd.org; + ok deraadt@ dtucker@ + - djm@cvs.openbsd.org 2006/03/19 02:22:56 + [sftp.c] + more memory leaks detected by Coverity via elad AT netbsd.org; + deraadt@ ok + - djm@cvs.openbsd.org 2006/03/19 02:23:26 + [hostfile.c] + FILE* leak detected by Coverity via elad AT netbsd.org; + ok deraadt@ + - djm@cvs.openbsd.org 2006/03/19 02:24:05 + [dh.c readconf.c servconf.c] + potential NULL pointer dereferences detected by Coverity + via elad AT netbsd.org; ok deraadt@ + - djm@cvs.openbsd.org 2006/03/19 07:41:30 + [sshconnect2.c] + memory leaks detected by Coverity via elad AT netbsd.org; + deraadt@ ok + - dtucker@cvs.openbsd.org 2006/03/19 11:51:52 + [servconf.c] + Correct strdelim null test; ok djm@ + - deraadt@cvs.openbsd.org 2006/03/19 18:52:11 + [auth1.c authfd.c channels.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/19 18:53:12 + [kex.c kex.h monitor.c myproposal.h session.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/19 18:56:41 + [clientloop.c progressmeter.c serverloop.c sshd.c] + ARGSUSED for signal handlers + - deraadt@cvs.openbsd.org 2006/03/19 18:59:49 + [ssh-keyscan.c] + please lint + - deraadt@cvs.openbsd.org 2006/03/19 18:59:30 + [ssh.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/19 18:59:09 + [authfile.c] + whoever thought that break after return was a good idea needs to + get their head examimed + - djm@cvs.openbsd.org 2006/03/20 04:09:44 + [monitor.c] + memory leaks detected by Coverity via elad AT netbsd.org; + deraadt@ ok + that should be all of them now + - djm@cvs.openbsd.org 2006/03/20 11:38:46 + [key.c] + (really) last of the Coverity diffs: avoid possible NULL deref in + key_free. via elad AT netbsd.org; markus@ ok + - deraadt@cvs.openbsd.org 2006/03/20 17:10:19 + [auth.c key.c misc.c packet.c ssh-add.c] + in a switch (), break after return or goto is stupid + - deraadt@cvs.openbsd.org 2006/03/20 17:13:16 + [key.c] + djm did a typo + - deraadt@cvs.openbsd.org 2006/03/20 17:17:23 + [ssh-rsa.c] + in a switch (), break after return or goto is stupid + - deraadt@cvs.openbsd.org 2006/03/20 18:14:02 + [channels.c clientloop.c monitor_wrap.c monitor_wrap.h serverloop.c] + [ssh.c sshpty.c sshpty.h] + sprinkle u_int throughout pty subsystem, ok markus + - deraadt@cvs.openbsd.org 2006/03/20 18:17:20 + [auth1.c auth2.c sshd.c] + sprinkle some ARGSUSED for table driven functions (which sometimes + must ignore their args) + - deraadt@cvs.openbsd.org 2006/03/20 18:26:55 + [channels.c monitor.c session.c session.h ssh-agent.c ssh-keygen.c] + [ssh-rsa.c ssh.c sshlogin.c] + annoying spacing fixes getting in the way of real diffs + - deraadt@cvs.openbsd.org 2006/03/20 18:27:50 + [monitor.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/20 18:35:12 + [channels.c] + x11_fake_data is only ever used as u_char * + - deraadt@cvs.openbsd.org 2006/03/20 18:41:43 + [dns.c] + cast xstrdup to propert u_char * + - deraadt@cvs.openbsd.org 2006/03/20 18:42:27 + [canohost.c match.c ssh.c sshconnect.c] + be strict with tolower() casting + - deraadt@cvs.openbsd.org 2006/03/20 18:48:34 + [channels.c fatal.c kex.c packet.c serverloop.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/20 21:11:53 + [ttymodes.c] + spacing + - djm@cvs.openbsd.org 2006/03/25 00:05:41 + [auth-bsdauth.c auth-skey.c auth.c auth2-chall.c channels.c] + [clientloop.c deattack.c gss-genr.c kex.c key.c misc.c moduli.c] + [monitor.c monitor_wrap.c packet.c scard.c sftp-server.c ssh-agent.c] + [ssh-keyscan.c ssh.c sshconnect.c sshconnect2.c sshd.c uuencode.c] + [xmalloc.c xmalloc.h] + introduce xcalloc() and xasprintf() failure-checked allocations + functions and use them throughout openssh + + xcalloc is particularly important because malloc(nmemb * size) is a + dangerous idiom (subject to integer overflow) and it is time for it + to die + + feedback and ok deraadt@ + - djm@cvs.openbsd.org 2006/03/25 01:13:23 + [buffer.c channels.c deattack.c misc.c scp.c session.c sftp-client.c] + [sftp-server.c ssh-agent.c ssh-rsa.c xmalloc.c xmalloc.h auth-pam.c] + [uidswap.c] + change OpenSSH's xrealloc() function from being xrealloc(p, new_size) + to xrealloc(p, new_nmemb, new_itemsize). + + realloc is particularly prone to integer overflows because it is + almost always allocating "n * size" bytes, so this is a far safer + API; ok deraadt@ + - djm@cvs.openbsd.org 2006/03/25 01:30:23 + [sftp.c] + "abormally" is a perfectly cromulent word, but "abnormally" is better + - djm@cvs.openbsd.org 2006/03/25 13:17:03 + [atomicio.c auth-bsdauth.c auth-chall.c auth-options.c auth-passwd.c] + [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth-skey.c auth.c auth1.c] + [auth2-chall.c auth2-hostbased.c auth2-kbdint.c auth2-none.c] + [auth2-passwd.c auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c] + [buffer.c canohost.c channels.c cipher-3des1.c cipher-bf1.c] + [cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c compress.c] + [deattack.c dh.c dispatch.c fatal.c groupaccess.c hostfile.c kex.c] + [kexdh.c kexdhc.c kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c] + [mac.c match.c md-sha256.c misc.c monitor.c monitor_fdpass.c] + [monitor_mm.c monitor_wrap.c msg.c nchan.c packet.c progressmeter.c] + [readconf.c readpass.c rsa.c scard.c scp.c servconf.c serverloop.c] + [session.c sftp-client.c sftp-common.c sftp-glob.c sftp-server.c] + [sftp.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c] + [ssh-keysign.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] + [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] + [uidswap.c uuencode.c xmalloc.c] + Put $OpenBSD$ tags back (as comments) to replace the RCSID()s that + Theo nuked - our scripts to sync -portable need them in the files + - deraadt@cvs.openbsd.org 2006/03/25 18:29:35 + [auth-rsa.c authfd.c packet.c] + needed casts (always will be needed) + - deraadt@cvs.openbsd.org 2006/03/25 18:30:55 + [clientloop.c serverloop.c] + spacing + - deraadt@cvs.openbsd.org 2006/03/25 18:36:15 + [sshlogin.c sshlogin.h] + nicer size_t and time_t types + - deraadt@cvs.openbsd.org 2006/03/25 18:40:14 + [ssh-keygen.c] + cast strtonum() result to right type + - deraadt@cvs.openbsd.org 2006/03/25 18:41:45 + [ssh-agent.c] + mark two more signal handlers ARGSUSED + - deraadt@cvs.openbsd.org 2006/03/25 18:43:30 + [channels.c] + use strtonum() instead of atoi() [limit X screens to 400, sorry] + - deraadt@cvs.openbsd.org 2006/03/25 18:56:55 + [bufaux.c channels.c packet.c] + remove (char *) casts to a function that accepts void * for the arg + - deraadt@cvs.openbsd.org 2006/03/25 18:58:10 + [channels.c] + delete cast not required + - djm@cvs.openbsd.org 2006/03/25 22:22:43 + [atomicio.h auth-options.h auth.h auth2-gss.c authfd.h authfile.h] + [bufaux.h buffer.h canohost.h channels.h cipher.h clientloop.h] + [compat.h compress.h crc32.c crc32.h deattack.h dh.h dispatch.h] + [dns.c dns.h getput.h groupaccess.h gss-genr.c gss-serv-krb5.c] + [gss-serv.c hostfile.h includes.h kex.h key.h log.h mac.h match.h] + [misc.h monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h msg.h] + [myproposal.h packet.h pathnames.h progressmeter.h readconf.h rsa.h] + [scard.h servconf.h serverloop.h session.h sftp-common.h sftp.h] + [ssh-gss.h ssh.h ssh1.h ssh2.h sshconnect.h sshlogin.h sshpty.h] + [ttymodes.h uidswap.h uuencode.h xmalloc.h] + standardise spacing in $OpenBSD$ tags; requested by deraadt@ + - deraadt@cvs.openbsd.org 2006/03/26 01:31:48 + [uuencode.c] + typo + +20060325 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2006/03/16 04:24:42 + [ssh.1] + Add RFC4419 (Diffie-Hellman group exchange KEX) to the list of SSH RFCs + that OpenSSH supports + - deraadt@cvs.openbsd.org 2006/03/19 18:51:18 + [atomicio.c auth-bsdauth.c auth-chall.c auth-krb5.c auth-options.c] + [auth-pam.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c] + [auth-shadow.c auth-skey.c auth.c auth1.c auth2-chall.c] + [auth2-hostbased.c auth2-kbdint.c auth2-none.c auth2-passwd.c] + [auth2-pubkey.c auth2.c authfd.c authfile.c bufaux.c buffer.c] + [canohost.c channels.c cipher-3des1.c cipher-acss.c cipher-aes.c] + [cipher-bf1.c cipher-ctr.c cipher.c cleanup.c clientloop.c compat.c] + [compress.c deattack.c dh.c dispatch.c dns.c entropy.c fatal.c] + [groupaccess.c hostfile.c includes.h kex.c kexdh.c kexdhc.c] + [kexdhs.c kexgex.c kexgexc.c kexgexs.c key.c log.c loginrec.c] + [loginrec.h logintest.c mac.c match.c md-sha256.c md5crypt.c misc.c] + [monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c msg.c] + [nchan.c packet.c progressmeter.c readconf.c readpass.c rsa.c] + [scard.c scp.c servconf.c serverloop.c session.c sftp-client.c] + [sftp-common.c sftp-glob.c sftp-server.c sftp.c ssh-add.c] + [ssh-agent.c ssh-dss.c ssh-keygen.c ssh-keyscan.c ssh-keysign.c] + [ssh-rand-helper.c ssh-rsa.c ssh.c sshconnect.c sshconnect1.c] + [sshconnect2.c sshd.c sshlogin.c sshpty.c sshtty.c ttymodes.c] + [uidswap.c uuencode.c xmalloc.c openbsd-compat/bsd-arc4random.c] + [openbsd-compat/bsd-closefrom.c openbsd-compat/bsd-cygwin_util.c] + [openbsd-compat/bsd-getpeereid.c openbsd-compat/bsd-misc.c] + [openbsd-compat/bsd-nextstep.c openbsd-compat/bsd-snprintf.c] + [openbsd-compat/bsd-waitpid.c openbsd-compat/fake-rfc2553.c] + RCSID() can die + - deraadt@cvs.openbsd.org 2006/03/19 18:53:12 + [kex.h myproposal.h] + spacing + - djm@cvs.openbsd.org 2006/03/20 04:07:22 + [auth2-gss.c] + GSSAPI related leaks detected by Coverity via elad AT netbsd.org; + reviewed by simon AT sxw.org.uk; deraadt@ ok + - djm@cvs.openbsd.org 2006/03/20 04:07:49 + [gss-genr.c] + more GSSAPI related leaks detected by Coverity via elad AT netbsd.org; + reviewed by simon AT sxw.org.uk; deraadt@ ok + - djm@cvs.openbsd.org 2006/03/20 04:08:18 + [gss-serv.c] + last lot of GSSAPI related leaks detected by Coverity via + elad AT netbsd.org; reviewed by simon AT sxw.org.uk; deraadt@ ok + - deraadt@cvs.openbsd.org 2006/03/20 18:14:02 + [monitor_wrap.h sshpty.h] + sprinkle u_int throughout pty subsystem, ok markus + - deraadt@cvs.openbsd.org 2006/03/20 18:26:55 + [session.h] + annoying spacing fixes getting in the way of real diffs + - deraadt@cvs.openbsd.org 2006/03/20 18:41:43 + [dns.c] + cast xstrdup to propert u_char * + - jakob@cvs.openbsd.org 2006/03/22 21:16:24 + [ssh.1] + simplify SSHFP example; ok jmc@ + - djm@cvs.openbsd.org 2006/03/22 21:27:15 + [deattack.c deattack.h] + remove IV support from the CRC attack detector, OpenSSH has never used + it - it only applied to IDEA-CFB, which we don't support. + prompted by NetBSD Coverity report via elad AT netbsd.org; + feedback markus@ "nuke it" deraadt@ + +20060318 + - (djm) [auth-pam.c] Fix memleak in error path, from Coverity via + elad AT NetBSD.org + - (dtucker) [openbsd-compat/bsd-snprintf.c] Bug #1173: make fmtint() take + a LLONG rather than a long. Fixes scp'ing of large files on platforms + with missing/broken snprintfs. Patch from e.borovac at bom.gov.au. + +20060316 + - (dtucker) [entropy.c] Add headers for WIFEXITED and friends. + - (dtucker) [configure.ac md-sha256.c] NetBSD has sha2.h in + /usr/include/crypto. Hint from djm@. + - (tim) [kex.c myproposal.h md-sha256.c openbsd-compat/sha2.c,h] + Disable sha256 when openssl < 0.9.7. Patch from djm@. + - (djm) [kex.c] Slightly more clean deactivation of dhgex-sha256 on old + OpenSSL; ok tim + 20060315 - (djm) OpenBSD CVS Sync: - msf@cvs.openbsd.org 2006/02/06 15:54:07 @@ -255,6 +648,23 @@ - (djm) [openbsd-compat/sha2.h] Avoid include macro clash with system sha2.h - (djm) [ssh-rand-helper.c] Needs a bunch of headers + - (djm) [ssh-agent.c] Restore dropped stat.h + - (djm) [openbsd-compat/sha2.h openbsd-compat/sha2.c] Comment out + SHA384, which we don't need and doesn't compile without tweaks + - (djm) [auth-pam.c clientloop.c includes.h monitor.c session.c] + [sftp-client.c ssh-keysign.c ssh.c sshconnect.c sshconnect2.c] + [sshd.c openbsd-compat/bsd-misc.c openbsd-compat/bsd-openpty.c] + [openbsd-compat/glob.c openbsd-compat/mktemp.c] + [openbsd-compat/readpassphrase.c] Lots of include fixes for + OpenSolaris + - (tim) [includes.h] put sys/stat.h back in to quiet some "macro redefined:" + - (tim) [openssh/sshpty.c openssh/openbsd-compat/port-tun.c] put in some + includes removed from includes.h + - (dtucker) [configure.ac] Fix glob test conversion to AC_TRY_COMPILE + - (djm) [includes.h] Put back paths.h, it is needed in defines.h + - (dtucker) [openbsd-compat/openbsd-compat.h] AIX (at least) needs + sys/ioctl.h for struct winsize. + - (dtucker) [configure.ac] login_cap.h requires sys/types.h on NetBSD. 20060313 - (dtucker) [configure.ac] Bug #1171: Don't use printf("%lld", longlong)