X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/f658a5e87dcc756f0280b279bbfe526ebb393cd1..b930668c42a0e86843a9054462264c51ab356893:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 90ae9f74..d47b2a59 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,9 +1,183 @@ +20031117 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2003/11/03 09:03:37 + [auth-chall.c] + make this a little more idiot-proof; ok markus@ + (includes portable-specific changes) + - jakob@cvs.openbsd.org 2003/11/03 09:09:41 + [sshconnect.c] + move changed key warning into warn_changed_key(). ok markus@ + - jakob@cvs.openbsd.org 2003/11/03 09:37:32 + [sshconnect.c] + do not free static type pointer in warn_changed_key() + - djm@cvs.openbsd.org 2003/11/04 08:54:09 + [auth1.c auth2.c auth2-pubkey.c auth.h auth-krb5.c auth-passwd.c] + [auth-rhosts.c auth-rh-rsa.c auth-rsa.c monitor.c serverloop.c] + [session.c] + standardise arguments to auth methods - they should all take authctxt. + check authctxt->valid rather then pw != NULL; ok markus@ + - jakob@cvs.openbsd.org 2003/11/08 16:02:40 + [auth1.c] + remove unused variable (pw). ok djm@ + (id sync only - still used in portable) + - jmc@cvs.openbsd.org 2003/11/08 19:17:29 + [sftp-int.c] + typos from Jonathon Gray; + - jakob@cvs.openbsd.org 2003/11/10 16:23:41 + [bufaux.c bufaux.h cipher.c cipher.h hostfile.c hostfile.h key.c] + [key.h sftp-common.c sftp-common.h sftp-server.c sshconnect.c sshd.c] + [ssh-dss.c ssh-rsa.c uuencode.c uuencode.h] + constify. ok markus@ & djm@ + - dtucker@cvs.openbsd.org 2003/11/12 10:12:15 + [scp.c] + When called with -q, pass -q to ssh; suppresses SSH2 banner. ok markus@ + - jakob@cvs.openbsd.org 2003/11/12 16:39:58 + [dns.c dns.h readconf.c ssh_config.5 sshconnect.c] + update SSHFP validation. ok markus@ + - jmc@cvs.openbsd.org 2003/11/12 20:14:51 + [ssh_config.5] + make verb agree with subject, and kill some whitespace; + - markus@cvs.openbsd.org 2003/11/14 13:19:09 + [sshconnect2.c] + cleanup and minor fixes for the client code; from Simon Wilkinson + +20031115 + - (dtucker) [regress/agent-ptrace.sh] Test for GDB output from Solaris and + HP-UX, skip test on AIX. + +20031113 + - (dtucker) [auth-pam.c] Append newlines to lines output by the + pam_chauthtok_conv(). + - (dtucker) [README ssh-host-config ssh-user-config Makefile] (All + contrib/cygwin). Major update from vinschen at redhat.com. + - Makefile provides a `cygwin-postinstall' target to run right after + `make install'. + - Better support for Windows 2003 Server. + - Try to get permissions as correct as possible. + - New command line options to allow full automated host configuration. + - Create configs from skeletons in /etc/defaults/etc. + - Use /bin/bash, allows reading user input with readline support. + - Remove really old configs from /usr/local. + - (dtucker) [auth-pam.c] Add newline to accumulated PAM_TEXT_INFO and + PAM_ERROR_MSG messages. + +20031106 + - (djm) Clarify UsePAM consequences a little more + +20031103 + - (dtucker) [contrib/cygwin/ssh-host-config] Ensure entries in /etc/services + are created correctly with CRLF line terminations. Patch from vinschen at + redhat.com. + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2003/10/15 09:48:45 + [monitor_wrap.c] + check pmonitor != NULL + - markus@cvs.openbsd.org 2003/10/21 09:50:06 + [auth2-gss.c] + make sure the doid is larger than 2 + - avsm@cvs.openbsd.org 2003/10/26 16:57:43 + [sshconnect2.c] + rename 'supported' static var in userauth_gssapi() to 'gss_supported' + to avoid shadowing the global version. markus@ ok + - markus@cvs.openbsd.org 2003/10/28 09:08:06 + [misc.c] + error->debug for getsockopt+TCP_NODELAY; several requests + - markus@cvs.openbsd.org 2003/11/02 11:01:03 + [auth2-gss.c compat.c compat.h sshconnect2.c] + remove support for SSH_BUG_GSSAPI_BER; simon@sxw.org.uk + - (dtucker) [regress/agent-ptrace.sh] Use numeric uid and gid. + +20031021 + - (dtucker) [INSTALL] Some system crypt() functions support MD5 passwords + directly. Noted by Darren.Moffat at sun.com. + - (dtucker) [regress/agent-ptrace.sh] Skip agent-test unless SUDO is set, + make agent setgid during test. + +20031017 + - (dtucker) [INSTALL] Note that --with-md5 is now required on platforms with + MD5 passwords even if PAM support is enabled. From steev at detritus.net. + +20031015 + - (dtucker) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2003/10/08 08:27:36 + [scp.1 scp.c sftp-server.8 sftp.1 sftp.c ssh.1 sshd.8] + scp and sftp: add options list and sort options. options list requested + by deraadt@ + sshd: use same format as ssh + ssh: remove wrong option from list + sftp-server: Subsystem is documented in ssh_config(5), not sshd(8) + ok deraadt@ markus@ + - markus@cvs.openbsd.org 2003/10/08 15:21:24 + [readconf.c ssh_config.5] + default GSS API to no in client, too; ok jakob, deraadt@ + - markus@cvs.openbsd.org 2003/10/11 08:24:08 + [readconf.c readconf.h ssh.1 ssh.c ssh_config.5] + remote x11 clients are now untrusted by default, uses xauth(8) to generate + untrusted cookies; ForwardX11Trusted=yes restores old behaviour. + ok deraadt; feedback and ok djm/fries + - markus@cvs.openbsd.org 2003/10/11 08:26:43 + [sshconnect2.c] + search keys in reverse order; fixes #684 + - markus@cvs.openbsd.org 2003/10/11 11:36:23 + [monitor_wrap.c] + return NULL for missing banner; ok djm@ + - jmc@cvs.openbsd.org 2003/10/12 13:12:13 + [ssh_config.5] + note that EnableSSHKeySign should be in the non-hostspecific section; + remove unnecessary .Pp; + ok markus@ + - markus@cvs.openbsd.org 2003/10/13 08:22:25 + [scp.1 sftp.1] + don't refer to options related to forwarding; ok jmc@ + - jakob@cvs.openbsd.org 2003/10/14 19:42:10 + [dns.c dns.h readconf.c ssh-keygen.c sshconnect.c] + include SSHFP lookup code (not enabled by default). ok markus@ + - jakob@cvs.openbsd.org 2003/10/14 19:43:23 + [README.dns] + update + - markus@cvs.openbsd.org 2003/10/14 19:54:39 + [session.c ssh-agent.c] + 10X for mkdtemp; djm@ + - (dtucker) [acconfig.h configure.ac dns.c openbsd-compat/getrrsetbyname.c + openbsd-compat/getrrsetbyname.h] DNS fingerprint support is now always + compiled in but disabled in config. + - (dtucker) [auth.c] Check for disabled password expiry on HP-UX Trusted Mode. + - (tim) [regress/banner.sh] portability fix. + +20031009 + - (dtucker) [sshd_config.5] UsePAM defaults to "no". ok djm@ + +20031008 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2003/10/07 01:47:27 + [sshconnect2.c] + Don't use logit for banner, since it truncates to MSGBUFSIZ; bz #668 & + #707. ok markus@ + - djm@cvs.openbsd.org 2003/10/07 07:04:16 + [sftp-int.c] + sftp quoting fix from admorten AT umich.edu; ok markus@ + - deraadt@cvs.openbsd.org 2003/10/07 21:58:28 + [sshconnect2.c] + set ptr to NULL after free + - dtucker@cvs.openbsd.org 2003/10/07 01:52:13 + [regress/Makefile regress/banner.sh] + Test SSH2 banner. ok markus@ + - djm@cvs.openbsd.org 2003/10/07 07:04:52 + [regress/sftp-cmds.sh] + more sftp quoting regress tests; ok markus + 20031007 - (djm) Delete autom4te.cache after autoreconf - (dtucker) [auth-pam.c auth-pam.h session.c] Make PAM use the new static cleanup functions. With & ok djm@ - (dtucker) [contrib/redhat/openssh.spec] Bug #714: Now that UsePAM is a run-time switch, always build --with-md5-passwords. + - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoul.c] + Bug #670: add strtoul() to openbsd-compat for platforms lacking it. ok djm@ + - (dtucker) [configure.ac] Bug #715: Set BROKEN_SETREUID and BROKEN_SETREGID + on Reliant Unix. Patch from Robert.Dahlem at siemens.com. + - (dtucker) [configure.ac] Bug #710: Check for dlsym() in libdl on + Reliant Unix. Based on patch from Robert.Dahlem at siemens.com. 20031003 - (dtucker) OpenBSD CVS Sync