X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/febd3f8e394c18912a731004b15ace3a2a2fc8d0..229be2df2b0880b5057908fd5068b61239b1f283:/ChangeLog diff --git a/ChangeLog b/ChangeLog index 09a97e7d..6814791c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,301 @@ +20010427 + - (bal) Fixed uidswap.c so it should work on non-posix complient systems. + patch based on 2.5.2 version by djm. + - (bal) Build manpages and config files once unless changed. Patch by + Carson Gaspar + - (bal) arpa/nameser.h does not exist on Cygwin. Patch by Corinna + Vinschen + - (bal) Add /etc/sysconfig/sshd support to redhat's sshd.init. Patch by + Pekka Savola + - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen + + +20010425 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/23 21:57:07 + [ssh-keygen.1 ssh-keygen.c] + allow public key for -e, too + - markus@cvs.openbsd.org 2001/04/23 22:14:13 + [ssh-keygen.c] + remove debug + - (bal) Whitespace resync w/ OpenBSD for uidswap.c + - (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt' + (default: off), implies KbdInteractiveAuthentication. Suggestion from + markus@ + - (djm) Include crypt.h if available in auth-passwd.c + - tim@mindrot.org 2001/04/25 21:38:01 [configure.in] + man page detection fixes for SCO + +20010424 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/22 23:58:36 + [ssh-keygen.1 ssh.1 sshd.8] + document hostbased and other cleanup + - (stevesk) start_pam() doesn't use DNS now for sshd -u0. + - (stevesk) auth-pam.c: use PERMIT_NO_PASSWD + - (bal) sys/queue.h is bogus for NCR platform. Patch by Daniel Carroll + + - (bal) Fixed contrib/postinstall.in. Patch by wsanders@wsanders.net + +20010422 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/20 16:32:22 + [uidswap.c] + set non-privileged gid before uid; tholo@ and deraadt@ + - mouring@cvs.openbsd.org 2001/04/21 00:55:57 + [sftp.1] + Spelling + - djm@cvs.openbsd.org 2001/04/22 08:13:30 + [ssh.1] + typos spotted by stevesk@; ok deraadt@ + - markus@cvs.openbsd.org 2001/04/22 12:34:05 + [scp.c] + scp > 2GB; niles@scyld.com; ok deraadt@, djm@ + - markus@cvs.openbsd.org 2001/04/22 13:25:37 + [ssh-keygen.1 ssh-keygen.c] + rename arguments -x -> -e (export key), -X -> -i (import key) + xref draft-ietf-secsh-publickeyfile-01.txt + - markus@cvs.openbsd.org 2001/04/22 13:32:27 + [sftp-server.8 sftp.1 ssh.1 sshd.8] + xref draft-ietf-secsh-* + - markus@cvs.openbsd.org 2001/04/22 13:41:02 + [ssh-keygen.1 ssh-keygen.c] + style, noted by stevesk; sort flags in usage + +20010421 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2001/04/20 07:17:51 + [clientloop.c ssh.1] + Split out and improve escape character documentation, mention ~R in + ~? help text; ok markus@ + - Update RPM spec files for CVS version.h + - (stevesk) set the default PAM service name to __progname instead + of the hard-coded value "sshd"; from Mark D. Roth + - (stevesk) document PAM service name change in INSTALL + - tim@mindrot.org 2001/04/21 14:25:57 [Makefile.in configure.in] + fix perl test, fix nroff test, fix Makefile to build outside source tree + +20010420 + - OpenBSD CVS Sync + - ian@cvs.openbsd.org 2001/04/18 16:21:05 + [ssh-keyscan.1] + Fix typo reported in PR/1779 + - markus@cvs.openbsd.org 2001/04/18 21:57:42 + [readpass.c ssh-add.c] + call askpass from ssh, too, based on work by roth@feep.net, ok deraadt + - markus@cvs.openbsd.org 2001/04/18 22:03:45 + [auth2.c sshconnect2.c] + use FDQN with trailing dot in the hostbased auth packets, ok deraadt@ + - markus@cvs.openbsd.org 2001/04/18 22:48:26 + [auth2.c] + no longer const + - markus@cvs.openbsd.org 2001/04/18 23:43:26 + [auth2.c compat.c sshconnect2.c] + more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now + (however the 2.1.0 server seems to work only if debug is enabled...) + - markus@cvs.openbsd.org 2001/04/18 23:44:51 + [authfile.c] + error->debug; noted by fries@ + - markus@cvs.openbsd.org 2001/04/19 00:05:11 + [auth2.c] + use local variable, no function call needed. + (btw, hostbased works now with ssh.com >= 2.0.13) + - (bal) Put scp-common.h back into scp.c (it exists in the upstream + tree) pointed out by Tom Holroyd + +20010418 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/17 19:34:25 + [session.c] + move auth_approval to do_authenticated(). + do_child(): nuke hostkeys from memory + don't source .ssh/rc for subsystems. + - markus@cvs.openbsd.org 2001/04/18 14:15:00 + [canohost.c] + debug->debug3 + - (bal) renabled 'catman-do:' and fixed it. So now catman pages should + be working again. + - (bal) Makfile day... Cleaned up multiple mantype support (Patch by + Mark D. Roth ), and fixed PIDDIR support. + +20010417 + - (bal) Add perl5 check for HP/UX, Removed GNUness from Makefile.in + and temporary commented out 'catman-do:' since it is broken. Patches + for the first two by Lutz Jaenicke + - OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2001/04/16 08:26:04 + [key.c] + better safe than sorry in later mods; yongari@kt-is.co.kr + - markus@cvs.openbsd.org 2001/04/17 08:14:01 + [sshconnect1.c] + check for key!=NULL, thanks to costa + - markus@cvs.openbsd.org 2001/04/17 09:52:48 + [clientloop.c] + handle EINTR/EAGAIN on read; ok deraadt@ + - markus@cvs.openbsd.org 2001/04/17 10:53:26 + [key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c] + add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@ + - markus@cvs.openbsd.org 2001/04/17 12:55:04 + [channels.c ssh.c] + undo socks5 and https support since they are not really used and + only bloat ssh. remove -D from usage(), since '-D' is experimental. + +20010416 + - OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2001/04/15 01:35:22 + [ttymodes.c] + fix comments + - markus@cvs.openbsd.org 2001/04/15 08:43:47 + [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c] + some unused variable and typos; from tomh@po.crl.go.jp + - markus@cvs.openbsd.org 2001/04/15 16:58:03 + [authfile.c ssh-keygen.c sshd.c] + don't use errno for key_{load,save}_private; discussion w/ solar@openwall + - markus@cvs.openbsd.org 2001/04/15 17:16:00 + [clientloop.c] + set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@ + should fix some of the blocking problems for rsync over SSH-1 + - stevesk@cvs.openbsd.org 2001/04/15 19:41:21 + [sshd.8] + some ClientAlive cleanup; ok markus@ + - stevesk@cvs.openbsd.org 2001/04/15 21:28:35 + [readconf.c servconf.c] + use fatal() or error() vs. fprintf(); ok markus@ + - (djm) Convert mandoc manpages to man automatically. Patch from Mark D. + Roth + - (bal) CVS ID fix up and slight manpage fix from OpenBSD tree. + - (djm) OpenBSD CVS Sync + - mouring@cvs.openbsd.org 2001/04/16 02:31:44 + [scp.c sftp.c] + IPv6 support for sftp (which I bungled in my last patch) which is + borrowed from scp.c. Thanks to Markus@ for pointing it out. + - deraadt@cvs.openbsd.org 2001/04/16 08:05:34 + [xmalloc.c] + xrealloc dealing with ptr == nULL; mouring + - djm@cvs.openbsd.org 2001/04/16 08:19:31 + [session.c] + Split motd and hushlogin checks into seperate functions, helps for + portable. From Chris Adams ; ok markus@ + - Fix OSF SIA support displaying too much information for quiet + logins and logins where access was denied by SIA. Patch from Chris Adams + + +20010415 + - OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2001/04/14 04:31:01 + [ssh-add.c] + do not double free + - markus@cvs.openbsd.org 2001/04/14 16:17:14 + [channels.c] + remove some channels that are not appropriate for keepalive. + - markus@cvs.openbsd.org 2001/04/14 16:27:57 + [ssh-add.c] + use clear_pass instead of xfree() + - stevesk@cvs.openbsd.org 2001/04/14 16:33:20 + [clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h] + protocol 2 tty modes support; ok markus@ + - stevesk@cvs.openbsd.org 2001/04/14 17:04:42 + [scp.c] + 'T' handling rcp/scp sync; ok markus@ + - Missed sshtty.[ch] in Sync. + +20010414 + - Sync with OpenBSD glob.c, strlcat.c and vis.c changes + - Cygwin sftp/sftp-server binary mode patch from Corinna Vinschen + + - OpenBSD CVS Sync + - beck@cvs.openbsd.org 2001/04/13 22:46:54 + [channels.c channels.h servconf.c servconf.h serverloop.c sshd.8] + Add options ClientAliveInterval and ClientAliveCountMax to sshd. + This gives the ability to do a "keepalive" via the encrypted channel + which can't be spoofed (unlike TCP keepalives). Useful for when you want + to use ssh connections to authenticate people for something, and know + relatively quickly when they are no longer authenticated. Disabled + by default (of course). ok markus@ + +20010413 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/12 14:29:09 + [ssh.c] + show debug output during option processing, report from + pekkas@netcore.fi + - markus@cvs.openbsd.org 2001/04/12 19:15:26 + [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h + compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h + servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c + sshconnect2.c sshd_config] + implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2) + similar to RhostRSAAuthentication unless you enable (the experimental) + HostbasedUsesNameFromPacketOnly option. please test. :) + - markus@cvs.openbsd.org 2001/04/12 19:39:27 + [readconf.c] + typo + - stevesk@cvs.openbsd.org 2001/04/12 20:09:38 + [misc.c misc.h readconf.c servconf.c ssh.c sshd.c] + robust port validation; ok markus@ jakob@ + - mouring@cvs.openbsd.org 2001/04/12 23:17:54 + [sftp-int.c sftp-int.h sftp.1 sftp.c] + Add support for: + sftp [user@]host[:file [file]] - Fetch remote file(s) + sftp [user@]host[:dir[/]] - Start in remote dir/ + OK deraadt@ + - stevesk@cvs.openbsd.org 2001/04/13 01:26:17 + [ssh.c] + missing \n in error message + - (bal) Added openbsd-compat/inet_ntop.[ch] since HP/UX (and others) + lack it. + +20010412 + - OpenBSD CVS Sync + - markus@cvs.openbsd.org 2001/04/10 07:46:58 + [channels.c] + cleanup socks4 handling + - itojun@cvs.openbsd.org 2001/04/10 09:13:22 + [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8] + document id_rsa{.pub,}. markus ok + - markus@cvs.openbsd.org 2001/04/10 12:15:23 + [channels.c] + debug cleanup + - djm@cvs.openbsd.org 2001/04/11 07:06:22 + [sftp-int.c] + 'mget' and 'mput' aliases; ok markus@ + - markus@cvs.openbsd.org 2001/04/11 10:59:01 + [ssh.c] + use strtol() for ports, thanks jakob@ + - markus@cvs.openbsd.org 2001/04/11 13:56:13 + [channels.c ssh.c] + https-connect and socks5 support. i feel so bad. + - lebel@cvs.openbsd.org 2001/04/11 16:25:30 + [sshd.8 sshd.c] + implement the -e option into sshd: + -e When this option is specified, sshd will send the output to the + standard error instead of the system log. + markus@ OK. + +20010410 + - OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2001/04/08 20:52:55 + [sftp.c] + do not modify an actual argv[] entry + - stevesk@cvs.openbsd.org 2001/04/08 23:28:27 + [sshd.8] + spelling + - stevesk@cvs.openbsd.org 2001/04/09 00:42:05 + [sftp.1] + spelling + - markus@cvs.openbsd.org 2001/04/09 15:12:23 + [ssh-add.c] + passphrase caching: ssh-add tries last passphrase, clears passphrase if + not successful and after last try. + based on discussions with espie@, jakob@, ... and code from jakob@ and + wolfgang@wsrcc.com + - markus@cvs.openbsd.org 2001/04/09 15:19:49 + [ssh-add.1] + ssh-add retries the last passphrase... + - stevesk@cvs.openbsd.org 2001/04/09 18:00:15 + [sshd.8] + ListenAddress mandoc from aaron@ + 20010409 - (stevesk) use setresgid() for setegid() if needed - (stevesk) configure.in: typo