X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/ccd01778c21e2fc83d9b0da282862828d4832757..e37f390b2dc139013174e26f9f5db67c9e0a1f16:/ChangeLog diff --git a/ChangeLog b/ChangeLog index b3ae6bdb..9bd45a12 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,73 @@ -20091209 +20100113 + - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs. + +20100112 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/01/11 01:39:46 + [ssh_config channels.c ssh.1 channels.h ssh.c] + Add a 'netcat mode' (ssh -W). This connects stdio on the client to a + single port forward on the server. This allows, for example, using ssh as + a ProxyCommand to route connections via intermediate servers. + bz #1618, man page help from jmc@, ok markus@ + - dtucker@cvs.openbsd.org 2010/01/11 04:46:45 + [authfile.c sshconnect2.c] + Do not prompt for a passphrase if we fail to open a keyfile, and log the + reason the open failed to debug. + bz #1693, found by tj AT castaglia org, ok djm@ + - djm@cvs.openbsd.org 2010/01/11 10:51:07 + [ssh-keygen.c] + when converting keys, truncate key comments at 72 chars as per RFC4716; + bz#1630 reported by tj AT castaglia.org; ok markus@ + - dtucker@cvs.openbsd.org 2010/01/12 00:16:47 + [authfile.c] + Fix bug introduced in r1.78 (incorrect brace location) that broke key auth. + Patch from joachim joachimschipper nl. + - djm@cvs.openbsd.org 2010/01/12 00:58:25 + [monitor_fdpass.c] + avoid spinning when fd passing on nonblocking sockets by calling poll() + in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@ + - djm@cvs.openbsd.org 2010/01/12 00:59:29 + [roaming_common.c] + delete with extreme prejudice a debug() that fired with every keypress; + ok dtucker deraadt + - dtucker@cvs.openbsd.org 2010/01/12 01:31:05 + [session.c] + Do not allow logins if /etc/nologin exists but is not readable by the user + logging in. Noted by Jan.Pechanec at Sun, ok djm@ deraadt@ + - djm@cvs.openbsd.org 2010/01/12 01:36:08 + [buffer.h bufaux.c] + add a buffer_get_string_ptr_ret() that does the same as + buffer_get_string_ptr() but does not fatal() on error; ok dtucker@ + - dtucker@cvs.openbsd.org 2010/01/12 08:33:17 + [session.c] + Add explicit stat so we reliably detect nologin with bad perms. + ok djm markus + +20100110 + - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] + Remove hacks add for RoutingDomain in preparation for its removal. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2010/01/09 23:04:13 + [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h + ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c + readconf.h scp.1 sftp.1 ssh_config.5 misc.h] + Remove RoutingDomain from ssh since it's now not needed. It can be + replaced with "route exec" or "nc -V" as a proxycommand. "route exec" + also ensures that trafic such as DNS lookups stays withing the specified + routingdomain. For example (from reyk): + # route -T 2 exec /usr/sbin/sshd + or inherited from the parent process + $ route -T 2 exec sh + $ ssh 10.1.2.3 + ok deraadt@ markus@ stevesk@ reyk@ + - dtucker@cvs.openbsd.org 2010/01/10 03:51:17 + [servconf.c] + Add ChrootDirectory to sshd.c test-mode output + - dtucker@cvs.openbsd.org 2010/01/10 07:15:56 + [auth.c] + Output a debug if we can't open an existing keyfile. bz#1694, ok djm@ + +20100109 - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't have it. - (dtucker) [defines.h] define PRIu64 for platforms that don't have it. @@ -20,8 +89,22 @@ [mux.c sshpty.h clientloop.c sshtty.c] quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we usually don't actually have a tty to read/set; bz#1686 ok dtucker@ + - dtucker@cvs.openbsd.org 2010/01/09 05:17:00 + [roaming_client.c] + Remove a PRIu64 format string that snuck in with roaming. ok djm@ + - dtucker@cvs.openbsd.org 2010/01/09 11:13:02 + [sftp.c] + Prevent sftp from derefing a null pointer when given a "-" without a + command. Also, allow whitespace to follow a "-". bz#1691, path from + Colin Watson via Debian. ok djm@ deraadt@ + - dtucker@cvs.openbsd.org 2010/01/09 11:17:56 + [sshd.c] + Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs + itself. Prevents two HUPs in quick succession from resulting in sshd + dying. bz#1692, patch from Colin Watson via Ubuntu. + - (dtucker) [defines.h] Remove now-undeeded PRIu64 define. -20091208 +20100108 - (dtucker) OpenBSD CVS Sync - andreas@cvs.openbsd.org 2009/10/24 11:11:58 [roaming.h]