X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/ce27af321f94d71fc810380c06f42a2c5943f6b3..e0cbb24b3ff7c9c9b536cfa2ab9aa16f27efeb6e:/ChangeLog

diff --git a/ChangeLog b/ChangeLog
index 6700f308..6992a01b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,66 @@
-20091209
+20100111
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2010/01/11 01:39:46
+     [ssh_config channels.c ssh.1 channels.h ssh.c]
+     Add a 'netcat mode' (ssh -W).  This connects stdio on the client to a
+     single port forward on the server.  This allows, for example, using ssh as
+     a ProxyCommand to route connections via intermediate servers.
+     bz #1618, man page help from jmc@, ok markus@
+   - dtucker@cvs.openbsd.org 2010/01/11 04:46:45
+     [authfile.c sshconnect2.c]
+     Do not prompt for a passphrase if we fail to open a keyfile, and log the
+     reason the open failed to debug.
+     bz #1693, found by tj AT castaglia org, ok djm@
+   - djm@cvs.openbsd.org 2010/01/11 10:51:07
+     [ssh-keygen.c]
+     when converting keys, truncate key comments at 72 chars as per RFC4716;
+     bz#1630 reported by tj AT castaglia.org; ok markus@
+   - dtucker@cvs.openbsd.org 2010/01/12 00:16:47
+     [authfile.c]
+     Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.
+     Patch from joachim joachimschipper nl.
+   - djm@cvs.openbsd.org 2010/01/12 00:58:25
+     [monitor_fdpass.c]
+     avoid spinning when fd passing on nonblocking sockets by calling poll()
+     in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@
+   - djm@cvs.openbsd.org 2010/01/12 00:59:29
+     [roaming_common.c]
+     delete with extreme prejudice a debug() that fired with every keypress;
+     ok dtucker deraadt
+   - dtucker@cvs.openbsd.org 2010/01/12 01:31:05
+     [session.c]
+     Do not allow logins if /etc/nologin exists but is not readable by the user
+     logging in.  Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
+   - djm@cvs.openbsd.org 2010/01/12 01:36:08
+     [buffer.h bufaux.c]
+     add a buffer_get_string_ptr_ret() that does the same as
+     buffer_get_string_ptr() but does not fatal() on error; ok dtucker@
+
+20100110
+ - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
+   Remove hacks add for RoutingDomain in preparation for its removal.
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2010/01/09 23:04:13
+     [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
+     ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
+     readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
+     Remove RoutingDomain from ssh since it's now not needed.  It can be
+     replaced with "route exec" or "nc -V" as a proxycommand.  "route exec"
+     also ensures that trafic such as DNS lookups stays withing the specified
+     routingdomain.  For example (from reyk):
+     # route -T 2 exec /usr/sbin/sshd
+     or inherited from the parent process
+     $ route -T 2 exec sh
+     $ ssh 10.1.2.3
+     ok deraadt@ markus@ stevesk@ reyk@
+   - dtucker@cvs.openbsd.org 2010/01/10 03:51:17
+     [servconf.c]
+     Add ChrootDirectory to sshd.c test-mode output
+   - dtucker@cvs.openbsd.org 2010/01/10 07:15:56
+     [auth.c]
+     Output a debug if we can't open an existing keyfile.  bz#1694, ok djm@
+
+20100109
  - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
    have it.
  - (dtucker) [defines.h] define PRIu64 for platforms that don't have it.
@@ -35,7 +97,7 @@
      dying.  bz#1692, patch from Colin Watson via Ubuntu.
  - (dtucker) [defines.h] Remove now-undeeded PRIu64 define.
 
-20091208
+20100108
  - (dtucker) OpenBSD CVS Sync
    - andreas@cvs.openbsd.org 2009/10/24 11:11:58
      [roaming.h]