Blame - ChangeLog - platform/external/openssh

blob: b641fe670cc6ef38a6f55fbd12ae8a8d6a11d7ef [file] [log] [blame]

Ben Lindstrom	515d0f9	2003-08-29 16:59:52 +0000	[diff] [blame]	1	20030829
Damien Miller	55c47ed	2003-09-02 22:14:07 +1000	[diff] [blame]	2	- (djm) OpenBSD CVS Sync
				3	- deraadt@cvs.openbsd.org 2003/08/24 17:36:51
				4	[auth2-gss.c]
				5	64 bit cleanups; markus ok
Damien Miller	1a0c0b9	2003-09-02 22:51:17 +1000	[diff] [blame]	6	- markus@cvs.openbsd.org 2003/08/28 12:54:34
				7	[auth-krb5.c auth.h auth1.c monitor.c monitor.h monitor_wrap.c]
				8	[monitor_wrap.h readconf.c servconf.c session.c ssh_config.5]
				9	[sshconnect1.c sshd.c sshd_config sshd_config.5]
				10	remove kerberos support from ssh1, since it has been replaced with GSSAPI;
				11	but keep kerberos passwd auth for ssh1 and 2; ok djm, hin, henning, ...
Damien Miller	7630ee2	2003-09-02 22:52:00 +1000	[diff] [blame]	12	- markus@cvs.openbsd.org 2003/08/29 10:03:15
				13	[compat.c compat.h]
				14	SSH_BUG_K5USER is unused; ok henning@
Damien Miller	fbdeece	2003-09-02 22:52:31 +1000	[diff] [blame]	15	- markus@cvs.openbsd.org 2003/08/29 10:04:36
				16	[channels.c nchan.c]
				17	be less chatty; debug -> debug2, cleanup; ok henning@
Damien Miller	17af176	2003-09-02 22:53:01 +1000	[diff] [blame]	18	- markus@cvs.openbsd.org 2003/08/31 10:26:04
				19	[progressmeter.c]
				20	pass file_size + 1 to snprintf: fixes printing of truncated
				21	file names; fix based on patch/report from sturm@;
Damien Miller	b5829f5	2003-09-02 22:53:32 +1000	[diff] [blame]	22	- markus@cvs.openbsd.org 2003/08/31 12:14:22
				23	[progressmeter.c]
				24	do write to buf[-1]
Damien Miller	324948b	2003-09-02 22:55:45 +1000	[diff] [blame]	25	- markus@cvs.openbsd.org 2003/08/31 13:29:05
				26	[session.c]
				27	call ssh_gssapi_storecreds conditionally from do_exec();
				28	with sxw@inf.ed.ac.uk
Damien Miller	a0c4ad2	2003-09-02 22:56:18 +1000	[diff] [blame]	29	- markus@cvs.openbsd.org 2003/08/31 13:30:18
				30	[gss-serv.c]
				31	correct string termination in parse_ename(); sxw@inf.ed.ac.uk
Damien Miller	134350c	2003-09-02 22:56:42 +1000	[diff] [blame^]	32	- markus@cvs.openbsd.org 2003/08/31 13:31:57
				33	[gss-serv.c]
				34	whitspace KNF
Damien Miller	55c47ed	2003-09-02 22:14:07 +1000	[diff] [blame]	35
				36	20030829
Ben Lindstrom	4d5dffc	2003-08-30 00:11:56 +0000	[diff] [blame]	37	- (bal) openbsd-compat/ clean up. Considate headers, add in Id on our
Ben Lindstrom	515d0f9	2003-08-29 16:59:52 +0000	[diff] [blame]	38	files, and added missing license to header.
				39
Damien Miller	30912f7	2003-08-26 10:48:14 +1000	[diff] [blame]	40	20030826
				41	- (djm) Bug #629: Mark ssh_config option "pamauthenticationviakbdint"
				42	as deprecated. Remove mention from README.privsep. Patch from
				43	aet AT cc.hut.fi
Darren Tucker	0efd155	2003-08-26 11:49:55 +1000	[diff] [blame]	44	- (dtucker) OpenBSD CVS Sync
				45	- markus@cvs.openbsd.org 2003/08/22 10:56:09
				46	[auth2.c auth2-gss.c auth.h compat.c compat.h gss-genr.c gss-serv-krb5.c
				47	gss-serv.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h readconf.c
				48	readconf.h servconf.c servconf.h session.c session.h ssh-gss.h
				49	ssh_config.5 sshconnect2.c sshd_config sshd_config.5]
				50	support GSS API user authentication; patches from Simon Wilkinson,
				51	stripped down and tested by Jakob and myself.
Darren Tucker	be1a901	2003-08-26 12:04:31 +1000	[diff] [blame]	52	- markus@cvs.openbsd.org 2003/08/22 13:20:03
				53	[sshconnect2.c]
				54	remove support for "kerberos-2@ssh.com"
Darren Tucker	1e66a39	2003-08-26 12:08:15 +1000	[diff] [blame]	55	- markus@cvs.openbsd.org 2003/08/22 13:22:27
				56	[auth2.c] (auth2-krb5.c removed)
				57	nuke "kerberos-2@ssh.com"
Darren Tucker	6b191a2	2003-08-26 12:09:53 +1000	[diff] [blame]	58	- markus@cvs.openbsd.org 2003/08/22 20:55:06
				59	[LICENCE]
				60	add Simon Wilkinson
Darren Tucker	600ad8d	2003-08-26 12:10:48 +1000	[diff] [blame]	61	- deraadt@cvs.openbsd.org 2003/08/24 17:36:52
				62	[monitor.c monitor_wrap.c sshconnect2.c]
				63	64 bit cleanups; markus ok
Darren Tucker	7858726	2003-08-26 12:12:56 +1000	[diff] [blame]	64	- fgsch@cvs.openbsd.org 2003/08/25 08:13:09
				65	[sftp-int.c]
				66	fix div by zero when listing for filename lengths longer than width.
				67	markus@ ok.
Darren Tucker	08bbb2f	2003-08-26 12:14:05 +1000	[diff] [blame]	68	- djm@cvs.openbsd.org 2003/08/25 10:33:33
				69	[sshconnect2.c]
				70	fprintf->logit to silence login banner with "ssh -q"; ok markus@
Darren Tucker	49aaf4a	2003-08-26 11:58:16 +1000	[diff] [blame]	71	- (dtucker) [Makefile.in acconfig.h auth-krb5.c auth-pam.c auth-pam.h
				72	configure.ac defines.h gss-serv-krb5.c session.c ssh-gss.h sshconnect1.c
				73	sshconnect2.c] Add Portable GSSAPI support, patch by Simon Wilkinson.
Darren Tucker	6ad5043	2003-08-26 12:22:04 +1000	[diff] [blame]	74	- (dtucker) [Makefile.in] Remove auth2-krb5.
Darren Tucker	2fae867	2003-08-26 13:43:12 +1000	[diff] [blame]	75	- (dtucker) [contrib/aix/inventory.sh] Add public domain notice. ok mouring@
				76	(the original author)
Darren Tucker	43a0dc6	2003-08-26 14:22:12 +1000	[diff] [blame]	77	- (dtucker) [auth.c] Do not check for locked accounts when PAM is enabled.
Damien Miller	30912f7	2003-08-26 10:48:14 +1000	[diff] [blame]	78
Damien Miller	331b6af	2003-08-25 10:58:26 +1000	[diff] [blame]	79	20030825
				80	- (djm) Bug #621: Select OpenSC keys by usage attributes. Patch from
				81	larsch@trustcenter.de
Ben Lindstrom	af4a6c3	2003-08-25 01:10:51 +0000	[diff] [blame]	82	- (bal) openbsd-compat/ OpenBSD updates. Mostly licensing, ansifications
Ben Lindstrom	5ade9ab	2003-08-25 01:16:21 +0000	[diff] [blame]	83	and minor fixes. OK djm@
				84	- (bal) redo how we handle 'mysignal()'. Move it to
				85	openbsd-compat/bsd-misc.c, s/mysignal/signal/ and #define signal to
				86	be our 'mysignal' by default. OK djm@
Darren Tucker	e41bba5	2003-08-25 11:51:19 +1000	[diff] [blame]	87	- (dtucker) [acconfig.h auth.c configure.ac sshd.8] Bug #422 again: deny
				88	any access to locked accounts. ok djm@
Damien Miller	1f499fd	2003-08-25 13:08:49 +1000	[diff] [blame]	89	- (djm) Bug #564: Perform PAM account checks for all authentications when
				90	UsePAM=yes; ok dtucker
Darren Tucker	3c8e1e1	2003-08-25 13:27:40 +1000	[diff] [blame]	91	- (dtucker) [configure.ac] Bug #533, #551: define BROKEN_GETADDRINFO on
				92	Tru64, solves getnameinfo and "bad addr or host" errors. ok djm@
Darren Tucker	36ca53a	2003-08-25 15:01:04 +1000	[diff] [blame]	93	- (dtucker) [README buildbff.sh inventory.sh] (all in contrib/aix)
				94	Update package builder: correctly handle config variables, use lsuser
				95	rather than /etc/passwd, fix typos, add Id's.
Damien Miller	331b6af	2003-08-25 10:58:26 +1000	[diff] [blame]	96
Damien Miller	59d3d5b	2003-08-22 09:34:41 +1000	[diff] [blame]	97	20030822
				98	- (djm) s/get_progname/ssh_get_progname/g to avoid conflict with Heimdal
				99	-lbroken; ok dtucker
Darren Tucker	49d3256	2003-08-22 18:43:48 +1000	[diff] [blame]	100	- (dtucker) [contrib/cygwin/ssh-user-config] Put keys in authorized_keys
				101	rather that authorized_keys2. Patch from vinschen@redhat.com.
Damien Miller	59d3d5b	2003-08-22 09:34:41 +1000	[diff] [blame]	102
Darren Tucker	f4220e6	2003-08-21 16:44:07 +1000	[diff] [blame]	103	20030821
				104	- (dtucker) OpenBSD CVS Sync
				105	- markus@cvs.openbsd.org 2003/08/14 16:08:58
				106	[ssh-keygen.c]
				107	exit after primetest, ok djm@
Darren Tucker	8e3653d	2003-08-21 16:49:41 +1000	[diff] [blame]	108	- (dtucker) [defines.h] Put CMSG_DATA, CMSG_FIRSTHDR with other CMSG* macros,
				109	change CMSG_DATA to use __CMSG_ALIGN (and thus work properly), reformat for
				110	consistency.
Darren Tucker	70a3d55	2003-08-21 17:58:29 +1000	[diff] [blame]	111	- (dtucker) [configure.ac] Move openpty/ctty test outside of case statement
				112	and after normal openpty test.
Darren Tucker	f4220e6	2003-08-21 16:44:07 +1000	[diff] [blame]	113
Darren Tucker	d85efee	2003-08-13 20:28:14 +1000	[diff] [blame]	114	20030813
				115	- (dtucker) [session.c] Remove #ifdef TIOCSBRK kludge.
Darren Tucker	3bdbd84	2003-08-13 20:31:05 +1000	[diff] [blame]	116	- (dtucker) OpenBSD CVS Sync
				117	- markus@cvs.openbsd.org 2003/08/13 08:33:02
				118	[session.c]
				119	use more portable tcsendbreak(3) and ignore break_length;
				120	ok deraadt, millert
Darren Tucker	ec960f2	2003-08-13 20:37:05 +1000	[diff] [blame]	121	- markus@cvs.openbsd.org 2003/08/13 08:46:31
				122	[auth1.c readconf.c readconf.h servconf.c servconf.h ssh.c ssh_config
				123	ssh_config.5 sshconnect1.c sshd.8 sshd.c sshd_config sshd_config.5]
				124	remove RhostsAuthentication; suggested by djm@ before; ok djm@, deraadt@,
				125	fgsch@, miod@, henning@, jakob@ and others
Darren Tucker	1c52ee3	2003-08-13 20:38:36 +1000	[diff] [blame]	126	- markus@cvs.openbsd.org 2003/08/13 09:07:10
				127	[readconf.c ssh.c]
				128	socks4->socks, since with support both 4 and 5; dtucker@zip.com.au
Darren Tucker	f38ea77	2003-08-13 20:48:07 +1000	[diff] [blame]	129	- (dtucker) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
				130	Add a tcsendbreak function for platforms that don't have one, based on the
				131	one from OpenBSD.
Darren Tucker	d85efee	2003-08-13 20:28:14 +1000	[diff] [blame]	132
Darren Tucker	ec0943a	2003-08-11 22:55:36 +1000	[diff] [blame]	133	20030811
				134	- (dtucker) OpenBSD CVS Sync
				135	(thanks to Simon Wilkinson for help with this -dt)
				136	- markus@cvs.openbsd.org 2003/07/16 15:02:06
				137	[auth-krb5.c]
				138	mcc -> fcc; from Love Hörnquist Åstrand <lha@it.su.se>
				139	otherwise the kerberos credentinal is stored in a memory cache
				140	in the privileged sshd. ok jabob@, hin@ (some time ago)
Darren Tucker	bc8c8f3	2003-08-11 23:00:33 +1000	[diff] [blame]	141	- (dtucker) [openbsd-compat/xcrypt.c] Remove Cygwin #ifdef block (duplicate
				142	in bsd-cygwin_util.h).
Darren Tucker	ec0943a	2003-08-11 22:55:36 +1000	[diff] [blame]	143
Darren Tucker	65914f1	2003-08-08 12:15:11 +1000	[diff] [blame]	144	20030808
				145	- (dtucker) [openbsd-compat/fake-rfc2553.h] Older Linuxes have AI_PASSIVE and
				146	AI_CANONNAME in netdb.h but not AI_NUMERICHOST, so check each definition
				147	separately before defining them.
Darren Tucker	f38db7f	2003-08-08 13:43:37 +1000	[diff] [blame]	148	- (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@
Darren Tucker	65914f1	2003-08-08 12:15:11 +1000	[diff] [blame]	149
Darren Tucker	b9d3f41	2003-08-07 13:24:24 +1000	[diff] [blame]	150	20030807
				151	- (dtucker) [session.c] Have session_break_req not attempt to send a break
				152	if TIOCSBRK and TIOCCBRK are not defined (eg Cygwin).
Darren Tucker	89f4cf0	2003-08-07 13:29:04 +1000	[diff] [blame]	153	- (dtucker) [canohost.c] Bug #336: Only check ip options if IP_OPTIONS is
Darren Tucker	f315224	2003-08-07 15:58:28 +1000	[diff] [blame]	154	defined (fixes compile error on really old Linuxes).
				155	- (dtucker) [defines.h] Bug #336: Add CMSG_DATA and CMSG_FIRSTHDR macros if
				156	not already defined (eg Linux with some versions of libc5), based on those
				157	from OpenBSD.
Darren Tucker	854d7fd	2003-08-07 16:23:43 +1000	[diff] [blame]	158	- (dtucker) [openbsd-compat/bsd-cygwin_util.c openbsd-compat/bsd-cygwin_util.h]
				159	Remove incorrect filenames from comments (file names are in Id tags).
Darren Tucker	80649c5	2003-08-07 16:28:16 +1000	[diff] [blame]	160	- (dtucker) [session.c openbsd-compat/bsd-cygwin_util.h] Move Cygwin
				161	specific defines and includes to bsd-cygwin_util.h. Fixes build error too.
Darren Tucker	b9d3f41	2003-08-07 13:24:24 +1000	[diff] [blame]	162
Darren Tucker	4c29dd9	2003-08-02 20:37:03 +1000	[diff] [blame]	163	20030802
				164	- (dtucker) [monitor.h monitor_wrap.h] Remove excess ident tags.
Darren Tucker	6aaa58c	2003-08-02 22:24:49 +1000	[diff] [blame]	165	- (dtucker) OpenBSD CVS Sync
				166	- markus@cvs.openbsd.org 2003/07/22 13:35:22
				167	[auth1.c auth.h auth-passwd.c monitor.c monitor.h monitor_wrap.c
				168	monitor_wrap.h readconf.c readconf.h servconf.c servconf.h session.c ssh.1
				169	ssh.c ssh_config.5 sshconnect1.c sshd.c sshd_config.5 ssh.h]
				170	remove (already disabled) KRB4/AFS support, re-enable -k in ssh(1);
				171	test+ok henning@
				172	- (dtucker) [Makefile.in acconfig.h configure.ac] Remove KRB4/AFS support.
				173	- (dtucker) [auth-krb4.c radix.c radix.h] Remove KRB4/AFS specific files.
Darren Tucker	c20c60b	2003-08-02 22:31:45 +1000	[diff] [blame]	174	- (dtucker) OpenBSD CVS Sync
				175	- markus@cvs.openbsd.org 2003/07/23 07:42:43
				176	[sshd_config]
				177	remove AFS; itojun@
Darren Tucker	019cefe	2003-08-02 22:40:07 +1000	[diff] [blame]	178	- djm@cvs.openbsd.org 2003/07/28 09:49:56
				179	[ssh-keygen.1 ssh-keygen.c]
				180	Support for generating Diffie-Hellman groups (/etc/moduli) from ssh-keygen.
				181	Based on code from Phil Karn, William Allen Simpson and Niels Provos.
				182	ok markus@, thanks jmc@
Darren Tucker	06ef75b	2003-08-02 23:28:38 +1000	[diff] [blame]	183	- markus@cvs.openbsd.org 2003/07/29 18:24:00
				184	[LICENCE progressmeter.c]
				185	replace 4 clause BSD licensed progressmeter code with a replacement
				186	from Nils Nordman and myself; ok deraadt@
				187	(copied from OpenBSD an re-applied portable changes)
Darren Tucker	40311f2	2003-08-03 00:00:47 +1000	[diff] [blame]	188	- markus@cvs.openbsd.org 2003/07/29 18:26:46
				189	[progressmeter.c]
				190	fix length for "- stalled -" (included with previous import)
				191	- markus@cvs.openbsd.org 2003/07/30 07:44:14
				192	[progressmeter.c]
				193	use only 4 digits in format_size (included with previous import)
				194	- markus@cvs.openbsd.org 2003/07/30 07:53:27
				195	[progressmeter.c]
				196	whitespace (included with previous import)
Darren Tucker	4b60966	2003-08-03 00:05:01 +1000	[diff] [blame]	197	- markus@cvs.openbsd.org 2003/07/31 09:21:02
				198	[auth2-none.c]
				199	check whether passwd auth is allowd, similar to proto 1; rob@pitman.co.za
				200	ok henning
Darren Tucker	85f04c6	2003-08-03 00:05:58 +1000	[diff] [blame]	201	- avsm@cvs.openbsd.org 2003/07/31 15:50:16
				202	[atomicio.c]
				203	correct comment: atomicio takes vwrite, not write; deraadt@ ok
Darren Tucker	db732b1	2003-08-03 00:07:35 +1000	[diff] [blame]	204	- markus@cvs.openbsd.org 2003/07/31 22:34:03
				205	[progressmeter.c]
				206	print rate similar old version; round instead truncate;
				207	(included in previous progressmeter.c commit)
Darren Tucker	2e9c9cf	2003-08-02 23:31:42 +1000	[diff] [blame]	208	- (dtucker) [openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
				209	Add a tcgetpgrp function.
Darren Tucker	b2f9d41	2003-08-02 23:51:38 +1000	[diff] [blame]	210	- (dtucker) [Makefile.in moduli.c moduli.h] Add new files and to Makefile.
Darren Tucker	bdf571b	2003-08-03 00:36:16 +1000	[diff] [blame]	211	- (dtucker) [openbsd-compat/bsd-misc.c] Fix cut-and-paste bug in tcgetpgrp.
Darren Tucker	4c29dd9	2003-08-02 20:37:03 +1000	[diff] [blame]	212
Damien Miller	7f2d795	2003-07-30 14:53:11 +1000	[diff] [blame]	213	20030730
				214	- (djm) [auth-pam.c] Don't use crappy APIs like sprintf. Thanks bal
				215
Darren Tucker	fbba5a0	2003-07-26 19:38:30 +1000	[diff] [blame]	216	20030726
				217	- (dtucker) [openbsd-compat/xcrypt.c] Fix typo: DISABLED_SHADOW ->
				218	DISABLE_SHADOW. Fixes HP-UX compile error.
				219
Ben Lindstrom	0410e32	2003-07-24 06:52:13 +0000	[diff] [blame]	220	20030724
				221	- (bal) [auth-passwd.c openbsd-compat/Makefile.in openbsd-compat/xcrypt.c
				222	openbsd-compat/xcrypt.h] Split off encryption into xcrypt() interface,
				223	and isolate shadow password functions. Tested in Solaris, but should
				224	not break other platforms too badly (except maybe HP =). Also brings
				225	auth-passwd.c into full sync with OpenBSD tree.
				226
Darren Tucker	acb9849	2003-07-23 14:33:10 +1000	[diff] [blame]	227	20030723
				228	- (dtucker) [configure.ac] Back out change for bug #620.
				229
Darren Tucker	394b8c8	2003-07-19 19:49:45 +1000	[diff] [blame]	230	20030719
				231	- (dtucker) [configure.ac] Bug #620: Define BROKEN_GETADDRINFO for
				232	Solaris/x86. Patch from jrhett at isite.net.
Darren Tucker	fe0078a	2003-07-19 19:52:28 +1000	[diff] [blame]	233	- (dtucker) OpenBSD CVS Sync
				234	- markus@cvs.openbsd.org 2003/07/14 12:36:37
				235	[sshd.c]
				236	remove undocumented -V option. would be only useful if openssh is used
				237	as ssh v1 server for ssh.com's ssh v2.
Darren Tucker	e98dfa3	2003-07-19 19:54:31 +1000	[diff] [blame]	238	- markus@cvs.openbsd.org 2003/07/16 10:34:53
				239	[ssh.c sshd.c]
				240	don't exit on multiple -v or -d; ok deraadt@
Darren Tucker	538d180	2003-07-19 19:56:18 +1000	[diff] [blame]	241	- markus@cvs.openbsd.org 2003/07/16 10:36:28
				242	[sshtty.c]
				243	clear IUCLC in enter_raw_mode; from rob@pitman.co.za; ok deraadt@, fgs@
Darren Tucker	03a29ba	2003-07-19 20:07:45 +1000	[diff] [blame]	244	- deraadt@cvs.openbsd.org 2003/07/18 01:54:25
				245	[scp.c]
				246	userid is unsigned, but well, force it anyways; andrushock@korovino.net
Darren Tucker	554d5b5	2003-07-19 20:09:21 +1000	[diff] [blame]	247	- djm@cvs.openbsd.org 2003/07/19 00:45:53
				248	[sftp-int.c]
				249	fix sftp filename parsing for arguments with escaped quotes. bz #517;
				250	ok markus
Darren Tucker	cca1bdb	2003-07-19 20:11:54 +1000	[diff] [blame]	251	- djm@cvs.openbsd.org 2003/07/19 00:46:31
				252	[regress/sftp-cmds.sh]
				253	regress test for sftp arguments with escaped quotes; ok markus
Darren Tucker	394b8c8	2003-07-19 19:49:45 +1000	[diff] [blame]	254
Darren Tucker	5c6a91a	2003-07-14 16:21:44 +1000	[diff] [blame]	255	20030714
				256	- (dtucker) [acconfig.h configure.ac port-aix.c] Older AIXes don't declare
				257	loginfailed at all, so assume 3-arg loginfailed if not declared.
Darren Tucker	30317e3	2003-07-14 16:26:51 +1000	[diff] [blame]	258	- (dtucker) [port-aix.h] Work around name collision on AIX for r_type by
				259	undef'ing it.
Darren Tucker	fc3454e	2003-07-14 16:41:55 +1000	[diff] [blame]	260	- (dtucker) Bug #543: [configure.ac port-aix.c port-aix.h]
				261	Call setauthdb() before loginfailed(), which may load password registry-
Darren Tucker	394b8c8	2003-07-19 19:49:45 +1000	[diff] [blame]	262	specific functions. Based on patch by cawlfiel at us.ibm.com.
Darren Tucker	0abf13b	2003-07-14 16:43:42 +1000	[diff] [blame]	263	- (dtucker) [port-aix.h] Fix prototypes.
Darren Tucker	2958861	2003-07-14 17:28:34 +1000	[diff] [blame]	264	- (dtucker) OpenBSD CVS Sync
				265	- avsm@cvs.openbsd.org 2003/07/09 13:58:19
				266	[key.c]
				267	minor tweak: when generating the hex fingerprint, give strlcat the full
				268	bound to the buffer, and add a comment below explaining why the
				269	zero-termination is one less than the bound. markus@ ok
Darren Tucker	81a0b37	2003-07-14 17:31:06 +1000	[diff] [blame]	270	- markus@cvs.openbsd.org 2003/07/10 14:42:28
				271	[packet.c]
				272	the 2^(blocksize*2) rekeying limit is too expensive for 3DES,
				273	blowfish, etc, so enforce a 1GB limit for small blocksizes.
Darren Tucker	1a72115	2003-07-14 17:32:29 +1000	[diff] [blame]	274	- markus@cvs.openbsd.org 2003/07/10 20:05:55
				275	[sftp.c]
				276	sync usage with manpage, add missing -R
Darren Tucker	5c6a91a	2003-07-14 16:21:44 +1000	[diff] [blame]	277
Darren Tucker	a0c0b63	2003-07-08 20:52:12 +1000	[diff] [blame]	278	20030708
				279	- (dtucker) [acconfig.h auth-passwd.c configure.ac session.c port-aix.[ch]]
				280	Include AIX headers for authentication functions and make calls match
Darren Tucker	5c6a91a	2003-07-14 16:21:44 +1000	[diff] [blame]	281	prototypes. Test for and handle 3-arg and 4-arg variants of loginfailed.
Darren Tucker	b9aa0a0	2003-07-08 22:59:59 +1000	[diff] [blame]	282	- (dtucker) [session.c] Check return value of setpcred().
				283	- (dtucker) [auth-passwd.c auth.c session.c sshd.c port-aix.c port-aix.h]
				284	Convert aixloginmsg into platform-independant Buffer loginmsg.
Darren Tucker	a0c0b63	2003-07-08 20:52:12 +1000	[diff] [blame]	285
Darren Tucker	f1159b5	2003-07-07 19:44:01 +1000	[diff] [blame]	286	20030707
				287	- (dtucker) [configure.ac] Bug #600: Check that getrusage is declared before
				288	searching libraries for it. Fixes build errors on NCR MP-RAS.
				289
Darren Tucker	8661b56	2003-07-06 15:20:46 +1000	[diff] [blame]	290	20030706
				291	- (dtucker) [ssh-rand-helper.c loginrec.c]
				292	Apply atomicio typing change to these too.
				293
Darren Tucker	e532704	2003-07-03 13:40:44 +1000	[diff] [blame]	294	20030703
				295	- (dtucker) OpenBSD CVS Sync
				296	- djm@cvs.openbsd.org 2003/06/28 07:48:10
				297	[sshd.c]
				298	report pidfile creation errors, based on patch from Roumen Petrov;
				299	ok markus@
Darren Tucker	9f63f22	2003-07-03 13:46:56 +1000	[diff] [blame]	300	- deraadt@cvs.openbsd.org 2003/06/28 16:23:06
				301	[atomicio.c atomicio.h authfd.c clientloop.c monitor_wrap.c msg.c
				302	progressmeter.c scp.c sftp-client.c ssh-keyscan.c ssh.h sshconnect.c
				303	sshd.c]
				304	deal with typing of write vs read in atomicio
Darren Tucker	edeb1f7	2003-07-03 13:48:04 +1000	[diff] [blame]	305	- markus@cvs.openbsd.org 2003/06/29 12:44:38
				306	[sshconnect.c]
				307	memset 0, not \0; andrushock@korovino.net
Darren Tucker	9189ff8	2003-07-03 13:52:04 +1000	[diff] [blame]	308	- markus@cvs.openbsd.org 2003/07/02 12:56:34
				309	[channels.c]
				310	deny dynamic forwarding with -R for v1, too; ok djm@
Darren Tucker	46471c9	2003-07-03 13:55:19 +1000	[diff] [blame]	311	- markus@cvs.openbsd.org 2003/07/02 14:51:16
				312	[channels.c ssh.1 ssh_config.5]
				313	(re)add socks5 suppport to -D; ok djm@
				314	now ssh(1) can act both as a socks 4 and socks 5 server and
				315	dynamically forward ports.
Darren Tucker	3f521e2	2003-07-03 16:20:42 +1000	[diff] [blame]	316	- markus@cvs.openbsd.org 2003/07/02 20:37:48
				317	[ssh.c]
				318	convert hostkeyalias to lowercase, otherwise uppercase aliases will
				319	not match at all; ok henning@
Darren Tucker	7a24662	2003-07-03 20:26:04 +1000	[diff] [blame]	320	- markus@cvs.openbsd.org 2003/07/03 08:21:46
				321	[regress/dynamic-forward.sh]
				322	add socks5; speedup; reformat; based on patch from dtucker@zip.com.au
Darren Tucker	e2f2be7	2003-07-03 20:27:55 +1000	[diff] [blame]	323	- markus@cvs.openbsd.org 2003/07/03 08:24:13
				324	[regress/Makefile]
				325	enable tests for dynamic fwd via socks (-D), uses nc(1)
Darren Tucker	0a4f04b	2003-07-03 20:37:47 +1000	[diff] [blame]	326	- djm@cvs.openbsd.org 2003/07/03 08:09:06
				327	[readconf.c readconf.h ssh-keysign.c ssh.c]
				328	fix AddressFamily option in config file, from brent@graveland.net;
				329	ok markus@
Darren Tucker	e532704	2003-07-03 13:40:44 +1000	[diff] [blame]	330
Damien Miller	200d0a7	2003-06-30 19:21:36 +1000	[diff] [blame]	331	20030630
				332	- (djm) Search for support functions necessary to build our
				333	getrrsetbyname() replacement. Patch from Roumen Petrov
				334
Darren Tucker	cc9fd54	2003-06-29 21:23:37 +1000	[diff] [blame]	335	20030629
Darren Tucker	6eb9304	2003-06-29 21:30:41 +1000	[diff] [blame]	336	- (dtucker) [includes.h] Bug #602: move #include of netdb.h to after in.h
				337	(fixes compiler warnings on Solaris 2.5.1).
				338	- (dtucker) [configure.ac] Add sanity test after system-dependant compiler
				339	flag modifications.
Darren Tucker	cc9fd54	2003-06-29 21:23:37 +1000	[diff] [blame]	340
Darren Tucker	674f71d	2003-06-28 12:33:12 +1000	[diff] [blame]	341	20030628
Damien Miller	4a8e284	2003-06-28 18:02:47 +1000	[diff] [blame]	342	- (djm) Bug #591: use PKCS#15 private key label as a comment in case
				343	of OpenSC. Report and patch from larsch@trustcenter.de
Damien Miller	723569b	2003-06-28 18:08:16 +1000	[diff] [blame]	344	- (djm) Bug #593: Sanity check OpenSC card reader number; patch from
				345	aj@dungeon.inka.de
Darren Tucker	674f71d	2003-06-28 12:33:12 +1000	[diff] [blame]	346	- (dtucker) OpenBSD CVS Sync
				347	- markus@cvs.openbsd.org 2003/06/23 09:02:44
				348	[ssh_config.5]
				349	document EnableSSHKeysign; bugzilla #599; ok deraadt@, jmc@
Darren Tucker	502d384	2003-06-28 12:38:01 +1000	[diff] [blame]	350	- markus@cvs.openbsd.org 2003/06/24 08:23:46
				351	[auth2-hostbased.c auth2-pubkey.c auth2.c channels.c key.c key.h
				352	monitor.c packet.c packet.h serverloop.c sshconnect2.c sshd.c]
				353	int -> u_int; ok djm@, deraadt@, mouring@
Darren Tucker	a6612d4	2003-06-28 12:39:03 +1000	[diff] [blame]	354	- miod@cvs.openbsd.org 2003/06/25 22:39:36
				355	[sftp-server.c]
				356	Typo police: attribute is better written with an 'r'.
Darren Tucker	a99c1b7	2003-06-28 12:40:12 +1000	[diff] [blame]	357	- markus@cvs.openbsd.org 2003/06/26 20:08:33
				358	[readconf.c]
				359	do not dump core for 'ssh -o proxycommand host'; ok deraadt@
Darren Tucker	b611c12	2003-06-28 12:42:09 +1000	[diff] [blame]	360	- (dtucker) [regress/dynamic-forward.sh] Import new regression test.
Darren Tucker	a3020db	2003-06-28 12:54:33 +1000	[diff] [blame]	361	- (dtucker) [configure.ac] Bug #570: Have ./configure --enable-FEATURE
				362	actually enable the feature, for those normally disabled. Patch by
				363	openssh (at) roumenpetrov.info.
Darren Tucker	674f71d	2003-06-28 12:33:12 +1000	[diff] [blame]	364
Darren Tucker	a0472e0	2003-06-24 20:22:09 +1000	[diff] [blame]	365	20030624
				366	- (dtucker) Have configure refer the user to config.log and
				367	contrib/findssl.sh for OpenSSL header/library mismatches.
				368
Darren Tucker	e0194e5	2003-06-22 12:33:27 +1000	[diff] [blame]	369	20030622
Darren Tucker	a251f80	2003-06-22 20:45:15 +1000	[diff] [blame]	370	- (dtucker) OpenBSD CVS Sync
Darren Tucker	e0194e5	2003-06-22 12:33:27 +1000	[diff] [blame]	371	- markus@cvs.openbsd.org 2003/06/21 09:14:05
Darren Tucker	a251f80	2003-06-22 20:45:15 +1000	[diff] [blame]	372	[regress/reconfigure.sh]
Darren Tucker	e0194e5	2003-06-22 12:33:27 +1000	[diff] [blame]	373	missing $SUDO; from dtucker@zip.com.au
Darren Tucker	89b249b	2003-06-22 21:22:04 +1000	[diff] [blame]	374	- markus@cvs.openbsd.org 2003/06/18 11:28:11
Darren Tucker	a251f80	2003-06-22 20:45:15 +1000	[diff] [blame]	375	[ssh-rsa.c]
				376	backout last change, since it violates pkcs#1
				377	switch to share/misc/license.template
Darren Tucker	91cf261	2003-06-22 20:46:53 +1000	[diff] [blame]	378	- djm@cvs.openbsd.org 2003/06/20 05:47:58
				379	[sshd_config.5]
				380	sync description of protocol 2 cipher proposal; ok markus
Darren Tucker	b8dae8e	2003-06-22 20:48:45 +1000	[diff] [blame]	381	- djm@cvs.openbsd.org 2003/06/20 05:48:21
				382	[sshd_config]
				383	sync some implemented options; ok markus@
Darren Tucker	e0194e5	2003-06-22 12:33:27 +1000	[diff] [blame]	384	- (dtucker) [regress/authorized_keys_root] Remove temp data file from CVS.
Darren Tucker	6cf1a2c	2003-06-22 18:32:10 +1000	[diff] [blame]	385	- (dtucker) [openbsd-compat/setproctitle.c] Ensure SPT_TYPE is defined before
				386	testing its value.
Darren Tucker	e0194e5	2003-06-22 12:33:27 +1000	[diff] [blame]	387
Damien Miller	469954d	2003-06-18 20:25:33 +1000	[diff] [blame]	388	20030618
				389	- (djm) OpenBSD CVS Sync
				390	- markus@cvs.openbsd.org 2003/06/12 07:57:38
				391	[monitor.c sshlogin.c sshpty.c]
				392	typos; dtucker at zip.com.au
Damien Miller	116aabb	2003-06-18 20:26:13 +1000	[diff] [blame]	393	- djm@cvs.openbsd.org 2003/06/12 12:22:47
				394	[LICENCE]
				395	mention more copyright holders; ok markus@
Damien Miller	b2cdcb5	2003-06-18 20:26:34 +1000	[diff] [blame]	396	- nino@cvs.openbsd.org 2003/06/12 15:34:09
				397	[scp.c]
				398	Typo. Ok markus@.
Damien Miller	56a0bb0	2003-06-18 20:28:40 +1000	[diff] [blame]	399	- markus@cvs.openbsd.org 2003/06/12 19:12:03
				400	[scard.c scard.h ssh-agent.c ssh.c]
				401	add sc_get_key_label; larsch at trustcenter.de; bugzilla#591
Damien Miller	8c1d2e3	2003-06-18 20:29:01 +1000	[diff] [blame]	402	- markus@cvs.openbsd.org 2003/06/16 08:22:35
				403	[ssh-rsa.c]
				404	make sure the signature has at least the expected length (don't
				405	insist on len == hlen + oidlen, since this breaks some smartcards)
				406	bugzilla #592; ok djm@
Damien Miller	80163e1	2003-06-18 20:29:18 +1000	[diff] [blame]	407	- markus@cvs.openbsd.org 2003/06/16 10:22:45
				408	[ssh-add.c]
				409	print out key comment on each prompt; make ssh-askpass more useable; ok djm@
Damien Miller	0275b52	2003-06-18 20:29:35 +1000	[diff] [blame]	410	- markus@cvs.openbsd.org 2003/06/17 18:14:23
				411	[cipher-ctr.c]
				412	use license from /usr/share/misc/license.template for new code
Darren Tucker	fc8a7ea	2003-06-18 22:18:57 +1000	[diff] [blame]	413	- (dtucker) [reconfigure.sh rekey.sh sftp-badcmds.sh]
				414	Import new regression tests from OpenBSD
Darren Tucker	3a222ac	2003-06-18 22:21:33 +1000	[diff] [blame]	415	- (dtucker) [regress/copy.1 regress/copy.2] Remove temp data files from CVS.
Darren Tucker	d57a76e	2003-06-18 22:32:51 +1000	[diff] [blame]	416	- (dtucker) OpenBSD CVS Sync (regress/)
				417	- markus@cvs.openbsd.org 2003/04/02 12:21:13
				418	[Makefile]
				419	enable rekey test
Darren Tucker	a4040f5	2003-06-18 22:35:11 +1000	[diff] [blame]	420	- djm@cvs.openbsd.org 2003/04/04 09:34:22
				421	[Makefile sftp-cmds.sh]
				422	More regression tests, including recent directory rename bug; ok markus@
Darren Tucker	ee5f83d	2003-06-18 22:36:48 +1000	[diff] [blame]	423	- markus@cvs.openbsd.org 2003/05/14 22:08:27
				424	[ssh-com-client.sh ssh-com-keygen.sh ssh-com-sftp.sh ssh-com.sh]
				425	test against some new commerical versions
Darren Tucker	c43362c	2003-06-18 22:41:41 +1000	[diff] [blame]	426	- mouring@cvs.openbsd.org 2003/05/15 04:07:12
				427	[sftp-cmds.sh]
				428	Advanced put/get testing for sftp. OK @djm
Darren Tucker	7643760	2003-06-18 22:43:13 +1000	[diff] [blame]	429	- markus@cvs.openbsd.org 2003/06/12 15:40:01
				430	[try-ciphers.sh]
				431	add ctr
Darren Tucker	50cea67	2003-06-18 22:45:34 +1000	[diff] [blame]	432	- markus@cvs.openbsd.org 2003/06/12 15:43:32
				433	[Makefile]
				434	test -HUP; dtucker at zip.com.au
Damien Miller	469954d	2003-06-18 20:25:33 +1000	[diff] [blame]	435
Damien Miller	53950b6	2003-06-14 08:43:22 +1000	[diff] [blame]	436	20030614
				437	- (djm) Update license on fake-rfc2553.[ch]; ok itojun@
				438
Damien Miller	f1ce505	2003-06-11 22:04:39 +1000	[diff] [blame]	439	20030611
Damien Miller	141efa7	2003-06-11 22:50:56 +1000	[diff] [blame]	440	- (djm) Mention portable copyright holders in LICENSE
Damien Miller	af63951	2003-06-11 22:51:32 +1000	[diff] [blame]	441	- (djm) Put licenses on substantial header files
Damien Miller	4bfeb14	2003-06-11 22:08:36 +1000	[diff] [blame]	442	- (djm) Sync LICENSE against OpenBSD
Damien Miller	f1ce505	2003-06-11 22:04:39 +1000	[diff] [blame]	443	- (djm) OpenBSD CVS Sync
				444	- jmc@cvs.openbsd.org 2003/06/10 09:12:11
				445	[scp.1 sftp-server.8 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5]
				446	[sshd.8 sshd_config.5 ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
				447	- section reorder
				448	- COMPATIBILITY merge
				449	- macro cleanup
				450	- kill whitespace at EOL
				451	- new sentence, new line
				452	ssh pages ok markus@
Damien Miller	2b92d32	2003-06-11 22:05:06 +1000	[diff] [blame]	453	- deraadt@cvs.openbsd.org 2003/06/10 22:20:52
				454	[packet.c progressmeter.c]
				455	mostly ansi cleanup; pval ok
Damien Miller	7392ae6	2003-06-11 22:05:25 +1000	[diff] [blame]	456	- jakob@cvs.openbsd.org 2003/06/11 10:16:16
				457	[sshconnect.c]
				458	clean up check_host_key() and improve SSHFP feedback. ok markus@
Damien Miller	0e1b937	2003-06-11 22:05:45 +1000	[diff] [blame]	459	- jakob@cvs.openbsd.org 2003/06/11 10:18:47
				460	[dns.c]
				461	sync with check_host_key() change
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	462	- djm@cvs.openbsd.org 2003/06/11 11:18:38
				463	[authfd.c authfd.h ssh-add.c ssh-agent.c]
				464	make agent constraints (lifetime, confirm) work with smartcard keys;
				465	ok markus@
Damien Miller	f1ce505	2003-06-11 22:04:39 +1000	[diff] [blame]	466
				467
Damien Miller	c18c06e	2003-06-10 18:55:22 +1000	[diff] [blame]	468	20030609
				469	- (djm) Sync README.smartcard with OpenBSD -current
Damien Miller	78f2e5c	2003-06-10 21:09:09 +1000	[diff] [blame]	470	- (djm) Re-merge OpenSC info into README.smartcard
Damien Miller	c18c06e	2003-06-10 18:55:22 +1000	[diff] [blame]	471
Darren Tucker	400b878	2003-06-06 10:46:04 +1000	[diff] [blame]	472	20030606
				473	- (dtucker) [uidswap.c] Fix setreuid and add missing args to fatal(). ok djm@
				474
Damien Miller	10eac0c	2003-06-05 09:48:32 +1000	[diff] [blame]	475	20030605
				476	- (djm) Support AI_NUMERICHOST in fake-getaddrinfo.c. Needed for recent
				477	canohost.c changes.
Damien Miller	5fe46a4	2003-06-05 09:53:31 +1000	[diff] [blame]	478	- (djm) Implement paranoid priv dropping checks, based on:
				479	"SetUID demystified" - Hao Chen, David Wagner and Drew Dean
				480	Proceedings of USENIX Security Symposium 2002
Damien Miller	b95bb7f	2003-06-05 10:04:12 +1000	[diff] [blame]	481	- (djm) Don't use xmalloc() or pull in toplevel headers in fake-* code
Damien Miller	c28e38d	2003-06-05 18:52:47 +1000	[diff] [blame]	482	- (djm) Merge all the openbsd/fake-* into fake-rfc2553.[ch]
Damien Miller	f49078d	2003-06-05 18:53:42 +1000	[diff] [blame]	483	- (djm) Bug #588 - Add scard-opensc.o back to Makefile.in
				484	Patch from larsch@trustcenter.de
Damien Miller	76b5c8a	2003-06-05 19:19:35 +1000	[diff] [blame]	485	- (djm) Bug #589 - scard-opensc: load only keys with a private keys
				486	Patch from larsch@trustcenter.de
Darren Tucker	4aff13f	2003-06-05 19:37:30 +1000	[diff] [blame]	487	- (dtucker) Add includes.h to fake-rfc2553.c so it will build.
Darren Tucker	881753b	2003-06-05 22:20:11 +1000	[diff] [blame]	488	- (dtucker) Define EAI_NONAME in fake-rfc2553.h (used by fake-rfc2553.c).
Damien Miller	10eac0c	2003-06-05 09:48:32 +1000	[diff] [blame]	489
Damien Miller	9fc7c69	2003-06-04 22:50:54 +1000	[diff] [blame]	490	20030604
Damien Miller	865173e	2003-06-04 19:06:59 +1000	[diff] [blame]	491	- (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from
				492	simon@sxw.org.uk (Also matches a change in OpenBSD a while ago)
Damien Miller	485397c	2003-06-04 19:15:10 +1000	[diff] [blame]	493	- (djm) Bug #577 - wrong flag in scard-opensc.c sc_private_decrypt.
Damien Miller	2527f57	2003-06-04 19:22:06 +1000	[diff] [blame]	494	Patch from larsch@trustcenter.de; ok markus@
				495	- (djm) Bug #584: scard-opensc.c doesn't work without PIN. Patch from
				496	larsch@trustcenter.de; ok markus@
Damien Miller	941ac45	2003-06-04 20:31:53 +1000	[diff] [blame]	497	- (djm) OpenBSD CVS Sync
				498	- djm@cvs.openbsd.org 2003/06/04 08:25:18
				499	[sshconnect.c]
				500	disable challenge/response and keyboard-interactive auth methods
				501	upon hostkey mismatch. based on patch from fcusack AT fcusack.com.
				502	bz #580; ok markus@
Damien Miller	31b3a0a	2003-06-04 20:32:12 +1000	[diff] [blame]	503	- djm@cvs.openbsd.org 2003/06/04 10:23:48
				504	[sshd.c]
				505	remove duplicated group-dropping code; ok markus@
Damien Miller	9fc7c69	2003-06-04 22:50:54 +1000	[diff] [blame]	506	- djm@cvs.openbsd.org 2003/06/04 12:03:59
				507	[serverloop.c]
				508	remove bitrotten commet; ok markus@
Damien Miller	65d1f57	2003-06-04 22:51:08 +1000	[diff] [blame]	509	- djm@cvs.openbsd.org 2003/06/04 12:18:49
				510	[scp.c]
				511	ansify; ok markus@
Damien Miller	b69aaa8	2003-06-04 22:51:24 +1000	[diff] [blame]	512	- djm@cvs.openbsd.org 2003/06/04 12:40:39
				513	[scp.c]
				514	kill ssh process upon receipt of signal, bz #241.
				515	based on patch from esb AT hawaii.edu; ok markus@
Damien Miller	cc685c1	2003-06-04 22:51:38 +1000	[diff] [blame]	516	- djm@cvs.openbsd.org 2003/06/04 12:41:22
				517	[sftp.c]
				518	kill ssh process on receipt of signal; ok markus@
Damien Miller	4c32248	2003-06-04 22:12:17 +1000	[diff] [blame]	519	- (djm) Update to fix of bug #584: lock card before return.
				520	From larsch@trustcenter.de
Damien Miller	0cbb9de	2003-06-04 22:56:15 +1000	[diff] [blame]	521	- (djm) Always use mysignal() for SIGALRM
Damien Miller	865173e	2003-06-04 19:06:59 +1000	[diff] [blame]	522
				523	20030603
Damien Miller	3527625	2003-06-03 10:14:28 +1000	[diff] [blame]	524	- (djm) Replace setproctitle replacement with code derived from
				525	UCB sendmail
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	526	- (djm) OpenBSD CVS Sync
				527	- markus@cvs.openbsd.org 2003/06/02 09:17:34
				528	[auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
				529	[canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
				530	[sshd_config.5]
				531	deprecate VerifyReverseMapping since it's dangerous if combined
				532	with IP based access control as noted by Mike Harding; replace with
				533	a UseDNS option, UseDNS is on by default and includes the
				534	VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
				535	ok deraadt@, djm@
Damien Miller	dafb12e	2003-06-03 13:06:18 +1000	[diff] [blame]	536	- millert@cvs.openbsd.org 2003/06/03 02:56:16
				537	[scp.c]
				538	Remove the advertising clause in the UCB license which Berkeley
				539	rescinded 22 July 1999. Proofed by myself and Theo.
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	540	- (djm) Fix portable-specific uses of verify_reverse_mapping too
Damien Miller	329638e	2003-06-03 12:12:50 +1000	[diff] [blame]	541	- (djm) Sync openbsd-compat with OpenBSD CVS.
Damien Miller	d311c4e	2003-06-03 13:09:16 +1000	[diff] [blame]	542	- No more 4-term BSD licenses in linked code
Darren Tucker	eb28cbc	2003-06-03 12:45:27 +1000	[diff] [blame]	543	- (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping.
Damien Miller	3527625	2003-06-03 10:14:28 +1000	[diff] [blame]	544
Damien Miller	f3bff94	2003-06-02 12:13:40 +1000	[diff] [blame]	545	20030602
				546	- (djm) Fix segv from bad reordering in auth-pam.c
Damien Miller	f2e3e9d	2003-06-02 12:15:54 +1000	[diff] [blame]	547	- (djm) Always use saved_argv in sshd.c as compat_init_setproctitle may
				548	clobber
Tim Rice	237ca4a	2003-06-01 19:25:27 -0700	[diff] [blame]	549	- (tim) openbsd-compat/xmmap.[ch] License clarifications. Add missing
				550	CVS ID.
Damien Miller	dba5950	2003-06-02 17:43:19 +1000	[diff] [blame]	551	- (djm) Remove "noip6" option from RedHat spec file. This may now be
				552	set at runtime using AddressFamily option.
Damien Miller	dcc8312	2003-06-02 18:57:59 +1000	[diff] [blame]	553	- (djm) Fix use of macro before #define in cipher-aes.c
Damien Miller	f468442	2003-06-02 18:59:08 +1000	[diff] [blame]	554	- (djm) Sync license on openbsd-compat/bindresvport.c with OpenBSD CVS
Damien Miller	ab2db41	2003-06-02 19:09:13 +1000	[diff] [blame]	555	- (djm) OpenBSD CVS Sync
				556	- djm@cvs.openbsd.org 2003/05/26 12:54:40
				557	[sshconnect.c]
				558	fix format strings; ok markus@
Damien Miller	61d3680	2003-06-02 19:09:48 +1000	[diff] [blame]	559	- deraadt@cvs.openbsd.org 2003/05/29 16:58:45
				560	[sshd.c uidswap.c]
				561	seteuid and setegid; markus ok
Damien Miller	eacbb4f	2003-06-02 19:10:41 +1000	[diff] [blame]	562	- jakob@cvs.openbsd.org 2003/06/02 08:31:10
				563	[ssh_config.5]
				564	VerifyHostKeyDNS is v2 only. ok markus@
Damien Miller	f3bff94	2003-06-02 12:13:40 +1000	[diff] [blame]	565
Darren Tucker	3cb84e5	2003-05-30 16:58:22 +1000	[diff] [blame]	566	20030530
				567	- (dtucker) Add missing semicolon in md5crypt.c, patch from openssh at
				568	roumenpetrov.info
Darren Tucker	2972d6c	2003-05-30 17:43:42 +1000	[diff] [blame]	569	- (dtucker) Define SSHD_ACQUIRES_CTTY for NCR MP-RAS and Reliant Unix.
Darren Tucker	3cb84e5	2003-05-30 16:58:22 +1000	[diff] [blame]	570
Damien Miller	a6a7c19	2003-05-26 21:36:13 +1000	[diff] [blame]	571	20030526
				572	- (djm) Avoid auth2-chall.c warning when compiling without
				573	PAM, BSD_AUTH and SKEY
				574
Damien Miller	c11fe25	2003-05-25 14:38:02 +1000	[diff] [blame]	575	20030525
				576	- (djm) OpenBSD CVS Sync
				577	- djm@cvs.openbsd.org 2003/05/24 09:02:22
				578	[log.c]
				579	pass logged data through strnvis; ok markus
Damien Miller	04bd8b0	2003-05-25 14:38:33 +1000	[diff] [blame]	580	- djm@cvs.openbsd.org 2003/05/24 09:30:40
				581	[authfile.c monitor.c sftp-common.c sshpty.c]
				582	cast some types for printing; ok markus@
Damien Miller	c11fe25	2003-05-25 14:38:02 +1000	[diff] [blame]	583
Darren Tucker	6014578	2003-05-24 11:41:16 +1000	[diff] [blame]	584	20030524
				585	- (dtucker) Correct --osfsia in INSTALL. Patch by skeleten at shillest.net
				586
Damien Miller	d419bda	2003-05-23 18:43:40 +1000	[diff] [blame]	587	20030523
				588	- (djm) Use VIS_SAFE on logged strings rather than default strnvis
				589	encoding (which encodes many more characters)
Damien Miller	5067792	2003-05-23 18:44:04 +1000	[diff] [blame]	590	- OpenBSD CVS Sync
				591	- jmc@cvs.openbsd.org 2003/05/20 12:03:35
				592	[sftp.1]
				593	- new sentence, new line
				594	- added .Xr's
				595	- typos
				596	ok djm@
Damien Miller	fbf486b	2003-05-23 18:44:23 +1000	[diff] [blame]	597	- jmc@cvs.openbsd.org 2003/05/20 12:09:31
				598	[ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
				599	new sentence, new line
Damien Miller	08293fa	2003-05-23 18:44:41 +1000	[diff] [blame]	600	- djm@cvs.openbsd.org 2003/05/23 08:29:30
				601	[sshconnect.c]
				602	fix leak; ok markus@
Damien Miller	d419bda	2003-05-23 18:43:40 +1000	[diff] [blame]	603
Damien Miller	74a3442	2003-05-20 09:24:17 +1000	[diff] [blame]	604	20030520
				605	- (djm) OpenBSD CVS Sync
				606	- deraadt@cvs.openbsd.org 2003/05/18 23:22:01
				607	[log.c]
				608	use syslog_r() in a signal handler called place; markus ok
Damien Miller	1340ec2	2003-05-20 09:24:42 +1000	[diff] [blame]	609	- (djm) Configure logic to detect syslog_r and friends
Damien Miller	74a3442	2003-05-20 09:24:17 +1000	[diff] [blame]	610
Damien Miller	eb0e969	2003-05-19 11:28:44 +1000	[diff] [blame]	611	20030519
				612	- (djm) Sync auth-pam.h with what we actually implement
				613
				614	20030518
Damien Miller	25d9342	2003-05-18 20:45:47 +1000	[diff] [blame]	615	- (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in
				616	recent merge
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	617	- (djm) OpenBSD CVS Sync
				618	- djm@cvs.openbsd.org 2003/05/16 03:27:12
				619	[readconf.c ssh_config ssh_config.5 ssh-keysign.c]
				620	add AddressFamily option to ssh_config (like -4, -6 on commandline).
				621	Portable bug #534; ok markus@
Damien Miller	a982578	2003-05-18 20:53:10 +1000	[diff] [blame]	622	- itojun@cvs.openbsd.org 2003/05/17 03:25:58
				623	[auth-rhosts.c]
				624	just in case, put numbers to sscanf %s arg.
Damien Miller	f5399c2	2003-05-18 20:53:59 +1000	[diff] [blame]	625	- markus@cvs.openbsd.org 2003/05/17 04:27:52
				626	[cipher.c cipher-ctr.c myproposal.h]
				627	experimental support for aes-ctr modes from
				628	http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt
				629	ok djm@
Damien Miller	7e1bbc5	2003-05-18 20:52:40 +1000	[diff] [blame]	630	- (djm) Remove IPv4 by default hack now that we can specify AF in config
Damien Miller	0b8e900	2003-05-18 21:44:07 +1000	[diff] [blame]	631	- (djm) Tidy and trim TODO
Damien Miller	e323df6	2003-05-18 22:24:09 +1000	[diff] [blame]	632	- (djm) Sync openbsd-compat/ with OpenBSD CVS head
Damien Miller	3174125	2003-05-19 00:13:38 +1000	[diff] [blame]	633	- (djm) Big KNF on openbsd-compat/
Damien Miller	5b5ca19	2003-05-19 00:50:02 +1000	[diff] [blame]	634	- (djm) KNF on md5crypt.[ch]
				635	- (djm) KNF on auth-sia.[ch]
Damien Miller	25d9342	2003-05-18 20:45:47 +1000	[diff] [blame]	636
				637	20030517
Ben Lindstrom	4c9e9ab	2003-05-18 01:22:43 +0000	[diff] [blame]	638	- (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD)
				639
Damien Miller	6e80c36	2003-05-16 11:38:00 +1000	[diff] [blame]	640	20030516
				641	- (djm) OpenBSD CVS Sync
				642	- djm@cvs.openbsd.org 2003/05/15 13:52:10
				643	[ssh.c]
				644	Make "ssh -V" print the OpenSSL version in a human readable form. Patch
				645	from Craig Leres (mindrot at ee.lbl.gov); ok markus@
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	646	- jakob@cvs.openbsd.org 2003/05/15 14:02:47
				647	[readconf.c servconf.c]
				648	warn for unsupported config option. ok markus@
Damien Miller	99b4b88	2003-05-16 11:38:46 +1000	[diff] [blame]	649	- markus@cvs.openbsd.org 2003/05/15 14:09:21
				650	[auth2-krb5.c]
				651	fix 64bit issue; report itojun@
Damien Miller	b78d5eb	2003-05-16 11:39:04 +1000	[diff] [blame]	652	- djm@cvs.openbsd.org 2003/05/15 14:55:25
				653	[readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c]
				654	add a ConnectTimeout option to ssh, based on patch from
				655	Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
Damien Miller	6ac2c48	2003-05-16 11:42:35 +1000	[diff] [blame]	656	- (djm) Add warning for UsePAM when built without PAM support
Damien Miller	c46b6bc	2003-05-16 15:51:44 +1000	[diff] [blame]	657	- (djm) A few type mismatch fixes from Bug #565
Damien Miller	e27c6cc	2003-05-16 18:21:01 +1000	[diff] [blame]	658	- (djm) Guard free_pam_environment against NULL argument. Works around
				659	HP/UX PAM problems debugged by dtucker
Damien Miller	6e80c36	2003-05-16 11:38:00 +1000	[diff] [blame]	660
Damien Miller	abbae98	2003-05-15 10:16:21 +1000	[diff] [blame]	661	20030515
				662	- (djm) OpenBSD CVS Sync
				663	- jmc@cvs.openbsd.org 2003/05/14 13:11:56
				664	[ssh-agent.1]
				665	setup -> set up;
				666	from wiz@netbsd
Damien Miller	37876e9	2003-05-15 10:19:46 +1000	[diff] [blame]	667	- jakob@cvs.openbsd.org 2003/05/14 18:16:20
				668	[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
				669	[dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
				670	add experimental support for verifying hos keys using DNS as described
				671	in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
				672	ok markus@ and henning@
Damien Miller	54c4598	2003-05-15 10:20:13 +1000	[diff] [blame]	673	- markus@cvs.openbsd.org 2003/05/14 22:24:42
				674	[clientloop.c session.c ssh.1]
				675	allow to send a BREAK to the remote system; ok various
Damien Miller	f842fcb	2003-05-15 12:01:28 +1000	[diff] [blame]	676	- markus@cvs.openbsd.org 2003/05/15 00:28:28
				677	[sshconnect2.c]
				678	cleanup unregister of per-method packet handlers; ok djm@
Damien Miller	2aa0ab4	2003-05-15 12:05:28 +1000	[diff] [blame]	679	- jakob@cvs.openbsd.org 2003/05/15 01:48:10
				680	[readconf.c readconf.h servconf.c servconf.h]
				681	always parse kerberos options. ok djm@ markus@
Damien Miller	b062265	2003-05-15 13:27:28 +1000	[diff] [blame]	682	- jakob@cvs.openbsd.org 2003/05/15 02:27:15
				683	[dns.c]
				684	add missing freerrset
Damien Miller	3a3261f	2003-05-15 13:37:19 +1000	[diff] [blame]	685	- markus@cvs.openbsd.org 2003/05/15 03:08:29
				686	[cipher.c cipher-bf1.c cipher-aes.c cipher-3des1.c]
				687	split out custom EVP ciphers
Damien Miller	ed12a26	2003-05-15 13:37:43 +1000	[diff] [blame]	688	- djm@cvs.openbsd.org 2003/05/15 03:10:52
				689	[ssh-keygen.c]
				690	avoid warning; ok jakob@
Damien Miller	4962ed6	2003-05-15 13:48:59 +1000	[diff] [blame]	691	- mouring@cvs.openbsd.org 2003/05/15 03:39:07
				692	[sftp-int.c]
				693	Make put/get (globed and nonglobed) code more consistant. OK djm@
Damien Miller	19c8f2b	2003-05-15 13:49:21 +1000	[diff] [blame]	694	- mouring@cvs.openbsd.org 2003/05/15 03:43:59
Damien Miller	34bb567	2003-05-15 13:49:58 +1000	[diff] [blame]	695	[sftp-int.c sftp.c]
Damien Miller	19c8f2b	2003-05-15 13:49:21 +1000	[diff] [blame]	696	Teach ls how to display multiple column display and allow users
				697	to return to single column format via 'ls -1'. OK @djm
Damien Miller	156cbe8	2003-05-15 14:16:41 +1000	[diff] [blame]	698	- jakob@cvs.openbsd.org 2003/05/15 04:08:44
				699	[readconf.c servconf.c]
				700	disable kerberos when not supported. ok markus@
Damien Miller	46a7b40	2003-05-15 14:17:28 +1000	[diff] [blame]	701	- markus@cvs.openbsd.org 2003/05/15 04:08:41
				702	[ssh.1]
				703	~B is ssh2 only
Damien Miller	2aa0ab4	2003-05-15 12:05:28 +1000	[diff] [blame]	704	- (djm) Always parse UsePAM
Damien Miller	7abe09b	2003-05-15 10:53:49 +1000	[diff] [blame]	705	- (djm) Configure glue for DNS support (code doesn't work in portable yet)
Damien Miller	d9ec370	2003-05-15 12:27:08 +1000	[diff] [blame]	706	- (djm) Import getrrsetbyname() function from OpenBSD libc (for DNS support)
Damien Miller	a47f526	2003-05-15 13:23:07 +1000	[diff] [blame]	707	- (djm) Tidy Makefile clean targets
Damien Miller	5975cf1	2003-05-15 13:23:36 +1000	[diff] [blame]	708	- (djm) Adapt README.dns for portable
Damien Miller	ffda4cb	2003-05-15 13:57:51 +1000	[diff] [blame]	709	- (djm) Avoid uuencode.c warnings
Damien Miller	156cbe8	2003-05-15 14:16:41 +1000	[diff] [blame]	710	- (djm) Enable UsePAM when built --with-pam
Damien Miller	b10f1cd	2003-05-15 20:55:27 +1000	[diff] [blame]	711	- (djm) Only build getrrsetbyname replacement when using --with-dns
Damien Miller	04cb536	2003-05-15 21:29:10 +1000	[diff] [blame]	712	- (djm) Bug #529: sshd doesn't work correctly after SIGHUP (copy argv
				713	correctly)
Damien Miller	eff041d	2003-05-15 21:33:46 +1000	[diff] [blame]	714	- (djm) Bug #444: Wrong paths after reconfigure
Darren Tucker	5d0ccf3	2003-05-15 21:42:59 +1000	[diff] [blame]	715	- (dtucker) HP-UX needs to include <sys/strtio.h> for TIOCSBRK
Damien Miller	04cb536	2003-05-15 21:29:10 +1000	[diff] [blame]	716
Damien Miller	1a27a1e	2003-05-14 10:27:09 +1000	[diff] [blame]	717	20030514
				718	- (djm) Bug #117: Don't lie to PAM about username
Damien Miller	d558092	2003-05-14 13:40:06 +1000	[diff] [blame]	719	- (djm) RCSID sync w/ OpenBSD
Damien Miller	c652cac	2003-05-14 13:40:54 +1000	[diff] [blame]	720	- (djm) OpenBSD CVS Sync
				721	- djm@cvs.openbsd.org 2003/04/09 12:00:37
				722	[readconf.c]
				723	strip trailing whitespace from config lines before parsing.
				724	Fixes bz 528; ok markus@
Damien Miller	a201bb3	2003-05-14 13:41:23 +1000	[diff] [blame]	725	- markus@cvs.openbsd.org 2003/04/12 10:13:57
				726	[cipher.c]
				727	hide cipher details; ok djm@
Damien Miller	ef095ce	2003-05-14 13:41:39 +1000	[diff] [blame]	728	- markus@cvs.openbsd.org 2003/04/12 10:15:36
				729	[misc.c]
				730	debug->debug2
Damien Miller	44e72a7	2003-05-14 13:42:08 +1000	[diff] [blame]	731	- naddy@cvs.openbsd.org 2003/04/12 11:40:15
				732	[ssh.1]
				733	document -V switch, fix wording; ok markus@
Damien Miller	2372ace	2003-05-14 13:42:23 +1000	[diff] [blame]	734	- markus@cvs.openbsd.org 2003/04/14 14:17:50
				735	[channels.c sshconnect.c sshd.c ssh-keyscan.c]
				736	avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
Damien Miller	8ce778a	2003-05-14 13:43:25 +1000	[diff] [blame]	737	- mouring@cvs.openbsd.org 2003/04/14 21:31:27
				738	[sftp-int.c]
				739	Missing globfree(&g) in process_put() spotted by Vince Brimhall
				740	<VBrimhall@novell.com>. ok@ Theo
				741	- markus@cvs.openbsd.org 2003/04/16 14:35:27
				742	[auth.h]
				743	document struct Authctxt; with solar
Damien Miller	ea5ade2	2003-05-14 13:43:53 +1000	[diff] [blame]	744	- deraadt@cvs.openbsd.org 2003/04/26 04:29:49
				745	[ssh-keyscan.c]
				746	-t in usage(); rogier@quaak.org
Damien Miller	049245d	2003-05-14 13:44:42 +1000	[diff] [blame]	747	- mouring@cvs.openbsd.org 2003/04/30 01:16:20
				748	[sshd.8 sshd_config.5]
				749	Escape ?, * and ! in .Ql for nroff compatibility. OpenSSH Portable
				750	Bug #550 and * escaping suggested by jmc@.
Damien Miller	3155432	2003-05-14 13:44:58 +1000	[diff] [blame]	751	- david@cvs.openbsd.org 2003/04/30 20:41:07
				752	[sshd.8]
				753	fix invalid .Pf macro usage introduced in previous commit
				754	ok jmc@ mouring@
Damien Miller	db27472	2003-05-14 13:45:22 +1000	[diff] [blame]	755	- markus@cvs.openbsd.org 2003/05/11 16:56:48
				756	[authfile.c ssh-keygen.c]
				757	change key_load_public to try to read a public from:
				758	rsa1 private or rsa1 public and ssh2 keys.
				759	this makes ssh-keygen -e fail for ssh1 keys more gracefully
				760	for example; report from itojun (netbsd pr 20550).
Damien Miller	b1ca8bb	2003-05-14 13:45:42 +1000	[diff] [blame]	761	- markus@cvs.openbsd.org 2003/05/11 20:30:25
				762	[channels.c clientloop.c serverloop.c session.c ssh.c]
				763	make channel_new() strdup the 'remote_name' (not the caller); ok theo
Damien Miller	280ecfb	2003-05-14 13:46:00 +1000	[diff] [blame]	764	- markus@cvs.openbsd.org 2003/05/12 16:55:37
				765	[sshconnect2.c]
				766	for pubkey authentication try the user keys in the following order:
				767	1. agent keys that are found in the config file
				768	2. other agent keys
				769	3. keys that are only listed in the config file
				770	this helps when an agent has many keys, where the server might
				771	close the connection before the correct key is used. report & ok pb@
Damien Miller	9350635	2003-05-14 13:46:33 +1000	[diff] [blame]	772	- markus@cvs.openbsd.org 2003/05/12 18:35:18
				773	[ssh-keyscan.1]
				774	typo: DSA keys are of type ssh-dss; Brian Poole
Damien Miller	fb7508e	2003-05-14 13:47:07 +1000	[diff] [blame]	775	- markus@cvs.openbsd.org 2003/05/14 00:52:59
				776	[ssh2.h]
				777	ranges for per auth method messages
				778	- djm@cvs.openbsd.org 2003/05/14 01:00:44
				779	[sftp.1]
				780	emphasise the batchmode functionality and make reference to pubkey auth,
				781	both of which are FAQs; ok markus@
Damien Miller	3ab496b	2003-05-14 13:47:37 +1000	[diff] [blame]	782	- markus@cvs.openbsd.org 2003/05/14 02:15:47
				783	[auth2.c monitor.c sshconnect2.c auth2-krb5.c]
				784	implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
				785	server interops with commercial client; ok jakob@ djm@
Damien Miller	d6ead28	2003-05-14 19:30:38 +1000	[diff] [blame]	786	- jmc@cvs.openbsd.org 2003/05/14 08:25:39
				787	[sftp.1]
				788	- better formatting in SYNOPSIS
				789	- whitespace at EOL
				790	ok djm@
Damien Miller	be64d43	2003-05-14 19:31:12 +1000	[diff] [blame]	791	- markus@cvs.openbsd.org 2003/05/14 08:57:49
				792	[monitor.c]
				793	http://bugzilla.mindrot.org/show_bug.cgi?id=560
				794	Privsep child continues to run after monitor killed.
				795	Pass monitor signals through to child; Darren Tucker
Damien Miller	9c61769	2003-05-14 14:31:11 +1000	[diff] [blame]	796	- (djm) Make portable build with MIT krb5 (some issues remain)
Damien Miller	4e448a3	2003-05-14 15:11:48 +1000	[diff] [blame]	797	- (djm) Add new UsePAM configuration directive to allow runtime control
				798	over usage of PAM. This allows non-root use of sshd when built with
				799	--with-pam
Damien Miller	9d507da	2003-05-14 15:31:12 +1000	[diff] [blame]	800	- (djm) Die screaming if start_pam() is called when UsePAM=no
Damien Miller	4d99519	2003-05-14 19:23:56 +1000	[diff] [blame]	801	- (djm) Avoid KrbV leak for MIT Kerberos
Darren Tucker	abef562	2003-05-14 21:48:51 +1000	[diff] [blame]	802	- (dtucker) Set ai_socktype and ai_protocol in fake-getaddrinfo.c. ok djm@
Damien Miller	1ea7166	2003-05-14 22:33:58 +1000	[diff] [blame]	803	- (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability
Damien Miller	1a27a1e	2003-05-14 10:27:09 +1000	[diff] [blame]	804
Damien Miller	75d3b05	2003-05-12 18:15:49 +1000	[diff] [blame]	805	20030512
				806	- (djm) Redhat spec: Don't install profile.d scripts when not
				807	building with GNOME/GTK askpass (patch from bet@rahul.net)
				808
Darren Tucker	e883109	2003-05-10 16:48:23 +1000	[diff] [blame]	809	20030510
				810	- (dtucker) Bug #318: Create ssh_prng_cmds.out during "make" rather than
				811	"make install". Patch by roth@feep.net.
Darren Tucker	c437cda	2003-05-10 17:05:46 +1000	[diff] [blame]	812	- (dtucker) Bug #536: Test for and work around openpty/controlling tty
				813	problem on Linux (fixes "could not set controlling tty" errors).
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	814	- (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with
				815	proper challenge-response module
Damien Miller	0d8b792	2003-05-10 23:42:12 +1000	[diff] [blame]	816	- (djm) 2-clause license on loginrec.c, with permission from
				817	andre@ae-35.com
Darren Tucker	e883109	2003-05-10 16:48:23 +1000	[diff] [blame]	818
Darren Tucker	70a08cd	2003-05-04 10:41:20 +1000	[diff] [blame]	819	20030504
Darren Tucker	ac27928	2003-05-04 11:36:25 +1000	[diff] [blame]	820	- (dtucker) Bug #497: Move #include of bsd-cygwin_util.h to openbsd-compat.h.
				821	Patch from vinschen@redhat.com.
Darren Tucker	70a08cd	2003-05-04 10:41:20 +1000	[diff] [blame]	822
Darren Tucker	04cc538	2003-05-03 07:32:56 +1000	[diff] [blame]	823	20030503
				824	- (dtucker) Add missing "void" to record_failed_login in bsd-cray.c. Noted
				825	by wendyp@cray.com.
				826
Darren Tucker	3c01654	2003-05-02 20:48:21 +1000	[diff] [blame]	827	20030502
				828	- (dtucker) Bug #544: ignore invalid cmsg_type on Linux 2.0 kernels,
				829	privsep should now work.
Darren Tucker	97363a8	2003-05-02 23:42:25 +1000	[diff] [blame]	830	- (dtucker) Move handling of bad password authentications into a platform
Darren Tucker	bd570d7	2003-05-02 23:50:09 +1000	[diff] [blame]	831	specific record_failed_login() function (affects AIX & Unicos). ok mouring@
Darren Tucker	3c01654	2003-05-02 20:48:21 +1000	[diff] [blame]	832
Damien Miller	eab4bae	2003-04-29 23:22:40 +1000	[diff] [blame]	833	20030429
				834	- (djm) Add back radix.o (used by AFS support), after it went missing from
				835	Makefile many moons ago
				836	- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
				837	- (djm) Fix blibpath specification for AIX/gcc
				838	- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
				839
Ben Lindstrom	0e7f436	2003-04-28 23:30:43 +0000	[diff] [blame]	840	20030428
				841	- (bal) [defines.h progressmeter.c scp.c] Some more culling of non 64bit
				842	hacked code.
				843
Ben Lindstrom	93b6b77	2003-04-27 17:55:33 +0000	[diff] [blame]	844	20030427
				845	- (bal) Bug #541: return; was dropped by mistake. Reported by
				846	furrier@iglou.com
Ben Lindstrom	796b9a5	2003-04-27 18:01:37 +0000	[diff] [blame]	847	- (bal) Since we don't support platforms lacking u_int_64. We may
				848	as well clean out some of those evil #ifdefs
Ben Lindstrom	683036e	2003-04-27 18:41:30 +0000	[diff] [blame]	849	- (bal) auth1.c minor resync while looking at the code.
Ben Lindstrom	f50ad1f	2003-04-27 18:44:31 +0000	[diff] [blame]	850	- (bal) auth2.c same changed as above.
Ben Lindstrom	93b6b77	2003-04-27 17:55:33 +0000	[diff] [blame]	851
Damien Miller	d186d74	2003-04-09 19:40:33 +1000	[diff] [blame]	852	20030409
				853	- (djm) Bug #539: Specify creation mode with O_CREAT for lastlog. Report
				854	from matth@eecs.berkeley.edu
Damien Miller	a92a589	2003-04-09 19:41:25 +1000	[diff] [blame]	855	- (djm) Make the spec work with Redhat 9.0 (which renames sharutils)
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	856	- (djm) OpenBSD CVS Sync
				857	- markus@cvs.openbsd.org 2003/04/02 09:48:07
				858	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
				859	[readconf.h serverloop.c sshconnect2.c]
				860	reapply rekeying chage, tested by henning@, ok djm@
Damien Miller	703ced5	2003-04-09 20:50:26 +1000	[diff] [blame]	861	- markus@cvs.openbsd.org 2003/04/02 14:36:26
				862	[ssh-keysign.c]
				863	potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526
Damien Miller	3bed191	2003-04-09 20:50:59 +1000	[diff] [blame]	864	- itojun@cvs.openbsd.org 2003/04/03 07:25:27
				865	[progressmeter.c]
				866	$OpenBSD$
				867	- itojun@cvs.openbsd.org 2003/04/03 10:17:35
				868	[progressmeter.c]
				869	remove $OpenBSD$, as other *.c does not have it.
Damien Miller	b1ecd9c	2003-04-09 20:51:24 +1000	[diff] [blame]	870	- markus@cvs.openbsd.org 2003/04/07 08:29:57
				871	[monitor_wrap.c]
				872	typo: get correct counters; introduced during rekeying change.
Damien Miller	a0898b8	2003-04-09 21:05:52 +1000	[diff] [blame]	873	- millert@cvs.openbsd.org 2003/04/07 21:58:05
				874	[progressmeter.c]
				875	The UCB copyright here is incorrect. This code did not originate
				876	at UCB, it was written by Luke Mewburn. Updated the copyright at
				877	the author's request. markus@ OK
				878	- itojun@cvs.openbsd.org 2003/04/08 20:21:29
				879	[.c .h]
				880	rename log() into logit() to avoid name conflict. markus ok, from
				881	netbsd
				882	- (djm) XXX - Performed locally using:
				883	"perl -p -i -e 's/(\s\|^)log\(/$1logit\(/g' .c .h"
Damien Miller	bf2a017	2003-04-09 21:07:14 +1000	[diff] [blame]	884	- hin@cvs.openbsd.org 2003/04/09 08:23:52
				885	[servconf.c]
				886	Don't include <krb.h> when compiling with Kerberos 5 support
Damien Miller	a0898b8	2003-04-09 21:05:52 +1000	[diff] [blame]	887	- (djm) Fix up missing include for packet.c
Damien Miller	2a3f20e	2003-04-09 21:12:00 +1000	[diff] [blame]	888	- (djm) Fix missed log => logit occurance (reference by function pointer)
Damien Miller	d186d74	2003-04-09 19:40:33 +1000	[diff] [blame]	889
Ben Lindstrom	c8a49d7	2003-04-02 15:18:22 +0000	[diff] [blame]	890	20030402
				891	- (bal) if IP_TOS is not found or broken don't try to compile in
				892	packet_set_tos() function call. bug #527
				893
Damien Miller	495dca3	2003-04-01 21:42:14 +1000	[diff] [blame]	894	20030401
				895	- (djm) OpenBSD CVS Sync
				896	- jmc@cvs.openbsd.org 2003/03/28 10:11:43
				897	[scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
				898	[ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
				899	- killed whitespace
				900	- new sentence new line
				901	- .Bk for arguments
				902	ok markus@
Damien Miller	2dc074e	2003-04-01 21:43:39 +1000	[diff] [blame]	903	- markus@cvs.openbsd.org 2003/04/01 10:10:23
				904	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
				905	[readconf.h serverloop.c sshconnect2.c]
				906	rekeying bugfixes and automatic rekeying:
				907	* both client and server rekey _automatically_
				908	(a) after 2^31 packets, because after 2^32 packets
				909	the sequence number for packets wraps
				910	(b) after 2^(blocksize_in_bits/4) blocks
				911	(see: draft-ietf-secsh-newmodes-00.txt)
				912	(a) and (b) are _enabled_ by default, and only disabled for known
				913	openssh versions, that don't support rekeying properly.
				914	* client option 'RekeyLimit'
				915	* do not reply to requests during rekeying
				916	- markus@cvs.openbsd.org 2003/04/01 10:22:21
				917	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
				918	[readconf.h serverloop.c sshconnect2.c]
				919	backout rekeying changes (for 3.6.1)
Damien Miller	d320904	2003-04-01 21:44:37 +1000	[diff] [blame]	920	- markus@cvs.openbsd.org 2003/04/01 10:31:26
				921	[compat.c compat.h kex.c]
				922	bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
				923	tested by ho@ and myself
Damien Miller	13c1c7a	2003-04-01 21:45:26 +1000	[diff] [blame]	924	- markus@cvs.openbsd.org 2003/04/01 10:56:46
				925	[version.h]
				926	3.6.1
Damien Miller	b80e52a	2003-04-01 21:46:53 +1000	[diff] [blame]	927	- (djm) Crank spec file versions
Damien Miller	a0ab669	2003-04-01 21:47:16 +1000	[diff] [blame]	928	- (djm) Release 3.6.1p1
Damien Miller	495dca3	2003-04-01 21:42:14 +1000	[diff] [blame]	929
Damien Miller	b3207e8	2003-03-26 16:01:11 +1100	[diff] [blame]	930	20030326
				931	- (djm) OpenBSD CVS Sync
				932	- deraadt@cvs.openbsd.org 2003/03/26 04:02:51
				933	[sftp-server.c]
				934	one last fix to the tree: race fix broke stuff; pr 3169;
				935	srp@srparish.net, help from djm
				936
Damien Miller	68d893d	2003-03-25 09:07:52 +1100	[diff] [blame]	937	20030325
				938	- (djm) Fix getpeerid support for 64 bit BE systems. From
				939	Arnd Bergmann <arndb@de.ibm.com>
				940
Damien Miller	b062c29	2003-03-24 09:12:09 +1100	[diff] [blame]	941	20030324
				942	- (djm) OpenBSD CVS Sync
				943	- markus@cvs.openbsd.org 2003/03/23 19:02:00
				944	[monitor.c]
				945	unbreak rekeying for privsep; ok millert@
				946	- Release 3.6p1
Damien Miller	62b6b17	2003-03-24 13:35:58 +1100	[diff] [blame]	947	- Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
				948	Report from murple@murple.net, diagnosis from dtucker@zip.com.au
Damien Miller	b062c29	2003-03-24 09:12:09 +1100	[diff] [blame]	949
Damien Miller	134350c	2003-09-02 22:56:42 +1000	[diff] [blame^]	950	$Id: ChangeLog,v 1.2928 2003/09/02 12:56:42 djm Exp $