X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/fd9ede94165374c2c27c4eb9af543fa97ada65b1..d0bfe096e146353e9c8533c29aa215b671e81586:/ChangeLog diff --git a/ChangeLog b/ChangeLog index bb8ed6cf..f48bdef5 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,327 @@ +20010704 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/25 08:25:41 + [channels.c channels.h cipher.c clientloop.c compat.c compat.h + hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c + session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h] + update copyright for 2001 + - markus@cvs.openbsd.org 2001/06/25 17:18:27 + [ssh-keygen.1] + sshd(8) will never read the private keys, but ssh(1) does; + hugh@mimosa.com + - provos@cvs.openbsd.org 2001/06/25 17:54:47 + [auth.c auth.h auth-rsa.c] + terminate secure_filename checking after checking homedir. that way + it works on AFS. okay markus@ + - stevesk@cvs.openbsd.org 2001/06/25 20:26:37 + [auth2.c sshconnect2.c] + prototype cleanup; ok markus@ + - markus@cvs.openbsd.org 2001/06/26 02:47:07 + [ssh-keygen.c] + allow loading a private RSA key to a cyberflex card. + - markus@cvs.openbsd.org 2001/06/26 04:07:06 + [ssh-agent.1 ssh-agent.c] + add debug flag + - markus@cvs.openbsd.org 2001/06/26 04:59:59 + [authfd.c authfd.h ssh-add.c] + initial support for smartcards in the agent + - markus@cvs.openbsd.org 2001/06/26 05:07:43 + [ssh-agent.c] + update usage + - markus@cvs.openbsd.org 2001/06/26 05:33:34 + [ssh-agent.c] + more smartcard support. + - mpech@cvs.openbsd.org 2001/06/26 05:48:07 + [sshd.8] + remove unnecessary .Pp between .It; + millert@ ok + - markus@cvs.openbsd.org 2001/06/26 05:50:11 + [auth2.c] + new interface for secure_filename() + - itojun@cvs.openbsd.org 2001/06/26 06:32:58 + [atomicio.h authfd.h authfile.h auth.h auth-options.h bufaux.h + buffer.h canohost.h channels.h cipher.h clientloop.h compat.h + compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.h + hostfile.h kex.h key.h log.h mac.h match.h misc.h mpaux.h packet.h + radix.h readconf.h readpass.h rsa.h] + prototype pedant. not very creative... + - () -> (void) + - no variable names + - itojun@cvs.openbsd.org 2001/06/26 06:33:07 + [servconf.h serverloop.h session.h sftp-client.h sftp-common.h + sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h + ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h] + prototype pedant. not very creative... + - () -> (void) + - no variable names + - dugsong@cvs.openbsd.org 2001/06/26 16:15:25 + [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h + servconf.c servconf.h session.c sshconnect1.c sshd.c] + Kerberos v5 support for SSH1, mostly from Assar Westerlund + and Bjorn Gronvall . markus@ ok + - markus@cvs.openbsd.org 2001/06/26 17:25:34 + [ssh.1] + document SSH_ASKPASS; fubob@MIT.EDU + - markus@cvs.openbsd.org 2001/06/26 17:27:25 + [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h + canohost.h channels.h cipher.h clientloop.h compat.h compress.h + crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h + hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h + packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h + session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h + sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h + tildexpand.h uidswap.h uuencode.h xmalloc.h] + remove comments from .h, since they are cut&paste from the .c files + and out of sync + - dugsong@cvs.openbsd.org 2001/06/26 17:41:49 + [servconf.c] + #include + - markus@cvs.openbsd.org 2001/06/26 20:14:11 + [key.c key.h ssh.c sshconnect1.c sshconnect2.c] + add smartcard support to the client, too (now you can use both + the agent and the client). + - markus@cvs.openbsd.org 2001/06/27 02:12:54 + [serverloop.c serverloop.h session.c session.h] + quick hack to make ssh2 work again. + - markus@cvs.openbsd.org 2001/06/27 04:48:53 + [auth.c match.c sshd.8] + tridge@samba.org + - markus@cvs.openbsd.org 2001/06/27 05:35:42 + [ssh-keygen.c] + use cyberflex_inq_class to inquire class. + +20010629 + - (bal) Removed net_aton() since we don't use it any more + - (bal) Fixed _DISABLE_VPOSIX in readpassphrase.c. + - (bal) Updated zlib's home. Thanks to David Howe . + - (stevesk) remove _REENTRANT #define + - (stevesk) session.c: use u_int for envsize + - (stevesk) remove cli.[ch] + +20010628 + - (djm) Sync openbsd-compat with -current libc + - (djm) Fix from Lutz Jaenicke for my + broken makefile + - (bal) Removed strtok_r() and inet_ntop() since they are no longer used. + - (bal) Remove getusershell() since it's no longer used. + +20010627 + - (djm) Reintroduce pam_session call for non-pty sessions. + - (djm) Remove redundant and incorrect test for max auth attempts in + PAM kbdint code. Based on fix from Matthew Melvin + + - (djm) Rename sysconfdir/primes => sysconfdir/moduli + - (djm) Oops, forgot make logic for primes=>moduli. Also try to rename + existing primes->moduli if it exists. + - (djm) Sync with -current openbsd-compat/readpassphrase.c: + - djm@cvs.openbsd.org 2001/06/27 13:23:30 + typo, spotted by Tom Holroyd ; ok deraadt@ + - (djm) Turn up warnings if gcc or egcs detected + - (stevesk) for HP-UX 11.X use X/Open socket interface; + pulls in modern socket prototypes and eliminates a number of compiler + warnings. see xopen_networking(7). + - (stevesk) fix x11 forwarding from _PATH_XAUTH change + - (stevesk) use X/Open socket interface for HP-UX 10.X also + +20010625 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/21 21:08:25 + [session.c] + don't reset forced_command (we allow multiple login shells in + ssh2); dwd@bell-labs.com + - mpech@cvs.openbsd.org 2001/06/22 10:17:51 + [ssh.1 sshd.8 ssh-keyscan.1] + o) .Sh AUTHOR -> .Sh AUTHORS; + o) remove unnecessary .Pp; + o) better -mdoc style; + o) typo; + o) sort SEE ALSO; + aaron@ ok + - provos@cvs.openbsd.org 2001/06/22 21:27:08 + [dh.c pathnames.h] + use /etc/moduli instead of /etc/primes, okay markus@ + - provos@cvs.openbsd.org 2001/06/22 21:28:53 + [sshd.8] + document /etc/moduli + - markus@cvs.openbsd.org 2001/06/22 21:55:49 + [auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config + ssh-keygen.1] + merge authorized_keys2 into authorized_keys. + authorized_keys2 is used for backward compat. + (just append authorized_keys2 to authorized_keys). + - provos@cvs.openbsd.org 2001/06/22 21:57:59 + [dh.c] + increase linebuffer to deal with larger moduli; use rewind instead of + close/open + - markus@cvs.openbsd.org 2001/06/22 22:21:20 + [sftp-server.c] + allow long usernames/groups in readdir + - markus@cvs.openbsd.org 2001/06/22 23:35:21 + [ssh.c] + don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@ + - deraadt@cvs.openbsd.org 2001/06/23 00:16:16 + [scp.c] + slightly better care + - markus@cvs.openbsd.org 2001/06/23 00:20:57 + [auth2.c auth.c auth.h auth-rh-rsa.c] + *known_hosts2 is obsolete for hostbased authentication and + only used for backward compat. merge ssh1/2 hostkey check + and move it to auth.c + - deraadt@cvs.openbsd.org 2001/06/23 02:33:05 + [sftp.1 sftp-server.8 ssh-keygen.1] + join .%A entries; most by bk@rt.fm + - markus@cvs.openbsd.org 2001/06/23 02:34:33 + [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1 + sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8] + get rid of known_hosts2, use it for hostkey lookup, but do not + modify. + - markus@cvs.openbsd.org 2001/06/23 03:03:59 + [sshd.8] + draft-ietf-secsh-dh-group-exchange-01.txt + - markus@cvs.openbsd.org 2001/06/23 03:04:42 + [auth2.c auth-rh-rsa.c] + restore correct ignore_user_known_hosts logic. + - markus@cvs.openbsd.org 2001/06/23 05:26:02 + [key.c] + handle sigature of size 0 (some broken clients send this). + - deraadt@cvs.openbsd.org 2001/06/23 05:57:09 + [sftp.1 sftp-server.8 ssh-keygen.1] + ok, tmac is now fixed + - markus@cvs.openbsd.org 2001/06/23 06:41:10 + [ssh-keygen.c] + try to decode ssh-3.0.0 private rsa keys + (allow migration to openssh, not vice versa), #910 + - itojun@cvs.openbsd.org 2001/06/23 15:12:20 + [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c + canohost.c channels.c cipher.c clientloop.c deattack.c dh.c + hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c + readpass.c scp.c servconf.c serverloop.c session.c sftp.c + sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c + ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c + ssh-keygen.c ssh-keyscan.c] + more strict prototypes. raise warning level in Makefile.inc. + markus ok'ed + TODO; cleanup headers + - markus@cvs.openbsd.org 2001/06/23 17:05:22 + [ssh-keygen.c] + fix import for (broken?) ssh.com/f-secure private keys + (i tested > 1000 RSA keys) + - itojun@cvs.openbsd.org 2001/06/23 17:48:18 + [sftp.1 ssh.1 sshd.8 ssh-keyscan.1] + kill whitespace at EOL. + - markus@cvs.openbsd.org 2001/06/23 19:12:43 + [sshd.c] + pidfile/sigterm race; bbraun@synack.net + - markus@cvs.openbsd.org 2001/06/23 22:37:46 + [sshconnect1.c] + consistent with ssh2: skip key if empty passphrase is entered, + retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@ + - markus@cvs.openbsd.org 2001/06/24 05:25:10 + [auth-options.c match.c match.h] + move ip+hostname check to match.c + - markus@cvs.openbsd.org 2001/06/24 05:35:33 + [readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c] + switch to readpassphrase(3) + 2.7/8-stable needs readpassphrase.[ch] from libc + - markus@cvs.openbsd.org 2001/06/24 05:47:13 + [sshconnect2.c] + oops, missing format string + - markus@cvs.openbsd.org 2001/06/24 17:18:31 + [ttymodes.c] + passing modes works fine: debug2->3 + - (djm) -Wall fix for session.c + - (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and + Solaris + +20010622 + - (stevesk) handle systems without pw_expire and pw_change. + +20010621 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/16 08:49:38 + [misc.c] + typo; dunlap@apl.washington.edu + - markus@cvs.openbsd.org 2001/06/16 08:50:39 + [channels.h] + bad //-style comment; thx to stevev@darkwing.uoregon.edu + - markus@cvs.openbsd.org 2001/06/16 08:57:35 + [scp.c] + no stdio or exit() in signal handlers. + - markus@cvs.openbsd.org 2001/06/16 08:58:34 + [misc.c] + copy pw_expire and pw_change, too. + - markus@cvs.openbsd.org 2001/06/19 12:34:09 + [session.c] + cleanup forced command handling, from dwd@bell-labs.com + - markus@cvs.openbsd.org 2001/06/19 14:09:45 + [session.c sshd.8] + disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com + - markus@cvs.openbsd.org 2001/06/19 15:40:45 + [session.c] + allocate and free at the same level. + - markus@cvs.openbsd.org 2001/06/20 13:56:39 + [channels.c channels.h clientloop.c packet.c serverloop.c] + move from channel_stop_listening to channel_free_all, + call channel_free_all before calling waitpid() in serverloop. + fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE + +20010615 + - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL + around grantpt(). + - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now + +20010614 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/13 09:10:31 + [session.c] + typo, use pid not s->pid, mstone@cs.loyola.edu + +20010613 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/12 10:58:29 + [session.c] + merge session_free into session_close() + merge pty_cleanup_proc into session_pty_cleanup() + - markus@cvs.openbsd.org 2001/06/12 16:10:38 + [session.c] + merge ssh1/ssh2 tty msg parse and alloc code + - markus@cvs.openbsd.org 2001/06/12 16:11:26 + [packet.c] + do not log() packet_set_maxsize + - markus@cvs.openbsd.org 2001/06/12 21:21:29 + [session.c] + remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since + we do already trust $HOME/.ssh + you can use .ssh/sshrc and .ssh/environment if you want to customize + the location of the xauth cookies + - markus@cvs.openbsd.org 2001/06/12 21:30:57 + [session.c] + unused + +20010612 + - scp.c ID update (upstream synced vfsprintf() from us) + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/06/10 11:29:20 + [dispatch.c] + we support rekeying + protocol errors are fatal. + - markus@cvs.openbsd.org 2001/06/11 10:18:24 + [session.c] + reset pointer to NULL after xfree(); report from solar@openwall.com + - markus@cvs.openbsd.org 2001/06/11 16:04:38 + [sshd.8] + typo; bdubreuil@crrel.usace.army.mil + +20010611 + - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller + + - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t + types. Patch by Jan IVEN + - (bal) Fixed Makefile.in so that 'configure; make install' works. + +20010610 + - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c + 20010609 - OpenBSD CVS Sync - markus@cvs.openbsd.org 2001/05/30 12:55:13 @@ -77,6 +401,10 @@ - markus@cvs.openbsd.org 2001/06/08 15:25:40 [includes.h pathnames.h readconf.c servconf.c] move the path for xauth to pathnames.h + - (bal) configure.in fix for Tru64 (forgeting to reset $LIB) + - (bal) ANSIify strmode() + - (bal) --with-catman should be --with-mantype patch by Dave + Dykstra 20010606 - OpenBSD CVS Sync