blob: 0d84abf7996b2425adcd47c0a819ab1b440484b1 [file] [log] [blame]
Ben Lindstromac2f0032001-04-15 14:25:12 +0000120010416
2 - OpenBSD CVS Sync
3 - stevesk@cvs.openbsd.org 2001/04/15 01:35:22
4 [ttymodes.c]
5 fix comments
Ben Lindstrom206941f2001-04-15 14:27:16 +00006 - markus@cvs.openbsd.org 2001/04/15 08:43:47
7 [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
8 some unused variable and typos; from tomh@po.crl.go.jp
Ben Lindstrom15f33862001-04-16 02:00:02 +00009 - markus@cvs.openbsd.org 2001/04/15 16:58:03
10 [authfile.c ssh-keygen.c sshd.c]
11 don't use errno for key_{load,save}_private; discussion w/ solar@openwall
Ben Lindstrom302ea6f2001-04-16 02:01:25 +000012 - markus@cvs.openbsd.org 2001/04/15 17:16:00
13 [clientloop.c]
14 set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@
15 should fix some of the blocking problems for rsync over SSH-1
Damien Miller897741e2001-04-16 10:41:46 +100016 - (djm) Convert mandoc manpages to man automatically. Patch from Mark D.
17 Roth <roth+openssh@feep.net>
Ben Lindstromac2f0032001-04-15 14:25:12 +000018
Ben Lindstromda5d9b12001-04-14 23:07:16 +00001920010415
20 - OpenBSD CVS Sync
21 - deraadt@cvs.openbsd.org 2001/04/14 04:31:01
22 [ssh-add.c]
23 do not double free
Ben Lindstromd334b272001-04-14 23:08:36 +000024 - markus@cvs.openbsd.org 2001/04/14 16:17:14
25 [channels.c]
26 remove some channels that are not appropriate for keepalive.
Ben Lindstrom7457f2a2001-04-14 23:10:09 +000027 - markus@cvs.openbsd.org 2001/04/14 16:27:57
28 [ssh-add.c]
29 use clear_pass instead of xfree()
Ben Lindstromae8e2d32001-04-14 23:13:02 +000030 - stevesk@cvs.openbsd.org 2001/04/14 16:33:20
31 [clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
32 protocol 2 tty modes support; ok markus@
Ben Lindstromf719a202001-04-14 23:14:22 +000033 - stevesk@cvs.openbsd.org 2001/04/14 17:04:42
34 [scp.c]
35 'T' handling rcp/scp sync; ok markus@
Ben Lindstromac2f0032001-04-15 14:25:12 +000036 - Missed sshtty.[ch] in Sync.
Ben Lindstromda5d9b12001-04-14 23:07:16 +000037
Damien Miller6e77a532001-04-14 00:22:33 +10003820010414
39 - Sync with OpenBSD glob.c, strlcat.c and vis.c changes
Damien Miller402b3312001-04-14 00:28:42 +100040 - Cygwin sftp/sftp-server binary mode patch from Corinna Vinschen
41 <vinschen@redhat.com>
Ben Lindstrom5744dc42001-04-13 23:28:01 +000042 - OpenBSD CVS Sync
43 - beck@cvs.openbsd.org 2001/04/13 22:46:54
44 [channels.c channels.h servconf.c servconf.h serverloop.c sshd.8]
45 Add options ClientAliveInterval and ClientAliveCountMax to sshd.
46 This gives the ability to do a "keepalive" via the encrypted channel
47 which can't be spoofed (unlike TCP keepalives). Useful for when you want
48 to use ssh connections to authenticate people for something, and know
49 relatively quickly when they are no longer authenticated. Disabled
50 by default (of course). ok markus@
Damien Miller6e77a532001-04-14 00:22:33 +100051
Ben Lindstrom2b646522001-04-12 16:16:57 +00005220010413
53 - OpenBSD CVS Sync
54 - markus@cvs.openbsd.org 2001/04/12 14:29:09
55 [ssh.c]
56 show debug output during option processing, report from
57 pekkas@netcore.fi
Ben Lindstrom5eabda32001-04-12 23:34:34 +000058 - markus@cvs.openbsd.org 2001/04/12 19:15:26
59 [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
60 compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
61 servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
62 sshconnect2.c sshd_config]
63 implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
64 similar to RhostRSAAuthentication unless you enable (the experimental)
65 HostbasedUsesNameFromPacketOnly option. please test. :)
Ben Lindstromd69dab32001-04-12 23:36:05 +000066 - markus@cvs.openbsd.org 2001/04/12 19:39:27
67 [readconf.c]
68 typo
Ben Lindstrom19066a12001-04-12 23:39:26 +000069 - stevesk@cvs.openbsd.org 2001/04/12 20:09:38
70 [misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
71 robust port validation; ok markus@ jakob@
Ben Lindstrom63667f62001-04-13 00:00:14 +000072 - mouring@cvs.openbsd.org 2001/04/12 23:17:54
73 [sftp-int.c sftp-int.h sftp.1 sftp.c]
74 Add support for:
75 sftp [user@]host[:file [file]] - Fetch remote file(s)
76 sftp [user@]host[:dir[/]] - Start in remote dir/
77 OK deraadt@
Ben Lindstrom92d4a022001-04-13 04:44:37 +000078 - stevesk@cvs.openbsd.org 2001/04/13 01:26:17
79 [ssh.c]
80 missing \n in error message
Ben Lindstrom09988722001-04-12 21:35:52 +000081 - (bal) Added openbsd-compat/inet_ntop.[ch] since HP/UX (and others)
82 lack it.
Ben Lindstrom2b646522001-04-12 16:16:57 +000083
Ben Lindstromb3921512001-04-11 15:57:50 +00008420010412
85 - OpenBSD CVS Sync
86 - markus@cvs.openbsd.org 2001/04/10 07:46:58
87 [channels.c]
88 cleanup socks4 handling
Ben Lindstrom18a82ac2001-04-11 15:59:35 +000089 - itojun@cvs.openbsd.org 2001/04/10 09:13:22
90 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
91 document id_rsa{.pub,}. markus ok
Ben Lindstromc486d882001-04-11 16:08:34 +000092 - markus@cvs.openbsd.org 2001/04/10 12:15:23
93 [channels.c]
94 debug cleanup
Ben Lindstrom23d9a6d2001-04-11 23:05:17 +000095 - djm@cvs.openbsd.org 2001/04/11 07:06:22
96 [sftp-int.c]
97 'mget' and 'mput' aliases; ok markus@
Ben Lindstrom146edb92001-04-11 23:06:28 +000098 - markus@cvs.openbsd.org 2001/04/11 10:59:01
99 [ssh.c]
100 use strtol() for ports, thanks jakob@
Ben Lindstrom6fa9d102001-04-11 23:08:17 +0000101 - markus@cvs.openbsd.org 2001/04/11 13:56:13
102 [channels.c ssh.c]
103 https-connect and socks5 support. i feel so bad.
Ben Lindstrom9fce9f02001-04-11 23:10:09 +0000104 - lebel@cvs.openbsd.org 2001/04/11 16:25:30
105 [sshd.8 sshd.c]
106 implement the -e option into sshd:
107 -e When this option is specified, sshd will send the output to the
108 standard error instead of the system log.
109 markus@ OK.
Ben Lindstromb3921512001-04-11 15:57:50 +0000110
Ben Lindstrom94924842001-04-10 02:40:17 +000011120010410
112 - OpenBSD CVS Sync
113 - deraadt@cvs.openbsd.org 2001/04/08 20:52:55
114 [sftp.c]
115 do not modify an actual argv[] entry
Ben Lindstrom4b3564e2001-04-10 02:41:56 +0000116 - stevesk@cvs.openbsd.org 2001/04/08 23:28:27
117 [sshd.8]
118 spelling
Ben Lindstrom8ffeacf2001-04-10 02:43:57 +0000119 - stevesk@cvs.openbsd.org 2001/04/09 00:42:05
120 [sftp.1]
121 spelling
Ben Lindstromee617942001-04-10 02:45:32 +0000122 - markus@cvs.openbsd.org 2001/04/09 15:12:23
123 [ssh-add.c]
124 passphrase caching: ssh-add tries last passphrase, clears passphrase if
125 not successful and after last try.
126 based on discussions with espie@, jakob@, ... and code from jakob@ and
127 wolfgang@wsrcc.com
Ben Lindstrom12de6162001-04-10 02:46:54 +0000128 - markus@cvs.openbsd.org 2001/04/09 15:19:49
129 [ssh-add.1]
130 ssh-add retries the last passphrase...
Ben Lindstrom1a598a42001-04-10 02:48:50 +0000131 - stevesk@cvs.openbsd.org 2001/04/09 18:00:15
132 [sshd.8]
133 ListenAddress mandoc from aaron@
Ben Lindstrom94924842001-04-10 02:40:17 +0000134
Ben Lindstrom49e57a82001-04-08 18:02:43 +000013520010409
Kevin Stevescb17e992001-04-09 14:50:52 +0000136 - (stevesk) use setresgid() for setegid() if needed
Kevin Steves393d2f72001-04-08 22:50:43 +0000137 - (stevesk) configure.in: typo
Ben Lindstrom49e57a82001-04-08 18:02:43 +0000138 - OpenBSD CVS Sync
139 - stevesk@cvs.openbsd.org 2001/04/08 16:01:36
140 [sshd.8]
141 document ListenAddress addr:port
Ben Lindstromd5730a82001-04-08 18:04:36 +0000142 - markus@cvs.openbsd.org 2001/04/08 13:03:00
143 [ssh-add.c]
144 init pointers with NULL, thanks to danimal@danimal.org
Ben Lindstromd3447632001-04-08 18:07:22 +0000145 - markus@cvs.openbsd.org 2001/04/08 11:27:33
146 [clientloop.c]
147 leave_raw_mode if ssh2 "session" is closed
Ben Lindstrom3fcf1a22001-04-08 18:26:59 +0000148 - markus@cvs.openbsd.org 2001/04/06 21:00:17
149 [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
150 ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
151 do gid/groups-swap in addition to uid-swap, should help if /home/group
152 is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
153 to olar@openwall.com is comments. we had many requests for this.
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +0000154 - markus@cvs.openbsd.org 2001/04/07 08:55:18
155 [buffer.c channels.c channels.h readconf.c ssh.c]
156 allow the ssh client act as a SOCKS4 proxy (dynamic local
157 portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me.
158 thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
159 netscape use localhost:1080 as a socks proxy.
Ben Lindstromf52373f2001-04-08 18:38:04 +0000160 - markus@cvs.openbsd.org 2001/04/08 11:24:33
161 [uidswap.c]
162 KNF
Ben Lindstrom49e57a82001-04-08 18:02:43 +0000163
Ben Lindstromab0cedc2001-04-07 17:23:43 +000016420010408
165 - OpenBSD CVS Sync
166 - stevesk@cvs.openbsd.org 2001/04/06 22:12:47
167 [hostfile.c]
168 unused; typo in comment
Ben Lindstromc510af42001-04-07 17:25:48 +0000169 - stevesk@cvs.openbsd.org 2001/04/06 22:25:25
170 [servconf.c]
171 in addition to:
172 ListenAddress host|ipv4_addr|ipv6_addr
173 permit:
174 ListenAddress [host|ipv4_addr|ipv6_addr]:port
175 ListenAddress host|ipv4_addr:port
176 sshd.8 updates coming. ok markus@
Ben Lindstromab0cedc2001-04-07 17:23:43 +0000177
Ben Lindstrom8248d112001-04-07 01:08:46 +000017820010407
179 - (bal) CVS ID Resync of version.h
Ben Lindstrome34ab4c2001-04-07 01:12:11 +0000180 - OpenBSD CVS Sync
181 - markus@cvs.openbsd.org 2001/04/05 23:39:20
182 [serverloop.c]
183 keep the ssh session even if there is no active channel.
184 this is more in line with the protocol spec and makes
185 ssh -N -L 1234:server:110 host
186 more useful.
187 based on discussion with <mats@mindbright.se> long time ago
188 and recent mail from <res@shore.net>
Ben Lindstromd47cf4d2001-04-07 01:14:38 +0000189 - deraadt@cvs.openbsd.org 2001/04/06 16:46:59
190 [scp.c]
191 remove trailing / from source paths; fixes pr#1756
Ben Lindstrom8248d112001-04-07 01:08:46 +0000192
Kevin Stevesff8b4952001-04-05 23:05:22 +000019320010406
194 - (stevesk) logintest.c: fix for systems without __progname
Kevin Stevesbe48f2b2001-04-06 01:58:37 +0000195 - (stevesk) Makefile.in: log.o is in libssh.a
Ben Lindstrom4f3ae4c2001-04-05 23:19:21 +0000196 - OpenBSD CVS Sync
197 - markus@cvs.openbsd.org 2001/04/05 10:00:06
198 [compat.c]
199 2.3.x does old GEX, too; report jakob@
Ben Lindstromfb50cdf2001-04-05 23:20:46 +0000200 - markus@cvs.openbsd.org 2001/04/05 10:39:03
201 [compress.c compress.h packet.c]
202 reset compress state per direction when rekeying.
Ben Lindstroma6c20142001-04-05 23:22:25 +0000203 - markus@cvs.openbsd.org 2001/04/05 10:39:48
204 [version.h]
205 temporary version 2.5.4 (supports rekeying).
206 this is not an official release.
Ben Lindstroma3700052001-04-05 23:26:32 +0000207 - markus@cvs.openbsd.org 2001/04/05 10:42:57
208 [auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
209 mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
210 sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
211 sshconnect2.c sshd.c]
212 fix whitespace: unexpand + trailing spaces.
Ben Lindstroma8baf362001-04-05 23:28:36 +0000213 - markus@cvs.openbsd.org 2001/04/05 11:09:17
214 [clientloop.c compat.c compat.h]
215 add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
Ben Lindstromf3272352001-04-05 23:29:59 +0000216 - markus@cvs.openbsd.org 2001/04/05 15:45:43
217 [ssh.1]
218 ssh defaults to protocol v2; from quisar@quisar.ambre.net
Ben Lindstromf15a3862001-04-05 23:32:17 +0000219 - stevesk@cvs.openbsd.org 2001/04/05 15:48:18
220 [canohost.c canohost.h session.c]
221 move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@
Ben Lindstrom11bd8992001-04-05 23:34:29 +0000222 - markus@cvs.openbsd.org 2001/04/05 20:01:10
223 [clientloop.c]
224 for ~R print message if server does not support rekeying. (and fix ~R).
Ben Lindstromd7dd23f2001-04-05 23:36:01 +0000225 - markus@cvs.openbsd.org 2001/04/05 21:02:46
226 [buffer.c]
227 better error message
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +0000228 - markus@cvs.openbsd.org 2001/04/05 21:05:24
229 [clientloop.c ssh.c]
230 don't request a session for 'ssh -N', pointed out slade@shore.net
Kevin Stevesff8b4952001-04-05 23:05:22 +0000231
Ben Lindstrom238abf62001-04-04 17:52:53 +000023220010405
233 - OpenBSD CVS Sync
234 - markus@cvs.openbsd.org 2001/04/04 09:48:35
235 [kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c]
236 don't sent multiple kexinit-requests.
237 send newkeys, block while waiting for newkeys.
238 fix comments.
Ben Lindstrom8ac91062001-04-04 17:57:54 +0000239 - markus@cvs.openbsd.org 2001/04/04 14:34:58
240 [clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
241 enable server side rekeying + some rekey related clientup.
242 todo: we should not send any non-KEX messages after we send KEXINIT
Ben Lindstrom78c261a2001-04-04 23:43:26 +0000243 - markus@cvs.openbsd.org 2001/04/04 15:50:55
244 [compat.c]
245 f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov
Ben Lindstrombe2cc432001-04-04 23:46:07 +0000246 - markus@cvs.openbsd.org 2001/04/04 20:25:38
247 [channels.c channels.h clientloop.c kex.c kex.h serverloop.c
248 sshconnect2.c sshd.c]
249 more robust rekeying
250 don't send channel data after rekeying is started.
Ben Lindstrom0cae0402001-04-04 23:47:52 +0000251 - markus@cvs.openbsd.org 2001/04/04 20:32:56
252 [auth2.c]
253 we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@
Ben Lindstrom8e312f32001-04-04 23:50:21 +0000254 - markus@cvs.openbsd.org 2001/04/04 22:04:35
255 [kex.c kexgex.c serverloop.c]
256 parse full kexinit packet.
257 make server-side more robust, too.
Ben Lindstrom5ba23b32001-04-05 02:05:21 +0000258 - markus@cvs.openbsd.org 2001/04/04 23:09:18
259 [dh.c kex.c packet.c]
260 clear+free keys,iv for rekeying.
261 + fix DH mem leaks. ok niels@
Kevin Steves86a52b32001-04-05 17:15:08 +0000262 - (stevesk) don't use vhangup() if defined(HAVE_DEV_PTMX); also removes
263 BROKEN_VHANGUP
Ben Lindstrom238abf62001-04-04 17:52:53 +0000264
Ben Lindstrom0d3e8fa2001-04-04 01:51:25 +000026520010404
266 - OpenBSD CVS Sync
267 - deraadt@cvs.openbsd.org 2001/04/02 17:32:23
268 [ssh-agent.1]
269 grammar; slade@shore.net
Ben Lindstrom86ebcb62001-04-04 01:53:20 +0000270 - stevesk@cvs.openbsd.org 2001/04/03 13:56:11
271 [sftp-glob.c ssh-agent.c ssh-keygen.c]
272 free() -> xfree()
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +0000273 - markus@cvs.openbsd.org 2001/04/03 19:53:29
274 [dh.c dh.h kex.c kex.h sshconnect2.c sshd.c]
275 move kex to kex*.c, used dispatch_set() callbacks for kex. should
276 make rekeying easier.
Ben Lindstrom9323d962001-04-04 01:58:48 +0000277 - todd@cvs.openbsd.org 2001/04/03 21:19:38
278 [ssh_config]
279 id_rsa1/2 -> id_rsa; ok markus@
Ben Lindstrom2d90e002001-04-04 02:00:54 +0000280 - markus@cvs.openbsd.org 2001/04/03 23:32:12
281 [kex.c kex.h packet.c sshconnect2.c sshd.c]
282 undo parts of recent my changes: main part of keyexchange does not
283 need dispatch-callbacks, since application data is delayed until
284 the keyexchange completes (if i understand the drafts correctly).
285 add some infrastructure for re-keying.
Ben Lindstromf28f6342001-04-04 02:03:04 +0000286 - markus@cvs.openbsd.org 2001/04/04 00:06:54
287 [clientloop.c sshconnect2.c]
288 enable client rekeying
289 (1) force rekeying with ~R, or
290 (2) if the server requests rekeying.
291 works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
Ben Lindstrom22b19b42001-04-04 17:39:19 +0000292 - (bal) Oops.. Missed including kexdh.c and kexgex.c in OpenBSD sync.
Ben Lindstrom0d3e8fa2001-04-04 01:51:25 +0000293
Ben Lindstrom55b99e32001-04-02 18:18:21 +000029420010403
295 - OpenBSD CVS Sync
296 - stevesk@cvs.openbsd.org 2001/04/02 14:15:31
297 [sshd.8]
298 typo; ok markus@
Ben Lindstrom3704c262001-04-02 18:20:03 +0000299 - stevesk@cvs.openbsd.org 2001/04/02 14:20:23
300 [readconf.c servconf.c]
301 correct comment; ok markus@
Kevin Stevesefe5fd82001-04-03 13:02:48 +0000302 - (stevesk) nchan.c: remove ostate checks and add EINVAL to
303 shutdown(SHUT_RD) error() bypass for HP-UX.
Ben Lindstrom55b99e32001-04-02 18:18:21 +0000304
Kevin Stevesedcd5762001-04-02 13:45:00 +000030520010402
306 - (stevesk) log.c openbsd sync; missing newlines
Kevin Steves6189e192001-04-02 14:02:55 +0000307 - (stevesk) sshpty.h openbsd sync; PTY_H -> SSHPTY_H
Kevin Stevesedcd5762001-04-02 13:45:00 +0000308
Damien Millerd8f72ca2001-03-30 10:23:17 +100030920010330
310 - (djm) Another openbsd-compat/glob.c sync
Damien Miller2557bfc2001-03-30 10:47:14 +1000311 - (djm) OpenBSD CVS Sync
312 - provos@cvs.openbsd.org 2001/03/28 21:59:41
313 [kex.c kex.h sshconnect2.c sshd.c]
314 forgot to include min and max params in hash, okay markus@
Damien Miller23e526e2001-03-30 10:47:43 +1000315 - provos@cvs.openbsd.org 2001/03/28 22:04:57
316 [dh.c]
317 more sanity checking on primes file
Damien Miller5d57e502001-03-30 10:48:31 +1000318 - markus@cvs.openbsd.org 2001/03/28 22:43:31
319 [auth.h auth2.c auth2-chall.c]
320 check auth_root_allowed for kbd-int auth, too.
Damien Miller653ae112001-03-30 10:49:05 +1000321 - provos@cvs.openbsd.org 2001/03/29 14:24:59
322 [sshconnect2.c]
323 use recommended defaults
Damien Millera0ff4662001-03-30 10:49:35 +1000324 - stevesk@cvs.openbsd.org 2001/03/29 21:06:21
325 [sshconnect2.c sshd.c]
326 need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@
Damien Miller9709f902001-03-30 10:50:10 +1000327 - markus@cvs.openbsd.org 2001/03/29 21:17:40
328 [dh.c dh.h kex.c kex.h]
329 prepare for rekeying: move DH code to dh.c
Damien Millerff75ac42001-03-30 10:50:32 +1000330 - djm@cvs.openbsd.org 2001/03/29 23:42:01
331 [sshd.c]
332 Protocol 1 key regeneration log => verbose, some KNF; ok markus@
Damien Millerd8f72ca2001-03-30 10:23:17 +1000333
Ben Lindstrom89b0bd62001-03-29 00:27:11 +000033420010329
335 - OpenBSD CVS Sync
336 - stevesk@cvs.openbsd.org 2001/03/26 15:47:59
337 [ssh.1]
338 document more defaults; misc. cleanup. ok markus@
Ben Lindstromc1116602001-03-29 00:28:37 +0000339 - markus@cvs.openbsd.org 2001/03/26 23:12:42
340 [authfile.c]
341 KNF
Ben Lindstromd09fcf52001-03-29 00:29:54 +0000342 - markus@cvs.openbsd.org 2001/03/26 23:23:24
343 [rsa.c rsa.h ssh-agent.c ssh-keygen.c]
344 try to read private f-secure ssh v2 rsa keys.
Ben Lindstrom425fb022001-03-29 00:31:20 +0000345 - markus@cvs.openbsd.org 2001/03/27 10:34:08
346 [ssh-rsa.c sshd.c]
347 use EVP_get_digestbynid, reorder some calls and fix missing free.
Ben Lindstrom60a43812001-03-29 00:32:56 +0000348 - markus@cvs.openbsd.org 2001/03/27 10:57:00
349 [compat.c compat.h ssh-rsa.c]
350 some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5
351 signatures in SSH protocol 2, ok djm@
Ben Lindstromdf221392001-03-29 00:36:16 +0000352 - provos@cvs.openbsd.org 2001/03/27 17:46:50
353 [compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h]
354 make dh group exchange more flexible, allow min and max group size,
355 okay markus@, deraadt@
Ben Lindstrombd472262001-03-29 00:39:55 +0000356 - stevesk@cvs.openbsd.org 2001/03/28 19:56:23
357 [scp.c]
358 start to sync scp closer to rcp; ok markus@
Ben Lindstromff2618c2001-03-29 00:43:54 +0000359 - stevesk@cvs.openbsd.org 2001/03/28 20:04:38
360 [scp.c]
361 usage more like rcp and add missing -B to usage; ok markus@
Ben Lindstrom7de696e2001-03-29 00:45:12 +0000362 - markus@cvs.openbsd.org 2001/03/28 20:50:45
363 [sshd.c]
364 call refuse() before close(); from olemx@ans.pl
Ben Lindstrom89b0bd62001-03-29 00:27:11 +0000365
Damien Millerc79bc0d2001-03-28 13:03:42 +100036620010328
367 - (djm) Reorder tests and library inclusion for Krb4/AFS to try to
368 resolve linking conflicts with libcrypto. Report and suggested fix
369 from Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Miller18bb4732001-03-28 14:35:30 +1000370 - (djm) Work around Solaris' broken struct dirent. Diagnosis and suggested
371 fix from Philippe Levan <levan@epix.net>
Damien Miller98344742001-03-28 14:37:06 +1000372 - (djm) Rework krbIV tests to get us closer to building on Redhat. Still
373 doesn't work because of conflicts between krbIV's and OpenSSL's des.h
Damien Millerb68af622001-03-28 21:05:26 +1000374 - (djm) Sync openbsd-compat/glob.c
Damien Millerc79bc0d2001-03-28 13:03:42 +1000375
Ben Lindstrom8ca93562001-03-26 05:32:16 +000037620010327
377 - Attempt sync with sshlogin.c w/ OpenBSD (mainly CVS ID)
Ben Lindstrom95318252001-03-26 05:35:33 +0000378 - Fix pointer issues in waitpid() and wait() replaces. Patch by Lutz
379 Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom60294322001-03-26 05:38:25 +0000380 - OpenBSD CVS Sync
381 - djm@cvs.openbsd.org 2001/03/25 00:01:34
382 [session.c]
383 shorten; ok markus@
Ben Lindstrom7bfff362001-03-26 05:45:53 +0000384 - stevesk@cvs.openbsd.org 2001/03/25 13:16:11
385 [servconf.c servconf.h session.c sshd.8 sshd_config]
386 PrintLastLog option; from chip@valinux.com with some minor
387 changes by me. ok markus@
Damien Millerf9e93002001-03-27 16:12:24 +1000388 - markus@cvs.openbsd.org 2001/03/26 08:07:09
389 [authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
390 sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
391 simpler key load/save interface, see authfile.h
392 - (djm) Reestablish PAM credentials (which can be supplemental group
393 memberships) after initgroups() blows them away. Report and suggested
394 fix from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom8ca93562001-03-26 05:32:16 +0000395
Ben Lindstromb94f8b22001-03-24 00:20:56 +000039620010324
397 - Fixed permissions ssh-keyscan. Thanks to Christopher Linn <celinn@mtu.edu>.
Ben Lindstromc8530c72001-03-24 00:35:19 +0000398 - OpenBSD CVS Sync
399 - djm@cvs.openbsd.org 2001/03/23 11:04:07
400 [compat.c compat.h sshconnect2.c sshd.c]
401 Compat for OpenSSH with broken Rijndael/AES. ok markus@
Ben Lindstrom9e2057c2001-03-24 00:37:59 +0000402 - markus@cvs.openbsd.org 2001/03/23 12:02:49
403 [auth1.c]
404 authctxt is now passed to do_authenticated
Ben Lindstrom7527f8b2001-03-24 00:39:12 +0000405 - markus@cvs.openbsd.org 2001/03/23 13:10:57
406 [sftp-int.c]
407 fix put, upload to _absolute_ path, ok djm@
Ben Lindstromde71cda2001-03-24 00:43:26 +0000408 - markus@cvs.openbsd.org 2001/03/23 14:28:32
409 [session.c sshd.c]
410 ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@
Damien Millerb44fe062001-03-24 15:39:38 +1100411 - (djm) Pull out our own SIGPIPE hacks
Ben Lindstromb94f8b22001-03-24 00:20:56 +0000412
Ben Lindstrom69d8c072001-03-22 22:45:33 +000041320010323
414 - OpenBSD CVS Sync
415 - deraadt@cvs.openbsd.org 2001/03/22 20:22:55
416 [sshd.c]
417 do not place linefeeds in buffer
418
Damien Millerbebd8be2001-03-22 11:58:15 +110041920010322
420 - (djm) Better AIX no tty fix, spotted by Gert Doering <gert@greenie.muc.de>
Ben Lindstromebf3d512001-03-22 01:08:39 +0000421 - (bal) version.c CVS ID resync
Ben Lindstromeebc4a22001-03-22 01:22:03 +0000422 - (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID
423 resync
Ben Lindstrom57f82e22001-03-22 02:04:08 +0000424 - (bal) scp.c CVS ID resync
Ben Lindstrom6b776432001-03-22 01:24:04 +0000425 - OpenBSD CVS Sync
426 - markus@cvs.openbsd.org 2001/03/20 19:10:16
427 [readconf.c]
428 default to SSH protocol version 2
Ben Lindstromb4c961d2001-03-22 01:25:37 +0000429 - markus@cvs.openbsd.org 2001/03/20 19:21:21
430 [session.c]
431 remove unused arg
Ben Lindstromfc9b07d2001-03-22 01:27:23 +0000432 - markus@cvs.openbsd.org 2001/03/20 19:21:21
433 [session.c]
434 remove unused arg
Ben Lindstromb31783d2001-03-22 02:02:12 +0000435 - markus@cvs.openbsd.org 2001/03/21 11:43:45
436 [auth1.c auth2.c session.c session.h]
437 merge common ssh v1/2 code
Ben Lindstromf1107f52001-03-22 02:05:32 +0000438 - jakob@cvs.openbsd.org 2001/03/21 14:20:45
439 [ssh-keygen.c]
440 add -B flag to usage
Ben Lindstromd9267452001-03-22 02:06:57 +0000441 - markus@cvs.openbsd.org 2001/03/21 21:06:30
442 [session.c]
443 missing init; from mib@unimelb.edu.au
Damien Millerbebd8be2001-03-22 11:58:15 +1100444
Damien Millerbe081762001-03-21 11:11:57 +110044520010321
446 - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve
447 VanDevender <stevev@darkwing.uoregon.edu>
Damien Miller2e9adb22001-03-21 12:16:24 +1100448 - (djm) Make sure pam_retval is initialised on call to pam_end. Patch
449 from Solar Designer <solar@openwall.com>
Damien Millerec7e1b12001-03-21 13:01:35 +1100450 - (djm) Don't loop forever when changing password via PAM. Patch
451 from Solar Designer <solar@openwall.com>
Damien Miller4b4e2d32001-03-21 13:13:40 +1100452 - (djm) Generate config files before build
Damien Millerb69407d2001-03-21 16:13:03 +1100453 - (djm) Correctly handle SIA and AIX when no tty present. Spotted and
454 suggested fix from Mike Battersby <mib@unimelb.edu.au>
Damien Millerbe081762001-03-21 11:11:57 +1100455
Ben Lindstroma77d6412001-03-19 18:58:13 +000045620010320
Ben Lindstrom11c78f82001-03-19 19:00:09 +0000457 - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS).
458 - (bal) glob.c update to set gl_pathv to NULL (OpenBSD CVS).
Ben Lindstrom9911f122001-03-19 21:29:30 +0000459 - (bal) Oops. Missed globc.h change (OpenBSD CVS).
Damien Millere7cf07c2001-03-20 09:15:57 +1100460 - (djm) OpenBSD CVS Sync
461 - markus@cvs.openbsd.org 2001/03/19 17:07:23
462 [auth.c readconf.c]
463 undo /etc/shell and proto 2,1 change for openssh-2.5.2
Damien Miller41be73b2001-03-20 09:16:34 +1100464 - markus@cvs.openbsd.org 2001/03/19 17:12:10
465 [version.h]
466 version 2.5.2
Damien Miller82e7ae52001-03-20 09:30:50 +1100467 - (djm) Update RPM spec version
468 - (djm) Release 2.5.2p1
Tim Riced14d7022001-03-19 18:31:44 -0800469- tim@mindrot.org 2001/03/19 18:33:47 [defines.h]
470 change S_ISLNK macro to work for UnixWare 2.03
Tim Riced9d5ba22001-03-19 20:46:50 -0800471- tim@mindrot.org 2001/03/19 20:45:11 [openbsd-compat/glob.c]
472 add get_arg_max(). Use sysconf() if ARG_MAX is not defined
Ben Lindstroma77d6412001-03-19 18:58:13 +0000473
Damien Miller60bc5172001-03-19 09:38:15 +110047420010319
475 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
476 do it implicitly.
Damien Miller9de61e82001-03-19 10:09:27 +1100477 - (djm) Add getusershell() functions from OpenBSD CVS
Ben Lindstrom2d70f982001-03-19 00:13:46 +0000478 - OpenBSD CVS Sync
479 - markus@cvs.openbsd.org 2001/03/18 12:07:52
480 [auth-options.c]
481 ignore permitopen="host:port" if AllowTcpForwarding==no
Damien Millerffd0e102001-03-19 12:45:02 +1100482 - (djm) Make scp work on systems without 64-bit ints
Tim Riced19a75a2001-03-18 18:27:26 -0800483 - tim@mindrot.org 2001/03/18 18:28:39 [defines.h]
484 move HAVE_LONG_LONG_INT where it works
Ben Lindstrom8feff452001-03-19 03:09:40 +0000485 - (bal) Use 'NGROUPS' for NeXT Since 'MAX_NGROUPS' is wrapped up in -lposix
Ben Lindstrom6cabb6f2001-03-19 03:01:56 +0000486 stuff. Change suggested by Mark Miller <markm@swoon.net>
Ben Lindstrom8feff452001-03-19 03:09:40 +0000487 - (bal) Small fix to scp. %lu vs %ld
Ben Lindstrom03017ba2001-03-19 03:12:25 +0000488 - (bal) NeXTStep lacks S_ISLNK. Plus split up S_IS*
Damien Millercafff192001-03-19 22:29:46 +1100489 - (djm) OpenBSD CVS Sync
490 - djm@cvs.openbsd.org 2001/03/19 03:52:51
491 [sftp-client.c]
492 Report ssh connection closing correctly; ok deraadt@
Damien Miller27dbe6f2001-03-19 22:36:20 +1100493 - deraadt@cvs.openbsd.org 2001/03/18 23:30:55
494 [compat.c compat.h sshd.c]
495 specifically version match on ssh scanners. do not log scan
496 information to the console
Damien Millerc2c5d9f2001-03-19 23:16:08 +1100497 - djm@cvs.openbsd.org 2001/03/19 12:10:17
Damien Millera243fde2001-03-19 23:16:08 +1100498 [sshd.8]
Damien Millerc2c5d9f2001-03-19 23:16:08 +1100499 Document permitopen authorized_keys option; ok markus@
Damien Miller1e42f302001-03-19 23:59:11 +1100500 - djm@cvs.openbsd.org 2001/03/19 05:49:52
501 [ssh.1]
502 document PreferredAuthentications option; ok markus@
Ben Lindstromaad56ce2001-03-19 13:42:21 +0000503 - (bal) Minor NeXT fixed. Forgot to #undef NGROUPS_MAX
Damien Miller60bc5172001-03-19 09:38:15 +1100504
Ben Lindstromfea72782001-03-17 18:07:46 +000050520010318
506 - (bal) Fixed scp type casing issue which causes "scp: protocol error:
507 size not delimited" fatal errors when tranfering.
Ben Lindstromd69191b2001-03-17 23:13:27 +0000508 - OpenBSD CVS Sync
509 - markus@cvs.openbsd.org 2001/03/17 17:27:59
510 [auth.c]
511 check /etc/shells, too
Tim Riceb399be42001-03-17 18:43:16 -0800512 - tim@mindrot.org 2001/03/17 18:45:25 [compat.c]
513 openbsd-compat/fake-regex.h
Ben Lindstromfea72782001-03-17 18:07:46 +0000514
Damien Miller168a7002001-03-17 10:29:50 +110051520010317
516 - Support usrinfo() on AIX. Based on patch from Gert Doering
517 <gert@greenie.muc.de>
Ben Lindstroma4c57662001-03-17 00:10:20 +0000518 - OpenBSD CVS Sync
519 - markus@cvs.openbsd.org 2001/03/15 15:05:59
520 [scp.c]
521 use %lld in printf, ok millert@/deraadt@; report from ssh@client.fi
Ben Lindstrom86fe8682001-03-17 00:32:57 +0000522 - markus@cvs.openbsd.org 2001/03/15 22:07:08
523 [session.c]
524 pass Session to do_child + KNF
Ben Lindstromc8d1c302001-03-17 00:34:46 +0000525 - djm@cvs.openbsd.org 2001/03/16 08:16:18
526 [sftp-client.c sftp-client.h sftp-glob.c sftp-int.c]
527 Revise globbing for get/put to be more shell-like. In particular,
528 "get/put file* directory/" now works. ok markus@
Ben Lindstrom5df2ffa2001-03-17 00:36:17 +0000529 - markus@cvs.openbsd.org 2001/03/16 09:55:53
530 [sftp-int.c]
531 fix memset and whitespace
Ben Lindstromcf00df62001-03-17 00:37:31 +0000532 - markus@cvs.openbsd.org 2001/03/16 13:44:24
533 [sftp-int.c]
534 discourage strcat/strcpy
Ben Lindstrom7bb8b492001-03-17 00:47:54 +0000535 - markus@cvs.openbsd.org 2001/03/16 19:06:30
536 [auth-options.c channels.c channels.h serverloop.c session.c]
537 implement "permitopen" key option, restricts -L style forwarding to
538 to specified host:port pairs. based on work by harlan@genua.de
Ben Lindstrom45b14db2001-03-17 01:15:38 +0000539 - Check for gl_matchc support in glob_t and fall back to the
540 openbsd-compat/glob.[ch] support if it does not exist.
Damien Miller168a7002001-03-17 10:29:50 +1100541
Ben Lindstrom025df4a2001-03-14 15:16:34 +000054220010315
543 - OpenBSD CVS Sync
544 - markus@cvs.openbsd.org 2001/03/14 08:57:14
545 [sftp-client.c]
546 Wall
Ben Lindstromf78682d2001-03-14 21:26:27 +0000547 - markus@cvs.openbsd.org 2001/03/14 15:15:58
548 [sftp-int.c]
549 add version command
Ben Lindstromc7f4ccd2001-03-15 00:09:15 +0000550 - deraadt@cvs.openbsd.org 2001/03/14 22:50:25
551 [sftp-server.c]
552 note no getopt()
Kevin Steves54f15b62001-03-14 18:37:13 +0000553 - (stevesk) ssh-keyscan.c: specify "openbsd-compat/fake-queue.h"
Ben Lindstromde2273f2001-03-14 21:30:18 +0000554 - (bal) Cygwin README change by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom025df4a2001-03-14 15:16:34 +0000555
Damien Miller056ddf72001-03-14 10:15:20 +110055620010314
557 - OpenBSD CVS Sync
Ben Lindstromf78682d2001-03-14 21:26:27 +0000558 - markus@cvs.openbsd.org 2001/03/13 17:34:42
559 [auth-options.c]
560 missing xfree, deny key on parse error; ok stevesk@
561 - djm@cvs.openbsd.org 2001/03/13 22:42:54
562 [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
563 sftp client filename globbing for get, put, ch{mod,grp,own}. ok markus@
Damien Miller3c027682001-03-14 11:39:45 +1100564 - (bal) Fix strerror() in bsd-misc.c
565 - (djm) Add replacement glob() from OpenBSD libc if the system glob is
566 missing or lacks the GLOB_ALTDIRFUNC extension
567 - (djm) Remove -I$(srcdir)/openbsd-compat from CFLAGS, refer to headers
568 relatively. Avoids conflict between glob.h and /usr/include/glob.h
Damien Miller056ddf72001-03-14 10:15:20 +1100569
Ben Lindstromcfccef92001-03-13 04:57:58 +000057020010313
571 - OpenBSD CVS Sync
572 - markus@cvs.openbsd.org 2001/03/12 22:02:02
573 [key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c]
574 remove old key_fingerprint interface, s/_ex//
575
Ben Lindstromb54873a2001-03-11 20:01:55 +000057620010312
577 - OpenBSD CVS Sync
578 - markus@cvs.openbsd.org 2001/03/11 13:25:36
579 [auth2.c key.c]
580 debug
Ben Lindstrom96e8ea62001-03-11 20:03:44 +0000581 - jakob@cvs.openbsd.org 2001/03/11 15:03:16
582 [key.c key.h]
583 add improved fingerprint functions. based on work by Carsten
584 Raskgaard <cara@int.tele.dk> and modified by me. ok markus@.
Ben Lindstroma8a73e62001-03-11 20:05:19 +0000585 - jakob@cvs.openbsd.org 2001/03/11 15:04:16
586 [ssh-keygen.1 ssh-keygen.c]
587 print both md5, sha1 and bubblebabble fingerprints when using
588 ssh-keygen -l -v. ok markus@.
Ben Lindstromcbe3ad22001-03-11 20:06:59 +0000589 - jakob@cvs.openbsd.org 2001/03/11 15:13:09
590 [key.c]
591 cleanup & shorten some var names key_fingerprint_bubblebabble.
Ben Lindstromca0bf572001-03-11 20:08:29 +0000592 - deraadt@cvs.openbsd.org 2001/03/11 16:39:03
593 [ssh-keygen.c]
594 KNF, and SHA1 binary output is just creeping featurism
Tim Ricebee3f222001-03-11 17:32:12 -0800595 - tim@mindrot.org 2001/03/11 17:29:32 [configure.in]
596 test if snprintf() supports %ll
597 add /dev to search path for PRNGD/EGD socket
598 fix my mistake in USER_PATH test program
Ben Lindstromf0b48532001-03-12 02:59:31 +0000599 - OpenBSD CVS Sync
600 - markus@cvs.openbsd.org 2001/03/11 18:29:51
601 [key.c]
602 style+cleanup
Ben Lindstrom8fd372b2001-03-12 03:02:17 +0000603 - markus@cvs.openbsd.org 2001/03/11 22:33:24
604 [ssh-keygen.1 ssh-keygen.c]
605 remove -v again. use -B instead for bubblebabble. make -B consistent
606 with -l and make -B work with /path/to/known_hosts. ok deraadt@
Damien Miller547c2762001-03-12 14:23:52 +1100607 - (djm) Bump portable version number for generating test RPMs
Damien Miller3e292fa2001-03-12 14:47:30 +1100608 - (djm) Add "static_openssl" RPM build option, remove rsh build dependency
Ben Lindstrom9ae2bb62001-03-12 05:16:18 +0000609 - (bal) Reorder includes in Makefile.
Ben Lindstromb54873a2001-03-11 20:01:55 +0000610
Ben Lindstrom329782e2001-03-10 17:08:59 +000061120010311
612 - OpenBSD CVS Sync
613 - markus@cvs.openbsd.org 2001/03/10 12:48:27
614 [sshconnect2.c]
615 ignore nonexisting private keys; report rjmooney@mediaone.net
Ben Lindstrom068f3dc2001-03-10 17:15:39 +0000616 - deraadt@cvs.openbsd.org 2001/03/10 12:53:51
617 [readconf.c ssh_config]
618 default to SSH2, now that m68k runs fast
Ben Lindstrom00261542001-03-10 17:17:28 +0000619 - stevesk@cvs.openbsd.org 2001/03/10 15:02:05
620 [ttymodes.c ttymodes.h]
621 remove unused sgtty macros; ok markus@
Ben Lindstromd20d0f32001-03-10 17:22:20 +0000622 - deraadt@cvs.openbsd.org 2001/03/10 15:31:00
623 [compat.c compat.h sshconnect.c]
624 all known netscreen ssh versions, and older versions of OSU ssh cannot
625 handle password padding (newer OSU is fixed)
Tim Rice7f283fc2001-03-10 16:52:25 -0800626 - tim@mindrot.org 2001/03/10 16:33:42 [configure.in Makefile.in sshd_config]
627 make sure $bindir is in USER_PATH so scp will work
Ben Lindstromb9be60a2001-03-11 01:49:19 +0000628 - OpenBSD CVS Sync
629 - markus@cvs.openbsd.org 2001/03/10 17:51:04
630 [kex.c match.c match.h readconf.c readconf.h sshconnect2.c]
631 add PreferredAuthentications
Ben Lindstrom329782e2001-03-10 17:08:59 +0000632
Ben Lindstrom5fc62702001-03-09 18:19:24 +000063320010310
634 - OpenBSD CVS Sync
635 - deraadt@cvs.openbsd.org 2001/03/09 03:14:39
636 [ssh-keygen.c]
637 create *.pub files with umask 0644, so that you can mv them to
638 authorized_keys
Ben Lindstromca42d5f2001-03-09 18:25:32 +0000639 - deraadt@cvs.openbsd.org 2001/03/09 12:30:29
640 [sshd.c]
641 typo; slade@shore.net
Ben Lindstrom5f5419a2001-03-09 19:48:37 +0000642 - Removed log.o from sftp client. Not needed.
Ben Lindstrom5fc62702001-03-09 18:19:24 +0000643
Ben Lindstroma0384982001-03-08 20:37:22 +000064420010309
645 - OpenBSD CVS Sync
646 - stevesk@cvs.openbsd.org 2001/03/08 18:47:12
647 [auth1.c]
648 unused; ok markus@
Ben Lindstrom283cb822001-03-09 00:09:02 +0000649 - stevesk@cvs.openbsd.org 2001/03/08 20:44:48
650 [sftp.1]
651 spelling, cleanup; ok deraadt@
Ben Lindstrom266dfdf2001-03-09 00:12:22 +0000652 - markus@cvs.openbsd.org 2001/03/08 21:42:33
653 [compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
654 implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
655 no need to do enter passphrase or do expensive sign operations if the
656 server does not accept key).
Ben Lindstroma0384982001-03-08 20:37:22 +0000657
Damien Miller058316f2001-03-08 10:08:49 +110065820010308
659 - OpenBSD CVS Sync
Ben Lindstromcebc8582001-03-08 03:39:10 +0000660 - djm@cvs.openbsd.org 2001/03/07 10:11:23
661 [sftp-client.c sftp-client.h sftp-int.c sftp-server.c sftp.1 sftp.c sftp.h]
662 Support for new draft (draft-ietf-secsh-filexfer-01). New symlink handling
663 functions and small protocol change.
664 - markus@cvs.openbsd.org 2001/03/08 00:15:48
665 [readconf.c ssh.1]
666 turn off useprivilegedports by default. only rhost-auth needs
667 this. older sshd's may need this, too.
Kevin Steves52dd4682001-03-08 18:26:57 +0000668 - (stevesk) Reliant Unix (SNI) needs HAVE_BOGUS_SYS_QUEUE_H;
669 Dirk Markwardt <D.Markwardt@tu-bs.de>
Damien Miller058316f2001-03-08 10:08:49 +1100670
Ben Lindstrome21c4ad2001-03-07 01:23:30 +000067120010307
672 - (bal) OpenBSD CVS Sync
673 - deraadt@cvs.openbsd.org 2001/03/06 06:11:18
674 [ssh-keyscan.c]
675 appease gcc
Ben Lindstrom562c26b2001-03-07 01:26:48 +0000676 - deraadt@cvs.openbsd.org 2001/03/06 06:11:44
677 [sftp-int.c sftp.1 sftp.c]
678 sftp -b batchfile; mouring@etoh.eviladmin.org
Ben Lindstromc9b6eab2001-03-07 01:29:17 +0000679 - deraadt@cvs.openbsd.org 2001/03/06 15:10:42
680 [sftp.1]
681 order things
Ben Lindstromd58eb5f2001-03-07 06:07:22 +0000682 - deraadt@cvs.openbsd.org 2001/03/07 01:19:06
683 [ssh.1 sshd.8]
684 the name "secure shell" is boring, noone ever uses it
Ben Lindstromb29e34d2001-03-07 06:08:50 +0000685 - deraadt@cvs.openbsd.org 2001/03/07 04:05:58
686 [ssh.1]
687 removed dated comment
Damien Miller8ac0a7e2001-03-07 21:38:19 +1100688 - Cygwin contrib improvements from Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrome21c4ad2001-03-07 01:23:30 +0000689
Ben Lindstromff8b4942001-03-06 01:00:03 +000069020010306
691 - (bal) OpenBSD CVS Sync
692 - deraadt@cvs.openbsd.org 2001/03/05 14:28:47
693 [sshd.8]
694 alpha order; jcs@rt.fm
Ben Lindstrom35f1f4e2001-03-06 01:02:41 +0000695 - stevesk@cvs.openbsd.org 2001/03/05 15:44:51
696 [servconf.c]
697 sync error message; ok markus@
Ben Lindstromec26fb12001-03-06 01:05:23 +0000698 - deraadt@cvs.openbsd.org 2001/03/05 15:56:16
699 [myproposal.h ssh.1]
700 switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
701 provos & markus ok
Ben Lindstromc78a1872001-03-06 01:06:58 +0000702 - deraadt@cvs.openbsd.org 2001/03/05 16:07:15
703 [sshd.8]
704 detail default hmac setup too
Ben Lindstrom4c4f05e2001-03-06 01:09:20 +0000705 - markus@cvs.openbsd.org 2001/03/05 17:17:21
706 [kex.c kex.h sshconnect2.c sshd.c]
707 generate a 2*need size (~300 instead of 1024/2048) random private
708 exponent during the DH key agreement. according to Niels (the great
709 german advisor) this is safe since /etc/primes contains strong
710 primes only.
711
712 References:
713 P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key
714 agreement with short exponents, In Advances in Cryptology
715 - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
Ben Lindstrom1e621742001-03-06 01:10:53 +0000716 - stevesk@cvs.openbsd.org 2001/03/05 17:40:48
717 [ssh.1]
718 more ssh_known_hosts2 documentation; ok markus@
Ben Lindstrombe6a5a62001-03-06 01:13:06 +0000719 - stevesk@cvs.openbsd.org 2001/03/05 17:58:22
720 [dh.c]
721 spelling
Ben Lindstromb3144e52001-03-06 03:31:34 +0000722 - deraadt@cvs.openbsd.org 2001/03/06 00:33:04
723 [authfd.c cli.c ssh-agent.c]
724 EINTR/EAGAIN handling is required in more cases
Ben Lindstrom884a4ac2001-03-06 03:33:04 +0000725 - millert@cvs.openbsd.org 2001/03/06 01:06:03
726 [ssh-keyscan.c]
727 Don't assume we wil get the version string all in one read().
728 deraadt@ OK'd
Ben Lindstromebc88272001-03-06 03:34:40 +0000729 - millert@cvs.openbsd.org 2001/03/06 01:08:27
730 [clientloop.c]
731 If read() fails with EINTR deal with it the same way we treat EAGAIN
Ben Lindstromff8b4942001-03-06 01:00:03 +0000732
Ben Lindstrom6ed8c042001-03-05 03:53:02 +000073320010305
734 - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
Ben Lindstrom66e5ecc2001-03-05 06:35:29 +0000735 - (bal) CVS ID touch up on sftp-int.c
Ben Lindstromcf0da402001-03-05 06:42:58 +0000736 - (bal) CVS ID touch up on uuencode.c
Ben Lindstrom9c532442001-03-05 07:33:14 +0000737 - (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
Ben Lindstromb0a4cd82001-03-05 04:54:49 +0000738 - (bal) OpenBSD CVS Sync
Ben Lindstrom53992c72001-03-05 04:47:55 +0000739 - deraadt@cvs.openbsd.org 2001/02/17 23:48:48
740 [sshd.8]
741 it's the OpenSSH one
Ben Lindstromb0a4cd82001-03-05 04:54:49 +0000742 - deraadt@cvs.openbsd.org 2001/02/21 07:37:04
743 [ssh-keyscan.c]
744 inline -> __inline__, and some indent
Ben Lindstromb257cca2001-03-05 04:59:27 +0000745 - deraadt@cvs.openbsd.org 2001/02/21 09:05:54
746 [authfile.c]
747 improve fd handling
Ben Lindstrom36592512001-03-05 05:02:08 +0000748 - deraadt@cvs.openbsd.org 2001/02/21 09:12:56
749 [sftp-server.c]
750 careful with & and &&; markus ok
Ben Lindstrom87af95b2001-03-05 05:04:57 +0000751 - stevesk@cvs.openbsd.org 2001/02/21 21:14:04
752 [ssh.c]
753 -i supports DSA identities now; ok markus@
Ben Lindstrom33a3cc32001-03-05 05:07:52 +0000754 - deraadt@cvs.openbsd.org 2001/02/22 04:29:37
755 [servconf.c]
756 grammar; slade@shore.net
Ben Lindstromb7c92322001-03-05 05:10:52 +0000757 - deraadt@cvs.openbsd.org 2001/02/22 06:43:55
758 [ssh-keygen.1 ssh-keygen.c]
759 document -d, and -t defaults to rsa1
Ben Lindstrom7ab51172001-03-05 05:13:38 +0000760 - deraadt@cvs.openbsd.org 2001/02/22 08:03:51
761 [ssh-keygen.1 ssh-keygen.c]
762 bye bye -d
Ben Lindstrom531a4452001-03-05 05:17:18 +0000763 - deraadt@cvs.openbsd.org 2001/02/22 18:09:06
764 [sshd_config]
765 activate RSA 2 key
Ben Lindstromebd888d2001-03-05 05:49:29 +0000766 - markus@cvs.openbsd.org 2001/02/22 21:57:27
767 [ssh.1 sshd.8]
768 typos/grammar from matt@anzen.com
Ben Lindstrom086cf212001-03-05 05:56:40 +0000769 - markus@cvs.openbsd.org 2001/02/22 21:59:44
770 [auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
771 use pwcopy in ssh.c, too
Ben Lindstromf4c73112001-03-05 05:58:23 +0000772 - markus@cvs.openbsd.org 2001/02/23 15:34:53
773 [serverloop.c]
774 debug2->3
Ben Lindstromeb648a72001-03-05 06:00:29 +0000775 - markus@cvs.openbsd.org 2001/02/23 18:15:13
776 [sshd.c]
777 the random session key depends now on the session_key_int
778 sent by the 'attacker'
779 dig1 = md5(cookie|session_key_int);
780 dig2 = md5(dig1|cookie|session_key_int);
781 fake_session_key = dig1|dig2;
782 this change is caused by a mail from anakin@pobox.com
783 patch based on discussions with my german advisor niels@openbsd.org
Ben Lindstromb00d4fb2001-03-05 06:03:03 +0000784 - deraadt@cvs.openbsd.org 2001/02/24 10:37:55
785 [readconf.c]
786 look for id_rsa by default, before id_dsa
Ben Lindstrom4b00c8b2001-03-05 06:05:35 +0000787 - deraadt@cvs.openbsd.org 2001/02/24 10:37:26
788 [sshd_config]
789 ssh2 rsa key before dsa key
Ben Lindstrom6a5cde02001-03-05 06:07:00 +0000790 - markus@cvs.openbsd.org 2001/02/27 10:35:27
791 [packet.c]
792 fix random padding
Ben Lindstrom5de86cc2001-03-05 06:08:19 +0000793 - markus@cvs.openbsd.org 2001/02/27 11:00:11
794 [compat.c]
795 support SSH-2.0-2.1 ; from Christophe_Moret@hp.com
Ben Lindstrom06909012001-03-05 06:09:31 +0000796 - deraadt@cvs.openbsd.org 2001/02/28 05:34:28
797 [misc.c]
798 pull in protos
Ben Lindstromec19a402001-03-05 06:12:01 +0000799 - deraadt@cvs.openbsd.org 2001/02/28 05:36:28
800 [sftp.c]
801 do not kill the subprocess on termination (we will see if this helps
802 things or hurts things)
Ben Lindstrome9613cf2001-03-05 06:14:02 +0000803 - markus@cvs.openbsd.org 2001/02/28 08:45:39
804 [clientloop.c]
805 fix byte counts for ssh protocol v1
Ben Lindstrom7fbd4552001-03-05 06:16:11 +0000806 - markus@cvs.openbsd.org 2001/02/28 08:54:55
807 [channels.c nchan.c nchan.h]
808 make sure remote stderr does not get truncated.
809 remove closed fd's from the select mask.
Ben Lindstrom5699c5f2001-03-05 06:17:49 +0000810 - markus@cvs.openbsd.org 2001/02/28 09:57:07
811 [packet.c packet.h sshconnect2.c]
812 in ssh protocol v2 use ignore messages for padding (instead of
813 trailing \0).
Ben Lindstromcc74df72001-03-05 06:20:14 +0000814 - markus@cvs.openbsd.org 2001/02/28 12:55:07
815 [channels.c]
816 unify debug messages
Ben Lindstrom40304422001-03-05 06:22:01 +0000817 - deraadt@cvs.openbsd.org 2001/02/28 17:52:54
818 [misc.c]
819 for completeness, copy pw_gecos too
Ben Lindstrom941ac822001-03-05 06:25:23 +0000820 - markus@cvs.openbsd.org 2001/02/28 21:21:41
821 [sshd.c]
822 generate a fake session id, too
Ben Lindstrome229b252001-03-05 06:28:06 +0000823 - markus@cvs.openbsd.org 2001/02/28 21:27:48
824 [channels.c packet.c packet.h serverloop.c]
825 use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message
826 use random content in ignore messages.
Ben Lindstromb40204b2001-03-05 06:29:44 +0000827 - markus@cvs.openbsd.org 2001/02/28 21:31:32
828 [channels.c]
829 typo
Ben Lindstromafd34752001-03-05 06:33:23 +0000830 - deraadt@cvs.openbsd.org 2001/03/01 02:11:25
831 [authfd.c]
832 split line so that p will have an easier time next time around
Ben Lindstrom0ab2a012001-03-05 06:45:21 +0000833 - deraadt@cvs.openbsd.org 2001/03/01 02:29:04
834 [ssh.c]
835 shorten usage by a line
Ben Lindstrom204e4882001-03-05 06:47:00 +0000836 - deraadt@cvs.openbsd.org 2001/03/01 02:45:10
837 [auth-rsa.c auth2.c deattack.c packet.c]
838 KNF
Ben Lindstromb22c2b82001-03-05 06:50:47 +0000839 - deraadt@cvs.openbsd.org 2001/03/01 03:38:33
840 [cli.c cli.h rijndael.h ssh-keyscan.1]
841 copyright notices on all source files
Ben Lindstrom4040fe12001-03-05 06:52:57 +0000842 - markus@cvs.openbsd.org 2001/03/01 22:46:37
843 [ssh.c]
844 don't truncate remote ssh-2 commands; from mkubita@securities.cz
845 use min, not max for logging, fixes overflow.
Ben Lindstrom49a098d2001-03-05 06:55:18 +0000846 - deraadt@cvs.openbsd.org 2001/03/02 06:21:01
847 [sshd.8]
848 explain SIGHUP better
Ben Lindstromd7f5b512001-03-05 06:57:23 +0000849 - deraadt@cvs.openbsd.org 2001/03/02 09:42:49
850 [sshd.8]
851 doc the dsa/rsa key pair files
Ben Lindstrom92a2e382001-03-05 06:59:27 +0000852 - deraadt@cvs.openbsd.org 2001/03/02 18:54:31
853 [atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
854 scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
855 ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
856 make copyright lines the same format
Ben Lindstromd20b8552001-03-05 07:01:18 +0000857 - deraadt@cvs.openbsd.org 2001/03/03 06:53:12
858 [ssh-keyscan.c]
859 standard theo sweep
Ben Lindstromc1e04212001-03-05 07:04:38 +0000860 - millert@cvs.openbsd.org 2001/03/03 21:19:41
861 [ssh-keyscan.c]
862 Dynamically allocate read_wait and its copies. Since maxfd is
863 based on resource limits it is often (usually?) larger than FD_SETSIZE.
Ben Lindstromcb80bdf2001-03-05 07:06:12 +0000864 - millert@cvs.openbsd.org 2001/03/03 21:40:30
865 [sftp-server.c]
866 Dynamically allocate fd_set; deraadt@ OK
Ben Lindstromcb978aa2001-03-05 07:07:49 +0000867 - millert@cvs.openbsd.org 2001/03/03 21:41:07
868 [packet.c]
869 Dynamically allocate fd_set; deraadt@ OK
Ben Lindstrom1addabd2001-03-05 07:09:11 +0000870 - deraadt@cvs.openbsd.org 2001/03/03 22:07:50
871 [sftp-server.c]
872 KNF
Ben Lindstrom46d6e092001-03-05 07:10:47 +0000873 - markus@cvs.openbsd.org 2001/03/03 23:52:22
874 [sftp.c]
875 clean up arg processing. based on work by Christophe_Moret@hp.com
Ben Lindstrom8a432f52001-03-05 07:24:46 +0000876 - markus@cvs.openbsd.org 2001/03/03 23:59:34
877 [log.c ssh.c]
878 log*.c -> log.c
Ben Lindstromb1131e92001-03-05 07:27:13 +0000879 - markus@cvs.openbsd.org 2001/03/04 00:03:59
880 [channels.c]
881 debug1->2
Ben Lindstrom3d73a342001-03-05 07:39:01 +0000882 - stevesk@cvs.openbsd.org 2001/03/04 10:57:53
883 [ssh.c]
884 add -m to usage; ok markus@
Ben Lindstrom323c98f2001-03-05 07:40:40 +0000885 - stevesk@cvs.openbsd.org 2001/03/04 11:04:41
886 [sshd.8]
887 small cleanup and clarify for PermitRootLogin; ok markus@
Ben Lindstromd9cae222001-03-05 07:42:03 +0000888 - stevesk@cvs.openbsd.org 2001/03/04 11:16:06
889 [servconf.c sshd.8]
890 kill obsolete RandomSeed; ok markus@ deraadt@
Ben Lindstromfafea182001-03-05 07:43:27 +0000891 - stevesk@cvs.openbsd.org 2001/03/04 12:54:04
892 [sshd.8]
893 spelling
Ben Lindstrom6df8ef42001-03-05 07:47:23 +0000894 - millert@cvs.openbsd.org 2001/03/04 17:42:28
895 [authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
896 ssh.c sshconnect.c sshd.c]
897 log functions should not be passed strings that end in newline as they
898 get passed on to syslog() and when logging to stderr, do_log() appends
899 its own newline.
Ben Lindstromfd2e05b2001-03-05 07:48:45 +0000900 - deraadt@cvs.openbsd.org 2001/03/04 18:21:28
901 [sshd.8]
902 list SSH2 ciphers
Ben Lindstrom0f68db42001-03-05 07:57:09 +0000903 - (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy()
Ben Lindstrom2d9bfb12001-03-05 08:16:54 +0000904 - (bal) Fix up logging since it changed. removed log-*.c
Damien Miller30246a82001-03-05 21:23:31 +1100905 - (djm) Fix up LOG_AUTHPRIV for systems that have it
Kevin Steves935aa242001-03-05 19:46:37 +0000906 - (stevesk) OpenBSD sync:
907 - deraadt@cvs.openbsd.org 2001/03/05 08:37:27
908 [ssh-keyscan.c]
909 skip inlining, why bother
Kevin Steves12888d12001-03-05 19:50:57 +0000910 - (stevesk) sftp.c: handle __progname
Ben Lindstrom6ed8c042001-03-05 03:53:02 +0000911
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +000091220010304
913 - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
Ben Lindstromcfb93702001-03-03 21:43:19 +0000914 - (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and
915 give Mark Roth credit for mdoc2man.pl
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +0000916
Damien Miller459ac4b2001-03-03 20:00:36 +110091720010303
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +0000918 - (djm) Remove make-ssh-known-hosts.pl, ssh-keyscan is better.
919 - (djm) Document PAM ChallengeResponseAuthentication in sshd.8
920 - (djm) Disable and comment ChallengeResponseAuthentication in sshd_config
921 - (djm) Allow PRNGd entropy collection from localhost TCP socket. Replace
Damien Millerd0ccb982001-03-04 00:29:20 +1100922 "--with-egd-pool" configure option with "--with-prngd-socket" and
923 "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
924 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller459ac4b2001-03-03 20:00:36 +1100925
Damien Miller95aa2d62001-03-01 09:16:11 +110092620010301
927 - (djm) Properly add -lcrypt if needed.
Damien Miller882c2ee2001-03-01 09:18:57 +1100928 - (djm) Force standard PAM conversation function in a few more places.
929 Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai
930 <nalin@redhat.com>
Damien Millerb5b62182001-03-01 09:48:13 +1100931 - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen
932 <vinschen@redhat.com>
Damien Miller9de5f052001-03-01 11:09:42 +1100933 - (djm) Released 2.5.1p2
Damien Miller95aa2d62001-03-01 09:16:11 +1100934
Damien Miller4df5c762001-02-28 08:14:22 +110093520010228
936 - (djm) Detect endianness in configure and use it in rijndael.c. Fixes
937 "Bad packet length" bugs.
Damien Millerefb71792001-02-28 11:48:06 +1100938 - (djm) Fully revert PAM session patch (again). All PAM session init is
939 now done before the final fork().
Damien Miller3d8ae612001-02-28 12:49:38 +1100940 - (djm) EGD detection patch from Tim Rice <tim@multitalents.net>
Damien Millere8546622001-02-28 12:51:18 +1100941 - (djm) Remove /tmp from EGD socket search list
Damien Miller4df5c762001-02-28 08:14:22 +1100942
Damien Millerfbd884a2001-02-27 08:39:07 +110094320010227
Ben Lindstrom10b9bf92001-02-26 20:04:45 +0000944 - (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen
945 <vinschen@redhat.com>
Ben Lindstrom7603b2d2001-02-26 20:13:32 +0000946 - (bal) OpenBSD Sync
947 - markus@cvs.openbsd.org 2001/02/23 15:37:45
948 [session.c]
949 handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
Ben Lindstrom0c100872001-02-26 20:38:53 +0000950 - (bal) sshd.init support for all Redhat release. Patch by Jim Knoble
951 <jmknoble@jmknoble.cx>
Ben Lindstromdd784b22001-02-26 22:11:59 +0000952 - (djm) Fix up POSIX saved uid support. Report from Mark Miller
953 <markm@swoon.net>
954 - (djm) Search for -lcrypt on FreeBSD too
Damien Miller767c7fc2001-02-27 09:20:57 +1100955 - (djm) fatal() on OpenSSL version mismatch
Damien Miller5a761312001-02-27 09:28:23 +1100956 - (djm) Move PAM init to after fork for non-Solaris derived PAMs
Damien Miller248131a2001-02-27 09:47:16 +1100957 - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
958 <markm@swoon.net>
Damien Miller7bd1c622001-02-27 10:48:01 +1100959 - (djm) Fix PAM fix
Damien Miller9b405802001-02-27 10:53:00 +1100960 - (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This
961 change is being made as 2.5.x configfiles are not back-compatible with
Damien Miller0bcf9ea2001-02-27 14:03:30 +1100962 2.3.x.
963 - (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller
964 <markm@swoon.net>
Damien Miller6007f192001-02-27 14:42:58 +1100965 - (djm) Open Server 5 doesn't need BROKEN_SAVED_UIDS. Patch from Tim Rice
966 <tim@multitalents.net>
967 - (djm) Avoid multiple definition of _PATH_LS. Patch from Tim Rice
968 <tim@multitalents.net>
Ben Lindstrom10b9bf92001-02-26 20:04:45 +0000969
97020010226
Ben Lindstrom63941f92001-02-25 23:20:40 +0000971 - (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.
Damien Millerbb7c9762001-02-26 20:49:58 +1100972 - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
973 Based on patch from Tim Rice <tim@multitalents.net>
Ben Lindstrom63941f92001-02-25 23:20:40 +0000974
Damien Miller73bb0582001-02-25 09:36:29 +110097520010225
976 - (djm) Use %{_libexecdir} rather than hardcoded path in RPM specfile
977 Patch from Adrian Ho <lexfiend@usa.net>
Ben Lindstrom416d8742001-02-25 02:02:43 +0000978 - (bal) Replace 'unsigned long long' to 'u_int64_t' since not every
979 platform defines u_int64_t as being that.
Damien Miller73bb0582001-02-25 09:36:29 +1100980
Ben Lindstrom65981152001-02-24 00:05:29 +000098120010224
Ben Lindstrom8697e082001-02-24 21:41:10 +0000982 - (bal) Missed part of the UNIX sockets patch. Patch by Corinna
983 Vinschen <vinschen@redhat.com>
984 - (bal) Reorder where 'strftime' is detected to resolve linking
985 issues on SCO. Patch by Tim Rice <tim@multitalents.net>
986
98720010224
Ben Lindstrom65981152001-02-24 00:05:29 +0000988 - (bal) pam_stack fix to correctly detect between RH7 and older RHs.
989 Patch by Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom803f16c2001-02-24 00:24:19 +0000990 - (bal) Renamed sigaction.[ch] to sigact.[ch]. Causes problems with
991 some platforms.
Ben Lindstrom38e60932001-02-24 00:55:04 +0000992 - (bal) Generalize lack of UNIX sockets since this also effects Cray
993 not just Cygwin. Based on patch by Wendy Palm <wendyp@cray.com>
Ben Lindstrom65981152001-02-24 00:05:29 +0000994
Ben Lindstrom008e2912001-02-23 04:45:15 +000099520010223
996 - (bal) Fix --define rh7 in openssh.spec file. Patch by Steve Tell
997 <tell@telltronics.org>
Ben Lindstrom379f2052001-02-23 04:55:46 +0000998 - (bal) Patch to force OpenSSH rpm to require the same version of OpenSSL
999 that it was compiled against. Patch by Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom4ef92b52001-02-23 05:05:53 +00001000 - (bal) Double -I for OpenSSL on SCO. Patch by Tim Rice
1001 <tim@multitalents.net>
Ben Lindstrom008e2912001-02-23 04:45:15 +00001002
Ben Lindstrome1bd29b2001-02-21 20:00:28 +0000100320010222
1004 - (bal) Corrected SCO luid patch by svaughan <svaughan@asterion.com>
Ben Lindstrome68c5672001-02-22 06:20:10 +00001005 - (bal) Added mdoc2man.pl from Mark Roth <roth@feep.net>
1006 - (bal) Removed reference to liblogin from contrib/README. It was
1007 integrated into OpenSSH a long while ago.
Kevin Steves77aeaaf2001-02-22 21:23:21 +00001008 - (stevesk) remove erroneous #ifdef sgi code.
1009 Michael Stone <mstone@cs.loyola.edu>
Ben Lindstrome1bd29b2001-02-21 20:00:28 +00001010
Ben Lindstrom866488b2001-02-20 18:22:38 +0000101120010221
1012 - (bal) Removed -L/usr/ucblib -R/usr/ucblib for Solaris platform.
Ben Lindstrom5eff0312001-02-21 02:35:37 +00001013 - (bal) Fixed OpenSSL rework to use $saved_*. Patch by Tim Rice
1014 <tim@multitalents.net>
Ben Lindstrom94bce402001-02-21 05:53:33 +00001015 - (bal) Reverted out of 2001/02/15 patch by djm below because it
1016 breaks Solaris.
1017 - (djm) Move PAM session setup back to before setuid to user.
1018 fixes problems on Solaris-drived PAMs.
Kevin Stevesff793a22001-02-21 16:36:51 +00001019 - (stevesk) session.c: back out to where we were before:
1020 - (djm) Move PAM session initialisation until after fork in sshd. Patch
1021 from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom5eff0312001-02-21 02:35:37 +00001022
Ben Lindstrom4ffaad82001-02-19 19:54:43 +0000102320010220
1024 - (bal) Fix mixed up params to memmove() from Jan 5th in setenv.c and
1025 getcwd.c.
Ben Lindstroma9a29e12001-02-20 01:20:47 +00001026 - (bal) OpenBSD CVS Sync:
1027 - deraadt@cvs.openbsd.org 2001/02/19 23:09:05
1028 [sshd.c]
1029 clarify message to make it not mention "ident"
Ben Lindstrom4ffaad82001-02-19 19:54:43 +00001030
Ben Lindstromd95c09c2001-02-18 19:13:33 +0000103120010219
1032 - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and
1033 pty.[ch] -> sshpty.[ch]
Damien Millerccdefb62001-02-19 12:56:39 +11001034 - (djm) Rework search for OpenSSL location. Skip directories which don't
1035 exist, don't add -L$ssldir/lib if it doesn't exist. Should help SCO
1036 with its limit of 6 -L options.
Damien Miller7387fdb2001-02-19 21:51:49 +11001037 - OpenBSD CVS Sync:
1038 - reinhard@cvs.openbsd.org 2001/02/17 08:24:40
1039 [sftp.1]
1040 typo
1041 - deraadt@cvs.openbsd.org 2001/02/17 16:28:58
1042 [ssh.c]
1043 cleanup -V output; noted by millert
1044 - deraadt@cvs.openbsd.org 2001/02/17 16:48:48
1045 [sshd.8]
1046 it's the OpenSSH one
1047 - markus@cvs.openbsd.org 2001/02/18 11:33:54
1048 [dispatch.c]
1049 typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi
1050 - markus@cvs.openbsd.org 2001/02/19 02:53:32
1051 [compat.c compat.h serverloop.c]
1052 ssh-1.2.{18-22} has broken handling of ignore messages; report from
1053 itojun@
1054 - markus@cvs.openbsd.org 2001/02/19 03:35:23
1055 [version.h]
1056 OpenSSH_2.5.1 adds bug compat with 1.2.{18-22}
1057 - deraadt@cvs.openbsd.org 2001/02/19 03:36:25
1058 [scp.c]
1059 np is changed by recursion; vinschen@redhat.com
1060 - Update versions in RPM spec files
1061 - Release 2.5.1p1
Ben Lindstromd95c09c2001-02-18 19:13:33 +00001062
Ben Lindstrom6dc75f52001-02-17 16:47:47 +0000106320010218
1064 - (bal) Patch for fix FCHMOD reference in ftp-client.c by Tim Rice
1065 <tim@multitalents.net>
Ben Lindstrom970c0092001-02-17 16:51:07 +00001066 - (Bal) Patch for lack of RA_RESTART in misc.c for mysignal by
1067 stevesk
Damien Miller2deb3f62001-02-18 12:30:55 +11001068 - (djm) Fix my breaking of cygwin builds, Patch from Corinna Vinschen
1069 <vinschen@redhat.com> and myself.
Damien Miller0a4e27d2001-02-18 12:36:39 +11001070 - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz
1071 Miskiewicz <misiek@pld.ORG.PL>
Damien Millerb3ffc5f2001-02-18 12:44:29 +11001072 - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from
1073 Todd C. Miller <Todd.Miller@courtesan.com>
Damien Miller99e92432001-02-18 12:49:35 +11001074 - (djm) Use ttyname() to determine name of tty returned by openpty()
1075 rather then risking overflow. Patch from Marek Michalkiewicz
1076 <marekm@amelek.gda.pl>
Damien Miller22d5aa72001-02-18 12:49:57 +11001077 - (djm) Swapped tests for no_libsocket and no_libnsl in configure.in.
1078 Patch from Marek Michalkiewicz <marekm@amelek.gda.pl>
Damien Miller86093322001-02-18 12:58:24 +11001079 - (djm) Doc fixes from Pekka Savola <pekkas@netcore.fi>
Damien Miller0318e2e2001-02-18 13:04:23 +11001080 - (djm) Use SA_INTERRUPT along SA_RESTART if present (equivalent for
1081 SunOS)
Damien Millerdf288022001-02-18 13:07:07 +11001082 - (djm) SCO needs librpc for libwrap. Patch from Tim Rice
1083 <tim@multitalents.net>
Kevin Steveseff26f22001-02-18 03:42:02 +00001084 - (stevesk) misc.c: cpp rework of SA_(INTERRUPT|RESTART) handling.
Kevin Steves93c17d92001-02-18 03:55:16 +00001085 - (stevesk) scp.c: use mysignal() for updateprogressmeter() handler.
Damien Miller722ccb12001-02-18 15:18:43 +11001086 - (djm) SA_INTERRUPT is the converse of SA_RESTART, apply it only for
1087 SIGALRM.
Damien Millera1072a82001-02-18 15:28:11 +11001088 - (djm) Move entropy.c over to mysignal()
Damien Miller877d8ea2001-02-18 15:29:28 +11001089 - (djm) SunOS 4.x also needs to define HAVE_BOGUS_SYS_QUEUE_H as it has
1090 a <sys/queue.h> that lacks the TAILQ_* macros. Patch from Todd C.
1091 Miller <Todd.Miller@courtesan.com>
Damien Miller75da9a92001-02-18 15:43:07 +11001092 - (djm) Update RPM spec files for 2.5.0p1
Damien Millerc32a5b12001-02-18 23:50:38 +11001093 - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
1094 enable with --with-bsd-auth.
Kevin Steves4679f5b2001-02-18 11:34:32 +00001095 - (stevesk) entropy.c: typo; should be SIGPIPE
Ben Lindstrom6dc75f52001-02-17 16:47:47 +00001096
Ben Lindstrom813f9402001-02-16 15:56:31 +0000109720010217
1098 - (bal) OpenBSD Sync:
1099 - markus@cvs.openbsd.org 2001/02/16 13:38:18
1100 [channel.c]
1101 remove debug
Ben Lindstrom8dcdeb82001-02-16 16:02:14 +00001102 - markus@cvs.openbsd.org 2001/02/16 14:03:43
1103 [session.c]
1104 proper payload-length check for x11 w/o screen-number
Ben Lindstrom813f9402001-02-16 15:56:31 +00001105
Ben Lindstrom4e5a0aa2001-02-15 18:16:22 +0000110620010216
1107 - (bal) added '--with-prce' to allow overriding of system regex when
1108 required (tested by David Dulek <ddulek@fastenal.com>)
Ben Lindstrom58055132001-02-15 18:34:29 +00001109 - (bal) Added DG/UX case and set that they have a broken IPTOS.
Damien Millerc547bf12001-02-16 10:18:12 +11001110 - (djm) Mini-configure reorder patch from Tim Rice <tim@multitalents.net>
1111 Fixes linking on SCO.
Damien Millerb5e85a52001-02-16 11:18:58 +11001112 - (djm) Make gnome-ssh-askpass handle multi-line prompts. Patch from
1113 Nalin Dahyabhai <nalin@redhat.com>
1114 - (djm) BSD license for gnome-ssh-askpass (was X11)
1115 - (djm) KNF on gnome-ssh-askpass
Damien Miller5dfe9762001-02-16 12:05:39 +11001116 - (djm) USE_PIPES for a few more sysv platforms
1117 - (djm) Cleanup configure.in a little
1118 - (djm) Ask users to check config.log when we can't find necessary libs
Damien Miller217f5672001-02-16 12:12:41 +11001119 - (djm) Set "login ID" on systems with setluid. Only enabled for SCO
1120 OpenServer for now. Based on patch from svaughan <svaughan@asterion.com>
Damien Miller79438cc2001-02-16 12:34:57 +11001121 - (djm) OpenBSD CVS:
1122 - markus@cvs.openbsd.org 2001/02/15 16:19:59
1123 [channels.c channels.h serverloop.c sshconnect.c sshconnect.h]
1124 [sshconnect1.c sshconnect2.c]
1125 genericize password padding function for SSH1 and SSH2.
1126 add stylized echo to 2, too.
1127 - (djm) Add roundup() macro to defines.h
Kevin Steves799bed82001-02-16 14:58:12 +00001128 - (stevesk) set SA_RESTART flag in mysignal() for SIGCHLD;
1129 needed on Unixware 2.x.
Ben Lindstrom4e5a0aa2001-02-15 18:16:22 +00001130
Damien Millere8b5b042001-02-15 11:32:15 +1100113120010215
1132 - (djm) Move PAM session setup back to before setuid to user. Fixes
1133 problems on Solaris-derived PAMs.
Damien Miller646aa602001-02-15 11:51:32 +11001134 - (djm) Clean up PAM namespace. Suggested by Darren Moffat
1135 <Darren.Moffat@eng.sun.com>
Ben Lindstrom4272ed82001-02-15 02:36:46 +00001136 - (bal) Sync w/ OpenSSH for new release
1137 - markus@cvs.openbsd.org 2001/02/12 12:45:06
1138 [sshconnect1.c]
1139 fix xmalloc(0), ok dugsong@
Ben Lindstrom06b33aa2001-02-15 03:01:59 +00001140 - markus@cvs.openbsd.org 2001/02/11 12:59:25
1141 [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
1142 sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
1143 1) clean up the MAC support for SSH-2
1144 2) allow you to specify the MAC with 'ssh -m'
1145 3) or the 'MACs' keyword in ssh(d)_config
1146 4) add hmac-{md5,sha1}-96
1147 ok stevesk@, provos@
Ben Lindstromd8a90212001-02-15 03:08:27 +00001148 - markus@cvs.openbsd.org 2001/02/12 16:16:23
1149 [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
1150 ssh-keygen.c sshd.8]
1151 PermitRootLogin={yes,without-password,forced-commands-only,no}
1152 (before this change, root could login even if PermitRootLogin==no)
Ben Lindstrom0a7e3542001-02-15 03:50:49 +00001153 - deraadt@cvs.openbsd.org 2001/02/12 22:56:09
Ben Lindstromf9452512001-02-15 03:12:08 +00001154 [clientloop.c packet.c ssh-keyscan.c]
1155 deal with EAGAIN/EINTR selects which were skipped
Ben Lindstrom0a7e3542001-02-15 03:50:49 +00001156 - markus@cvs.openssh.org 2001/02/13 22:49:40
1157 [auth1.c auth2.c]
1158 setproctitle(user) only if getpwnam succeeds
1159 - markus@cvs.openbsd.org 2001/02/12 23:26:20
1160 [sshd.c]
1161 missing memset; from solar@openwall.com
1162 - stevesk@cvs.openbsd.org 2001/02/12 20:53:33
1163 [sftp-int.c]
1164 lumask now works with 1 numeric arg; ok markus@, djm@
1165 - djm@cvs.openbsd.org 2001/02/14 9:46:03
1166 [sftp-client.c sftp-int.c sftp.1]
1167 Fix and document 'preserve modes & times' option ('-p' flag in sftp);
1168 ok markus@
Damien Miller09214542001-02-15 15:33:17 +11001169 - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN.
1170 - (djm) Move to Jim's 1.2.0 X11 askpass program
Kevin Stevesb7f036f2001-02-15 17:27:15 +00001171 - (stevesk) OpenBSD sync:
1172 - deraadt@cvs.openbsd.org 2001/02/15 01:38:04
1173 [serverloop.c]
1174 indent
Damien Miller09214542001-02-15 15:33:17 +11001175
Damien Miller3dfeee42001-02-14 00:43:55 +1100117620010214
1177 - (djm) Don't try to close PAM session or delete credentials if the
1178 session has not been open or credentials not set. Based on patch from
1179 Andrew Bartlett <abartlet@pcug.org.au>
Damien Miller6b4146a2001-02-14 00:45:51 +11001180 - (djm) Move PAM session initialisation until after fork in sshd. Patch
1181 from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom116b6bd2001-02-13 14:05:59 +00001182 - (bal) Missing function prototype in bsd-snprintf.c patch by
1183 Mark Miller <markm@swoon.net>
Damien Miller92ddb7d2001-02-14 01:25:23 +11001184 - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams
1185 <cmadams@hiwaay.net> with a little modification and KNF.
Kevin Steves7fafa5c2001-02-13 18:45:00 +00001186 - (stevesk) fix for SIA patch, misplaced session_setup_sia()
Damien Miller3dfeee42001-02-14 00:43:55 +11001187
Ben Lindstrom5d8520a2001-02-12 15:57:18 +0000118820010213
Damien Millerd8ab0d42001-02-13 12:11:17 +11001189 - (djm) Only test -S potential EGD sockets if they exist and are readable.
Ben Lindstrom6c92dab2001-02-13 02:18:50 +00001190 - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and
1191 I did a base KNF over the whe whole file to make it more acceptable.
1192 (backed out of original patch and removed it from ChangeLog)
Ben Lindstrom34bb0c72001-02-13 02:40:56 +00001193 - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by
1194 Tim Rice <tim@multitalents.net>
Kevin Stevesbca8c8f2001-02-13 11:26:21 +00001195 - (stevesk) auth1.c: fix PAM passwordless check.
Ben Lindstrom5d8520a2001-02-12 15:57:18 +00001196
Damien Miller070ca312001-02-12 09:34:17 +1100119720010212
1198 - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1",
1199 --define "skip_gnome_askpass 1", --define "rh7 1" and make the
1200 implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from
1201 Pekka Savola <pekkas@netcore.fi>
Damien Millerf1720202001-02-12 11:15:41 +11001202 - (djm) Clean up PCRE text in INSTALL
Damien Miller61ce0362001-02-12 18:02:23 +11001203 - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby
1204 <mib@unimelb.edu.au>
Ben Lindstrom603bdfd2001-02-12 07:29:45 +00001205 - (bal) NCR SVR4 compatiblity provide by Don Bragg <thewizarddon@yahoo.com>
Kevin Steves7f982bf2001-02-12 15:07:52 +00001206 - (stevesk) session.c: remove debugging code.
Damien Miller070ca312001-02-12 09:34:17 +11001207
Ben Lindstromf79aeff2001-02-10 21:27:11 +0000120820010211
1209 - (bal) OpenBSD Sync
1210 - markus@cvs.openbsd.org 2001/02/07 22:35:46
1211 [auth1.c auth2.c sshd.c]
1212 move k_setpag() to a central place; ok dugsong@
Ben Lindstromd1f20ec2001-02-10 21:31:53 +00001213 - markus@cvs.openbsd.org 2001/02/10 12:52:02
1214 [auth2.c]
1215 offer passwd before s/key
Ben Lindstrom075390a2001-02-10 21:34:46 +00001216 - markus@cvs.openbsd.org 2001/02/8 22:37:10
1217 [canohost.c]
1218 remove last call to sprintf; ok deraadt@
Ben Lindstrom874a0b32001-02-10 21:39:49 +00001219 - markus@cvs.openbsd.org 2001/02/10 1:33:32
1220 [canohost.c]
1221 add debug message, since sshd blocks here if DNS is not available
Ben Lindstromfdc9ab02001-02-10 21:45:02 +00001222 - markus@cvs.openbsd.org 2001/02/10 12:44:02
1223 [cli.c]
1224 don't call vis() for \r
Ben Lindstrom550bc542001-02-10 21:50:00 +00001225 - danh@cvs.openbsd.org 2001/02/10 0:12:43
1226 [scp.c]
1227 revert a small change to allow -r option to work again; ok deraadt@
1228 - danh@cvs.openbsd.org 2001/02/10 15:14:11
1229 [scp.c]
1230 fix memory leak; ok markus@
Ben Lindstrom27cb1d02001-02-10 21:59:35 +00001231 - djm@cvs.openbsd.org 2001/02/10 0:45:52
1232 [scp.1]
1233 Mention that you can quote pathnames with spaces in them
Ben Lindstrom8fd10b02001-02-10 22:11:13 +00001234 - markus@cvs.openbsd.org 2001/02/10 1:46:28
1235 [ssh.c]
1236 remove mapping of argv[0] -> hostname
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00001237 - markus@cvs.openbsd.org 2001/02/06 22:26:17
1238 [sshconnect2.c]
1239 do not ask for passphrase in batch mode; report from ejb@ql.org
1240 - itojun@cvs.opebsd.org 2001/02/08 10:47:05
Kevin Steves43276862001-02-11 13:56:43 +00001241 [sshconnect.c sshconnect1.c sshconnect2.c]
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00001242 %.30s is too short for IPv6 numeric address. use %.128s for now.
1243 markus ok
1244 - markus@cvs.openbsd.org 2001/02/09 12:28:35
1245 [sshconnect2.c]
1246 do not free twice, thanks to /etc/malloc.conf
1247 - markus@cvs.openbsd.org 2001/02/09 17:10:53
1248 [sshconnect2.c]
1249 partial success: debug->log; "Permission denied" if no more auth methods
1250 - markus@cvs.openbsd.org 2001/02/10 12:09:21
1251 [sshconnect2.c]
1252 remove some lines
Ben Lindstrom36d7bd02001-02-10 22:27:19 +00001253 - markus@cvs.openbsd.org 2001/02/09 13:38:07
1254 [auth-options.c]
1255 reset options if no option is given; from han.holl@prismant.nl
Ben Lindstromb3211a82001-02-10 22:33:19 +00001256 - markus@cvs.openbsd.org 2001/02/08 21:58:28
1257 [channels.c]
1258 nuke sprintf, ok deraadt@
1259 - markus@cvs.openbsd.org 2001/02/08 21:58:28
1260 [channels.c]
1261 nuke sprintf, ok deraadt@
Ben Lindstrom9d3a8592001-02-10 22:44:12 +00001262 - markus@cvs.openbsd.org 2001/02/06 22:43:02
1263 [clientloop.h]
1264 remove confusing callback code
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +00001265 - deraadt@cvs.openbsd.org 2001/02/08 14:39:36
1266 [readconf.c]
1267 snprintf
Ben Lindstrom28072eb2001-02-10 23:13:41 +00001268 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
1269 sync with netbsd tree changes.
1270 - more strict prototypes, include necessary headers
1271 - use paths.h/pathnames.h decls
1272 - size_t typecase to int -> u_long
Ben Lindstromc791beb2001-02-10 23:18:11 +00001273 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
1274 [ssh-keyscan.c]
1275 fix size_t -> int cast (use u_long). markus ok
1276 - markus@cvs.openbsd.org 2001/02/07 22:43:16
1277 [ssh-keyscan.c]
1278 s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com
1279 - itojun@cvs.openbsd.org 2001/02/09 9:04:59
1280 [ssh-keyscan.c]
1281 do not assume malloc() returns zero-filled region. found by
1282 malloc.conf=AJ.
Ben Lindstromb6c06d92001-02-10 23:21:09 +00001283 - markus@cvs.openbsd.org 2001/02/08 22:35:30
1284 [sshconnect.c]
1285 don't connect if batch_mode is true and stricthostkeychecking set to
1286 'ask'
Ben Lindstrome9d04442001-02-10 23:26:35 +00001287 - djm@cvs.openbsd.org 2001/02/04 21:26:07
1288 [sshd_config]
1289 type: ok markus@
1290 - deraadt@cvs.openbsd.org 2001/02/06 22:07:50
1291 [sshd_config]
1292 enable sftp-server by default
Ben Lindstroma905ecd2001-02-10 23:34:54 +00001293 - deraadt 2001/02/07 8:57:26
1294 [xmalloc.c]
1295 deal with new ANSI malloc stuff
1296 - markus@cvs.openbsd.org 2001/02/07 16:46:08
1297 [xmalloc.c]
1298 typo in fatal()
1299 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
1300 [xmalloc.c]
1301 fix size_t -> int cast (use u_long). markus ok
Ben Lindstromaa630de2001-02-10 23:44:47 +00001302 - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong
1303 [serverloop.c sshconnect1.c]
1304 mitigate SSH1 traffic analysis - from Solar Designer
1305 <solar@openwall.com>, ok provos@
Ben Lindstromb3211a82001-02-10 22:33:19 +00001306 - (bal) fixed sftp-client.c. Return 'status' instead of '0'
1307 (from the OpenBSD tree)
Ben Lindstrombe80af72001-02-10 23:06:02 +00001308 - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD
Ben Lindstrom7e9aff52001-02-10 23:00:22 +00001309 - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync)
Ben Lindstrom70ea46a2001-02-10 23:30:16 +00001310 - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace.
Ben Lindstrome5b3fb32001-02-10 23:56:35 +00001311 - (bal) A bit more whitespace cleanup
Damien Millerbd5817d2001-02-11 22:35:11 +11001312 - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett
1313 <abartlet@pcug.org.au>
Kevin Stevesfad3c512001-02-11 14:34:10 +00001314 - (stevesk) misc.c: ssh.h not needed.
Kevin Stevesbcc86272001-02-11 18:49:23 +00001315 - (stevesk) compat.c: more friendly cpp error
Kevin Stevesd85bf4b2001-02-11 16:43:05 +00001316 - (stevesk) OpenBSD sync:
1317 - stevesk@cvs.openbsd.org 2001/02/11 06:15:57
1318 [LICENSE]
1319 typos and small cleanup; ok deraadt@
Ben Lindstromf79aeff2001-02-10 21:27:11 +00001320
Damien Millerd7686fd2001-02-10 00:40:03 +1100132120010210
1322 - (djm) Sync sftp and scp stuff from OpenBSD:
1323 - djm@cvs.openbsd.org 2001/02/07 03:55:13
1324 [sftp-client.c]
1325 Don't free handles before we are done with them. Based on work from
1326 Corinna Vinschen <vinschen@redhat.com>. ok markus@
1327 - djm@cvs.openbsd.org 2001/02/06 22:32:53
1328 [sftp.1]
1329 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
1330 - deraadt@cvs.openbsd.org 2001/02/07 04:07:29
1331 [sftp.1]
1332 pretty up significantly
1333 - itojun@cvs.openbsd.org 2001/02/07 06:49:42
1334 [sftp.1]
1335 .Bl-.El mismatch. markus ok
1336 - djm@cvs.openbsd.org 2001/02/07 06:12:30
1337 [sftp-int.c]
1338 Check that target is a directory before doing ls; ok markus@
1339 - itojun@cvs.openbsd.org 2001/02/07 11:01:18
1340 [scp.c sftp-client.c sftp-server.c]
1341 unsigned long long -> %llu, not %qu. markus ok
1342 - stevesk@cvs.openbsd.org 2001/02/07 11:10:39
1343 [sftp.1 sftp-int.c]
1344 more man page cleanup and sync of help text with man page; ok markus@
1345 - markus@cvs.openbsd.org 2001/02/07 14:58:34
1346 [sftp-client.c]
1347 older servers reply with SSH2_FXP_NAME + count==0 instead of EOF
1348 - djm@cvs.openbsd.org 2001/02/07 15:27:19
1349 [sftp.c]
1350 Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov
1351 <roumen.petrov@skalasoft.com>
1352 - stevesk@cvs.openbsd.org 2001/02/07 15:36:04
1353 [sftp-int.c]
1354 portable; ok markus@
1355 - stevesk@cvs.openbsd.org 2001/02/07 15:55:47
1356 [sftp-int.c]
1357 lowercase cmds[].c also; ok markus@
1358 - markus@cvs.openbsd.org 2001/02/07 17:04:52
1359 [pathnames.h sftp.c]
1360 allow sftp over ssh protocol 1; ok djm@
1361 - deraadt@cvs.openbsd.org 2001/02/08 07:38:55
1362 [scp.c]
1363 memory leak fix, and snprintf throughout
1364 - deraadt@cvs.openbsd.org 2001/02/08 08:02:02
1365 [sftp-int.c]
1366 plug a memory leak
1367 - stevesk@cvs.openbsd.org 2001/02/08 10:11:23
1368 [session.c sftp-client.c]
1369 %i -> %d
1370 - stevesk@cvs.openbsd.org 2001/02/08 10:57:59
1371 [sftp-int.c]
1372 typo
1373 - stevesk@cvs.openbsd.org 2001/02/08 15:28:07
1374 [sftp-int.c pathnames.h]
1375 _PATH_LS; ok markus@
1376 - djm@cvs.openbsd.org 2001/02/09 04:46:25
1377 [sftp-int.c]
1378 Check for NULL attribs for chown, chmod & chgrp operations, only send
1379 relevant attribs back to server; ok markus@
Damien Miller137465b2001-02-10 00:47:59 +11001380 - djm@cvs.openbsd.org 2001/02/06 15:05:25
1381 [sftp.c]
1382 Use getopt to process commandline arguments
1383 - djm@cvs.openbsd.org 2001/02/06 15:06:21
1384 [sftp.c ]
1385 Wait for ssh subprocess at exit
1386 - djm@cvs.openbsd.org 2001/02/06 15:18:16
1387 [sftp-int.c]
1388 stat target for remote chdir before doing chdir
1389 - djm@cvs.openbsd.org 2001/02/06 15:32:54
1390 [sftp.1]
1391 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
1392 - provos@cvs.openbsd.org 2001/02/05 22:22:02
1393 [sftp-int.c]
1394 cleanup get_pathname, fix pwd after failed cd. okay djm@
Damien Millerd7686fd2001-02-10 00:40:03 +11001395 - (djm) Update makefile.in for _PATH_SFTP_SERVER
Ben Lindstromc5dbf7f2001-02-10 00:37:17 +00001396 - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree)
Damien Millerd7686fd2001-02-10 00:40:03 +11001397
Ben Lindstromefe35aa2001-02-08 16:34:56 +0000139820010209
1399 - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney
1400 <rjmooney@mediaone.net>
Ben Lindstrom40f41512001-02-08 18:05:17 +00001401 - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the
1402 main tree while porting forward. Pointed out by Lutz Jaenicke
1403 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromfc032bb2001-02-08 18:40:09 +00001404 - (bal) double entry in configure.in. Pointed out by Lutz Jaenicke
1405 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Kevin Steves4abe4de2001-02-08 19:16:32 +00001406 - (stevesk) OpenBSD sync:
1407 - markus@cvs.openbsd.org 2001/02/08 11:20:01
1408 [auth2.c]
1409 strict checking
1410 - markus@cvs.openbsd.org 2001/02/08 11:15:22
1411 [version.h]
1412 update to 2.3.2
1413 - markus@cvs.openbsd.org 2001/02/08 11:12:30
1414 [auth2.c]
1415 fix typo
Damien Milleraf13cca2001-02-09 12:01:51 +11001416 - (djm) Update spec files
Ben Lindstromf6b7b092001-02-09 01:23:39 +00001417 - (bal) OpenBSD sync:
1418 - deraadt@cvs.openbsd.org 2001/02/08 14:38:54
1419 [scp.c]
1420 memory leak fix, and snprintf throughout
Ben Lindstrom5b828322001-02-09 01:34:36 +00001421 - markus@cvs.openbsd.org 2001/02/06 22:43:02
1422 [clientloop.c]
1423 remove confusing callback code
Damien Millere9cf3572001-02-09 12:55:35 +11001424 - (djm) Add CVS Id's to files that we have missed
Ben Lindstrom31ca54a2001-02-09 02:11:24 +00001425 - (bal) OpenBSD Sync (more):
1426 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
1427 sync with netbsd tree changes.
1428 - more strict prototypes, include necessary headers
1429 - use paths.h/pathnames.h decls
1430 - size_t typecase to int -> u_long
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00001431 - markus@cvs.openbsd.org 2001/02/06 22:07:42
1432 [ssh.c]
1433 fatal() if subsystem fails
1434 - markus@cvs.openbsd.org 2001/02/06 22:43:02
1435 [ssh.c]
1436 remove confusing callback code
1437 - jakob@cvs.openbsd.org 2001/02/06 23:03:24
1438 [ssh.c]
1439 add -1 option (force protocol version 1). ok markus@
1440 - jakob@cvs.openbsd.org 2001/02/06 23:06:21
1441 [ssh.c]
1442 reorder -{1,2,4,6} options. ok markus@
Ben Lindstromb0407fc2001-02-09 02:23:10 +00001443 - (bal) Missing 'const' in readpass.h
Ben Lindstrom288cc392001-02-09 02:58:04 +00001444 - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =)
1445 - djm@cvs.openbsd.org 2001/02/06 23:30:28
1446 [sftp-client.c]
1447 replace arc4random with counter for request ids; ok markus@
Damien Miller4192c462001-02-09 22:55:16 +11001448 - (djm) Define _PATH_TTY for systems that don't. Report from Lutz
1449 Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromefe35aa2001-02-08 16:34:56 +00001450
Damien Miller3d0a7d52001-02-08 08:22:47 +1100145120010208
1452 - (djm) Don't delete external askpass program in make uninstall target.
1453 Report and fix from Roumen Petrov <roumen.petrov@skalasoft.com>
Damien Miller4864e8f2001-02-08 10:07:08 +11001454 - (djm) Fix linking of sftp, don't need arc4random any more.
1455 - (djm) Try to use shell that supports "test -S" for EGD socket search.
1456 Based on patch from Tim Rice <tim@multitalents.net>
Damien Miller3d0a7d52001-02-08 08:22:47 +11001457
Damien Miller4855ae92001-02-07 23:21:31 +1100145820010207
Ben Lindstrom582d3982001-02-06 22:54:30 +00001459 - (bal) Save the whole path to AR in configure. Some Solaris 2.7 installs
1460 seem lose track of it while in openbsd-compat/ (two confirmed reports)
Damien Miller63dc3e92001-02-07 12:58:33 +11001461 - (djm) Much KNF on PAM code
Damien Miller4855ae92001-02-07 23:21:31 +11001462 - (djm) Revise auth-pam.c conversation function to be a little more
1463 readable.
Damien Miller63dc3e92001-02-07 12:58:33 +11001464 - (djm) Revise kbd-int PAM conversation function to fold all text messages
1465 to before first prompt. Fixes hangs if last pam_message did not require
1466 a reply.
1467 - (djm) Fix password changing when using PAM kbd-int authentication
Ben Lindstrom582d3982001-02-06 22:54:30 +00001468
Damien Miller4855ae92001-02-07 23:21:31 +1100146920010205
Kevin Stevesef4eea92001-02-05 12:42:17 +00001470 - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms
Ben Lindstrom03f07b42001-02-04 20:44:01 +00001471 that don't have NGROUPS_MAX.
Ben Lindstromd2ddda42001-02-04 21:57:11 +00001472 - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu>
Kevin Stevesef4eea92001-02-05 12:42:17 +00001473 - (stevesk) OpenBSD sync:
1474 - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
1475 [many files; did this manually to our top-level source dir]
1476 unexpand and remove end-of-line whitespace; ok markus@
Kevin Steves8e743932001-02-05 13:24:35 +00001477 - stevesk@cvs.openbsd.org 2001/02/04 15:21:19
1478 [sftp-server.c]
1479 SSH2_FILEXFER_ATTR_UIDGID support; ok markus@
Kevin Steves62c45db2001-02-05 13:42:43 +00001480 - deraadt@cvs.openbsd.org 2001/02/04 17:02:32
1481 [sftp-int.c]
1482 ? == help
1483 - deraadt@cvs.openbsd.org 2001/02/04 16:47:46
1484 [sftp-int.c]
1485 sort commands, so that abbreviations work as expected
1486 - stevesk@cvs.openbsd.org 2001/02/04 15:17:52
1487 [sftp-int.c]
1488 debugging sftp: precedence and missing break. chmod, chown, chgrp
1489 seem to be working now.
1490 - markus@cvs.openbsd.org 2001/02/04 14:41:21
1491 [sftp-int.c]
1492 use base 8 for umask/chmod
1493 - markus@cvs.openbsd.org 2001/02/04 11:11:54
1494 [sftp-int.c]
1495 fix LCD
Kevin Steves3c034ae2001-02-05 13:47:11 +00001496 - markus@cvs.openbsd.org 2001/02/04 08:10:44
1497 [ssh.1]
1498 typo; dpo@club-internet.fr
Kevin Steves0afcc9f2001-02-05 13:57:36 +00001499 - stevesk@cvs.openbsd.org 2001/02/04 06:30:12
1500 [auth2.c authfd.c packet.c]
1501 remove duplicate #include's; ok markus@
Kevin Stevesadf74cd2001-02-05 14:22:50 +00001502 - deraadt@cvs.openbsd.org 2001/02/04 16:56:23
1503 [scp.c sshd.c]
1504 alpha happiness
1505 - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
1506 [sshd.c]
1507 precedence; ok markus@
Kevin Steves12057502001-02-05 14:54:34 +00001508 - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
Kevin Stevesadf74cd2001-02-05 14:22:50 +00001509 [ssh.c sshd.c]
1510 make the alpha happy
Kevin Steves12057502001-02-05 14:54:34 +00001511 - markus@cvs.openbsd.org 2001/01/31 13:37:24
1512 [channels.c channels.h serverloop.c ssh.c]
Damien Miller4855ae92001-02-07 23:21:31 +11001513 do not disconnect if local port forwarding fails, e.g. if port is
1514 already in use
Kevin Steves12057502001-02-05 14:54:34 +00001515 - markus@cvs.openbsd.org 2001/02/01 14:58:09
1516 [channels.c]
1517 use ipaddr in channel messages, ietf-secsh wants this
1518 - markus@cvs.openbsd.org 2001/01/31 12:26:20
1519 [channels.c]
Damien Miller4855ae92001-02-07 23:21:31 +11001520 ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE
1521 messages; bug report from edmundo@rano.org
Kevin Stevese27a5e02001-02-05 15:15:27 +00001522 - markus@cvs.openbsd.org 2001/01/31 13:48:09
1523 [sshconnect2.c]
1524 unused
Kevin Stevesec1c1402001-02-05 15:39:22 +00001525 - deraadt@cvs.openbsd.org 2001/02/04 08:23:08
1526 [sftp-client.c sftp-server.c]
1527 make gcc on the alpha even happier
Ben Lindstrom75713c92001-02-04 20:27:44 +00001528
Damien Miller4855ae92001-02-07 23:21:31 +1100152920010204
Ben Lindstrom70442532001-02-03 21:31:22 +00001530 - (bal) I think this is the last of the bsd-*.h that don't belong.
Ben Lindstrom684ba4c2001-02-03 21:53:47 +00001531 - (bal) Minor Makefile fix
Ben Lindstrom1c56a012001-02-03 21:58:12 +00001532 - (bal) openbsd-compat/Makefile minor fix. Ensure dependancies are done
Damien Miller33804262001-02-04 23:20:18 +11001533 right.
Ben Lindstromb0c2eeb2001-02-03 22:15:00 +00001534 - (bal) Changed order of LIB="" in -with-skey due to library resolving.
Ben Lindstrom45cb2932001-02-04 09:41:33 +00001535 - (bal) next-posix.h changed to bsd-nextstep.h
Damien Miller33804262001-02-04 23:20:18 +11001536 - (djm) OpenBSD CVS sync:
1537 - markus@cvs.openbsd.org 2001/02/03 03:08:38
1538 [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
1539 [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
1540 [sshd_config]
1541 make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
1542 - markus@cvs.openbsd.org 2001/02/03 03:19:51
1543 [ssh.1 sshd.8 sshd_config]
1544 Skey is now called ChallengeResponse
1545 - markus@cvs.openbsd.org 2001/02/03 03:43:09
1546 [sshd.8]
1547 use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
1548 channel. note from Erik.Anggard@cygate.se (pr/1659)
1549 - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
1550 [ssh.1]
1551 typos; ok markus@
1552 - djm@cvs.openbsd.org 2001/02/04 04:11:56
1553 [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
1554 [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
1555 Basic interactive sftp client; ok theo@
1556 - (djm) Update RPM specs for new sftp binary
1557 - (djm) Update several bits for new optional reverse lookup stuff. I
1558 think I got them all.
Damien Millerb797b922001-02-04 23:27:00 +11001559 - (djm) Makefile.in fixes
Kevin Stevesb6e773a2001-02-04 13:20:36 +00001560 - (stevesk) add mysignal() wrapper and use it for the protocol 2
1561 SIGCHLD handler.
Kevin Steves8e743932001-02-05 13:24:35 +00001562 - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@
Ben Lindstrom70442532001-02-03 21:31:22 +00001563
Damien Miller4855ae92001-02-07 23:21:31 +1100156420010203
Ben Lindstromdd5c5a32001-02-02 18:58:33 +00001565 - (bal) Cygwin clean up by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom64136352001-02-02 19:03:13 +00001566 - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD
1567 based file) to ensure #include space does not get confused.
Ben Lindstrome6b3b7b2001-02-03 00:33:04 +00001568 - (bal) Minor Makefile.in tweak. dirname may not exist on some
1569 platforms so builds fail. (NeXT being a well known one)
Ben Lindstromdd5c5a32001-02-02 18:58:33 +00001570
Damien Miller4855ae92001-02-07 23:21:31 +1100157120010202
Damien Miller33804262001-02-04 23:20:18 +11001572 - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen
Ben Lindstrom2ffbbe62001-02-02 00:00:54 +00001573 <vinschen@redhat.com>
Ben Lindstrom25a77852001-02-02 10:17:46 +00001574 - (bal) Makefile fix to use $(MAKE) instead of 'make' for platforms
1575 that use 'gmake'. Patch by Tim Rice <tim@multitalents.net>
Ben Lindstrom2ffbbe62001-02-02 00:00:54 +00001576
Damien Miller4855ae92001-02-07 23:21:31 +1100157720010201
Ben Lindstrome03c85d2001-02-01 14:06:11 +00001578 - (bal) Minor fix to Makefile to stop rebuilding executables if no
1579 changes have occured to any of the supporting code. Patch by
1580 Roumen Petrov <roumen.petrov@skalasoft.com>
1581
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000158220010131
Damien Miller3c4659c2001-01-31 09:52:43 +11001583 - (djm) OpenBSD CVS Sync:
1584 - djm@cvs.openbsd.org 2001/01/30 15:48:53
1585 [sshconnect.c]
1586 Make warning message a little more consistent. ok markus@
Damien Miller709528a2001-01-31 09:57:55 +11001587 - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from
1588 Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com>
1589 respectively.
Damien Millerbf757762001-01-31 10:50:49 +11001590 - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain
1591 passwords.
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +00001592 - (bal) Reorder. Move all bsd-*, fake-*, next-*, and cygwin* stuff to
1593 openbsd-compat/. And resolve all ./configure and Makefile.in issues
1594 assocated.
Damien Miller3c4659c2001-01-31 09:52:43 +11001595
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000159620010130
Damien Miller5e953212001-01-30 09:14:00 +11001597 - (djm) OpenBSD CVS Sync:
1598 - markus@cvs.openbsd.org 2001/01/29 09:55:37
1599 [channels.c channels.h clientloop.c serverloop.c]
1600 fix select overflow; ok deraadt@ and stevesk@
Damien Millerd83ff352001-01-30 09:19:34 +11001601 - markus@cvs.openbsd.org 2001/01/29 12:42:35
1602 [canohost.c canohost.h channels.c clientloop.c]
1603 add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
Damien Miller7650bc62001-01-30 09:27:26 +11001604 - markus@cvs.openbsd.org 2001/01/29 12:47:32
1605 [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
1606 handle rsa_private_decrypt failures; helps against the Bleichenbacher
1607 pkcs#1 attack
Damien Miller832562e2001-01-30 09:30:01 +11001608 - djm@cvs.openbsd.org 2001/01/29 05:36:11
1609 [ssh.1 ssh.c]
1610 Allow invocation of sybsystem by commandline (-s); ok markus@
Kevin Stevesb6b4a7a2001-01-30 18:31:43 +00001611 - (stevesk) configure.in: remove duplicate PROG_LS
Damien Miller5e953212001-01-30 09:14:00 +11001612
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000161320010129
Kevin Stevesb71eb582001-01-29 16:57:27 +00001614 - (stevesk) sftp-server.c: use %lld vs. %qd
1615
Ben Lindstrom49af82b2001-01-27 20:43:57 +0000161620010128
1617 - (bal) Put USE_PIPES back into sco3.2v5
Ben Lindstrom36579d32001-01-29 07:39:26 +00001618 - (bal) OpenBSD Sync
Ben Lindstromd5390202001-01-29 08:07:43 +00001619 - markus@cvs.openbsd.org 2001/01/28 10:15:34
1620 [dispatch.c]
1621 re-keying is not supported; ok deraadt@
Ben Lindstrom035782e2001-01-29 08:34:16 +00001622 - markus@cvs.openbsd.org 2001/01/28 10:24:04
Ben Lindstrom8eec2c82001-01-29 08:39:16 +00001623 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Ben Lindstrom035782e2001-01-29 08:34:16 +00001624 cleanup AUTHORS sections
Ben Lindstromd5390202001-01-29 08:07:43 +00001625 - markus@cvs.openbsd.org 2001/01/28 10:37:26
Ben Lindstromc12a6b72001-01-29 08:41:05 +00001626 [sshd.c sshd.8]
Ben Lindstromd5390202001-01-29 08:07:43 +00001627 remove -Q, no longer needed
1628 - stevesk@cvs.openbsd.org 2001/01/28 20:36:16
Ben Lindstromeb930d42001-01-29 08:37:08 +00001629 [readconf.c ssh.1]
Ben Lindstromd5390202001-01-29 08:07:43 +00001630 ``StrictHostKeyChecking ask'' documentation and small cleanup.
1631 ok markus@
Ben Lindstroma7333502001-01-29 08:44:03 +00001632 - stevesk@cvs.openbsd.org 2001/01/28 20:43:25
Damien Miller33804262001-02-04 23:20:18 +11001633 [sshd.8]
Ben Lindstroma7333502001-01-29 08:44:03 +00001634 spelling. ok markus@
Ben Lindstrom91fd62a2001-01-29 08:10:11 +00001635 - stevesk@cvs.openbsd.org 2001/01/28 20:53:21
1636 [xmalloc.c]
1637 use size_t for strlen() return. ok markus@
Ben Lindstroma7333502001-01-29 08:44:03 +00001638 - stevesk@cvs.openbsd.org 2001/01/28 22:27:05
1639 [authfile.c]
1640 spelling. use sizeof vs. strlen(). ok markus@
Ben Lindstromd5390202001-01-29 08:07:43 +00001641 - niklas@cvs.openbsd.org 2001/01/29 1:59:14
Ben Lindstrom36579d32001-01-29 07:39:26 +00001642 [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h
1643 groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h
1644 key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h
1645 radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1
1646 ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config
1647 sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h]
1648 $OpenBSD$
Ben Lindstrom6d40c0f2001-01-29 09:02:24 +00001649 - (bal) Minor auth2.c resync. Whitespace and moving of an #include.
Ben Lindstrom49af82b2001-01-27 20:43:57 +00001650
Ben Lindstrom27eebe62001-01-25 23:04:22 +0000165120010126
Damien Miller33804262001-02-04 23:20:18 +11001652 - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen
Ben Lindstrom27eebe62001-01-25 23:04:22 +00001653 Petrov <roumen.petrov@skalasoft.com>
Ben Lindstrom77808ab2001-01-26 05:10:34 +00001654 - (bal) OpenBSD Sync
1655 - deraadt@cvs.openbsd.org 2001/01/25 8:06:33
1656 [ssh-agent.c]
1657 call _exit() in signal handler
Ben Lindstrom27eebe62001-01-25 23:04:22 +00001658
Damien Miller2a5c1ce2001-01-25 10:32:00 +1100165920010125
1660 - (djm) Sync bsd-* support files:
1661 - deraadt@cvs.openbsd.org 2000/01/26 03:43:20
1662 [rresvport.c bindresvport.c]
Damien Miller33804262001-02-04 23:20:18 +11001663 new bindresvport() semantics that itojun, shin, jean-luc and i have
Damien Miller2a5c1ce2001-01-25 10:32:00 +11001664 agreed on, which will be happy for the future. bindresvport_sa() for
1665 sockaddr *, too. docs later..
1666 - deraadt@cvs.openbsd.org 2000/01/24 02:24:21
1667 [bindresvport.c]
Damien Miller33804262001-02-04 23:20:18 +11001668 in bindresvport(), if sin is non-NULL, example sin->sin_family for
Damien Miller2a5c1ce2001-01-25 10:32:00 +11001669 the actual family being processed
Damien Miller0736c4d2001-01-25 10:51:46 +11001670 - (djm) Mention PRNGd in documentation, it is nicer than EGD
1671 - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf
Ben Lindstromec3830a2001-01-25 00:07:33 +00001672 - (bal) AC_FUNC_STRFTIME added to autoconf
Ben Lindstrom87b147f2001-01-25 00:41:12 +00001673 - (bal) OpenBSD Resync
1674 - stevesk@cvs.openbsd.org 2001/01/24 21:03:50
1675 [channels.c]
1676 missing freeaddrinfo(); ok markus@
Damien Miller2a5c1ce2001-01-25 10:32:00 +11001677
Ben Lindstrombda5bdc2001-01-23 16:09:51 +0000167820010124
1679 - (bal) OpenBSD Resync
1680 - markus@cvs.openbsd.org 2001/01/23 10:45:10
1681 [ssh.h]
Damien Miller33804262001-02-04 23:20:18 +11001682 nuke comment
Ben Lindstrom2396b302001-01-23 16:54:29 +00001683 - (bal) no 64bit support patch from Tim Rice <tim@multitalents.net>
1684 - (bal) #ifdef around S_IFSOCK if platform does not support it.
1685 patch by Tim Rice <tim@multitalents.net>
1686 - (bal) fake-regex.h cleanup based on Tim Rice's patch.
Kevin Stevesb6b37ba2001-01-24 20:01:44 +00001687 - (stevesk) sftp-server.c: fix chmod() mode mask
Ben Lindstrombda5bdc2001-01-23 16:09:51 +00001688
Ben Lindstromcb577332001-01-22 21:06:19 +0000168920010123
1690 - (bal) regexp.h typo in configure.in. Should have been regex.h
1691 - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
Damien Miller33804262001-02-04 23:20:18 +11001692 - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT
Ben Lindstromb1985f72001-01-23 00:19:15 +00001693 - (bal) OpenBSD Resync
1694 - markus@cvs.openbsd.org 2001/01/22 8:15:00
1695 [auth-krb4.c sshconnect1.c]
1696 only AFS needs radix.[ch]
1697 - markus@cvs.openbsd.org 2001/01/22 8:32:53
1698 [auth2.c]
1699 no need to include; from mouring@etoh.eviladmin.org
1700 - stevesk@cvs.openbsd.org 2001/01/22 16:55:21
1701 [key.c]
1702 free() -> xfree(); ok markus@
1703 - stevesk@cvs.openbsd.org 2001/01/22 17:22:28
1704 [sshconnect2.c sshd.c]
1705 fix memory leaks in SSH2 key exchange; ok markus@
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +00001706 - markus@cvs.openbsd.org 2001/01/22 23:06:39
1707 [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
1708 sshconnect1.c sshconnect2.c sshd.c]
1709 rename skey -> challenge response.
1710 auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
Ben Lindstromb1985f72001-01-23 00:19:15 +00001711
Ben Lindstromcb577332001-01-22 21:06:19 +00001712
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000171320010122
1714 - (bal) OpenBSD Resync
1715 - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
1716 [servconf.c ssh.h sshd.c]
1717 only auth-chall.c needs #ifdef SKEY
1718 - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
1719 [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
1720 auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
1721 packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
1722 session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
1723 ssh1.h sshconnect1.c sshd.c ttymodes.c]
1724 move ssh1 definitions to ssh1.h, pathnames to pathnames.h
1725 - markus@cvs.openbsd.org 2001/01/19 16:48:14
1726 [sshd.8]
1727 fix typo; from stevesk@
1728 - markus@cvs.openbsd.org 2001/01/19 16:50:58
1729 [ssh-dss.c]
Damien Miller33804262001-02-04 23:20:18 +11001730 clear and free digest, make consistent with other code (use dlen); from
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001731 stevesk@
1732 - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
1733 [auth-options.c auth-options.h auth-rsa.c auth2.c]
1734 pass the filename to auth_parse_options()
Damien Miller33804262001-02-04 23:20:18 +11001735 - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001736 [readconf.c]
1737 fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
1738 - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
1739 [sshconnect2.c]
1740 dh_new_group() does not return NULL. ok markus@
1741 - markus@cvs.openbsd.org 2001/01/20 21:33:42
1742 [ssh-add.c]
Damien Miller33804262001-02-04 23:20:18 +11001743 do not loop forever if askpass does not exist; from
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001744 andrew@pimlott.ne.mediaone.net
1745 - djm@cvs.openbsd.org 2001/01/20 23:00:56
1746 [servconf.c]
1747 Check for NULL return from strdelim; ok markus
1748 - djm@cvs.openbsd.org 2001/01/20 23:02:07
1749 [readconf.c]
1750 KNF; ok markus
1751 - jakob@cvs.openbsd.org 2001/01/21 9:00:33
1752 [ssh-keygen.1]
1753 remove -R flag; ok markus@
1754 - markus@cvs.openbsd.org 2001/01/21 19:05:40
1755 [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
1756 auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
1757 auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
1758 bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
1759 cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
1760 deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
1761 key.c key.h log-client.c log-server.c log.c log.h login.c login.h
1762 match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
1763 readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
1764 session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
Damien Miller33804262001-02-04 23:20:18 +11001765 ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001766 sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
1767 ttysmodes.c uidswap.c xmalloc.c]
Damien Miller33804262001-02-04 23:20:18 +11001768 split ssh.h and try to cleanup the #include mess. remove unnecessary
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001769 #includes. rename util.[ch] -> misc.[ch]
1770 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
Damien Miller33804262001-02-04 23:20:18 +11001771 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
Ben Lindstrom226cfa02001-01-22 05:34:40 +00001772 conflict when compiling for non-kerb install
1773 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
1774 on 1/19.
1775
Ben Lindstromcf0809d2001-01-19 15:44:10 +0000177620010120
1777 - (bal) OpenBSD Resync
1778 - markus@cvs.openbsd.org 2001/01/19 12:45:26
1779 [ssh-chall.c servconf.c servconf.h ssh.h sshd.c]
1780 only auth-chall.c needs #ifdef SKEY
Ben Lindstrom401d58f2001-01-19 17:11:43 +00001781 - (bal) Slight auth2-pam.c clean up.
1782 - (bal) Includes a fake-regexp.h to be only used if regcomp() is found,
1783 but no 'regexp.h' found (SCO OpenServer 3 lacks the header).
Ben Lindstromcf0809d2001-01-19 15:44:10 +00001784
Damien Miller5aa80592001-01-19 14:03:40 +1100178520010119
1786 - (djm) Update versions in RPM specfiles
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00001787 - (bal) OpenBSD Resync
1788 - markus@cvs.openbsd.org 2001/01/18 16:20:21
1789 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
1790 sshd.8 sshd.c]
Damien Miller33804262001-02-04 23:20:18 +11001791 log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00001792 systems
1793 - markus@cvs.openbsd.org 2001/01/18 16:59:59
1794 [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
1795 session.h sshconnect1.c]
1796 1) removes fake skey from sshd, since this will be much
1797 harder with /usr/libexec/auth/login_XXX
1798 2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
1799 3) make addition of BSD_AUTH and other challenge reponse methods
1800 easier.
1801 - markus@cvs.openbsd.org 2001/01/18 17:12:43
1802 [auth-chall.c auth2-chall.c]
1803 rename *-skey.c *-chall.c since the files are not skey specific
Damien Miller22e22bf2001-01-19 15:46:38 +11001804 - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>)
1805 to fix NULL pointer deref and fake authloop breakage in PAM code.
Ben Lindstromb100ec92001-01-19 05:37:32 +00001806 - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom5dc81502001-01-19 06:10:29 +00001807 - (bal) Minor cygwin patch to auth1.c. Suggested by djm.
Damien Miller33804262001-02-04 23:20:18 +11001808
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000180920010118
1810 - (bal) Super Sized OpenBSD Resync
1811 - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
1812 [sshd.c]
1813 maxfd+1
1814 - markus@cvs.openbsd.org 2001/01/13 17:59:18
1815 [ssh-keygen.1]
1816 small ssh-keygen manpage cleanup; stevesk@pobox.com
1817 - markus@cvs.openbsd.org 2001/01/13 18:03:07
1818 [scp.c ssh-keygen.c sshd.c]
1819 getopt() returns -1 not EOF; stevesk@pobox.com
1820 - markus@cvs.openbsd.org 2001/01/13 18:06:54
1821 [ssh-keyscan.c]
1822 use SSH_DEFAULT_PORT; from stevesk@pobox.com
1823 - markus@cvs.openbsd.org 2001/01/13 18:12:47
1824 [ssh-keyscan.c]
1825 free() -> xfree(); fix memory leak; from stevesk@pobox.com
1826 - markus@cvs.openbsd.org 2001/01/13 18:14:13
1827 [ssh-add.c]
1828 typo, from stevesk@sweden.hp.com
1829 - markus@cvs.openbsd.org 2001/01/13 18:32:50
Damien Miller33804262001-02-04 23:20:18 +11001830 [packet.c session.c ssh.c sshconnect.c sshd.c]
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001831 split out keepalive from packet_interactive (from dale@accentre.com)
1832 set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
1833 - markus@cvs.openbsd.org 2001/01/13 18:36:45
1834 [packet.c packet.h]
1835 reorder, typo
1836 - markus@cvs.openbsd.org 2001/01/13 18:38:00
1837 [auth-options.c]
1838 fix comment
1839 - markus@cvs.openbsd.org 2001/01/13 18:43:31
1840 [session.c]
1841 Wall
Damien Miller33804262001-02-04 23:20:18 +11001842 - markus@cvs.openbsd.org 2001/01/13 19:14:08
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001843 [clientloop.h clientloop.c ssh.c]
1844 move callback to headerfile
1845 - markus@cvs.openbsd.org 2001/01/15 21:40:10
1846 [ssh.c]
1847 use log() instead of stderr
1848 - markus@cvs.openbsd.org 2001/01/15 21:43:51
1849 [dh.c]
1850 use error() not stderr!
1851 - markus@cvs.openbsd.org 2001/01/15 21:45:29
1852 [sftp-server.c]
1853 rename must fail if newpath exists, debug off by default
1854 - markus@cvs.openbsd.org 2001/01/15 21:46:38
1855 [sftp-server.c]
1856 readable long listing for sftp-server, ok deraadt@
1857 - markus@cvs.openbsd.org 2001/01/16 19:20:06
1858 [key.c ssh-rsa.c]
Damien Miller33804262001-02-04 23:20:18 +11001859 make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
1860 galb@vandyke.com. note that you have to delete older ssh2-rsa keys,
1861 since they are in the wrong format, too. they must be removed from
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001862 .ssh/authorized_keys2 and .ssh/known_hosts2, etc.
Damien Miller33804262001-02-04 23:20:18 +11001863 (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
1864 .ssh/authorized_keys2) additionally, we now check that
Ben Lindstrombf555ba2001-01-18 02:04:35 +00001865 BN_num_bits(rsa->n) >= 768.
1866 - markus@cvs.openbsd.org 2001/01/16 20:54:27
1867 [sftp-server.c]
1868 remove some statics. simpler handles; idea from nisse@lysator.liu.se
1869 - deraadt@cvs.openbsd.org 2001/01/16 23:58:08
1870 [bufaux.c radix.c sshconnect.h sshconnect1.c]
1871 indent
1872 - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
1873 be missing such feature.
1874
Damien Miller33804262001-02-04 23:20:18 +11001875
Damien Miller21de4502001-01-17 09:37:15 +1100187620010117
1877 - (djm) Only write random seed file at exit
Damien Millera64b57a2001-01-17 10:44:13 +11001878 - (djm) Make PAM support optional, enable with --with-pam
Damien Miller33804262001-02-04 23:20:18 +11001879 - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
Damien Millera64b57a2001-01-17 10:44:13 +11001880 provides a crypt() of its own)
1881 - (djm) Avoid a warning in bsd-bindresvport.c
1882 - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
Damien Miller33804262001-02-04 23:20:18 +11001883 can cause weird segfaults errors on Solaris
Damien Miller92e78f82001-01-17 11:10:48 +11001884 - (djm) Avoid warning in PAM code by making read_passphrase arguments const
Damien Miller01fa6382001-01-17 11:23:39 +11001885 - (djm) Add --with-pam to RPM spec files
Damien Miller21de4502001-01-17 09:37:15 +11001886
Ben Lindstrom200e3c92001-01-15 01:56:46 +0000188720010115
1888 - (bal) sftp-server.c change to use chmod() if fchmod() does not exist.
Ben Lindstrom42202bc2001-01-15 02:34:37 +00001889 - (bal) utimes() support via utime() interface on machine that lack utimes().
Ben Lindstrom200e3c92001-01-15 01:56:46 +00001890
Kevin Steves886b06c2001-01-14 00:35:19 +0000189120010114
1892 - (stevesk) initial work for OpenBSD "support supplementary group in
1893 {Allow,Deny}Groups" patch:
1894 - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c)
1895 - add bsd-getgrouplist.h
1896 - new files groupaccess.[ch]
1897 - build but don't use yet (need to merge auth.c changes)
Kevin Steves7b61cfa2001-01-14 19:11:00 +00001898 - (stevesk) complete:
1899 - markus@cvs.openbsd.org 2001/01/13 11:56:48
1900 [auth.c sshd.8]
1901 support supplementary group in {Allow,Deny}Groups
1902 from stevesk@pobox.com
Damien Miller33804262001-02-04 23:20:18 +11001903
Ben Lindstrom2f959b42001-01-11 06:20:23 +0000190420010112
1905 - (bal) OpenBSD Sync
1906 - markus@cvs.openbsd.org 2001/01/10 22:56:22
1907 [bufaux.h bufaux.c sftp-server.c sftp.h getput.h]
1908 cleanup sftp-server implementation:
Damien Miller4855ae92001-02-07 23:21:31 +11001909 add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT
1910 parse SSH2_FILEXFER_ATTR_EXTENDED
1911 send SSH2_FX_EOF if readdir returns no more entries
1912 reply to SSH2_FXP_EXTENDED message
1913 use #defines from the draft
1914 move #definations to sftp.h
Ben Lindstrom2f959b42001-01-11 06:20:23 +00001915 more info:
Damien Miller33804262001-02-04 23:20:18 +11001916 http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt
Ben Lindstrom2f959b42001-01-11 06:20:23 +00001917 - markus@cvs.openbsd.org 2001/01/10 19:43:20
1918 [sshd.c]
1919 XXX - generate_empheral_server_key() is not safe against races,
Damien Miller33804262001-02-04 23:20:18 +11001920 because it calls log()
Ben Lindstrom2f959b42001-01-11 06:20:23 +00001921 - markus@cvs.openbsd.org 2001/01/09 21:19:50
1922 [packet.c]
1923 allow TCP_NDELAY for ipv6; from netbsd via itojun@
1924
Damien Millerfd9885e2001-01-10 08:16:53 +1100192520010110
1926 - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from
1927 Bladt Norbert <Norbert.Bladt@adi.ch>
1928
Ben Lindstrom4b27a532001-01-08 13:55:14 +0000192920010109
1930 - (bal) Resync CVS ID of cli.c
Kevin Steves99a05632001-01-08 20:54:36 +00001931 - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE
1932 code.
Ben Lindstrom48bd7c12001-01-09 00:35:42 +00001933 - (bal) OpenBSD Sync
1934 - markus@cvs.openbsd.org 2001/01/08 22:29:05
1935 [auth2.c compat.c compat.h servconf.c servconf.h sshd.8
1936 sshd_config version.h]
1937 implement option 'Banner /etc/issue.net' for ssh2, move version to
1938 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
1939 is enabled).
1940 - markus@cvs.openbsd.org 2001/01/08 22:03:23
1941 [channels.c ssh-keyscan.c]
1942 O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com
1943 - markus@cvs.openbsd.org 2001/01/08 21:55:41
1944 [sshconnect1.c]
1945 more cleanups and fixes from stevesk@pobox.com:
1946 1) try_agent_authentication() for loop will overwrite key just
1947 allocated with key_new(); don't alloc
1948 2) call ssh_close_authentication_connection() before exit
1949 try_agent_authentication()
1950 3) free mem on bad passphrase in try_rsa_authentication()
1951 - markus@cvs.openbsd.org 2001/01/08 21:48:17
1952 [kex.c]
1953 missing free; thanks stevesk@pobox.com
Ben Lindstrom0d5af602001-01-09 00:50:29 +00001954 - (bal) Detect if clock_t structure exists, if not define it.
1955 - (bal) Detect if O_NONBLOCK exists, if not define it.
1956 - (bal) removed news4-posix.h (now empty)
1957 - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t'
1958 instead of 'int'
Kevin Steves8ee4f692001-01-09 15:28:46 +00001959 - (stevesk) sshd_config: sync
Kevin Steves69f8fb32001-01-09 18:09:13 +00001960 - (stevesk) defines.h: remove spurious ``;''
Ben Lindstrom4b27a532001-01-08 13:55:14 +00001961
Ben Lindstroma383baa2001-01-08 06:13:41 +0000196220010108
1963 - (bal) Fixed another typo in cli.c
1964 - (bal) OpenBSD Sync
1965 - markus@cvs.openbsd.org 2001/01/07 21:26:55
1966 [cli.c]
1967 typo
1968 - markus@cvs.openbsd.org 2001/01/07 21:26:55
1969 [cli.c]
1970 missing free, stevesk@pobox.com
1971 - markus@cvs.openbsd.org 2001/01/07 19:06:25
1972 [auth1.c]
1973 missing free, stevesk@pobox.com
1974 - markus@cvs.openbsd.org 2001/01/07 11:28:04
1975 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1
1976 ssh.h sshd.8 sshd.c]
1977 rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
1978 syslog priority changes:
1979 fatal() LOG_ERR -> LOG_CRIT
1980 log() LOG_INFO -> LOG_NOTICE
Ben Lindstrom48b2f732001-01-08 06:20:38 +00001981 - Updated TODO
Ben Lindstroma383baa2001-01-08 06:13:41 +00001982
Ben Lindstromd26dcf32001-01-06 15:18:16 +0000198320010107
1984 - (bal) OpenBSD Sync
1985 - markus@cvs.openbsd.org 2001/01/06 11:23:27
1986 [ssh-rsa.c]
1987 remove unused
1988 - itojun@cvs.openbsd.org 2001/01/05 08:23:29
1989 [ssh-keyscan.1]
1990 missing .El
1991 - markus@cvs.openbsd.org 2001/01/04 22:41:03
1992 [session.c sshconnect.c]
1993 consistent use of _PATH_BSHELL; from stevesk@pobox.com
1994 - djm@cvs.openbsd.org 2001/01/04 22:35:32
1995 [ssh.1 sshd.8]
1996 Mention AES as available SSH2 Cipher; ok markus
1997 - markus@cvs.openbsd.org 2001/01/04 22:25:58
1998 [sshd.c]
1999 sync usage()/man with defaults; from stevesk@pobox.com
2000 - markus@cvs.openbsd.org 2001/01/04 22:21:26
2001 [sshconnect2.c]
2002 handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
2003 that prints a banner (e.g. /etc/issue.net)
Damien Miller33804262001-02-04 23:20:18 +11002004
Ben Lindstrom91c2a982001-01-04 22:54:50 +0000200520010105
2006 - (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net>
Ben Lindstrom8835a892001-01-05 06:09:52 +00002007 - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove()
Ben Lindstrom91c2a982001-01-04 22:54:50 +00002008
Damien Millerd54e55c2001-01-04 09:07:12 +1100200920010104
2010 - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on
2011 work by Chris Vaughan <vaughan99@yahoo.com>
2012
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +0000201320010103
2014 - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
2015 tree (mainly positioning)
2016 - (bal) OpenSSH CVS Update
2017 - markus@cvs.openbsd.org 2001/01/02 20:41:02
2018 [packet.c]
2019 log remote ip on disconnect; PR 1600 from jcs@rt.fm
2020 - markus@cvs.openbsd.org 2001/01/02 20:50:56
2021 [sshconnect.c]
Damien Miller33804262001-02-04 23:20:18 +11002022 strict_host_key_checking for host_status != HOST_CHANGED &&
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00002023 ip_status == HOST_CHANGED
Damien Miller33804262001-02-04 23:20:18 +11002024 - (bal) authfile.c: Synced CVS ID tag
Ben Lindstrom3ad650a2001-01-03 06:02:51 +00002025 - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net>
2026 - (bal) Disable sftp-server if no 64bit int support exists. Based on
2027 patch by Tim Rice <tim@multitalents.net>
2028 - (bal) Makefile.in changes to uninstall: target to remove sftp-server
2029 and sftp-server.8 manpage.
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00002030
Ben Lindstrom88c33972001-01-02 04:55:52 +0000203120010102
2032 - (bal) OpenBSD CVS Update
2033 - markus@cvs.openbsd.org 2001/01/01 14:52:49
2034 [scp.c]
2035 use shared fatal(); from stevesk@pobox.com
2036
Ben Lindstromfa2d2232000-12-31 07:11:04 +0000203720001231
2038 - (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS.
2039 for multiple reasons.
Ben Lindstrom321ae732000-12-31 15:00:23 +00002040 - (bal) Reverted out of a partial NeXT patch.
Ben Lindstromfa2d2232000-12-31 07:11:04 +00002041
Ben Lindstrom2941f112000-12-29 16:50:13 +0000204220001230
2043 - (bal) OpenBSD CVS Update
2044 - markus@cvs.openbsd.org 2000/12/28 18:58:30
2045 [ssh-keygen.c]
2046 enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2}
Ben Lindstrom6c3ae2b2000-12-30 03:25:14 +00002047 - markus@cvs.openbsd.org 2000/12/29 22:19:13
2048 [channels.c]
2049 missing xfree; from vaughan99@yahoo.com
Ben Lindstrom2941f112000-12-29 16:50:13 +00002050 - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c
Ben Lindstrombeac3b42000-12-29 21:21:26 +00002051 - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination.
Damien Millere142d412001-01-30 20:03:08 +11002052 Suggested by Christian Kurz <shorty@debian.org>
Ben Lindstromf5410352000-12-29 21:37:22 +00002053 - (bal) Add in '.c.o' section to Makefile.in to address make programs that
Damien Miller33804262001-02-04 23:20:18 +11002054 don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke
Ben Lindstromf5410352000-12-29 21:37:22 +00002055 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom42717bf2000-12-28 15:46:20 +00002056
205720001229
Damien Miller33804262001-02-04 23:20:18 +11002058 - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian
Damien Millere142d412001-01-30 20:03:08 +11002059 Kurz <shorty@debian.org>
Ben Lindstrom4dccfa52000-12-28 16:40:05 +00002060 - (bal) OpenBSD CVS Update
2061 - markus@cvs.openbsd.org 2000/12/28 14:25:51
2062 [auth.h auth2.c]
2063 count authentication failures only
2064 - markus@cvs.openbsd.org 2000/12/28 14:25:03
2065 [sshconnect.c]
2066 fingerprint for MITM attacks, too.
2067 - markus@cvs.openbsd.org 2000/12/28 12:03:57
2068 [sshd.8 sshd.c]
2069 document -D
2070 - markus@cvs.openbsd.org 2000/12/27 14:19:21
2071 [serverloop.c]
2072 less chatty
2073 - markus@cvs.openbsd.org 2000/12/27 12:34
2074 [auth1.c sshconnect2.c sshd.c]
2075 typo
2076 - markus@cvs.openbsd.org 2000/12/27 12:30:19
2077 [readconf.c readconf.h ssh.1 sshconnect.c]
2078 new option: HostKeyAlias: allow the user to record the host key
2079 under a different name. This is useful for ssh tunneling over
2080 forwarded connections or if you run multiple sshd's on different
2081 ports on the same machine.
2082 - markus@cvs.openbsd.org 2000/12/27 11:51:53
2083 [ssh.1 ssh.c]
2084 multiple -t force pty allocation, document ORIGINAL_COMMAND
2085 - markus@cvs.openbsd.org 2000/12/27 11:41:31
2086 [sshd.8]
2087 update for ssh-2
Kevin Stevese7652402000-12-28 22:16:00 +00002088 - (stevesk) compress.[ch] sync with openbsd; missed in prototype
2089 fix merge.
Ben Lindstrom42717bf2000-12-28 15:46:20 +00002090
Ben Lindstrome2fb8d32000-12-28 00:07:07 +0000209120001228
2092 - (bal) Patch to add libutil.h to loginrec.c only if the platform has
2093 libutil.h. Suggested by Pekka Savola <pekka@netcore.fi>
Damien Miller9fa07d62000-12-28 14:57:27 +11002094 - (djm) Update to new x11-askpass in RPM spec
Ben Lindstrom42717bf2000-12-28 15:46:20 +00002095 - (bal) SCO patch to not include <sys/queue.h> since it's unrelated
2096 header. Patch by Tim Rice <tim@multitalents.net>
2097 - Updated TODO w/ known HP/UX issue
2098 - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the
2099 bad reference to 'NeXT including it else were' on the #ifdef version.
Ben Lindstrome2fb8d32000-12-28 00:07:07 +00002100
Ben Lindstrom2c467a22000-12-27 04:57:41 +0000210120001227
Damien Miller33804262001-02-04 23:20:18 +11002102 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
Ben Lindstrom2c467a22000-12-27 04:57:41 +00002103 Takumi Yamane <yamtak@b-session.com>
2104 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
2105 by Corinna Vinschen <vinschen@redhat.com>
Damien Millerfa610a12000-12-27 16:44:51 +11002106 - (djm) Fix catman-do target for non-bash
Damien Miller33804262001-02-04 23:20:18 +11002107 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
Ben Lindstrome2fb8d32000-12-28 00:07:07 +00002108 Takumi Yamane <yamtak@b-session.com>
2109 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
2110 by Corinna Vinschen <vinschen@redhat.com>
2111 - (djm) Fix catman-do target for non-bash
Damien Miller33804262001-02-04 23:20:18 +11002112 - (bal) Fixed NeXT's lack of CPPFLAGS honoring.
2113 - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/
Ben Lindstrom5adbad22000-12-27 07:06:21 +00002114 'RLIMIT_NOFILE'
Damien Miller33804262001-02-04 23:20:18 +11002115 - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree,
2116 the info in COPYING.Ylonen has been moved to the start of each
Damien Miller981eeed2000-12-27 19:06:05 +11002117 SSH1-derived file and README.Ylonen is well out of date.
Ben Lindstrom2c467a22000-12-27 04:57:41 +00002118
Ben Lindstrom3deda8b2000-12-22 20:27:43 +0000211920001223
2120 - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects
2121 if a change to config.h has occurred. Suggested by Gert Doering
2122 <gert@greenie.muc.de>
2123 - (bal) OpenBSD CVS Update:
2124 - markus@cvs.openbsd.org 2000/12/22 16:49:40
2125 [ssh-keygen.c]
2126 fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com
2127
Ben Lindstrom46c16222000-12-22 01:43:59 +0000212820001222
2129 - Updated RCSID for pty.c
2130 - (bal) OpenBSD CVS Updates:
2131 - markus@cvs.openbsd.org 2000/12/21 15:10:16
2132 [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
2133 print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
2134 - markus@cvs.openbsd.org 2000/12/20 19:26:56
2135 [authfile.c]
2136 allow ssh -i userkey for root
2137 - markus@cvs.openbsd.org 2000/12/20 19:37:21
2138 [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
2139 fix prototypes; from stevesk@pobox.com
2140 - markus@cvs.openbsd.org 2000/12/20 19:32:08
2141 [sshd.c]
2142 init pointer to NULL; report from Jan.Ivan@cern.ch
2143 - markus@cvs.openbsd.org 2000/12/19 23:17:54
2144 [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
2145 auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
2146 bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
2147 crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
2148 key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
2149 packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
2150 serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
2151 ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c
2152 uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
2153 replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
2154 unsigned' with u_char.
2155
Kevin Stevesa074feb2000-12-21 22:33:45 +0000215620001221
2157 - (stevesk) OpenBSD CVS updates:
2158 - markus@cvs.openbsd.org 2000/12/19 15:43:45
2159 [authfile.c channels.c sftp-server.c ssh-agent.c]
2160 remove() -> unlink() for consistency
2161 - markus@cvs.openbsd.org 2000/12/19 15:48:09
2162 [ssh-keyscan.c]
2163 replace <ssl/x.h> with <openssl/x.h>
2164 - markus@cvs.openbsd.org 2000/12/17 02:33:40
2165 [uidswap.c]
2166 typo; from wsanchez@apple.com
Damien Miller33804262001-02-04 23:20:18 +11002167
Damien Miller82cf0ce2000-12-20 13:34:48 +1100216820001220
Damien Miller33804262001-02-04 23:20:18 +11002169 - (djm) Workaround PAM inconsistencies between Solaris derived PAM code
Damien Miller82cf0ce2000-12-20 13:34:48 +11002170 and Linux-PAM. Based on report and fix from Andrew Morgan
2171 <morgan@transmeta.com>
2172
Kevin Steves1004c7e2000-12-18 18:55:28 +0000217320001218
2174 - (stevesk) rsa.c: entropy.h not needed.
Ben Lindstrom28bfc0d2000-12-18 19:58:57 +00002175 - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile.
2176 Suggested by Wilfredo Sanchez <wsanchez@apple.com>
Kevin Steves1004c7e2000-12-18 18:55:28 +00002177
Kevin Steves8daed182000-12-16 19:21:03 +0000217820001216
2179 - (stevesk) OpenBSD CVS updates:
2180 - markus@cvs.openbsd.org 2000/12/16 02:53:57
2181 [scp.c]
2182 allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE
2183 - markus@cvs.openbsd.org 2000/12/16 02:39:57
2184 [scp.c]
2185 unused; from stevesk@pobox.com
2186
Kevin Stevesfa72dda2000-12-15 18:39:12 +0000218720001215
Kevin Stevese2737522000-12-15 23:47:30 +00002188 - (stevesk) Old OpenBSD patch wasn't completely applied:
2189 - markus@cvs.openbsd.org 2000/01/24 22:11:20
2190 [scp.c]
2191 allow '.' in usernames; from jedgar@fxp.org
Kevin Stevesfa72dda2000-12-15 18:39:12 +00002192 - (stevesk) OpenBSD CVS updates:
2193 - markus@cvs.openbsd.org 2000/12/13 16:26:53
2194 [ssh-keyscan.c]
2195 fatal already adds \n; from stevesk@pobox.com
2196 - markus@cvs.openbsd.org 2000/12/13 16:25:44
2197 [ssh-agent.c]
2198 remove redundant spaces; from stevesk@pobox.com
2199 - ho@cvs.openbsd.org 2000/12/12 15:50:21
2200 [pty.c]
2201 When failing to set tty owner and mode on a read-only filesystem, don't
2202 abort if the tty already has correct owner and reasonably sane modes.
2203 Example; permit 'root' to login to a firewall with read-only root fs.
2204 (markus@ ok)
2205 - deraadt@cvs.openbsd.org 2000/12/13 06:36:05
2206 [pty.c]
2207 KNF
Kevin Stevesfcec7f82000-12-15 19:55:48 +00002208 - markus@cvs.openbsd.org 2000/12/12 14:45:21
2209 [sshd.c]
2210 source port < 1024 is no longer required for rhosts-rsa since it
2211 adds no additional security.
2212 - markus@cvs.openbsd.org 2000/12/12 16:11:49
2213 [ssh.1 ssh.c]
2214 rhosts-rsa is no longer automagically disabled if ssh is not privileged.
2215 UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
2216 these changes should not change the visible default behaviour of the ssh client.
Kevin Steves7d00ba42000-12-15 23:03:10 +00002217 - deraadt@cvs.openbsd.org 2000/12/11 10:27:33
2218 [scp.c]
2219 when copying 0-sized files, do not re-print ETA time at completion
Kevin Steves6b875862000-12-15 23:31:01 +00002220 - provos@cvs.openbsd.org 2000/12/15 10:30:15
2221 [kex.c kex.h sshconnect2.c sshd.c]
2222 compute diffie-hellman in parallel between server and client. okay markus@
Kevin Stevesfa72dda2000-12-15 18:39:12 +00002223
Damien Miller152cea22000-12-13 19:21:51 +1100222420001213
2225 - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report
2226 from Andreas M. Kirchwitz <amk@krell.zikzak.de>
Kevin Stevesfa72dda2000-12-15 18:39:12 +00002227 - (stevesk) OpenBSD CVS update:
Kevin Stevesec84dc12000-12-13 17:45:15 +00002228 - markus@cvs.openbsd.org 2000/12/12 15:30:02
2229 [ssh-keyscan.c ssh.c sshd.c]
Damien Miller33804262001-02-04 23:20:18 +11002230 consistently use __progname; from stevesk@pobox.com
Damien Miller152cea22000-12-13 19:21:51 +11002231
Ben Lindstrom4cc90a42000-12-10 22:12:54 +0000223220001211
2233 - (bal) Applied patch to include ssh-keyscan into Redhat's package, and
2234 patch to install ssh-keyscan manpage. Patch by Pekka Savola
2235 <pekka@netcore.fi>
Ben Lindstroma65c78a2000-12-10 22:57:30 +00002236 - (bal) OpenbSD CVS update
2237 - markus@cvs.openbsd.org 2000/12/10 17:01:53
2238 [sshconnect1.c]
2239 always request new challenge for skey/tis-auth, fixes interop with
2240 other implementations; report from roth@feep.net
Ben Lindstrom4cc90a42000-12-10 22:12:54 +00002241
Ben Lindstromfa1b3d02000-12-10 01:55:37 +0000224220001210
2243 - (bal) OpenBSD CVS updates
Damien Miller33804262001-02-04 23:20:18 +11002244 - markus@cvs.openbsd.org 2000/12/09 13:41:51
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002245 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
2246 undo rijndael changes
Damien Miller33804262001-02-04 23:20:18 +11002247 - markus@cvs.openbsd.org 2000/12/09 13:48:31
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002248 [rijndael.c]
2249 fix byte order bug w/o introducing new implementation
Damien Miller33804262001-02-04 23:20:18 +11002250 - markus@cvs.openbsd.org 2000/12/09 14:08:27
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002251 [sftp-server.c]
2252 "" -> "." for realpath; from vinschen@redhat.com
Damien Miller33804262001-02-04 23:20:18 +11002253 - markus@cvs.openbsd.org 2000/12/09 14:06:54
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002254 [ssh-agent.c]
2255 extern int optind; from stevesk@sweden.hp.com
Ben Lindstrom971c9732000-12-10 02:01:50 +00002256 - provos@cvs.openbsd.org 2000/12/09 23:51:11
2257 [compat.c]
2258 remove unnecessary '\n'
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002259
Ben Lindstroma6885612000-12-09 03:45:32 +0000226020001209
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002261 - (bal) OpenBSD CVS updates:
Damien Miller33804262001-02-04 23:20:18 +11002262 - djm@cvs.openbsd.org 2000/12/07 4:24:59
Ben Lindstroma6885612000-12-09 03:45:32 +00002263 [ssh.1]
2264 Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo
2265
Ben Lindstroma14ee472000-12-07 01:24:58 +0000226620001207
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002267 - (bal) OpenBSD CVS updates:
Damien Miller33804262001-02-04 23:20:18 +11002268 - markus@cvs.openbsd.org 2000/12/06 22:58:14
Ben Lindstroma14ee472000-12-07 01:24:58 +00002269 [compat.c compat.h packet.c]
2270 disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
Ben Lindstrom01f84632000-12-07 05:57:27 +00002271 - markus@cvs.openbsd.org 2000/12/06 23:10:39
2272 [rijndael.c]
2273 unexpand(1)
Damien Miller33804262001-02-04 23:20:18 +11002274 - markus@cvs.openbsd.org 2000/12/06 23:05:43
Ben Lindstrom01f84632000-12-07 05:57:27 +00002275 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
2276 new rijndael implementation. fixes endian bugs
Ben Lindstroma14ee472000-12-07 01:24:58 +00002277
Ben Lindstrom7ad97102000-12-06 01:42:49 +0000227820001206
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002279 - (bal) OpenBSD CVS updates:
Ben Lindstrom7ad97102000-12-06 01:42:49 +00002280 - markus@cvs.openbsd.org 2000/12/05 20:34:09
2281 [channels.c channels.h clientloop.c serverloop.c]
2282 async connects for -R/-L; ok deraadt@
2283 - todd@cvs.openssh.org 2000/12/05 16:47:28
2284 [sshd.c]
2285 tweak comment to reflect real location of pid file; ok provos@
Kevin Steves2c65ada2000-12-06 22:25:40 +00002286 - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't
2287 have it (used in ssh-keyscan).
Kevin Stevesfa72dda2000-12-15 18:39:12 +00002288 - (stevesk) OpenBSD CVS update:
Kevin Stevesfc74af42000-12-06 22:47:55 +00002289 - markus@cvs.openbsd.org 2000/12/06 19:57:48
2290 [ssh-keyscan.c]
2291 err(3) -> internal error(), from stevesk@sweden.hp.com
Ben Lindstrom7ad97102000-12-06 01:42:49 +00002292
Ben Lindstromb6434ae2000-12-05 01:15:09 +0000229320001205
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00002294 - (bal) OpenBSD CVS updates:
Ben Lindstromb6434ae2000-12-05 01:15:09 +00002295 - markus@cvs.openbsd.org 2000/12/04 19:24:02
2296 [ssh-keyscan.c ssh-keyscan.1]
2297 David Maziere's ssh-keyscan, ok niels@
2298 - (bal) Updated Makefile.in to include ssh-keyscan that was just added
2299 to the recent OpenBSD source tree.
Kevin Steves3c516762000-12-06 00:48:05 +00002300 - (stevesk) fix typos in contrib/hpux/README
Ben Lindstromb6434ae2000-12-05 01:15:09 +00002301
Ben Lindstromd121f612000-12-03 17:00:47 +0000230220001204
2303 - (bal) More C functions defined in NeXT that are unaccessable without
Damien Miller33804262001-02-04 23:20:18 +11002304 defining -POSIX.
2305 - (bal) OpenBSD CVS updates:
2306 - markus@cvs.openbsd.org 2000/12/03 11:29:04
Ben Lindstromd121f612000-12-03 17:00:47 +00002307 [compat.c]
2308 remove fallback to SSH_BUG_HMAC now that the drafts are updated
2309 - markus@cvs.openbsd.org 2000/12/03 11:27:55
2310 [compat.c]
Damien Miller33804262001-02-04 23:20:18 +11002311 correctly match "2.1.0.pl2 SSH" etc; from
Ben Lindstrom7ad97102000-12-06 01:42:49 +00002312 pekkas@netcore.fi/bugzilla.redhat
Ben Lindstromd121f612000-12-03 17:00:47 +00002313 - markus@cvs.openbsd.org 2000/12/03 11:15:03
2314 [auth2.c compat.c compat.h sshconnect2.c]
2315 support f-secure/ssh.com 2.0.12; ok niels@
2316
Ben Lindstromc72745a2000-12-02 19:03:54 +0000231720001203
Ben Lindstromd121f612000-12-03 17:00:47 +00002318 - (bal) OpenBSD CVS updates:
Ben Lindstromc72745a2000-12-02 19:03:54 +00002319 - markus@cvs.openbsd.org 2000/11/30 22:54:31
2320 [channels.c]
Damien Miller33804262001-02-04 23:20:18 +11002321 debug->warn if tried to do -R style fwd w/o client requesting this;
Ben Lindstromc72745a2000-12-02 19:03:54 +00002322 ok neils@
2323 - markus@cvs.openbsd.org 2000/11/29 20:39:17
2324 [cipher.c]
2325 des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
2326 - markus@cvs.openbsd.org 2000/11/30 18:33:05
2327 [ssh-agent.c]
2328 agents must not dump core, ok niels@
Damien Miller33804262001-02-04 23:20:18 +11002329 - markus@cvs.openbsd.org 2000/11/30 07:04:02
Ben Lindstromc72745a2000-12-02 19:03:54 +00002330 [ssh.1]
2331 T is for both protocols
2332 - markus@cvs.openbsd.org 2000/12/01 00:00:51
2333 [ssh.1]
2334 typo; from green@FreeBSD.org
2335 - markus@cvs.openbsd.org 2000/11/30 07:02:35
2336 [ssh.c]
2337 check -T before isatty()
2338 - provos@cvs.openbsd.org 2000/11/29 13:51:27
2339 [sshconnect.c]
Damien Miller33804262001-02-04 23:20:18 +11002340 show IP address and hostname when new key is encountered. okay markus@
Ben Lindstromc72745a2000-12-02 19:03:54 +00002341 - markus@cvs.openbsd.org 2000/11/30 22:53:35
2342 [sshconnect.c]
2343 disable agent/x11/port fwding if hostkey has changed; ok niels@
2344 - marksu@cvs.openbsd.org 2000/11/29 21:11:59
2345 [sshd.c]
2346 sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
2347 from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
Damien Millerb8481582000-12-03 11:51:51 +11002348 - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable
2349 PAM authentication using KbdInteractive.
2350 - (djm) Added another TODO
Ben Lindstromc72745a2000-12-02 19:03:54 +00002351
Ben Lindstrom75214f92000-12-01 21:19:51 +0000235220001202
2353 - (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
Damien Miller33804262001-02-04 23:20:18 +11002354 - (bal) Irix need some sort of mansubdir, patch by Michael Stone
Ben Lindstrom75214f92000-12-01 21:19:51 +00002355 <mstone@cs.loyola.edu>
2356
Damien Millera2e53cc2000-11-29 11:26:45 +1100235720001129
Damien Miller43dc8da2000-11-29 15:55:17 +11002358 - (djm) Back out all the serverloop.c hacks. sshd will now hang again
2359 if there are background children with open fds.
Damien Miller3f62aba2000-11-29 11:56:35 +11002360 - (djm) bsd-rresvport.c bzero -> memset
Damien Miller33804262001-02-04 23:20:18 +11002361 - (djm) Don't fail in defines.h on absence of 64 bit types (we will
Damien Miller3f62aba2000-11-29 11:56:35 +11002362 still fail during compilation of sftp-server).
2363 - (djm) Fail if ar is not found during configure
Damien Millere39cacc2000-11-29 12:18:44 +11002364 - (djm) OpenBSD CVS updates:
2365 - provos@cvs.openbsd.org 2000/11/22 08:38:31
2366 [sshd.8]
2367 talk about /etc/primes, okay markus@
2368 - markus@cvs.openbsd.org 2000/11/23 14:03:48
2369 [ssh.c sshconnect1.c sshconnect2.c]
2370 complain about invalid ciphers for ssh1/ssh2, fall back to reasonable
2371 defaults
2372 - markus@cvs.openbsd.org 2000/11/25 09:42:53
2373 [sshconnect1.c]
2374 reorder check for illegal ciphers, bugreport from espie@
2375 - markus@cvs.openbsd.org 2000/11/25 10:19:34
2376 [ssh-keygen.c ssh.h]
2377 print keytype when generating a key.
2378 reasonable defaults for RSA1/RSA/DSA keys.
Damien Millera19cf472000-11-29 13:28:50 +11002379 - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few
2380 more manpage paths in fixpaths calls
2381 - (djm) Also add xauth path at Pekka's suggestion.
Damien Miller6dbfef62000-11-29 13:51:06 +11002382 - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility
Damien Millera2e53cc2000-11-29 11:26:45 +11002383
Damien Millerd592b632000-11-25 10:09:32 +1100238420001125
2385 - (djm) Give up privs when reading seed file
2386
Ben Lindstrom14920292000-11-21 21:24:55 +0000238720001123
2388 - (bal) Merge OpenBSD changes:
2389 - markus@cvs.openbsd.org 2000/11/15 22:31:36
2390 [auth-options.c]
Damien Miller33804262001-02-04 23:20:18 +11002391 case insensitive key options; from stevesk@sweeden.hp.com
Ben Lindstrom14920292000-11-21 21:24:55 +00002392 - markus@cvs.openbsd.org 2000/11/16 17:55:43
2393 [dh.c]
2394 do not use perror() in sshd, after child is forked()
2395 - markus@cvs.openbsd.org 2000/11/14 23:42:40
2396 [auth-rsa.c]
2397 parse option only if key matches; fix some confusing seen by the client
2398 - markus@cvs.openbsd.org 2000/11/14 23:44:19
2399 [session.c]
2400 check no_agent_forward_flag for ssh-2, too
2401 - markus@cvs.openbsd.org 2000/11/15
2402 [ssh-agent.1]
2403 reorder SYNOPSIS; typo, use .It
2404 - markus@cvs.openbsd.org 2000/11/14 23:48:55
2405 [ssh-agent.c]
2406 do not reorder keys if a key is removed
2407 - markus@cvs.openbsd.org 2000/11/15 19:58:08
2408 [ssh.c]
Damien Miller33804262001-02-04 23:20:18 +11002409 just ignore non existing user keys
Ben Lindstrom14920292000-11-21 21:24:55 +00002410 - millert@cvs.openbsd.org 200/11/15 20:24:43
2411 [ssh-keygen.c]
2412 Add missing \n at end of error message.
2413
Ben Lindstrom4a1d9162000-11-21 10:45:31 +0000241420001122
2415 - (bal) Minor patch to ensure platforms lacking IRIX job limit supports
2416 are compilable.
2417 - (bal) Updated TODO as of 11/18/2000 with known things to resolve.
2418
Ben Lindstrombaaa2c02000-11-17 00:22:17 +0000241920001117
2420 - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It
2421 has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com>
Damien Miller33804262001-02-04 23:20:18 +11002422 - (stevesk) Reworked progname support.
Ben Lindstrom49a79c02000-11-17 03:47:20 +00002423 - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by
2424 Shinichi Maruyama <marya@st.jip.co.jp>
Ben Lindstrombaaa2c02000-11-17 00:22:17 +00002425
Ben Lindstrom65571522000-11-16 02:46:20 +0000242620001116
2427 - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO
2428 releases.
2429 - (bal) Make builds work outside of source tree. Patch by Mark D. Roth
2430 <roth@feep.net>
2431
Damien Miller559d3832000-11-13 20:59:05 +1100243220001113
Damien Miller33804262001-02-04 23:20:18 +11002433 - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to
Damien Miller559d3832000-11-13 20:59:05 +11002434 contrib/README
Damien Miller0bc1bd82000-11-13 22:57:25 +11002435 - (djm) Merge OpenBSD changes:
2436 - markus@cvs.openbsd.org 2000/11/06 16:04:56
2437 [channels.c channels.h clientloop.c nchan.c serverloop.c]
2438 [session.c ssh.c]
2439 agent forwarding and -R for ssh2, based on work from
2440 jhuuskon@messi.uku.fi
2441 - markus@cvs.openbsd.org 2000/11/06 16:13:27
2442 [ssh.c sshconnect.c sshd.c]
2443 do not disabled rhosts(rsa) if server port > 1024; from
2444 pekkas@netcore.fi
2445 - markus@cvs.openbsd.org 2000/11/06 16:16:35
2446 [sshconnect.c]
2447 downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
2448 - markus@cvs.openbsd.org 2000/11/09 18:04:40
2449 [auth1.c]
2450 typo; from mouring@pconline.com
2451 - markus@cvs.openbsd.org 2000/11/12 12:03:28
2452 [ssh-agent.c]
2453 off-by-one when removing a key from the agent
2454 - markus@cvs.openbsd.org 2000/11/12 12:50:39
2455 [auth-rh-rsa.c auth2.c authfd.c authfd.h]
2456 [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
2457 [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
2458 [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
2459 [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
Damien Miller33804262001-02-04 23:20:18 +11002460 [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
Damien Miller0bc1bd82000-11-13 22:57:25 +11002461 add support for RSA to SSH2. please test.
2462 there are now 3 types of keys: RSA1 is used by ssh-1 only,
2463 RSA and DSA are used by SSH2.
2464 you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
2465 keys for SSH2 and use the RSA keys for hostkeys or for user keys.
2466 SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
2467 - (djm) Fix up Makefile and Redhat init script to create RSA host keys
Damien Millerd1446d82000-11-13 22:58:22 +11002468 - (djm) Change to interim version
Damien Milleree188d32000-11-13 23:13:55 +11002469 - (djm) Fix RPM spec file stupidity
Damien Miller457b5a22000-11-13 23:17:53 +11002470 - (djm) fixpaths to DSA and RSA keys too
Damien Miller559d3832000-11-13 20:59:05 +11002471
Ben Lindstrom980754c2000-11-12 00:04:24 +0000247220001112
2473 - (bal) SCO Patch to add needed libraries for configure.in. Patch by
2474 Phillips Porch <root@theporch.com>
Damien Miller559d3832000-11-13 20:59:05 +11002475 - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker
2476 <dcp@sgi.com>
Kevin Steves6c0d6272000-11-12 09:22:29 +00002477 - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to
2478 failed ioctl(TIOCSCTTY) call.
Ben Lindstrom980754c2000-11-12 00:04:24 +00002479
Damien Miller0986b552000-11-11 08:36:38 +1100248020001111
2481 - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and
2482 packaging files
Damien Miller895f2382000-11-11 08:47:18 +11002483 - (djm) Fix new Makefile.in warnings
Damien Miller33804262001-02-04 23:20:18 +11002484 - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are
2485 promoted to type int. Report and fix from Dan Astoorian
Damien Miller9f4f7552000-11-11 09:03:32 +11002486 <djast@cs.toronto.edu>
Damien Miller33804262001-02-04 23:20:18 +11002487 - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get
Damien Millerafeaca92000-11-11 09:09:57 +11002488 it wrong. Report from Bennett Todd <bet@rahul.net>
Damien Miller0986b552000-11-11 08:36:38 +11002489
Ben Lindstrom305fb002000-11-10 02:41:30 +0000249020001110
2491 - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c
2492 - (bal) Changed from --with-skey to --with-skey=PATH in configure.in
2493 - (bal) Added in check to verify S/Key library is being detected in
2494 configure.in
Damien Miller33804262001-02-04 23:20:18 +11002495 - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif.
Ben Lindstrom305fb002000-11-10 02:41:30 +00002496 Patch by Mark Miller <markm@swoon.net>
2497 - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined
Damien Miller33804262001-02-04 23:20:18 +11002498 to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net>
Ben Lindstrom305fb002000-11-10 02:41:30 +00002499 - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs
2500
Ben Lindstrom89ef41a2000-11-07 16:41:41 +0000250120001107
Ben Lindstromdbcea872000-11-08 01:07:51 +00002502 - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by
2503 Mark Miller <markm@swoon.net>
Ben Lindstrom89ef41a2000-11-07 16:41:41 +00002504 - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by
2505 Jarno Huuskonen <jhuuskon@messi.uku.fi>
Ben Lindstromdbcea872000-11-08 01:07:51 +00002506 - (bal) fixpaths fixed to stop it from quitely failing. Patch by
2507 Mark D. Roth <roth@feep.net>
Ben Lindstrom89ef41a2000-11-07 16:41:41 +00002508
Damien Millerc78abaa2000-11-06 12:07:21 +1100250920001106
2510 - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs
Damien Miller389edc42000-11-06 12:39:34 +11002511 - (djm) Manually fix up missed diff hunks (mainly RCS idents)
Damien Miller33804262001-02-04 23:20:18 +11002512 - (djm) Remove UPGRADING document in favour of a link to the better
Damien Miller6604fad2000-11-06 12:48:54 +11002513 maintained FAQ on www.openssh.com
Damien Miller969c07e2000-11-06 13:06:43 +11002514 - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola
2515 <pekkas@netcore.fi>
2516 - (djm) Don't need X11-askpass in RPM spec file if building without it
2517 from Pekka Savola <pekkas@netcore.fi>
Damien Miller6bad1772000-11-06 14:17:38 +11002518 - (djm) Release 2.3.0p1
Ben Lindstrom2ed98182000-11-06 07:15:43 +00002519 - (bal) typo in configure.in in regards to --with-ldflags from Marko
2520 Asplund <aspa@kronodoc.fi>
2521 - (bal) fixed next-posix.h. Forgot prototype of getppid().
Damien Miller2b023d82000-11-06 13:07:45 +11002522
Ben Lindstromf2de06b2000-11-05 05:42:36 +0000252320001105
2524 - (bal) Sync with OpenBSD:
2525 - markus@cvs.openbsd.org 2000/10/31 9:31:58
2526 [compat.c]
2527 handle all old openssh versions
2528 - markus@cvs.openbsd.org 2000/10/31 13:1853
2529 [deattack.c]
2530 so that large packets do not wrap "n"; from netbsd
2531 - (bal) rijndel.c - fix up RCSID to match OpenBSD tree
Ben Lindstrom67e21e12000-11-05 09:08:45 +00002532 - (bal) auth2-skey.c - Checked in. Missing from portable tree.
2533 - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and
2534 setsid() into more common files
Kevin Steves85b3db62000-11-05 15:31:36 +00002535 - (stevesk) pty.c: use __hpux to identify HP-UX.
Ben Lindstrome4c82b52000-11-05 21:13:45 +00002536 - (bal) Missed auth-skey.o in Makefile.in and minor correction to
2537 bsd-waitpid.c
Ben Lindstromf2de06b2000-11-05 05:42:36 +00002538
Kevin Stevesa58e0af2000-10-29 14:38:55 +0000253920001029
2540 - (stevesk) Fix typo in auth.c: USE_PAM not PAM
Kevin Steves9be6e262000-10-29 19:18:49 +00002541 - (stevesk) Create contrib/cygwin/ directory; patch from
2542 Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom23e13712000-10-29 22:49:19 +00002543 - (bal) Resolved more $xno and $xyes issues in configure.in
Ben Lindstrom2791cd52000-10-30 05:33:55 +00002544 - (bal) next-posix.h - spelling and forgot a prototype
Kevin Stevesa58e0af2000-10-29 14:38:55 +00002545
Damien Miller6bd90df2000-10-28 13:30:55 +1100254620001028
Damien Miller33804262001-02-04 23:20:18 +11002547 - (djm) fix select hack in serverloop.c from Philippe WILLEM
Damien Miller6bd90df2000-10-28 13:30:55 +11002548 <Philippe.WILLEM@urssaf.fr>
Damien Millerc05e0182000-10-28 13:38:34 +11002549 - (djm) Fix mangled AIXAUTHENTICATE code
Damien Miller33804262001-02-04 23:20:18 +11002550 - (djm) authctxt->pw may be NULL. Fix from Markus Friedl
Damien Millerd425d4d2000-10-28 21:05:57 +11002551 <markus.friedl@informatik.uni-erlangen.de>
Damien Miller69b69aa2000-10-28 14:19:58 +11002552 - (djm) Sync with OpenBSD:
2553 - markus@cvs.openbsd.org 2000/10/16 15:46:32
2554 [ssh.1]
2555 fixes from pekkas@netcore.fi
2556 - markus@cvs.openbsd.org 2000/10/17 14:28:11
2557 [atomicio.c]
2558 return number of characters processed; ok deraadt@
2559 - markus@cvs.openbsd.org 2000/10/18 12:04:02
2560 [atomicio.c]
2561 undo
2562 - markus@cvs.openbsd.org 2000/10/18 12:23:02
2563 [scp.c]
2564 replace atomicio(read,...) with read(); ok deraadt@
2565 - markus@cvs.openbsd.org 2000/10/18 12:42:00
2566 [session.c]
2567 restore old record login behaviour
2568 - deraadt@cvs.openbsd.org 2000/10/19 10:41:13
2569 [auth-skey.c]
2570 fmt string problem in unused code
2571 - provos@cvs.openbsd.org 2000/10/19 10:45:16
2572 [sshconnect2.c]
2573 don't reference freed memory. okay deraadt@
2574 - markus@cvs.openbsd.org 2000/10/21 11:04:23
2575 [canohost.c]
2576 typo, eramore@era-t.ericsson.se; ok niels@
2577 - markus@cvs.openbsd.org 2000/10/23 13:31:55
2578 [cipher.c]
2579 non-alignment dependent swap_bytes(); from
2580 simonb@wasabisystems.com/netbsd
2581 - markus@cvs.openbsd.org 2000/10/26 12:38:28
2582 [compat.c]
2583 add older vandyke products
2584 - markus@cvs.openbsd.org 2000/10/27 01:32:19
2585 [channels.c channels.h clientloop.c serverloop.c session.c]
2586 [ssh.c util.c]
Damien Miller33804262001-02-04 23:20:18 +11002587 enable non-blocking IO on channels, and tty's (except for the
Damien Miller69b69aa2000-10-28 14:19:58 +11002588 client ttys).
Damien Miller6bd90df2000-10-28 13:30:55 +11002589
Damien Miller656d7172000-10-27 09:27:32 +1100259020001027
2591 - (djm) Increase REKEY_BYTES to 2^24 for arc4random
2592
Damien Miller6f9c3372000-10-25 10:06:04 +1100259320001025
2594 - (djm) Added WARNING.RNG file and modified configure to ask users of the
2595 builtin entropy code to read it.
2596 - (djm) Prefer builtin regex to PCRE.
Ben Lindstrom76020ba2000-10-25 16:55:00 +00002597 - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly.
2598 - (bal) Apply fixes to configure.in pointed out by Pavel Roskin
2599 <proski@gnu.org>
Damien Miller6f9c3372000-10-25 10:06:04 +11002600
Damien Miller81fa28a2000-10-20 09:14:04 +1100260120001020
2602 - (djm) Don't define _REENTRANT for SNI/Reliant Unix
Ben Lindstrome5a85252000-10-19 23:43:24 +00002603 - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation
2604 is more correct then current version.
Damien Miller81fa28a2000-10-20 09:14:04 +11002605
Kevin Steves8848b242000-10-18 13:11:44 +0000260620001018
2607 - (stevesk) Add initial support for setproctitle(). Current
2608 support is for the HP-UX pstat(PSTAT_SETCMD, ...) method.
Kevin Stevesee184da2000-10-18 13:45:40 +00002609 - (stevesk) Add egd startup scripts to contrib/hpux/
Kevin Steves8848b242000-10-18 13:11:44 +00002610
Damien Milleref767ac2000-10-17 23:14:08 +1100261120001017
2612 - (djm) Add -lregex to cywin libs from Corinna Vinschen
2613 <vinschen@cygnus.com>
Damien Miller2594de82000-10-17 23:22:28 +11002614 - (djm) Don't rely on atomicio's retval to determine length of askpass
2615 supplied passphrase. Problem report from Lutz Jaenicke
2616 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromb5628642000-10-18 00:02:25 +00002617 - (bal) Changed from GNU rx to PCRE on suggestion from djm.
Damien Miller33804262001-02-04 23:20:18 +11002618 - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki
Ben Lindstromb5628642000-10-18 00:02:25 +00002619 <nakaji@tutrp.tut.ac.jp>
Damien Milleref767ac2000-10-17 23:14:08 +11002620
Damien Miller50a41ed2000-10-16 12:14:42 +1100262120001016
2622 - (djm) Sync with OpenBSD:
2623 - markus@cvs.openbsd.org 2000/10/14 04:01:15
2624 [cipher.c]
2625 debug3
2626 - markus@cvs.openbsd.org 2000/10/14 04:07:23
2627 [scp.c]
2628 remove spaces from arguments; from djm@mindrot.org
2629 - markus@cvs.openbsd.org 2000/10/14 06:09:46
2630 [ssh.1]
2631 Cipher is for SSH-1 only
2632 - markus@cvs.openbsd.org 2000/10/14 06:12:09
2633 [servconf.c servconf.h serverloop.c session.c sshd.8]
2634 AllowTcpForwarding; from naddy@
2635 - markus@cvs.openbsd.org 2000/10/14 06:16:56
2636 [auth2.c compat.c compat.h sshconnect2.c version.h]
Damien Miller33804262001-02-04 23:20:18 +11002637 OpenSSH_2.3; note that is is not complete, but the version number
Damien Miller50a41ed2000-10-16 12:14:42 +11002638 needs to be changed for interoperability reasons
2639 - markus@cvs.openbsd.org 2000/10/14 06:19:45
2640 [auth-rsa.c]
2641 do not send RSA challenge if key is not allowed by key-options; from
2642 eivind@ThinkSec.com
2643 - markus@cvs.openbsd.org 2000/10/15 08:14:01
2644 [rijndael.c session.c]
2645 typos; from stevesk@sweden.hp.com
2646 - markus@cvs.openbsd.org 2000/10/15 08:18:31
2647 [rijndael.c]
2648 typo
Damien Miller33804262001-02-04 23:20:18 +11002649 - (djm) Copy manpages back over from OpenBSD - too tedious to wade
Damien Miller2b2cf522000-10-16 12:25:17 +11002650 through diffs
Damien Miller33804262001-02-04 23:20:18 +11002651 - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola
Damien Miller2b2cf522000-10-16 12:25:17 +11002652 <pekkas@netcore.fi>
Damien Millerff649d82000-10-16 13:35:19 +11002653 - (djm) Update version in Redhat spec file
Damien Miller33804262001-02-04 23:20:18 +11002654 - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
Damien Millerff649d82000-10-16 13:35:19 +11002655 Redhat 7.0 spec file
Damien Miller52dc96b2000-10-16 20:13:43 +11002656 - (djm) Make inability to read/write PRNG seedfile non-fatal
2657
Damien Miller50a41ed2000-10-16 12:14:42 +11002658
Damien Miller59939352000-10-15 12:21:32 +1100265920001015
2660 - (djm) Fix ssh2 hang on background processes at logout.
2661
Damien Miller60819b42000-10-14 11:16:12 +1100266220001014
Ben Lindstromb4df15d2000-10-15 00:17:36 +00002663 - (bal) Add support for realpath and getcwd for platforms with broken
2664 or missing realpath implementations for sftp-server.
2665 - (bal) Corrected mistake in INSTALL in regards to GNU rx library
Damien Miller33804262001-02-04 23:20:18 +11002666 - (bal) Add support for GNU rx library for those lacking regexp support
Damien Miller60819b42000-10-14 11:16:12 +11002667 - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
Damien Miller15b29522000-10-14 12:33:48 +11002668 - (djm) Revert SSH2 serverloop hack, will find a better way.
Damien Miller89d97962000-10-14 12:37:19 +11002669 - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch
2670 from Martin Johansson <fatbob@acc.umu.se>
Damien Miller874d77b2000-10-14 16:23:11 +11002671 - (djm) Big OpenBSD sync:
2672 - markus@cvs.openbsd.org 2000/09/30 10:27:44
2673 [log.c]
2674 allow loglevel debug
2675 - markus@cvs.openbsd.org 2000/10/03 11:59:57
2676 [packet.c]
2677 hmac->mac
2678 - markus@cvs.openbsd.org 2000/10/03 12:03:03
2679 [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
2680 move fake-auth from auth1.c to individual auth methods, disables s/key in
2681 debug-msg
2682 - markus@cvs.openbsd.org 2000/10/03 12:16:48
2683 ssh.c
2684 do not resolve canonname, i have no idea why this was added oin ossh
2685 - markus@cvs.openbsd.org 2000/10/09 15:30:44
2686 ssh-keygen.1 ssh-keygen.c
2687 -X now reads private ssh.com DSA keys, too.
2688 - markus@cvs.openbsd.org 2000/10/09 15:32:34
2689 auth-options.c
2690 clear options on every call.
2691 - markus@cvs.openbsd.org 2000/10/09 15:51:00
2692 authfd.c authfd.h
2693 interop with ssh-agent2, from <res@shore.net>
2694 - markus@cvs.openbsd.org 2000/10/10 14:20:45
2695 compat.c
2696 use rexexp for version string matching
2697 - provos@cvs.openbsd.org 2000/10/10 22:02:18
2698 [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
2699 First rough implementation of the diffie-hellman group exchange. The
2700 client can ask the server for bigger groups to perform the diffie-hellman
2701 in, thus increasing the attack complexity when using ciphers with longer
2702 keys. University of Windsor provided network, T the company.
2703 - markus@cvs.openbsd.org 2000/10/11 13:59:52
2704 [auth-rsa.c auth2.c]
2705 clear auth options unless auth sucessfull
2706 - markus@cvs.openbsd.org 2000/10/11 14:00:27
2707 [auth-options.h]
2708 clear auth options unless auth sucessfull
2709 - markus@cvs.openbsd.org 2000/10/11 14:03:27
2710 [scp.1 scp.c]
2711 support 'scp -o' with help from mouring@pconline.com
2712 - markus@cvs.openbsd.org 2000/10/11 14:11:35
2713 [dh.c]
2714 Wall
2715 - markus@cvs.openbsd.org 2000/10/11 14:14:40
2716 [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
2717 [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
2718 add support for s/key (kbd-interactive) to ssh2, based on work by
2719 mkiernan@avantgo.com and me
2720 - markus@cvs.openbsd.org 2000/10/11 14:27:24
2721 [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
2722 [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
2723 [sshconnect2.c sshd.c]
2724 new cipher framework
2725 - markus@cvs.openbsd.org 2000/10/11 14:45:21
2726 [cipher.c]
2727 remove DES
2728 - markus@cvs.openbsd.org 2000/10/12 03:59:20
2729 [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
2730 enable DES in SSH-1 clients only
2731 - markus@cvs.openbsd.org 2000/10/12 08:21:13
2732 [kex.h packet.c]
2733 remove unused
2734 - markus@cvs.openbsd.org 2000/10/13 12:34:46
2735 [sshd.c]
2736 Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se
2737 - markus@cvs.openbsd.org 2000/10/13 12:59:15
2738 [cipher.c cipher.h myproposal.h rijndael.c rijndael.h]
2739 rijndael/aes support
2740 - markus@cvs.openbsd.org 2000/10/13 13:10:54
2741 [sshd.8]
2742 more info about -V
2743 - markus@cvs.openbsd.org 2000/10/13 13:12:02
2744 [myproposal.h]
2745 prefer no compression
Damien Millere4041c92000-10-14 17:45:58 +11002746 - (djm) Fix scp user@host handling
2747 - (djm) Don't clobber ssh_prng_cmds on install
Kevin Stevescee23de2000-10-14 10:51:18 +00002748 - (stevesk) Include config.h in rijndael.c so we define intXX_t and
2749 u_intXX_t types on all platforms.
Kevin Stevesf16b9d22000-10-14 10:57:04 +00002750 - (stevesk) rijndael.c: cleanup missing declaration warnings.
Kevin Steves092f2ef2000-10-14 13:36:13 +00002751 - (stevesk) ~/.hushlogin shouldn't cause required password change to
2752 be bypassed.
Kevin Stevese0f49142000-10-14 17:51:48 +00002753 - (stevesk) Display correct path to ssh-askpass in configure output.
2754 Report from Lutz Jaenicke.
Damien Miller60819b42000-10-14 11:16:12 +11002755
Kevin Stevescccca272000-10-07 11:16:55 +0000275620001007
2757 - (stevesk) Print PAM return value in PAM log messages to aid
2758 with debugging.
Kevin Steves48b7cc02000-10-07 13:24:00 +00002759 - (stevesk) Fix detection of pw_class struct member in configure;
2760 patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp>
2761
Damien Millere68f92b2000-10-02 21:42:15 +1100276220001002
2763 - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com>
2764 - (djm) Add host system and CC to end-of-configure report. Suggested by
2765 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
2766
Damien Miller05dd7952000-10-01 00:42:48 +1100276720000931
2768 - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com>
2769
Damien Miller190d5a82000-09-30 09:43:19 +1100277020000930
Damien Millerbea034a2000-09-30 09:43:32 +11002771 - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi>
Damien Miller33804262001-02-04 23:20:18 +11002772 - (djm) Support in bsd-snprintf.c for long long conversions from
Damien Millerb88532e2000-09-30 09:53:59 +11002773 Ben Lindstrom <mouring@pconline.com>
2774 - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com>
Damien Millercf3888d2000-09-30 14:17:52 +11002775 - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with
Damien Miller33804262001-02-04 23:20:18 +11002776 very short lived X connections. Bug report from Tobias Oetiker
Damien Millercf3888d2000-09-30 14:17:52 +11002777 <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org>
Damien Millerb27ef9e2000-09-30 14:29:44 +11002778 - (djm) Add recent InitScripts as a RPM dependancy for openssh-server
2779 patch from Pekka Savola <pekkas@netcore.fi>
Damien Miller7294baa2000-09-30 14:40:39 +11002780 - (djm) Forgot to cvs add LICENSE file
Damien Miller51155a72000-09-30 14:41:38 +11002781 - (djm) Add LICENSE to RPM spec files
Damien Millerd3444942000-09-30 14:20:03 +11002782 - (djm) CVS OpenBSD sync:
2783 - markus@cvs.openbsd.org 2000/09/26 13:59:59
2784 [clientloop.c]
2785 use debug2
2786 - markus@cvs.openbsd.org 2000/09/27 15:41:34
2787 [auth2.c sshconnect2.c]
2788 use key_type()
2789 - markus@cvs.openbsd.org 2000/09/28 12:03:18
2790 [channels.c]
2791 debug -> debug2 cleanup
Damien Miller33804262001-02-04 23:20:18 +11002792 - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only
Damien Miller87f43ff2000-09-30 21:36:54 +11002793 strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis
2794 <Alain.St-Denis@ec.gc.ca>
Damien Miller33804262001-02-04 23:20:18 +11002795 - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass.
2796 Problem was caused by interrupted read in ssh-add. Report from Donald
Damien Miller87f43ff2000-09-30 21:36:54 +11002797 J. Barry <don@astro.cornell.edu>
Damien Miller190d5a82000-09-30 09:43:19 +11002798
Damien Miller15e7d4b2000-09-29 10:57:35 +1100279920000929
2800 - (djm) Fix SSH2 not terminating until all background tasks done problem.
Damien Miller33804262001-02-04 23:20:18 +11002801 - (djm) Another off-by-one fix from Pavel Kankovsky
2802 <peak@argo.troja.mff.cuni.cz>
Damien Millercb5e44a2000-09-29 12:12:36 +11002803 - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
2804 tidy necessary differences. Use Markus' new debugN() in entropy.c
Damien Miller33804262001-02-04 23:20:18 +11002805 - (djm) Merged big SCO portability patch from Tim Rice
Damien Miller78315eb2000-09-29 23:01:36 +11002806 <tim@multitalents.net>
Damien Miller15e7d4b2000-09-29 10:57:35 +11002807
Damien Miller96f0c722000-09-26 12:09:48 +1100280820000926
2809 - (djm) Update X11-askpass to 1.0.2 in RPM spec file
Damien Millere772b682000-09-26 13:10:37 +11002810 - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX
Damien Miller33804262001-02-04 23:20:18 +11002811 - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c.
2812 Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
Damien Miller96f0c722000-09-26 12:09:48 +11002813
Damien Miller72c9a7e2000-09-24 11:10:13 +1100281420000924
2815 - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net>
2816 - (djm) A bit more cleanup - created cygwin_util.h
Damien Miller80ecfe82000-09-24 11:21:31 +11002817 - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller
2818 <markm@swoon.net>
Damien Miller72c9a7e2000-09-24 11:10:13 +11002819
Damien Millerd6f204d2000-09-23 13:57:27 +1100282020000923
Damien Miller33804262001-02-04 23:20:18 +11002821 - (djm) Fix address logging in utmp from Kevin Steves
Damien Millerd6f204d2000-09-23 13:57:27 +11002822 <stevesk@sweden.hp.com>
Damien Miller96002332000-09-23 14:00:09 +11002823 - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi>
Damien Miller578783e2000-09-23 14:12:24 +11002824 - (djm) Seperate tests for int64_t and u_int64_t types
Damien Miller33804262001-02-04 23:20:18 +11002825 - (djm) Tweak password expiry checking at suggestion of Kevin Steves
Damien Miller62dd94b2000-09-23 14:26:32 +11002826 <stevesk@sweden.hp.com>
Damien Millerb9c2ce82000-09-23 14:52:50 +11002827 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
Damien Miller33804262001-02-04 23:20:18 +11002828 - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from
Damien Millerf056e232000-09-23 14:58:32 +11002829 Michael Stone <mstone@cs.loyola.edu>
Damien Miller62cee002000-09-23 17:15:56 +11002830 - (djm) OpenBSD CVS sync:
2831 - markus@cvs.openbsd.org 2000/09/17 09:38:59
2832 [sshconnect2.c sshd.c]
2833 fix DEBUG_KEXDH
2834 - markus@cvs.openbsd.org 2000/09/17 09:52:51
2835 [sshconnect.c]
2836 yes no; ok niels@
2837 - markus@cvs.openbsd.org 2000/09/21 04:55:11
2838 [sshd.8]
2839 typo
2840 - markus@cvs.openbsd.org 2000/09/21 05:03:54
2841 [serverloop.c]
2842 typo
2843 - markus@cvs.openbsd.org 2000/09/21 05:11:42
2844 scp.c
2845 utime() to utimes(); mouring@pconline.com
2846 - markus@cvs.openbsd.org 2000/09/21 05:25:08
2847 sshconnect2.c
2848 change login logic in ssh2, allows plugin of other auth methods
2849 - markus@cvs.openbsd.org 2000/09/21 05:25:35
2850 [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h]
2851 [serverloop.c]
2852 add context to dispatch_run
2853 - markus@cvs.openbsd.org 2000/09/21 05:07:52
2854 authfd.c authfd.h ssh-agent.c
2855 bug compat for old ssh.com software
Damien Millerd6f204d2000-09-23 13:57:27 +11002856
Damien Millerf13f75d2000-09-21 21:51:07 +1100285720000920
2858 - (djm) Fix bad path substitution. Report from Andrew Miner
2859 <asminer@cs.iastate.edu>
2860
Damien Millere4340be2000-09-16 13:29:08 +1100286120000916
Damien Miller33804262001-02-04 23:20:18 +11002862 - (djm) Fix SSL search order from Lutz Jaenicke
Damien Millera1b61e12000-09-16 17:02:16 +11002863 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller2efcd3c2000-09-16 16:30:55 +11002864 - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de>
Damien Millerb70b61f2000-09-16 16:25:12 +11002865 - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com>
Damien Miller52cbcbf2000-09-16 16:21:28 +11002866 - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage.
2867 Patch from Larry Jones <larry.jones@sdrc.com>
Damien Miller33804262001-02-04 23:20:18 +11002868 - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM
Damien Miller9d5705a2000-09-16 16:09:27 +11002869 password change patch.
2870 - (djm) Bring licenses on my stuff in line with OpenBSD's
Damien Miller8a1e6a62000-09-16 15:55:52 +11002871 - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from
2872 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller606f8802000-09-16 15:39:56 +11002873 - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz>
2874 - (djm) Re-enable int64_t types - we need them for sftp
2875 - (djm) Use libexecdir from configure , rather than libexecdir/ssh
2876 - (djm) Update Redhat SPEC file accordingly
2877 - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files
2878 - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch
Damien Miller33804262001-02-04 23:20:18 +11002879 - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter
Damien Miller606f8802000-09-16 15:39:56 +11002880 <Dirk.DeWachter@rug.ac.be>
Damien Miller33804262001-02-04 23:20:18 +11002881 - (djm) Fixprogs and entropy list fixes from Larry Jones
Damien Miller606f8802000-09-16 15:39:56 +11002882 <larry.jones@sdrc.com>
2883 - (djm) Fix for SuSE spec file from Takashi YOSHIDA
2884 <tyoshida@gemini.rc.kyushu-u.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11002885 - (djm) Merge OpenBSD changes:
2886 - markus@cvs.openbsd.org 2000/09/05 02:59:57
2887 [session.c]
2888 print hostname (not hushlogin)
2889 - markus@cvs.openbsd.org 2000/09/05 13:18:48
2890 [authfile.c ssh-add.c]
2891 enable ssh-add -d for DSA keys
2892 - markus@cvs.openbsd.org 2000/09/05 13:20:49
2893 [sftp-server.c]
2894 cleanup
2895 - markus@cvs.openbsd.org 2000/09/06 03:46:41
2896 [authfile.h]
2897 prototype
2898 - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
2899 [ALL]
Damien Miller33804262001-02-04 23:20:18 +11002900 cleanup copyright notices on all files. I have attempted to be
2901 accurate with the details. everything is now under Tatu's licence
2902 (which I copied from his readme), and/or the core-sdi bsd-ish thing
2903 for deattack, or various openbsd developers under a 2-term bsd
Damien Millere4340be2000-09-16 13:29:08 +11002904 licence. We're not changing any rules, just being accurate.
2905 - markus@cvs.openbsd.org 2000/09/07 14:40:30
2906 [channels.c channels.h clientloop.c serverloop.c ssh.c]
2907 cleanup window and packet sizes for ssh2 flow control; ok niels
2908 - markus@cvs.openbsd.org 2000/09/07 14:53:00
2909 [scp.c]
2910 typo
2911 - markus@cvs.openbsd.org 2000/09/07 15:13:37
2912 [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
2913 [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
2914 [pty.c readconf.c]
2915 some more Copyright fixes
2916 - markus@cvs.openbsd.org 2000/09/08 03:02:51
2917 [README.openssh2]
2918 bye bye
2919 - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
2920 [LICENCE cipher.c]
2921 a few more comments about it being ARC4 not RC4
2922 - markus@cvs.openbsd.org 2000/09/12 14:53:11
2923 [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
2924 multiple debug levels
2925 - markus@cvs.openbsd.org 2000/09/14 14:25:15
2926 [clientloop.c]
2927 typo
2928 - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
2929 [ssh-agent.c]
2930 check return value for setenv(3) for failure, and deal appropriately
2931
Damien Millerf384c362000-09-13 10:43:26 +1100293220000913
2933 - (djm) Fix server not exiting with jobs in background.
2934
Damien Miller7b28dc52000-09-05 13:34:53 +1100293520000905
2936 - (djm) Import OpenBSD CVS changes
2937 - markus@cvs.openbsd.org 2000/08/31 15:52:24
2938 [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
2939 implement a SFTP server. interops with sftp2, scp2 and the windows
2940 client from ssh.com
2941 - markus@cvs.openbsd.org 2000/08/31 15:56:03
2942 [README.openssh2]
2943 sync
2944 - markus@cvs.openbsd.org 2000/08/31 16:05:42
2945 [session.c]
2946 Wall
2947 - markus@cvs.openbsd.org 2000/08/31 16:09:34
2948 [authfd.c ssh-agent.c]
2949 add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
2950 - deraadt@cvs.openbsd.org 2000/09/01 09:25:13
2951 [scp.1 scp.c]
2952 cleanup and fix -S support; stevesk@sweden.hp.com
2953 - markus@cvs.openbsd.org 2000/09/01 16:29:32
2954 [sftp-server.c]
2955 portability fixes
2956 - markus@cvs.openbsd.org 2000/09/01 16:32:41
2957 [sftp-server.c]
2958 fix cast; mouring@pconline.com
2959 - itojun@cvs.openbsd.org 2000/09/03 09:23:28
2960 [ssh-add.1 ssh.1]
2961 add missing .El against .Bl.
2962 - markus@cvs.openbsd.org 2000/09/04 13:03:41
2963 [session.c]
2964 missing close; ok theo
2965 - markus@cvs.openbsd.org 2000/09/04 13:07:21
2966 [session.c]
2967 fix get_last_login_time order; from andre@van-veen.de
2968 - markus@cvs.openbsd.org 2000/09/04 13:10:09
2969 [sftp-server.c]
2970 more cast fixes; from mouring@pconline.com
2971 - markus@cvs.openbsd.org 2000/09/04 13:06:04
2972 [session.c]
2973 set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
2974 - (djm) Cleanup after import. Fix sftp-server compilation, Makefile
Damien Millerbac2d8a2000-09-05 16:13:06 +11002975 - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com>
2976
Damien Miller123cbe82000-09-03 19:14:58 +1100297720000903
2978 - (djm) Fix Redhat init script
2979
Damien Miller50f14f82000-09-01 14:14:37 +1100298020000901
2981 - (djm) Pick up Jim's new X11-askpass
2982 - (djm) Release 2.2.0p1
2983
Damien Miller238a9fa2000-08-31 09:20:05 +1100298420000831
Damien Millere4340be2000-09-16 13:29:08 +11002985 - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox
Damien Miller238a9fa2000-08-31 09:20:05 +11002986 <acox@cv.telegroup.com>
Damien Millerb5c42d92000-08-31 11:13:10 +11002987 - (djm) Pick up new version (2.2.0) from OpenBSD CVS
Damien Miller238a9fa2000-08-31 09:20:05 +11002988
Damien Miller87d29ed2000-08-30 09:21:22 +1100298920000830
2990 - (djm) Compile warning fixes from Mark Miller <markm@swoon.net>
Damien Millerc30d35c2000-08-30 09:40:09 +11002991 - (djm) Periodically rekey arc4random
2992 - (djm) Clean up diff against OpenBSD.
Damien Millere4340be2000-09-16 13:29:08 +11002993 - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves
Damien Miller5552d7a2000-08-30 09:53:24 +11002994 <stevesk@sweden.hp.com>
Damien Miller7cfaaf22000-08-30 09:57:49 +11002995 - (djm) Quieten the pam delete credentials error message
Damien Miller9a947342000-08-30 10:03:33 +11002996 - (djm) Fix printing of $DISPLAY hack if set by system type. Report from
2997 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller77aba9d2000-08-30 10:11:30 +11002998 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
Damien Miller250ee8b2000-08-30 14:06:35 +11002999 - (djm) Fix doh in bsd-arc4random.c
Damien Miller87d29ed2000-08-30 09:21:22 +11003000
Damien Miller4e0f5e12000-08-29 11:05:50 +1100300120000829
Damien Millere4340be2000-09-16 13:29:08 +11003002 - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert
3003 Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and
Damien Miller4e0f5e12000-08-29 11:05:50 +11003004 Garrick James <garrick@james.net>
Damien Miller6d8c11f2000-08-29 11:52:38 +11003005 - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from
3006 Bastian Trompetter <btrompetter@firemail.de>
Damien Millere5192fa2000-08-29 14:30:37 +11003007 - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com>
Damien Millercaf6dd62000-08-29 11:33:50 +11003008 - More OpenBSD updates:
3009 - deraadt@cvs.openbsd.org 2000/08/24 15:46:59
3010 [scp.c]
3011 off_t in sink, to fix files > 2GB, i think, test is still running ;-)
3012 - deraadt@cvs.openbsd.org 2000/08/25 10:10:06
3013 [session.c]
3014 Wall
3015 - markus@cvs.openbsd.org 2000/08/26 04:33:43
3016 [compat.c]
3017 ssh.com-2.3.0
3018 - markus@cvs.openbsd.org 2000/08/27 12:18:05
3019 [compat.c]
3020 compatibility with future ssh.com versions
3021 - deraadt@cvs.openbsd.org 2000/08/27 21:50:55
3022 [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c]
3023 print uid/gid as unsigned
3024 - markus@cvs.openbsd.org 2000/08/28 13:51:00
3025 [ssh.c]
3026 enable -n and -f for ssh2
3027 - markus@cvs.openbsd.org 2000/08/28 14:19:53
3028 [ssh.c]
3029 allow combination of -N and -f
3030 - markus@cvs.openbsd.org 2000/08/28 14:20:56
3031 [util.c]
3032 util.c
3033 - markus@cvs.openbsd.org 2000/08/28 14:22:02
3034 [util.c]
3035 undo
3036 - markus@cvs.openbsd.org 2000/08/28 14:23:38
3037 [util.c]
3038 don't complain if setting NONBLOCK fails with ENODEV
Damien Miller4e0f5e12000-08-29 11:05:50 +11003039
Damien Millerb0785672000-08-23 09:10:39 +1000304020000823
3041 - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4
Damien Millere4340be2000-09-16 13:29:08 +11003042 Avoids "scp never exits" problem. Reports from Lutz Jaenicke
3043 <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA
Damien Millerb0785672000-08-23 09:10:39 +10003044 <kajiyama@grad.sccs.chukyo-u.ac.jp>
Damien Millerad833b32000-08-23 10:46:23 +10003045 - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
Damien Miller37e7f182000-08-23 10:52:50 +10003046 - (djm) Add local version to version.h
Damien Millerf3df0522000-08-23 15:31:41 +10003047 - (djm) Don't reseed arc4random everytime it is used
Damien Millerad833b32000-08-23 10:46:23 +10003048 - (djm) OpenBSD CVS updates:
3049 - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
3050 [ssh.c]
3051 accept remsh as a valid name as well; roman@buildpoint.com
3052 - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
3053 [deattack.c crc32.c packet.c]
3054 rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to
3055 libz crc32 function yet, because it has ugly "long"'s in it;
3056 oneill@cs.sfu.ca
3057 - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
3058 [scp.1 scp.c]
3059 -S prog support; tv@debian.org
3060 - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
3061 [scp.c]
3062 knf
3063 - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
3064 [log-client.c]
3065 shorten
3066 - markus@cvs.openbsd.org 2000/08/19 12:48:11
3067 [channels.c channels.h clientloop.c ssh.c ssh.h]
3068 support for ~. in ssh2
3069 - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
3070 [crc32.h]
3071 proper prototype
3072 - markus@cvs.openbsd.org 2000/08/19 15:34:44
Damien Millere4340be2000-09-16 13:29:08 +11003073 [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
3074 [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
Damien Millerad833b32000-08-23 10:46:23 +10003075 [fingerprint.c fingerprint.h]
3076 add SSH2/DSA support to the agent and some other DSA related cleanups.
3077 (note that we cannot talk to ssh.com's ssh2 agents)
3078 - markus@cvs.openbsd.org 2000/08/19 15:55:52
3079 [channels.c channels.h clientloop.c]
3080 more ~ support for ssh2
3081 - markus@cvs.openbsd.org 2000/08/19 16:21:19
3082 [clientloop.c]
3083 oops
3084 - millert@cvs.openbsd.org 2000/08/20 12:25:53
3085 [session.c]
3086 We have to stash the result of get_remote_name_or_ip() before we
3087 close our socket or getpeername() will get EBADF and the process
3088 will exit. Only a problem for "UseLogin yes".
3089 - millert@cvs.openbsd.org 2000/08/20 12:30:59
3090 [session.c]
3091 Only check /etc/nologin if "UseLogin no" since login(1) may have its
3092 own policy on determining who is allowed to login when /etc/nologin
3093 is present. Also use the _PATH_NOLOGIN define.
3094 - millert@cvs.openbsd.org 2000/08/20 12:42:43
3095 [auth1.c auth2.c session.c ssh.c]
3096 Add calls to setusercontext() and login_get*(). We basically call
3097 setusercontext() in most places where previously we did a setlogin().
3098 Add default login.conf file and put root in the "daemon" login class.
3099 - millert@cvs.openbsd.org 2000/08/21 10:23:31
3100 [session.c]
3101 Fix incorrect PATH setting; noted by Markus.
Damien Millerb0785672000-08-23 09:10:39 +10003102
Damien Miller942da032000-08-18 13:59:06 +1000310320000818
3104 - (djm) OpenBSD CVS changes:
3105 - markus@cvs.openbsd.org 2000/07/22 03:14:37
3106 [servconf.c servconf.h sshd.8 sshd.c sshd_config]
3107 random early drop; ok theo, niels
3108 - deraadt@cvs.openbsd.org 2000/07/26 11:46:51
3109 [ssh.1]
3110 typo
3111 - deraadt@cvs.openbsd.org 2000/08/01 11:46:11
3112 [sshd.8]
3113 many fixes from pepper@mail.reppep.com
3114 - provos@cvs.openbsd.org 2000/08/01 13:01:42
3115 [Makefile.in util.c aux.c]
3116 rename aux.c to util.c to help with cygwin port
3117 - deraadt@cvs.openbsd.org 2000/08/02 00:23:31
3118 [authfd.c]
3119 correct sun_len; Alexander@Leidinger.net
3120 - provos@cvs.openbsd.org 2000/08/02 10:27:17
3121 [readconf.c sshd.8]
3122 disable kerberos authentication by default
3123 - provos@cvs.openbsd.org 2000/08/02 11:27:05
3124 [sshd.8 readconf.c auth-krb4.c]
3125 disallow kerberos authentication if we can't verify the TGT; from
3126 dugsong@
3127 kerberos authentication is on by default only if you have a srvtab.
3128 - markus@cvs.openbsd.org 2000/08/04 14:30:07
3129 [auth.c]
3130 unused
3131 - markus@cvs.openbsd.org 2000/08/04 14:30:35
3132 [sshd_config]
3133 MaxStartups
3134 - markus@cvs.openbsd.org 2000/08/15 13:20:46
3135 [authfd.c]
3136 cleanup; ok niels@
3137 - markus@cvs.openbsd.org 2000/08/17 14:05:10
3138 [session.c]
3139 cleanup login(1)-like jobs, no duplicate utmp entries
3140 - markus@cvs.openbsd.org 2000/08/17 14:06:34
3141 [session.c sshd.8 sshd.c]
3142 sshd -u len, similar to telnetd
Damien Millerc1132e72000-08-18 14:08:38 +10003143 - (djm) Lastlog was not getting closed after writing login entry
Damien Millera7f58292000-08-18 14:43:41 +10003144 - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com>
Damien Miller942da032000-08-18 13:59:06 +10003145
Damien Miller11fa2cc2000-08-16 10:35:58 +1000314620000816
3147 - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
Damien Millere4340be2000-09-16 13:29:08 +11003148 - (djm) Fix strerror replacement for old SunOS. Based on patch from
Damien Miller11fa2cc2000-08-16 10:35:58 +10003149 Charles Levert <charles@comm.polymtl.ca>
Damien Millere4340be2000-09-16 13:29:08 +11003150 - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
Damien Miller11fa2cc2000-08-16 10:35:58 +10003151 implementation.
Damien Miller3241fa12000-08-18 14:59:59 +10003152 - (djm) SUN_LEN macro for systems which lack it
Damien Miller11fa2cc2000-08-16 10:35:58 +10003153
Damien Miller348c9b72000-08-15 10:01:22 +1000315420000815
3155 - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com>
Damien Millerc83aa832000-08-15 10:08:00 +10003156 - (djm) Avoid failures on Irix when ssh is not setuid. Fix from
3157 Michael Stone <mstone@cs.loyola.edu>
Damien Millere477ef62000-08-15 10:21:17 +10003158 - (djm) Don't seek in directory based lastlogs
Damien Millere4340be2000-09-16 13:29:08 +11003159 - (djm) Fix --with-ipaddr-display configure option test. Patch from
Damien Millere477ef62000-08-15 10:21:17 +10003160 Jarno Huuskonen <jhuuskon@messi.uku.fi>
Damien Miller0da2eaa2000-08-15 11:32:59 +10003161 - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br>
Damien Miller348c9b72000-08-15 10:01:22 +10003162
Damien Milleref7ed5e2000-08-13 10:31:12 +1000316320000813
3164 - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from
3165 Fabrice bacchella <fabrice.bacchella@marchfirst.fr>
3166
Damien Millerd17b8d52000-08-09 14:42:28 +1000316720000809
Damien Millere4340be2000-09-16 13:29:08 +11003168 - (djm) Define AIX hard limits if headers don't. Report from
Damien Millerd17b8d52000-08-09 14:42:28 +10003169 Bill Painter <william.t.painter@lmco.com>
Damien Millere4340be2000-09-16 13:29:08 +11003170 - (djm) utmp direct write & SunOS 4 patch from Charles Levert
Damien Miller36ccb5c2000-08-09 16:34:27 +10003171 <charles@comm.polymtl.ca>
Damien Millerd17b8d52000-08-09 14:42:28 +10003172
Damien Millerab8d1922000-08-08 16:53:28 +1000317320000808
3174 - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install
3175 time, spec file cleanup.
3176
Damien Miller729e1f12000-08-07 15:39:13 +1000317720000807
Damien Miller52652f52000-08-07 15:54:39 +10003178 - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke
Damien Miller0f091bd2000-08-07 15:47:48 +10003179 - (djm) Suppress error messages on channel close shutdown() failurs
3180 works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org>
Damien Miller52652f52000-08-07 15:54:39 +10003181 - (djm) Add some more entropy collection commands from Lutz Jaenicke
Damien Miller729e1f12000-08-07 15:39:13 +10003182
Damien Miller7b60a172000-07-25 09:04:37 +1000318320000725
3184 - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF
3185
Damien Miller994cf142000-07-21 10:19:44 +1000318620000721
3187 - (djm) OpenBSD CVS updates:
3188 - markus@cvs.openbsd.org 2000/07/16 02:27:22
3189 [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
3190 [sshconnect1.c sshconnect2.c]
3191 make ssh-add accept dsa keys (the agent does not)
3192 - djm@cvs.openbsd.org 2000/07/17 19:25:02
3193 [sshd.c]
3194 Another closing of stdin; ok deraadt
3195 - markus@cvs.openbsd.org 2000/07/19 18:33:12
3196 [dsa.c]
3197 missing free, reorder
3198 - markus@cvs.openbsd.org 2000/07/20 16:23:14
3199 [ssh-keygen.1]
3200 document input and output files
3201
Damien Miller9dec7762000-07-20 10:00:59 +1000320220000720
Damien Miller994cf142000-07-21 10:19:44 +10003203 - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz>
Damien Miller9dec7762000-07-20 10:00:59 +10003204
Damien Millera8dbd9d2000-07-16 13:25:00 +1000320520000716
Damien Miller994cf142000-07-21 10:19:44 +10003206 - (djm) Release 2.1.1p4
Damien Millera8dbd9d2000-07-16 13:25:00 +10003207
Damien Millerecbb26d2000-07-15 14:59:14 +1000320820000715
Damien Millerbe484b52000-07-15 14:14:16 +10003209 - (djm) OpenBSD CVS updates
3210 - provos@cvs.openbsd.org 2000/07/13 16:53:22
3211 [aux.c readconf.c servconf.c ssh.h]
3212 allow multiple whitespace but only one '=' between tokens, bug report from
3213 Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@
3214 - provos@cvs.openbsd.org 2000/07/13 17:14:09
3215 [clientloop.c]
3216 typo; todd@fries.net
3217 - provos@cvs.openbsd.org 2000/07/13 17:19:31
3218 [scp.c]
3219 close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu>
3220 - markus@cvs.openbsd.org 2000/07/14 16:59:46
3221 [readconf.c servconf.c]
3222 allow leading whitespace. ok niels
3223 - djm@cvs.openbsd.org 2000/07/14 22:01:38
3224 [ssh-keygen.c ssh.c]
3225 Always create ~/.ssh with mode 700; ok Markus
Damien Millerecbb26d2000-07-15 14:59:14 +10003226 - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca>
3227 - Include floatingpoint.h for entropy.c
3228 - strerror replacement
Damien Millerbe484b52000-07-15 14:14:16 +10003229
Damien Miller182ee6e2000-07-12 09:45:27 +1000323020000712
Damien Miller5de43db2000-07-12 11:12:55 +10003231 - (djm) Remove -lresolve for Reliant Unix
Damien Miller182ee6e2000-07-12 09:45:27 +10003232 - (djm) OpenBSD CVS Updates:
3233 - deraadt@cvs.openbsd.org 2000/07/11 02:11:34
3234 [session.c sshd.c ]
3235 make MaxStartups code still work with -d; djm
3236 - deraadt@cvs.openbsd.org 2000/07/11 13:17:45
3237 [readconf.c ssh_config]
3238 disable FallBackToRsh by default
Damien Miller5de43db2000-07-12 11:12:55 +10003239 - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from
3240 Ben Lindstrom <mouring@pconline.com>
Damien Miller5a119bc2000-07-12 14:34:11 +10003241 - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM
3242 spec file.
Damien Miller2e7ba692000-07-12 21:10:23 +10003243 - (djm) Released 2.1.1p3
Damien Miller182ee6e2000-07-12 09:45:27 +10003244
Damien Miller65964d62000-07-11 09:16:22 +1000324520000711
3246 - (djm) Fixup for AIX getuserattr() support from Tom Bertelson
3247 <tbert@abac.com>
Damien Miller2ae714f2000-07-11 09:29:50 +10003248 - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de>
Damien Millere4340be2000-09-16 13:29:08 +11003249 - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom
Damien Miller99bca602000-07-11 12:02:36 +10003250 <mouring@pconline.com>
Damien Millere4340be2000-09-16 13:29:08 +11003251 - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report
Damien Miller7a0e5dc2000-07-11 12:15:54 +10003252 from Jim Watt <jimw@peisj.pebio.com>
Damien Miller168e6ac2000-07-11 12:23:01 +10003253 - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known
3254 to compile on more platforms (incl NeXT).
Damien Miller3b9734c2000-07-11 14:54:22 +10003255 - (djm) Added bsd-inet_aton and configure support for NeXT
Damien Millerbc33bd42000-07-11 14:59:08 +10003256 - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com>
Damien Miller37023962000-07-11 17:31:38 +10003257 - (djm) OpenBSD CVS updates:
3258 - markus@cvs.openbsd.org 2000/06/26 03:22:29
3259 [authfd.c]
3260 cleanup, less cut&paste
3261 - markus@cvs.openbsd.org 2000/06/26 15:59:19
3262 [servconf.c servconf.h session.c sshd.8 sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11003263 MaxStartups: limit number of unauthenticated connections, work by
Damien Miller37023962000-07-11 17:31:38 +10003264 theo and me
3265 - deraadt@cvs.openbsd.org 2000/07/05 14:18:07
3266 [session.c]
3267 use no_x11_forwarding_flag correctly; provos ok
3268 - provos@cvs.openbsd.org 2000/07/05 15:35:57
3269 [sshd.c]
3270 typo
3271 - aaron@cvs.openbsd.org 2000/07/05 22:06:58
3272 [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8]
Damien Millere4340be2000-09-16 13:29:08 +11003273 Insert more missing .El directives. Our troff really should identify
Damien Miller37023962000-07-11 17:31:38 +10003274 these and spit out a warning.
3275 - todd@cvs.openbsd.org 2000/07/06 21:55:04
3276 [auth-rsa.c auth2.c ssh-keygen.c]
3277 clean code is good code
3278 - deraadt@cvs.openbsd.org 2000/07/07 02:14:29
3279 [serverloop.c]
3280 sense of port forwarding flag test was backwards
3281 - provos@cvs.openbsd.org 2000/07/08 17:17:31
3282 [compat.c readconf.c]
3283 replace strtok with strsep; from David Young <dyoung@onthejob.net>
3284 - deraadt@cvs.openbsd.org 2000/07/08 19:21:15
3285 [auth.h]
3286 KNF
3287 - ho@cvs.openbsd.org 2000/07/08 19:27:33
3288 [compat.c readconf.c]
3289 Better conditions for strsep() ending.
3290 - ho@cvs.openbsd.org 2000/07/10 10:27:05
3291 [readconf.c]
3292 Get the correct message on errors. (niels@ ok)
3293 - ho@cvs.openbsd.org 2000/07/10 10:30:25
3294 [cipher.c kex.c servconf.c]
3295 strtok() --> strsep(). (niels@ ok)
Damien Miller4d97ba22000-07-11 18:15:50 +10003296 - (djm) Fix problem with debug mode and MaxStartups
Damien Miller54ba4692000-07-11 18:39:20 +10003297 - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM
3298 builds)
Damien Miller3077fb92000-07-11 21:34:34 +10003299 - (djm) Add strsep function from OpenBSD libc for systems that lack it
Damien Miller65964d62000-07-11 09:16:22 +10003300
Damien Miller4e997202000-07-09 21:21:52 +1000330120000709
3302 - (djm) Only enable PAM_TTY kludge for Linux. Problem report from
3303 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller8148fa32000-07-09 21:23:52 +10003304 - (djm) Match prototype and function declaration for rresvport_af.
3305 Problem report from Niklas Edmundsson <nikke@ing.umu.se>
Damien Millere4340be2000-09-16 13:29:08 +11003306 - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM
Damien Miller01006272000-07-09 21:29:37 +10003307 builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu>
Damien Millerb38ea862000-07-09 21:37:49 +10003308 - (djm) Replace ut_name with ut_user. Patch from Jim Watt
3309 <jimw@peisj.pebio.com>
Damien Millerf9b625c2000-07-09 22:42:32 +10003310 - (djm) Fix pam sprintf fix
3311 - (djm) Cleanup entropy collection code a little more. Split initialisation
3312 from seeding, perform intialisation immediatly at start, be careful with
3313 uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
Damien Miller31abc9a2000-07-09 23:26:27 +10003314 - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
3315 Including sigaction() et al. replacements
Damien Millere4340be2000-09-16 13:29:08 +11003316 - (djm) AIX getuserattr() session initialisation from Tom Bertelson
Damien Miller39c0a1c2000-07-09 23:55:08 +10003317 <tbert@abac.com>
Damien Miller4e997202000-07-09 21:21:52 +10003318
Damien Millerce40c702000-07-08 10:14:08 +1000331920000708
Damien Millere4340be2000-09-16 13:29:08 +11003320 - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from
Damien Millerce40c702000-07-08 10:14:08 +10003321 Aaron Hopkins <aaron@die.net>
Damien Miller90dcc052000-07-08 10:17:40 +10003322 - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from
3323 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Millere4340be2000-09-16 13:29:08 +11003324 - (djm) Fixed undefined variables for OSF SIA. Report from
Damien Millerfe668e42000-07-08 10:44:13 +10003325 Baars, Henk <Hendrik.Baars@nl.origin-it.com>
Damien Millere4340be2000-09-16 13:29:08 +11003326 - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c
Damien Millerf2fdbe52000-07-08 10:57:08 +10003327 Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL>
Damien Millere4340be2000-09-16 13:29:08 +11003328 - (djm) Don't use inet_addr.
Damien Millerce40c702000-07-08 10:14:08 +10003329
Damien Miller9b6d4ab2000-07-02 08:43:18 +1000333020000702
3331 - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com>
Damien Millerc7088432000-07-02 18:44:54 +10003332 - (djm) Stop shadow expiry checking from preventing logins with NIS. Based
3333 on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Miller484118e2000-07-02 19:13:56 +10003334 - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from
3335 Chris, the Young One <cky@pobox.com>
Damien Millere4340be2000-09-16 13:29:08 +11003336 - (djm) Fix scp progress meter on really wide terminals. Based on patch
Damien Miller0809a0a2000-07-02 19:33:54 +10003337 from James H. Cloos Jr. <cloos@jhcloos.com>
Damien Miller9b6d4ab2000-07-02 08:43:18 +10003338
Damien Millerd8cfda62000-07-01 12:56:09 +1000333920000701
3340 - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu>
Damien Miller8e81ed32000-07-01 13:17:42 +10003341 - (djm) Login fixes from Tom Bertelson <tbert@abac.com>
Damien Miller28adeef2000-07-01 13:29:26 +10003342 - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen
3343 <vinschen@cygnus.com>
Damien Miller7b413d22000-07-01 13:24:21 +10003344 - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM
Damien Millercb170cb2000-07-01 16:52:55 +10003345 - (djm) Added check for broken snprintf() functions which do not correctly
3346 terminate output string and attempt to use replacement.
Damien Millerc9270992000-07-01 19:42:32 +10003347 - (djm) Released 2.1.1p2
Damien Millerd8cfda62000-07-01 12:56:09 +10003348
Damien Miller53c5d462000-06-28 00:50:50 +1000334920000628
3350 - (djm) Fixes to lastlog code for Irix
3351 - (djm) Use atomicio in loginrec
Damien Miller91606b12000-06-28 08:22:29 +10003352 - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for
3353 Irix 6.x array sessions, project id's, and system audit trail id.
Damien Miller262ff172000-06-28 08:24:49 +10003354 - (djm) Added 'distprep' make target to simplify packaging
Damien Millere4340be2000-09-16 13:29:08 +11003355 - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA
Damien Millerb8c656e2000-06-28 15:22:41 +10003356 support. Enable using "USE_SIA=1 ./configure [options]"
Damien Miller33804262001-02-04 23:20:18 +11003357
Damien Millerf8af08d2000-06-27 09:40:06 +1000335820000627
3359 - (djm) Fixes to login code - not setting li->uid, cleanups
Damien Millerdd47aa22000-06-27 11:18:27 +10003360 - (djm) Formatting
Damien Millerf8af08d2000-06-27 09:40:06 +10003361
Damien Miller8dd33fd2000-06-26 10:20:19 +1000336220000626
Damien Millerc0fd17f2000-06-26 10:22:53 +10003363 - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net>
Damien Miller1f335fb2000-06-26 11:31:33 +10003364 - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
3365 - (djm) Added password expiry checking (no password change support)
Damien Miller64681252000-06-26 13:01:33 +10003366 - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK
3367 based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller08006472000-06-26 13:55:31 +10003368 - (djm) Fix fixed EGD code.
Damien Millerc0fd17f2000-06-26 10:22:53 +10003369 - OpenBSD CVS update
3370 - provos@cvs.openbsd.org 2000/06/25 14:17:58
3371 [channels.c]
3372 correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
3373
Damien Millerb54b40e2000-06-23 08:23:34 +1000337420000623
Damien Millere4340be2000-09-16 13:29:08 +11003375 - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
Damien Millerb54b40e2000-06-23 08:23:34 +10003376 Svante Signell <svante.signell@telia.com>
3377 - (djm) Autoconf logic to define sa_family_t if it is missing
Damien Millerbf7f4662000-06-23 10:16:38 +10003378 - OpenBSD CVS Updates:
3379 - markus@cvs.openbsd.org 2000/06/22 10:32:27
3380 [sshd.c]
3381 missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL
3382 - djm@cvs.openbsd.org 2000/06/22 17:55:00
3383 [auth-krb4.c key.c radix.c uuencode.c]
3384 Missing CVS idents; ok markus
Damien Millerb54b40e2000-06-23 08:23:34 +10003385
Damien Miller099f5052000-06-22 20:57:11 +1000338620000622
3387 - (djm) Automatically generate host key during "make install". Suggested
3388 by Gary E. Miller <gem@rellim.com>
3389 - (djm) Paranoia before kill() system call
Damien Miller6536c7d2000-06-22 21:32:31 +10003390 - OpenBSD CVS Updates:
3391 - markus@cvs.openbsd.org 2000/06/18 18:50:11
3392 [auth2.c compat.c compat.h sshconnect2.c]
3393 make userauth+pubkey interop with ssh.com-2.2.0
3394 - markus@cvs.openbsd.org 2000/06/18 20:56:17
3395 [dsa.c]
3396 mem leak + be more paranoid in dsa_verify.
3397 - markus@cvs.openbsd.org 2000/06/18 21:29:50
3398 [key.c]
3399 cleanup fingerprinting, less hardcoded sizes
3400 - markus@cvs.openbsd.org 2000/06/19 19:39:45
3401 [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
3402 [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
Damien Millere4340be2000-09-16 13:29:08 +11003403 [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
Damien Miller6536c7d2000-06-22 21:32:31 +10003404 [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
3405 [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
Damien Millere4340be2000-09-16 13:29:08 +11003406 [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
3407 [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
Damien Miller6536c7d2000-06-22 21:32:31 +10003408 [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
3409 [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
3410 OpenBSD tag
3411 - markus@cvs.openbsd.org 2000/06/21 10:46:10
3412 sshconnect2.c missing free; nuke old comment
Damien Miller099f5052000-06-22 20:57:11 +10003413
Damien Milleredb82922000-06-20 13:25:52 +1000341420000620
3415 - (djm) Replace use of '-o' and '-a' logical operators in configure tests
Damien Millerf1aa21f2001-01-05 09:30:32 +11003416 with '||' and '&&'. As suggested by Jim Knoble <jmknoble@jmknoble.cx>
Damien Milleredb82922000-06-20 13:25:52 +10003417 to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
Damien Miller2f022952000-06-20 13:50:01 +10003418 - (djm) Typo in loginrec.c
Damien Milleredb82922000-06-20 13:25:52 +10003419
Damien Miller7b22d652000-06-18 14:07:04 +1000342020000618
3421 - (djm) Add summary of configure options to end of ./configure run
Damien Millere4340be2000-09-16 13:29:08 +11003422 - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
Damien Miller7b22d652000-06-18 14:07:04 +10003423 Michael Stone <mstone@cs.loyola.edu>
Damien Millere4340be2000-09-16 13:29:08 +11003424 - (djm) rusage is a privileged operation on some Unices (incl.
Damien Miller7b22d652000-06-18 14:07:04 +10003425 Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
Damien Millere4340be2000-09-16 13:29:08 +11003426 - (djm) Avoid PAM failures when running without a TTY. Report from
Damien Miller7b22d652000-06-18 14:07:04 +10003427 Martin Petrak <petrak@spsknm.schools.sk>
3428 - (djm) Include sys/types.h when including netinet/in.h in configure tests.
3429 Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
Damien Miller0f91b4e2000-06-18 15:43:25 +10003430 - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support
Damien Millerf6d9e222000-06-18 14:50:44 +10003431 - OpenBSD CVS updates:
3432 - deraadt@cvs.openbsd.org 2000/06/17 09:58:46
3433 [channels.c]
3434 everyone says "nix it" (remove protocol 2 debugging message)
3435 - markus@cvs.openbsd.org 2000/06/17 13:24:34
3436 [sshconnect.c]
3437 allow extended server banners
3438 - markus@cvs.openbsd.org 2000/06/17 14:30:10
3439 [sshconnect.c]
3440 missing atomicio, typo
3441 - jakob@cvs.openbsd.org 2000/06/17 16:52:34
3442 [servconf.c servconf.h session.c sshd.8 sshd_config]
3443 add support for ssh v2 subsystems. ok markus@.
3444 - deraadt@cvs.openbsd.org 2000/06/17 18:57:48
3445 [readconf.c servconf.c]
3446 include = in WHITESPACE; markus ok
3447 - markus@cvs.openbsd.org 2000/06/17 19:09:10
3448 [auth2.c]
3449 implement bug compatibility with ssh-2.0.13 pubkey, server side
3450 - markus@cvs.openbsd.org 2000/06/17 21:00:28
3451 [compat.c]
3452 initial support for ssh.com's 2.2.0
3453 - markus@cvs.openbsd.org 2000/06/17 21:16:09
3454 [scp.c]
3455 typo
3456 - markus@cvs.openbsd.org 2000/06/17 22:05:02
3457 [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
3458 split auth-rsa option parsing into auth-options
3459 add options support to authorized_keys2
3460 - markus@cvs.openbsd.org 2000/06/17 22:42:54
3461 [session.c]
3462 typo
Damien Miller7b22d652000-06-18 14:07:04 +10003463
Damien Millera66626b2000-06-13 18:57:53 +1000346420000613
3465 - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
3466 - Platform define for SCO 3.x which breaks on /dev/ptmx
3467 - Detect and try to fix missing MAXPATHLEN
Damien Miller1a132252000-06-13 21:23:17 +10003468 - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
3469 <P.S.S.Camp@ukc.ac.uk>
Damien Millera66626b2000-06-13 18:57:53 +10003470
Damien Millere69f18c2000-06-12 16:38:54 +1000347120000612
3472 - (djm) Glob manpages in RPM spec files to catch compressed files
3473 - (djm) Full license in auth-pam.c
Damien Millerc29de952000-06-12 23:04:18 +10003474 - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
andre35ad6be2000-06-12 22:41:27 +00003475 - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>:
3476 - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
3477 def'd
3478 - Set AIX to use preformatted manpages
Damien Miller33804262001-02-04 23:20:18 +11003479
Damien Millerc601a752000-06-10 08:33:38 +1000348020000610
3481 - (djm) Minor doc tweaks
Damien Millerd900e452000-06-10 16:51:33 +10003482 - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc601a752000-06-10 08:33:38 +10003483
Damien Millera1cb6442000-06-09 11:58:35 +1000348420000609
3485 - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
3486 (in favour of utmpx) on Solaris 8
3487
Damien Millere37bfc12000-06-05 09:37:43 +1000348820000606
Damien Miller14c12cb2000-06-07 22:20:23 +10003489 - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
3490 list of commands (by default). Removed verbose debugging (by default).
Damien Millere4340be2000-09-16 13:29:08 +11003491 - (djm) Increased command entropy estimates and default entropy collection
Damien Miller14c12cb2000-06-07 22:20:23 +10003492 timeout
Damien Millerd5bf3072000-06-07 21:32:13 +10003493 - (djm) Remove duplicate headers from loginrec.c
Damien Miller9e110892000-06-07 21:05:46 +10003494 - (djm) Don't add /usr/local/lib to library search path on Irix
Damien Millere4340be2000-09-16 13:29:08 +11003495 - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
Damien Millerd3a18572000-06-07 19:55:44 +10003496 <tibbs@math.uh.edu>
Damien Miller5314ae72000-06-07 20:08:19 +10003497 - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
3498 <zack@wolery.cumb.org>
Damien Millerd3a18572000-06-07 19:55:44 +10003499 - (djm) OpenBSD CVS updates:
3500 - todd@cvs.openbsd.org
3501 [sshconnect2.c]
3502 teach protocol v2 to count login failures properly and also enable an
3503 explanation of why the password prompt comes up again like v1; this is NOT
3504 crypto
Damien Miller33804262001-02-04 23:20:18 +11003505 - markus@cvs.openbsd.org
Damien Millerd3a18572000-06-07 19:55:44 +10003506 [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
3507 xauth_location support; pr 1234
3508 [readconf.c sshconnect2.c]
3509 typo, unused
3510 [session.c]
3511 allow use_login only for login sessions, otherwise remote commands are
3512 execed with uid==0
3513 [sshd.8]
3514 document UseLogin better
3515 [version.h]
3516 OpenSSH 2.1.1
3517 [auth-rsa.c]
Damien Millere4340be2000-09-16 13:29:08 +11003518 fix match_hostname() logic for auth-rsa: deny access if we have a
Damien Millerd3a18572000-06-07 19:55:44 +10003519 negative match or no match at all
3520 [channels.c hostfile.c match.c]
Damien Millere4340be2000-09-16 13:29:08 +11003521 don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
Damien Millerd3a18572000-06-07 19:55:44 +10003522 kris@FreeBSD.org
3523
352420000606
Damien Millere4340be2000-09-16 13:29:08 +11003525 - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
Damien Millere37bfc12000-06-05 09:37:43 +10003526 configure.
3527
Damien Miller2994e082000-06-04 15:51:47 +1000352820000604
3529 - Configure tweaking for new login code on Irix 5.3
andrea86c7ec2000-06-04 17:00:15 +00003530 - (andre) login code changes based on djm feedback
Damien Miller2994e082000-06-04 15:51:47 +10003531
andrea86c7ec2000-06-04 17:00:15 +0000353220000603
3533 - (andre) New login code
3534 - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c
3535 - Add loginrec.[ch], logintest.c and autoconf code
Damien Miller33804262001-02-04 23:20:18 +11003536
Damien Miller2f6a0ad2000-05-31 11:20:11 +1000353720000531
3538 - Cleanup of auth.c, login.c and fake-*
3539 - Cleanup of auth-pam.c, save and print "account expired" error messages
Damien Miller1ea8ac72000-05-31 11:24:34 +10003540 - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp>
Damien Miller1c773922000-05-31 13:57:18 +10003541 - Rewrote bsd-login to use proper utmp API if available. Major cleanup
3542 of fallback DIY code.
Damien Miller2f6a0ad2000-05-31 11:20:11 +10003543
Damien Millerbe260a02000-05-30 12:57:46 +1000354420000530
3545 - Define atexit for old Solaris
Damien Millerc252e2e2000-05-30 13:12:46 +10003546 - Fix buffer overrun in login.c for systems which use syslen in utmpx.
3547 patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
Damien Millerb1715dc2000-05-30 13:44:51 +10003548 - OpenBSD CVS updates:
3549 - markus@cvs.openbsd.org
3550 [session.c]
3551 make x11-fwd work w/ localhost (xauth add host/unix:11)
3552 [cipher.c compat.c readconf.c servconf.c]
3553 check strtok() != NULL; ok niels@
3554 [key.c]
3555 fix key_read() for uuencoded keys w/o '='
3556 [serverloop.c]
3557 group ssh1 vs. ssh2 in serverloop
3558 [kex.c kex.h myproposal.h sshconnect2.c sshd.c]
3559 split kexinit/kexdh, factor out common code
3560 [readconf.c ssh.1 ssh.c]
3561 forwardagent defaults to no, add ssh -A
3562 - theo@cvs.openbsd.org
3563 [session.c]
3564 just some line shortening
Damien Miller03934f22000-05-30 14:01:10 +10003565 - Released 2.1.0p3
Damien Millerbe260a02000-05-30 12:57:46 +10003566
Damien Millerd999ae22000-05-20 12:49:31 +1000356720000520
3568 - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
Damien Millerad1bc5f2000-05-20 14:53:09 +10003569 - Don't touch utmp if USE_UTMPX defined
Damien Millerdfc83f42000-05-20 15:02:59 +10003570 - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
Damien Millerfda78d92000-05-20 15:33:44 +10003571 - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com>
Damien Millere4340be2000-09-16 13:29:08 +11003572 - HPUX and Configure fixes from Lutz Jaenicke
Damien Millerfda78d92000-05-20 15:33:44 +10003573 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Millere4340be2000-09-16 13:29:08 +11003574 - Use mkinstalldirs script to make directories instead of non-portable
Damien Millerfda78d92000-05-20 15:33:44 +10003575 "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller7b63b0f2000-05-20 15:41:26 +10003576 - Doc cleanup
Damien Millerd999ae22000-05-20 12:49:31 +10003577
Damien Milleref7df542000-05-19 00:03:23 +1000357820000518
3579 - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
3580 - OpenBSD CVS updates:
3581 - markus@cvs.openbsd.org
3582 [sshconnect.c]
3583 copy only ai_addrlen bytes; misiek@pld.org.pl
3584 [auth.c]
Damien Millere4340be2000-09-16 13:29:08 +11003585 accept an empty shell in authentication; bug reported by
Damien Milleref7df542000-05-19 00:03:23 +10003586 chris@tinker.ucr.edu
3587 [serverloop.c]
3588 we don't have stderr for interactive terminal sessions (fcntl errors)
3589
Damien Miller8d1fd572000-05-17 21:34:07 +1000359020000517
3591 - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
3592 - Fixes command line printing segfaults (spotter: Bladt Norbert)
3593 - Fixes erroneous printing of debug messages to syslog
3594 - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
3595 - Gives useful error message if PRNG initialisation fails
3596 - Reduced ssh startup delay
3597 - Measures cumulative command time rather than the time between reads
Damien Millerbe484b52000-07-15 14:14:16 +10003598 after select()
Damien Miller8d1fd572000-05-17 21:34:07 +10003599 - 'fixprogs' perl script to eliminate non-working entropy commands, and
Damien Millerbe484b52000-07-15 14:14:16 +10003600 optionally run 'ent' to measure command entropy
Damien Millerd2c208a2000-05-17 22:00:02 +10003601 - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
Damien Millerf3c6cf12000-05-17 22:08:29 +10003602 - Avoid WCOREDUMP complation errors for systems that lack it
Damien Millere4340be2000-09-16 13:29:08 +11003603 - Avoid SIGCHLD warnings from entropy commands
Damien Miller0e65eed2000-05-17 22:16:05 +10003604 - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
Damien Millerdcb6ecd2000-05-17 22:34:22 +10003605 - OpenBSD CVS update:
Damien Millere4340be2000-09-16 13:29:08 +11003606 - markus@cvs.openbsd.org
Damien Millerdcb6ecd2000-05-17 22:34:22 +10003607 [ssh.c]
3608 fix usage()
3609 [ssh2.h]
3610 draft-ietf-secsh-architecture-05.txt
3611 [ssh.1]
3612 document ssh -T -N (ssh2 only)
3613 [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
3614 enable nonblocking IO for sshd w/ proto 1, too; split out common code
3615 [aux.c]
3616 missing include
Damien Miller615f9392000-05-17 22:53:33 +10003617 - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
3618 - INSTALL typo and URL fix
3619 - Makefile fix
3620 - Solaris fixes
Damien Millere4340be2000-09-16 13:29:08 +11003621 - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
Damien Miller615f9392000-05-17 22:53:33 +10003622 <ksakai@kso.netwk.ntt-at.co.jp>
Damien Millerc4be7ce2000-05-17 23:02:03 +10003623 - RSAless operation patch from kevin_oconnor@standardandpoors.com
Damien Miller3b512e12000-05-17 23:29:18 +10003624 - Detect OpenSSL seperatly from RSA
Damien Millere4340be2000-09-16 13:29:08 +11003625 - Better test for RSA (more compatible with RSAref). Based on work by
Damien Miller3b512e12000-05-17 23:29:18 +10003626 Ed Eden <ede370@stl.rural.usda.gov>
Damien Miller8d1fd572000-05-17 21:34:07 +10003627
Damien Miller95fe91b2000-05-13 12:31:22 +1000362820000513
Damien Millere4340be2000-09-16 13:29:08 +11003629 - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
Damien Miller95fe91b2000-05-13 12:31:22 +10003630 <misiek@pld.org.pl>
3631
Damien Milleraccfeb32000-05-11 19:10:58 +1000363220000511
Damien Millere4340be2000-09-16 13:29:08 +11003633 - Fix for prng_seed permissions checking from Lutz Jaenicke
Damien Milleraccfeb32000-05-11 19:10:58 +10003634 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller95fe91b2000-05-13 12:31:22 +10003635 - "make host-key" fix for Irix
Damien Milleraccfeb32000-05-11 19:10:58 +10003636
Damien Miller30c3d422000-05-09 11:02:59 +1000363720000509
3638 - OpenBSD CVS update
3639 - markus@cvs.openbsd.org
3640 [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
3641 [ssh.h sshconnect1.c sshconnect2.c sshd.8]
3642 - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
3643 - hugh@cvs.openbsd.org
3644 [ssh.1]
3645 - zap typo
3646 [ssh-keygen.1]
3647 - One last nit fix. (markus approved)
3648 [sshd.8]
3649 - some markus certified spelling adjustments
3650 - markus@cvs.openbsd.org
3651 [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
3652 [sshconnect2.c ]
3653 - bug compat w/ ssh-2.0.13 x11, split out bugs
3654 [nchan.c]
3655 - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
3656 [ssh-keygen.c]
3657 - handle escapes in real and original key format, ok millert@
3658 [version.h]
3659 - OpenSSH-2.1
Damien Miller16e519c2000-05-09 14:28:55 +10003660 - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
Damien Miller54057c22000-05-09 15:03:37 +10003661 - Doc updates
Damien Millere4340be2000-09-16 13:29:08 +11003662 - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported
Damien Miller95e89632000-05-09 15:28:50 +10003663 by Andre Lucas <andre.lucas@dial.pipex.com>
Damien Miller30c3d422000-05-09 11:02:59 +10003664
Damien Miller58e579b2000-05-08 00:05:31 +1000366520000508
3666 - Makefile and RPM spec fixes
3667 - Generate DSA host keys during "make key" or RPM installs
Damien Miller6d488712000-05-08 13:44:52 +10003668 - OpenBSD CVS update
3669 - markus@cvs.openbsd.org
3670 [clientloop.c sshconnect2.c]
3671 - make x11-fwd interop w/ ssh-2.0.13
3672 [README.openssh2]
3673 - interop w/ SecureFX
3674 - Release 2.0.0beta2
Damien Miller58e579b2000-05-08 00:05:31 +10003675
Damien Millere4340be2000-09-16 13:29:08 +11003676 - Configure caching and cleanup patch from Andre Lucas'
Damien Miller61e50f12000-05-08 20:49:37 +10003677 <andre.lucas@dial.pipex.com>
3678
Damien Millere247cc42000-05-07 12:03:14 +1000367920000507
3680 - Remove references to SSLeay.
3681 - Big OpenBSD CVS update
3682 - markus@cvs.openbsd.org
3683 [clientloop.c]
3684 - typo
3685 [session.c]
3686 - update proctitle on pty alloc/dealloc, e.g. w/ windows client
3687 [session.c]
3688 - update proctitle for proto 1, too
3689 [channels.h nchan.c serverloop.c session.c sshd.c]
3690 - use c-style comments
3691 - deraadt@cvs.openbsd.org
3692 [scp.c]
3693 - more atomicio
Damien Millere4340be2000-09-16 13:29:08 +11003694 - markus@cvs.openbsd.org
Damien Millere247cc42000-05-07 12:03:14 +10003695 [channels.c]
3696 - set O_NONBLOCK
3697 [ssh.1]
3698 - update AUTHOR
3699 [readconf.c ssh-keygen.c ssh.h]
3700 - default DSA key file ~/.ssh/id_dsa
3701 [clientloop.c]
3702 - typo, rm verbose debug
3703 - deraadt@cvs.openbsd.org
3704 [ssh-keygen.1]
3705 - document DSA use of ssh-keygen
3706 [sshd.8]
3707 - a start at describing what i understand of the DSA side
3708 [ssh-keygen.1]
3709 - document -X and -x
3710 [ssh-keygen.c]
3711 - simplify usage
Damien Millere4340be2000-09-16 13:29:08 +11003712 - markus@cvs.openbsd.org
Damien Millere247cc42000-05-07 12:03:14 +10003713 [sshd.8]
3714 - there is no rhosts_dsa
3715 [ssh-keygen.1]
3716 - document -y, update -X,-x
3717 [nchan.c]
3718 - fix close for non-open ssh1 channels
3719 [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
3720 - s/DsaKey/HostDSAKey/, document option
3721 [sshconnect2.c]
3722 - respect number_of_password_prompts
3723 [channels.c channels.h servconf.c servconf.h session.c sshd.8]
3724 - GatewayPorts for sshd, ok deraadt@
3725 [ssh-add.1 ssh-agent.1 ssh.1]
3726 - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
3727 [ssh.1]
3728 - more info on proto 2
3729 [sshd.8]
3730 - sync AUTHOR w/ ssh.1
3731 [key.c key.h sshconnect.c]
3732 - print key type when talking about host keys
3733 [packet.c]
3734 - clear padding in ssh2
3735 [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
3736 - replace broken uuencode w/ libc b64_ntop
3737 [auth2.c]
3738 - log failure before sending the reply
3739 [key.c radix.c uuencode.c]
3740 - remote trailing comments before calling __b64_pton
3741 [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
3742 [sshconnect2.c sshd.8]
3743 - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
3744 - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
3745
Damien Miller63560f92000-05-02 09:06:04 +1000374620000502
Damien Miller6f83b8e2000-05-02 09:23:45 +10003747 - OpenBSD CVS update
3748 [channels.c]
3749 - init all fds, close all fds.
3750 [sshconnect2.c]
3751 - check whether file exists before asking for passphrase
3752 [servconf.c servconf.h sshd.8 sshd.c]
3753 - PidFile, pr 1210
3754 [channels.c]
3755 - EINTR
3756 [channels.c]
3757 - unbreak, ok niels@
3758 [sshd.c]
3759 - unlink pid file, ok niels@
3760 [auth2.c]
3761 - Add missing #ifdefs; ok - markus
Damien Millere4340be2000-09-16 13:29:08 +11003762 - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
Damien Miller0437b332000-05-02 09:56:41 +10003763 gathering commands from a text file
Damien Miller63560f92000-05-02 09:06:04 +10003764 - Release 2.0.0beta1
3765
Damien Miller7c8af4f2000-05-01 08:24:07 +1000376620000501
3767 - OpenBSD CVS update
3768 [packet.c]
3769 - send debug messages in SSH2 format
Damien Miller35dabd02000-05-01 21:10:33 +10003770 [scp.c]
3771 - fix very rare EAGAIN/EINTR issues; based on work by djm
3772 [packet.c]
3773 - less debug, rm unused
3774 [auth2.c]
3775 - disable kerb,s/key in ssh2
3776 [sshd.8]
3777 - Minor tweaks and typo fixes.
3778 [ssh-keygen.c]
3779 - Put -d into usage and reorder. markus ok.
Damien Millere4340be2000-09-16 13:29:08 +11003780 - Include missing headers for OpenSSL tests. Fix from Phil Karn
Damien Millere59ce622000-05-01 20:54:17 +10003781 <karn@ka9q.ampr.org>
Damien Millere4340be2000-09-16 13:29:08 +11003782 - Fixed __progname symbol collisions reported by Andre Lucas
Damien Miller70fb6712000-05-01 20:59:50 +10003783 <andre.lucas@dial.pipex.com>
Damien Miller0e489dc2000-05-01 22:53:53 +10003784 - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
3785 <gd@hilb1.medat.de>
Damien Miller1cead2c2000-05-01 22:55:23 +10003786 - Add some missing ifdefs to auth2.c
Damien Miller7c004262000-05-01 22:57:46 +10003787 - Deprecate perl-tk askpass.
Damien Millerfc0b11b2000-05-02 00:03:55 +10003788 - Irix portability fixes - don't include netinet headers more than once
3789 - Make sure we don't save PRNG seed more than once
Damien Miller7c8af4f2000-05-01 08:24:07 +10003790
Damien Miller1bead332000-04-30 00:47:29 +1000379120000430
3792 - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
Damien Miller4018c192000-04-30 09:30:44 +10003793 - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
3794 patch.
3795 - Adds timeout to entropy collection
3796 - Disables slow entropy sources
3797 - Load and save seed file
Damien Millere4340be2000-09-16 13:29:08 +11003798 - Changed entropy seed code to user per-user seeds only (server seed is
Damien Miller4018c192000-04-30 09:30:44 +10003799 saved in root's .ssh directory)
3800 - Use atexit() and fatal cleanups to save seed on exit
Damien Millerbd483e72000-04-30 10:00:53 +10003801 - More OpenBSD updates:
3802 [session.c]
3803 - don't call chan_write_failed() if we are not writing
3804 [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
3805 - keysize warnings error() -> log()
Damien Miller1bead332000-04-30 00:47:29 +10003806
Damien Millereba71ba2000-04-29 23:57:08 +1000380720000429
3808 - Merge big update to OpenSSH-2.0 from OpenBSD CVS
3809 [README.openssh2]
3810 - interop w/ F-secure windows client
3811 - sync documentation
3812 - ssh_host_dsa_key not ssh_dsa_key
3813 [auth-rsa.c]
3814 - missing fclose
3815 [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
3816 [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
3817 [sshd.c uuencode.c uuencode.h authfile.h]
3818 - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
3819 for trading keys with the real and the original SSH, directly from the
3820 people who invented the SSH protocol.
3821 [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
3822 [sshconnect1.c sshconnect2.c]
3823 - split auth/sshconnect in one file per protocol version
3824 [sshconnect2.c]
3825 - remove debug
3826 [uuencode.c]
3827 - add trailing =
3828 [version.h]
3829 - OpenSSH-2.0
3830 [ssh-keygen.1 ssh-keygen.c]
3831 - add -R flag: exit code indicates if RSA is alive
3832 [sshd.c]
3833 - remove unused
3834 silent if -Q is specified
3835 [ssh.h]
3836 - host key becomes /etc/ssh_host_dsa_key
3837 [readconf.c servconf.c ]
3838 - ssh/sshd default to proto 1 and 2
3839 [uuencode.c]
3840 - remove debug
3841 [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
3842 - xfree DSA blobs
3843 [auth2.c serverloop.c session.c]
3844 - cleanup logging for sshd/2, respect PasswordAuth no
3845 [sshconnect2.c]
3846 - less debug, respect .ssh/config
3847 [README.openssh2 channels.c channels.h]
Damien Millere4340be2000-09-16 13:29:08 +11003848 - clientloop.c session.c ssh.c
Damien Millereba71ba2000-04-29 23:57:08 +10003849 - support for x11-fwding, client+server
3850
Damien Millera552faf2000-04-21 15:55:20 +1000385120000421
3852 - Merge fix from OpenBSD CVS
3853 [ssh-agent.c]
3854 - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
3855 via Debian bug #59926
Damien Miller81171112000-04-23 11:14:01 +10003856 - Define __progname in session.c if libc doesn't
3857 - Remove indentation on autoconf #include statements to avoid bug in
Damien Millere4340be2000-09-16 13:29:08 +11003858 DEC Tru64 compiler. Report and fix from David Del Piero
Damien Miller81171112000-04-23 11:14:01 +10003859 <David.DelPiero@qed.qld.gov.au>
Damien Millera552faf2000-04-21 15:55:20 +10003860
Damien Miller3ef692a2000-04-20 07:33:24 +1000386120000420
Damien Millere4340be2000-09-16 13:29:08 +11003862 - Make fixpaths work with perl4, patch from Andre Lucas
Damien Miller3ef692a2000-04-20 07:33:24 +10003863 <andre.lucas@dial.pipex.com>
Damien Miller166fca82000-04-20 07:42:21 +10003864 - Sync with OpenBSD CVS:
3865 [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
3866 - pid_t
3867 [session.c]
3868 - remove bogus chan_read_failed. this could cause data
3869 corruption (missing data) at end of a SSH2 session.
Damien Millerd0cff3e2000-04-20 23:12:58 +10003870 - Merge fixes from Debian patch from Phil Hands <phil@hands.com>
3871 - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
3872 - Use vhangup to clean up Linux ttys
3873 - Force posix getopt processing on GNU libc systems
Damien Millercfabe862000-04-20 23:27:27 +10003874 - Debian bug #55910 - remove references to ssl(8) manpages
Damien Millerf3a3fee2000-04-20 23:32:48 +10003875 - Debian bug #58031 - ssh_config lies about default cipher
Damien Miller3ef692a2000-04-20 07:33:24 +10003876
Damien Miller8bb73be2000-04-19 16:26:12 +1000387720000419
3878 - OpenBSD CVS updates
3879 [channels.c]
3880 - fix pr 1196, listen_port and port_to_connect interchanged
3881 [scp.c]
Damien Millere4340be2000-09-16 13:29:08 +11003882 - after completion, replace the progress bar ETA counter with a final
Damien Miller8bb73be2000-04-19 16:26:12 +10003883 elapsed time; my idea, aaron wrote the patch
3884 [ssh_config sshd_config]
3885 - show 'Protocol' as an example, ok markus@
3886 [sshd.c]
3887 - missing xfree()
3888 - Add missing header to bsd-misc.c
3889
Damien Miller5f056372000-04-16 12:31:48 +1000389020000416
3891 - Reduce diff against OpenBSD source
Damien Millere4340be2000-09-16 13:29:08 +11003892 - All OpenSSL includes are now unconditionally referenced as
Damien Miller5f056372000-04-16 12:31:48 +10003893 openssl/foo.h
3894 - Pick up formatting changes
3895 - Other minor changed (typecasts, etc) that I missed
3896
Damien Miller4af51302000-04-16 11:18:38 +1000389720000415
3898 - OpenBSD CVS updates.
3899 [ssh.1 ssh.c]
3900 - ssh -2
3901 [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
3902 [session.c sshconnect.c]
3903 - check payload for (illegal) extra data
3904 [ALL]
3905 whitespace cleanup
3906
Damien Millere71eb912000-04-13 12:19:32 +1000390720000413
3908 - INSTALL doc updates
Damien Miller22c77262000-04-13 12:26:34 +10003909 - Merged OpenBSD updates to include paths.
Damien Millere4340be2000-09-16 13:29:08 +11003910
Damien Miller78928792000-04-12 20:17:38 +1000391120000412
3912 - OpenBSD CVS updates:
3913 - [channels.c]
3914 repair x11-fwd
3915 - [sshconnect.c]
3916 fix passwd prompt for ssh2, less debugging output.
3917 - [clientloop.c compat.c dsa.c kex.c sshd.c]
3918 less debugging output
3919 - [kex.c kex.h sshconnect.c sshd.c]
3920 check for reasonable public DH values
3921 - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
3922 [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
3923 add Cipher and Protocol options to ssh/sshd, e.g.:
3924 ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
3925 arcfour,3des-cbc'
3926 - [sshd.c]
3927 print 1.99 only if server supports both
3928
Damien Millerbc7c7cc2000-04-08 17:48:56 +1000392920000408
3930 - Avoid some compiler warnings in fake-get*.c
3931 - Add IPTOS macros for systems which lack them
Damien Miller11e37f62000-04-08 18:23:30 +10003932 - Only set define entropy collection macros if they are found
Damien Millerefb4afe2000-04-12 18:45:05 +10003933 - More large OpenBSD CVS updates:
3934 - [auth.c auth.h servconf.c servconf.h serverloop.c session.c]
3935 [session.h ssh.h sshd.c README.openssh2]
3936 ssh2 server side, see README.openssh2; enable with 'sshd -2'
3937 - [channels.c]
3938 no adjust after close
3939 - [sshd.c compat.c ]
3940 interop w/ latest ssh.com windows client.
Damien Miller33804262001-02-04 23:20:18 +11003941
Damien Miller1383bd82000-04-06 12:32:37 +1000394220000406
3943 - OpenBSD CVS update:
3944 - [channels.c]
3945 close efd on eof
3946 - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
3947 ssh2 client implementation, interops w/ ssh.com and lsh servers.
3948 - [sshconnect.c]
3949 missing free.
3950 - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
3951 remove unused argument, split cipher_mask()
3952 - [clientloop.c]
3953 re-order: group ssh1 vs. ssh2
3954 - Make Redhat spec require openssl >= 0.9.5a
3955
Damien Miller193ba882000-04-04 10:21:09 +1000395620000404
3957 - Add tests for RAND_add function when searching for OpenSSL
Damien Miller33b13562000-04-04 14:38:59 +10003958 - OpenBSD CVS update:
3959 - [packet.h packet.c]
3960 ssh2 packet format
3961 - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
3962 [channels.h channels.c]
3963 channel layer support for ssh2
3964 - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
3965 DSA, keyexchange, algorithm agreement for ssh2
Damien Miller74a333b2000-04-04 15:04:09 +10003966 - Generate manpages before make install not at the end of make all
3967 - Don't seed the rng quite so often
3968 - Always reseed rng when requested
Damien Miller193ba882000-04-04 10:21:09 +10003969
Damien Miller040f3832000-04-03 14:50:43 +1000397020000403
3971 - Wrote entropy collection routines for systems that lack /dev/random
3972 and EGD
Damien Miller70494d12000-04-03 15:57:06 +10003973 - Disable tests and typedefs for 64 bit types. They are currently unused.
Damien Miller040f3832000-04-03 14:50:43 +10003974
Damien Millerb38eff82000-04-01 11:09:21 +1000397520000401
3976 - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
3977 - [auth.c session.c sshd.c auth.h]
3978 split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
3979 - [bufaux.c bufaux.h]
3980 support ssh2 bignums
3981 - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
3982 [readconf.c ssh.c ssh.h serverloop.c]
3983 replace big switch() with function tables (prepare for ssh2)
3984 - [ssh2.h]
3985 ssh2 message type codes
3986 - [sshd.8]
3987 reorder Xr to avoid cutting
3988 - [serverloop.c]
3989 close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
3990 - [channels.c]
3991 missing close
3992 allow bigger packets
3993 - [cipher.c cipher.h]
3994 support ssh2 ciphers
3995 - [compress.c]
3996 cleanup, less code
3997 - [dispatch.c dispatch.h]
3998 function tables for different message types
3999 - [log-server.c]
4000 do not log() if debuggin to stderr
4001 rename a cpp symbol, to avoid param.h collision
4002 - [mpaux.c]
4003 KNF
4004 - [nchan.c]
4005 sync w/ channels.c
4006
Damien Miller2c9279f2000-03-26 12:12:34 +1000400720000326
4008 - Better tests for OpenSSL w/ RSAref
Damien Millere4340be2000-09-16 13:29:08 +11004009 - Added replacement setenv() function from OpenBSD libc. Suggested by
Damien Miller2c9279f2000-03-26 12:12:34 +10004010 Ben Lindstrom <mouring@pconline.com>
Damien Miller450a7a12000-03-26 13:04:51 +10004011 - OpenBSD CVS update
4012 - [auth-krb4.c]
4013 -Wall
4014 - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
4015 [match.h ssh.c ssh.h sshconnect.c sshd.c]
4016 initial support for DSA keys. ok deraadt@, niels@
4017 - [cipher.c cipher.h]
4018 remove unused cipher_attack_detected code
4019 - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
4020 Fix some formatting problems I missed before.
4021 - [ssh.1 sshd.8]
4022 fix spelling errors, From: FreeBSD
4023 - [ssh.c]
4024 switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
Damien Miller2c9279f2000-03-26 12:12:34 +10004025
Damien Miller63a46cc2000-03-24 09:24:33 +1100402620000324
4027 - Released 1.2.3
4028
Damien Miller29ea30d2000-03-17 10:54:15 +1100402920000317
4030 - Clarified --with-default-path option.
4031 - Added -blibpath handling for AIX to work around stupid runtime linking.
4032 Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11004033 <jmknoble@jmknoble.cx>
Damien Millerd6121d22000-03-17 23:26:46 +11004034 - Checks for 64 bit int types. Problem report from Mats Fredholm
4035 <matsf@init.se>
Damien Miller7684ee12000-03-17 23:40:15 +11004036 - OpenBSD CVS updates:
Damien Millere4340be2000-09-16 13:29:08 +11004037 - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
Damien Miller7684ee12000-03-17 23:40:15 +11004038 [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
4039 [sshd.c]
4040 pedantic: signed vs. unsigned, void*-arithm, etc
4041 - [ssh.1 sshd.8]
4042 Various cleanups and standardizations.
Damien Millere4340be2000-09-16 13:29:08 +11004043 - Runtime error fix for HPUX from Otmar Stahl
Damien Millere37ac5a2000-03-17 23:58:59 +11004044 <O.Stahl@lsw.uni-heidelberg.de>
Damien Miller29ea30d2000-03-17 10:54:15 +11004045
Damien Miller08c788a2000-03-16 07:52:29 +1100404620000316
Damien Millere4340be2000-09-16 13:29:08 +11004047 - Fixed configure not passing LDFLAGS to Solaris. Report from David G.
Damien Miller08c788a2000-03-16 07:52:29 +11004048 Hesprich <dghespri@sprintparanet.com>
Damien Miller166bd442000-03-16 10:48:25 +11004049 - Propogate LD through to Makefile
Damien Millerfd263682000-03-16 11:51:09 +11004050 - Doc cleanups
Damien Millerca9a49c2000-03-16 12:23:13 +11004051 - Added blurb about "scp: command not found" errors to UPGRADING
Damien Miller08c788a2000-03-16 07:52:29 +11004052
Damien Millera1ad4802000-03-15 10:04:54 +1100405320000315
4054 - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
4055 problems with gcc/Solaris.
Damien Millere4340be2000-09-16 13:29:08 +11004056 - Don't free argument to putenv() after use (in setenv() replacement).
Damien Millerf09b07a2000-03-15 11:23:48 +11004057 Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11004058 - Created contrib/ subdirectory. Included helpers from Phil Hands'
Damien Miller8b1c22b2000-03-15 12:13:01 +11004059 Debian package, README file and chroot patch from Ricardo Cerqueira
4060 <rmcc@clix.pt>
Damien Millere4340be2000-09-16 13:29:08 +11004061 - Moved gnome-ssh-askpass.c to contrib directory and removed config
Damien Miller8b1c22b2000-03-15 12:13:01 +11004062 option.
4063 - Slight cleanup to doc files
Damien Miller856799b2000-03-15 21:18:10 +11004064 - Configure fix from Bratislav ILICH <bilic@zepter.ru>
Damien Millera1ad4802000-03-15 10:04:54 +11004065
Damien Miller1c67c992000-03-14 10:16:34 +1100406620000314
Damien Millere4340be2000-09-16 13:29:08 +11004067 - Include macro for IN6_IS_ADDR_V4MAPPED. Report from
Damien Miller1c67c992000-03-14 10:16:34 +11004068 peter@frontierflying.com
Damien Millerdb819592000-03-14 13:44:01 +11004069 - Include /usr/local/include and /usr/local/lib for systems that don't
4070 do it themselves
4071 - -R/usr/local/lib for Solaris
4072 - Fix RSAref detection
4073 - Fix IN6_IS_ADDR_V4MAPPED macro
Damien Miller1c67c992000-03-14 10:16:34 +11004074
Damien Millerb85dcad2000-03-11 11:37:00 +1100407520000311
4076 - Detect RSAref
Damien Miller02491e92000-03-11 11:58:28 +11004077 - OpenBSD CVS change
4078 [sshd.c]
4079 - disallow guessing of root password
Damien Millerd58b3ab2000-03-11 20:05:11 +11004080 - More configure fixes
Damien Miller7bcb0892000-03-11 20:45:40 +11004081 - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
Damien Millerb85dcad2000-03-11 11:37:00 +11004082
Damien Miller98c7ad62000-03-09 21:27:49 +1100408320000309
4084 - OpenBSD CVS updates to v1.2.3
Damien Millerbe484b52000-07-15 14:14:16 +10004085 [ssh.h atomicio.c]
4086 - int atomicio -> ssize_t (for alpha). ok deraadt@
4087 [auth-rsa.c]
4088 - delay MD5 computation until client sends response, free() early, cleanup.
4089 [cipher.c]
4090 - void* -> unsigned char*, ok niels@
4091 [hostfile.c]
4092 - remove unused variable 'len'. fix comments.
4093 - remove unused variable
4094 [log-client.c log-server.c]
4095 - rename a cpp symbol, to avoid param.h collision
4096 [packet.c]
4097 - missing xfree()
4098 - getsockname() requires initialized tolen; andy@guildsoftware.com
4099 - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
4100 from Holger.Trapp@Informatik.TU-Chemnitz.DE
4101 [pty.c pty.h]
Damien Millere4340be2000-09-16 13:29:08 +11004102 - register cleanup for pty earlier. move code for pty-owner handling to
Damien Miller98c7ad62000-03-09 21:27:49 +11004103 pty.c ok provos@, dugsong@
Damien Millerbe484b52000-07-15 14:14:16 +10004104 [readconf.c]
4105 - turn off x11-fwd for the client, too.
4106 [rsa.c]
4107 - PKCS#1 padding
4108 [scp.c]
4109 - allow '.' in usernames; from jedgar@fxp.org
4110 [servconf.c]
4111 - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
4112 - sync with sshd_config
4113 [ssh-keygen.c]
4114 - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
4115 [ssh.1]
4116 - Change invalid 'CHAT' loglevel to 'VERBOSE'
4117 [ssh.c]
4118 - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
4119 - turn off x11-fwd for the client, too.
4120 [sshconnect.c]
4121 - missing xfree()
4122 - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
4123 - read error vs. "Connection closed by remote host"
4124 [sshd.8]
4125 - ie. -> i.e.,
4126 - do not link to a commercial page..
4127 - sync with sshd_config
4128 [sshd.c]
4129 - no need for poll.h; from bright@wintelcom.net
4130 - log with level log() not fatal() if peer behaves badly.
4131 - don't panic if client behaves strange. ok deraadt@
4132 - make no-port-forwarding for RSA keys deny both -L and -R style fwding
4133 - delay close() of pty until the pty has been chowned back to root
4134 - oops, fix comment, too.
4135 - missing xfree()
4136 - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
4137 (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
Damien Millere4340be2000-09-16 13:29:08 +11004138 - register cleanup for pty earlier. move code for pty-owner handling to
Damien Millerbe484b52000-07-15 14:14:16 +10004139 pty.c ok provos@, dugsong@
4140 - create x11 cookie file
4141 - fix pr 1113, fclose() -> pclose(), todo: remote popen()
4142 - version 1.2.3
Damien Miller98c7ad62000-03-09 21:27:49 +11004143 - Cleaned up
Damien Millere4340be2000-09-16 13:29:08 +11004144 - Removed warning workaround for Linux and devpts filesystems (no longer
Damien Miller8f975b62000-03-09 22:31:13 +11004145 required after OpenBSD updates)
Damien Miller98c7ad62000-03-09 21:27:49 +11004146
Damien Miller1a07ebd2000-03-08 09:03:44 +1100414720000308
4148 - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp>
4149
415020000307
4151 - Released 1.2.2p1
4152
Damien Miller01bedb82000-03-05 16:10:03 +1100415320000305
4154 - Fix DEC compile fix
Damien Millerfac99cd2000-03-05 16:10:45 +11004155 - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
Damien Miller9fb07e42000-03-05 16:22:59 +11004156 - Check for getpagesize in libucb.a if not found in libc. Fix for old
4157 Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millere4340be2000-09-16 13:29:08 +11004158 - Check for libwrap if --with-tcp-wrappers option specified. Suggestion
Damien Miller65165f82000-03-05 17:02:45 +11004159 Mate Wierdl <mw@moni.msci.memphis.edu>
Damien Miller01bedb82000-03-05 16:10:03 +11004160
Damien Miller4095f892000-03-03 22:13:52 +1100416120000303
4162 - Added "make host-key" target, Suggestion from Dominik Brettnacher
4163 <domi@saargate.de>
Damien Millere4340be2000-09-16 13:29:08 +11004164 - Don't permanently fail on bind() if getaddrinfo has more choices left for
Damien Miller3c7eeb22000-03-03 22:35:33 +11004165 us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
4166 Miskiewicz <misiek@pld.org.pl>
Damien Miller00d4bb12000-03-03 22:48:49 +11004167 - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
4168 - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
Damien Miller4095f892000-03-03 22:13:52 +11004169
Damien Millera22ba012000-03-02 23:09:20 +1100417020000302
4171 - Big cleanup of autoconf code
4172 - Rearranged to be a little more logical
4173 - Added -R option for Solaris
4174 - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
4175 to detect library and header location _and_ ensure library has proper
4176 RSA support built in (this is a problem with OpenSSL 0.9.5).
Damien Millerc7d8dbb2000-03-02 23:30:53 +11004177 - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de
Damien Millerc4cea3e2000-03-02 23:31:50 +11004178 - Avoid warning message with Unix98 ptys
Damien Millere4340be2000-09-16 13:29:08 +11004179 - Warning was valid - possible race condition on PTYs. Avoided using
Damien Miller204ad072000-03-02 23:56:12 +11004180 platform-specific code.
4181 - Document some common problems
Damien Millere4340be2000-09-16 13:29:08 +11004182 - Allow root access to any key. Patch from
Damien Miller2453d012000-03-02 23:57:18 +11004183 markus.friedl@informatik.uni-erlangen.de
Damien Millera22ba012000-03-02 23:09:20 +11004184
Damien Miller36143d72000-02-07 13:20:26 +1100418520000207
4186 - Removed SOCKS code. Will support through a ProxyCommand.
4187
Damien Miller18522462000-02-03 01:07:07 +1100418820000203
4189 - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu
Damien Miller0c0e4bf2000-02-03 13:58:51 +11004190 - Add --with-ssl-dir option
Damien Miller18522462000-02-03 01:07:07 +11004191
Damien Miller65527582000-02-02 19:17:40 +1100419220000202
Damien Millere4340be2000-09-16 13:29:08 +11004193 - Fix lastlog code for directory based lastlogs. Fix from Josh Durham
Damien Miller65527582000-02-02 19:17:40 +11004194 <jmd@aoe.vt.edu>
Damien Miller17872522000-02-02 20:56:20 +11004195 - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11004196 - Added URLs to Japanese translations of documents by HARUYAMA Seigo
Damien Miller17872522000-02-02 20:56:20 +11004197 <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Miller65527582000-02-02 19:17:40 +11004198
Damien Miller9e53f352000-02-01 23:05:30 +1100419920000201
4200 - Use socket pairs by default (instead of pipes). Prevents race condition
4201 on several (buggy) OSs. Report and fix from tridge@linuxcare.com
4202
Damien Millerf07390e2000-01-29 20:40:22 +1100420320000127
4204 - Seed OpenSSL's random number generator before generating RSA keypairs
4205 - Split random collector into seperate file
Damien Miller6034fdf2000-01-29 20:55:09 +11004206 - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millerf07390e2000-01-29 20:40:22 +11004207
Damien Miller27f4c782000-01-27 18:22:13 +1100420820000126
4209 - Released 1.2.2 stable
4210
Damien Millere4340be2000-09-16 13:29:08 +11004211 - NeXT keeps it lastlog in /usr/adm. Report from
Damien Miller27f4c782000-01-27 18:22:13 +11004212 mouring@newton.pconline.com
Damien Millere4340be2000-09-16 13:29:08 +11004213 - Added note in UPGRADING re interop with commercial SSH using idea.
Damien Millerf1aa21f2001-01-05 09:30:32 +11004214 Report from Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc85f9b42000-01-29 10:20:21 +11004215 - Fix linking order for Kerberos/AFS. Fix from Holget Trapp
4216 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Miller27f4c782000-01-27 18:22:13 +11004217
Damien Millerd89c24b2000-01-26 11:04:48 +1100421820000125
Damien Millere4340be2000-09-16 13:29:08 +11004219 - Fix NULL pointer dereference in login.c. Fix from Andre Lucas
Damien Millerd89c24b2000-01-26 11:04:48 +11004220 <andre.lucas@dial.pipex.com>
Damien Millerfa51a832000-01-26 11:07:22 +11004221 - Reorder PAM initialisation so it does not mess up lastlog. Reported
4222 by Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millere4340be2000-09-16 13:29:08 +11004223 - Use preformatted manpages on SCO, report from Gary E. Miller
Damien Miller0e1cf7c2000-01-26 12:15:30 +11004224 <gem@rellim.com>
4225 - New URL for x11-ssh-askpass.
Damien Millere4340be2000-09-16 13:29:08 +11004226 - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11004227 <jmknoble@jmknoble.cx>
Damien Millere4340be2000-09-16 13:29:08 +11004228 - Added 'DESTDIR' option to Makefile to ease package building. Patch from
Damien Millerf1aa21f2001-01-05 09:30:32 +11004229 Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller7d7c60d2000-01-26 14:37:48 +11004230 - Updated RPM spec files to use DESTDIR
Damien Millerd89c24b2000-01-26 11:04:48 +11004231
Damien Miller68cee102000-01-24 17:02:27 +1100423220000124
4233 - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
4234 increment)
4235
Damien Miller6fe375d2000-01-23 09:38:00 +1100423620000123
4237 - OpenBSD CVS:
4238 - [packet.c]
4239 getsockname() requires initialized tolen; andy@guildsoftware.com
Damien Millere4340be2000-09-16 13:29:08 +11004240 - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
Damien Miller1fa154b2000-01-23 10:32:03 +11004241 <drankin@bohemians.lexington.ky.us>
Damien Millerdef0dc92000-01-23 20:18:35 +11004242 - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Miller6fe375d2000-01-23 09:38:00 +11004243
Damien Miller91427002000-01-22 13:25:13 +1100424420000122
4245 - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
4246 <bent@clark.net>
Damien Miller670a4b82000-01-22 13:53:11 +11004247 - Merge preformatted manpage patch from Andre Lucas
4248 <andre.lucas@dial.pipex.com>
Damien Miller07278932000-01-22 14:05:37 +11004249 - Make IPv4 use the default in RPM packages
4250 - Irix uses preformatted manpages
Damien Miller8dbbe6e2000-01-22 18:17:42 +11004251 - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
4252 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Millerf052aaf2000-01-22 19:47:21 +11004253 - OpenBSD CVS updates:
4254 - [packet.c]
4255 use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
4256 from Holger.Trapp@Informatik.TU-Chemnitz.DE
4257 - [sshd.c]
4258 log with level log() not fatal() if peer behaves badly.
4259 - [readpass.c]
Damien Millere4340be2000-09-16 13:29:08 +11004260 instead of blocking SIGINT, catch it ourselves, so that we can clean
4261 the tty modes up and kill ourselves -- instead of our process group
Damien Miller33804262001-02-04 23:20:18 +11004262 leader (scp, cvs, ...) going away and leaving us in noecho mode.
Damien Millerf052aaf2000-01-22 19:47:21 +11004263 people with cbreak shells never even noticed..
Damien Miller14537852000-01-22 19:57:40 +11004264 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
4265 ie. -> i.e.,
Damien Miller91427002000-01-22 13:25:13 +11004266
Damien Millereca71f82000-01-20 22:38:27 +1100426720000120
4268 - Don't use getaddrinfo on AIX
Damien Miller396691a2000-01-20 22:44:08 +11004269 - Update to latest OpenBSD CVS:
4270 - [auth-rsa.c]
4271 - fix user/1056, sshd keeps restrictions; dbt@meat.net
4272 - [sshconnect.c]
4273 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
4274 - destroy keys earlier
Damien Millere4340be2000-09-16 13:29:08 +11004275 - split key exchange (kex) and user authentication (user-auth),
Damien Milleree1c0b32000-01-21 00:18:15 +11004276 ok: provos@
Damien Miller396691a2000-01-20 22:44:08 +11004277 - [sshd.c]
4278 - no need for poll.h; from bright@wintelcom.net
4279 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
Damien Millere4340be2000-09-16 13:29:08 +11004280 - split key exchange (kex) and user authentication (user-auth),
Damien Milleree1c0b32000-01-21 00:18:15 +11004281 ok: provos@
Damien Miller88b86e42000-01-20 23:13:35 +11004282 - Big manpage and config file cleanup from Andre Lucas
4283 <andre.lucas@dial.pipex.com>
Damien Miller886c63a2000-01-20 23:13:36 +11004284 - Re-added latest (unmodified) OpenBSD manpages
Damien Millereab2ce02000-01-20 23:58:22 +11004285 - Doc updates
Damien Milleree1c0b32000-01-21 00:18:15 +11004286 - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
4287 Christos Zoulas <christos@netbsd.org>
Damien Millereca71f82000-01-20 22:38:27 +11004288
Damien Miller9550a242000-01-19 10:41:23 +1100428920000119
Damien Millereaf99942000-01-19 13:45:07 +11004290 - SCO compile fixes from Gary E. Miller <gem@rellim.com>
Damien Miller9550a242000-01-19 10:41:23 +11004291 - Compile fix from Darren_Hall@progressive.com
Damien Miller7d80e342000-01-19 14:36:49 +11004292 - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
4293 addresses using getaddrinfo(). Added a configure switch to make the
4294 default lookup mode AF_INET
Damien Miller9550a242000-01-19 10:41:23 +11004295
Damien Millerdbd250f2000-01-18 08:57:14 +1100429620000118
4297 - Fixed --with-pid-dir option
Damien Millerca673b32000-01-18 09:01:27 +11004298 - Makefile fix from Gary E. Miller <gem@rellim.com>
Damien Miller33804262001-02-04 23:20:18 +11004299 - Compile fix for HPUX and Solaris from Andre Lucas
Damien Millere0f45742000-01-18 09:12:06 +11004300 <andre.lucas@dial.pipex.com>
Damien Millerdbd250f2000-01-18 08:57:14 +11004301
Damien Millerb9b94a72000-01-17 09:52:46 +1100430220000117
4303 - Clean up bsd-bindresvport.c. Use arc4random() for picking initial
4304 port, ignore EINVAL errors (Linux) when searching for free port.
Damien Millere4340be2000-09-16 13:29:08 +11004305 - Revert __snprintf -> snprintf aliasing. Apparently Solaris
Damien Miller834171e2000-01-17 09:59:41 +11004306 __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org>
Damien Millerf693d3b2000-01-17 11:56:27 +11004307 - Document location of Redhat PAM file in INSTALL.
Damien Millere4340be2000-09-16 13:29:08 +11004308 - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6
4309 INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to
Damien Miller19fe9c72000-01-17 15:23:01 +11004310 deliver (no IPv6 kernel support)
Damien Millere2192732000-01-17 13:22:55 +11004311 - Released 1.2.1pre27
Damien Millerb9b94a72000-01-17 09:52:46 +11004312
Damien Miller19fe9c72000-01-17 15:23:01 +11004313 - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c)
Damien Millere4340be2000-09-16 13:29:08 +11004314 - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
Damien Millerd426ed62000-01-17 19:22:36 +11004315 <jhuuskon@hytti.uku.fi>
Damien Millere4340be2000-09-16 13:29:08 +11004316 - Fix hang on logout if processes are still using the pty. Needs
Damien Millerb284b542000-01-17 20:55:18 +11004317 further testing.
Damien Miller66409952000-01-17 21:40:06 +11004318 - Patch from Christos Zoulas <christos@zoulas.com>
4319 - Try $prefix first when looking for OpenSSL.
4320 - Include sys/types.h when including sys/socket.h in test programs
Damien Millere4340be2000-09-16 13:29:08 +11004321 - Substitute PID directory in sshd.8. Suggestion from Andrew
Damien Millerb13c73e2000-01-17 22:02:17 +11004322 Stribblehill <a.d.stribblehill@durham.ac.uk>
Damien Miller19fe9c72000-01-17 15:23:01 +11004323
Damien Miller5eed6a22000-01-16 12:05:18 +1100432420000116
4325 - Renamed --with-xauth-path to --with-xauth
4326 - Added --with-pid-dir option
4327 - Released 1.2.1pre26
4328
Damien Miller8f926492000-01-16 18:19:25 +11004329 - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
Damien Millere4340be2000-09-16 13:29:08 +11004330 - Fixed broken bugfix for /dev/ptmx on Linux systems which lack
Damien Miller62a52ef2000-01-16 23:03:56 +11004331 openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
Damien Miller8f926492000-01-16 18:19:25 +11004332
Damien Millerb29ea912000-01-15 14:12:03 +1100433320000115
4334 - Add --with-xauth-path configure directive and explicit test for
Damien Millere4340be2000-09-16 13:29:08 +11004335 /usr/openwin/bin/xauth for Solaris systems. Report from Anders
Damien Millerb29ea912000-01-15 14:12:03 +11004336 Nordby <anders@fix.no>
Damien Millere4340be2000-09-16 13:29:08 +11004337 - Fix incorrect detection of /dev/ptmx on Linux systems that lack
Damien Millerb29ea912000-01-15 14:12:03 +11004338 openpty. Report from John Seifarth <john@waw.be>
4339 - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in
Damien Millere4340be2000-09-16 13:29:08 +11004340 sys/types.h. Fixes problems on SCO, report from Gary E. Miller
Damien Millerb29ea912000-01-15 14:12:03 +11004341 <gem@rellim.com>
4342 - Use __snprintf and __vnsprintf if they are found where snprintf and
4343 vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net>
4344 and others.
4345
Damien Miller34132e52000-01-14 15:45:46 +1100434620000114
4347 - Merged OpenBSD IPv6 patch:
4348 - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
4349 [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
4350 [hostfile.c sshd_config]
4351 ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
Damien Millere4340be2000-09-16 13:29:08 +11004352 features: sshd allows multiple ListenAddress and Port options. note
4353 that libwrap is not IPv6-ready. (based on patches from
Damien Miller34132e52000-01-14 15:45:46 +11004354 fujiwara@rcac.tdi.co.jp)
4355 - [ssh.c canohost.c]
Damien Millere4340be2000-09-16 13:29:08 +11004356 more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
Damien Miller34132e52000-01-14 15:45:46 +11004357 from itojun@
4358 - [channels.c]
4359 listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
4360 - [packet.h]
4361 allow auth-kerberos for IPv4 only
4362 - [scp.1 sshd.8 servconf.h scp.c]
4363 document -4, -6, and 'ssh -L 2022/::1/22'
4364 - [ssh.c]
Damien Millere4340be2000-09-16 13:29:08 +11004365 'ssh @host' is illegal (null user name), from
Damien Miller34132e52000-01-14 15:45:46 +11004366 karsten@gedankenpolizei.de
4367 - [sshconnect.c]
4368 better error message
4369 - [sshd.c]
4370 allow auth-kerberos for IPv4 only
4371 - Big IPv6 merge:
4372 - Cleanup overrun in sockaddr copying on RHL 6.1
4373 - Replacements for getaddrinfo, getnameinfo, etc based on versions
4374 from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
4375 - Replacement for missing structures on systems that lack IPv6
4376 - record_login needed to know about AF_INET6 addresses
4377 - Borrowed more code from OpenBSD: rresvport_af and requisites
4378
Damien Miller25e42562000-01-11 10:59:47 +1100437920000110
4380 - Fixes to auth-skey to enable it to use the standard OpenSSL libraries
4381
Damien Miller2edcda52000-01-07 08:56:05 +1100438220000107
4383 - New config.sub and config.guess to fix problems on SCO. Supplied
4384 by Gary E. Miller <gem@rellim.com>
Damien Millerfa824cb2000-01-07 18:51:27 +11004385 - SCO build fix from Gary E. Miller <gem@rellim.com>
Damien Miller25e42562000-01-11 10:59:47 +11004386 - Released 1.2.1pre25
Damien Miller2edcda52000-01-07 08:56:05 +11004387
Damien Miller105b7f02000-01-07 08:45:55 +1100438820000106
4389 - Documentation update & cleanup
4390 - Better KrbIV / AFS detection, based on patch from:
4391 Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
4392
Damien Miller1808f382000-01-06 12:03:12 +1100439320000105
Damien Millere4340be2000-09-16 13:29:08 +11004394 - Fixed annoying DES corruption problem. libcrypt has been
Damien Miller1808f382000-01-06 12:03:12 +11004395 overriding symbols in libcrypto. Removed libcrypt and crypt.h
4396 altogether (libcrypto includes its own crypt(1) replacement)
4397 - Added platform-specific rules for Irix 6.x. Included warning that
4398 they are untested.
4399
Damien Miller645c5982000-01-03 14:42:09 +1100440020000103
4401 - Add explicit make rules for files proccessed by fixpaths.
Damien Miller33804262001-02-04 23:20:18 +11004402 - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
Damien Miller645c5982000-01-03 14:42:09 +11004403 <tnh@kondara.org>
Damien Millere4340be2000-09-16 13:29:08 +11004404 - Removed "nullok" directive from default PAM configuration files.
4405 Added information on enabling EmptyPasswords on openssh+PAM in
Damien Millere9c8f4d2000-01-03 20:00:52 +11004406 UPGRADING file.
Damien Miller62ab38a2000-01-03 23:41:05 +11004407 - OpenBSD CVS updates
4408 - [ssh-agent.c]
Damien Millere4340be2000-09-16 13:29:08 +11004409 cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and
Damien Miller62ab38a2000-01-03 23:41:05 +11004410 dgaudet@arctic.org
4411 - [sshconnect.c]
4412 compare correct version for 1.3 compat mode
Damien Miller645c5982000-01-03 14:42:09 +11004413
Damien Miller5121e3a2000-01-02 11:49:28 +1100441420000102
4415 - Prevent multiple inclusion of config.h and defines.h. Suggested
4416 by Andre Lucas <andre.lucas@dial.pipex.com>
4417 - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet
4418 <dgaudet@arctic.org>
4419
Damien Miller8eb0fd61999-12-31 08:49:13 +1100442019991231
Damien Millere4340be2000-09-16 13:29:08 +11004421 - Fix password support on systems with a mixture of shadowed and
4422 non-shadowed passwords (e.g. NIS). Report and fix from
Damien Miller8eb0fd61999-12-31 08:49:13 +11004423 HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11004424 - Fix broken autoconf typedef detection. Report from Marc G.
Damien Millerf3e8be81999-12-31 08:59:04 +11004425 Fournier <marc.fournier@acadiau.ca>
Damien Miller03783f01999-12-31 09:16:40 +11004426 - Fix occasional crash on LinuxPPC. Patch from Franz Sirl
4427 <Franz.Sirl-kernel@lauterbach.com>
Damien Millere4340be2000-09-16 13:29:08 +11004428 - Prevent typedefs from being compiled more than once. Report from
Damien Millerb2532b31999-12-31 09:18:12 +11004429 Marc G. Fournier <marc.fournier@acadiau.ca>
Damien Miller3131d8b1999-12-31 09:42:24 +11004430 - Fill in ut_utaddr utmp field. Report from Benjamin Charron
4431 <iretd@bigfoot.com>
Damien Millere4340be2000-09-16 13:29:08 +11004432 - Really fix broken default path. Fix from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11004433 <jmknoble@jmknoble.cx>
Damien Milleraa7b64d1999-12-31 09:55:34 +11004434 - Remove test for quad_t. No longer needed.
Damien Miller6b85a7f2000-01-02 11:45:33 +11004435 - Released 1.2.1pre24
4436
4437 - Added support for directory-based lastlogs
4438 - Really fix typedefs, patch from Ben Taylor <bent@clark.net>
Damien Miller8eb0fd61999-12-31 08:49:13 +11004439
Damien Millerece22a81999-12-30 09:48:15 +1100444019991230
4441 - OpenBSD CVS updates:
4442 - [auth-passwd.c]
4443 check for NULL 1st
Damien Millere4340be2000-09-16 13:29:08 +11004444 - Removed most of the pam code into its own file auth-pam.[ch]. This
Damien Millere72b7af1999-12-30 15:08:44 +11004445 cleaned up sshd.c up significantly.
Damien Millere4340be2000-09-16 13:29:08 +11004446 - PAM authentication was incorrectly interpreting
Damien Miller8eb0fd61999-12-31 08:49:13 +11004447 "PermitRootLogin without-password". Report from Matthias Andree
4448 <ma@dt.e-technik.uni-dortmund.de
Damien Millere72b7af1999-12-30 15:08:44 +11004449 - Several other cleanups
Damien Miller8bdeee21999-12-30 15:50:54 +11004450 - Merged Dante SOCKS support patch from David Rankin
4451 <drankin@bohemians.lexington.ky.us>
4452 - Updated documentation with ./configure options
Damien Miller8eb0fd61999-12-31 08:49:13 +11004453 - Released 1.2.1pre23
Damien Millerece22a81999-12-30 09:48:15 +11004454
Damien Miller9550a761999-12-29 02:32:22 +1100445519991229
Damien Millere4340be2000-09-16 13:29:08 +11004456 - Applied another NetBSD portability patch from David Rankin
Damien Miller9550a761999-12-29 02:32:22 +11004457 <drankin@bohemians.lexington.ky.us>
4458 - Fix --with-default-path option.
Damien Millere4340be2000-09-16 13:29:08 +11004459 - Autodetect perl, patch from David Rankin
Damien Millere79334a1999-12-29 10:03:37 +11004460 <drankin@bohemians.lexington.ky.us>
Damien Millere4340be2000-09-16 13:29:08 +11004461 - Print whether OpenSSH was compiled with RSARef, patch from
Damien Millerd00d1611999-12-29 10:17:09 +11004462 Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
Damien Millere4340be2000-09-16 13:29:08 +11004463 - Calls to pam_setcred, patch from Nalin Dahyabhai
Damien Millerac3a4b41999-12-29 10:25:40 +11004464 <nalin@thermo.stat.ncsu.edu>
Damien Miller95058511999-12-29 10:36:45 +11004465 - Detect missing size_t and typedef it.
Damien Miller58ca7d81999-12-29 19:56:30 +11004466 - Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
4467 - Minor Makefile cleaning
Damien Miller9550a761999-12-29 02:32:22 +11004468
Damien Miller13bc0be1999-12-28 10:19:16 +1100446919991228
4470 - Replacement for getpagesize() for systems which lack it
Damien Millere4340be2000-09-16 13:29:08 +11004471 - NetBSD login.c compile fix from David Rankin
Damien Miller4ff2b9b1999-12-28 10:41:12 +11004472 <drankin@bohemians.lexington.ky.us>
4473 - Fully set ut_tv if present in utmp or utmpx
Damien Millerbeb4ba51999-12-28 15:09:35 +11004474 - Portability fixes for Irix 5.3 (now compiles OK!)
4475 - autoconf and other misc cleanups
Damien Miller74d0d4a1999-12-29 02:24:35 +11004476 - Merged AIX patch from Darren Hall <dhall@virage.org>
4477 - Cleaned up defines.h
Damien Miller06b472b1999-12-29 19:47:06 +11004478 - Released 1.2.1pre22
Damien Miller13bc0be1999-12-28 10:19:16 +11004479
Damien Millerc0d73901999-12-27 09:23:58 +1100448019991227
4481 - Automatically correct paths in manpages and configuration files. Patch
4482 and script from Andre Lucas <andre.lucas@dial.pipex.com>
4483 - Removed credits from README to CREDITS file, updated.
Damien Miller5a3e6831999-12-27 09:48:56 +11004484 - Added --with-default-path to specify custom path for server
4485 - Removed #ifdef trickery from acconfig.h into defines.h
Damien Miller373d2911999-12-27 10:45:54 +11004486 - PAM bugfix. PermitEmptyPassword was being ignored.
4487 - Fixed PAM config files to allow empty passwords if server does.
4488 - Explained spurious PAM auth warning workaround in UPGRADING
Damien Millere1276241999-12-27 11:33:56 +11004489 - Use last few chars of tty line as ut_id
Damien Miller6a5d4d61999-12-27 16:46:17 +11004490 - New SuSE RPM spec file from Chris Saia <csaia@wtower.com>
Damien Miller68e45de1999-12-27 23:54:55 +11004491 - OpenBSD CVS updates:
4492 - [packet.h auth-rhosts.c]
4493 check format string for packet_disconnect and packet_send_debug, too
4494 - [channels.c]
4495 use packet_get_maxsize for channels. consistence.
Damien Millerc0d73901999-12-27 09:23:58 +11004496
Damien Miller32b3cf21999-12-26 10:21:48 +1100449719991226
4498 - Enabled utmpx support by default for Solaris
4499 - Cleanup sshd.c PAM a little more
Damien Millerf1aa21f2001-01-05 09:30:32 +11004500 - Revised RPM package to include Jim Knoble's <jmknoble@jmknoble.cx>
Damien Miller36884401999-12-26 12:26:21 +11004501 X11 ssh-askpass program.
Damien Millerd49621e1999-12-26 14:04:33 +11004502 - Disable logging of PAM success and failures, PAM is verbose enough.
Damien Millere4340be2000-09-16 13:29:08 +11004503 Unfortunatly there is currently no way to disable auth failure
4504 messages. Mention this in UPGRADING file and sent message to PAM
Damien Millerd49621e1999-12-26 14:04:33 +11004505 developers
Damien Miller4f0fa561999-12-26 14:24:41 +11004506 - OpenBSD CVS update:
4507 - [ssh-keygen.1 ssh.1]
Damien Millere4340be2000-09-16 13:29:08 +11004508 remove ref to .ssh/random_seed, mention .ssh/environment in
Damien Miller4f0fa561999-12-26 14:24:41 +11004509 .Sh FILES, too
Damien Miller9673b2b1999-12-26 19:10:30 +11004510 - Released 1.2.1pre21
Damien Millere4340be2000-09-16 13:29:08 +11004511 - Fixed implicit '.' in default path, report from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11004512 <jmknoble@jmknoble.cx>
4513 - Redhat RPM spec fixes from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller32b3cf21999-12-26 10:21:48 +11004514
Damien Miller2e1b0821999-12-25 10:11:29 +1100451519991225
4516 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
4517 - Cleanup of auth-passwd.c for shadow and MD5 passwords
4518 - Cleanup and bugfix of PAM authentication code
Damien Miller32b3cf21999-12-26 10:21:48 +11004519 - Released 1.2.1pre20
4520
4521 - Merged fixes from Ben Taylor <bent@clark.net>
4522 - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
4523 - Disabled logging of PAM password authentication failures when password
4524 is empty. (e.g start of authentication loop). Reported by Naz
4525 <96na@eng.cam.ac.uk>)
Damien Miller2e1b0821999-12-25 10:11:29 +11004526
452719991223
Damien Millere4340be2000-09-16 13:29:08 +11004528 - Merged later HPUX patch from Andre Lucas
Damien Miller2e1b0821999-12-25 10:11:29 +11004529 <andre.lucas@dial.pipex.com>
4530 - Above patch included better utmpx support from Ben Taylor
Damien Miller32b3cf21999-12-26 10:21:48 +11004531 <bent@clark.net>
Damien Miller2e1b0821999-12-25 10:11:29 +11004532
Damien Miller365199d1999-12-22 00:12:38 +1100453319991222
Damien Millere4340be2000-09-16 13:29:08 +11004534 - Fix undefined fd_set type in ssh.h from Povl H. Pedersen
Damien Miller365199d1999-12-22 00:12:38 +11004535 <pope@netguide.dk>
Damien Miller1b0c2281999-12-22 16:09:48 +11004536 - Fix login.c breakage on systems which lack ut_host in struct
4537 utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
Damien Miller365199d1999-12-22 00:12:38 +11004538
Damien Miller76112de1999-12-21 11:18:08 +1100453919991221
Damien Millere4340be2000-09-16 13:29:08 +11004540 - Integration of large HPUX patch from Andre Lucas
4541 <andre.lucas@dial.pipex.com>. Integrating it had a few other
Damien Miller76112de1999-12-21 11:18:08 +11004542 benefits:
4543 - Ability to disable shadow passwords at configure time
4544 - Ability to disable lastlog support at configure time
4545 - Support for IP address in $DISPLAY
Damien Millerf039bad1999-12-21 20:57:20 +11004546 - OpenBSD CVS update:
4547 - [sshconnect.c]
4548 say "REMOTE HOST IDENTIFICATION HAS CHANGED"
Damien Millercb7e5f91999-12-21 21:03:09 +11004549 - Fix DISABLE_SHADOW support
4550 - Allow MD5 passwords even if shadow passwords are disabled
Damien Millere8852911999-12-21 22:50:50 +11004551 - Release 1.2.1pre19
Damien Miller76112de1999-12-21 11:18:08 +11004552
Damien Millerc4c647f1999-12-18 20:54:52 +1100455319991218
Damien Millere4340be2000-09-16 13:29:08 +11004554 - Redhat init script patch from Chun-Chung Chen
Damien Millerc4c647f1999-12-18 20:54:52 +11004555 <cjj@u.washington.edu>
Damien Millerfdb7caf1999-12-18 20:57:40 +11004556 - Avoid breakage on systems without IPv6 headers
Damien Millerc4c647f1999-12-18 20:54:52 +11004557
Damien Millerab8a4da1999-12-16 13:05:30 +1100455819991216
Damien Millere4340be2000-09-16 13:29:08 +11004559 - Makefile changes for Solaris from Peter Kocks
Damien Millerab8a4da1999-12-16 13:05:30 +11004560 <peter.kocks@baygate.com>
Damien Miller5e7c10e1999-12-16 13:18:04 +11004561 - Minor updates to docs
4562 - Merged OpenBSD CVS changes:
4563 - [authfd.c ssh-agent.c]
4564 keysize warnings talk about identity files
4565 - [packet.c]
4566 "Connection closed by x.x.x.x": fatal() -> log()
Damien Millere4340be2000-09-16 13:29:08 +11004567 - Correctly handle empty passwords in shadow file. Patch from:
Damien Miller8f9d5071999-12-16 15:10:45 +11004568 "Chris, the Young One" <cky@pobox.com>
4569 - Released 1.2.1pre18
Damien Millerab8a4da1999-12-16 13:05:30 +11004570
Damien Miller84093e91999-12-15 09:06:28 +1100457119991215
4572 - Integrated patchs from Juergen Keil <jk@tools.de>
4573 - Avoid void* pointer arithmatic
4574 - Use LDFLAGS correctly
Damien Miller864ea591999-12-15 11:04:25 +11004575 - Fix SIGIO error in scp
4576 - Simplify status line printing in scp
Damien Miller33804262001-02-04 23:20:18 +11004577 - Added better test for inline functions compiler support from
Damien Miller3b9d5e91999-12-15 09:34:31 +11004578 Darren_Hall@progressive.com
Damien Miller84093e91999-12-15 09:06:28 +11004579
Damien Millera34a28b1999-12-14 10:47:15 +1100458019991214
4581 - OpenBSD CVS Changes
4582 - [canohost.c]
Damien Millere4340be2000-09-16 13:29:08 +11004583 fix get_remote_port() and friends for sshd -i;
Damien Millera34a28b1999-12-14 10:47:15 +11004584 Holger.Trapp@Informatik.TU-Chemnitz.DE
4585 - [mpaux.c]
4586 make code simpler. no need for memcpy. niels@ ok
4587 - [pty.c]
4588 namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org
4589 fix proto; markus
4590 - [ssh.1]
4591 typo; mark.baushke@solipsa.com
4592 - [channels.c ssh.c ssh.h sshd.c]
4593 type conflict for 'extern Type *options' in channels.c; dot@dotat.at
4594 - [sshconnect.c]
4595 move checking of hostkey into own function.
4596 - [version.h]
4597 OpenSSH-1.2.1
Damien Miller36b339a1999-12-14 10:54:47 +11004598 - Clean up broken includes in pty.c
Damien Miller6ae00d61999-12-14 15:43:03 +11004599 - Some older systems don't have poll.h, they use sys/poll.h instead
4600 - Doc updates
Damien Millera34a28b1999-12-14 10:47:15 +11004601
Damien Millerc6b3bbe1999-12-13 08:27:33 +1100460219991211
Damien Millere4340be2000-09-16 13:29:08 +11004603 - Fix compilation on systems with AFS. Reported by
Damien Millerc6b3bbe1999-12-13 08:27:33 +11004604 aloomis@glue.umd.edu
Damien Millere4340be2000-09-16 13:29:08 +11004605 - Fix installation on Solaris. Reported by
Damien Millerc6b3bbe1999-12-13 08:27:33 +11004606 Gordon Rowell <gordonr@gormand.com.au>
4607 - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
4608 patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
4609 - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
4610 - Compile fix from David Agraz <dagraz@jahoopa.com>
4611 - Avoid compiler warning in bsd-snprintf.c
Damien Millere4340be2000-09-16 13:29:08 +11004612 - Added pam_limits.so to default PAM config. Suggested by
Damien Millerf1aa21f2001-01-05 09:30:32 +11004613 Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc6b3bbe1999-12-13 08:27:33 +11004614
Damien Millerbf1c9b21999-12-09 10:16:54 +1100461519991209
4616 - Import of patch from Ben Taylor <bent@clark.net>:
4617 - Improved PAM support
4618 - "uninstall" rule for Makefile
4619 - utmpx support
4620 - Should fix PAM problems on Solaris
Damien Miller50945fa1999-12-09 10:31:37 +11004621 - OpenBSD CVS updates:
4622 - [readpass.c]
4623 avoid stdio; based on work by markus, millert, and I
4624 - [sshd.c]
4625 make sure the client selects a supported cipher
4626 - [sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11004627 fix sighup handling. accept would just restart and daemon handled
4628 sighup only after the next connection was accepted. use poll on
Damien Miller50945fa1999-12-09 10:31:37 +11004629 listen sock now.
4630 - [sshd.c]
4631 make that a fatal
Damien Millerd7f66151999-12-09 10:48:58 +11004632 - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us>
4633 to fix libwrap support on NetBSD
Damien Miller6646bad1999-12-09 10:42:10 +11004634 - Released 1.2pre17
Damien Millerbf1c9b21999-12-09 10:16:54 +11004635
Damien Millerfce16481999-12-08 08:53:52 +1100463619991208
Damien Millere4340be2000-09-16 13:29:08 +11004637 - Compile fix for Solaris with /dev/ptmx from
Damien Millerfce16481999-12-08 08:53:52 +11004638 David Agraz <dagraz@jahoopa.com>
4639
Damien Miller0c078c61999-12-07 14:53:57 +1100464019991207
Damien Millerf1aa21f2001-01-05 09:30:32 +11004641 - sshd Redhat init script patch from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller0c078c61999-12-07 14:53:57 +11004642 fixes compatability with 4.x and 5.x
Damien Miller3bc14dd1999-12-07 14:54:53 +11004643 - Fixed default SSH_ASKPASS
Damien Millere4340be2000-09-16 13:29:08 +11004644 - Fix PAM account and session being called multiple times. Problem
Damien Millereabf3411999-12-07 14:56:27 +11004645 reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk>
Damien Miller037a0dc1999-12-07 15:38:31 +11004646 - Merged more OpenBSD changes:
4647 - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11004648 move atomicio into it's own file. wrap all socket write()s which
Damien Miller037a0dc1999-12-07 15:38:31 +11004649 were doing write(sock, buf, len) != len, with atomicio() calls.
4650 - [auth-skey.c]
4651 fd leak
4652 - [authfile.c]
4653 properly name fd variable
4654 - [channels.c]
4655 display great hatred towards strcpy
4656 - [pty.c pty.h sshd.c]
4657 use openpty() if it exists (it does on BSD4_4)
4658 - [tildexpand.c]
4659 check for ~ expansion past MAXPATHLEN
4660 - Modified helper.c to use new atomicio function.
4661 - Reformat Makefile a little
4662 - Moved RC4 routines from rc4.[ch] into helper.c
4663 - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
Damien Milleraf2604a1999-12-07 16:21:40 +11004664 - Updated SuSE spec from Chris Saia <csaia@wtower.com>
4665 - Tweaked Redhat spec
Damien Millerf5d69a51999-12-07 16:55:04 +11004666 - Clean up bad imports of a few files (forgot -kb)
4667 - Released 1.2pre16
Damien Miller0c078c61999-12-07 14:53:57 +11004668
Damien Millerdc33fc31999-12-04 20:24:48 +1100466919991204
4670 - Small cleanup of PAM code in sshd.c
Damien Milleraae6c611999-12-06 11:47:28 +11004671 - Merged OpenBSD CVS changes:
4672 - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h]
4673 move skey-auth from auth-passwd.c to auth-skey.c, same for krb4
4674 - [auth-rsa.c]
4675 warn only about mismatch if key is _used_
4676 warn about keysize-mismatch with log() not error()
4677 channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c
4678 ports are u_short
4679 - [hostfile.c]
4680 indent, shorter warning
4681 - [nchan.c]
4682 use error() for internal errors
4683 - [packet.c]
4684 set loglevel for SSH_MSG_DISCONNECT to log(), not fatal()
4685 serverloop.c
4686 indent
4687 - [ssh-add.1 ssh-add.c ssh.h]
4688 document $SSH_ASKPASS, reasonable default
4689 - [ssh.1]
4690 CheckHostIP is not available for connects via proxy command
4691 - [sshconnect.c]
4692 typo
4693 easier to read client code for passwd and skey auth
4694 turn of checkhostip for proxy connects, since we don't know the remote ip
Damien Millerdc33fc31999-12-04 20:24:48 +11004695
Damien Miller42b81ff1999-11-26 12:21:24 +1100469619991126
4697 - Add definition for __P()
4698 - Added [v]snprintf() replacement for systems that lack it
4699
Damien Miller78224a01999-11-25 11:55:45 +1100470019991125
4701 - More reformatting merged from OpenBSD CVS
4702 - Merged OpenBSD CVS changes:
4703 - [channels.c]
4704 fix packet_integrity_check() for !have_hostname_in_open.
4705 report from mrwizard@psu.edu via djm@ibs.com.au
4706 - [channels.c]
4707 set SO_REUSEADDR and SO_LINGER for forwarded ports.
4708 chip@valinux.com via damien@ibs.com.au
4709 - [nchan.c]
4710 it's not an error() if shutdown_write failes in nchan.
4711 - [readconf.c]
4712 remove dead #ifdef-0-code
4713 - [readconf.c servconf.c]
4714 strcasecmp instead of tolower
4715 - [scp.c]
4716 progress meter overflow fix from damien@ibs.com.au
4717 - [ssh-add.1 ssh-add.c]
4718 SSH_ASKPASS support
4719 - [ssh.1 ssh.c]
4720 postpone fork_after_authentication until command execution,
4721 request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
4722 plus: use daemon() for backgrounding
Damien Millerd8087f61999-11-25 12:31:26 +11004723 - Added BSD compatible install program and autoconf test, thanks to
4724 Niels Kristian Bech Jensen <nkbj@image.dk>
4725 - Solaris fixing, thanks to Ben Taylor <bent@clark.net>
Damien Miller063fdf81999-11-25 13:08:31 +11004726 - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com>
Damien Millerbf3f6ef1999-11-25 13:50:10 +11004727 - Release 1.2pre15
Damien Miller78224a01999-11-25 11:55:45 +11004728
Damien Miller95def091999-11-25 00:26:21 +1100472919991124
4730 - Merged very large OpenBSD source code reformat
4731 - OpenBSD CVS updates
4732 - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
4733 [ssh.h sshd.8 sshd.c]
4734 syslog changes:
4735 * Unified Logmessage for all auth-types, for success and for failed
4736 * Standard connections get only ONE line in the LOG when level==LOG:
4737 Auth-attempts are logged only, if authentication is:
4738 a) successfull or
4739 b) with passwd or
4740 c) we had more than AUTH_FAIL_LOG failues
4741 * many log() became verbose()
4742 * old behaviour with level=VERBOSE
4743 - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
4744 tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
4745 messages. allows use of s/key in windows (ttssh, securecrt) and
4746 ssh-1.2.27 clients without 'ssh -v', ok: niels@
4747 - [sshd.8]
4748 -V, for fallback to openssh in SSH2 compatibility mode
4749 - [sshd.c]
4750 fix sigchld race; cjc5@po.cwru.edu
4751
Damien Miller294df781999-11-23 10:11:29 +1100475219991123
4753 - Added SuSE package files from Chris Saia <csaia@wtower.com>
Damien Miller3744b511999-11-23 11:24:32 +11004754 - Restructured package-related files under packages/*
Damien Miller294df781999-11-23 10:11:29 +11004755 - Added generic PAM config
Damien Miller3744b511999-11-23 11:24:32 +11004756 - Numerous little Solaris fixes
Damien Miller4d2f15f1999-11-23 12:36:29 +11004757 - Add recommendation to use GNU make to INSTALL document
Damien Miller294df781999-11-23 10:11:29 +11004758
Damien Miller22218721999-11-22 12:51:42 +1100475919991122
4760 - Make <enter> close gnome-ssh-askpass (Debian bug #50299)
Damien Miller83df0691999-11-22 13:22:29 +11004761 - OpenBSD CVS Changes
Damien Millere4340be2000-09-16 13:29:08 +11004762 - [ssh-keygen.c]
4763 don't create ~/.ssh only if the user wants to store the private
4764 key there. show fingerprint instead of public-key after
Damien Miller83df0691999-11-22 13:22:29 +11004765 keygeneration. ok niels@
Damien Millerb3ca3aa1999-11-22 13:57:07 +11004766 - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h
Damien Miller859cec01999-11-22 14:27:24 +11004767 - Added timersub() macro
Damien Millerb3ca3aa1999-11-22 13:57:07 +11004768 - Tidy RCSIDs of bsd-*.c
Damien Millere4340be2000-09-16 13:29:08 +11004769 - Added autoconf test and macro to deal with old PAM libraries
Damien Miller859cec01999-11-22 14:27:24 +11004770 pam_strerror definition (one arg vs two).
Damien Millerd71b12e1999-11-22 15:24:34 +11004771 - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>)
Damien Millere4340be2000-09-16 13:29:08 +11004772 - Retry /dev/urandom reads interrupted by signal (report from
Damien Millerd71b12e1999-11-22 15:24:34 +11004773 Robert Hardy <rhardy@webcon.net>)
Damien Millerd7702521999-11-22 16:11:05 +11004774 - Added a setenv replacement for systems which lack it
Damien Millerd733c911999-11-22 18:11:23 +11004775 - Only display public key comment when presenting ssh-askpass dialog
4776 - Released 1.2pre14
Damien Miller22218721999-11-22 12:51:42 +11004777
Damien Millere4340be2000-09-16 13:29:08 +11004778 - Configure, Make and changelog corrections from Tudor Bosman
Damien Millerf7c0f821999-11-22 22:31:49 +11004779 <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk>
4780
Damien Miller6162d121999-11-21 13:23:52 +1100478119991121
Damien Miller83df0691999-11-22 13:22:29 +11004782 - OpenBSD CVS Changes:
Damien Miller22218721999-11-22 12:51:42 +11004783 - [channels.c]
4784 make this compile, bad markus
4785 - [log.c readconf.c servconf.c ssh.h]
4786 bugfix: loglevels are per host in clientconfig,
4787 factor out common log-level parsing code.
4788 - [servconf.c]
4789 remove unused index (-Wall)
4790 - [ssh-agent.c]
4791 only one 'extern char *__progname'
4792 - [sshd.8]
4793 document SIGHUP, -Q to synopsis
4794 - [sshconnect.c serverloop.c sshd.c packet.c packet.h]
4795 [channels.c clientloop.c]
4796 SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
4797 [hope this time my ISP stays alive during commit]
4798 - [OVERVIEW README] typos; green@freebsd
4799 - [ssh-keygen.c]
4800 replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me)
4801 exit if writing the key fails (no infinit loop)
4802 print usage() everytime we get bad options
4803 - [ssh-keygen.c] overflow, djm@mindrot.org
4804 - [sshd.c] fix sigchld race; cjc5@po.cwru.edu
Damien Miller33804262001-02-04 23:20:18 +11004805
Damien Millerc6398ef1999-11-20 12:18:40 +1100480619991120
Damien Millere4340be2000-09-16 13:29:08 +11004807 - Merged more Solaris support from Marc G. Fournier
Damien Millerc6398ef1999-11-20 12:18:40 +11004808 <marc.fournier@acadiau.ca>
4809 - Wrote autoconf tests for integer bit-types
4810 - Fixed enabling kerberos support
Damien Millere4340be2000-09-16 13:29:08 +11004811 - Fix segfault in ssh-keygen caused by buffer overrun in filename
Damien Millerf58db381999-11-20 17:02:56 +11004812 handling.
Damien Millerc6398ef1999-11-20 12:18:40 +11004813
Damien Miller5bbbd361999-11-19 07:56:21 +1100481419991119
4815 - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com>
Damien Miller23b78391999-11-19 08:25:48 +11004816 - Merged OpenBSD CVS changes
4817 - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c]
4818 more %d vs. %s in fmt-strings
4819 - [authfd.c]
4820 Integers should not be printed with %s
Damien Miller58fc4731999-11-19 12:05:01 +11004821 - EGD uses a socket, not a named pipe. Duh.
4822 - Fix includes in fingerprint.c
Damien Millerdc9365b1999-11-19 12:34:14 +11004823 - Fix scp progress bar bug again.
Damien Millere4340be2000-09-16 13:29:08 +11004824 - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of
Damien Miller18ac1711999-11-19 12:43:19 +11004825 David Rankin <drankin@bohemians.lexington.ky.us>
Damien Miller80297751999-11-19 13:03:25 +11004826 - Added autoconf option to enable Kerberos 4 support (untested)
4827 - Added autoconf option to enable AFS support (untested)
4828 - Added autoconf option to enable S/Key support (untested)
4829 - Added autoconf option to enable TCP wrappers support (compiles OK)
Damien Miller04f80141999-11-19 15:32:34 +11004830 - Renamed BSD helper function files to bsd-*
Damien Millere4340be2000-09-16 13:29:08 +11004831 - Added tests for login and daemon and enable OpenBSD replacements for
Damien Millerdd1c7ba1999-11-19 15:53:20 +11004832 when they are absent.
4833 - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu>
Damien Miller5bbbd361999-11-19 07:56:21 +11004834
Damien Miller81428f91999-11-18 09:28:11 +1100483519991118
4836 - Merged OpenBSD CVS changes
4837 - [scp.c] foregroundproc() in scp
4838 - [sshconnect.h] include fingerprint.h
Damien Millere4340be2000-09-16 13:29:08 +11004839 - [sshd.c] bugfix: the log() for passwd-auth escaped during logging
Damien Miller81428f91999-11-18 09:28:11 +11004840 changes.
Damien Miller6ee95641999-11-18 11:35:13 +11004841 - [ssh.1] Spell my name right.
Damien Miller81428f91999-11-18 09:28:11 +11004842 - Added openssh.com info to README
4843
Damien Miller10f6f6b1999-11-17 17:29:08 +1100484419991117
4845 - Merged OpenBSD CVS changes
4846 - [ChangeLog.Ylonen] noone needs this anymore
4847 - [authfd.c] close-on-exec for auth-socket, ok deraadt
Damien Millere4340be2000-09-16 13:29:08 +11004848 - [hostfile.c]
4849 in known_hosts key lookup the entry for the bits does not need
4850 to match, all the information is contained in n and e. This
4851 solves the problem with buggy servers announcing the wrong
Damien Miller10f6f6b1999-11-17 17:29:08 +11004852 modulus length. markus and me.
Damien Millere4340be2000-09-16 13:29:08 +11004853 - [serverloop.c]
4854 bugfix: check for space if child has terminated, from:
Damien Miller10f6f6b1999-11-17 17:29:08 +11004855 iedowse@maths.tcd.ie
4856 - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
4857 [fingerprint.c fingerprint.h]
4858 rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
4859 - [ssh-agent.1] typo
4860 - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
Damien Millere4340be2000-09-16 13:29:08 +11004861 - [sshd.c]
Damien Miller10f6f6b1999-11-17 17:29:08 +11004862 force logging to stderr while loading private key file
4863 (lost while converting to new log-levels)
4864
Damien Miller7e8e8201999-11-16 13:37:16 +1100486519991116
4866 - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com>
4867 - Merged OpenBSD CVS changes:
4868 - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
4869 [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
4870 the keysize of rsa-parameter 'n' is passed implizit,
4871 a few more checks and warnings about 'pretended' keysizes.
4872 - [cipher.c cipher.h packet.c packet.h sshd.c]
4873 remove support for cipher RC4
4874 - [ssh.c]
4875 a note for legay systems about secuity issues with permanently_set_uid(),
4876 the private hostkey and ptrace()
4877 - [sshconnect.c]
4878 more detailed messages about adding and checking hostkeys
4879
Damien Millerd05a2471999-11-15 14:25:30 +1100488019991115
4881 - Merged OpenBSD CVS changes:
Damien Millere4340be2000-09-16 13:29:08 +11004882 - [ssh-add.c] change passphrase loop logic and remove ref to
Damien Millerd05a2471999-11-15 14:25:30 +11004883 $DISPLAY, ok niels
4884 - Changed to ssh-add.c broke askpass support. Revised it to be a little more
Damien Millere4340be2000-09-16 13:29:08 +11004885 modular.
Damien Millerd05a2471999-11-15 14:25:30 +11004886 - Revised autoconf support for enabling/disabling askpass support.
Damien Miller2ccf6611999-11-15 15:25:10 +11004887 - Merged more OpenBSD CVS changes:
Damien Millerbe484b52000-07-15 14:14:16 +10004888 [auth-krb4.c]
4889 - disconnect if getpeername() fails
4890 - missing xfree(*client)
4891 [canohost.c]
4892 - disconnect if getpeername() fails
4893 - fix comment: we _do_ disconnect if ip-options are set
4894 [sshd.c]
4895 - disconnect if getpeername() fails
4896 - move checking of remote port to central place
4897 [auth-rhosts.c] move checking of remote port to central place
4898 [log-server.c] avoid extra fd per sshd, from millert@
4899 [readconf.c] print _all_ bad config-options in ssh(1), too
4900 [readconf.h] print _all_ bad config-options in ssh(1), too
4901 [ssh.c] print _all_ bad config-options in ssh(1), too
4902 [sshconnect.c] disconnect if getpeername() fails
Damien Miller2ccf6611999-11-15 15:25:10 +11004903 - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
Damien Miller3bd49ec1999-11-15 15:40:55 +11004904 - Various small cleanups to bring diff (against OpenBSD) size down.
Damien Miller3f905871999-11-15 17:10:57 +11004905 - Merged more Solaris compability from Marc G. Fournier
4906 <marc.fournier@acadiau.ca>
4907 - Wrote autoconf tests for __progname symbol
Damien Millerf1aa21f2001-01-05 09:30:32 +11004908 - RPM spec file fixes from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller2e8b1c81999-11-15 23:33:56 +11004909 - Released 1.2pre12
4910
4911 - Another OpenBSD CVS update:
4912 - [ssh-keygen.1] fix .Xr
Damien Millerd05a2471999-11-15 14:25:30 +11004913
Damien Miller0a6e6681999-11-15 09:56:06 +1100491419991114
4915 - Solaris compilation fixes (still imcomplete)
4916
Damien Millerb0284381999-11-13 13:30:28 +1100491719991113
Damien Miller192bd011999-11-13 23:56:35 +11004918 - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk>
4919 - Don't install config files if they already exist
4920 - Fix inclusion of additional preprocessor directives from acconfig.h
Damien Millerb0284381999-11-13 13:30:28 +11004921 - Removed redundant inclusions of config.h
Damien Millerc6d5ce81999-11-15 16:01:07 +11004922 - Added 'Obsoletes' lines to RPM spec file
Damien Millerb0284381999-11-13 13:30:28 +11004923 - Merged OpenBSD CVS changes:
4924 - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
Damien Millere4340be2000-09-16 13:29:08 +11004925 - [scp.c] fix overflow reported by damien@ibs.com.au: off_t
Damien Millerb0284381999-11-13 13:30:28 +11004926 totalsize, ok niels,aaron
Damien Millere4340be2000-09-16 13:29:08 +11004927 - Delay fork (-f option) in ssh until after port forwarded connections
Damien Millerb0284381999-11-13 13:30:28 +11004928 have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi>
Damien Miller2cb210f1999-11-13 15:40:10 +11004929 - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de>
4930 - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled
Damien Miller192bd011999-11-13 23:56:35 +11004931 - Tidied default config file some more
4932 - Revised Redhat initscript to fix bug: sshd (re)start would fail
4933 if executed from inside a ssh login.
Damien Millerb0284381999-11-13 13:30:28 +11004934
Damien Miller776af5d1999-11-12 08:49:09 +1100493519991112
4936 - Merged changes from OpenBSD CVS
4937 - [sshd.c] session_key_int may be zero
Damien Miller32265091999-11-12 11:33:04 +11004938 - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
Damien Millere4340be2000-09-16 13:29:08 +11004939 IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
Damien Miller32265091999-11-12 11:33:04 +11004940 deraadt,millert
4941 - Brought default sshd_config more in line with OpenBSD's
Damien Millerb9a692d1999-11-12 12:09:36 +11004942 - Grab server in gnome-ssh-askpass (Debian bug #49872)
4943 - Released 1.2pre10
Damien Miller776af5d1999-11-12 08:49:09 +11004944
Damien Millerb5f89271999-11-12 14:35:58 +11004945 - Added INSTALL documentation
Damien Miller6d7b2cd1999-11-12 15:19:27 +11004946 - Merged yet more changes from OpenBSD CVS
4947 - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c]
4948 [ssh.c ssh.h sshconnect.c sshd.c]
4949 make all access to options via 'extern Options options'
4950 and 'extern ServerOptions options' respectively;
4951 options are no longer passed as arguments:
4952 * make options handling more consistent
4953 * remove #include "readconf.h" from ssh.h
4954 * readconf.h is only included if necessary
4955 - [mpaux.c] clear temp buffer
4956 - [servconf.c] print _all_ bad options found in configfile
Damien Miller3d1b22c1999-11-12 15:46:08 +11004957 - Make ssh-askpass support optional through autoconf
Damien Miller9c8da3c1999-11-12 16:28:02 +11004958 - Fix nasty division-by-zero error in scp.c
4959 - Released 1.2pre11
Damien Millerb5f89271999-11-12 14:35:58 +11004960
Damien Millerab18c411999-11-11 10:40:23 +1100496119991111
4962 - Added (untested) Entropy Gathering Daemon (EGD) support
Damien Miller4236f6e1999-11-12 12:22:31 +11004963 - Fixed /dev/urandom fd leak (Debian bug #49722)
Damien Miller33e511e1999-11-11 11:43:13 +11004964 - Merged OpenBSD CVS changes:
4965 - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
4966 - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
4967 - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
Damien Millere4340be2000-09-16 13:29:08 +11004968 - Fix integer overflow which was messing up scp's progress bar for large
Damien Millerc4c647f1999-12-18 20:54:52 +11004969 file transfers. Fix submitted to OpenBSD developers. Report and fix
4970 from Kees Cook <cook@cpoint.net>
Damien Miller5ce662a1999-11-11 17:57:39 +11004971 - Merged more OpenBSD CVS changes:
Damien Millere4340be2000-09-16 13:29:08 +11004972 - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
Damien Miller5ce662a1999-11-11 17:57:39 +11004973 + krb-cleanup cleanup
4974 - [clientloop.c log-client.c log-server.c ]
4975 [readconf.c readconf.h servconf.c servconf.h ]
4976 [ssh.1 ssh.c ssh.h sshd.8]
4977 add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
4978 obsoletes QuietMode and FascistLogging in sshd.
Damien Miller776af5d1999-11-12 08:49:09 +11004979 - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au:
4980 allow session_key_int != sizeof(session_key)
4981 [this should fix the pre-assert-removal-core-files]
4982 - Updated default config file to use new LogLevel option and to improve
4983 readability
4984
Damien Millerb77870f1999-11-10 12:48:08 +1100498519991110
Damien Miller4236f6e1999-11-12 12:22:31 +11004986 - Merged several minor fixes:
Damien Millerb77870f1999-11-10 12:48:08 +11004987 - ssh-agent commandline parsing
4988 - RPM spec file now installs ssh setuid root
4989 - Makefile creates libdir
Damien Millerab18c411999-11-11 10:40:23 +11004990 - Merged beginnings of Solaris compability from Marc G. Fournier
4991 <marc.fournier@acadiau.ca>
Damien Millerb77870f1999-11-10 12:48:08 +11004992
Damien Millerc7b38ce1999-11-09 10:28:04 +1100499319991109
4994 - Autodetection of SSL/Crypto library location via autoconf
4995 - Fixed location of ssh-askpass to follow autoconf
4996 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
4997 - Autodetection of RSAref library for US users
4998 - Minor doc updates
Damien Millerda217a01999-11-09 10:35:52 +11004999 - Merged OpenBSD CVS changes:
5000 - [rsa.c] bugfix: use correct size for memset()
5001 - [sshconnect.c] warn if announced size of modulus 'n' != real size
Damien Miller742d2cb1999-11-09 14:28:26 +11005002 - Added GNOME passphrase requestor (use --with-gnome-askpass)
Damien Miller3f51bf51999-11-09 14:46:02 +11005003 - RPM build now creates subpackages
Damien Miller74389c91999-11-09 15:03:01 +11005004 - Released 1.2pre9
Damien Millerc7b38ce1999-11-09 10:28:04 +11005005
Damien Miller356a0b01999-11-08 15:30:59 +1100500619991108
5007 - Removed debian/ directory. This is now being maintained separately.
5008 - Added symlinks for slogin in RPM spec file
5009 - Fixed permissions on manpages in RPM spec file
5010 - Added references to required libraries in README file
5011 - Removed config.h.in from CVS
5012 - Removed pwdb support (better pluggable auth is provided by glibc)
5013 - Made PAM and requisite libdl optional
5014 - Removed lots of unnecessary checks from autoconf
5015 - Added support and autoconf test for openpty() function (Unix98 pty support)
5016 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
5017 - Added TODO file
5018 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
5019 - Added ssh-askpass program
5020 - Added ssh-askpass support to ssh-add.c
5021 - Create symlinks for slogin on install
5022 - Fix "distclean" target in makefile
5023 - Added example for ssh-agent to manpage
5024 - Added support for PAM_TEXT_INFO messages
5025 - Disable internal /etc/nologin support if PAM enabled
5026 - Merged latest OpenBSD CVS changes:
Damien Millerfd7c9111999-11-08 16:15:55 +11005027 - [all] replace assert() with error, fatal or packet_disconnect
Damien Miller356a0b01999-11-08 15:30:59 +11005028 - [sshd.c] don't send fail-msg but disconnect if too many authentication
5029 failures
Damien Miller356a0b01999-11-08 15:30:59 +11005030 - [sshd.c] remove unused argument. ok dugsong
5031 - [sshd.c] typo
5032 - [rsa.c] clear buffers used for encryption. ok: niels
5033 - [rsa.c] replace assert() with error, fatal or packet_disconnect
Damien Miller5ac5f1c1999-11-08 15:50:14 +11005034 - [auth-krb4.c] remove unused argument. ok dugsong
Damien Miller356a0b01999-11-08 15:30:59 +11005035 - Fixed coredump after merge of OpenBSD rsa.c patch
Damien Millere8d90681999-11-08 18:09:57 +11005036 - Released 1.2pre8
Damien Miller356a0b01999-11-08 15:30:59 +11005037
Damien Miller0aa8e531999-11-02 19:05:02 +1100503819991102
5039 - Merged change from OpenBSD CVS
5040 - One-line cleanup in sshd.c
5041
Damien Miller744da801999-10-30 09:12:25 +1000504219991030
5043 - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com>
Damien Miller1e4772c1999-10-30 11:39:56 +10005044 - Merged latest updates for OpenBSD CVS:
5045 - channels.[ch] - remove broken x11 fix and document istate/ostate
5046 - ssh-agent.c - call setsid() regardless of argv[]
5047 - ssh.c - save a few lines when disabling rhosts-{rsa-}auth
5048 - Documentation cleanups
5049 - Renamed README -> README.Ylonen
5050 - Renamed README.openssh ->README
Damien Miller744da801999-10-30 09:12:25 +10005051
Damien Miller070f7a11999-10-29 10:29:29 +1000505219991029
5053 - Renamed openssh* back to ssh* at request of Theo de Raadt
5054 - Incorporated latest changes from OpenBSD's CVS
5055 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
5056 - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
Damien Miller07a826d1999-10-29 11:49:20 +10005057 - Make distclean now removed configure script
5058 - Improved PAM logging
5059 - Added some debug() calls for PAM
Damien Miller65b3c131999-10-29 12:37:01 +10005060 - Removed redundant subdirectories
Damien Millere4340be2000-09-16 13:29:08 +11005061 - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
Damien Miller65b3c131999-10-29 12:37:01 +10005062 building on Debian.
Damien Millerd0562b31999-10-29 13:09:40 +10005063 - Fixed off-by-one error in PAM env patch
5064 - Released 1.2pre6
Damien Miller070f7a11999-10-29 10:29:29 +10005065
Damien Miller7f6ea021999-10-28 13:25:17 +1000506619991028
5067 - Further PAM enhancements.
5068 - Much cleaner
5069 - Now uses account and session modules for all logins.
5070 - Integrated patch from Dan Brosemer <odin@linuxfreak.com>
5071 - Build fixes
5072 - Autoconf
5073 - Change binary names to open*
5074 - Fixed autoconf script to detect PAM on RH6.1
5075 - Added tests for libpwdb, and OpenBSD functions to autoconf
Damien Millereff18d61999-10-28 14:14:38 +10005076 - Released 1.2pre4
Damien Miller29b5a591999-10-28 15:46:27 +10005077
5078 - Imported latest OpenBSD CVS code
5079 - Updated README.openssh
Damien Miller34d0b611999-10-28 17:51:40 +10005080 - Released 1.2pre5
Damien Miller29b5a591999-10-28 15:46:27 +10005081
Damien Miller7f6ea021999-10-28 13:25:17 +1000508219991027
5083 - Adapted PAM patch.
5084 - Released 1.0pre2
Damien Millerd4a8b7e1999-10-27 13:42:43 +10005085
Damien Miller7f6ea021999-10-28 13:25:17 +10005086 - Excised my buggy replacements for strlcpy and mkdtemp
5087 - Imported correct OpenBSD strlcpy and mkdtemp routines.
5088 - Reduced arc4random_stir entropy read to 32 bytes (256 bits)
5089 - Picked up correct version number from OpenBSD
5090 - Added sshd.pam PAM configuration file
5091 - Added sshd.init Redhat init script
5092 - Added openssh.spec RPM spec file
5093 - Released 1.2pre3
Damien Millerd4a8b7e1999-10-27 13:42:43 +10005094
Damien Miller7f6ea021999-10-28 13:25:17 +1000509519991026
5096 - Fixed include paths of OpenSSL functions
5097 - Use OpenSSL MD5 routines
5098 - Imported RC4 code from nanocrypt
5099 - Wrote replacements for OpenBSD arc4random* functions
5100 - Wrote replacements for strlcpy and mkdtemp
5101 - Released 1.0pre1
Damien Millere9cf3572001-02-09 12:55:35 +11005102
Ben Lindstrom302ea6f2001-04-16 02:01:25 +00005103$Id: ChangeLog,v 1.1121 2001/04/16 02:01:25 mouring Exp $