blob: aa734bcd07d53984e66a641651961566135c66f5 [file] [log] [blame]
Ben Lindstrom44697232001-07-04 03:32:30 +0000120010704
2 - OpenBSD CVS Sync
3 - markus@cvs.openbsd.org 2001/06/25 08:25:41
4 [channels.c channels.h cipher.c clientloop.c compat.c compat.h
5 hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
6 session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
7 update copyright for 2001
Ben Lindstrombda98b02001-07-04 03:35:24 +00008 - markus@cvs.openbsd.org 2001/06/25 17:18:27
9 [ssh-keygen.1]
10 sshd(8) will never read the private keys, but ssh(1) does;
11 hugh@mimosa.com
Ben Lindstrom248c0782001-07-04 03:40:39 +000012 - provos@cvs.openbsd.org 2001/06/25 17:54:47
13 [auth.c auth.h auth-rsa.c]
14 terminate secure_filename checking after checking homedir. that way
Ben Lindstrom79073822001-07-04 03:42:30 +000015 it works on AFS. okay markus@
16 - stevesk@cvs.openbsd.org 2001/06/25 20:26:37
17 [auth2.c sshconnect2.c]
18 prototype cleanup; ok markus@
Ben Lindstromcd392282001-07-04 03:44:03 +000019 - markus@cvs.openbsd.org 2001/06/26 02:47:07
20 [ssh-keygen.c]
21 allow loading a private RSA key to a cyberflex card.
Ben Lindstromd94580c2001-07-04 03:48:02 +000022 - markus@cvs.openbsd.org 2001/06/26 04:07:06
23 [ssh-agent.1 ssh-agent.c]
24 add debug flag
Ben Lindstrom036a6b22001-07-04 03:50:02 +000025 - markus@cvs.openbsd.org 2001/06/26 04:59:59
26 [authfd.c authfd.h ssh-add.c]
27 initial support for smartcards in the agent
Ben Lindstromdb6b2762001-07-04 03:51:35 +000028 - markus@cvs.openbsd.org 2001/06/26 05:07:43
29 [ssh-agent.c]
30 update usage
Ben Lindstrom3f471632001-07-04 03:53:15 +000031 - markus@cvs.openbsd.org 2001/06/26 05:33:34
32 [ssh-agent.c]
33 more smartcard support.
Ben Lindstrom88a6b752001-07-04 03:55:21 +000034 - mpech@cvs.openbsd.org 2001/06/26 05:48:07
35 [sshd.8]
36 remove unnecessary .Pp between .It;
37 millert@ ok
Ben Lindstrom90279d82001-07-04 03:56:56 +000038 - markus@cvs.openbsd.org 2001/06/26 05:50:11
39 [auth2.c]
40 new interface for secure_filename()
Ben Lindstrom16ae3d02001-07-04 04:02:36 +000041 - itojun@cvs.openbsd.org 2001/06/26 06:32:58
42 [atomicio.h authfd.h authfile.h auth.h auth-options.h bufaux.h
43 buffer.h canohost.h channels.h cipher.h clientloop.h compat.h
44 compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.h
45 hostfile.h kex.h key.h log.h mac.h match.h misc.h mpaux.h packet.h
46 radix.h readconf.h readpass.h rsa.h]
47 prototype pedant. not very creative...
48 - () -> (void)
49 - no variable names
Ben Lindstromb4c774c2001-07-04 04:07:12 +000050 - itojun@cvs.openbsd.org 2001/06/26 06:33:07
51 [servconf.h serverloop.h session.h sftp-client.h sftp-common.h
52 sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h
53 ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h]
54 prototype pedant. not very creative...
55 - () -> (void)
56 - no variable names
Ben Lindstromec95ed92001-07-04 04:21:14 +000057 - dugsong@cvs.openbsd.org 2001/06/26 16:15:25
58 [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
59 servconf.c servconf.h session.c sshconnect1.c sshd.c]
60 Kerberos v5 support for SSH1, mostly from Assar Westerlund
61 <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
Ben Lindstrom5bf5d672001-07-04 04:31:38 +000062 - markus@cvs.openbsd.org 2001/06/26 17:25:34
63 [ssh.1]
64 document SSH_ASKPASS; fubob@MIT.EDU
Ben Lindstrom4cc240d2001-07-04 04:46:56 +000065 - markus@cvs.openbsd.org 2001/06/26 17:27:25
66 [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h
67 canohost.h channels.h cipher.h clientloop.h compat.h compress.h
68 crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h
69 hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h
70 packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h
71 session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h
72 sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h
73 tildexpand.h uidswap.h uuencode.h xmalloc.h]
74 remove comments from .h, since they are cut&paste from the .c files
75 and out of sync
Ben Lindstromeb7a84c2001-07-04 04:48:36 +000076 - dugsong@cvs.openbsd.org 2001/06/26 17:41:49
77 [servconf.c]
78 #include <kafs.h>
Ben Lindstrombddd5512001-07-04 04:53:53 +000079 - markus@cvs.openbsd.org 2001/06/26 20:14:11
80 [key.c key.h ssh.c sshconnect1.c sshconnect2.c]
81 add smartcard support to the client, too (now you can use both
82 the agent and the client).
83 - markus@cvs.openbsd.org 2001/06/27 02:12:54
84 [serverloop.c serverloop.h session.c session.h]
85 quick hack to make ssh2 work again.
Ben Lindstrom60260022001-07-04 04:56:44 +000086 - markus@cvs.openbsd.org 2001/06/27 04:48:53
87 [auth.c match.c sshd.8]
88 tridge@samba.org
Ben Lindstrom680b2762001-07-04 05:00:11 +000089 - markus@cvs.openbsd.org 2001/06/27 05:35:42
90 [ssh-keygen.c]
91 use cyberflex_inq_class to inquire class.
Ben Lindstromf7297dd2001-07-04 05:02:23 +000092 - markus@cvs.openbsd.org 2001/06/27 05:42:25
93 [rsa.c rsa.h ssh-agent.c ssh-keygen.c]
94 s/generate_additional_parameters/rsa_generate_additional_parameters/
95 http://www.humppa.com/
Ben Lindstrom44e49af2001-07-04 05:03:51 +000096 - markus@cvs.openbsd.org 2001/06/27 06:26:36
97 [ssh-add.c]
98 convert to getopt(3)
Ben Lindstrom511d69e2001-07-04 05:05:27 +000099 - stevesk@cvs.openbsd.org 2001/06/28 19:57:35
100 [ssh-keygen.c]
101 '\0' terminated data[] is ok; ok markus@
Ben Lindstrom7feba352001-07-04 05:06:59 +0000102 - markus@cvs.openbsd.org 2001/06/29 07:06:34
103 [ssh-keygen.c]
104 new error handling for cyberflex_*
Ben Lindstromd6e049c2001-07-04 05:08:39 +0000105 - markus@cvs.openbsd.org 2001/06/29 07:11:01
106 [ssh-keygen.c]
107 initialize early
Ben Lindstromdb47f382001-07-04 05:10:27 +0000108 - stevesk@cvs.openbsd.org 2001/06/29 18:38:44
109 [clientloop.c]
110 sync function definition with declaration; ok markus@
Ben Lindstrom11180952001-07-04 05:13:35 +0000111 - stevesk@cvs.openbsd.org 2001/06/29 18:40:28
112 [channels.c]
113 use socklen_t for getsockopt arg #5; ok markus@
Ben Lindstrom173e6462001-07-04 05:15:15 +0000114 - stevesk@cvs.openbsd.org 2001/06/30 18:08:40
115 [channels.c channels.h clientloop.c]
116 adress -> address; ok markus@
Ben Lindstrom4983d5e2001-07-04 05:17:40 +0000117 - markus@cvs.openbsd.org 2001/07/02 13:59:15
118 [serverloop.c session.c session.h]
119 wait until !session_have_children(); bugreport from
120 Lutz.Jaenicke@aet.TU-Cottbus.DE
Ben Lindstrom4f42d8c2001-07-04 05:19:27 +0000121 - markus@cvs.openbsd.org 2001/07/02 22:29:20
122 [readpass.c]
123 do not return NULL, use "" instead.
Ben Lindstrom00477642001-07-04 05:24:27 +0000124 - markus@cvs.openbsd.org 2001/07/02 22:40:18
125 [ssh-keygen.c]
126 update for sectok.h interface changes.
Ben Lindstrom809744e2001-07-04 05:26:06 +0000127 - markus@cvs.openbsd.org 2001/07/02 22:52:57
128 [channels.c channels.h serverloop.c]
129 improve cleanup/exit logic in ssh2:
130 stop listening to channels, detach channel users (e.g. sessions).
131 wait for children (i.e. dying sessions), send exit messages,
132 cleanup all channels.
Ben Lindstrom4cc240d2001-07-04 04:46:56 +0000133
Ben Lindstromdeacfcc2001-06-29 12:32:31 +000013420010629
135 - (bal) Removed net_aton() since we don't use it any more
Ben Lindstrom5d739a42001-06-29 12:35:12 +0000136 - (bal) Fixed _DISABLE_VPOSIX in readpassphrase.c.
Ben Lindstrom1cd6fef2001-06-29 12:39:23 +0000137 - (bal) Updated zlib's home. Thanks to David Howe <DaveHowe@gmx.co.uk>.
Kevin Steves78e83b32001-06-29 16:56:16 +0000138 - (stevesk) remove _REENTRANT #define
Kevin Steves9b26f962001-06-29 17:52:17 +0000139 - (stevesk) session.c: use u_int for envsize
Kevin Steves5cc6e922001-06-29 19:51:48 +0000140 - (stevesk) remove cli.[ch]
Ben Lindstromdeacfcc2001-06-29 12:32:31 +0000141
Damien Miller180207f2001-06-28 14:48:28 +100014220010628
143 - (djm) Sync openbsd-compat with -current libc
Damien Milleracf59e62001-06-28 20:23:14 +1000144 - (djm) Fix from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> for my
145 broken makefile
Ben Lindstrome6affc62001-06-28 23:27:37 +0000146 - (bal) Removed strtok_r() and inet_ntop() since they are no longer used.
147 - (bal) Remove getusershell() since it's no longer used.
Damien Miller180207f2001-06-28 14:48:28 +1000148
Damien Miller665af9c2001-06-27 09:34:15 +100014920010627
150 - (djm) Reintroduce pam_session call for non-pty sessions.
Damien Millerec9868a2001-06-27 15:36:43 +1000151 - (djm) Remove redundant and incorrect test for max auth attempts in
152 PAM kbdint code. Based on fix from Matthew Melvin
153 <matthewm@webcentral.com.au>
Damien Miller407548b2001-06-27 17:07:16 +1000154 - (djm) Rename sysconfdir/primes => sysconfdir/moduli
Damien Millerb5b0af42001-06-27 21:52:32 +1000155 - (djm) Oops, forgot make logic for primes=>moduli. Also try to rename
156 existing primes->moduli if it exists.
Damien Millerb90416b2001-06-27 23:26:38 +1000157 - (djm) Sync with -current openbsd-compat/readpassphrase.c:
158 - djm@cvs.openbsd.org 2001/06/27 13:23:30
159 typo, spotted by Tom Holroyd <tomh@po.crl.go.jp>; ok deraadt@
Damien Miller649d9992001-06-27 23:35:51 +1000160 - (djm) Turn up warnings if gcc or egcs detected
Kevin Steves6a7b0de2001-06-27 16:32:24 +0000161 - (stevesk) for HP-UX 11.X use X/Open socket interface;
162 pulls in modern socket prototypes and eliminates a number of compiler
163 warnings. see xopen_networking(7).
Kevin Steves37a777e2001-06-28 00:13:48 +0000164 - (stevesk) fix x11 forwarding from _PATH_XAUTH change
Kevin Steves315f8b72001-06-28 00:24:41 +0000165 - (stevesk) use X/Open socket interface for HP-UX 10.X also
Damien Miller665af9c2001-06-27 09:34:15 +1000166
Ben Lindstromb710f782001-06-25 04:32:38 +000016720010625
Ben Lindstrom07094e52001-06-25 03:59:43 +0000168 - OpenBSD CVS Sync
Ben Lindstrom488d8802001-06-25 04:24:49 +0000169 - markus@cvs.openbsd.org 2001/06/21 21:08:25
170 [session.c]
171 don't reset forced_command (we allow multiple login shells in
172 ssh2); dwd@bell-labs.com
Ben Lindstromd2bf0d62001-06-25 04:10:54 +0000173 - mpech@cvs.openbsd.org 2001/06/22 10:17:51
174 [ssh.1 sshd.8 ssh-keyscan.1]
175 o) .Sh AUTHOR -> .Sh AUTHORS;
176 o) remove unnecessary .Pp;
177 o) better -mdoc style;
178 o) typo;
179 o) sort SEE ALSO;
Ben Lindstromd2bf0d62001-06-25 04:10:54 +0000180 aaron@ ok
Ben Lindstrom93a29e02001-06-25 04:13:25 +0000181 - provos@cvs.openbsd.org 2001/06/22 21:27:08
182 [dh.c pathnames.h]
183 use /etc/moduli instead of /etc/primes, okay markus@
Ben Lindstromae1c51c2001-06-25 04:14:59 +0000184 - provos@cvs.openbsd.org 2001/06/22 21:28:53
185 [sshd.8]
186 document /etc/moduli
Ben Lindstromf96704d2001-06-25 04:17:12 +0000187 - markus@cvs.openbsd.org 2001/06/22 21:55:49
188 [auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
189 ssh-keygen.1]
190 merge authorized_keys2 into authorized_keys.
191 authorized_keys2 is used for backward compat.
192 (just append authorized_keys2 to authorized_keys).
Ben Lindstromaf738802001-06-25 04:18:59 +0000193 - provos@cvs.openbsd.org 2001/06/22 21:57:59
194 [dh.c]
195 increase linebuffer to deal with larger moduli; use rewind instead of
196 close/open
Ben Lindstrom488d8802001-06-25 04:24:49 +0000197 - markus@cvs.openbsd.org 2001/06/22 22:21:20
198 [sftp-server.c]
199 allow long usernames/groups in readdir
Ben Lindstrome586c4c2001-06-25 05:04:58 +0000200 - markus@cvs.openbsd.org 2001/06/22 23:35:21
Ben Lindstrom6ab64862001-06-25 04:26:55 +0000201 [ssh.c]
202 don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
Ben Lindstrom7d5ed3a2001-06-25 04:28:30 +0000203 - deraadt@cvs.openbsd.org 2001/06/23 00:16:16
204 [scp.c]
205 slightly better care
Ben Lindstrom83647ce2001-06-25 04:30:16 +0000206 - markus@cvs.openbsd.org 2001/06/23 00:20:57
207 [auth2.c auth.c auth.h auth-rh-rsa.c]
208 *known_hosts2 is obsolete for hostbased authentication and
209 only used for backward compat. merge ssh1/2 hostkey check
210 and move it to auth.c
Ben Lindstromb710f782001-06-25 04:32:38 +0000211 - deraadt@cvs.openbsd.org 2001/06/23 02:33:05
212 [sftp.1 sftp-server.8 ssh-keygen.1]
213 join .%A entries; most by bk@rt.fm
Ben Lindstromd6481ea2001-06-25 04:37:41 +0000214 - markus@cvs.openbsd.org 2001/06/23 02:34:33
215 [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
216 sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
217 get rid of known_hosts2, use it for hostkey lookup, but do not
218 modify.
Ben Lindstrom3c798d42001-06-25 04:39:22 +0000219 - markus@cvs.openbsd.org 2001/06/23 03:03:59
220 [sshd.8]
221 draft-ietf-secsh-dh-group-exchange-01.txt
Ben Lindstroma4789ef2001-06-25 04:40:49 +0000222 - markus@cvs.openbsd.org 2001/06/23 03:04:42
223 [auth2.c auth-rh-rsa.c]
224 restore correct ignore_user_known_hosts logic.
Ben Lindstrom5363aee2001-06-25 04:42:20 +0000225 - markus@cvs.openbsd.org 2001/06/23 05:26:02
226 [key.c]
227 handle sigature of size 0 (some broken clients send this).
Ben Lindstrom90fd0602001-06-25 04:45:33 +0000228 - deraadt@cvs.openbsd.org 2001/06/23 05:57:09
229 [sftp.1 sftp-server.8 ssh-keygen.1]
230 ok, tmac is now fixed
Ben Lindstrom34f91882001-06-25 04:47:54 +0000231 - markus@cvs.openbsd.org 2001/06/23 06:41:10
232 [ssh-keygen.c]
233 try to decode ssh-3.0.0 private rsa keys
234 (allow migration to openssh, not vice versa), #910
Ben Lindstrombba81212001-06-25 05:01:22 +0000235 - itojun@cvs.openbsd.org 2001/06/23 15:12:20
236 [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
237 canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
238 hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
239 readpass.c scp.c servconf.c serverloop.c session.c sftp.c
240 sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
241 ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
242 ssh-keygen.c ssh-keyscan.c]
243 more strict prototypes. raise warning level in Makefile.inc.
244 markus ok'ed
245 TODO; cleanup headers
Ben Lindstrome586c4c2001-06-25 05:04:58 +0000246 - markus@cvs.openbsd.org 2001/06/23 17:05:22
247 [ssh-keygen.c]
248 fix import for (broken?) ssh.com/f-secure private keys
249 (i tested > 1000 RSA keys)
Ben Lindstrom24643222001-06-25 05:08:11 +0000250 - itojun@cvs.openbsd.org 2001/06/23 17:48:18
251 [sftp.1 ssh.1 sshd.8 ssh-keyscan.1]
252 kill whitespace at EOL.
Ben Lindstrom98097862001-06-25 05:10:20 +0000253 - markus@cvs.openbsd.org 2001/06/23 19:12:43
254 [sshd.c]
255 pidfile/sigterm race; bbraun@synack.net
Ben Lindstrom05209452001-06-25 05:16:02 +0000256 - markus@cvs.openbsd.org 2001/06/23 22:37:46
257 [sshconnect1.c]
258 consistent with ssh2: skip key if empty passphrase is entered,
259 retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@
Ben Lindstromf0c50292001-06-25 05:17:53 +0000260 - markus@cvs.openbsd.org 2001/06/24 05:25:10
261 [auth-options.c match.c match.h]
262 move ip+hostname check to match.c
Ben Lindstrom949974b2001-06-25 05:20:31 +0000263 - markus@cvs.openbsd.org 2001/06/24 05:35:33
264 [readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
265 switch to readpassphrase(3)
266 2.7/8-stable needs readpassphrase.[ch] from libc
Ben Lindstrom126c56a2001-06-25 05:22:53 +0000267 - markus@cvs.openbsd.org 2001/06/24 05:47:13
268 [sshconnect2.c]
269 oops, missing format string
Ben Lindstrom491bbb82001-06-25 05:24:16 +0000270 - markus@cvs.openbsd.org 2001/06/24 17:18:31
271 [ttymodes.c]
272 passing modes works fine: debug2->3
Damien Miller2d5ac082001-06-25 17:07:59 +1000273 - (djm) -Wall fix for session.c
Damien Millerc8a38682001-06-25 18:09:16 +1000274 - (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and
275 Solaris
Ben Lindstrom07094e52001-06-25 03:59:43 +0000276
Kevin Steves82456952001-06-22 21:14:18 +000027720010622
278 - (stevesk) handle systems without pw_expire and pw_change.
279
Ben Lindstrom352b1c22001-06-21 03:04:37 +000028020010621
281 - OpenBSD CVS Sync
282 - markus@cvs.openbsd.org 2001/06/16 08:49:38
283 [misc.c]
284 typo; dunlap@apl.washington.edu
Ben Lindstrom83417a82001-06-21 03:07:27 +0000285 - markus@cvs.openbsd.org 2001/06/16 08:50:39
286 [channels.h]
287 bad //-style comment; thx to stevev@darkwing.uoregon.edu
Ben Lindstrom738f51e2001-06-21 03:08:58 +0000288 - markus@cvs.openbsd.org 2001/06/16 08:57:35
289 [scp.c]
290 no stdio or exit() in signal handlers.
Ben Lindstrom3af4d462001-06-21 03:11:27 +0000291 - markus@cvs.openbsd.org 2001/06/16 08:58:34
292 [misc.c]
293 copy pw_expire and pw_change, too.
Ben Lindstromc85ab8a2001-06-21 03:13:10 +0000294 - markus@cvs.openbsd.org 2001/06/19 12:34:09
295 [session.c]
296 cleanup forced command handling, from dwd@bell-labs.com
Ben Lindstrom699776e2001-06-21 03:14:49 +0000297 - markus@cvs.openbsd.org 2001/06/19 14:09:45
298 [session.c sshd.8]
299 disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
Ben Lindstrom0a7ca6c2001-06-21 03:17:42 +0000300 - markus@cvs.openbsd.org 2001/06/19 15:40:45
301 [session.c]
302 allocate and free at the same level.
Ben Lindstrom601e4362001-06-21 03:19:23 +0000303 - markus@cvs.openbsd.org 2001/06/20 13:56:39
304 [channels.c channels.h clientloop.c packet.c serverloop.c]
305 move from channel_stop_listening to channel_free_all,
306 call channel_free_all before calling waitpid() in serverloop.
307 fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE
Ben Lindstrom352b1c22001-06-21 03:04:37 +0000308
Kevin Steves974fb9c2001-06-15 00:04:23 +000030920010615
310 - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL
311 around grantpt().
Kevin Steves805cf5a2001-06-15 04:23:12 +0000312 - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now
Kevin Steves974fb9c2001-06-15 00:04:23 +0000313
Ben Lindstrom7a837222001-06-13 19:23:32 +000031420010614
315 - OpenBSD CVS Sync
316 - markus@cvs.openbsd.org 2001/06/13 09:10:31
317 [session.c]
318 typo, use pid not s->pid, mstone@cs.loyola.edu
319
Ben Lindstrom7eaf8e42001-06-13 04:35:43 +000032020010613
Ben Lindstrom7a837222001-06-13 19:23:32 +0000321 - OpenBSD CVS Sync
Ben Lindstrom7eaf8e42001-06-13 04:35:43 +0000322 - markus@cvs.openbsd.org 2001/06/12 10:58:29
323 [session.c]
324 merge session_free into session_close()
325 merge pty_cleanup_proc into session_pty_cleanup()
Ben Lindstrom49c12602001-06-13 04:37:36 +0000326 - markus@cvs.openbsd.org 2001/06/12 16:10:38
327 [session.c]
328 merge ssh1/ssh2 tty msg parse and alloc code
Ben Lindstrom16d45b32001-06-13 04:39:18 +0000329 - markus@cvs.openbsd.org 2001/06/12 16:11:26
330 [packet.c]
331 do not log() packet_set_maxsize
Ben Lindstrom2bcdf062001-06-13 04:41:41 +0000332 - markus@cvs.openbsd.org 2001/06/12 21:21:29
333 [session.c]
334 remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since
335 we do already trust $HOME/.ssh
336 you can use .ssh/sshrc and .ssh/environment if you want to customize
337 the location of the xauth cookies
Ben Lindstromc51ae1b2001-06-13 04:43:52 +0000338 - markus@cvs.openbsd.org 2001/06/12 21:30:57
339 [session.c]
340 unused
Ben Lindstrom7eaf8e42001-06-13 04:35:43 +0000341
Ben Lindstrom16c1bd62001-06-12 00:12:56 +000034220010612
Ben Lindstrom0a0c3a62001-06-12 00:15:57 +0000343 - scp.c ID update (upstream synced vfsprintf() from us)
344 - OpenBSD CVS Sync
Ben Lindstrom16c1bd62001-06-12 00:12:56 +0000345 - markus@cvs.openbsd.org 2001/06/10 11:29:20
346 [dispatch.c]
347 we support rekeying
348 protocol errors are fatal.
Ben Lindstrom88259fb2001-06-12 00:21:34 +0000349 - markus@cvs.openbsd.org 2001/06/11 10:18:24
350 [session.c]
351 reset pointer to NULL after xfree(); report from solar@openwall.com
Ben Lindstrom34a99682001-06-12 00:23:12 +0000352 - markus@cvs.openbsd.org 2001/06/11 16:04:38
353 [sshd.8]
354 typo; bdubreuil@crrel.usace.army.mil
Ben Lindstrom16c1bd62001-06-12 00:12:56 +0000355
Ben Lindstrom68c3ce12001-06-10 17:24:51 +000035620010611
357 - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller
358 <markm@swoon.net>
Ben Lindstromd7d7da12001-06-10 17:35:45 +0000359 - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t
360 types. Patch by Jan IVEN <Jan.Iven@cern.ch>
Ben Lindstrom0b355722001-06-10 17:43:35 +0000361 - (bal) Fixed Makefile.in so that 'configure; make install' works.
Ben Lindstrom68c3ce12001-06-10 17:24:51 +0000362
Ben Lindstromd1aed9c2001-06-10 00:41:18 +000036320010610
364 - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c
365
Ben Lindstrome6455ae2001-06-09 00:17:10 +000036620010609
367 - OpenBSD CVS Sync
368 - markus@cvs.openbsd.org 2001/05/30 12:55:13
369 [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
370 packet.c serverloop.c session.c ssh.c ssh1.h]
371 channel layer cleanup: merge header files and split .c files
Ben Lindstrom5ec26452001-06-09 00:18:51 +0000372 - markus@cvs.openbsd.org 2001/05/30 15:20:10
373 [ssh.c]
374 merge functions, simplify.
Ben Lindstromc7637672001-06-09 00:36:26 +0000375 - markus@cvs.openbsd.org 2001/05/31 10:30:17
376 [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
377 packet.c serverloop.c session.c ssh.c]
378 undo the .c file split, just merge the header and keep the cvs
379 history
Ben Lindstrome9c99912001-06-09 00:41:05 +0000380 - (bal) Channels.c and Channels.h -- "Merge Functions, simplify" (draged
381 out of ssh Attic)
Ben Lindstromc4b72252001-06-09 01:09:51 +0000382 - (bal) Ooops.. nchan.c (and remove nchan.h) resync from OpenBSD ssh
383 Attic.
384 - OpenBSD CVS Sync
385 - markus@cvs.openbsd.org 2001/05/31 13:08:04
386 [sshd_config]
387 group options and add some more comments
Ben Lindstrom838394c2001-06-09 01:11:59 +0000388 - markus@cvs.openbsd.org 2001/06/03 14:55:39
389 [channels.c channels.h session.c]
390 use fatal_register_cleanup instead of atexit, sync with x11 authdir
391 handling
Ben Lindstrom2a097a42001-06-09 01:13:40 +0000392 - markus@cvs.openbsd.org 2001/06/03 19:36:44
393 [ssh-keygen.1]
394 1-2 bits of entrophy per character (not per word), ok stevesk@
Ben Lindstrom9cc94642001-06-09 01:15:11 +0000395 - markus@cvs.openbsd.org 2001/06/03 19:38:42
396 [scp.c]
397 pass -v to ssh; from slade@shore.net
Ben Lindstrom742e89e2001-06-09 01:17:23 +0000398 - markus@cvs.openbsd.org 2001/06/03 20:06:11
399 [auth2-chall.c]
400 the challenge response device decides how to handle non-existing
401 users.
402 -> fake challenges for skey and cryptocard
Ben Lindstrom983c0982001-06-09 01:20:06 +0000403 - markus@cvs.openbsd.org 2001/06/04 21:59:43
404 [channels.c channels.h session.c]
405 switch uid when cleaning up tmp files and sockets; reported by
406 zen-parse@gmx.net on bugtraq
Ben Lindstromec46e0b2001-06-09 01:27:31 +0000407 - markus@cvs.openbsd.org 2001/06/04 23:07:21
408 [clientloop.c serverloop.c sshd.c]
409 set flags in the signal handlers, do real work in the main loop,
410 ok provos@
Ben Lindstrom768176b2001-06-09 01:29:12 +0000411 - markus@cvs.openbsd.org 2001/06/04 23:16:16
412 [session.c]
413 merge ssh1/2 x11-fwd setup, create listener after tmp-dir
Ben Lindstroma238f6e2001-06-09 01:30:39 +0000414 - pvalchev@cvs.openbsd.org 2001/06/05 05:05:39
415 [ssh-keyscan.1 ssh-keyscan.c]
416 License clarification from David Mazieres, ok deraadt@
Ben Lindstromdf4981b2001-06-09 01:32:29 +0000417 - markus@cvs.openbsd.org 2001/06/05 10:24:32
418 [channels.c]
419 don't delete the auth socket in channel_stop_listening()
420 auth_sock_cleanup_proc() will take care of this.
Ben Lindstromcb3929d2001-06-09 01:34:15 +0000421 - markus@cvs.openbsd.org 2001/06/05 16:46:19
422 [session.c]
423 let session_close() delete the pty. deny x11fwd if xauthfile is set.
Ben Lindstromc66d4362001-06-09 01:36:21 +0000424 - markus@cvs.openbsd.org 2001/06/06 23:13:54
425 [ssh-dss.c ssh-rsa.c]
426 cleanup, remove old code
Ben Lindstrom5acb5d02001-06-09 01:38:24 +0000427 - markus@cvs.openbsd.org 2001/06/06 23:19:35
428 [ssh-add.c]
429 remove debug message; Darren.Moffat@eng.sun.com
Ben Lindstrom9d0c0662001-06-09 01:40:00 +0000430 - markus@cvs.openbsd.org 2001/06/07 19:57:53
431 [auth2.c]
432 style is used for bsdauth.
433 disconnect on user/service change (ietf-drafts)
Ben Lindstrom664408d2001-06-09 01:42:01 +0000434 - markus@cvs.openbsd.org 2001/06/07 20:23:05
435 [authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
436 sshconnect.c sshconnect1.c]
437 use xxx_put_cstring()
Ben Lindstrom4d3f2272001-06-09 01:44:07 +0000438 - markus@cvs.openbsd.org 2001/06/07 22:25:02
439 [session.c]
440 don't overwrite errno
441 delay deletion of the xauth cookie
Ben Lindstrom1bf11f62001-06-09 01:48:01 +0000442 - markus@cvs.openbsd.org 2001/06/08 15:25:40
443 [includes.h pathnames.h readconf.c servconf.c]
444 move the path for xauth to pathnames.h
Ben Lindstrom23fec142001-06-09 02:16:28 +0000445 - (bal) configure.in fix for Tru64 (forgeting to reset $LIB)
Ben Lindstromb30768f2001-06-09 02:22:16 +0000446 - (bal) ANSIify strmode()
Ben Lindstrom9841b0a2001-06-09 02:26:58 +0000447 - (bal) --with-catman should be --with-mantype patch by Dave
448 Dykstra <dwd@bell-labs.com>
Ben Lindstrom1bf11f62001-06-09 01:48:01 +0000449
Ben Lindstromc4bcb7d2001-06-05 18:39:10 +000045020010606
Ben Lindstrome6455ae2001-06-09 00:17:10 +0000451 - OpenBSD CVS Sync
452 - markus@cvs.openbsd.org 2001/05/17 21:34:15
453 [ssh.1]
Ben Lindstromc4bcb7d2001-06-05 18:39:10 +0000454 no spaces in PreferredAuthentications;
Ben Lindstrom551ea372001-06-05 18:56:16 +0000455 meixner@rbg.informatik.tu-darmstadt.de
456 - markus@cvs.openbsd.org 2001/05/18 14:13:29
457 [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c
458 readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
459 improved kbd-interactive support. work by per@appgate.com and me
Ben Lindstrom7d68fbf2001-06-05 19:29:20 +0000460 - djm@cvs.openbsd.org 2001/05/19 00:36:40
461 [session.c]
462 Disable X11 forwarding if xauth binary is not found. Patch from Nalin
463 Dahyabhai <nalin@redhat.com>; ok markus@
Ben Lindstrom7bad55b2001-06-05 19:31:41 +0000464 - markus@cvs.openbsd.org 2001/05/19 16:05:41
465 [scp.c]
466 ftruncate() instead of open()+O_TRUNC like rcp.c does
467 allows scp /path/to/file localhost:/path/to/file
Ben Lindstrom608d1d12001-06-05 19:33:22 +0000468 - markus@cvs.openbsd.org 2001/05/19 16:08:43
469 [sshd.8]
470 sort options; Matthew.Stier@fnc.fujitsu.com
Ben Lindstrom1bfe2912001-06-05 19:37:25 +0000471 - markus@cvs.openbsd.org 2001/05/19 16:32:16
472 [ssh.1 sshconnect2.c]
473 change preferredauthentication order to
474 publickey,hostbased,password,keyboard-interactive
475 document that hostbased defaults to no, document order
Ben Lindstrombd0e2de2001-06-05 19:52:52 +0000476 - markus@cvs.openbsd.org 2001/05/19 16:46:19
477 [ssh.1 sshd.8]
478 document MACs defaults with .Dq
Ben Lindstrom1bda4c82001-06-05 19:59:08 +0000479 - stevesk@cvs.openbsd.org 2001/05/19 19:43:57
480 [misc.c misc.h servconf.c sshd.8 sshd.c]
481 sshd command-line arguments and configuration file options that
482 specify time may be expressed using a sequence of the form:
483 time[qualifier], where time is a positive integer value and qualifier
484 is one of the following:
485 <none>,s,m,h,d,w
486 Examples:
487 600 600 seconds (10 minutes)
488 10m 10 minutes
489 1h30m 1 hour 30 minutes (90 minutes)
490 ok markus@
Ben Lindstrome2595442001-06-05 20:01:39 +0000491 - stevesk@cvs.openbsd.org 2001/05/19 19:57:09
492 [channels.c]
493 typo in error message
Ben Lindstrome6455ae2001-06-09 00:17:10 +0000494 - markus@cvs.openbsd.org 2001/05/20 17:20:36
Ben Lindstrombfb3a0e2001-06-05 20:25:05 +0000495 [auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8
496 sshd_config]
497 configurable authorized_keys{,2} location; originally from peter@;
498 ok djm@
Ben Lindstrom60567ff2001-06-05 20:27:53 +0000499 - markus@cvs.openbsd.org 2001/05/24 11:12:42
500 [auth.c]
501 fix comment; from jakob@
Ben Lindstrom2b1f71b2001-06-05 20:32:21 +0000502 - stevesk@cvs.openbsd.org 2001/05/24 18:57:53
503 [clientloop.c readconf.c ssh.c ssh.h]
504 don't perform escape processing when ``EscapeChar none''; ok markus@
Ben Lindstromd78ae762001-06-05 20:35:09 +0000505 - markus@cvs.openbsd.org 2001/05/25 14:37:32
506 [ssh-keygen.c]
507 use -P for -e and -y, too.
Ben Lindstrom3b89c5e2001-06-05 20:44:16 +0000508 - markus@cvs.openbsd.org 2001/05/28 08:04:39
509 [ssh.c]
510 fix usage()
Ben Lindstrom322915d2001-06-05 20:46:32 +0000511 - markus@cvs.openbsd.org 2001/05/28 10:08:55
512 [authfile.c]
513 key_load_private: set comment to filename for PEM keys
Ben Lindstroma3828d42001-06-05 20:50:16 +0000514 - markus@cvs.openbsd.org 2001/05/28 22:51:11
515 [cipher.c cipher.h]
516 simpler 3des for ssh1
Ben Lindstromc0dee1a2001-06-05 20:52:50 +0000517 - markus@cvs.openbsd.org 2001/05/28 23:14:49
518 [channels.c channels.h nchan.c]
519 undo broken channel fix and try a different one. there
520 should be still some select errors...
Ben Lindstrom4c247552001-06-05 20:56:47 +0000521 - markus@cvs.openbsd.org 2001/05/28 23:25:24
522 [channels.c]
523 cleanup, typo
Ben Lindstrom80c6d772001-06-05 21:09:18 +0000524 - markus@cvs.openbsd.org 2001/05/28 23:58:35
525 [packet.c packet.h sshconnect.c sshd.c]
526 remove some lines, simplify.
Ben Lindstrom2d0356f2001-06-05 21:13:57 +0000527 - markus@cvs.openbsd.org 2001/05/29 12:31:27
528 [authfile.c]
529 typo
Ben Lindstrom551ea372001-06-05 18:56:16 +0000530
Tim Rice36fb6e52001-05-28 10:17:34 -070053120010528
532 - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c
533 Patch by Corinna Vinschen <vinschen@redhat.com>
534
Ben Lindstromabbb73d2001-05-17 03:14:57 +000053520010517
536 - OpenBSD CVS Sync
537 - markus@cvs.openbsd.org 2001/05/12 19:53:13
538 [sftp-server.c]
539 readlink does not NULL-terminate; mhe@home.se
Ben Lindstrom71215072001-05-17 03:16:18 +0000540 - deraadt@cvs.openbsd.org 2001/05/15 22:04:01
541 [ssh.1]
542 X11 forwarding details improved
Ben Lindstrom06b08012001-05-17 03:17:55 +0000543 - markus@cvs.openbsd.org 2001/05/16 20:51:57
544 [authfile.c]
545 return comments for private pem files, too; report from nolan@naic.edu
Ben Lindstromc8b3f472001-05-17 03:19:40 +0000546 - markus@cvs.openbsd.org 2001/05/16 21:53:53
547 [clientloop.c]
548 check for open sessions before we call select(); fixes the x11 client
549 bug reported by bowman@math.ualberta.ca
Ben Lindstromb6147ab2001-05-17 03:21:27 +0000550 - markus@cvs.openbsd.org 2001/05/16 22:09:21
551 [channels.c nchan.c]
552 more select() error fixes (don't set rfd/wfd to -1).
Ben Lindstromca60a9b2001-05-17 03:32:50 +0000553 - (bal) Enabled USE_PIPES for Cygwin on Corinna Vinschen <vinschen@redhat.com>
Ben Lindstromb467ddb2001-05-17 03:40:05 +0000554 - (bal) Corrected on_exit() emulation via atexit().
Ben Lindstromabbb73d2001-05-17 03:14:57 +0000555
Ben Lindstromc93e84c2001-05-12 00:08:37 +000055620010512
557 - OpenBSD CVS Sync
558 - markus@cvs.openbsd.org 2001/05/11 14:59:56
559 [clientloop.c misc.c misc.h]
560 add unset_nonblock for stdout/err flushing in client_loop().
Ben Lindstrom6ef39642001-05-12 16:50:50 +0000561 - (bal) Patch to partial sync up contrib/solaris/ packaging software.
562 Patch by pete <ninjaz@webexpress.com>
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000563
Ben Lindstrom6d618462001-05-10 23:24:49 +000056420010511
565 - OpenBSD CVS Sync
566 - markus@cvs.openbsd.org 2001/05/09 22:51:57
567 [channels.c]
568 fix -R for protocol 2, noticed by greg@nest.cx.
569 bug was introduced with experimental dynamic forwarding.
Ben Lindstromddb4f242001-05-10 23:26:11 +0000570 - markus@cvs.openbsd.org 2001/05/09 23:01:31
571 [rijndael.h]
572 fix prototype; J.S.Peatfield@damtp.cam.ac.uk
Ben Lindstrom6d618462001-05-10 23:24:49 +0000573
Ben Lindstrome487d842001-05-08 20:05:44 +000057420010509
575 - OpenBSD CVS Sync
576 - markus@cvs.openbsd.org 2001/05/06 21:23:31
577 [cli.c]
578 cli_read() fails to catch SIGINT + overflow; from obdb@zzlevo.net
Ben Lindstrom69128662001-05-08 20:07:39 +0000579 - markus@cvs.openbsd.org 2001/05/08 19:17:31
Ben Lindstroma69d89b2001-05-09 00:01:18 +0000580 [channels.c serverloop.c clientloop.c]
Ben Lindstrom69128662001-05-08 20:07:39 +0000581 adds correct error reporting to async connect()s
582 fixes the server-discards-data-before-connected-bug found by
583 onoe@sm.sony.co.jp
Ben Lindstrom387c4722001-05-08 20:27:25 +0000584 - mouring@cvs.openbsd.org 2001/05/08 19:45:25
585 [misc.c misc.h scp.c sftp.c]
586 Use addargs() in sftp plus some clean up of addargs(). OK Markus
Ben Lindstrom23fedf52001-05-08 23:58:37 +0000587 - markus@cvs.openbsd.org 2001/05/06 21:45:14
588 [clientloop.c]
589 use atomicio for flushing stdout/stderr bufs. thanks to
590 jbw@izanami.cee.hw.ac.uk
Ben Lindstrom56b9d452001-05-09 00:02:52 +0000591 - markus@cvs.openbsd.org 2001/05/08 22:48:07
592 [atomicio.c]
593 no need for xmalloc.h, thanks to espie@
Ben Lindstrom97c677d2001-05-08 20:33:05 +0000594 - (bal) UseLogin patch for Solaris/UNICOS. Patch by Wayne Davison
595 <wayne@blorf.net>
Ben Lindstrom72af2ef2001-05-08 20:42:28 +0000596 - (bal) ./configure support to disable SIA on OSF1. Patch by
597 Chris Adams <cmadams@hiwaay.net>
Ben Lindstrom6aebb342001-05-09 00:38:19 +0000598 - (bal) Updates from the Sony NEWS-OS platform by NAKAJI Hiroyuki
599 <nakaji@tutrp.tut.ac.jp>
Ben Lindstrome487d842001-05-08 20:05:44 +0000600
Ben Lindstrom253effb2001-05-07 12:54:26 +000060120010508
602 - (bal) Fixed configure test for USE_SIA.
603
Damien Miller5bf5f2c2001-05-06 10:54:15 +100060420010506
605 - (djm) Update config.guess and config.sub with latest versions (from
606 ftp://ftp.gnu.org/gnu/config/) to allow configure on ia64-hpux.
607 Suggested by Jason Mader <jason@ncac.gwu.edu>
Ben Lindstrom5428bea2001-05-06 02:53:25 +0000608 - (bal) White Space and #ifdef sync with OpenBSD
Ben Lindstrom93d1fe82001-05-06 02:57:20 +0000609 - (bal) Add 'seed_rng()' to ssh-add.c
Ben Lindstromf2786132001-05-06 18:01:43 +0000610 - (bal) CVS ID updates for readpass.c, readpass.h, cli.c, and cli.h
Ben Lindstromaafff9c2001-05-06 03:01:02 +0000611 - OpenBSD CVS Sync
612 - stevesk@cvs.openbsd.org 2001/05/05 13:42:52
613 [sftp.1 ssh-add.1 ssh-keygen.1]
614 typos, grammar
Damien Miller5bf5f2c2001-05-06 10:54:15 +1000615
Ben Lindstromf0609f82001-05-04 22:38:43 +000061620010505
617 - OpenBSD CVS Sync
618 - stevesk@cvs.openbsd.org 2001/05/04 14:21:56
619 [ssh.1 sshd.8]
620 typos
Ben Lindstromc8cb8c02001-05-04 22:40:28 +0000621 - markus@cvs.openbsd.org 2001/05/04 14:34:34
622 [channels.c]
Damien Miller5bf5f2c2001-05-06 10:54:15 +1000623 channel_new() reallocs channels[], we cannot use Channel *c after
624 calling channel_new(), XXX fix this in the future...
Ben Lindstrom99c73b32001-05-05 04:09:47 +0000625 - markus@cvs.openbsd.org 2001/05/04 23:47:34
626 [channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c]
627 move to Channel **channels (instead of Channel *channels), fixes realloc
628 problems. channel_new now returns a Channel *, favour Channel * over
629 channel id. remove old channel_allocate interface.
Ben Lindstromf0609f82001-05-04 22:38:43 +0000630
Ben Lindstrom2b451802001-05-03 22:35:32 +000063120010504
632 - OpenBSD CVS Sync
633 - stevesk@cvs.openbsd.org 2001/05/03 15:07:39
634 [channels.c]
635 typo in debug() string
Ben Lindstrom60402fd2001-05-03 22:37:26 +0000636 - markus@cvs.openbsd.org 2001/05/03 15:45:15
637 [session.c]
638 exec shell -c /bin/sh .ssh/sshrc, from abartlet@pcug.org.au
Ben Lindstroma6218b82001-05-03 22:39:11 +0000639 - stevesk@cvs.openbsd.org 2001/05/03 21:43:01
640 [servconf.c]
641 remove "\n" from fatal()
Ben Lindstrom4529b702001-05-03 23:39:53 +0000642 - mouring@cvs.openbsd.org 2001/05/03 23:09:53
643 [misc.c misc.h scp.c sftp.c]
644 Move colon() and cleanhost() to misc.c where I should I have put it in
645 the first place
Ben Lindstrom834417a2001-05-03 22:45:21 +0000646 - (bal) Updated Cygwin README by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom3524d692001-05-03 22:59:24 +0000647 - (bal) Avoid socket file security issues in ssh-agent for Cygwin.
648 Patch by Egor Duda <deo@logos-m.ru>
Ben Lindstrom2b451802001-05-03 22:35:32 +0000649
Ben Lindstrom8a137132001-05-02 22:40:12 +000065020010503
651 - OpenBSD CVS Sync
652 - markus@cvs.openbsd.org 2001/05/02 16:41:20
653 [ssh-add.c]
654 fix prompt for ssh-add.
655
Ben Lindstrom6d849312001-05-02 01:30:32 +000065620010502
657 - OpenBSD CVS Sync
658 - mouring@cvs.openbsd.org 2001/05/02 01:25:39
659 [readpass.c]
660 Put the 'const' back into ssh_askpass() function. Pointed out
661 by Mark Miller <markm@swoon.net>. OK Markus
662
Ben Lindstrome0f88042001-04-30 13:06:24 +000066320010501
664 - OpenBSD CVS Sync
665 - markus@cvs.openbsd.org 2001/04/30 11:18:52
666 [readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
667 implement 'ssh -b bind_address' like 'telnet -b'
Ben Lindstrom8c963922001-04-30 23:06:57 +0000668 - markus@cvs.openbsd.org 2001/04/30 15:50:46
669 [compat.c compat.h kex.c]
670 allow interop with weaker key generation used by ssh-2.0.x, x < 10
Ben Lindstromaebd0b62001-04-30 23:09:45 +0000671 - markus@cvs.openbsd.org 2001/04/30 16:02:49
672 [compat.c]
673 ssh-2.0.10 has the weak-key-bug, too.
Tim Rice67bf50e2001-04-30 11:00:11 -0700674 - (tim) [contrib/caldera/openssh.spec] add Requires line for Caldera 3.1
Ben Lindstrome0f88042001-04-30 13:06:24 +0000675
Tim Rice45344922001-04-29 18:01:51 -070067620010430
Ben Lindstrom2f0304c2001-04-29 19:49:14 +0000677 - OpenBSD CVS Sync
678 - markus@cvs.openbsd.org 2001/04/29 18:32:52
679 [serverloop.c]
680 fix whitespace
Ben Lindstromf3436742001-04-29 19:52:00 +0000681 - markus@cvs.openbsd.org 2001/04/29 19:16:52
682 [channels.c clientloop.c compat.c compat.h serverloop.c]
683 more ssh.com-2.0.x bug-compat; from per@appgate.com
Tim Rice45344922001-04-29 18:01:51 -0700684 - (tim) New version of mdoc2man.pl from Mark D. Roth <roth+openssh@feep.net>
Damien Miller8a188a82001-04-30 13:55:37 +1000685 - (djm) Add .cvsignore files, suggested by Wayne Davison <wayne@blorf.net>
Ben Lindstrom2f0304c2001-04-29 19:49:14 +0000686
Ben Lindstroma4c02d82001-04-28 16:32:10 +000068720010429
688 - (bal) Updated INSTALL. PCRE moved to a new place.
Damien Millerd2401222001-04-29 20:45:50 +1000689 - (djm) Release OpenSSH-2.9p1
Ben Lindstroma4c02d82001-04-28 16:32:10 +0000690
Ben Lindstrom4468b262001-04-26 23:03:37 +000069120010427
692 - (bal) Fixed uidswap.c so it should work on non-posix complient systems.
693 patch based on 2.5.2 version by djm.
Ben Lindstrom38862182001-04-27 00:31:07 +0000694 - (bal) Build manpages and config files once unless changed. Patch by
695 Carson Gaspar <carson@taltos.org>
Ben Lindstrome39867d2001-04-27 00:34:44 +0000696 - (bal) arpa/nameser.h does not exist on Cygwin. Patch by Corinna
697 Vinschen <vinschen@redhat.com>
Ben Lindstrom26f33892001-04-27 00:46:17 +0000698 - (bal) Add /etc/sysconfig/sshd support to redhat's sshd.init. Patch by
699 Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom0f853482001-04-27 02:10:15 +0000700 - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen
701 <vinschen@redhat.com>
Ben Lindstrombb346252001-04-27 02:15:00 +0000702 - (bal) version.h synced, RPM specs updated for 2.9
Tim Ricea8c7a622001-04-26 22:50:48 -0700703 - (tim) update contrib/caldera files with what Caldera is using.
704 <sps@caldera.de>
Ben Lindstrom4468b262001-04-26 23:03:37 +0000705
Ben Lindstrom46c264f2001-04-24 16:56:58 +000070620010425
707 - OpenBSD CVS Sync
708 - markus@cvs.openbsd.org 2001/04/23 21:57:07
709 [ssh-keygen.1 ssh-keygen.c]
710 allow public key for -e, too
Ben Lindstrom30358602001-04-24 16:59:28 +0000711 - markus@cvs.openbsd.org 2001/04/23 22:14:13
712 [ssh-keygen.c]
713 remove debug
Ben Lindstrom768f9752001-04-25 06:27:11 +0000714 - (bal) Whitespace resync w/ OpenBSD for uidswap.c
Damien Millerf8154422001-04-25 22:44:14 +1000715 - (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt'
716 (default: off), implies KbdInteractiveAuthentication. Suggestion from
717 markus@
Damien Millerda2ed562001-04-25 22:50:18 +1000718 - (djm) Include crypt.h if available in auth-passwd.c
Tim Rice07183b82001-04-25 21:40:28 -0700719 - tim@mindrot.org 2001/04/25 21:38:01 [configure.in]
720 man page detection fixes for SCO
Ben Lindstrom46c264f2001-04-24 16:56:58 +0000721
Ben Lindstromc65e6a02001-04-23 13:02:16 +000072220010424
723 - OpenBSD CVS Sync
724 - markus@cvs.openbsd.org 2001/04/22 23:58:36
725 [ssh-keygen.1 ssh.1 sshd.8]
726 document hostbased and other cleanup
Kevin Steves265fb442001-04-23 17:55:26 +0000727 - (stevesk) start_pam() doesn't use DNS now for sshd -u0.
Kevin Steves706e7a92001-04-23 18:38:37 +0000728 - (stevesk) auth-pam.c: use PERMIT_NO_PASSWD
Ben Lindstrom34328342001-04-23 22:39:42 +0000729 - (bal) sys/queue.h is bogus for NCR platform. Patch by Daniel Carroll
730 <dan@mesastate.edu>
Ben Lindstrom4adb0912001-04-24 00:03:58 +0000731 - (bal) Fixed contrib/postinstall.in. Patch by wsanders@wsanders.net
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000732
Ben Lindstromee2786a2001-04-22 17:08:00 +000073320010422
734 - OpenBSD CVS Sync
735 - markus@cvs.openbsd.org 2001/04/20 16:32:22
736 [uidswap.c]
737 set non-privileged gid before uid; tholo@ and deraadt@
Ben Lindstrom8376ac32001-04-22 17:10:11 +0000738 - mouring@cvs.openbsd.org 2001/04/21 00:55:57
739 [sftp.1]
740 Spelling
Ben Lindstromf8d24572001-04-22 17:11:56 +0000741 - djm@cvs.openbsd.org 2001/04/22 08:13:30
742 [ssh.1]
743 typos spotted by stevesk@; ok deraadt@
Ben Lindstrom4eda71d2001-04-22 17:13:20 +0000744 - markus@cvs.openbsd.org 2001/04/22 12:34:05
745 [scp.c]
746 scp > 2GB; niles@scyld.com; ok deraadt@, djm@
Ben Lindstrom5a707822001-04-22 17:15:46 +0000747 - markus@cvs.openbsd.org 2001/04/22 13:25:37
748 [ssh-keygen.1 ssh-keygen.c]
749 rename arguments -x -> -e (export key), -X -> -i (import key)
750 xref draft-ietf-secsh-publickeyfile-01.txt
Ben Lindstrom160ec622001-04-22 17:17:46 +0000751 - markus@cvs.openbsd.org 2001/04/22 13:32:27
752 [sftp-server.8 sftp.1 ssh.1 sshd.8]
753 xref draft-ietf-secsh-*
Ben Lindstrom2857d9c2001-04-22 17:19:46 +0000754 - markus@cvs.openbsd.org 2001/04/22 13:41:02
755 [ssh-keygen.1 ssh-keygen.c]
756 style, noted by stevesk; sort flags in usage
Ben Lindstromee2786a2001-04-22 17:08:00 +0000757
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +000075820010421
759 - OpenBSD CVS Sync
760 - djm@cvs.openbsd.org 2001/04/20 07:17:51
761 [clientloop.c ssh.1]
762 Split out and improve escape character documentation, mention ~R in
763 ~? help text; ok markus@
Damien Millerc3d00712001-04-20 23:19:37 +1000764 - Update RPM spec files for CVS version.h
Kevin Steves85ecbe72001-04-20 17:43:47 +0000765 - (stevesk) set the default PAM service name to __progname instead
766 of the hard-coded value "sshd"; from Mark D. Roth <roth@feep.net>
Kevin Steves32c97c32001-04-20 20:56:21 +0000767 - (stevesk) document PAM service name change in INSTALL
Tim Riceb8fbb8e2001-04-21 14:31:52 -0700768 - tim@mindrot.org 2001/04/21 14:25:57 [Makefile.in configure.in]
769 fix perl test, fix nroff test, fix Makefile to build outside source tree
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000770
Ben Lindstromf73e05e2001-04-19 20:31:02 +000077120010420
772 - OpenBSD CVS Sync
773 - ian@cvs.openbsd.org 2001/04/18 16:21:05
774 [ssh-keyscan.1]
775 Fix typo reported in PR/1779
Ben Lindstrom5eb97b62001-04-19 20:33:07 +0000776 - markus@cvs.openbsd.org 2001/04/18 21:57:42
777 [readpass.c ssh-add.c]
778 call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
Ben Lindstrom2bffd6f2001-04-19 20:35:40 +0000779 - markus@cvs.openbsd.org 2001/04/18 22:03:45
780 [auth2.c sshconnect2.c]
781 use FDQN with trailing dot in the hostbased auth packets, ok deraadt@
Ben Lindstrom4aa603c2001-04-19 20:38:06 +0000782 - markus@cvs.openbsd.org 2001/04/18 22:48:26
783 [auth2.c]
784 no longer const
Ben Lindstrom671388f2001-04-19 20:40:45 +0000785 - markus@cvs.openbsd.org 2001/04/18 23:43:26
786 [auth2.c compat.c sshconnect2.c]
787 more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now
788 (however the 2.1.0 server seems to work only if debug is enabled...)
Ben Lindstrom648772f2001-04-19 20:47:10 +0000789 - markus@cvs.openbsd.org 2001/04/18 23:44:51
790 [authfile.c]
791 error->debug; noted by fries@
Ben Lindstrom3f364962001-04-19 20:50:07 +0000792 - markus@cvs.openbsd.org 2001/04/19 00:05:11
793 [auth2.c]
794 use local variable, no function call needed.
795 (btw, hostbased works now with ssh.com >= 2.0.13)
Ben Lindstrom82f077d2001-04-20 04:59:22 +0000796 - (bal) Put scp-common.h back into scp.c (it exists in the upstream
797 tree) pointed out by Tom Holroyd <tomh@po.crl.go.jp>
Ben Lindstromf73e05e2001-04-19 20:31:02 +0000798
Ben Lindstrom005dd222001-04-18 15:29:33 +000079920010418
Ben Lindstrome2e66a22001-04-18 15:46:01 +0000800 - OpenBSD CVS Sync
Ben Lindstrom005dd222001-04-18 15:29:33 +0000801 - markus@cvs.openbsd.org 2001/04/17 19:34:25
Ben Lindstrom121c7852001-04-18 15:32:44 +0000802 [session.c]
803 move auth_approval to do_authenticated().
804 do_child(): nuke hostkeys from memory
805 don't source .ssh/rc for subsystems.
806 - markus@cvs.openbsd.org 2001/04/18 14:15:00
807 [canohost.c]
808 debug->debug3
Ben Lindstrome2e66a22001-04-18 15:46:01 +0000809 - (bal) renabled 'catman-do:' and fixed it. So now catman pages should
810 be working again.
Ben Lindstrombc709922001-04-18 18:04:21 +0000811 - (bal) Makfile day... Cleaned up multiple mantype support (Patch by
812 Mark D. Roth <roth+openssh@feep.net>), and fixed PIDDIR support.
Ben Lindstrom121c7852001-04-18 15:32:44 +0000813
Ben Lindstrom47e0c0b2001-04-17 17:57:09 +000081420010417
815 - (bal) Add perl5 check for HP/UX, Removed GNUness from Makefile.in
Ben Lindstrom04eeade2001-04-17 17:58:55 +0000816 and temporary commented out 'catman-do:' since it is broken. Patches
Ben Lindstrom47e0c0b2001-04-17 17:57:09 +0000817 for the first two by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom459d1912001-04-17 18:06:14 +0000818 - OpenBSD CVS Sync
Ben Lindstrom2b261b92001-04-17 18:14:34 +0000819 - deraadt@cvs.openbsd.org 2001/04/16 08:26:04
820 [key.c]
821 better safe than sorry in later mods; yongari@kt-is.co.kr
822 - markus@cvs.openbsd.org 2001/04/17 08:14:01
823 [sshconnect1.c]
824 check for key!=NULL, thanks to costa
825 - markus@cvs.openbsd.org 2001/04/17 09:52:48
826 [clientloop.c]
Ben Lindstrom4c8cff12001-04-17 18:09:42 +0000827 handle EINTR/EAGAIN on read; ok deraadt@
Ben Lindstrom2b261b92001-04-17 18:14:34 +0000828 - markus@cvs.openbsd.org 2001/04/17 10:53:26
829 [key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c]
Ben Lindstrom982dbbc2001-04-17 18:11:36 +0000830 add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@
Ben Lindstrom2b261b92001-04-17 18:14:34 +0000831 - markus@cvs.openbsd.org 2001/04/17 12:55:04
832 [channels.c ssh.c]
833 undo socks5 and https support since they are not really used and
834 only bloat ssh. remove -D from usage(), since '-D' is experimental.
835
Ben Lindstromac2f0032001-04-15 14:25:12 +000083620010416
837 - OpenBSD CVS Sync
838 - stevesk@cvs.openbsd.org 2001/04/15 01:35:22
839 [ttymodes.c]
840 fix comments
Ben Lindstrom206941f2001-04-15 14:27:16 +0000841 - markus@cvs.openbsd.org 2001/04/15 08:43:47
842 [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
843 some unused variable and typos; from tomh@po.crl.go.jp
Ben Lindstrom15f33862001-04-16 02:00:02 +0000844 - markus@cvs.openbsd.org 2001/04/15 16:58:03
845 [authfile.c ssh-keygen.c sshd.c]
846 don't use errno for key_{load,save}_private; discussion w/ solar@openwall
Ben Lindstrom302ea6f2001-04-16 02:01:25 +0000847 - markus@cvs.openbsd.org 2001/04/15 17:16:00
848 [clientloop.c]
849 set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@
850 should fix some of the blocking problems for rsync over SSH-1
Ben Lindstroma8f39722001-04-16 02:03:49 +0000851 - stevesk@cvs.openbsd.org 2001/04/15 19:41:21
852 [sshd.8]
853 some ClientAlive cleanup; ok markus@
Ben Lindstromb5cdc662001-04-16 02:13:26 +0000854 - stevesk@cvs.openbsd.org 2001/04/15 21:28:35
855 [readconf.c servconf.c]
856 use fatal() or error() vs. fprintf(); ok markus@
Damien Miller897741e2001-04-16 10:41:46 +1000857 - (djm) Convert mandoc manpages to man automatically. Patch from Mark D.
858 Roth <roth+openssh@feep.net>
Ben Lindstrombdc2beb2001-04-16 02:11:52 +0000859 - (bal) CVS ID fix up and slight manpage fix from OpenBSD tree.
Damien Miller21134b52001-04-16 18:26:41 +1000860 - (djm) OpenBSD CVS Sync
861 - mouring@cvs.openbsd.org 2001/04/16 02:31:44
862 [scp.c sftp.c]
863 IPv6 support for sftp (which I bungled in my last patch) which is
864 borrowed from scp.c. Thanks to Markus@ for pointing it out.
Damien Miller0b1e0a12001-04-16 18:27:07 +1000865 - deraadt@cvs.openbsd.org 2001/04/16 08:05:34
866 [xmalloc.c]
867 xrealloc dealing with ptr == nULL; mouring
Damien Millercf205e82001-04-16 18:29:15 +1000868 - djm@cvs.openbsd.org 2001/04/16 08:19:31
869 [session.c]
870 Split motd and hushlogin checks into seperate functions, helps for
871 portable. From Chris Adams <cmadams@hiwaay.net>; ok markus@
Damien Miller364a9bd2001-04-16 18:37:05 +1000872 - Fix OSF SIA support displaying too much information for quiet
873 logins and logins where access was denied by SIA. Patch from Chris Adams
874 <cmadams@hiwaay.net>
Ben Lindstromac2f0032001-04-15 14:25:12 +0000875
Ben Lindstromda5d9b12001-04-14 23:07:16 +000087620010415
877 - OpenBSD CVS Sync
878 - deraadt@cvs.openbsd.org 2001/04/14 04:31:01
879 [ssh-add.c]
880 do not double free
Ben Lindstromd334b272001-04-14 23:08:36 +0000881 - markus@cvs.openbsd.org 2001/04/14 16:17:14
882 [channels.c]
883 remove some channels that are not appropriate for keepalive.
Ben Lindstrom7457f2a2001-04-14 23:10:09 +0000884 - markus@cvs.openbsd.org 2001/04/14 16:27:57
885 [ssh-add.c]
886 use clear_pass instead of xfree()
Ben Lindstromae8e2d32001-04-14 23:13:02 +0000887 - stevesk@cvs.openbsd.org 2001/04/14 16:33:20
888 [clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
889 protocol 2 tty modes support; ok markus@
Ben Lindstromf719a202001-04-14 23:14:22 +0000890 - stevesk@cvs.openbsd.org 2001/04/14 17:04:42
891 [scp.c]
892 'T' handling rcp/scp sync; ok markus@
Ben Lindstromac2f0032001-04-15 14:25:12 +0000893 - Missed sshtty.[ch] in Sync.
Ben Lindstromda5d9b12001-04-14 23:07:16 +0000894
Damien Miller6e77a532001-04-14 00:22:33 +100089520010414
896 - Sync with OpenBSD glob.c, strlcat.c and vis.c changes
Damien Miller402b3312001-04-14 00:28:42 +1000897 - Cygwin sftp/sftp-server binary mode patch from Corinna Vinschen
898 <vinschen@redhat.com>
Ben Lindstrom5744dc42001-04-13 23:28:01 +0000899 - OpenBSD CVS Sync
900 - beck@cvs.openbsd.org 2001/04/13 22:46:54
901 [channels.c channels.h servconf.c servconf.h serverloop.c sshd.8]
902 Add options ClientAliveInterval and ClientAliveCountMax to sshd.
903 This gives the ability to do a "keepalive" via the encrypted channel
904 which can't be spoofed (unlike TCP keepalives). Useful for when you want
905 to use ssh connections to authenticate people for something, and know
906 relatively quickly when they are no longer authenticated. Disabled
907 by default (of course). ok markus@
Damien Miller6e77a532001-04-14 00:22:33 +1000908
Ben Lindstrom2b646522001-04-12 16:16:57 +000090920010413
910 - OpenBSD CVS Sync
911 - markus@cvs.openbsd.org 2001/04/12 14:29:09
912 [ssh.c]
913 show debug output during option processing, report from
914 pekkas@netcore.fi
Ben Lindstrom5eabda32001-04-12 23:34:34 +0000915 - markus@cvs.openbsd.org 2001/04/12 19:15:26
916 [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
917 compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
918 servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
919 sshconnect2.c sshd_config]
920 implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
921 similar to RhostRSAAuthentication unless you enable (the experimental)
922 HostbasedUsesNameFromPacketOnly option. please test. :)
Ben Lindstromd69dab32001-04-12 23:36:05 +0000923 - markus@cvs.openbsd.org 2001/04/12 19:39:27
924 [readconf.c]
925 typo
Ben Lindstrom19066a12001-04-12 23:39:26 +0000926 - stevesk@cvs.openbsd.org 2001/04/12 20:09:38
927 [misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
928 robust port validation; ok markus@ jakob@
Ben Lindstrom63667f62001-04-13 00:00:14 +0000929 - mouring@cvs.openbsd.org 2001/04/12 23:17:54
930 [sftp-int.c sftp-int.h sftp.1 sftp.c]
931 Add support for:
932 sftp [user@]host[:file [file]] - Fetch remote file(s)
933 sftp [user@]host[:dir[/]] - Start in remote dir/
934 OK deraadt@
Ben Lindstrom92d4a022001-04-13 04:44:37 +0000935 - stevesk@cvs.openbsd.org 2001/04/13 01:26:17
936 [ssh.c]
937 missing \n in error message
Ben Lindstrom09988722001-04-12 21:35:52 +0000938 - (bal) Added openbsd-compat/inet_ntop.[ch] since HP/UX (and others)
939 lack it.
Ben Lindstrom2b646522001-04-12 16:16:57 +0000940
Ben Lindstromb3921512001-04-11 15:57:50 +000094120010412
942 - OpenBSD CVS Sync
943 - markus@cvs.openbsd.org 2001/04/10 07:46:58
944 [channels.c]
945 cleanup socks4 handling
Ben Lindstrom18a82ac2001-04-11 15:59:35 +0000946 - itojun@cvs.openbsd.org 2001/04/10 09:13:22
947 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
948 document id_rsa{.pub,}. markus ok
Ben Lindstromc486d882001-04-11 16:08:34 +0000949 - markus@cvs.openbsd.org 2001/04/10 12:15:23
950 [channels.c]
951 debug cleanup
Ben Lindstrom23d9a6d2001-04-11 23:05:17 +0000952 - djm@cvs.openbsd.org 2001/04/11 07:06:22
953 [sftp-int.c]
954 'mget' and 'mput' aliases; ok markus@
Ben Lindstrom146edb92001-04-11 23:06:28 +0000955 - markus@cvs.openbsd.org 2001/04/11 10:59:01
956 [ssh.c]
957 use strtol() for ports, thanks jakob@
Ben Lindstrom6fa9d102001-04-11 23:08:17 +0000958 - markus@cvs.openbsd.org 2001/04/11 13:56:13
959 [channels.c ssh.c]
960 https-connect and socks5 support. i feel so bad.
Ben Lindstrom9fce9f02001-04-11 23:10:09 +0000961 - lebel@cvs.openbsd.org 2001/04/11 16:25:30
962 [sshd.8 sshd.c]
963 implement the -e option into sshd:
964 -e When this option is specified, sshd will send the output to the
965 standard error instead of the system log.
966 markus@ OK.
Ben Lindstromb3921512001-04-11 15:57:50 +0000967
Ben Lindstrom94924842001-04-10 02:40:17 +000096820010410
969 - OpenBSD CVS Sync
970 - deraadt@cvs.openbsd.org 2001/04/08 20:52:55
971 [sftp.c]
972 do not modify an actual argv[] entry
Ben Lindstrom4b3564e2001-04-10 02:41:56 +0000973 - stevesk@cvs.openbsd.org 2001/04/08 23:28:27
974 [sshd.8]
975 spelling
Ben Lindstrom8ffeacf2001-04-10 02:43:57 +0000976 - stevesk@cvs.openbsd.org 2001/04/09 00:42:05
977 [sftp.1]
978 spelling
Ben Lindstromee617942001-04-10 02:45:32 +0000979 - markus@cvs.openbsd.org 2001/04/09 15:12:23
980 [ssh-add.c]
981 passphrase caching: ssh-add tries last passphrase, clears passphrase if
982 not successful and after last try.
983 based on discussions with espie@, jakob@, ... and code from jakob@ and
984 wolfgang@wsrcc.com
Ben Lindstrom12de6162001-04-10 02:46:54 +0000985 - markus@cvs.openbsd.org 2001/04/09 15:19:49
986 [ssh-add.1]
987 ssh-add retries the last passphrase...
Ben Lindstrom1a598a42001-04-10 02:48:50 +0000988 - stevesk@cvs.openbsd.org 2001/04/09 18:00:15
989 [sshd.8]
990 ListenAddress mandoc from aaron@
Ben Lindstrom94924842001-04-10 02:40:17 +0000991
Ben Lindstrom49e57a82001-04-08 18:02:43 +000099220010409
Kevin Stevescb17e992001-04-09 14:50:52 +0000993 - (stevesk) use setresgid() for setegid() if needed
Kevin Steves393d2f72001-04-08 22:50:43 +0000994 - (stevesk) configure.in: typo
Ben Lindstrom49e57a82001-04-08 18:02:43 +0000995 - OpenBSD CVS Sync
996 - stevesk@cvs.openbsd.org 2001/04/08 16:01:36
997 [sshd.8]
998 document ListenAddress addr:port
Ben Lindstromd5730a82001-04-08 18:04:36 +0000999 - markus@cvs.openbsd.org 2001/04/08 13:03:00
1000 [ssh-add.c]
1001 init pointers with NULL, thanks to danimal@danimal.org
Ben Lindstromd3447632001-04-08 18:07:22 +00001002 - markus@cvs.openbsd.org 2001/04/08 11:27:33
1003 [clientloop.c]
1004 leave_raw_mode if ssh2 "session" is closed
Ben Lindstrom3fcf1a22001-04-08 18:26:59 +00001005 - markus@cvs.openbsd.org 2001/04/06 21:00:17
1006 [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
1007 ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
1008 do gid/groups-swap in addition to uid-swap, should help if /home/group
1009 is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
1010 to olar@openwall.com is comments. we had many requests for this.
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +00001011 - markus@cvs.openbsd.org 2001/04/07 08:55:18
1012 [buffer.c channels.c channels.h readconf.c ssh.c]
1013 allow the ssh client act as a SOCKS4 proxy (dynamic local
1014 portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me.
1015 thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
1016 netscape use localhost:1080 as a socks proxy.
Ben Lindstromf52373f2001-04-08 18:38:04 +00001017 - markus@cvs.openbsd.org 2001/04/08 11:24:33
1018 [uidswap.c]
1019 KNF
Ben Lindstrom49e57a82001-04-08 18:02:43 +00001020
Ben Lindstromab0cedc2001-04-07 17:23:43 +0000102120010408
1022 - OpenBSD CVS Sync
1023 - stevesk@cvs.openbsd.org 2001/04/06 22:12:47
1024 [hostfile.c]
1025 unused; typo in comment
Ben Lindstromc510af42001-04-07 17:25:48 +00001026 - stevesk@cvs.openbsd.org 2001/04/06 22:25:25
1027 [servconf.c]
1028 in addition to:
1029 ListenAddress host|ipv4_addr|ipv6_addr
1030 permit:
1031 ListenAddress [host|ipv4_addr|ipv6_addr]:port
1032 ListenAddress host|ipv4_addr:port
1033 sshd.8 updates coming. ok markus@
Ben Lindstromab0cedc2001-04-07 17:23:43 +00001034
Ben Lindstrom8248d112001-04-07 01:08:46 +0000103520010407
1036 - (bal) CVS ID Resync of version.h
Ben Lindstrome34ab4c2001-04-07 01:12:11 +00001037 - OpenBSD CVS Sync
1038 - markus@cvs.openbsd.org 2001/04/05 23:39:20
1039 [serverloop.c]
1040 keep the ssh session even if there is no active channel.
1041 this is more in line with the protocol spec and makes
1042 ssh -N -L 1234:server:110 host
1043 more useful.
1044 based on discussion with <mats@mindbright.se> long time ago
1045 and recent mail from <res@shore.net>
Ben Lindstromd47cf4d2001-04-07 01:14:38 +00001046 - deraadt@cvs.openbsd.org 2001/04/06 16:46:59
1047 [scp.c]
1048 remove trailing / from source paths; fixes pr#1756
Ben Lindstrom8248d112001-04-07 01:08:46 +00001049
Kevin Stevesff8b4952001-04-05 23:05:22 +0000105020010406
1051 - (stevesk) logintest.c: fix for systems without __progname
Kevin Stevesbe48f2b2001-04-06 01:58:37 +00001052 - (stevesk) Makefile.in: log.o is in libssh.a
Ben Lindstrom4f3ae4c2001-04-05 23:19:21 +00001053 - OpenBSD CVS Sync
1054 - markus@cvs.openbsd.org 2001/04/05 10:00:06
1055 [compat.c]
1056 2.3.x does old GEX, too; report jakob@
Ben Lindstromfb50cdf2001-04-05 23:20:46 +00001057 - markus@cvs.openbsd.org 2001/04/05 10:39:03
1058 [compress.c compress.h packet.c]
1059 reset compress state per direction when rekeying.
Ben Lindstroma6c20142001-04-05 23:22:25 +00001060 - markus@cvs.openbsd.org 2001/04/05 10:39:48
1061 [version.h]
1062 temporary version 2.5.4 (supports rekeying).
1063 this is not an official release.
Ben Lindstroma3700052001-04-05 23:26:32 +00001064 - markus@cvs.openbsd.org 2001/04/05 10:42:57
1065 [auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
1066 mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
1067 sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
1068 sshconnect2.c sshd.c]
1069 fix whitespace: unexpand + trailing spaces.
Ben Lindstroma8baf362001-04-05 23:28:36 +00001070 - markus@cvs.openbsd.org 2001/04/05 11:09:17
1071 [clientloop.c compat.c compat.h]
1072 add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
Ben Lindstromf3272352001-04-05 23:29:59 +00001073 - markus@cvs.openbsd.org 2001/04/05 15:45:43
1074 [ssh.1]
1075 ssh defaults to protocol v2; from quisar@quisar.ambre.net
Ben Lindstromf15a3862001-04-05 23:32:17 +00001076 - stevesk@cvs.openbsd.org 2001/04/05 15:48:18
1077 [canohost.c canohost.h session.c]
1078 move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@
Ben Lindstrom11bd8992001-04-05 23:34:29 +00001079 - markus@cvs.openbsd.org 2001/04/05 20:01:10
1080 [clientloop.c]
1081 for ~R print message if server does not support rekeying. (and fix ~R).
Ben Lindstromd7dd23f2001-04-05 23:36:01 +00001082 - markus@cvs.openbsd.org 2001/04/05 21:02:46
1083 [buffer.c]
1084 better error message
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +00001085 - markus@cvs.openbsd.org 2001/04/05 21:05:24
1086 [clientloop.c ssh.c]
1087 don't request a session for 'ssh -N', pointed out slade@shore.net
Kevin Stevesff8b4952001-04-05 23:05:22 +00001088
Ben Lindstrom238abf62001-04-04 17:52:53 +0000108920010405
1090 - OpenBSD CVS Sync
1091 - markus@cvs.openbsd.org 2001/04/04 09:48:35
1092 [kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c]
1093 don't sent multiple kexinit-requests.
1094 send newkeys, block while waiting for newkeys.
1095 fix comments.
Ben Lindstrom8ac91062001-04-04 17:57:54 +00001096 - markus@cvs.openbsd.org 2001/04/04 14:34:58
1097 [clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
1098 enable server side rekeying + some rekey related clientup.
1099 todo: we should not send any non-KEX messages after we send KEXINIT
Ben Lindstrom78c261a2001-04-04 23:43:26 +00001100 - markus@cvs.openbsd.org 2001/04/04 15:50:55
1101 [compat.c]
1102 f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov
Ben Lindstrombe2cc432001-04-04 23:46:07 +00001103 - markus@cvs.openbsd.org 2001/04/04 20:25:38
1104 [channels.c channels.h clientloop.c kex.c kex.h serverloop.c
1105 sshconnect2.c sshd.c]
1106 more robust rekeying
1107 don't send channel data after rekeying is started.
Ben Lindstrom0cae0402001-04-04 23:47:52 +00001108 - markus@cvs.openbsd.org 2001/04/04 20:32:56
1109 [auth2.c]
1110 we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@
Ben Lindstrom8e312f32001-04-04 23:50:21 +00001111 - markus@cvs.openbsd.org 2001/04/04 22:04:35
1112 [kex.c kexgex.c serverloop.c]
1113 parse full kexinit packet.
1114 make server-side more robust, too.
Ben Lindstrom5ba23b32001-04-05 02:05:21 +00001115 - markus@cvs.openbsd.org 2001/04/04 23:09:18
1116 [dh.c kex.c packet.c]
1117 clear+free keys,iv for rekeying.
1118 + fix DH mem leaks. ok niels@
Kevin Steves86a52b32001-04-05 17:15:08 +00001119 - (stevesk) don't use vhangup() if defined(HAVE_DEV_PTMX); also removes
1120 BROKEN_VHANGUP
Ben Lindstrom238abf62001-04-04 17:52:53 +00001121
Ben Lindstrom0d3e8fa2001-04-04 01:51:25 +0000112220010404
1123 - OpenBSD CVS Sync
1124 - deraadt@cvs.openbsd.org 2001/04/02 17:32:23
1125 [ssh-agent.1]
1126 grammar; slade@shore.net
Ben Lindstrom86ebcb62001-04-04 01:53:20 +00001127 - stevesk@cvs.openbsd.org 2001/04/03 13:56:11
1128 [sftp-glob.c ssh-agent.c ssh-keygen.c]
1129 free() -> xfree()
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +00001130 - markus@cvs.openbsd.org 2001/04/03 19:53:29
1131 [dh.c dh.h kex.c kex.h sshconnect2.c sshd.c]
1132 move kex to kex*.c, used dispatch_set() callbacks for kex. should
1133 make rekeying easier.
Ben Lindstrom9323d962001-04-04 01:58:48 +00001134 - todd@cvs.openbsd.org 2001/04/03 21:19:38
1135 [ssh_config]
1136 id_rsa1/2 -> id_rsa; ok markus@
Ben Lindstrom2d90e002001-04-04 02:00:54 +00001137 - markus@cvs.openbsd.org 2001/04/03 23:32:12
1138 [kex.c kex.h packet.c sshconnect2.c sshd.c]
1139 undo parts of recent my changes: main part of keyexchange does not
1140 need dispatch-callbacks, since application data is delayed until
1141 the keyexchange completes (if i understand the drafts correctly).
1142 add some infrastructure for re-keying.
Ben Lindstromf28f6342001-04-04 02:03:04 +00001143 - markus@cvs.openbsd.org 2001/04/04 00:06:54
1144 [clientloop.c sshconnect2.c]
1145 enable client rekeying
1146 (1) force rekeying with ~R, or
1147 (2) if the server requests rekeying.
1148 works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
Ben Lindstrom22b19b42001-04-04 17:39:19 +00001149 - (bal) Oops.. Missed including kexdh.c and kexgex.c in OpenBSD sync.
Ben Lindstrom0d3e8fa2001-04-04 01:51:25 +00001150
Ben Lindstrom55b99e32001-04-02 18:18:21 +0000115120010403
1152 - OpenBSD CVS Sync
1153 - stevesk@cvs.openbsd.org 2001/04/02 14:15:31
1154 [sshd.8]
1155 typo; ok markus@
Ben Lindstrom3704c262001-04-02 18:20:03 +00001156 - stevesk@cvs.openbsd.org 2001/04/02 14:20:23
1157 [readconf.c servconf.c]
1158 correct comment; ok markus@
Kevin Stevesefe5fd82001-04-03 13:02:48 +00001159 - (stevesk) nchan.c: remove ostate checks and add EINVAL to
1160 shutdown(SHUT_RD) error() bypass for HP-UX.
Ben Lindstrom55b99e32001-04-02 18:18:21 +00001161
Kevin Stevesedcd5762001-04-02 13:45:00 +0000116220010402
1163 - (stevesk) log.c openbsd sync; missing newlines
Kevin Steves6189e192001-04-02 14:02:55 +00001164 - (stevesk) sshpty.h openbsd sync; PTY_H -> SSHPTY_H
Kevin Stevesedcd5762001-04-02 13:45:00 +00001165
Damien Millerd8f72ca2001-03-30 10:23:17 +1000116620010330
1167 - (djm) Another openbsd-compat/glob.c sync
Damien Miller2557bfc2001-03-30 10:47:14 +10001168 - (djm) OpenBSD CVS Sync
1169 - provos@cvs.openbsd.org 2001/03/28 21:59:41
1170 [kex.c kex.h sshconnect2.c sshd.c]
1171 forgot to include min and max params in hash, okay markus@
Damien Miller23e526e2001-03-30 10:47:43 +10001172 - provos@cvs.openbsd.org 2001/03/28 22:04:57
1173 [dh.c]
1174 more sanity checking on primes file
Damien Miller5d57e502001-03-30 10:48:31 +10001175 - markus@cvs.openbsd.org 2001/03/28 22:43:31
1176 [auth.h auth2.c auth2-chall.c]
1177 check auth_root_allowed for kbd-int auth, too.
Damien Miller653ae112001-03-30 10:49:05 +10001178 - provos@cvs.openbsd.org 2001/03/29 14:24:59
1179 [sshconnect2.c]
1180 use recommended defaults
Damien Millera0ff4662001-03-30 10:49:35 +10001181 - stevesk@cvs.openbsd.org 2001/03/29 21:06:21
1182 [sshconnect2.c sshd.c]
1183 need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@
Damien Miller9709f902001-03-30 10:50:10 +10001184 - markus@cvs.openbsd.org 2001/03/29 21:17:40
1185 [dh.c dh.h kex.c kex.h]
1186 prepare for rekeying: move DH code to dh.c
Damien Millerff75ac42001-03-30 10:50:32 +10001187 - djm@cvs.openbsd.org 2001/03/29 23:42:01
1188 [sshd.c]
1189 Protocol 1 key regeneration log => verbose, some KNF; ok markus@
Damien Millerd8f72ca2001-03-30 10:23:17 +10001190
Ben Lindstrom89b0bd62001-03-29 00:27:11 +0000119120010329
1192 - OpenBSD CVS Sync
1193 - stevesk@cvs.openbsd.org 2001/03/26 15:47:59
1194 [ssh.1]
1195 document more defaults; misc. cleanup. ok markus@
Ben Lindstromc1116602001-03-29 00:28:37 +00001196 - markus@cvs.openbsd.org 2001/03/26 23:12:42
1197 [authfile.c]
1198 KNF
Ben Lindstromd09fcf52001-03-29 00:29:54 +00001199 - markus@cvs.openbsd.org 2001/03/26 23:23:24
1200 [rsa.c rsa.h ssh-agent.c ssh-keygen.c]
1201 try to read private f-secure ssh v2 rsa keys.
Ben Lindstrom425fb022001-03-29 00:31:20 +00001202 - markus@cvs.openbsd.org 2001/03/27 10:34:08
1203 [ssh-rsa.c sshd.c]
1204 use EVP_get_digestbynid, reorder some calls and fix missing free.
Ben Lindstrom60a43812001-03-29 00:32:56 +00001205 - markus@cvs.openbsd.org 2001/03/27 10:57:00
1206 [compat.c compat.h ssh-rsa.c]
1207 some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5
1208 signatures in SSH protocol 2, ok djm@
Ben Lindstromdf221392001-03-29 00:36:16 +00001209 - provos@cvs.openbsd.org 2001/03/27 17:46:50
1210 [compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h]
1211 make dh group exchange more flexible, allow min and max group size,
1212 okay markus@, deraadt@
Ben Lindstrombd472262001-03-29 00:39:55 +00001213 - stevesk@cvs.openbsd.org 2001/03/28 19:56:23
1214 [scp.c]
1215 start to sync scp closer to rcp; ok markus@
Ben Lindstromff2618c2001-03-29 00:43:54 +00001216 - stevesk@cvs.openbsd.org 2001/03/28 20:04:38
1217 [scp.c]
1218 usage more like rcp and add missing -B to usage; ok markus@
Ben Lindstrom7de696e2001-03-29 00:45:12 +00001219 - markus@cvs.openbsd.org 2001/03/28 20:50:45
1220 [sshd.c]
1221 call refuse() before close(); from olemx@ans.pl
Ben Lindstrom89b0bd62001-03-29 00:27:11 +00001222
Damien Millerc79bc0d2001-03-28 13:03:42 +1000122320010328
1224 - (djm) Reorder tests and library inclusion for Krb4/AFS to try to
1225 resolve linking conflicts with libcrypto. Report and suggested fix
1226 from Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Miller18bb4732001-03-28 14:35:30 +10001227 - (djm) Work around Solaris' broken struct dirent. Diagnosis and suggested
1228 fix from Philippe Levan <levan@epix.net>
Damien Miller98344742001-03-28 14:37:06 +10001229 - (djm) Rework krbIV tests to get us closer to building on Redhat. Still
1230 doesn't work because of conflicts between krbIV's and OpenSSL's des.h
Damien Millerb68af622001-03-28 21:05:26 +10001231 - (djm) Sync openbsd-compat/glob.c
Damien Millerc79bc0d2001-03-28 13:03:42 +10001232
Ben Lindstrom8ca93562001-03-26 05:32:16 +0000123320010327
1234 - Attempt sync with sshlogin.c w/ OpenBSD (mainly CVS ID)
Ben Lindstrom95318252001-03-26 05:35:33 +00001235 - Fix pointer issues in waitpid() and wait() replaces. Patch by Lutz
1236 Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom60294322001-03-26 05:38:25 +00001237 - OpenBSD CVS Sync
1238 - djm@cvs.openbsd.org 2001/03/25 00:01:34
1239 [session.c]
1240 shorten; ok markus@
Ben Lindstrom7bfff362001-03-26 05:45:53 +00001241 - stevesk@cvs.openbsd.org 2001/03/25 13:16:11
1242 [servconf.c servconf.h session.c sshd.8 sshd_config]
1243 PrintLastLog option; from chip@valinux.com with some minor
1244 changes by me. ok markus@
Damien Millerf9e93002001-03-27 16:12:24 +10001245 - markus@cvs.openbsd.org 2001/03/26 08:07:09
1246 [authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
1247 sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
1248 simpler key load/save interface, see authfile.h
1249 - (djm) Reestablish PAM credentials (which can be supplemental group
1250 memberships) after initgroups() blows them away. Report and suggested
1251 fix from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom8ca93562001-03-26 05:32:16 +00001252
Ben Lindstromb94f8b22001-03-24 00:20:56 +0000125320010324
1254 - Fixed permissions ssh-keyscan. Thanks to Christopher Linn <celinn@mtu.edu>.
Ben Lindstromc8530c72001-03-24 00:35:19 +00001255 - OpenBSD CVS Sync
1256 - djm@cvs.openbsd.org 2001/03/23 11:04:07
1257 [compat.c compat.h sshconnect2.c sshd.c]
1258 Compat for OpenSSH with broken Rijndael/AES. ok markus@
Ben Lindstrom9e2057c2001-03-24 00:37:59 +00001259 - markus@cvs.openbsd.org 2001/03/23 12:02:49
1260 [auth1.c]
1261 authctxt is now passed to do_authenticated
Ben Lindstrom7527f8b2001-03-24 00:39:12 +00001262 - markus@cvs.openbsd.org 2001/03/23 13:10:57
1263 [sftp-int.c]
1264 fix put, upload to _absolute_ path, ok djm@
Ben Lindstromde71cda2001-03-24 00:43:26 +00001265 - markus@cvs.openbsd.org 2001/03/23 14:28:32
1266 [session.c sshd.c]
1267 ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@
Damien Millerb44fe062001-03-24 15:39:38 +11001268 - (djm) Pull out our own SIGPIPE hacks
Ben Lindstromb94f8b22001-03-24 00:20:56 +00001269
Ben Lindstrom69d8c072001-03-22 22:45:33 +0000127020010323
1271 - OpenBSD CVS Sync
1272 - deraadt@cvs.openbsd.org 2001/03/22 20:22:55
1273 [sshd.c]
1274 do not place linefeeds in buffer
1275
Damien Millerbebd8be2001-03-22 11:58:15 +1100127620010322
1277 - (djm) Better AIX no tty fix, spotted by Gert Doering <gert@greenie.muc.de>
Ben Lindstromebf3d512001-03-22 01:08:39 +00001278 - (bal) version.c CVS ID resync
Ben Lindstromeebc4a22001-03-22 01:22:03 +00001279 - (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID
1280 resync
Ben Lindstrom57f82e22001-03-22 02:04:08 +00001281 - (bal) scp.c CVS ID resync
Ben Lindstrom6b776432001-03-22 01:24:04 +00001282 - OpenBSD CVS Sync
1283 - markus@cvs.openbsd.org 2001/03/20 19:10:16
1284 [readconf.c]
1285 default to SSH protocol version 2
Ben Lindstromb4c961d2001-03-22 01:25:37 +00001286 - markus@cvs.openbsd.org 2001/03/20 19:21:21
1287 [session.c]
1288 remove unused arg
Ben Lindstromfc9b07d2001-03-22 01:27:23 +00001289 - markus@cvs.openbsd.org 2001/03/20 19:21:21
1290 [session.c]
1291 remove unused arg
Ben Lindstromb31783d2001-03-22 02:02:12 +00001292 - markus@cvs.openbsd.org 2001/03/21 11:43:45
1293 [auth1.c auth2.c session.c session.h]
1294 merge common ssh v1/2 code
Ben Lindstromf1107f52001-03-22 02:05:32 +00001295 - jakob@cvs.openbsd.org 2001/03/21 14:20:45
1296 [ssh-keygen.c]
1297 add -B flag to usage
Ben Lindstromd9267452001-03-22 02:06:57 +00001298 - markus@cvs.openbsd.org 2001/03/21 21:06:30
1299 [session.c]
1300 missing init; from mib@unimelb.edu.au
Damien Millerbebd8be2001-03-22 11:58:15 +11001301
Damien Millerbe081762001-03-21 11:11:57 +1100130220010321
1303 - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve
1304 VanDevender <stevev@darkwing.uoregon.edu>
Damien Miller2e9adb22001-03-21 12:16:24 +11001305 - (djm) Make sure pam_retval is initialised on call to pam_end. Patch
1306 from Solar Designer <solar@openwall.com>
Damien Millerec7e1b12001-03-21 13:01:35 +11001307 - (djm) Don't loop forever when changing password via PAM. Patch
1308 from Solar Designer <solar@openwall.com>
Damien Miller4b4e2d32001-03-21 13:13:40 +11001309 - (djm) Generate config files before build
Damien Millerb69407d2001-03-21 16:13:03 +11001310 - (djm) Correctly handle SIA and AIX when no tty present. Spotted and
1311 suggested fix from Mike Battersby <mib@unimelb.edu.au>
Damien Millerbe081762001-03-21 11:11:57 +11001312
Ben Lindstroma77d6412001-03-19 18:58:13 +0000131320010320
Ben Lindstrom11c78f82001-03-19 19:00:09 +00001314 - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS).
1315 - (bal) glob.c update to set gl_pathv to NULL (OpenBSD CVS).
Ben Lindstrom9911f122001-03-19 21:29:30 +00001316 - (bal) Oops. Missed globc.h change (OpenBSD CVS).
Damien Millere7cf07c2001-03-20 09:15:57 +11001317 - (djm) OpenBSD CVS Sync
1318 - markus@cvs.openbsd.org 2001/03/19 17:07:23
1319 [auth.c readconf.c]
1320 undo /etc/shell and proto 2,1 change for openssh-2.5.2
Damien Miller41be73b2001-03-20 09:16:34 +11001321 - markus@cvs.openbsd.org 2001/03/19 17:12:10
1322 [version.h]
1323 version 2.5.2
Damien Miller82e7ae52001-03-20 09:30:50 +11001324 - (djm) Update RPM spec version
1325 - (djm) Release 2.5.2p1
Tim Riced14d7022001-03-19 18:31:44 -08001326- tim@mindrot.org 2001/03/19 18:33:47 [defines.h]
1327 change S_ISLNK macro to work for UnixWare 2.03
Tim Riced9d5ba22001-03-19 20:46:50 -08001328- tim@mindrot.org 2001/03/19 20:45:11 [openbsd-compat/glob.c]
1329 add get_arg_max(). Use sysconf() if ARG_MAX is not defined
Ben Lindstroma77d6412001-03-19 18:58:13 +00001330
Damien Miller60bc5172001-03-19 09:38:15 +1100133120010319
1332 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
1333 do it implicitly.
Damien Miller9de61e82001-03-19 10:09:27 +11001334 - (djm) Add getusershell() functions from OpenBSD CVS
Ben Lindstrom2d70f982001-03-19 00:13:46 +00001335 - OpenBSD CVS Sync
1336 - markus@cvs.openbsd.org 2001/03/18 12:07:52
1337 [auth-options.c]
1338 ignore permitopen="host:port" if AllowTcpForwarding==no
Damien Millerffd0e102001-03-19 12:45:02 +11001339 - (djm) Make scp work on systems without 64-bit ints
Tim Riced19a75a2001-03-18 18:27:26 -08001340 - tim@mindrot.org 2001/03/18 18:28:39 [defines.h]
1341 move HAVE_LONG_LONG_INT where it works
Ben Lindstrom8feff452001-03-19 03:09:40 +00001342 - (bal) Use 'NGROUPS' for NeXT Since 'MAX_NGROUPS' is wrapped up in -lposix
Ben Lindstrom6cabb6f2001-03-19 03:01:56 +00001343 stuff. Change suggested by Mark Miller <markm@swoon.net>
Ben Lindstrom8feff452001-03-19 03:09:40 +00001344 - (bal) Small fix to scp. %lu vs %ld
Ben Lindstrom03017ba2001-03-19 03:12:25 +00001345 - (bal) NeXTStep lacks S_ISLNK. Plus split up S_IS*
Damien Millercafff192001-03-19 22:29:46 +11001346 - (djm) OpenBSD CVS Sync
1347 - djm@cvs.openbsd.org 2001/03/19 03:52:51
1348 [sftp-client.c]
1349 Report ssh connection closing correctly; ok deraadt@
Damien Miller27dbe6f2001-03-19 22:36:20 +11001350 - deraadt@cvs.openbsd.org 2001/03/18 23:30:55
1351 [compat.c compat.h sshd.c]
1352 specifically version match on ssh scanners. do not log scan
1353 information to the console
Damien Millerc2c5d9f2001-03-19 23:16:08 +11001354 - djm@cvs.openbsd.org 2001/03/19 12:10:17
Damien Millera243fde2001-03-19 23:16:08 +11001355 [sshd.8]
Damien Millerc2c5d9f2001-03-19 23:16:08 +11001356 Document permitopen authorized_keys option; ok markus@
Damien Miller1e42f302001-03-19 23:59:11 +11001357 - djm@cvs.openbsd.org 2001/03/19 05:49:52
1358 [ssh.1]
1359 document PreferredAuthentications option; ok markus@
Ben Lindstromaad56ce2001-03-19 13:42:21 +00001360 - (bal) Minor NeXT fixed. Forgot to #undef NGROUPS_MAX
Damien Miller60bc5172001-03-19 09:38:15 +11001361
Ben Lindstromfea72782001-03-17 18:07:46 +0000136220010318
1363 - (bal) Fixed scp type casing issue which causes "scp: protocol error:
1364 size not delimited" fatal errors when tranfering.
Ben Lindstromd69191b2001-03-17 23:13:27 +00001365 - OpenBSD CVS Sync
1366 - markus@cvs.openbsd.org 2001/03/17 17:27:59
1367 [auth.c]
1368 check /etc/shells, too
Tim Riceb399be42001-03-17 18:43:16 -08001369 - tim@mindrot.org 2001/03/17 18:45:25 [compat.c]
1370 openbsd-compat/fake-regex.h
Ben Lindstromfea72782001-03-17 18:07:46 +00001371
Damien Miller168a7002001-03-17 10:29:50 +1100137220010317
1373 - Support usrinfo() on AIX. Based on patch from Gert Doering
1374 <gert@greenie.muc.de>
Ben Lindstroma4c57662001-03-17 00:10:20 +00001375 - OpenBSD CVS Sync
1376 - markus@cvs.openbsd.org 2001/03/15 15:05:59
1377 [scp.c]
1378 use %lld in printf, ok millert@/deraadt@; report from ssh@client.fi
Ben Lindstrom86fe8682001-03-17 00:32:57 +00001379 - markus@cvs.openbsd.org 2001/03/15 22:07:08
1380 [session.c]
1381 pass Session to do_child + KNF
Ben Lindstromc8d1c302001-03-17 00:34:46 +00001382 - djm@cvs.openbsd.org 2001/03/16 08:16:18
1383 [sftp-client.c sftp-client.h sftp-glob.c sftp-int.c]
1384 Revise globbing for get/put to be more shell-like. In particular,
1385 "get/put file* directory/" now works. ok markus@
Ben Lindstrom5df2ffa2001-03-17 00:36:17 +00001386 - markus@cvs.openbsd.org 2001/03/16 09:55:53
1387 [sftp-int.c]
1388 fix memset and whitespace
Ben Lindstromcf00df62001-03-17 00:37:31 +00001389 - markus@cvs.openbsd.org 2001/03/16 13:44:24
1390 [sftp-int.c]
1391 discourage strcat/strcpy
Ben Lindstrom7bb8b492001-03-17 00:47:54 +00001392 - markus@cvs.openbsd.org 2001/03/16 19:06:30
1393 [auth-options.c channels.c channels.h serverloop.c session.c]
1394 implement "permitopen" key option, restricts -L style forwarding to
1395 to specified host:port pairs. based on work by harlan@genua.de
Ben Lindstrom45b14db2001-03-17 01:15:38 +00001396 - Check for gl_matchc support in glob_t and fall back to the
1397 openbsd-compat/glob.[ch] support if it does not exist.
Damien Miller168a7002001-03-17 10:29:50 +11001398
Ben Lindstrom025df4a2001-03-14 15:16:34 +0000139920010315
1400 - OpenBSD CVS Sync
1401 - markus@cvs.openbsd.org 2001/03/14 08:57:14
1402 [sftp-client.c]
1403 Wall
Ben Lindstromf78682d2001-03-14 21:26:27 +00001404 - markus@cvs.openbsd.org 2001/03/14 15:15:58
1405 [sftp-int.c]
1406 add version command
Ben Lindstromc7f4ccd2001-03-15 00:09:15 +00001407 - deraadt@cvs.openbsd.org 2001/03/14 22:50:25
1408 [sftp-server.c]
1409 note no getopt()
Kevin Steves54f15b62001-03-14 18:37:13 +00001410 - (stevesk) ssh-keyscan.c: specify "openbsd-compat/fake-queue.h"
Ben Lindstromde2273f2001-03-14 21:30:18 +00001411 - (bal) Cygwin README change by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom025df4a2001-03-14 15:16:34 +00001412
Damien Miller056ddf72001-03-14 10:15:20 +1100141320010314
1414 - OpenBSD CVS Sync
Ben Lindstromf78682d2001-03-14 21:26:27 +00001415 - markus@cvs.openbsd.org 2001/03/13 17:34:42
1416 [auth-options.c]
1417 missing xfree, deny key on parse error; ok stevesk@
1418 - djm@cvs.openbsd.org 2001/03/13 22:42:54
1419 [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
1420 sftp client filename globbing for get, put, ch{mod,grp,own}. ok markus@
Damien Miller3c027682001-03-14 11:39:45 +11001421 - (bal) Fix strerror() in bsd-misc.c
1422 - (djm) Add replacement glob() from OpenBSD libc if the system glob is
1423 missing or lacks the GLOB_ALTDIRFUNC extension
1424 - (djm) Remove -I$(srcdir)/openbsd-compat from CFLAGS, refer to headers
1425 relatively. Avoids conflict between glob.h and /usr/include/glob.h
Damien Miller056ddf72001-03-14 10:15:20 +11001426
Ben Lindstromcfccef92001-03-13 04:57:58 +0000142720010313
1428 - OpenBSD CVS Sync
1429 - markus@cvs.openbsd.org 2001/03/12 22:02:02
1430 [key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c]
1431 remove old key_fingerprint interface, s/_ex//
1432
Ben Lindstromb54873a2001-03-11 20:01:55 +0000143320010312
1434 - OpenBSD CVS Sync
1435 - markus@cvs.openbsd.org 2001/03/11 13:25:36
1436 [auth2.c key.c]
1437 debug
Ben Lindstrom96e8ea62001-03-11 20:03:44 +00001438 - jakob@cvs.openbsd.org 2001/03/11 15:03:16
1439 [key.c key.h]
1440 add improved fingerprint functions. based on work by Carsten
1441 Raskgaard <cara@int.tele.dk> and modified by me. ok markus@.
Ben Lindstroma8a73e62001-03-11 20:05:19 +00001442 - jakob@cvs.openbsd.org 2001/03/11 15:04:16
1443 [ssh-keygen.1 ssh-keygen.c]
1444 print both md5, sha1 and bubblebabble fingerprints when using
1445 ssh-keygen -l -v. ok markus@.
Ben Lindstromcbe3ad22001-03-11 20:06:59 +00001446 - jakob@cvs.openbsd.org 2001/03/11 15:13:09
1447 [key.c]
1448 cleanup & shorten some var names key_fingerprint_bubblebabble.
Ben Lindstromca0bf572001-03-11 20:08:29 +00001449 - deraadt@cvs.openbsd.org 2001/03/11 16:39:03
1450 [ssh-keygen.c]
1451 KNF, and SHA1 binary output is just creeping featurism
Tim Ricebee3f222001-03-11 17:32:12 -08001452 - tim@mindrot.org 2001/03/11 17:29:32 [configure.in]
1453 test if snprintf() supports %ll
1454 add /dev to search path for PRNGD/EGD socket
1455 fix my mistake in USER_PATH test program
Ben Lindstromf0b48532001-03-12 02:59:31 +00001456 - OpenBSD CVS Sync
1457 - markus@cvs.openbsd.org 2001/03/11 18:29:51
1458 [key.c]
1459 style+cleanup
Ben Lindstrom8fd372b2001-03-12 03:02:17 +00001460 - markus@cvs.openbsd.org 2001/03/11 22:33:24
1461 [ssh-keygen.1 ssh-keygen.c]
1462 remove -v again. use -B instead for bubblebabble. make -B consistent
1463 with -l and make -B work with /path/to/known_hosts. ok deraadt@
Damien Miller547c2762001-03-12 14:23:52 +11001464 - (djm) Bump portable version number for generating test RPMs
Damien Miller3e292fa2001-03-12 14:47:30 +11001465 - (djm) Add "static_openssl" RPM build option, remove rsh build dependency
Ben Lindstrom9ae2bb62001-03-12 05:16:18 +00001466 - (bal) Reorder includes in Makefile.
Ben Lindstromb54873a2001-03-11 20:01:55 +00001467
Ben Lindstrom329782e2001-03-10 17:08:59 +0000146820010311
1469 - OpenBSD CVS Sync
1470 - markus@cvs.openbsd.org 2001/03/10 12:48:27
1471 [sshconnect2.c]
1472 ignore nonexisting private keys; report rjmooney@mediaone.net
Ben Lindstrom068f3dc2001-03-10 17:15:39 +00001473 - deraadt@cvs.openbsd.org 2001/03/10 12:53:51
1474 [readconf.c ssh_config]
1475 default to SSH2, now that m68k runs fast
Ben Lindstrom00261542001-03-10 17:17:28 +00001476 - stevesk@cvs.openbsd.org 2001/03/10 15:02:05
1477 [ttymodes.c ttymodes.h]
1478 remove unused sgtty macros; ok markus@
Ben Lindstromd20d0f32001-03-10 17:22:20 +00001479 - deraadt@cvs.openbsd.org 2001/03/10 15:31:00
1480 [compat.c compat.h sshconnect.c]
1481 all known netscreen ssh versions, and older versions of OSU ssh cannot
1482 handle password padding (newer OSU is fixed)
Tim Rice7f283fc2001-03-10 16:52:25 -08001483 - tim@mindrot.org 2001/03/10 16:33:42 [configure.in Makefile.in sshd_config]
1484 make sure $bindir is in USER_PATH so scp will work
Ben Lindstromb9be60a2001-03-11 01:49:19 +00001485 - OpenBSD CVS Sync
1486 - markus@cvs.openbsd.org 2001/03/10 17:51:04
1487 [kex.c match.c match.h readconf.c readconf.h sshconnect2.c]
1488 add PreferredAuthentications
Ben Lindstrom329782e2001-03-10 17:08:59 +00001489
Ben Lindstrom5fc62702001-03-09 18:19:24 +0000149020010310
1491 - OpenBSD CVS Sync
1492 - deraadt@cvs.openbsd.org 2001/03/09 03:14:39
1493 [ssh-keygen.c]
1494 create *.pub files with umask 0644, so that you can mv them to
1495 authorized_keys
Ben Lindstromca42d5f2001-03-09 18:25:32 +00001496 - deraadt@cvs.openbsd.org 2001/03/09 12:30:29
1497 [sshd.c]
1498 typo; slade@shore.net
Ben Lindstrom5f5419a2001-03-09 19:48:37 +00001499 - Removed log.o from sftp client. Not needed.
Ben Lindstrom5fc62702001-03-09 18:19:24 +00001500
Ben Lindstroma0384982001-03-08 20:37:22 +0000150120010309
1502 - OpenBSD CVS Sync
1503 - stevesk@cvs.openbsd.org 2001/03/08 18:47:12
1504 [auth1.c]
1505 unused; ok markus@
Ben Lindstrom283cb822001-03-09 00:09:02 +00001506 - stevesk@cvs.openbsd.org 2001/03/08 20:44:48
1507 [sftp.1]
1508 spelling, cleanup; ok deraadt@
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00001509 - markus@cvs.openbsd.org 2001/03/08 21:42:33
1510 [compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
1511 implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
1512 no need to do enter passphrase or do expensive sign operations if the
1513 server does not accept key).
Ben Lindstroma0384982001-03-08 20:37:22 +00001514
Damien Miller058316f2001-03-08 10:08:49 +1100151520010308
1516 - OpenBSD CVS Sync
Ben Lindstromcebc8582001-03-08 03:39:10 +00001517 - djm@cvs.openbsd.org 2001/03/07 10:11:23
1518 [sftp-client.c sftp-client.h sftp-int.c sftp-server.c sftp.1 sftp.c sftp.h]
1519 Support for new draft (draft-ietf-secsh-filexfer-01). New symlink handling
1520 functions and small protocol change.
1521 - markus@cvs.openbsd.org 2001/03/08 00:15:48
1522 [readconf.c ssh.1]
1523 turn off useprivilegedports by default. only rhost-auth needs
1524 this. older sshd's may need this, too.
Kevin Steves52dd4682001-03-08 18:26:57 +00001525 - (stevesk) Reliant Unix (SNI) needs HAVE_BOGUS_SYS_QUEUE_H;
1526 Dirk Markwardt <D.Markwardt@tu-bs.de>
Damien Miller058316f2001-03-08 10:08:49 +11001527
Ben Lindstrome21c4ad2001-03-07 01:23:30 +0000152820010307
1529 - (bal) OpenBSD CVS Sync
1530 - deraadt@cvs.openbsd.org 2001/03/06 06:11:18
1531 [ssh-keyscan.c]
1532 appease gcc
Ben Lindstrom562c26b2001-03-07 01:26:48 +00001533 - deraadt@cvs.openbsd.org 2001/03/06 06:11:44
1534 [sftp-int.c sftp.1 sftp.c]
1535 sftp -b batchfile; mouring@etoh.eviladmin.org
Ben Lindstromc9b6eab2001-03-07 01:29:17 +00001536 - deraadt@cvs.openbsd.org 2001/03/06 15:10:42
1537 [sftp.1]
1538 order things
Ben Lindstromd58eb5f2001-03-07 06:07:22 +00001539 - deraadt@cvs.openbsd.org 2001/03/07 01:19:06
1540 [ssh.1 sshd.8]
1541 the name "secure shell" is boring, noone ever uses it
Ben Lindstromb29e34d2001-03-07 06:08:50 +00001542 - deraadt@cvs.openbsd.org 2001/03/07 04:05:58
1543 [ssh.1]
1544 removed dated comment
Damien Miller8ac0a7e2001-03-07 21:38:19 +11001545 - Cygwin contrib improvements from Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrome21c4ad2001-03-07 01:23:30 +00001546
Ben Lindstromff8b4942001-03-06 01:00:03 +0000154720010306
1548 - (bal) OpenBSD CVS Sync
1549 - deraadt@cvs.openbsd.org 2001/03/05 14:28:47
1550 [sshd.8]
1551 alpha order; jcs@rt.fm
Ben Lindstrom35f1f4e2001-03-06 01:02:41 +00001552 - stevesk@cvs.openbsd.org 2001/03/05 15:44:51
1553 [servconf.c]
1554 sync error message; ok markus@
Ben Lindstromec26fb12001-03-06 01:05:23 +00001555 - deraadt@cvs.openbsd.org 2001/03/05 15:56:16
1556 [myproposal.h ssh.1]
1557 switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
1558 provos & markus ok
Ben Lindstromc78a1872001-03-06 01:06:58 +00001559 - deraadt@cvs.openbsd.org 2001/03/05 16:07:15
1560 [sshd.8]
1561 detail default hmac setup too
Ben Lindstrom4c4f05e2001-03-06 01:09:20 +00001562 - markus@cvs.openbsd.org 2001/03/05 17:17:21
1563 [kex.c kex.h sshconnect2.c sshd.c]
1564 generate a 2*need size (~300 instead of 1024/2048) random private
1565 exponent during the DH key agreement. according to Niels (the great
1566 german advisor) this is safe since /etc/primes contains strong
1567 primes only.
1568
1569 References:
1570 P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key
1571 agreement with short exponents, In Advances in Cryptology
1572 - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
Ben Lindstrom1e621742001-03-06 01:10:53 +00001573 - stevesk@cvs.openbsd.org 2001/03/05 17:40:48
1574 [ssh.1]
1575 more ssh_known_hosts2 documentation; ok markus@
Ben Lindstrombe6a5a62001-03-06 01:13:06 +00001576 - stevesk@cvs.openbsd.org 2001/03/05 17:58:22
1577 [dh.c]
1578 spelling
Ben Lindstromb3144e52001-03-06 03:31:34 +00001579 - deraadt@cvs.openbsd.org 2001/03/06 00:33:04
1580 [authfd.c cli.c ssh-agent.c]
1581 EINTR/EAGAIN handling is required in more cases
Ben Lindstrom884a4ac2001-03-06 03:33:04 +00001582 - millert@cvs.openbsd.org 2001/03/06 01:06:03
1583 [ssh-keyscan.c]
1584 Don't assume we wil get the version string all in one read().
1585 deraadt@ OK'd
Ben Lindstromebc88272001-03-06 03:34:40 +00001586 - millert@cvs.openbsd.org 2001/03/06 01:08:27
1587 [clientloop.c]
1588 If read() fails with EINTR deal with it the same way we treat EAGAIN
Ben Lindstromff8b4942001-03-06 01:00:03 +00001589
Ben Lindstrom6ed8c042001-03-05 03:53:02 +0000159020010305
1591 - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
Ben Lindstrom66e5ecc2001-03-05 06:35:29 +00001592 - (bal) CVS ID touch up on sftp-int.c
Ben Lindstromcf0da402001-03-05 06:42:58 +00001593 - (bal) CVS ID touch up on uuencode.c
Ben Lindstrom9c532442001-03-05 07:33:14 +00001594 - (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
Ben Lindstromb0a4cd82001-03-05 04:54:49 +00001595 - (bal) OpenBSD CVS Sync
Ben Lindstrom53992c72001-03-05 04:47:55 +00001596 - deraadt@cvs.openbsd.org 2001/02/17 23:48:48
1597 [sshd.8]
1598 it's the OpenSSH one
Ben Lindstromb0a4cd82001-03-05 04:54:49 +00001599 - deraadt@cvs.openbsd.org 2001/02/21 07:37:04
1600 [ssh-keyscan.c]
1601 inline -> __inline__, and some indent
Ben Lindstromb257cca2001-03-05 04:59:27 +00001602 - deraadt@cvs.openbsd.org 2001/02/21 09:05:54
1603 [authfile.c]
1604 improve fd handling
Ben Lindstrom36592512001-03-05 05:02:08 +00001605 - deraadt@cvs.openbsd.org 2001/02/21 09:12:56
1606 [sftp-server.c]
1607 careful with & and &&; markus ok
Ben Lindstrom87af95b2001-03-05 05:04:57 +00001608 - stevesk@cvs.openbsd.org 2001/02/21 21:14:04
1609 [ssh.c]
1610 -i supports DSA identities now; ok markus@
Ben Lindstrom33a3cc32001-03-05 05:07:52 +00001611 - deraadt@cvs.openbsd.org 2001/02/22 04:29:37
1612 [servconf.c]
1613 grammar; slade@shore.net
Ben Lindstromb7c92322001-03-05 05:10:52 +00001614 - deraadt@cvs.openbsd.org 2001/02/22 06:43:55
1615 [ssh-keygen.1 ssh-keygen.c]
1616 document -d, and -t defaults to rsa1
Ben Lindstrom7ab51172001-03-05 05:13:38 +00001617 - deraadt@cvs.openbsd.org 2001/02/22 08:03:51
1618 [ssh-keygen.1 ssh-keygen.c]
1619 bye bye -d
Ben Lindstrom531a4452001-03-05 05:17:18 +00001620 - deraadt@cvs.openbsd.org 2001/02/22 18:09:06
1621 [sshd_config]
1622 activate RSA 2 key
Ben Lindstromebd888d2001-03-05 05:49:29 +00001623 - markus@cvs.openbsd.org 2001/02/22 21:57:27
1624 [ssh.1 sshd.8]
1625 typos/grammar from matt@anzen.com
Ben Lindstrom086cf212001-03-05 05:56:40 +00001626 - markus@cvs.openbsd.org 2001/02/22 21:59:44
1627 [auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
1628 use pwcopy in ssh.c, too
Ben Lindstromf4c73112001-03-05 05:58:23 +00001629 - markus@cvs.openbsd.org 2001/02/23 15:34:53
1630 [serverloop.c]
1631 debug2->3
Ben Lindstromeb648a72001-03-05 06:00:29 +00001632 - markus@cvs.openbsd.org 2001/02/23 18:15:13
1633 [sshd.c]
1634 the random session key depends now on the session_key_int
1635 sent by the 'attacker'
1636 dig1 = md5(cookie|session_key_int);
1637 dig2 = md5(dig1|cookie|session_key_int);
1638 fake_session_key = dig1|dig2;
1639 this change is caused by a mail from anakin@pobox.com
1640 patch based on discussions with my german advisor niels@openbsd.org
Ben Lindstromb00d4fb2001-03-05 06:03:03 +00001641 - deraadt@cvs.openbsd.org 2001/02/24 10:37:55
1642 [readconf.c]
1643 look for id_rsa by default, before id_dsa
Ben Lindstrom4b00c8b2001-03-05 06:05:35 +00001644 - deraadt@cvs.openbsd.org 2001/02/24 10:37:26
1645 [sshd_config]
1646 ssh2 rsa key before dsa key
Ben Lindstrom6a5cde02001-03-05 06:07:00 +00001647 - markus@cvs.openbsd.org 2001/02/27 10:35:27
1648 [packet.c]
1649 fix random padding
Ben Lindstrom5de86cc2001-03-05 06:08:19 +00001650 - markus@cvs.openbsd.org 2001/02/27 11:00:11
1651 [compat.c]
1652 support SSH-2.0-2.1 ; from Christophe_Moret@hp.com
Ben Lindstrom06909012001-03-05 06:09:31 +00001653 - deraadt@cvs.openbsd.org 2001/02/28 05:34:28
1654 [misc.c]
1655 pull in protos
Ben Lindstromec19a402001-03-05 06:12:01 +00001656 - deraadt@cvs.openbsd.org 2001/02/28 05:36:28
1657 [sftp.c]
1658 do not kill the subprocess on termination (we will see if this helps
1659 things or hurts things)
Ben Lindstrome9613cf2001-03-05 06:14:02 +00001660 - markus@cvs.openbsd.org 2001/02/28 08:45:39
1661 [clientloop.c]
1662 fix byte counts for ssh protocol v1
Ben Lindstrom7fbd4552001-03-05 06:16:11 +00001663 - markus@cvs.openbsd.org 2001/02/28 08:54:55
1664 [channels.c nchan.c nchan.h]
1665 make sure remote stderr does not get truncated.
1666 remove closed fd's from the select mask.
Ben Lindstrom5699c5f2001-03-05 06:17:49 +00001667 - markus@cvs.openbsd.org 2001/02/28 09:57:07
1668 [packet.c packet.h sshconnect2.c]
1669 in ssh protocol v2 use ignore messages for padding (instead of
1670 trailing \0).
Ben Lindstromcc74df72001-03-05 06:20:14 +00001671 - markus@cvs.openbsd.org 2001/02/28 12:55:07
1672 [channels.c]
1673 unify debug messages
Ben Lindstrom40304422001-03-05 06:22:01 +00001674 - deraadt@cvs.openbsd.org 2001/02/28 17:52:54
1675 [misc.c]
1676 for completeness, copy pw_gecos too
Ben Lindstrom941ac822001-03-05 06:25:23 +00001677 - markus@cvs.openbsd.org 2001/02/28 21:21:41
1678 [sshd.c]
1679 generate a fake session id, too
Ben Lindstrome229b252001-03-05 06:28:06 +00001680 - markus@cvs.openbsd.org 2001/02/28 21:27:48
1681 [channels.c packet.c packet.h serverloop.c]
1682 use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message
1683 use random content in ignore messages.
Ben Lindstromb40204b2001-03-05 06:29:44 +00001684 - markus@cvs.openbsd.org 2001/02/28 21:31:32
1685 [channels.c]
1686 typo
Ben Lindstromafd34752001-03-05 06:33:23 +00001687 - deraadt@cvs.openbsd.org 2001/03/01 02:11:25
1688 [authfd.c]
1689 split line so that p will have an easier time next time around
Ben Lindstrom0ab2a012001-03-05 06:45:21 +00001690 - deraadt@cvs.openbsd.org 2001/03/01 02:29:04
1691 [ssh.c]
1692 shorten usage by a line
Ben Lindstrom204e4882001-03-05 06:47:00 +00001693 - deraadt@cvs.openbsd.org 2001/03/01 02:45:10
1694 [auth-rsa.c auth2.c deattack.c packet.c]
1695 KNF
Ben Lindstromb22c2b82001-03-05 06:50:47 +00001696 - deraadt@cvs.openbsd.org 2001/03/01 03:38:33
1697 [cli.c cli.h rijndael.h ssh-keyscan.1]
1698 copyright notices on all source files
Ben Lindstrom4040fe12001-03-05 06:52:57 +00001699 - markus@cvs.openbsd.org 2001/03/01 22:46:37
1700 [ssh.c]
1701 don't truncate remote ssh-2 commands; from mkubita@securities.cz
1702 use min, not max for logging, fixes overflow.
Ben Lindstrom49a098d2001-03-05 06:55:18 +00001703 - deraadt@cvs.openbsd.org 2001/03/02 06:21:01
1704 [sshd.8]
1705 explain SIGHUP better
Ben Lindstromd7f5b512001-03-05 06:57:23 +00001706 - deraadt@cvs.openbsd.org 2001/03/02 09:42:49
1707 [sshd.8]
1708 doc the dsa/rsa key pair files
Ben Lindstrom92a2e382001-03-05 06:59:27 +00001709 - deraadt@cvs.openbsd.org 2001/03/02 18:54:31
1710 [atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
1711 scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
1712 ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
1713 make copyright lines the same format
Ben Lindstromd20b8552001-03-05 07:01:18 +00001714 - deraadt@cvs.openbsd.org 2001/03/03 06:53:12
1715 [ssh-keyscan.c]
1716 standard theo sweep
Ben Lindstromc1e04212001-03-05 07:04:38 +00001717 - millert@cvs.openbsd.org 2001/03/03 21:19:41
1718 [ssh-keyscan.c]
1719 Dynamically allocate read_wait and its copies. Since maxfd is
1720 based on resource limits it is often (usually?) larger than FD_SETSIZE.
Ben Lindstromcb80bdf2001-03-05 07:06:12 +00001721 - millert@cvs.openbsd.org 2001/03/03 21:40:30
1722 [sftp-server.c]
1723 Dynamically allocate fd_set; deraadt@ OK
Ben Lindstromcb978aa2001-03-05 07:07:49 +00001724 - millert@cvs.openbsd.org 2001/03/03 21:41:07
1725 [packet.c]
1726 Dynamically allocate fd_set; deraadt@ OK
Ben Lindstrom1addabd2001-03-05 07:09:11 +00001727 - deraadt@cvs.openbsd.org 2001/03/03 22:07:50
1728 [sftp-server.c]
1729 KNF
Ben Lindstrom46d6e092001-03-05 07:10:47 +00001730 - markus@cvs.openbsd.org 2001/03/03 23:52:22
1731 [sftp.c]
1732 clean up arg processing. based on work by Christophe_Moret@hp.com
Ben Lindstrom8a432f52001-03-05 07:24:46 +00001733 - markus@cvs.openbsd.org 2001/03/03 23:59:34
1734 [log.c ssh.c]
1735 log*.c -> log.c
Ben Lindstromb1131e92001-03-05 07:27:13 +00001736 - markus@cvs.openbsd.org 2001/03/04 00:03:59
1737 [channels.c]
1738 debug1->2
Ben Lindstrom3d73a342001-03-05 07:39:01 +00001739 - stevesk@cvs.openbsd.org 2001/03/04 10:57:53
1740 [ssh.c]
1741 add -m to usage; ok markus@
Ben Lindstrom323c98f2001-03-05 07:40:40 +00001742 - stevesk@cvs.openbsd.org 2001/03/04 11:04:41
1743 [sshd.8]
1744 small cleanup and clarify for PermitRootLogin; ok markus@
Ben Lindstromd9cae222001-03-05 07:42:03 +00001745 - stevesk@cvs.openbsd.org 2001/03/04 11:16:06
1746 [servconf.c sshd.8]
1747 kill obsolete RandomSeed; ok markus@ deraadt@
Ben Lindstromfafea182001-03-05 07:43:27 +00001748 - stevesk@cvs.openbsd.org 2001/03/04 12:54:04
1749 [sshd.8]
1750 spelling
Ben Lindstrom6df8ef42001-03-05 07:47:23 +00001751 - millert@cvs.openbsd.org 2001/03/04 17:42:28
1752 [authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
1753 ssh.c sshconnect.c sshd.c]
1754 log functions should not be passed strings that end in newline as they
1755 get passed on to syslog() and when logging to stderr, do_log() appends
1756 its own newline.
Ben Lindstromfd2e05b2001-03-05 07:48:45 +00001757 - deraadt@cvs.openbsd.org 2001/03/04 18:21:28
1758 [sshd.8]
1759 list SSH2 ciphers
Ben Lindstrom0f68db42001-03-05 07:57:09 +00001760 - (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy()
Ben Lindstrom2d9bfb12001-03-05 08:16:54 +00001761 - (bal) Fix up logging since it changed. removed log-*.c
Damien Miller30246a82001-03-05 21:23:31 +11001762 - (djm) Fix up LOG_AUTHPRIV for systems that have it
Kevin Steves935aa242001-03-05 19:46:37 +00001763 - (stevesk) OpenBSD sync:
1764 - deraadt@cvs.openbsd.org 2001/03/05 08:37:27
1765 [ssh-keyscan.c]
1766 skip inlining, why bother
Kevin Steves12888d12001-03-05 19:50:57 +00001767 - (stevesk) sftp.c: handle __progname
Ben Lindstrom6ed8c042001-03-05 03:53:02 +00001768
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +0000176920010304
1770 - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
Ben Lindstromcfb93702001-03-03 21:43:19 +00001771 - (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and
1772 give Mark Roth credit for mdoc2man.pl
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +00001773
Damien Miller459ac4b2001-03-03 20:00:36 +1100177420010303
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +00001775 - (djm) Remove make-ssh-known-hosts.pl, ssh-keyscan is better.
1776 - (djm) Document PAM ChallengeResponseAuthentication in sshd.8
1777 - (djm) Disable and comment ChallengeResponseAuthentication in sshd_config
1778 - (djm) Allow PRNGd entropy collection from localhost TCP socket. Replace
Damien Millerd0ccb982001-03-04 00:29:20 +11001779 "--with-egd-pool" configure option with "--with-prngd-socket" and
1780 "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
1781 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller459ac4b2001-03-03 20:00:36 +11001782
Damien Miller95aa2d62001-03-01 09:16:11 +1100178320010301
1784 - (djm) Properly add -lcrypt if needed.
Damien Miller882c2ee2001-03-01 09:18:57 +11001785 - (djm) Force standard PAM conversation function in a few more places.
1786 Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai
1787 <nalin@redhat.com>
Damien Millerb5b62182001-03-01 09:48:13 +11001788 - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen
1789 <vinschen@redhat.com>
Damien Miller9de5f052001-03-01 11:09:42 +11001790 - (djm) Released 2.5.1p2
Damien Miller95aa2d62001-03-01 09:16:11 +11001791
Damien Miller4df5c762001-02-28 08:14:22 +1100179220010228
1793 - (djm) Detect endianness in configure and use it in rijndael.c. Fixes
1794 "Bad packet length" bugs.
Damien Millerefb71792001-02-28 11:48:06 +11001795 - (djm) Fully revert PAM session patch (again). All PAM session init is
1796 now done before the final fork().
Damien Miller3d8ae612001-02-28 12:49:38 +11001797 - (djm) EGD detection patch from Tim Rice <tim@multitalents.net>
Damien Millere8546622001-02-28 12:51:18 +11001798 - (djm) Remove /tmp from EGD socket search list
Damien Miller4df5c762001-02-28 08:14:22 +11001799
Damien Millerfbd884a2001-02-27 08:39:07 +1100180020010227
Ben Lindstrom10b9bf92001-02-26 20:04:45 +00001801 - (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen
1802 <vinschen@redhat.com>
Ben Lindstrom7603b2d2001-02-26 20:13:32 +00001803 - (bal) OpenBSD Sync
1804 - markus@cvs.openbsd.org 2001/02/23 15:37:45
1805 [session.c]
1806 handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
Ben Lindstrom0c100872001-02-26 20:38:53 +00001807 - (bal) sshd.init support for all Redhat release. Patch by Jim Knoble
1808 <jmknoble@jmknoble.cx>
Ben Lindstromdd784b22001-02-26 22:11:59 +00001809 - (djm) Fix up POSIX saved uid support. Report from Mark Miller
1810 <markm@swoon.net>
1811 - (djm) Search for -lcrypt on FreeBSD too
Damien Miller767c7fc2001-02-27 09:20:57 +11001812 - (djm) fatal() on OpenSSL version mismatch
Damien Miller5a761312001-02-27 09:28:23 +11001813 - (djm) Move PAM init to after fork for non-Solaris derived PAMs
Damien Miller248131a2001-02-27 09:47:16 +11001814 - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
1815 <markm@swoon.net>
Damien Miller7bd1c622001-02-27 10:48:01 +11001816 - (djm) Fix PAM fix
Damien Miller9b405802001-02-27 10:53:00 +11001817 - (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This
1818 change is being made as 2.5.x configfiles are not back-compatible with
Damien Miller0bcf9ea2001-02-27 14:03:30 +11001819 2.3.x.
1820 - (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller
1821 <markm@swoon.net>
Damien Miller6007f192001-02-27 14:42:58 +11001822 - (djm) Open Server 5 doesn't need BROKEN_SAVED_UIDS. Patch from Tim Rice
1823 <tim@multitalents.net>
1824 - (djm) Avoid multiple definition of _PATH_LS. Patch from Tim Rice
1825 <tim@multitalents.net>
Ben Lindstrom10b9bf92001-02-26 20:04:45 +00001826
182720010226
Ben Lindstrom63941f92001-02-25 23:20:40 +00001828 - (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.
Damien Millerbb7c9762001-02-26 20:49:58 +11001829 - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
1830 Based on patch from Tim Rice <tim@multitalents.net>
Ben Lindstrom63941f92001-02-25 23:20:40 +00001831
Damien Miller73bb0582001-02-25 09:36:29 +1100183220010225
1833 - (djm) Use %{_libexecdir} rather than hardcoded path in RPM specfile
1834 Patch from Adrian Ho <lexfiend@usa.net>
Ben Lindstrom416d8742001-02-25 02:02:43 +00001835 - (bal) Replace 'unsigned long long' to 'u_int64_t' since not every
1836 platform defines u_int64_t as being that.
Damien Miller73bb0582001-02-25 09:36:29 +11001837
Ben Lindstrom65981152001-02-24 00:05:29 +0000183820010224
Ben Lindstrom8697e082001-02-24 21:41:10 +00001839 - (bal) Missed part of the UNIX sockets patch. Patch by Corinna
1840 Vinschen <vinschen@redhat.com>
1841 - (bal) Reorder where 'strftime' is detected to resolve linking
1842 issues on SCO. Patch by Tim Rice <tim@multitalents.net>
1843
184420010224
Ben Lindstrom65981152001-02-24 00:05:29 +00001845 - (bal) pam_stack fix to correctly detect between RH7 and older RHs.
1846 Patch by Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom803f16c2001-02-24 00:24:19 +00001847 - (bal) Renamed sigaction.[ch] to sigact.[ch]. Causes problems with
1848 some platforms.
Ben Lindstrom38e60932001-02-24 00:55:04 +00001849 - (bal) Generalize lack of UNIX sockets since this also effects Cray
1850 not just Cygwin. Based on patch by Wendy Palm <wendyp@cray.com>
Ben Lindstrom65981152001-02-24 00:05:29 +00001851
Ben Lindstrom008e2912001-02-23 04:45:15 +0000185220010223
1853 - (bal) Fix --define rh7 in openssh.spec file. Patch by Steve Tell
1854 <tell@telltronics.org>
Ben Lindstrom379f2052001-02-23 04:55:46 +00001855 - (bal) Patch to force OpenSSH rpm to require the same version of OpenSSL
1856 that it was compiled against. Patch by Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom4ef92b52001-02-23 05:05:53 +00001857 - (bal) Double -I for OpenSSL on SCO. Patch by Tim Rice
1858 <tim@multitalents.net>
Ben Lindstrom008e2912001-02-23 04:45:15 +00001859
Ben Lindstrome1bd29b2001-02-21 20:00:28 +0000186020010222
1861 - (bal) Corrected SCO luid patch by svaughan <svaughan@asterion.com>
Ben Lindstrome68c5672001-02-22 06:20:10 +00001862 - (bal) Added mdoc2man.pl from Mark Roth <roth@feep.net>
1863 - (bal) Removed reference to liblogin from contrib/README. It was
1864 integrated into OpenSSH a long while ago.
Kevin Steves77aeaaf2001-02-22 21:23:21 +00001865 - (stevesk) remove erroneous #ifdef sgi code.
1866 Michael Stone <mstone@cs.loyola.edu>
Ben Lindstrome1bd29b2001-02-21 20:00:28 +00001867
Ben Lindstrom866488b2001-02-20 18:22:38 +0000186820010221
1869 - (bal) Removed -L/usr/ucblib -R/usr/ucblib for Solaris platform.
Ben Lindstrom5eff0312001-02-21 02:35:37 +00001870 - (bal) Fixed OpenSSL rework to use $saved_*. Patch by Tim Rice
1871 <tim@multitalents.net>
Ben Lindstrom94bce402001-02-21 05:53:33 +00001872 - (bal) Reverted out of 2001/02/15 patch by djm below because it
1873 breaks Solaris.
1874 - (djm) Move PAM session setup back to before setuid to user.
1875 fixes problems on Solaris-drived PAMs.
Kevin Stevesff793a22001-02-21 16:36:51 +00001876 - (stevesk) session.c: back out to where we were before:
1877 - (djm) Move PAM session initialisation until after fork in sshd. Patch
1878 from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom5eff0312001-02-21 02:35:37 +00001879
Ben Lindstrom4ffaad82001-02-19 19:54:43 +0000188020010220
1881 - (bal) Fix mixed up params to memmove() from Jan 5th in setenv.c and
1882 getcwd.c.
Ben Lindstroma9a29e12001-02-20 01:20:47 +00001883 - (bal) OpenBSD CVS Sync:
1884 - deraadt@cvs.openbsd.org 2001/02/19 23:09:05
1885 [sshd.c]
1886 clarify message to make it not mention "ident"
Ben Lindstrom4ffaad82001-02-19 19:54:43 +00001887
Ben Lindstromd95c09c2001-02-18 19:13:33 +0000188820010219
1889 - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and
1890 pty.[ch] -> sshpty.[ch]
Damien Millerccdefb62001-02-19 12:56:39 +11001891 - (djm) Rework search for OpenSSL location. Skip directories which don't
1892 exist, don't add -L$ssldir/lib if it doesn't exist. Should help SCO
1893 with its limit of 6 -L options.
Damien Miller7387fdb2001-02-19 21:51:49 +11001894 - OpenBSD CVS Sync:
1895 - reinhard@cvs.openbsd.org 2001/02/17 08:24:40
1896 [sftp.1]
1897 typo
1898 - deraadt@cvs.openbsd.org 2001/02/17 16:28:58
1899 [ssh.c]
1900 cleanup -V output; noted by millert
1901 - deraadt@cvs.openbsd.org 2001/02/17 16:48:48
1902 [sshd.8]
1903 it's the OpenSSH one
1904 - markus@cvs.openbsd.org 2001/02/18 11:33:54
1905 [dispatch.c]
1906 typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi
1907 - markus@cvs.openbsd.org 2001/02/19 02:53:32
1908 [compat.c compat.h serverloop.c]
1909 ssh-1.2.{18-22} has broken handling of ignore messages; report from
1910 itojun@
1911 - markus@cvs.openbsd.org 2001/02/19 03:35:23
1912 [version.h]
1913 OpenSSH_2.5.1 adds bug compat with 1.2.{18-22}
1914 - deraadt@cvs.openbsd.org 2001/02/19 03:36:25
1915 [scp.c]
1916 np is changed by recursion; vinschen@redhat.com
1917 - Update versions in RPM spec files
1918 - Release 2.5.1p1
Ben Lindstromd95c09c2001-02-18 19:13:33 +00001919
Ben Lindstrom6dc75f52001-02-17 16:47:47 +0000192020010218
1921 - (bal) Patch for fix FCHMOD reference in ftp-client.c by Tim Rice
1922 <tim@multitalents.net>
Ben Lindstrom970c0092001-02-17 16:51:07 +00001923 - (Bal) Patch for lack of RA_RESTART in misc.c for mysignal by
1924 stevesk
Damien Miller2deb3f62001-02-18 12:30:55 +11001925 - (djm) Fix my breaking of cygwin builds, Patch from Corinna Vinschen
1926 <vinschen@redhat.com> and myself.
Damien Miller0a4e27d2001-02-18 12:36:39 +11001927 - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz
1928 Miskiewicz <misiek@pld.ORG.PL>
Damien Millerb3ffc5f2001-02-18 12:44:29 +11001929 - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from
1930 Todd C. Miller <Todd.Miller@courtesan.com>
Damien Miller99e92432001-02-18 12:49:35 +11001931 - (djm) Use ttyname() to determine name of tty returned by openpty()
1932 rather then risking overflow. Patch from Marek Michalkiewicz
1933 <marekm@amelek.gda.pl>
Damien Miller22d5aa72001-02-18 12:49:57 +11001934 - (djm) Swapped tests for no_libsocket and no_libnsl in configure.in.
1935 Patch from Marek Michalkiewicz <marekm@amelek.gda.pl>
Damien Miller86093322001-02-18 12:58:24 +11001936 - (djm) Doc fixes from Pekka Savola <pekkas@netcore.fi>
Damien Miller0318e2e2001-02-18 13:04:23 +11001937 - (djm) Use SA_INTERRUPT along SA_RESTART if present (equivalent for
1938 SunOS)
Damien Millerdf288022001-02-18 13:07:07 +11001939 - (djm) SCO needs librpc for libwrap. Patch from Tim Rice
1940 <tim@multitalents.net>
Kevin Steveseff26f22001-02-18 03:42:02 +00001941 - (stevesk) misc.c: cpp rework of SA_(INTERRUPT|RESTART) handling.
Kevin Steves93c17d92001-02-18 03:55:16 +00001942 - (stevesk) scp.c: use mysignal() for updateprogressmeter() handler.
Damien Miller722ccb12001-02-18 15:18:43 +11001943 - (djm) SA_INTERRUPT is the converse of SA_RESTART, apply it only for
1944 SIGALRM.
Damien Millera1072a82001-02-18 15:28:11 +11001945 - (djm) Move entropy.c over to mysignal()
Damien Miller877d8ea2001-02-18 15:29:28 +11001946 - (djm) SunOS 4.x also needs to define HAVE_BOGUS_SYS_QUEUE_H as it has
1947 a <sys/queue.h> that lacks the TAILQ_* macros. Patch from Todd C.
1948 Miller <Todd.Miller@courtesan.com>
Damien Miller75da9a92001-02-18 15:43:07 +11001949 - (djm) Update RPM spec files for 2.5.0p1
Damien Millerc32a5b12001-02-18 23:50:38 +11001950 - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
1951 enable with --with-bsd-auth.
Kevin Steves4679f5b2001-02-18 11:34:32 +00001952 - (stevesk) entropy.c: typo; should be SIGPIPE
Ben Lindstrom6dc75f52001-02-17 16:47:47 +00001953
Ben Lindstrom813f9402001-02-16 15:56:31 +0000195420010217
1955 - (bal) OpenBSD Sync:
1956 - markus@cvs.openbsd.org 2001/02/16 13:38:18
1957 [channel.c]
1958 remove debug
Ben Lindstrom8dcdeb82001-02-16 16:02:14 +00001959 - markus@cvs.openbsd.org 2001/02/16 14:03:43
1960 [session.c]
1961 proper payload-length check for x11 w/o screen-number
Ben Lindstrom813f9402001-02-16 15:56:31 +00001962
Ben Lindstrom4e5a0aa2001-02-15 18:16:22 +0000196320010216
1964 - (bal) added '--with-prce' to allow overriding of system regex when
1965 required (tested by David Dulek <ddulek@fastenal.com>)
Ben Lindstrom58055132001-02-15 18:34:29 +00001966 - (bal) Added DG/UX case and set that they have a broken IPTOS.
Damien Millerc547bf12001-02-16 10:18:12 +11001967 - (djm) Mini-configure reorder patch from Tim Rice <tim@multitalents.net>
1968 Fixes linking on SCO.
Damien Millerb5e85a52001-02-16 11:18:58 +11001969 - (djm) Make gnome-ssh-askpass handle multi-line prompts. Patch from
1970 Nalin Dahyabhai <nalin@redhat.com>
1971 - (djm) BSD license for gnome-ssh-askpass (was X11)
1972 - (djm) KNF on gnome-ssh-askpass
Damien Miller5dfe9762001-02-16 12:05:39 +11001973 - (djm) USE_PIPES for a few more sysv platforms
1974 - (djm) Cleanup configure.in a little
1975 - (djm) Ask users to check config.log when we can't find necessary libs
Damien Miller217f5672001-02-16 12:12:41 +11001976 - (djm) Set "login ID" on systems with setluid. Only enabled for SCO
1977 OpenServer for now. Based on patch from svaughan <svaughan@asterion.com>
Damien Miller79438cc2001-02-16 12:34:57 +11001978 - (djm) OpenBSD CVS:
1979 - markus@cvs.openbsd.org 2001/02/15 16:19:59
1980 [channels.c channels.h serverloop.c sshconnect.c sshconnect.h]
1981 [sshconnect1.c sshconnect2.c]
1982 genericize password padding function for SSH1 and SSH2.
1983 add stylized echo to 2, too.
1984 - (djm) Add roundup() macro to defines.h
Kevin Steves799bed82001-02-16 14:58:12 +00001985 - (stevesk) set SA_RESTART flag in mysignal() for SIGCHLD;
1986 needed on Unixware 2.x.
Ben Lindstrom4e5a0aa2001-02-15 18:16:22 +00001987
Damien Millere8b5b042001-02-15 11:32:15 +1100198820010215
1989 - (djm) Move PAM session setup back to before setuid to user. Fixes
1990 problems on Solaris-derived PAMs.
Damien Miller646aa602001-02-15 11:51:32 +11001991 - (djm) Clean up PAM namespace. Suggested by Darren Moffat
1992 <Darren.Moffat@eng.sun.com>
Ben Lindstrom4272ed82001-02-15 02:36:46 +00001993 - (bal) Sync w/ OpenSSH for new release
1994 - markus@cvs.openbsd.org 2001/02/12 12:45:06
1995 [sshconnect1.c]
1996 fix xmalloc(0), ok dugsong@
Ben Lindstrom06b33aa2001-02-15 03:01:59 +00001997 - markus@cvs.openbsd.org 2001/02/11 12:59:25
1998 [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
1999 sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
2000 1) clean up the MAC support for SSH-2
2001 2) allow you to specify the MAC with 'ssh -m'
2002 3) or the 'MACs' keyword in ssh(d)_config
2003 4) add hmac-{md5,sha1}-96
2004 ok stevesk@, provos@
Ben Lindstromd8a90212001-02-15 03:08:27 +00002005 - markus@cvs.openbsd.org 2001/02/12 16:16:23
2006 [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
2007 ssh-keygen.c sshd.8]
2008 PermitRootLogin={yes,without-password,forced-commands-only,no}
2009 (before this change, root could login even if PermitRootLogin==no)
Ben Lindstrom0a7e3542001-02-15 03:50:49 +00002010 - deraadt@cvs.openbsd.org 2001/02/12 22:56:09
Ben Lindstromf9452512001-02-15 03:12:08 +00002011 [clientloop.c packet.c ssh-keyscan.c]
2012 deal with EAGAIN/EINTR selects which were skipped
Ben Lindstrom0a7e3542001-02-15 03:50:49 +00002013 - markus@cvs.openssh.org 2001/02/13 22:49:40
2014 [auth1.c auth2.c]
2015 setproctitle(user) only if getpwnam succeeds
2016 - markus@cvs.openbsd.org 2001/02/12 23:26:20
2017 [sshd.c]
2018 missing memset; from solar@openwall.com
2019 - stevesk@cvs.openbsd.org 2001/02/12 20:53:33
2020 [sftp-int.c]
2021 lumask now works with 1 numeric arg; ok markus@, djm@
2022 - djm@cvs.openbsd.org 2001/02/14 9:46:03
2023 [sftp-client.c sftp-int.c sftp.1]
2024 Fix and document 'preserve modes & times' option ('-p' flag in sftp);
2025 ok markus@
Damien Miller09214542001-02-15 15:33:17 +11002026 - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN.
2027 - (djm) Move to Jim's 1.2.0 X11 askpass program
Kevin Stevesb7f036f2001-02-15 17:27:15 +00002028 - (stevesk) OpenBSD sync:
2029 - deraadt@cvs.openbsd.org 2001/02/15 01:38:04
2030 [serverloop.c]
2031 indent
Damien Miller09214542001-02-15 15:33:17 +11002032
Damien Miller3dfeee42001-02-14 00:43:55 +1100203320010214
2034 - (djm) Don't try to close PAM session or delete credentials if the
2035 session has not been open or credentials not set. Based on patch from
2036 Andrew Bartlett <abartlet@pcug.org.au>
Damien Miller6b4146a2001-02-14 00:45:51 +11002037 - (djm) Move PAM session initialisation until after fork in sshd. Patch
2038 from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom116b6bd2001-02-13 14:05:59 +00002039 - (bal) Missing function prototype in bsd-snprintf.c patch by
2040 Mark Miller <markm@swoon.net>
Damien Miller92ddb7d2001-02-14 01:25:23 +11002041 - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams
2042 <cmadams@hiwaay.net> with a little modification and KNF.
Kevin Steves7fafa5c2001-02-13 18:45:00 +00002043 - (stevesk) fix for SIA patch, misplaced session_setup_sia()
Damien Miller3dfeee42001-02-14 00:43:55 +11002044
Ben Lindstrom5d8520a2001-02-12 15:57:18 +0000204520010213
Damien Millerd8ab0d42001-02-13 12:11:17 +11002046 - (djm) Only test -S potential EGD sockets if they exist and are readable.
Ben Lindstrom6c92dab2001-02-13 02:18:50 +00002047 - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and
2048 I did a base KNF over the whe whole file to make it more acceptable.
2049 (backed out of original patch and removed it from ChangeLog)
Ben Lindstrom34bb0c72001-02-13 02:40:56 +00002050 - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by
2051 Tim Rice <tim@multitalents.net>
Kevin Stevesbca8c8f2001-02-13 11:26:21 +00002052 - (stevesk) auth1.c: fix PAM passwordless check.
Ben Lindstrom5d8520a2001-02-12 15:57:18 +00002053
Damien Miller070ca312001-02-12 09:34:17 +1100205420010212
2055 - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1",
2056 --define "skip_gnome_askpass 1", --define "rh7 1" and make the
2057 implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from
2058 Pekka Savola <pekkas@netcore.fi>
Damien Millerf1720202001-02-12 11:15:41 +11002059 - (djm) Clean up PCRE text in INSTALL
Damien Miller61ce0362001-02-12 18:02:23 +11002060 - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby
2061 <mib@unimelb.edu.au>
Ben Lindstrom603bdfd2001-02-12 07:29:45 +00002062 - (bal) NCR SVR4 compatiblity provide by Don Bragg <thewizarddon@yahoo.com>
Kevin Steves7f982bf2001-02-12 15:07:52 +00002063 - (stevesk) session.c: remove debugging code.
Damien Miller070ca312001-02-12 09:34:17 +11002064
Ben Lindstromf79aeff2001-02-10 21:27:11 +0000206520010211
2066 - (bal) OpenBSD Sync
2067 - markus@cvs.openbsd.org 2001/02/07 22:35:46
2068 [auth1.c auth2.c sshd.c]
2069 move k_setpag() to a central place; ok dugsong@
Ben Lindstromd1f20ec2001-02-10 21:31:53 +00002070 - markus@cvs.openbsd.org 2001/02/10 12:52:02
2071 [auth2.c]
2072 offer passwd before s/key
Ben Lindstrom075390a2001-02-10 21:34:46 +00002073 - markus@cvs.openbsd.org 2001/02/8 22:37:10
2074 [canohost.c]
2075 remove last call to sprintf; ok deraadt@
Ben Lindstrom874a0b32001-02-10 21:39:49 +00002076 - markus@cvs.openbsd.org 2001/02/10 1:33:32
2077 [canohost.c]
2078 add debug message, since sshd blocks here if DNS is not available
Ben Lindstromfdc9ab02001-02-10 21:45:02 +00002079 - markus@cvs.openbsd.org 2001/02/10 12:44:02
2080 [cli.c]
2081 don't call vis() for \r
Ben Lindstrom550bc542001-02-10 21:50:00 +00002082 - danh@cvs.openbsd.org 2001/02/10 0:12:43
2083 [scp.c]
2084 revert a small change to allow -r option to work again; ok deraadt@
2085 - danh@cvs.openbsd.org 2001/02/10 15:14:11
2086 [scp.c]
2087 fix memory leak; ok markus@
Ben Lindstrom27cb1d02001-02-10 21:59:35 +00002088 - djm@cvs.openbsd.org 2001/02/10 0:45:52
2089 [scp.1]
2090 Mention that you can quote pathnames with spaces in them
Ben Lindstrom8fd10b02001-02-10 22:11:13 +00002091 - markus@cvs.openbsd.org 2001/02/10 1:46:28
2092 [ssh.c]
2093 remove mapping of argv[0] -> hostname
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00002094 - markus@cvs.openbsd.org 2001/02/06 22:26:17
2095 [sshconnect2.c]
2096 do not ask for passphrase in batch mode; report from ejb@ql.org
2097 - itojun@cvs.opebsd.org 2001/02/08 10:47:05
Kevin Steves43276862001-02-11 13:56:43 +00002098 [sshconnect.c sshconnect1.c sshconnect2.c]
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00002099 %.30s is too short for IPv6 numeric address. use %.128s for now.
2100 markus ok
2101 - markus@cvs.openbsd.org 2001/02/09 12:28:35
2102 [sshconnect2.c]
2103 do not free twice, thanks to /etc/malloc.conf
2104 - markus@cvs.openbsd.org 2001/02/09 17:10:53
2105 [sshconnect2.c]
2106 partial success: debug->log; "Permission denied" if no more auth methods
2107 - markus@cvs.openbsd.org 2001/02/10 12:09:21
2108 [sshconnect2.c]
2109 remove some lines
Ben Lindstrom36d7bd02001-02-10 22:27:19 +00002110 - markus@cvs.openbsd.org 2001/02/09 13:38:07
2111 [auth-options.c]
2112 reset options if no option is given; from han.holl@prismant.nl
Ben Lindstromb3211a82001-02-10 22:33:19 +00002113 - markus@cvs.openbsd.org 2001/02/08 21:58:28
2114 [channels.c]
2115 nuke sprintf, ok deraadt@
2116 - markus@cvs.openbsd.org 2001/02/08 21:58:28
2117 [channels.c]
2118 nuke sprintf, ok deraadt@
Ben Lindstrom9d3a8592001-02-10 22:44:12 +00002119 - markus@cvs.openbsd.org 2001/02/06 22:43:02
2120 [clientloop.h]
2121 remove confusing callback code
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +00002122 - deraadt@cvs.openbsd.org 2001/02/08 14:39:36
2123 [readconf.c]
2124 snprintf
Ben Lindstrom28072eb2001-02-10 23:13:41 +00002125 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
2126 sync with netbsd tree changes.
2127 - more strict prototypes, include necessary headers
2128 - use paths.h/pathnames.h decls
2129 - size_t typecase to int -> u_long
Ben Lindstromc791beb2001-02-10 23:18:11 +00002130 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
2131 [ssh-keyscan.c]
2132 fix size_t -> int cast (use u_long). markus ok
2133 - markus@cvs.openbsd.org 2001/02/07 22:43:16
2134 [ssh-keyscan.c]
2135 s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com
2136 - itojun@cvs.openbsd.org 2001/02/09 9:04:59
2137 [ssh-keyscan.c]
2138 do not assume malloc() returns zero-filled region. found by
2139 malloc.conf=AJ.
Ben Lindstromb6c06d92001-02-10 23:21:09 +00002140 - markus@cvs.openbsd.org 2001/02/08 22:35:30
2141 [sshconnect.c]
2142 don't connect if batch_mode is true and stricthostkeychecking set to
2143 'ask'
Ben Lindstrome9d04442001-02-10 23:26:35 +00002144 - djm@cvs.openbsd.org 2001/02/04 21:26:07
2145 [sshd_config]
2146 type: ok markus@
2147 - deraadt@cvs.openbsd.org 2001/02/06 22:07:50
2148 [sshd_config]
2149 enable sftp-server by default
Ben Lindstroma905ecd2001-02-10 23:34:54 +00002150 - deraadt 2001/02/07 8:57:26
2151 [xmalloc.c]
2152 deal with new ANSI malloc stuff
2153 - markus@cvs.openbsd.org 2001/02/07 16:46:08
2154 [xmalloc.c]
2155 typo in fatal()
2156 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
2157 [xmalloc.c]
2158 fix size_t -> int cast (use u_long). markus ok
Ben Lindstromaa630de2001-02-10 23:44:47 +00002159 - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong
2160 [serverloop.c sshconnect1.c]
2161 mitigate SSH1 traffic analysis - from Solar Designer
2162 <solar@openwall.com>, ok provos@
Ben Lindstromb3211a82001-02-10 22:33:19 +00002163 - (bal) fixed sftp-client.c. Return 'status' instead of '0'
2164 (from the OpenBSD tree)
Ben Lindstrombe80af72001-02-10 23:06:02 +00002165 - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD
Ben Lindstrom7e9aff52001-02-10 23:00:22 +00002166 - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync)
Ben Lindstrom70ea46a2001-02-10 23:30:16 +00002167 - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace.
Ben Lindstrome5b3fb32001-02-10 23:56:35 +00002168 - (bal) A bit more whitespace cleanup
Damien Millerbd5817d2001-02-11 22:35:11 +11002169 - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett
2170 <abartlet@pcug.org.au>
Kevin Stevesfad3c512001-02-11 14:34:10 +00002171 - (stevesk) misc.c: ssh.h not needed.
Kevin Stevesbcc86272001-02-11 18:49:23 +00002172 - (stevesk) compat.c: more friendly cpp error
Kevin Stevesd85bf4b2001-02-11 16:43:05 +00002173 - (stevesk) OpenBSD sync:
2174 - stevesk@cvs.openbsd.org 2001/02/11 06:15:57
2175 [LICENSE]
2176 typos and small cleanup; ok deraadt@
Ben Lindstromf79aeff2001-02-10 21:27:11 +00002177
Damien Millerd7686fd2001-02-10 00:40:03 +1100217820010210
2179 - (djm) Sync sftp and scp stuff from OpenBSD:
2180 - djm@cvs.openbsd.org 2001/02/07 03:55:13
2181 [sftp-client.c]
2182 Don't free handles before we are done with them. Based on work from
2183 Corinna Vinschen <vinschen@redhat.com>. ok markus@
2184 - djm@cvs.openbsd.org 2001/02/06 22:32:53
2185 [sftp.1]
2186 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
2187 - deraadt@cvs.openbsd.org 2001/02/07 04:07:29
2188 [sftp.1]
2189 pretty up significantly
2190 - itojun@cvs.openbsd.org 2001/02/07 06:49:42
2191 [sftp.1]
2192 .Bl-.El mismatch. markus ok
2193 - djm@cvs.openbsd.org 2001/02/07 06:12:30
2194 [sftp-int.c]
2195 Check that target is a directory before doing ls; ok markus@
2196 - itojun@cvs.openbsd.org 2001/02/07 11:01:18
2197 [scp.c sftp-client.c sftp-server.c]
2198 unsigned long long -> %llu, not %qu. markus ok
2199 - stevesk@cvs.openbsd.org 2001/02/07 11:10:39
2200 [sftp.1 sftp-int.c]
2201 more man page cleanup and sync of help text with man page; ok markus@
2202 - markus@cvs.openbsd.org 2001/02/07 14:58:34
2203 [sftp-client.c]
2204 older servers reply with SSH2_FXP_NAME + count==0 instead of EOF
2205 - djm@cvs.openbsd.org 2001/02/07 15:27:19
2206 [sftp.c]
2207 Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov
2208 <roumen.petrov@skalasoft.com>
2209 - stevesk@cvs.openbsd.org 2001/02/07 15:36:04
2210 [sftp-int.c]
2211 portable; ok markus@
2212 - stevesk@cvs.openbsd.org 2001/02/07 15:55:47
2213 [sftp-int.c]
2214 lowercase cmds[].c also; ok markus@
2215 - markus@cvs.openbsd.org 2001/02/07 17:04:52
2216 [pathnames.h sftp.c]
2217 allow sftp over ssh protocol 1; ok djm@
2218 - deraadt@cvs.openbsd.org 2001/02/08 07:38:55
2219 [scp.c]
2220 memory leak fix, and snprintf throughout
2221 - deraadt@cvs.openbsd.org 2001/02/08 08:02:02
2222 [sftp-int.c]
2223 plug a memory leak
2224 - stevesk@cvs.openbsd.org 2001/02/08 10:11:23
2225 [session.c sftp-client.c]
2226 %i -> %d
2227 - stevesk@cvs.openbsd.org 2001/02/08 10:57:59
2228 [sftp-int.c]
2229 typo
2230 - stevesk@cvs.openbsd.org 2001/02/08 15:28:07
2231 [sftp-int.c pathnames.h]
2232 _PATH_LS; ok markus@
2233 - djm@cvs.openbsd.org 2001/02/09 04:46:25
2234 [sftp-int.c]
2235 Check for NULL attribs for chown, chmod & chgrp operations, only send
2236 relevant attribs back to server; ok markus@
Damien Miller137465b2001-02-10 00:47:59 +11002237 - djm@cvs.openbsd.org 2001/02/06 15:05:25
2238 [sftp.c]
2239 Use getopt to process commandline arguments
2240 - djm@cvs.openbsd.org 2001/02/06 15:06:21
2241 [sftp.c ]
2242 Wait for ssh subprocess at exit
2243 - djm@cvs.openbsd.org 2001/02/06 15:18:16
2244 [sftp-int.c]
2245 stat target for remote chdir before doing chdir
2246 - djm@cvs.openbsd.org 2001/02/06 15:32:54
2247 [sftp.1]
2248 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
2249 - provos@cvs.openbsd.org 2001/02/05 22:22:02
2250 [sftp-int.c]
2251 cleanup get_pathname, fix pwd after failed cd. okay djm@
Damien Millerd7686fd2001-02-10 00:40:03 +11002252 - (djm) Update makefile.in for _PATH_SFTP_SERVER
Ben Lindstromc5dbf7f2001-02-10 00:37:17 +00002253 - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree)
Damien Millerd7686fd2001-02-10 00:40:03 +11002254
Ben Lindstromefe35aa2001-02-08 16:34:56 +0000225520010209
2256 - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney
2257 <rjmooney@mediaone.net>
Ben Lindstrom40f41512001-02-08 18:05:17 +00002258 - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the
2259 main tree while porting forward. Pointed out by Lutz Jaenicke
2260 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromfc032bb2001-02-08 18:40:09 +00002261 - (bal) double entry in configure.in. Pointed out by Lutz Jaenicke
2262 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Kevin Steves4abe4de2001-02-08 19:16:32 +00002263 - (stevesk) OpenBSD sync:
2264 - markus@cvs.openbsd.org 2001/02/08 11:20:01
2265 [auth2.c]
2266 strict checking
2267 - markus@cvs.openbsd.org 2001/02/08 11:15:22
2268 [version.h]
2269 update to 2.3.2
2270 - markus@cvs.openbsd.org 2001/02/08 11:12:30
2271 [auth2.c]
2272 fix typo
Damien Milleraf13cca2001-02-09 12:01:51 +11002273 - (djm) Update spec files
Ben Lindstromf6b7b092001-02-09 01:23:39 +00002274 - (bal) OpenBSD sync:
2275 - deraadt@cvs.openbsd.org 2001/02/08 14:38:54
2276 [scp.c]
2277 memory leak fix, and snprintf throughout
Ben Lindstrom5b828322001-02-09 01:34:36 +00002278 - markus@cvs.openbsd.org 2001/02/06 22:43:02
2279 [clientloop.c]
2280 remove confusing callback code
Damien Millere9cf3572001-02-09 12:55:35 +11002281 - (djm) Add CVS Id's to files that we have missed
Ben Lindstrom31ca54a2001-02-09 02:11:24 +00002282 - (bal) OpenBSD Sync (more):
2283 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
2284 sync with netbsd tree changes.
2285 - more strict prototypes, include necessary headers
2286 - use paths.h/pathnames.h decls
2287 - size_t typecase to int -> u_long
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00002288 - markus@cvs.openbsd.org 2001/02/06 22:07:42
2289 [ssh.c]
2290 fatal() if subsystem fails
2291 - markus@cvs.openbsd.org 2001/02/06 22:43:02
2292 [ssh.c]
2293 remove confusing callback code
2294 - jakob@cvs.openbsd.org 2001/02/06 23:03:24
2295 [ssh.c]
2296 add -1 option (force protocol version 1). ok markus@
2297 - jakob@cvs.openbsd.org 2001/02/06 23:06:21
2298 [ssh.c]
2299 reorder -{1,2,4,6} options. ok markus@
Ben Lindstromb0407fc2001-02-09 02:23:10 +00002300 - (bal) Missing 'const' in readpass.h
Ben Lindstrom288cc392001-02-09 02:58:04 +00002301 - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =)
2302 - djm@cvs.openbsd.org 2001/02/06 23:30:28
2303 [sftp-client.c]
2304 replace arc4random with counter for request ids; ok markus@
Damien Miller4192c462001-02-09 22:55:16 +11002305 - (djm) Define _PATH_TTY for systems that don't. Report from Lutz
2306 Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromefe35aa2001-02-08 16:34:56 +00002307
Damien Miller3d0a7d52001-02-08 08:22:47 +1100230820010208
2309 - (djm) Don't delete external askpass program in make uninstall target.
2310 Report and fix from Roumen Petrov <roumen.petrov@skalasoft.com>
Damien Miller4864e8f2001-02-08 10:07:08 +11002311 - (djm) Fix linking of sftp, don't need arc4random any more.
2312 - (djm) Try to use shell that supports "test -S" for EGD socket search.
2313 Based on patch from Tim Rice <tim@multitalents.net>
Damien Miller3d0a7d52001-02-08 08:22:47 +11002314
Damien Miller4855ae92001-02-07 23:21:31 +1100231520010207
Ben Lindstrom582d3982001-02-06 22:54:30 +00002316 - (bal) Save the whole path to AR in configure. Some Solaris 2.7 installs
2317 seem lose track of it while in openbsd-compat/ (two confirmed reports)
Damien Miller63dc3e92001-02-07 12:58:33 +11002318 - (djm) Much KNF on PAM code
Damien Miller4855ae92001-02-07 23:21:31 +11002319 - (djm) Revise auth-pam.c conversation function to be a little more
2320 readable.
Damien Miller63dc3e92001-02-07 12:58:33 +11002321 - (djm) Revise kbd-int PAM conversation function to fold all text messages
2322 to before first prompt. Fixes hangs if last pam_message did not require
2323 a reply.
2324 - (djm) Fix password changing when using PAM kbd-int authentication
Ben Lindstrom582d3982001-02-06 22:54:30 +00002325
Damien Miller4855ae92001-02-07 23:21:31 +1100232620010205
Kevin Stevesef4eea92001-02-05 12:42:17 +00002327 - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms
Ben Lindstrom03f07b42001-02-04 20:44:01 +00002328 that don't have NGROUPS_MAX.
Ben Lindstromd2ddda42001-02-04 21:57:11 +00002329 - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu>
Kevin Stevesef4eea92001-02-05 12:42:17 +00002330 - (stevesk) OpenBSD sync:
2331 - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
2332 [many files; did this manually to our top-level source dir]
2333 unexpand and remove end-of-line whitespace; ok markus@
Kevin Steves8e743932001-02-05 13:24:35 +00002334 - stevesk@cvs.openbsd.org 2001/02/04 15:21:19
2335 [sftp-server.c]
2336 SSH2_FILEXFER_ATTR_UIDGID support; ok markus@
Kevin Steves62c45db2001-02-05 13:42:43 +00002337 - deraadt@cvs.openbsd.org 2001/02/04 17:02:32
2338 [sftp-int.c]
2339 ? == help
2340 - deraadt@cvs.openbsd.org 2001/02/04 16:47:46
2341 [sftp-int.c]
2342 sort commands, so that abbreviations work as expected
2343 - stevesk@cvs.openbsd.org 2001/02/04 15:17:52
2344 [sftp-int.c]
2345 debugging sftp: precedence and missing break. chmod, chown, chgrp
2346 seem to be working now.
2347 - markus@cvs.openbsd.org 2001/02/04 14:41:21
2348 [sftp-int.c]
2349 use base 8 for umask/chmod
2350 - markus@cvs.openbsd.org 2001/02/04 11:11:54
2351 [sftp-int.c]
2352 fix LCD
Kevin Steves3c034ae2001-02-05 13:47:11 +00002353 - markus@cvs.openbsd.org 2001/02/04 08:10:44
2354 [ssh.1]
2355 typo; dpo@club-internet.fr
Kevin Steves0afcc9f2001-02-05 13:57:36 +00002356 - stevesk@cvs.openbsd.org 2001/02/04 06:30:12
2357 [auth2.c authfd.c packet.c]
2358 remove duplicate #include's; ok markus@
Kevin Stevesadf74cd2001-02-05 14:22:50 +00002359 - deraadt@cvs.openbsd.org 2001/02/04 16:56:23
2360 [scp.c sshd.c]
2361 alpha happiness
2362 - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
2363 [sshd.c]
2364 precedence; ok markus@
Kevin Steves12057502001-02-05 14:54:34 +00002365 - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
Kevin Stevesadf74cd2001-02-05 14:22:50 +00002366 [ssh.c sshd.c]
2367 make the alpha happy
Kevin Steves12057502001-02-05 14:54:34 +00002368 - markus@cvs.openbsd.org 2001/01/31 13:37:24
2369 [channels.c channels.h serverloop.c ssh.c]
Damien Miller4855ae92001-02-07 23:21:31 +11002370 do not disconnect if local port forwarding fails, e.g. if port is
2371 already in use
Kevin Steves12057502001-02-05 14:54:34 +00002372 - markus@cvs.openbsd.org 2001/02/01 14:58:09
2373 [channels.c]
2374 use ipaddr in channel messages, ietf-secsh wants this
2375 - markus@cvs.openbsd.org 2001/01/31 12:26:20
2376 [channels.c]
Damien Miller4855ae92001-02-07 23:21:31 +11002377 ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE
2378 messages; bug report from edmundo@rano.org
Kevin Stevese27a5e02001-02-05 15:15:27 +00002379 - markus@cvs.openbsd.org 2001/01/31 13:48:09
2380 [sshconnect2.c]
2381 unused
Kevin Stevesec1c1402001-02-05 15:39:22 +00002382 - deraadt@cvs.openbsd.org 2001/02/04 08:23:08
2383 [sftp-client.c sftp-server.c]
2384 make gcc on the alpha even happier
Ben Lindstrom75713c92001-02-04 20:27:44 +00002385
Damien Miller4855ae92001-02-07 23:21:31 +1100238620010204
Ben Lindstrom70442532001-02-03 21:31:22 +00002387 - (bal) I think this is the last of the bsd-*.h that don't belong.
Ben Lindstrom684ba4c2001-02-03 21:53:47 +00002388 - (bal) Minor Makefile fix
Ben Lindstrom1c56a012001-02-03 21:58:12 +00002389 - (bal) openbsd-compat/Makefile minor fix. Ensure dependancies are done
Damien Miller33804262001-02-04 23:20:18 +11002390 right.
Ben Lindstromb0c2eeb2001-02-03 22:15:00 +00002391 - (bal) Changed order of LIB="" in -with-skey due to library resolving.
Ben Lindstrom45cb2932001-02-04 09:41:33 +00002392 - (bal) next-posix.h changed to bsd-nextstep.h
Damien Miller33804262001-02-04 23:20:18 +11002393 - (djm) OpenBSD CVS sync:
2394 - markus@cvs.openbsd.org 2001/02/03 03:08:38
2395 [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
2396 [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
2397 [sshd_config]
2398 make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
2399 - markus@cvs.openbsd.org 2001/02/03 03:19:51
2400 [ssh.1 sshd.8 sshd_config]
2401 Skey is now called ChallengeResponse
2402 - markus@cvs.openbsd.org 2001/02/03 03:43:09
2403 [sshd.8]
2404 use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
2405 channel. note from Erik.Anggard@cygate.se (pr/1659)
2406 - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
2407 [ssh.1]
2408 typos; ok markus@
2409 - djm@cvs.openbsd.org 2001/02/04 04:11:56
2410 [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
2411 [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
2412 Basic interactive sftp client; ok theo@
2413 - (djm) Update RPM specs for new sftp binary
2414 - (djm) Update several bits for new optional reverse lookup stuff. I
2415 think I got them all.
Damien Millerb797b922001-02-04 23:27:00 +11002416 - (djm) Makefile.in fixes
Kevin Stevesb6e773a2001-02-04 13:20:36 +00002417 - (stevesk) add mysignal() wrapper and use it for the protocol 2
2418 SIGCHLD handler.
Kevin Steves8e743932001-02-05 13:24:35 +00002419 - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@
Ben Lindstrom70442532001-02-03 21:31:22 +00002420
Damien Miller4855ae92001-02-07 23:21:31 +1100242120010203
Ben Lindstromdd5c5a32001-02-02 18:58:33 +00002422 - (bal) Cygwin clean up by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom64136352001-02-02 19:03:13 +00002423 - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD
2424 based file) to ensure #include space does not get confused.
Ben Lindstrome6b3b7b2001-02-03 00:33:04 +00002425 - (bal) Minor Makefile.in tweak. dirname may not exist on some
2426 platforms so builds fail. (NeXT being a well known one)
Ben Lindstromdd5c5a32001-02-02 18:58:33 +00002427
Damien Miller4855ae92001-02-07 23:21:31 +1100242820010202
Damien Miller33804262001-02-04 23:20:18 +11002429 - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen
Ben Lindstrom2ffbbe62001-02-02 00:00:54 +00002430 <vinschen@redhat.com>
Ben Lindstrom25a77852001-02-02 10:17:46 +00002431 - (bal) Makefile fix to use $(MAKE) instead of 'make' for platforms
2432 that use 'gmake'. Patch by Tim Rice <tim@multitalents.net>
Ben Lindstrom2ffbbe62001-02-02 00:00:54 +00002433
Damien Miller4855ae92001-02-07 23:21:31 +1100243420010201
Ben Lindstrome03c85d2001-02-01 14:06:11 +00002435 - (bal) Minor fix to Makefile to stop rebuilding executables if no
2436 changes have occured to any of the supporting code. Patch by
2437 Roumen Petrov <roumen.petrov@skalasoft.com>
2438
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000243920010131
Damien Miller3c4659c2001-01-31 09:52:43 +11002440 - (djm) OpenBSD CVS Sync:
2441 - djm@cvs.openbsd.org 2001/01/30 15:48:53
2442 [sshconnect.c]
2443 Make warning message a little more consistent. ok markus@
Damien Miller709528a2001-01-31 09:57:55 +11002444 - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from
2445 Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com>
2446 respectively.
Damien Millerbf757762001-01-31 10:50:49 +11002447 - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain
2448 passwords.
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +00002449 - (bal) Reorder. Move all bsd-*, fake-*, next-*, and cygwin* stuff to
2450 openbsd-compat/. And resolve all ./configure and Makefile.in issues
2451 assocated.
Damien Miller3c4659c2001-01-31 09:52:43 +11002452
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000245320010130
Damien Miller5e953212001-01-30 09:14:00 +11002454 - (djm) OpenBSD CVS Sync:
2455 - markus@cvs.openbsd.org 2001/01/29 09:55:37
2456 [channels.c channels.h clientloop.c serverloop.c]
2457 fix select overflow; ok deraadt@ and stevesk@
Damien Millerd83ff352001-01-30 09:19:34 +11002458 - markus@cvs.openbsd.org 2001/01/29 12:42:35
2459 [canohost.c canohost.h channels.c clientloop.c]
2460 add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
Damien Miller7650bc62001-01-30 09:27:26 +11002461 - markus@cvs.openbsd.org 2001/01/29 12:47:32
2462 [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
2463 handle rsa_private_decrypt failures; helps against the Bleichenbacher
2464 pkcs#1 attack
Damien Miller832562e2001-01-30 09:30:01 +11002465 - djm@cvs.openbsd.org 2001/01/29 05:36:11
2466 [ssh.1 ssh.c]
2467 Allow invocation of sybsystem by commandline (-s); ok markus@
Kevin Stevesb6b4a7a2001-01-30 18:31:43 +00002468 - (stevesk) configure.in: remove duplicate PROG_LS
Damien Miller5e953212001-01-30 09:14:00 +11002469
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000247020010129
Kevin Stevesb71eb582001-01-29 16:57:27 +00002471 - (stevesk) sftp-server.c: use %lld vs. %qd
2472
Ben Lindstrom49af82b2001-01-27 20:43:57 +0000247320010128
2474 - (bal) Put USE_PIPES back into sco3.2v5
Ben Lindstrom36579d32001-01-29 07:39:26 +00002475 - (bal) OpenBSD Sync
Ben Lindstromd5390202001-01-29 08:07:43 +00002476 - markus@cvs.openbsd.org 2001/01/28 10:15:34
2477 [dispatch.c]
2478 re-keying is not supported; ok deraadt@
Ben Lindstrom035782e2001-01-29 08:34:16 +00002479 - markus@cvs.openbsd.org 2001/01/28 10:24:04
Ben Lindstrom8eec2c82001-01-29 08:39:16 +00002480 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Ben Lindstrom035782e2001-01-29 08:34:16 +00002481 cleanup AUTHORS sections
Ben Lindstromd5390202001-01-29 08:07:43 +00002482 - markus@cvs.openbsd.org 2001/01/28 10:37:26
Ben Lindstromc12a6b72001-01-29 08:41:05 +00002483 [sshd.c sshd.8]
Ben Lindstromd5390202001-01-29 08:07:43 +00002484 remove -Q, no longer needed
2485 - stevesk@cvs.openbsd.org 2001/01/28 20:36:16
Ben Lindstromeb930d42001-01-29 08:37:08 +00002486 [readconf.c ssh.1]
Ben Lindstromd5390202001-01-29 08:07:43 +00002487 ``StrictHostKeyChecking ask'' documentation and small cleanup.
2488 ok markus@
Ben Lindstroma7333502001-01-29 08:44:03 +00002489 - stevesk@cvs.openbsd.org 2001/01/28 20:43:25
Damien Miller33804262001-02-04 23:20:18 +11002490 [sshd.8]
Ben Lindstroma7333502001-01-29 08:44:03 +00002491 spelling. ok markus@
Ben Lindstrom91fd62a2001-01-29 08:10:11 +00002492 - stevesk@cvs.openbsd.org 2001/01/28 20:53:21
2493 [xmalloc.c]
2494 use size_t for strlen() return. ok markus@
Ben Lindstroma7333502001-01-29 08:44:03 +00002495 - stevesk@cvs.openbsd.org 2001/01/28 22:27:05
2496 [authfile.c]
2497 spelling. use sizeof vs. strlen(). ok markus@
Ben Lindstromd5390202001-01-29 08:07:43 +00002498 - niklas@cvs.openbsd.org 2001/01/29 1:59:14
Ben Lindstrom36579d32001-01-29 07:39:26 +00002499 [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h
2500 groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h
2501 key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h
2502 radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1
2503 ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config
2504 sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h]
2505 $OpenBSD$
Ben Lindstrom6d40c0f2001-01-29 09:02:24 +00002506 - (bal) Minor auth2.c resync. Whitespace and moving of an #include.
Ben Lindstrom49af82b2001-01-27 20:43:57 +00002507
Ben Lindstrom27eebe62001-01-25 23:04:22 +0000250820010126
Damien Miller33804262001-02-04 23:20:18 +11002509 - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen
Ben Lindstrom27eebe62001-01-25 23:04:22 +00002510 Petrov <roumen.petrov@skalasoft.com>
Ben Lindstrom77808ab2001-01-26 05:10:34 +00002511 - (bal) OpenBSD Sync
2512 - deraadt@cvs.openbsd.org 2001/01/25 8:06:33
2513 [ssh-agent.c]
2514 call _exit() in signal handler
Ben Lindstrom27eebe62001-01-25 23:04:22 +00002515
Damien Miller2a5c1ce2001-01-25 10:32:00 +1100251620010125
2517 - (djm) Sync bsd-* support files:
2518 - deraadt@cvs.openbsd.org 2000/01/26 03:43:20
2519 [rresvport.c bindresvport.c]
Damien Miller33804262001-02-04 23:20:18 +11002520 new bindresvport() semantics that itojun, shin, jean-luc and i have
Damien Miller2a5c1ce2001-01-25 10:32:00 +11002521 agreed on, which will be happy for the future. bindresvport_sa() for
2522 sockaddr *, too. docs later..
2523 - deraadt@cvs.openbsd.org 2000/01/24 02:24:21
2524 [bindresvport.c]
Damien Miller33804262001-02-04 23:20:18 +11002525 in bindresvport(), if sin is non-NULL, example sin->sin_family for
Damien Miller2a5c1ce2001-01-25 10:32:00 +11002526 the actual family being processed
Damien Miller0736c4d2001-01-25 10:51:46 +11002527 - (djm) Mention PRNGd in documentation, it is nicer than EGD
2528 - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf
Ben Lindstromec3830a2001-01-25 00:07:33 +00002529 - (bal) AC_FUNC_STRFTIME added to autoconf
Ben Lindstrom87b147f2001-01-25 00:41:12 +00002530 - (bal) OpenBSD Resync
2531 - stevesk@cvs.openbsd.org 2001/01/24 21:03:50
2532 [channels.c]
2533 missing freeaddrinfo(); ok markus@
Damien Miller2a5c1ce2001-01-25 10:32:00 +11002534
Ben Lindstrombda5bdc2001-01-23 16:09:51 +0000253520010124
2536 - (bal) OpenBSD Resync
2537 - markus@cvs.openbsd.org 2001/01/23 10:45:10
2538 [ssh.h]
Damien Miller33804262001-02-04 23:20:18 +11002539 nuke comment
Ben Lindstrom2396b302001-01-23 16:54:29 +00002540 - (bal) no 64bit support patch from Tim Rice <tim@multitalents.net>
2541 - (bal) #ifdef around S_IFSOCK if platform does not support it.
2542 patch by Tim Rice <tim@multitalents.net>
2543 - (bal) fake-regex.h cleanup based on Tim Rice's patch.
Kevin Stevesb6b37ba2001-01-24 20:01:44 +00002544 - (stevesk) sftp-server.c: fix chmod() mode mask
Ben Lindstrombda5bdc2001-01-23 16:09:51 +00002545
Ben Lindstromcb577332001-01-22 21:06:19 +0000254620010123
2547 - (bal) regexp.h typo in configure.in. Should have been regex.h
2548 - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
Damien Miller33804262001-02-04 23:20:18 +11002549 - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT
Ben Lindstromb1985f72001-01-23 00:19:15 +00002550 - (bal) OpenBSD Resync
2551 - markus@cvs.openbsd.org 2001/01/22 8:15:00
2552 [auth-krb4.c sshconnect1.c]
2553 only AFS needs radix.[ch]
2554 - markus@cvs.openbsd.org 2001/01/22 8:32:53
2555 [auth2.c]
2556 no need to include; from mouring@etoh.eviladmin.org
2557 - stevesk@cvs.openbsd.org 2001/01/22 16:55:21
2558 [key.c]
2559 free() -> xfree(); ok markus@
2560 - stevesk@cvs.openbsd.org 2001/01/22 17:22:28
2561 [sshconnect2.c sshd.c]
2562 fix memory leaks in SSH2 key exchange; ok markus@
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +00002563 - markus@cvs.openbsd.org 2001/01/22 23:06:39
2564 [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
2565 sshconnect1.c sshconnect2.c sshd.c]
2566 rename skey -> challenge response.
2567 auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
Ben Lindstromb1985f72001-01-23 00:19:15 +00002568
Ben Lindstromcb577332001-01-22 21:06:19 +00002569
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000257020010122
2571 - (bal) OpenBSD Resync
2572 - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
2573 [servconf.c ssh.h sshd.c]
2574 only auth-chall.c needs #ifdef SKEY
2575 - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
2576 [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
2577 auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
2578 packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
2579 session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
2580 ssh1.h sshconnect1.c sshd.c ttymodes.c]
2581 move ssh1 definitions to ssh1.h, pathnames to pathnames.h
2582 - markus@cvs.openbsd.org 2001/01/19 16:48:14
2583 [sshd.8]
2584 fix typo; from stevesk@
2585 - markus@cvs.openbsd.org 2001/01/19 16:50:58
2586 [ssh-dss.c]
Damien Miller33804262001-02-04 23:20:18 +11002587 clear and free digest, make consistent with other code (use dlen); from
Ben Lindstrom226cfa02001-01-22 05:34:40 +00002588 stevesk@
2589 - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
2590 [auth-options.c auth-options.h auth-rsa.c auth2.c]
2591 pass the filename to auth_parse_options()
Damien Miller33804262001-02-04 23:20:18 +11002592 - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
Ben Lindstrom226cfa02001-01-22 05:34:40 +00002593 [readconf.c]
2594 fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
2595 - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
2596 [sshconnect2.c]
2597 dh_new_group() does not return NULL. ok markus@
2598 - markus@cvs.openbsd.org 2001/01/20 21:33:42
2599 [ssh-add.c]
Damien Miller33804262001-02-04 23:20:18 +11002600 do not loop forever if askpass does not exist; from
Ben Lindstrom226cfa02001-01-22 05:34:40 +00002601 andrew@pimlott.ne.mediaone.net
2602 - djm@cvs.openbsd.org 2001/01/20 23:00:56
2603 [servconf.c]
2604 Check for NULL return from strdelim; ok markus
2605 - djm@cvs.openbsd.org 2001/01/20 23:02:07
2606 [readconf.c]
2607 KNF; ok markus
2608 - jakob@cvs.openbsd.org 2001/01/21 9:00:33
2609 [ssh-keygen.1]
2610 remove -R flag; ok markus@
2611 - markus@cvs.openbsd.org 2001/01/21 19:05:40
2612 [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
2613 auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
2614 auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
2615 bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
2616 cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
2617 deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
2618 key.c key.h log-client.c log-server.c log.c log.h login.c login.h
2619 match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
2620 readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
2621 session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
Damien Miller33804262001-02-04 23:20:18 +11002622 ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
Ben Lindstrom226cfa02001-01-22 05:34:40 +00002623 sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
2624 ttysmodes.c uidswap.c xmalloc.c]
Damien Miller33804262001-02-04 23:20:18 +11002625 split ssh.h and try to cleanup the #include mess. remove unnecessary
Ben Lindstrom226cfa02001-01-22 05:34:40 +00002626 #includes. rename util.[ch] -> misc.[ch]
2627 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
Damien Miller33804262001-02-04 23:20:18 +11002628 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
Ben Lindstrom226cfa02001-01-22 05:34:40 +00002629 conflict when compiling for non-kerb install
2630 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
2631 on 1/19.
2632
Ben Lindstromcf0809d2001-01-19 15:44:10 +0000263320010120
2634 - (bal) OpenBSD Resync
2635 - markus@cvs.openbsd.org 2001/01/19 12:45:26
2636 [ssh-chall.c servconf.c servconf.h ssh.h sshd.c]
2637 only auth-chall.c needs #ifdef SKEY
Ben Lindstrom401d58f2001-01-19 17:11:43 +00002638 - (bal) Slight auth2-pam.c clean up.
2639 - (bal) Includes a fake-regexp.h to be only used if regcomp() is found,
2640 but no 'regexp.h' found (SCO OpenServer 3 lacks the header).
Ben Lindstromcf0809d2001-01-19 15:44:10 +00002641
Damien Miller5aa80592001-01-19 14:03:40 +1100264220010119
2643 - (djm) Update versions in RPM specfiles
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00002644 - (bal) OpenBSD Resync
2645 - markus@cvs.openbsd.org 2001/01/18 16:20:21
2646 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
2647 sshd.8 sshd.c]
Damien Miller33804262001-02-04 23:20:18 +11002648 log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00002649 systems
2650 - markus@cvs.openbsd.org 2001/01/18 16:59:59
2651 [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
2652 session.h sshconnect1.c]
2653 1) removes fake skey from sshd, since this will be much
2654 harder with /usr/libexec/auth/login_XXX
2655 2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
2656 3) make addition of BSD_AUTH and other challenge reponse methods
2657 easier.
2658 - markus@cvs.openbsd.org 2001/01/18 17:12:43
2659 [auth-chall.c auth2-chall.c]
2660 rename *-skey.c *-chall.c since the files are not skey specific
Damien Miller22e22bf2001-01-19 15:46:38 +11002661 - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>)
2662 to fix NULL pointer deref and fake authloop breakage in PAM code.
Ben Lindstromb100ec92001-01-19 05:37:32 +00002663 - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom5dc81502001-01-19 06:10:29 +00002664 - (bal) Minor cygwin patch to auth1.c. Suggested by djm.
Damien Miller33804262001-02-04 23:20:18 +11002665
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000266620010118
2667 - (bal) Super Sized OpenBSD Resync
2668 - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
2669 [sshd.c]
2670 maxfd+1
2671 - markus@cvs.openbsd.org 2001/01/13 17:59:18
2672 [ssh-keygen.1]
2673 small ssh-keygen manpage cleanup; stevesk@pobox.com
2674 - markus@cvs.openbsd.org 2001/01/13 18:03:07
2675 [scp.c ssh-keygen.c sshd.c]
2676 getopt() returns -1 not EOF; stevesk@pobox.com
2677 - markus@cvs.openbsd.org 2001/01/13 18:06:54
2678 [ssh-keyscan.c]
2679 use SSH_DEFAULT_PORT; from stevesk@pobox.com
2680 - markus@cvs.openbsd.org 2001/01/13 18:12:47
2681 [ssh-keyscan.c]
2682 free() -> xfree(); fix memory leak; from stevesk@pobox.com
2683 - markus@cvs.openbsd.org 2001/01/13 18:14:13
2684 [ssh-add.c]
2685 typo, from stevesk@sweden.hp.com
2686 - markus@cvs.openbsd.org 2001/01/13 18:32:50
Damien Miller33804262001-02-04 23:20:18 +11002687 [packet.c session.c ssh.c sshconnect.c sshd.c]
Ben Lindstrombf555ba2001-01-18 02:04:35 +00002688 split out keepalive from packet_interactive (from dale@accentre.com)
2689 set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
2690 - markus@cvs.openbsd.org 2001/01/13 18:36:45
2691 [packet.c packet.h]
2692 reorder, typo
2693 - markus@cvs.openbsd.org 2001/01/13 18:38:00
2694 [auth-options.c]
2695 fix comment
2696 - markus@cvs.openbsd.org 2001/01/13 18:43:31
2697 [session.c]
2698 Wall
Damien Miller33804262001-02-04 23:20:18 +11002699 - markus@cvs.openbsd.org 2001/01/13 19:14:08
Ben Lindstrombf555ba2001-01-18 02:04:35 +00002700 [clientloop.h clientloop.c ssh.c]
2701 move callback to headerfile
2702 - markus@cvs.openbsd.org 2001/01/15 21:40:10
2703 [ssh.c]
2704 use log() instead of stderr
2705 - markus@cvs.openbsd.org 2001/01/15 21:43:51
2706 [dh.c]
2707 use error() not stderr!
2708 - markus@cvs.openbsd.org 2001/01/15 21:45:29
2709 [sftp-server.c]
2710 rename must fail if newpath exists, debug off by default
2711 - markus@cvs.openbsd.org 2001/01/15 21:46:38
2712 [sftp-server.c]
2713 readable long listing for sftp-server, ok deraadt@
2714 - markus@cvs.openbsd.org 2001/01/16 19:20:06
2715 [key.c ssh-rsa.c]
Damien Miller33804262001-02-04 23:20:18 +11002716 make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
2717 galb@vandyke.com. note that you have to delete older ssh2-rsa keys,
2718 since they are in the wrong format, too. they must be removed from
Ben Lindstrombf555ba2001-01-18 02:04:35 +00002719 .ssh/authorized_keys2 and .ssh/known_hosts2, etc.
Damien Miller33804262001-02-04 23:20:18 +11002720 (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
2721 .ssh/authorized_keys2) additionally, we now check that
Ben Lindstrombf555ba2001-01-18 02:04:35 +00002722 BN_num_bits(rsa->n) >= 768.
2723 - markus@cvs.openbsd.org 2001/01/16 20:54:27
2724 [sftp-server.c]
2725 remove some statics. simpler handles; idea from nisse@lysator.liu.se
2726 - deraadt@cvs.openbsd.org 2001/01/16 23:58:08
2727 [bufaux.c radix.c sshconnect.h sshconnect1.c]
2728 indent
2729 - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
2730 be missing such feature.
2731
Damien Miller33804262001-02-04 23:20:18 +11002732
Damien Miller21de4502001-01-17 09:37:15 +1100273320010117
2734 - (djm) Only write random seed file at exit
Damien Millera64b57a2001-01-17 10:44:13 +11002735 - (djm) Make PAM support optional, enable with --with-pam
Damien Miller33804262001-02-04 23:20:18 +11002736 - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
Damien Millera64b57a2001-01-17 10:44:13 +11002737 provides a crypt() of its own)
2738 - (djm) Avoid a warning in bsd-bindresvport.c
2739 - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
Damien Miller33804262001-02-04 23:20:18 +11002740 can cause weird segfaults errors on Solaris
Damien Miller92e78f82001-01-17 11:10:48 +11002741 - (djm) Avoid warning in PAM code by making read_passphrase arguments const
Damien Miller01fa6382001-01-17 11:23:39 +11002742 - (djm) Add --with-pam to RPM spec files
Damien Miller21de4502001-01-17 09:37:15 +11002743
Ben Lindstrom200e3c92001-01-15 01:56:46 +0000274420010115
2745 - (bal) sftp-server.c change to use chmod() if fchmod() does not exist.
Ben Lindstrom42202bc2001-01-15 02:34:37 +00002746 - (bal) utimes() support via utime() interface on machine that lack utimes().
Ben Lindstrom200e3c92001-01-15 01:56:46 +00002747
Kevin Steves886b06c2001-01-14 00:35:19 +0000274820010114
2749 - (stevesk) initial work for OpenBSD "support supplementary group in
2750 {Allow,Deny}Groups" patch:
2751 - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c)
2752 - add bsd-getgrouplist.h
2753 - new files groupaccess.[ch]
2754 - build but don't use yet (need to merge auth.c changes)
Kevin Steves7b61cfa2001-01-14 19:11:00 +00002755 - (stevesk) complete:
2756 - markus@cvs.openbsd.org 2001/01/13 11:56:48
2757 [auth.c sshd.8]
2758 support supplementary group in {Allow,Deny}Groups
2759 from stevesk@pobox.com
Damien Miller33804262001-02-04 23:20:18 +11002760
Ben Lindstrom2f959b42001-01-11 06:20:23 +0000276120010112
2762 - (bal) OpenBSD Sync
2763 - markus@cvs.openbsd.org 2001/01/10 22:56:22
2764 [bufaux.h bufaux.c sftp-server.c sftp.h getput.h]
2765 cleanup sftp-server implementation:
Damien Miller4855ae92001-02-07 23:21:31 +11002766 add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT
2767 parse SSH2_FILEXFER_ATTR_EXTENDED
2768 send SSH2_FX_EOF if readdir returns no more entries
2769 reply to SSH2_FXP_EXTENDED message
2770 use #defines from the draft
2771 move #definations to sftp.h
Ben Lindstrom2f959b42001-01-11 06:20:23 +00002772 more info:
Damien Miller33804262001-02-04 23:20:18 +11002773 http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt
Ben Lindstrom2f959b42001-01-11 06:20:23 +00002774 - markus@cvs.openbsd.org 2001/01/10 19:43:20
2775 [sshd.c]
2776 XXX - generate_empheral_server_key() is not safe against races,
Damien Miller33804262001-02-04 23:20:18 +11002777 because it calls log()
Ben Lindstrom2f959b42001-01-11 06:20:23 +00002778 - markus@cvs.openbsd.org 2001/01/09 21:19:50
2779 [packet.c]
2780 allow TCP_NDELAY for ipv6; from netbsd via itojun@
2781
Damien Millerfd9885e2001-01-10 08:16:53 +1100278220010110
2783 - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from
2784 Bladt Norbert <Norbert.Bladt@adi.ch>
2785
Ben Lindstrom4b27a532001-01-08 13:55:14 +0000278620010109
2787 - (bal) Resync CVS ID of cli.c
Kevin Steves99a05632001-01-08 20:54:36 +00002788 - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE
2789 code.
Ben Lindstrom48bd7c12001-01-09 00:35:42 +00002790 - (bal) OpenBSD Sync
2791 - markus@cvs.openbsd.org 2001/01/08 22:29:05
2792 [auth2.c compat.c compat.h servconf.c servconf.h sshd.8
2793 sshd_config version.h]
2794 implement option 'Banner /etc/issue.net' for ssh2, move version to
2795 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
2796 is enabled).
2797 - markus@cvs.openbsd.org 2001/01/08 22:03:23
2798 [channels.c ssh-keyscan.c]
2799 O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com
2800 - markus@cvs.openbsd.org 2001/01/08 21:55:41
2801 [sshconnect1.c]
2802 more cleanups and fixes from stevesk@pobox.com:
2803 1) try_agent_authentication() for loop will overwrite key just
2804 allocated with key_new(); don't alloc
2805 2) call ssh_close_authentication_connection() before exit
2806 try_agent_authentication()
2807 3) free mem on bad passphrase in try_rsa_authentication()
2808 - markus@cvs.openbsd.org 2001/01/08 21:48:17
2809 [kex.c]
2810 missing free; thanks stevesk@pobox.com
Ben Lindstrom0d5af602001-01-09 00:50:29 +00002811 - (bal) Detect if clock_t structure exists, if not define it.
2812 - (bal) Detect if O_NONBLOCK exists, if not define it.
2813 - (bal) removed news4-posix.h (now empty)
2814 - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t'
2815 instead of 'int'
Kevin Steves8ee4f692001-01-09 15:28:46 +00002816 - (stevesk) sshd_config: sync
Kevin Steves69f8fb32001-01-09 18:09:13 +00002817 - (stevesk) defines.h: remove spurious ``;''
Ben Lindstrom4b27a532001-01-08 13:55:14 +00002818
Ben Lindstroma383baa2001-01-08 06:13:41 +0000281920010108
2820 - (bal) Fixed another typo in cli.c
2821 - (bal) OpenBSD Sync
2822 - markus@cvs.openbsd.org 2001/01/07 21:26:55
2823 [cli.c]
2824 typo
2825 - markus@cvs.openbsd.org 2001/01/07 21:26:55
2826 [cli.c]
2827 missing free, stevesk@pobox.com
2828 - markus@cvs.openbsd.org 2001/01/07 19:06:25
2829 [auth1.c]
2830 missing free, stevesk@pobox.com
2831 - markus@cvs.openbsd.org 2001/01/07 11:28:04
2832 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1
2833 ssh.h sshd.8 sshd.c]
2834 rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
2835 syslog priority changes:
2836 fatal() LOG_ERR -> LOG_CRIT
2837 log() LOG_INFO -> LOG_NOTICE
Ben Lindstrom48b2f732001-01-08 06:20:38 +00002838 - Updated TODO
Ben Lindstroma383baa2001-01-08 06:13:41 +00002839
Ben Lindstromd26dcf32001-01-06 15:18:16 +0000284020010107
2841 - (bal) OpenBSD Sync
2842 - markus@cvs.openbsd.org 2001/01/06 11:23:27
2843 [ssh-rsa.c]
2844 remove unused
2845 - itojun@cvs.openbsd.org 2001/01/05 08:23:29
2846 [ssh-keyscan.1]
2847 missing .El
2848 - markus@cvs.openbsd.org 2001/01/04 22:41:03
2849 [session.c sshconnect.c]
2850 consistent use of _PATH_BSHELL; from stevesk@pobox.com
2851 - djm@cvs.openbsd.org 2001/01/04 22:35:32
2852 [ssh.1 sshd.8]
2853 Mention AES as available SSH2 Cipher; ok markus
2854 - markus@cvs.openbsd.org 2001/01/04 22:25:58
2855 [sshd.c]
2856 sync usage()/man with defaults; from stevesk@pobox.com
2857 - markus@cvs.openbsd.org 2001/01/04 22:21:26
2858 [sshconnect2.c]
2859 handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
2860 that prints a banner (e.g. /etc/issue.net)
Damien Miller33804262001-02-04 23:20:18 +11002861
Ben Lindstrom91c2a982001-01-04 22:54:50 +0000286220010105
2863 - (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net>
Ben Lindstrom8835a892001-01-05 06:09:52 +00002864 - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove()
Ben Lindstrom91c2a982001-01-04 22:54:50 +00002865
Damien Millerd54e55c2001-01-04 09:07:12 +1100286620010104
2867 - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on
2868 work by Chris Vaughan <vaughan99@yahoo.com>
2869
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +0000287020010103
2871 - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
2872 tree (mainly positioning)
2873 - (bal) OpenSSH CVS Update
2874 - markus@cvs.openbsd.org 2001/01/02 20:41:02
2875 [packet.c]
2876 log remote ip on disconnect; PR 1600 from jcs@rt.fm
2877 - markus@cvs.openbsd.org 2001/01/02 20:50:56
2878 [sshconnect.c]
Damien Miller33804262001-02-04 23:20:18 +11002879 strict_host_key_checking for host_status != HOST_CHANGED &&
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00002880 ip_status == HOST_CHANGED
Damien Miller33804262001-02-04 23:20:18 +11002881 - (bal) authfile.c: Synced CVS ID tag
Ben Lindstrom3ad650a2001-01-03 06:02:51 +00002882 - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net>
2883 - (bal) Disable sftp-server if no 64bit int support exists. Based on
2884 patch by Tim Rice <tim@multitalents.net>
2885 - (bal) Makefile.in changes to uninstall: target to remove sftp-server
2886 and sftp-server.8 manpage.
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00002887
Ben Lindstrom88c33972001-01-02 04:55:52 +0000288820010102
2889 - (bal) OpenBSD CVS Update
2890 - markus@cvs.openbsd.org 2001/01/01 14:52:49
2891 [scp.c]
2892 use shared fatal(); from stevesk@pobox.com
2893
Ben Lindstromfa2d2232000-12-31 07:11:04 +0000289420001231
2895 - (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS.
2896 for multiple reasons.
Ben Lindstrom321ae732000-12-31 15:00:23 +00002897 - (bal) Reverted out of a partial NeXT patch.
Ben Lindstromfa2d2232000-12-31 07:11:04 +00002898
Ben Lindstrom2941f112000-12-29 16:50:13 +0000289920001230
2900 - (bal) OpenBSD CVS Update
2901 - markus@cvs.openbsd.org 2000/12/28 18:58:30
2902 [ssh-keygen.c]
2903 enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2}
Ben Lindstrom6c3ae2b2000-12-30 03:25:14 +00002904 - markus@cvs.openbsd.org 2000/12/29 22:19:13
2905 [channels.c]
2906 missing xfree; from vaughan99@yahoo.com
Ben Lindstrom2941f112000-12-29 16:50:13 +00002907 - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c
Ben Lindstrombeac3b42000-12-29 21:21:26 +00002908 - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination.
Damien Millere142d412001-01-30 20:03:08 +11002909 Suggested by Christian Kurz <shorty@debian.org>
Ben Lindstromf5410352000-12-29 21:37:22 +00002910 - (bal) Add in '.c.o' section to Makefile.in to address make programs that
Damien Miller33804262001-02-04 23:20:18 +11002911 don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke
Ben Lindstromf5410352000-12-29 21:37:22 +00002912 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom42717bf2000-12-28 15:46:20 +00002913
291420001229
Damien Miller33804262001-02-04 23:20:18 +11002915 - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian
Damien Millere142d412001-01-30 20:03:08 +11002916 Kurz <shorty@debian.org>
Ben Lindstrom4dccfa52000-12-28 16:40:05 +00002917 - (bal) OpenBSD CVS Update
2918 - markus@cvs.openbsd.org 2000/12/28 14:25:51
2919 [auth.h auth2.c]
2920 count authentication failures only
2921 - markus@cvs.openbsd.org 2000/12/28 14:25:03
2922 [sshconnect.c]
2923 fingerprint for MITM attacks, too.
2924 - markus@cvs.openbsd.org 2000/12/28 12:03:57
2925 [sshd.8 sshd.c]
2926 document -D
2927 - markus@cvs.openbsd.org 2000/12/27 14:19:21
2928 [serverloop.c]
2929 less chatty
2930 - markus@cvs.openbsd.org 2000/12/27 12:34
2931 [auth1.c sshconnect2.c sshd.c]
2932 typo
2933 - markus@cvs.openbsd.org 2000/12/27 12:30:19
2934 [readconf.c readconf.h ssh.1 sshconnect.c]
2935 new option: HostKeyAlias: allow the user to record the host key
2936 under a different name. This is useful for ssh tunneling over
2937 forwarded connections or if you run multiple sshd's on different
2938 ports on the same machine.
2939 - markus@cvs.openbsd.org 2000/12/27 11:51:53
2940 [ssh.1 ssh.c]
2941 multiple -t force pty allocation, document ORIGINAL_COMMAND
2942 - markus@cvs.openbsd.org 2000/12/27 11:41:31
2943 [sshd.8]
2944 update for ssh-2
Kevin Stevese7652402000-12-28 22:16:00 +00002945 - (stevesk) compress.[ch] sync with openbsd; missed in prototype
2946 fix merge.
Ben Lindstrom42717bf2000-12-28 15:46:20 +00002947
Ben Lindstrome2fb8d32000-12-28 00:07:07 +0000294820001228
2949 - (bal) Patch to add libutil.h to loginrec.c only if the platform has
2950 libutil.h. Suggested by Pekka Savola <pekka@netcore.fi>
Damien Miller9fa07d62000-12-28 14:57:27 +11002951 - (djm) Update to new x11-askpass in RPM spec
Ben Lindstrom42717bf2000-12-28 15:46:20 +00002952 - (bal) SCO patch to not include <sys/queue.h> since it's unrelated
2953 header. Patch by Tim Rice <tim@multitalents.net>
2954 - Updated TODO w/ known HP/UX issue
2955 - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the
2956 bad reference to 'NeXT including it else were' on the #ifdef version.
Ben Lindstrome2fb8d32000-12-28 00:07:07 +00002957
Ben Lindstrom2c467a22000-12-27 04:57:41 +0000295820001227
Damien Miller33804262001-02-04 23:20:18 +11002959 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
Ben Lindstrom2c467a22000-12-27 04:57:41 +00002960 Takumi Yamane <yamtak@b-session.com>
2961 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
2962 by Corinna Vinschen <vinschen@redhat.com>
Damien Millerfa610a12000-12-27 16:44:51 +11002963 - (djm) Fix catman-do target for non-bash
Damien Miller33804262001-02-04 23:20:18 +11002964 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
Ben Lindstrome2fb8d32000-12-28 00:07:07 +00002965 Takumi Yamane <yamtak@b-session.com>
2966 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
2967 by Corinna Vinschen <vinschen@redhat.com>
2968 - (djm) Fix catman-do target for non-bash
Damien Miller33804262001-02-04 23:20:18 +11002969 - (bal) Fixed NeXT's lack of CPPFLAGS honoring.
2970 - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/
Ben Lindstrom5adbad22000-12-27 07:06:21 +00002971 'RLIMIT_NOFILE'
Damien Miller33804262001-02-04 23:20:18 +11002972 - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree,
2973 the info in COPYING.Ylonen has been moved to the start of each
Damien Miller981eeed2000-12-27 19:06:05 +11002974 SSH1-derived file and README.Ylonen is well out of date.
Ben Lindstrom2c467a22000-12-27 04:57:41 +00002975
Ben Lindstrom3deda8b2000-12-22 20:27:43 +0000297620001223
2977 - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects
2978 if a change to config.h has occurred. Suggested by Gert Doering
2979 <gert@greenie.muc.de>
2980 - (bal) OpenBSD CVS Update:
2981 - markus@cvs.openbsd.org 2000/12/22 16:49:40
2982 [ssh-keygen.c]
2983 fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com
2984
Ben Lindstrom46c16222000-12-22 01:43:59 +0000298520001222
2986 - Updated RCSID for pty.c
2987 - (bal) OpenBSD CVS Updates:
2988 - markus@cvs.openbsd.org 2000/12/21 15:10:16
2989 [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
2990 print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
2991 - markus@cvs.openbsd.org 2000/12/20 19:26:56
2992 [authfile.c]
2993 allow ssh -i userkey for root
2994 - markus@cvs.openbsd.org 2000/12/20 19:37:21
2995 [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
2996 fix prototypes; from stevesk@pobox.com
2997 - markus@cvs.openbsd.org 2000/12/20 19:32:08
2998 [sshd.c]
2999 init pointer to NULL; report from Jan.Ivan@cern.ch
3000 - markus@cvs.openbsd.org 2000/12/19 23:17:54
3001 [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
3002 auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
3003 bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
3004 crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
3005 key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
3006 packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
3007 serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
3008 ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c
3009 uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
3010 replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
3011 unsigned' with u_char.
3012
Kevin Stevesa074feb2000-12-21 22:33:45 +0000301320001221
3014 - (stevesk) OpenBSD CVS updates:
3015 - markus@cvs.openbsd.org 2000/12/19 15:43:45
3016 [authfile.c channels.c sftp-server.c ssh-agent.c]
3017 remove() -> unlink() for consistency
3018 - markus@cvs.openbsd.org 2000/12/19 15:48:09
3019 [ssh-keyscan.c]
3020 replace <ssl/x.h> with <openssl/x.h>
3021 - markus@cvs.openbsd.org 2000/12/17 02:33:40
3022 [uidswap.c]
3023 typo; from wsanchez@apple.com
Damien Miller33804262001-02-04 23:20:18 +11003024
Damien Miller82cf0ce2000-12-20 13:34:48 +1100302520001220
Damien Miller33804262001-02-04 23:20:18 +11003026 - (djm) Workaround PAM inconsistencies between Solaris derived PAM code
Damien Miller82cf0ce2000-12-20 13:34:48 +11003027 and Linux-PAM. Based on report and fix from Andrew Morgan
3028 <morgan@transmeta.com>
3029
Kevin Steves1004c7e2000-12-18 18:55:28 +0000303020001218
3031 - (stevesk) rsa.c: entropy.h not needed.
Ben Lindstrom28bfc0d2000-12-18 19:58:57 +00003032 - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile.
3033 Suggested by Wilfredo Sanchez <wsanchez@apple.com>
Kevin Steves1004c7e2000-12-18 18:55:28 +00003034
Kevin Steves8daed182000-12-16 19:21:03 +0000303520001216
3036 - (stevesk) OpenBSD CVS updates:
3037 - markus@cvs.openbsd.org 2000/12/16 02:53:57
3038 [scp.c]
3039 allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE
3040 - markus@cvs.openbsd.org 2000/12/16 02:39:57
3041 [scp.c]
3042 unused; from stevesk@pobox.com
3043
Kevin Stevesfa72dda2000-12-15 18:39:12 +0000304420001215
Kevin Stevese2737522000-12-15 23:47:30 +00003045 - (stevesk) Old OpenBSD patch wasn't completely applied:
3046 - markus@cvs.openbsd.org 2000/01/24 22:11:20
3047 [scp.c]
3048 allow '.' in usernames; from jedgar@fxp.org
Kevin Stevesfa72dda2000-12-15 18:39:12 +00003049 - (stevesk) OpenBSD CVS updates:
3050 - markus@cvs.openbsd.org 2000/12/13 16:26:53
3051 [ssh-keyscan.c]
3052 fatal already adds \n; from stevesk@pobox.com
3053 - markus@cvs.openbsd.org 2000/12/13 16:25:44
3054 [ssh-agent.c]
3055 remove redundant spaces; from stevesk@pobox.com
3056 - ho@cvs.openbsd.org 2000/12/12 15:50:21
3057 [pty.c]
3058 When failing to set tty owner and mode on a read-only filesystem, don't
3059 abort if the tty already has correct owner and reasonably sane modes.
3060 Example; permit 'root' to login to a firewall with read-only root fs.
3061 (markus@ ok)
3062 - deraadt@cvs.openbsd.org 2000/12/13 06:36:05
3063 [pty.c]
3064 KNF
Kevin Stevesfcec7f82000-12-15 19:55:48 +00003065 - markus@cvs.openbsd.org 2000/12/12 14:45:21
3066 [sshd.c]
3067 source port < 1024 is no longer required for rhosts-rsa since it
3068 adds no additional security.
3069 - markus@cvs.openbsd.org 2000/12/12 16:11:49
3070 [ssh.1 ssh.c]
3071 rhosts-rsa is no longer automagically disabled if ssh is not privileged.
3072 UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
3073 these changes should not change the visible default behaviour of the ssh client.
Kevin Steves7d00ba42000-12-15 23:03:10 +00003074 - deraadt@cvs.openbsd.org 2000/12/11 10:27:33
3075 [scp.c]
3076 when copying 0-sized files, do not re-print ETA time at completion
Kevin Steves6b875862000-12-15 23:31:01 +00003077 - provos@cvs.openbsd.org 2000/12/15 10:30:15
3078 [kex.c kex.h sshconnect2.c sshd.c]
3079 compute diffie-hellman in parallel between server and client. okay markus@
Kevin Stevesfa72dda2000-12-15 18:39:12 +00003080
Damien Miller152cea22000-12-13 19:21:51 +1100308120001213
3082 - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report
3083 from Andreas M. Kirchwitz <amk@krell.zikzak.de>
Kevin Stevesfa72dda2000-12-15 18:39:12 +00003084 - (stevesk) OpenBSD CVS update:
Kevin Stevesec84dc12000-12-13 17:45:15 +00003085 - markus@cvs.openbsd.org 2000/12/12 15:30:02
3086 [ssh-keyscan.c ssh.c sshd.c]
Damien Miller33804262001-02-04 23:20:18 +11003087 consistently use __progname; from stevesk@pobox.com
Damien Miller152cea22000-12-13 19:21:51 +11003088
Ben Lindstrom4cc90a42000-12-10 22:12:54 +0000308920001211
3090 - (bal) Applied patch to include ssh-keyscan into Redhat's package, and
3091 patch to install ssh-keyscan manpage. Patch by Pekka Savola
3092 <pekka@netcore.fi>
Ben Lindstroma65c78a2000-12-10 22:57:30 +00003093 - (bal) OpenbSD CVS update
3094 - markus@cvs.openbsd.org 2000/12/10 17:01:53
3095 [sshconnect1.c]
3096 always request new challenge for skey/tis-auth, fixes interop with
3097 other implementations; report from roth@feep.net
Ben Lindstrom4cc90a42000-12-10 22:12:54 +00003098
Ben Lindstromfa1b3d02000-12-10 01:55:37 +0000309920001210
3100 - (bal) OpenBSD CVS updates
Damien Miller33804262001-02-04 23:20:18 +11003101 - markus@cvs.openbsd.org 2000/12/09 13:41:51
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003102 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
3103 undo rijndael changes
Damien Miller33804262001-02-04 23:20:18 +11003104 - markus@cvs.openbsd.org 2000/12/09 13:48:31
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003105 [rijndael.c]
3106 fix byte order bug w/o introducing new implementation
Damien Miller33804262001-02-04 23:20:18 +11003107 - markus@cvs.openbsd.org 2000/12/09 14:08:27
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003108 [sftp-server.c]
3109 "" -> "." for realpath; from vinschen@redhat.com
Damien Miller33804262001-02-04 23:20:18 +11003110 - markus@cvs.openbsd.org 2000/12/09 14:06:54
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003111 [ssh-agent.c]
3112 extern int optind; from stevesk@sweden.hp.com
Ben Lindstrom971c9732000-12-10 02:01:50 +00003113 - provos@cvs.openbsd.org 2000/12/09 23:51:11
3114 [compat.c]
3115 remove unnecessary '\n'
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003116
Ben Lindstroma6885612000-12-09 03:45:32 +0000311720001209
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003118 - (bal) OpenBSD CVS updates:
Damien Miller33804262001-02-04 23:20:18 +11003119 - djm@cvs.openbsd.org 2000/12/07 4:24:59
Ben Lindstroma6885612000-12-09 03:45:32 +00003120 [ssh.1]
3121 Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo
3122
Ben Lindstroma14ee472000-12-07 01:24:58 +0000312320001207
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003124 - (bal) OpenBSD CVS updates:
Damien Miller33804262001-02-04 23:20:18 +11003125 - markus@cvs.openbsd.org 2000/12/06 22:58:14
Ben Lindstroma14ee472000-12-07 01:24:58 +00003126 [compat.c compat.h packet.c]
3127 disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
Ben Lindstrom01f84632000-12-07 05:57:27 +00003128 - markus@cvs.openbsd.org 2000/12/06 23:10:39
3129 [rijndael.c]
3130 unexpand(1)
Damien Miller33804262001-02-04 23:20:18 +11003131 - markus@cvs.openbsd.org 2000/12/06 23:05:43
Ben Lindstrom01f84632000-12-07 05:57:27 +00003132 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
3133 new rijndael implementation. fixes endian bugs
Ben Lindstroma14ee472000-12-07 01:24:58 +00003134
Ben Lindstrom7ad97102000-12-06 01:42:49 +0000313520001206
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003136 - (bal) OpenBSD CVS updates:
Ben Lindstrom7ad97102000-12-06 01:42:49 +00003137 - markus@cvs.openbsd.org 2000/12/05 20:34:09
3138 [channels.c channels.h clientloop.c serverloop.c]
3139 async connects for -R/-L; ok deraadt@
3140 - todd@cvs.openssh.org 2000/12/05 16:47:28
3141 [sshd.c]
3142 tweak comment to reflect real location of pid file; ok provos@
Kevin Steves2c65ada2000-12-06 22:25:40 +00003143 - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't
3144 have it (used in ssh-keyscan).
Kevin Stevesfa72dda2000-12-15 18:39:12 +00003145 - (stevesk) OpenBSD CVS update:
Kevin Stevesfc74af42000-12-06 22:47:55 +00003146 - markus@cvs.openbsd.org 2000/12/06 19:57:48
3147 [ssh-keyscan.c]
3148 err(3) -> internal error(), from stevesk@sweden.hp.com
Ben Lindstrom7ad97102000-12-06 01:42:49 +00003149
Ben Lindstromb6434ae2000-12-05 01:15:09 +0000315020001205
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00003151 - (bal) OpenBSD CVS updates:
Ben Lindstromb6434ae2000-12-05 01:15:09 +00003152 - markus@cvs.openbsd.org 2000/12/04 19:24:02
3153 [ssh-keyscan.c ssh-keyscan.1]
3154 David Maziere's ssh-keyscan, ok niels@
3155 - (bal) Updated Makefile.in to include ssh-keyscan that was just added
3156 to the recent OpenBSD source tree.
Kevin Steves3c516762000-12-06 00:48:05 +00003157 - (stevesk) fix typos in contrib/hpux/README
Ben Lindstromb6434ae2000-12-05 01:15:09 +00003158
Ben Lindstromd121f612000-12-03 17:00:47 +0000315920001204
3160 - (bal) More C functions defined in NeXT that are unaccessable without
Damien Miller33804262001-02-04 23:20:18 +11003161 defining -POSIX.
3162 - (bal) OpenBSD CVS updates:
3163 - markus@cvs.openbsd.org 2000/12/03 11:29:04
Ben Lindstromd121f612000-12-03 17:00:47 +00003164 [compat.c]
3165 remove fallback to SSH_BUG_HMAC now that the drafts are updated
3166 - markus@cvs.openbsd.org 2000/12/03 11:27:55
3167 [compat.c]
Damien Miller33804262001-02-04 23:20:18 +11003168 correctly match "2.1.0.pl2 SSH" etc; from
Ben Lindstrom7ad97102000-12-06 01:42:49 +00003169 pekkas@netcore.fi/bugzilla.redhat
Ben Lindstromd121f612000-12-03 17:00:47 +00003170 - markus@cvs.openbsd.org 2000/12/03 11:15:03
3171 [auth2.c compat.c compat.h sshconnect2.c]
3172 support f-secure/ssh.com 2.0.12; ok niels@
3173
Ben Lindstromc72745a2000-12-02 19:03:54 +0000317420001203
Ben Lindstromd121f612000-12-03 17:00:47 +00003175 - (bal) OpenBSD CVS updates:
Ben Lindstromc72745a2000-12-02 19:03:54 +00003176 - markus@cvs.openbsd.org 2000/11/30 22:54:31
3177 [channels.c]
Damien Miller33804262001-02-04 23:20:18 +11003178 debug->warn if tried to do -R style fwd w/o client requesting this;
Ben Lindstromc72745a2000-12-02 19:03:54 +00003179 ok neils@
3180 - markus@cvs.openbsd.org 2000/11/29 20:39:17
3181 [cipher.c]
3182 des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
3183 - markus@cvs.openbsd.org 2000/11/30 18:33:05
3184 [ssh-agent.c]
3185 agents must not dump core, ok niels@
Damien Miller33804262001-02-04 23:20:18 +11003186 - markus@cvs.openbsd.org 2000/11/30 07:04:02
Ben Lindstromc72745a2000-12-02 19:03:54 +00003187 [ssh.1]
3188 T is for both protocols
3189 - markus@cvs.openbsd.org 2000/12/01 00:00:51
3190 [ssh.1]
3191 typo; from green@FreeBSD.org
3192 - markus@cvs.openbsd.org 2000/11/30 07:02:35
3193 [ssh.c]
3194 check -T before isatty()
3195 - provos@cvs.openbsd.org 2000/11/29 13:51:27
3196 [sshconnect.c]
Damien Miller33804262001-02-04 23:20:18 +11003197 show IP address and hostname when new key is encountered. okay markus@
Ben Lindstromc72745a2000-12-02 19:03:54 +00003198 - markus@cvs.openbsd.org 2000/11/30 22:53:35
3199 [sshconnect.c]
3200 disable agent/x11/port fwding if hostkey has changed; ok niels@
3201 - marksu@cvs.openbsd.org 2000/11/29 21:11:59
3202 [sshd.c]
3203 sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
3204 from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
Damien Millerb8481582000-12-03 11:51:51 +11003205 - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable
3206 PAM authentication using KbdInteractive.
3207 - (djm) Added another TODO
Ben Lindstromc72745a2000-12-02 19:03:54 +00003208
Ben Lindstrom75214f92000-12-01 21:19:51 +0000320920001202
3210 - (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
Damien Miller33804262001-02-04 23:20:18 +11003211 - (bal) Irix need some sort of mansubdir, patch by Michael Stone
Ben Lindstrom75214f92000-12-01 21:19:51 +00003212 <mstone@cs.loyola.edu>
3213
Damien Millera2e53cc2000-11-29 11:26:45 +1100321420001129
Damien Miller43dc8da2000-11-29 15:55:17 +11003215 - (djm) Back out all the serverloop.c hacks. sshd will now hang again
3216 if there are background children with open fds.
Damien Miller3f62aba2000-11-29 11:56:35 +11003217 - (djm) bsd-rresvport.c bzero -> memset
Damien Miller33804262001-02-04 23:20:18 +11003218 - (djm) Don't fail in defines.h on absence of 64 bit types (we will
Damien Miller3f62aba2000-11-29 11:56:35 +11003219 still fail during compilation of sftp-server).
3220 - (djm) Fail if ar is not found during configure
Damien Millere39cacc2000-11-29 12:18:44 +11003221 - (djm) OpenBSD CVS updates:
3222 - provos@cvs.openbsd.org 2000/11/22 08:38:31
3223 [sshd.8]
3224 talk about /etc/primes, okay markus@
3225 - markus@cvs.openbsd.org 2000/11/23 14:03:48
3226 [ssh.c sshconnect1.c sshconnect2.c]
3227 complain about invalid ciphers for ssh1/ssh2, fall back to reasonable
3228 defaults
3229 - markus@cvs.openbsd.org 2000/11/25 09:42:53
3230 [sshconnect1.c]
3231 reorder check for illegal ciphers, bugreport from espie@
3232 - markus@cvs.openbsd.org 2000/11/25 10:19:34
3233 [ssh-keygen.c ssh.h]
3234 print keytype when generating a key.
3235 reasonable defaults for RSA1/RSA/DSA keys.
Damien Millera19cf472000-11-29 13:28:50 +11003236 - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few
3237 more manpage paths in fixpaths calls
3238 - (djm) Also add xauth path at Pekka's suggestion.
Damien Miller6dbfef62000-11-29 13:51:06 +11003239 - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility
Damien Millera2e53cc2000-11-29 11:26:45 +11003240
Damien Millerd592b632000-11-25 10:09:32 +1100324120001125
3242 - (djm) Give up privs when reading seed file
3243
Ben Lindstrom14920292000-11-21 21:24:55 +0000324420001123
3245 - (bal) Merge OpenBSD changes:
3246 - markus@cvs.openbsd.org 2000/11/15 22:31:36
3247 [auth-options.c]
Damien Miller33804262001-02-04 23:20:18 +11003248 case insensitive key options; from stevesk@sweeden.hp.com
Ben Lindstrom14920292000-11-21 21:24:55 +00003249 - markus@cvs.openbsd.org 2000/11/16 17:55:43
3250 [dh.c]
3251 do not use perror() in sshd, after child is forked()
3252 - markus@cvs.openbsd.org 2000/11/14 23:42:40
3253 [auth-rsa.c]
3254 parse option only if key matches; fix some confusing seen by the client
3255 - markus@cvs.openbsd.org 2000/11/14 23:44:19
3256 [session.c]
3257 check no_agent_forward_flag for ssh-2, too
3258 - markus@cvs.openbsd.org 2000/11/15
3259 [ssh-agent.1]
3260 reorder SYNOPSIS; typo, use .It
3261 - markus@cvs.openbsd.org 2000/11/14 23:48:55
3262 [ssh-agent.c]
3263 do not reorder keys if a key is removed
3264 - markus@cvs.openbsd.org 2000/11/15 19:58:08
3265 [ssh.c]
Damien Miller33804262001-02-04 23:20:18 +11003266 just ignore non existing user keys
Ben Lindstrom14920292000-11-21 21:24:55 +00003267 - millert@cvs.openbsd.org 200/11/15 20:24:43
3268 [ssh-keygen.c]
3269 Add missing \n at end of error message.
3270
Ben Lindstrom4a1d9162000-11-21 10:45:31 +0000327120001122
3272 - (bal) Minor patch to ensure platforms lacking IRIX job limit supports
3273 are compilable.
3274 - (bal) Updated TODO as of 11/18/2000 with known things to resolve.
3275
Ben Lindstrombaaa2c02000-11-17 00:22:17 +0000327620001117
3277 - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It
3278 has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com>
Damien Miller33804262001-02-04 23:20:18 +11003279 - (stevesk) Reworked progname support.
Ben Lindstrom49a79c02000-11-17 03:47:20 +00003280 - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by
3281 Shinichi Maruyama <marya@st.jip.co.jp>
Ben Lindstrombaaa2c02000-11-17 00:22:17 +00003282
Ben Lindstrom65571522000-11-16 02:46:20 +0000328320001116
3284 - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO
3285 releases.
3286 - (bal) Make builds work outside of source tree. Patch by Mark D. Roth
3287 <roth@feep.net>
3288
Damien Miller559d3832000-11-13 20:59:05 +1100328920001113
Damien Miller33804262001-02-04 23:20:18 +11003290 - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to
Damien Miller559d3832000-11-13 20:59:05 +11003291 contrib/README
Damien Miller0bc1bd82000-11-13 22:57:25 +11003292 - (djm) Merge OpenBSD changes:
3293 - markus@cvs.openbsd.org 2000/11/06 16:04:56
3294 [channels.c channels.h clientloop.c nchan.c serverloop.c]
3295 [session.c ssh.c]
3296 agent forwarding and -R for ssh2, based on work from
3297 jhuuskon@messi.uku.fi
3298 - markus@cvs.openbsd.org 2000/11/06 16:13:27
3299 [ssh.c sshconnect.c sshd.c]
3300 do not disabled rhosts(rsa) if server port > 1024; from
3301 pekkas@netcore.fi
3302 - markus@cvs.openbsd.org 2000/11/06 16:16:35
3303 [sshconnect.c]
3304 downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
3305 - markus@cvs.openbsd.org 2000/11/09 18:04:40
3306 [auth1.c]
3307 typo; from mouring@pconline.com
3308 - markus@cvs.openbsd.org 2000/11/12 12:03:28
3309 [ssh-agent.c]
3310 off-by-one when removing a key from the agent
3311 - markus@cvs.openbsd.org 2000/11/12 12:50:39
3312 [auth-rh-rsa.c auth2.c authfd.c authfd.h]
3313 [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
3314 [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
3315 [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
3316 [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
Damien Miller33804262001-02-04 23:20:18 +11003317 [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
Damien Miller0bc1bd82000-11-13 22:57:25 +11003318 add support for RSA to SSH2. please test.
3319 there are now 3 types of keys: RSA1 is used by ssh-1 only,
3320 RSA and DSA are used by SSH2.
3321 you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
3322 keys for SSH2 and use the RSA keys for hostkeys or for user keys.
3323 SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
3324 - (djm) Fix up Makefile and Redhat init script to create RSA host keys
Damien Millerd1446d82000-11-13 22:58:22 +11003325 - (djm) Change to interim version
Damien Milleree188d32000-11-13 23:13:55 +11003326 - (djm) Fix RPM spec file stupidity
Damien Miller457b5a22000-11-13 23:17:53 +11003327 - (djm) fixpaths to DSA and RSA keys too
Damien Miller559d3832000-11-13 20:59:05 +11003328
Ben Lindstrom980754c2000-11-12 00:04:24 +0000332920001112
3330 - (bal) SCO Patch to add needed libraries for configure.in. Patch by
3331 Phillips Porch <root@theporch.com>
Damien Miller559d3832000-11-13 20:59:05 +11003332 - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker
3333 <dcp@sgi.com>
Kevin Steves6c0d6272000-11-12 09:22:29 +00003334 - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to
3335 failed ioctl(TIOCSCTTY) call.
Ben Lindstrom980754c2000-11-12 00:04:24 +00003336
Damien Miller0986b552000-11-11 08:36:38 +1100333720001111
3338 - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and
3339 packaging files
Damien Miller895f2382000-11-11 08:47:18 +11003340 - (djm) Fix new Makefile.in warnings
Damien Miller33804262001-02-04 23:20:18 +11003341 - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are
3342 promoted to type int. Report and fix from Dan Astoorian
Damien Miller9f4f7552000-11-11 09:03:32 +11003343 <djast@cs.toronto.edu>
Damien Miller33804262001-02-04 23:20:18 +11003344 - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get
Damien Millerafeaca92000-11-11 09:09:57 +11003345 it wrong. Report from Bennett Todd <bet@rahul.net>
Damien Miller0986b552000-11-11 08:36:38 +11003346
Ben Lindstrom305fb002000-11-10 02:41:30 +0000334720001110
3348 - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c
3349 - (bal) Changed from --with-skey to --with-skey=PATH in configure.in
3350 - (bal) Added in check to verify S/Key library is being detected in
3351 configure.in
Damien Miller33804262001-02-04 23:20:18 +11003352 - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif.
Ben Lindstrom305fb002000-11-10 02:41:30 +00003353 Patch by Mark Miller <markm@swoon.net>
3354 - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined
Damien Miller33804262001-02-04 23:20:18 +11003355 to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net>
Ben Lindstrom305fb002000-11-10 02:41:30 +00003356 - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs
3357
Ben Lindstrom89ef41a2000-11-07 16:41:41 +0000335820001107
Ben Lindstromdbcea872000-11-08 01:07:51 +00003359 - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by
3360 Mark Miller <markm@swoon.net>
Ben Lindstrom89ef41a2000-11-07 16:41:41 +00003361 - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by
3362 Jarno Huuskonen <jhuuskon@messi.uku.fi>
Ben Lindstromdbcea872000-11-08 01:07:51 +00003363 - (bal) fixpaths fixed to stop it from quitely failing. Patch by
3364 Mark D. Roth <roth@feep.net>
Ben Lindstrom89ef41a2000-11-07 16:41:41 +00003365
Damien Millerc78abaa2000-11-06 12:07:21 +1100336620001106
3367 - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs
Damien Miller389edc42000-11-06 12:39:34 +11003368 - (djm) Manually fix up missed diff hunks (mainly RCS idents)
Damien Miller33804262001-02-04 23:20:18 +11003369 - (djm) Remove UPGRADING document in favour of a link to the better
Damien Miller6604fad2000-11-06 12:48:54 +11003370 maintained FAQ on www.openssh.com
Damien Miller969c07e2000-11-06 13:06:43 +11003371 - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola
3372 <pekkas@netcore.fi>
3373 - (djm) Don't need X11-askpass in RPM spec file if building without it
3374 from Pekka Savola <pekkas@netcore.fi>
Damien Miller6bad1772000-11-06 14:17:38 +11003375 - (djm) Release 2.3.0p1
Ben Lindstrom2ed98182000-11-06 07:15:43 +00003376 - (bal) typo in configure.in in regards to --with-ldflags from Marko
3377 Asplund <aspa@kronodoc.fi>
3378 - (bal) fixed next-posix.h. Forgot prototype of getppid().
Damien Miller2b023d82000-11-06 13:07:45 +11003379
Ben Lindstromf2de06b2000-11-05 05:42:36 +0000338020001105
3381 - (bal) Sync with OpenBSD:
3382 - markus@cvs.openbsd.org 2000/10/31 9:31:58
3383 [compat.c]
3384 handle all old openssh versions
3385 - markus@cvs.openbsd.org 2000/10/31 13:1853
3386 [deattack.c]
3387 so that large packets do not wrap "n"; from netbsd
3388 - (bal) rijndel.c - fix up RCSID to match OpenBSD tree
Ben Lindstrom67e21e12000-11-05 09:08:45 +00003389 - (bal) auth2-skey.c - Checked in. Missing from portable tree.
3390 - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and
3391 setsid() into more common files
Kevin Steves85b3db62000-11-05 15:31:36 +00003392 - (stevesk) pty.c: use __hpux to identify HP-UX.
Ben Lindstrome4c82b52000-11-05 21:13:45 +00003393 - (bal) Missed auth-skey.o in Makefile.in and minor correction to
3394 bsd-waitpid.c
Ben Lindstromf2de06b2000-11-05 05:42:36 +00003395
Kevin Stevesa58e0af2000-10-29 14:38:55 +0000339620001029
3397 - (stevesk) Fix typo in auth.c: USE_PAM not PAM
Kevin Steves9be6e262000-10-29 19:18:49 +00003398 - (stevesk) Create contrib/cygwin/ directory; patch from
3399 Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom23e13712000-10-29 22:49:19 +00003400 - (bal) Resolved more $xno and $xyes issues in configure.in
Ben Lindstrom2791cd52000-10-30 05:33:55 +00003401 - (bal) next-posix.h - spelling and forgot a prototype
Kevin Stevesa58e0af2000-10-29 14:38:55 +00003402
Damien Miller6bd90df2000-10-28 13:30:55 +1100340320001028
Damien Miller33804262001-02-04 23:20:18 +11003404 - (djm) fix select hack in serverloop.c from Philippe WILLEM
Damien Miller6bd90df2000-10-28 13:30:55 +11003405 <Philippe.WILLEM@urssaf.fr>
Damien Millerc05e0182000-10-28 13:38:34 +11003406 - (djm) Fix mangled AIXAUTHENTICATE code
Damien Miller33804262001-02-04 23:20:18 +11003407 - (djm) authctxt->pw may be NULL. Fix from Markus Friedl
Damien Millerd425d4d2000-10-28 21:05:57 +11003408 <markus.friedl@informatik.uni-erlangen.de>
Damien Miller69b69aa2000-10-28 14:19:58 +11003409 - (djm) Sync with OpenBSD:
3410 - markus@cvs.openbsd.org 2000/10/16 15:46:32
3411 [ssh.1]
3412 fixes from pekkas@netcore.fi
3413 - markus@cvs.openbsd.org 2000/10/17 14:28:11
3414 [atomicio.c]
3415 return number of characters processed; ok deraadt@
3416 - markus@cvs.openbsd.org 2000/10/18 12:04:02
3417 [atomicio.c]
3418 undo
3419 - markus@cvs.openbsd.org 2000/10/18 12:23:02
3420 [scp.c]
3421 replace atomicio(read,...) with read(); ok deraadt@
3422 - markus@cvs.openbsd.org 2000/10/18 12:42:00
3423 [session.c]
3424 restore old record login behaviour
3425 - deraadt@cvs.openbsd.org 2000/10/19 10:41:13
3426 [auth-skey.c]
3427 fmt string problem in unused code
3428 - provos@cvs.openbsd.org 2000/10/19 10:45:16
3429 [sshconnect2.c]
3430 don't reference freed memory. okay deraadt@
3431 - markus@cvs.openbsd.org 2000/10/21 11:04:23
3432 [canohost.c]
3433 typo, eramore@era-t.ericsson.se; ok niels@
3434 - markus@cvs.openbsd.org 2000/10/23 13:31:55
3435 [cipher.c]
3436 non-alignment dependent swap_bytes(); from
3437 simonb@wasabisystems.com/netbsd
3438 - markus@cvs.openbsd.org 2000/10/26 12:38:28
3439 [compat.c]
3440 add older vandyke products
3441 - markus@cvs.openbsd.org 2000/10/27 01:32:19
3442 [channels.c channels.h clientloop.c serverloop.c session.c]
3443 [ssh.c util.c]
Damien Miller33804262001-02-04 23:20:18 +11003444 enable non-blocking IO on channels, and tty's (except for the
Damien Miller69b69aa2000-10-28 14:19:58 +11003445 client ttys).
Damien Miller6bd90df2000-10-28 13:30:55 +11003446
Damien Miller656d7172000-10-27 09:27:32 +1100344720001027
3448 - (djm) Increase REKEY_BYTES to 2^24 for arc4random
3449
Damien Miller6f9c3372000-10-25 10:06:04 +1100345020001025
3451 - (djm) Added WARNING.RNG file and modified configure to ask users of the
3452 builtin entropy code to read it.
3453 - (djm) Prefer builtin regex to PCRE.
Ben Lindstrom76020ba2000-10-25 16:55:00 +00003454 - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly.
3455 - (bal) Apply fixes to configure.in pointed out by Pavel Roskin
3456 <proski@gnu.org>
Damien Miller6f9c3372000-10-25 10:06:04 +11003457
Damien Miller81fa28a2000-10-20 09:14:04 +1100345820001020
3459 - (djm) Don't define _REENTRANT for SNI/Reliant Unix
Ben Lindstrome5a85252000-10-19 23:43:24 +00003460 - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation
3461 is more correct then current version.
Damien Miller81fa28a2000-10-20 09:14:04 +11003462
Kevin Steves8848b242000-10-18 13:11:44 +0000346320001018
3464 - (stevesk) Add initial support for setproctitle(). Current
3465 support is for the HP-UX pstat(PSTAT_SETCMD, ...) method.
Kevin Stevesee184da2000-10-18 13:45:40 +00003466 - (stevesk) Add egd startup scripts to contrib/hpux/
Kevin Steves8848b242000-10-18 13:11:44 +00003467
Damien Milleref767ac2000-10-17 23:14:08 +1100346820001017
3469 - (djm) Add -lregex to cywin libs from Corinna Vinschen
3470 <vinschen@cygnus.com>
Damien Miller2594de82000-10-17 23:22:28 +11003471 - (djm) Don't rely on atomicio's retval to determine length of askpass
3472 supplied passphrase. Problem report from Lutz Jaenicke
3473 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromb5628642000-10-18 00:02:25 +00003474 - (bal) Changed from GNU rx to PCRE on suggestion from djm.
Damien Miller33804262001-02-04 23:20:18 +11003475 - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki
Ben Lindstromb5628642000-10-18 00:02:25 +00003476 <nakaji@tutrp.tut.ac.jp>
Damien Milleref767ac2000-10-17 23:14:08 +11003477
Damien Miller50a41ed2000-10-16 12:14:42 +1100347820001016
3479 - (djm) Sync with OpenBSD:
3480 - markus@cvs.openbsd.org 2000/10/14 04:01:15
3481 [cipher.c]
3482 debug3
3483 - markus@cvs.openbsd.org 2000/10/14 04:07:23
3484 [scp.c]
3485 remove spaces from arguments; from djm@mindrot.org
3486 - markus@cvs.openbsd.org 2000/10/14 06:09:46
3487 [ssh.1]
3488 Cipher is for SSH-1 only
3489 - markus@cvs.openbsd.org 2000/10/14 06:12:09
3490 [servconf.c servconf.h serverloop.c session.c sshd.8]
3491 AllowTcpForwarding; from naddy@
3492 - markus@cvs.openbsd.org 2000/10/14 06:16:56
3493 [auth2.c compat.c compat.h sshconnect2.c version.h]
Damien Miller33804262001-02-04 23:20:18 +11003494 OpenSSH_2.3; note that is is not complete, but the version number
Damien Miller50a41ed2000-10-16 12:14:42 +11003495 needs to be changed for interoperability reasons
3496 - markus@cvs.openbsd.org 2000/10/14 06:19:45
3497 [auth-rsa.c]
3498 do not send RSA challenge if key is not allowed by key-options; from
3499 eivind@ThinkSec.com
3500 - markus@cvs.openbsd.org 2000/10/15 08:14:01
3501 [rijndael.c session.c]
3502 typos; from stevesk@sweden.hp.com
3503 - markus@cvs.openbsd.org 2000/10/15 08:18:31
3504 [rijndael.c]
3505 typo
Damien Miller33804262001-02-04 23:20:18 +11003506 - (djm) Copy manpages back over from OpenBSD - too tedious to wade
Damien Miller2b2cf522000-10-16 12:25:17 +11003507 through diffs
Damien Miller33804262001-02-04 23:20:18 +11003508 - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola
Damien Miller2b2cf522000-10-16 12:25:17 +11003509 <pekkas@netcore.fi>
Damien Millerff649d82000-10-16 13:35:19 +11003510 - (djm) Update version in Redhat spec file
Damien Miller33804262001-02-04 23:20:18 +11003511 - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
Damien Millerff649d82000-10-16 13:35:19 +11003512 Redhat 7.0 spec file
Damien Miller52dc96b2000-10-16 20:13:43 +11003513 - (djm) Make inability to read/write PRNG seedfile non-fatal
3514
Damien Miller50a41ed2000-10-16 12:14:42 +11003515
Damien Miller59939352000-10-15 12:21:32 +1100351620001015
3517 - (djm) Fix ssh2 hang on background processes at logout.
3518
Damien Miller60819b42000-10-14 11:16:12 +1100351920001014
Ben Lindstromb4df15d2000-10-15 00:17:36 +00003520 - (bal) Add support for realpath and getcwd for platforms with broken
3521 or missing realpath implementations for sftp-server.
3522 - (bal) Corrected mistake in INSTALL in regards to GNU rx library
Damien Miller33804262001-02-04 23:20:18 +11003523 - (bal) Add support for GNU rx library for those lacking regexp support
Damien Miller60819b42000-10-14 11:16:12 +11003524 - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
Damien Miller15b29522000-10-14 12:33:48 +11003525 - (djm) Revert SSH2 serverloop hack, will find a better way.
Damien Miller89d97962000-10-14 12:37:19 +11003526 - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch
3527 from Martin Johansson <fatbob@acc.umu.se>
Damien Miller874d77b2000-10-14 16:23:11 +11003528 - (djm) Big OpenBSD sync:
3529 - markus@cvs.openbsd.org 2000/09/30 10:27:44
3530 [log.c]
3531 allow loglevel debug
3532 - markus@cvs.openbsd.org 2000/10/03 11:59:57
3533 [packet.c]
3534 hmac->mac
3535 - markus@cvs.openbsd.org 2000/10/03 12:03:03
3536 [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
3537 move fake-auth from auth1.c to individual auth methods, disables s/key in
3538 debug-msg
3539 - markus@cvs.openbsd.org 2000/10/03 12:16:48
3540 ssh.c
3541 do not resolve canonname, i have no idea why this was added oin ossh
3542 - markus@cvs.openbsd.org 2000/10/09 15:30:44
3543 ssh-keygen.1 ssh-keygen.c
3544 -X now reads private ssh.com DSA keys, too.
3545 - markus@cvs.openbsd.org 2000/10/09 15:32:34
3546 auth-options.c
3547 clear options on every call.
3548 - markus@cvs.openbsd.org 2000/10/09 15:51:00
3549 authfd.c authfd.h
3550 interop with ssh-agent2, from <res@shore.net>
3551 - markus@cvs.openbsd.org 2000/10/10 14:20:45
3552 compat.c
3553 use rexexp for version string matching
3554 - provos@cvs.openbsd.org 2000/10/10 22:02:18
3555 [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
3556 First rough implementation of the diffie-hellman group exchange. The
3557 client can ask the server for bigger groups to perform the diffie-hellman
3558 in, thus increasing the attack complexity when using ciphers with longer
3559 keys. University of Windsor provided network, T the company.
3560 - markus@cvs.openbsd.org 2000/10/11 13:59:52
3561 [auth-rsa.c auth2.c]
3562 clear auth options unless auth sucessfull
3563 - markus@cvs.openbsd.org 2000/10/11 14:00:27
3564 [auth-options.h]
3565 clear auth options unless auth sucessfull
3566 - markus@cvs.openbsd.org 2000/10/11 14:03:27
3567 [scp.1 scp.c]
3568 support 'scp -o' with help from mouring@pconline.com
3569 - markus@cvs.openbsd.org 2000/10/11 14:11:35
3570 [dh.c]
3571 Wall
3572 - markus@cvs.openbsd.org 2000/10/11 14:14:40
3573 [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
3574 [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
3575 add support for s/key (kbd-interactive) to ssh2, based on work by
3576 mkiernan@avantgo.com and me
3577 - markus@cvs.openbsd.org 2000/10/11 14:27:24
3578 [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
3579 [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
3580 [sshconnect2.c sshd.c]
3581 new cipher framework
3582 - markus@cvs.openbsd.org 2000/10/11 14:45:21
3583 [cipher.c]
3584 remove DES
3585 - markus@cvs.openbsd.org 2000/10/12 03:59:20
3586 [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
3587 enable DES in SSH-1 clients only
3588 - markus@cvs.openbsd.org 2000/10/12 08:21:13
3589 [kex.h packet.c]
3590 remove unused
3591 - markus@cvs.openbsd.org 2000/10/13 12:34:46
3592 [sshd.c]
3593 Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se
3594 - markus@cvs.openbsd.org 2000/10/13 12:59:15
3595 [cipher.c cipher.h myproposal.h rijndael.c rijndael.h]
3596 rijndael/aes support
3597 - markus@cvs.openbsd.org 2000/10/13 13:10:54
3598 [sshd.8]
3599 more info about -V
3600 - markus@cvs.openbsd.org 2000/10/13 13:12:02
3601 [myproposal.h]
3602 prefer no compression
Damien Millere4041c92000-10-14 17:45:58 +11003603 - (djm) Fix scp user@host handling
3604 - (djm) Don't clobber ssh_prng_cmds on install
Kevin Stevescee23de2000-10-14 10:51:18 +00003605 - (stevesk) Include config.h in rijndael.c so we define intXX_t and
3606 u_intXX_t types on all platforms.
Kevin Stevesf16b9d22000-10-14 10:57:04 +00003607 - (stevesk) rijndael.c: cleanup missing declaration warnings.
Kevin Steves092f2ef2000-10-14 13:36:13 +00003608 - (stevesk) ~/.hushlogin shouldn't cause required password change to
3609 be bypassed.
Kevin Stevese0f49142000-10-14 17:51:48 +00003610 - (stevesk) Display correct path to ssh-askpass in configure output.
3611 Report from Lutz Jaenicke.
Damien Miller60819b42000-10-14 11:16:12 +11003612
Kevin Stevescccca272000-10-07 11:16:55 +0000361320001007
3614 - (stevesk) Print PAM return value in PAM log messages to aid
3615 with debugging.
Kevin Steves48b7cc02000-10-07 13:24:00 +00003616 - (stevesk) Fix detection of pw_class struct member in configure;
3617 patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp>
3618
Damien Millere68f92b2000-10-02 21:42:15 +1100361920001002
3620 - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com>
3621 - (djm) Add host system and CC to end-of-configure report. Suggested by
3622 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
3623
Damien Miller05dd7952000-10-01 00:42:48 +1100362420000931
3625 - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com>
3626
Damien Miller190d5a82000-09-30 09:43:19 +1100362720000930
Damien Millerbea034a2000-09-30 09:43:32 +11003628 - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi>
Damien Miller33804262001-02-04 23:20:18 +11003629 - (djm) Support in bsd-snprintf.c for long long conversions from
Damien Millerb88532e2000-09-30 09:53:59 +11003630 Ben Lindstrom <mouring@pconline.com>
3631 - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com>
Damien Millercf3888d2000-09-30 14:17:52 +11003632 - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with
Damien Miller33804262001-02-04 23:20:18 +11003633 very short lived X connections. Bug report from Tobias Oetiker
Damien Millercf3888d2000-09-30 14:17:52 +11003634 <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org>
Damien Millerb27ef9e2000-09-30 14:29:44 +11003635 - (djm) Add recent InitScripts as a RPM dependancy for openssh-server
3636 patch from Pekka Savola <pekkas@netcore.fi>
Damien Miller7294baa2000-09-30 14:40:39 +11003637 - (djm) Forgot to cvs add LICENSE file
Damien Miller51155a72000-09-30 14:41:38 +11003638 - (djm) Add LICENSE to RPM spec files
Damien Millerd3444942000-09-30 14:20:03 +11003639 - (djm) CVS OpenBSD sync:
3640 - markus@cvs.openbsd.org 2000/09/26 13:59:59
3641 [clientloop.c]
3642 use debug2
3643 - markus@cvs.openbsd.org 2000/09/27 15:41:34
3644 [auth2.c sshconnect2.c]
3645 use key_type()
3646 - markus@cvs.openbsd.org 2000/09/28 12:03:18
3647 [channels.c]
3648 debug -> debug2 cleanup
Damien Miller33804262001-02-04 23:20:18 +11003649 - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only
Damien Miller87f43ff2000-09-30 21:36:54 +11003650 strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis
3651 <Alain.St-Denis@ec.gc.ca>
Damien Miller33804262001-02-04 23:20:18 +11003652 - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass.
3653 Problem was caused by interrupted read in ssh-add. Report from Donald
Damien Miller87f43ff2000-09-30 21:36:54 +11003654 J. Barry <don@astro.cornell.edu>
Damien Miller190d5a82000-09-30 09:43:19 +11003655
Damien Miller15e7d4b2000-09-29 10:57:35 +1100365620000929
3657 - (djm) Fix SSH2 not terminating until all background tasks done problem.
Damien Miller33804262001-02-04 23:20:18 +11003658 - (djm) Another off-by-one fix from Pavel Kankovsky
3659 <peak@argo.troja.mff.cuni.cz>
Damien Millercb5e44a2000-09-29 12:12:36 +11003660 - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
3661 tidy necessary differences. Use Markus' new debugN() in entropy.c
Damien Miller33804262001-02-04 23:20:18 +11003662 - (djm) Merged big SCO portability patch from Tim Rice
Damien Miller78315eb2000-09-29 23:01:36 +11003663 <tim@multitalents.net>
Damien Miller15e7d4b2000-09-29 10:57:35 +11003664
Damien Miller96f0c722000-09-26 12:09:48 +1100366520000926
3666 - (djm) Update X11-askpass to 1.0.2 in RPM spec file
Damien Millere772b682000-09-26 13:10:37 +11003667 - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX
Damien Miller33804262001-02-04 23:20:18 +11003668 - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c.
3669 Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
Damien Miller96f0c722000-09-26 12:09:48 +11003670
Damien Miller72c9a7e2000-09-24 11:10:13 +1100367120000924
3672 - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net>
3673 - (djm) A bit more cleanup - created cygwin_util.h
Damien Miller80ecfe82000-09-24 11:21:31 +11003674 - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller
3675 <markm@swoon.net>
Damien Miller72c9a7e2000-09-24 11:10:13 +11003676
Damien Millerd6f204d2000-09-23 13:57:27 +1100367720000923
Damien Miller33804262001-02-04 23:20:18 +11003678 - (djm) Fix address logging in utmp from Kevin Steves
Damien Millerd6f204d2000-09-23 13:57:27 +11003679 <stevesk@sweden.hp.com>
Damien Miller96002332000-09-23 14:00:09 +11003680 - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi>
Damien Miller578783e2000-09-23 14:12:24 +11003681 - (djm) Seperate tests for int64_t and u_int64_t types
Damien Miller33804262001-02-04 23:20:18 +11003682 - (djm) Tweak password expiry checking at suggestion of Kevin Steves
Damien Miller62dd94b2000-09-23 14:26:32 +11003683 <stevesk@sweden.hp.com>
Damien Millerb9c2ce82000-09-23 14:52:50 +11003684 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
Damien Miller33804262001-02-04 23:20:18 +11003685 - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from
Damien Millerf056e232000-09-23 14:58:32 +11003686 Michael Stone <mstone@cs.loyola.edu>
Damien Miller62cee002000-09-23 17:15:56 +11003687 - (djm) OpenBSD CVS sync:
3688 - markus@cvs.openbsd.org 2000/09/17 09:38:59
3689 [sshconnect2.c sshd.c]
3690 fix DEBUG_KEXDH
3691 - markus@cvs.openbsd.org 2000/09/17 09:52:51
3692 [sshconnect.c]
3693 yes no; ok niels@
3694 - markus@cvs.openbsd.org 2000/09/21 04:55:11
3695 [sshd.8]
3696 typo
3697 - markus@cvs.openbsd.org 2000/09/21 05:03:54
3698 [serverloop.c]
3699 typo
3700 - markus@cvs.openbsd.org 2000/09/21 05:11:42
3701 scp.c
3702 utime() to utimes(); mouring@pconline.com
3703 - markus@cvs.openbsd.org 2000/09/21 05:25:08
3704 sshconnect2.c
3705 change login logic in ssh2, allows plugin of other auth methods
3706 - markus@cvs.openbsd.org 2000/09/21 05:25:35
3707 [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h]
3708 [serverloop.c]
3709 add context to dispatch_run
3710 - markus@cvs.openbsd.org 2000/09/21 05:07:52
3711 authfd.c authfd.h ssh-agent.c
3712 bug compat for old ssh.com software
Damien Millerd6f204d2000-09-23 13:57:27 +11003713
Damien Millerf13f75d2000-09-21 21:51:07 +1100371420000920
3715 - (djm) Fix bad path substitution. Report from Andrew Miner
3716 <asminer@cs.iastate.edu>
3717
Damien Millere4340be2000-09-16 13:29:08 +1100371820000916
Damien Miller33804262001-02-04 23:20:18 +11003719 - (djm) Fix SSL search order from Lutz Jaenicke
Damien Millera1b61e12000-09-16 17:02:16 +11003720 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller2efcd3c2000-09-16 16:30:55 +11003721 - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de>
Damien Millerb70b61f2000-09-16 16:25:12 +11003722 - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com>
Damien Miller52cbcbf2000-09-16 16:21:28 +11003723 - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage.
3724 Patch from Larry Jones <larry.jones@sdrc.com>
Damien Miller33804262001-02-04 23:20:18 +11003725 - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM
Damien Miller9d5705a2000-09-16 16:09:27 +11003726 password change patch.
3727 - (djm) Bring licenses on my stuff in line with OpenBSD's
Damien Miller8a1e6a62000-09-16 15:55:52 +11003728 - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from
3729 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller606f8802000-09-16 15:39:56 +11003730 - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz>
3731 - (djm) Re-enable int64_t types - we need them for sftp
3732 - (djm) Use libexecdir from configure , rather than libexecdir/ssh
3733 - (djm) Update Redhat SPEC file accordingly
3734 - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files
3735 - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch
Damien Miller33804262001-02-04 23:20:18 +11003736 - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter
Damien Miller606f8802000-09-16 15:39:56 +11003737 <Dirk.DeWachter@rug.ac.be>
Damien Miller33804262001-02-04 23:20:18 +11003738 - (djm) Fixprogs and entropy list fixes from Larry Jones
Damien Miller606f8802000-09-16 15:39:56 +11003739 <larry.jones@sdrc.com>
3740 - (djm) Fix for SuSE spec file from Takashi YOSHIDA
3741 <tyoshida@gemini.rc.kyushu-u.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11003742 - (djm) Merge OpenBSD changes:
3743 - markus@cvs.openbsd.org 2000/09/05 02:59:57
3744 [session.c]
3745 print hostname (not hushlogin)
3746 - markus@cvs.openbsd.org 2000/09/05 13:18:48
3747 [authfile.c ssh-add.c]
3748 enable ssh-add -d for DSA keys
3749 - markus@cvs.openbsd.org 2000/09/05 13:20:49
3750 [sftp-server.c]
3751 cleanup
3752 - markus@cvs.openbsd.org 2000/09/06 03:46:41
3753 [authfile.h]
3754 prototype
3755 - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
3756 [ALL]
Damien Miller33804262001-02-04 23:20:18 +11003757 cleanup copyright notices on all files. I have attempted to be
3758 accurate with the details. everything is now under Tatu's licence
3759 (which I copied from his readme), and/or the core-sdi bsd-ish thing
3760 for deattack, or various openbsd developers under a 2-term bsd
Damien Millere4340be2000-09-16 13:29:08 +11003761 licence. We're not changing any rules, just being accurate.
3762 - markus@cvs.openbsd.org 2000/09/07 14:40:30
3763 [channels.c channels.h clientloop.c serverloop.c ssh.c]
3764 cleanup window and packet sizes for ssh2 flow control; ok niels
3765 - markus@cvs.openbsd.org 2000/09/07 14:53:00
3766 [scp.c]
3767 typo
3768 - markus@cvs.openbsd.org 2000/09/07 15:13:37
3769 [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
3770 [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
3771 [pty.c readconf.c]
3772 some more Copyright fixes
3773 - markus@cvs.openbsd.org 2000/09/08 03:02:51
3774 [README.openssh2]
3775 bye bye
3776 - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
3777 [LICENCE cipher.c]
3778 a few more comments about it being ARC4 not RC4
3779 - markus@cvs.openbsd.org 2000/09/12 14:53:11
3780 [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
3781 multiple debug levels
3782 - markus@cvs.openbsd.org 2000/09/14 14:25:15
3783 [clientloop.c]
3784 typo
3785 - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
3786 [ssh-agent.c]
3787 check return value for setenv(3) for failure, and deal appropriately
3788
Damien Millerf384c362000-09-13 10:43:26 +1100378920000913
3790 - (djm) Fix server not exiting with jobs in background.
3791
Damien Miller7b28dc52000-09-05 13:34:53 +1100379220000905
3793 - (djm) Import OpenBSD CVS changes
3794 - markus@cvs.openbsd.org 2000/08/31 15:52:24
3795 [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
3796 implement a SFTP server. interops with sftp2, scp2 and the windows
3797 client from ssh.com
3798 - markus@cvs.openbsd.org 2000/08/31 15:56:03
3799 [README.openssh2]
3800 sync
3801 - markus@cvs.openbsd.org 2000/08/31 16:05:42
3802 [session.c]
3803 Wall
3804 - markus@cvs.openbsd.org 2000/08/31 16:09:34
3805 [authfd.c ssh-agent.c]
3806 add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
3807 - deraadt@cvs.openbsd.org 2000/09/01 09:25:13
3808 [scp.1 scp.c]
3809 cleanup and fix -S support; stevesk@sweden.hp.com
3810 - markus@cvs.openbsd.org 2000/09/01 16:29:32
3811 [sftp-server.c]
3812 portability fixes
3813 - markus@cvs.openbsd.org 2000/09/01 16:32:41
3814 [sftp-server.c]
3815 fix cast; mouring@pconline.com
3816 - itojun@cvs.openbsd.org 2000/09/03 09:23:28
3817 [ssh-add.1 ssh.1]
3818 add missing .El against .Bl.
3819 - markus@cvs.openbsd.org 2000/09/04 13:03:41
3820 [session.c]
3821 missing close; ok theo
3822 - markus@cvs.openbsd.org 2000/09/04 13:07:21
3823 [session.c]
3824 fix get_last_login_time order; from andre@van-veen.de
3825 - markus@cvs.openbsd.org 2000/09/04 13:10:09
3826 [sftp-server.c]
3827 more cast fixes; from mouring@pconline.com
3828 - markus@cvs.openbsd.org 2000/09/04 13:06:04
3829 [session.c]
3830 set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
3831 - (djm) Cleanup after import. Fix sftp-server compilation, Makefile
Damien Millerbac2d8a2000-09-05 16:13:06 +11003832 - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com>
3833
Damien Miller123cbe82000-09-03 19:14:58 +1100383420000903
3835 - (djm) Fix Redhat init script
3836
Damien Miller50f14f82000-09-01 14:14:37 +1100383720000901
3838 - (djm) Pick up Jim's new X11-askpass
3839 - (djm) Release 2.2.0p1
3840
Damien Miller238a9fa2000-08-31 09:20:05 +1100384120000831
Damien Millere4340be2000-09-16 13:29:08 +11003842 - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox
Damien Miller238a9fa2000-08-31 09:20:05 +11003843 <acox@cv.telegroup.com>
Damien Millerb5c42d92000-08-31 11:13:10 +11003844 - (djm) Pick up new version (2.2.0) from OpenBSD CVS
Damien Miller238a9fa2000-08-31 09:20:05 +11003845
Damien Miller87d29ed2000-08-30 09:21:22 +1100384620000830
3847 - (djm) Compile warning fixes from Mark Miller <markm@swoon.net>
Damien Millerc30d35c2000-08-30 09:40:09 +11003848 - (djm) Periodically rekey arc4random
3849 - (djm) Clean up diff against OpenBSD.
Damien Millere4340be2000-09-16 13:29:08 +11003850 - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves
Damien Miller5552d7a2000-08-30 09:53:24 +11003851 <stevesk@sweden.hp.com>
Damien Miller7cfaaf22000-08-30 09:57:49 +11003852 - (djm) Quieten the pam delete credentials error message
Damien Miller9a947342000-08-30 10:03:33 +11003853 - (djm) Fix printing of $DISPLAY hack if set by system type. Report from
3854 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller77aba9d2000-08-30 10:11:30 +11003855 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
Damien Miller250ee8b2000-08-30 14:06:35 +11003856 - (djm) Fix doh in bsd-arc4random.c
Damien Miller87d29ed2000-08-30 09:21:22 +11003857
Damien Miller4e0f5e12000-08-29 11:05:50 +1100385820000829
Damien Millere4340be2000-09-16 13:29:08 +11003859 - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert
3860 Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and
Damien Miller4e0f5e12000-08-29 11:05:50 +11003861 Garrick James <garrick@james.net>
Damien Miller6d8c11f2000-08-29 11:52:38 +11003862 - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from
3863 Bastian Trompetter <btrompetter@firemail.de>
Damien Millere5192fa2000-08-29 14:30:37 +11003864 - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com>
Damien Millercaf6dd62000-08-29 11:33:50 +11003865 - More OpenBSD updates:
3866 - deraadt@cvs.openbsd.org 2000/08/24 15:46:59
3867 [scp.c]
3868 off_t in sink, to fix files > 2GB, i think, test is still running ;-)
3869 - deraadt@cvs.openbsd.org 2000/08/25 10:10:06
3870 [session.c]
3871 Wall
3872 - markus@cvs.openbsd.org 2000/08/26 04:33:43
3873 [compat.c]
3874 ssh.com-2.3.0
3875 - markus@cvs.openbsd.org 2000/08/27 12:18:05
3876 [compat.c]
3877 compatibility with future ssh.com versions
3878 - deraadt@cvs.openbsd.org 2000/08/27 21:50:55
3879 [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c]
3880 print uid/gid as unsigned
3881 - markus@cvs.openbsd.org 2000/08/28 13:51:00
3882 [ssh.c]
3883 enable -n and -f for ssh2
3884 - markus@cvs.openbsd.org 2000/08/28 14:19:53
3885 [ssh.c]
3886 allow combination of -N and -f
3887 - markus@cvs.openbsd.org 2000/08/28 14:20:56
3888 [util.c]
3889 util.c
3890 - markus@cvs.openbsd.org 2000/08/28 14:22:02
3891 [util.c]
3892 undo
3893 - markus@cvs.openbsd.org 2000/08/28 14:23:38
3894 [util.c]
3895 don't complain if setting NONBLOCK fails with ENODEV
Damien Miller4e0f5e12000-08-29 11:05:50 +11003896
Damien Millerb0785672000-08-23 09:10:39 +1000389720000823
3898 - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4
Damien Millere4340be2000-09-16 13:29:08 +11003899 Avoids "scp never exits" problem. Reports from Lutz Jaenicke
3900 <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA
Damien Millerb0785672000-08-23 09:10:39 +10003901 <kajiyama@grad.sccs.chukyo-u.ac.jp>
Damien Millerad833b32000-08-23 10:46:23 +10003902 - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
Damien Miller37e7f182000-08-23 10:52:50 +10003903 - (djm) Add local version to version.h
Damien Millerf3df0522000-08-23 15:31:41 +10003904 - (djm) Don't reseed arc4random everytime it is used
Damien Millerad833b32000-08-23 10:46:23 +10003905 - (djm) OpenBSD CVS updates:
3906 - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
3907 [ssh.c]
3908 accept remsh as a valid name as well; roman@buildpoint.com
3909 - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
3910 [deattack.c crc32.c packet.c]
3911 rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to
3912 libz crc32 function yet, because it has ugly "long"'s in it;
3913 oneill@cs.sfu.ca
3914 - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
3915 [scp.1 scp.c]
3916 -S prog support; tv@debian.org
3917 - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
3918 [scp.c]
3919 knf
3920 - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
3921 [log-client.c]
3922 shorten
3923 - markus@cvs.openbsd.org 2000/08/19 12:48:11
3924 [channels.c channels.h clientloop.c ssh.c ssh.h]
3925 support for ~. in ssh2
3926 - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
3927 [crc32.h]
3928 proper prototype
3929 - markus@cvs.openbsd.org 2000/08/19 15:34:44
Damien Millere4340be2000-09-16 13:29:08 +11003930 [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
3931 [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
Damien Millerad833b32000-08-23 10:46:23 +10003932 [fingerprint.c fingerprint.h]
3933 add SSH2/DSA support to the agent and some other DSA related cleanups.
3934 (note that we cannot talk to ssh.com's ssh2 agents)
3935 - markus@cvs.openbsd.org 2000/08/19 15:55:52
3936 [channels.c channels.h clientloop.c]
3937 more ~ support for ssh2
3938 - markus@cvs.openbsd.org 2000/08/19 16:21:19
3939 [clientloop.c]
3940 oops
3941 - millert@cvs.openbsd.org 2000/08/20 12:25:53
3942 [session.c]
3943 We have to stash the result of get_remote_name_or_ip() before we
3944 close our socket or getpeername() will get EBADF and the process
3945 will exit. Only a problem for "UseLogin yes".
3946 - millert@cvs.openbsd.org 2000/08/20 12:30:59
3947 [session.c]
3948 Only check /etc/nologin if "UseLogin no" since login(1) may have its
3949 own policy on determining who is allowed to login when /etc/nologin
3950 is present. Also use the _PATH_NOLOGIN define.
3951 - millert@cvs.openbsd.org 2000/08/20 12:42:43
3952 [auth1.c auth2.c session.c ssh.c]
3953 Add calls to setusercontext() and login_get*(). We basically call
3954 setusercontext() in most places where previously we did a setlogin().
3955 Add default login.conf file and put root in the "daemon" login class.
3956 - millert@cvs.openbsd.org 2000/08/21 10:23:31
3957 [session.c]
3958 Fix incorrect PATH setting; noted by Markus.
Damien Millerb0785672000-08-23 09:10:39 +10003959
Damien Miller942da032000-08-18 13:59:06 +1000396020000818
3961 - (djm) OpenBSD CVS changes:
3962 - markus@cvs.openbsd.org 2000/07/22 03:14:37
3963 [servconf.c servconf.h sshd.8 sshd.c sshd_config]
3964 random early drop; ok theo, niels
3965 - deraadt@cvs.openbsd.org 2000/07/26 11:46:51
3966 [ssh.1]
3967 typo
3968 - deraadt@cvs.openbsd.org 2000/08/01 11:46:11
3969 [sshd.8]
3970 many fixes from pepper@mail.reppep.com
3971 - provos@cvs.openbsd.org 2000/08/01 13:01:42
3972 [Makefile.in util.c aux.c]
3973 rename aux.c to util.c to help with cygwin port
3974 - deraadt@cvs.openbsd.org 2000/08/02 00:23:31
3975 [authfd.c]
3976 correct sun_len; Alexander@Leidinger.net
3977 - provos@cvs.openbsd.org 2000/08/02 10:27:17
3978 [readconf.c sshd.8]
3979 disable kerberos authentication by default
3980 - provos@cvs.openbsd.org 2000/08/02 11:27:05
3981 [sshd.8 readconf.c auth-krb4.c]
3982 disallow kerberos authentication if we can't verify the TGT; from
3983 dugsong@
3984 kerberos authentication is on by default only if you have a srvtab.
3985 - markus@cvs.openbsd.org 2000/08/04 14:30:07
3986 [auth.c]
3987 unused
3988 - markus@cvs.openbsd.org 2000/08/04 14:30:35
3989 [sshd_config]
3990 MaxStartups
3991 - markus@cvs.openbsd.org 2000/08/15 13:20:46
3992 [authfd.c]
3993 cleanup; ok niels@
3994 - markus@cvs.openbsd.org 2000/08/17 14:05:10
3995 [session.c]
3996 cleanup login(1)-like jobs, no duplicate utmp entries
3997 - markus@cvs.openbsd.org 2000/08/17 14:06:34
3998 [session.c sshd.8 sshd.c]
3999 sshd -u len, similar to telnetd
Damien Millerc1132e72000-08-18 14:08:38 +10004000 - (djm) Lastlog was not getting closed after writing login entry
Damien Millera7f58292000-08-18 14:43:41 +10004001 - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com>
Damien Miller942da032000-08-18 13:59:06 +10004002
Damien Miller11fa2cc2000-08-16 10:35:58 +1000400320000816
4004 - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
Damien Millere4340be2000-09-16 13:29:08 +11004005 - (djm) Fix strerror replacement for old SunOS. Based on patch from
Damien Miller11fa2cc2000-08-16 10:35:58 +10004006 Charles Levert <charles@comm.polymtl.ca>
Damien Millere4340be2000-09-16 13:29:08 +11004007 - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
Damien Miller11fa2cc2000-08-16 10:35:58 +10004008 implementation.
Damien Miller3241fa12000-08-18 14:59:59 +10004009 - (djm) SUN_LEN macro for systems which lack it
Damien Miller11fa2cc2000-08-16 10:35:58 +10004010
Damien Miller348c9b72000-08-15 10:01:22 +1000401120000815
4012 - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com>
Damien Millerc83aa832000-08-15 10:08:00 +10004013 - (djm) Avoid failures on Irix when ssh is not setuid. Fix from
4014 Michael Stone <mstone@cs.loyola.edu>
Damien Millere477ef62000-08-15 10:21:17 +10004015 - (djm) Don't seek in directory based lastlogs
Damien Millere4340be2000-09-16 13:29:08 +11004016 - (djm) Fix --with-ipaddr-display configure option test. Patch from
Damien Millere477ef62000-08-15 10:21:17 +10004017 Jarno Huuskonen <jhuuskon@messi.uku.fi>
Damien Miller0da2eaa2000-08-15 11:32:59 +10004018 - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br>
Damien Miller348c9b72000-08-15 10:01:22 +10004019
Damien Milleref7ed5e2000-08-13 10:31:12 +1000402020000813
4021 - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from
4022 Fabrice bacchella <fabrice.bacchella@marchfirst.fr>
4023
Damien Millerd17b8d52000-08-09 14:42:28 +1000402420000809
Damien Millere4340be2000-09-16 13:29:08 +11004025 - (djm) Define AIX hard limits if headers don't. Report from
Damien Millerd17b8d52000-08-09 14:42:28 +10004026 Bill Painter <william.t.painter@lmco.com>
Damien Millere4340be2000-09-16 13:29:08 +11004027 - (djm) utmp direct write & SunOS 4 patch from Charles Levert
Damien Miller36ccb5c2000-08-09 16:34:27 +10004028 <charles@comm.polymtl.ca>
Damien Millerd17b8d52000-08-09 14:42:28 +10004029
Damien Millerab8d1922000-08-08 16:53:28 +1000403020000808
4031 - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install
4032 time, spec file cleanup.
4033
Damien Miller729e1f12000-08-07 15:39:13 +1000403420000807
Damien Miller52652f52000-08-07 15:54:39 +10004035 - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke
Damien Miller0f091bd2000-08-07 15:47:48 +10004036 - (djm) Suppress error messages on channel close shutdown() failurs
4037 works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org>
Damien Miller52652f52000-08-07 15:54:39 +10004038 - (djm) Add some more entropy collection commands from Lutz Jaenicke
Damien Miller729e1f12000-08-07 15:39:13 +10004039
Damien Miller7b60a172000-07-25 09:04:37 +1000404020000725
4041 - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF
4042
Damien Miller994cf142000-07-21 10:19:44 +1000404320000721
4044 - (djm) OpenBSD CVS updates:
4045 - markus@cvs.openbsd.org 2000/07/16 02:27:22
4046 [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
4047 [sshconnect1.c sshconnect2.c]
4048 make ssh-add accept dsa keys (the agent does not)
4049 - djm@cvs.openbsd.org 2000/07/17 19:25:02
4050 [sshd.c]
4051 Another closing of stdin; ok deraadt
4052 - markus@cvs.openbsd.org 2000/07/19 18:33:12
4053 [dsa.c]
4054 missing free, reorder
4055 - markus@cvs.openbsd.org 2000/07/20 16:23:14
4056 [ssh-keygen.1]
4057 document input and output files
4058
Damien Miller9dec7762000-07-20 10:00:59 +1000405920000720
Damien Miller994cf142000-07-21 10:19:44 +10004060 - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz>
Damien Miller9dec7762000-07-20 10:00:59 +10004061
Damien Millera8dbd9d2000-07-16 13:25:00 +1000406220000716
Damien Miller994cf142000-07-21 10:19:44 +10004063 - (djm) Release 2.1.1p4
Damien Millera8dbd9d2000-07-16 13:25:00 +10004064
Damien Millerecbb26d2000-07-15 14:59:14 +1000406520000715
Damien Millerbe484b52000-07-15 14:14:16 +10004066 - (djm) OpenBSD CVS updates
4067 - provos@cvs.openbsd.org 2000/07/13 16:53:22
4068 [aux.c readconf.c servconf.c ssh.h]
4069 allow multiple whitespace but only one '=' between tokens, bug report from
4070 Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@
4071 - provos@cvs.openbsd.org 2000/07/13 17:14:09
4072 [clientloop.c]
4073 typo; todd@fries.net
4074 - provos@cvs.openbsd.org 2000/07/13 17:19:31
4075 [scp.c]
4076 close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu>
4077 - markus@cvs.openbsd.org 2000/07/14 16:59:46
4078 [readconf.c servconf.c]
4079 allow leading whitespace. ok niels
4080 - djm@cvs.openbsd.org 2000/07/14 22:01:38
4081 [ssh-keygen.c ssh.c]
4082 Always create ~/.ssh with mode 700; ok Markus
Damien Millerecbb26d2000-07-15 14:59:14 +10004083 - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca>
4084 - Include floatingpoint.h for entropy.c
4085 - strerror replacement
Damien Millerbe484b52000-07-15 14:14:16 +10004086
Damien Miller182ee6e2000-07-12 09:45:27 +1000408720000712
Damien Miller5de43db2000-07-12 11:12:55 +10004088 - (djm) Remove -lresolve for Reliant Unix
Damien Miller182ee6e2000-07-12 09:45:27 +10004089 - (djm) OpenBSD CVS Updates:
4090 - deraadt@cvs.openbsd.org 2000/07/11 02:11:34
4091 [session.c sshd.c ]
4092 make MaxStartups code still work with -d; djm
4093 - deraadt@cvs.openbsd.org 2000/07/11 13:17:45
4094 [readconf.c ssh_config]
4095 disable FallBackToRsh by default
Damien Miller5de43db2000-07-12 11:12:55 +10004096 - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from
4097 Ben Lindstrom <mouring@pconline.com>
Damien Miller5a119bc2000-07-12 14:34:11 +10004098 - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM
4099 spec file.
Damien Miller2e7ba692000-07-12 21:10:23 +10004100 - (djm) Released 2.1.1p3
Damien Miller182ee6e2000-07-12 09:45:27 +10004101
Damien Miller65964d62000-07-11 09:16:22 +1000410220000711
4103 - (djm) Fixup for AIX getuserattr() support from Tom Bertelson
4104 <tbert@abac.com>
Damien Miller2ae714f2000-07-11 09:29:50 +10004105 - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de>
Damien Millere4340be2000-09-16 13:29:08 +11004106 - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom
Damien Miller99bca602000-07-11 12:02:36 +10004107 <mouring@pconline.com>
Damien Millere4340be2000-09-16 13:29:08 +11004108 - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report
Damien Miller7a0e5dc2000-07-11 12:15:54 +10004109 from Jim Watt <jimw@peisj.pebio.com>
Damien Miller168e6ac2000-07-11 12:23:01 +10004110 - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known
4111 to compile on more platforms (incl NeXT).
Damien Miller3b9734c2000-07-11 14:54:22 +10004112 - (djm) Added bsd-inet_aton and configure support for NeXT
Damien Millerbc33bd42000-07-11 14:59:08 +10004113 - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com>
Damien Miller37023962000-07-11 17:31:38 +10004114 - (djm) OpenBSD CVS updates:
4115 - markus@cvs.openbsd.org 2000/06/26 03:22:29
4116 [authfd.c]
4117 cleanup, less cut&paste
4118 - markus@cvs.openbsd.org 2000/06/26 15:59:19
4119 [servconf.c servconf.h session.c sshd.8 sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11004120 MaxStartups: limit number of unauthenticated connections, work by
Damien Miller37023962000-07-11 17:31:38 +10004121 theo and me
4122 - deraadt@cvs.openbsd.org 2000/07/05 14:18:07
4123 [session.c]
4124 use no_x11_forwarding_flag correctly; provos ok
4125 - provos@cvs.openbsd.org 2000/07/05 15:35:57
4126 [sshd.c]
4127 typo
4128 - aaron@cvs.openbsd.org 2000/07/05 22:06:58
4129 [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8]
Damien Millere4340be2000-09-16 13:29:08 +11004130 Insert more missing .El directives. Our troff really should identify
Damien Miller37023962000-07-11 17:31:38 +10004131 these and spit out a warning.
4132 - todd@cvs.openbsd.org 2000/07/06 21:55:04
4133 [auth-rsa.c auth2.c ssh-keygen.c]
4134 clean code is good code
4135 - deraadt@cvs.openbsd.org 2000/07/07 02:14:29
4136 [serverloop.c]
4137 sense of port forwarding flag test was backwards
4138 - provos@cvs.openbsd.org 2000/07/08 17:17:31
4139 [compat.c readconf.c]
4140 replace strtok with strsep; from David Young <dyoung@onthejob.net>
4141 - deraadt@cvs.openbsd.org 2000/07/08 19:21:15
4142 [auth.h]
4143 KNF
4144 - ho@cvs.openbsd.org 2000/07/08 19:27:33
4145 [compat.c readconf.c]
4146 Better conditions for strsep() ending.
4147 - ho@cvs.openbsd.org 2000/07/10 10:27:05
4148 [readconf.c]
4149 Get the correct message on errors. (niels@ ok)
4150 - ho@cvs.openbsd.org 2000/07/10 10:30:25
4151 [cipher.c kex.c servconf.c]
4152 strtok() --> strsep(). (niels@ ok)
Damien Miller4d97ba22000-07-11 18:15:50 +10004153 - (djm) Fix problem with debug mode and MaxStartups
Damien Miller54ba4692000-07-11 18:39:20 +10004154 - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM
4155 builds)
Damien Miller3077fb92000-07-11 21:34:34 +10004156 - (djm) Add strsep function from OpenBSD libc for systems that lack it
Damien Miller65964d62000-07-11 09:16:22 +10004157
Damien Miller4e997202000-07-09 21:21:52 +1000415820000709
4159 - (djm) Only enable PAM_TTY kludge for Linux. Problem report from
4160 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller8148fa32000-07-09 21:23:52 +10004161 - (djm) Match prototype and function declaration for rresvport_af.
4162 Problem report from Niklas Edmundsson <nikke@ing.umu.se>
Damien Millere4340be2000-09-16 13:29:08 +11004163 - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM
Damien Miller01006272000-07-09 21:29:37 +10004164 builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu>
Damien Millerb38ea862000-07-09 21:37:49 +10004165 - (djm) Replace ut_name with ut_user. Patch from Jim Watt
4166 <jimw@peisj.pebio.com>
Damien Millerf9b625c2000-07-09 22:42:32 +10004167 - (djm) Fix pam sprintf fix
4168 - (djm) Cleanup entropy collection code a little more. Split initialisation
4169 from seeding, perform intialisation immediatly at start, be careful with
4170 uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
Damien Miller31abc9a2000-07-09 23:26:27 +10004171 - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
4172 Including sigaction() et al. replacements
Damien Millere4340be2000-09-16 13:29:08 +11004173 - (djm) AIX getuserattr() session initialisation from Tom Bertelson
Damien Miller39c0a1c2000-07-09 23:55:08 +10004174 <tbert@abac.com>
Damien Miller4e997202000-07-09 21:21:52 +10004175
Damien Millerce40c702000-07-08 10:14:08 +1000417620000708
Damien Millere4340be2000-09-16 13:29:08 +11004177 - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from
Damien Millerce40c702000-07-08 10:14:08 +10004178 Aaron Hopkins <aaron@die.net>
Damien Miller90dcc052000-07-08 10:17:40 +10004179 - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from
4180 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Millere4340be2000-09-16 13:29:08 +11004181 - (djm) Fixed undefined variables for OSF SIA. Report from
Damien Millerfe668e42000-07-08 10:44:13 +10004182 Baars, Henk <Hendrik.Baars@nl.origin-it.com>
Damien Millere4340be2000-09-16 13:29:08 +11004183 - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c
Damien Millerf2fdbe52000-07-08 10:57:08 +10004184 Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL>
Damien Millere4340be2000-09-16 13:29:08 +11004185 - (djm) Don't use inet_addr.
Damien Millerce40c702000-07-08 10:14:08 +10004186
Damien Miller9b6d4ab2000-07-02 08:43:18 +1000418720000702
4188 - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com>
Damien Millerc7088432000-07-02 18:44:54 +10004189 - (djm) Stop shadow expiry checking from preventing logins with NIS. Based
4190 on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Miller484118e2000-07-02 19:13:56 +10004191 - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from
4192 Chris, the Young One <cky@pobox.com>
Damien Millere4340be2000-09-16 13:29:08 +11004193 - (djm) Fix scp progress meter on really wide terminals. Based on patch
Damien Miller0809a0a2000-07-02 19:33:54 +10004194 from James H. Cloos Jr. <cloos@jhcloos.com>
Damien Miller9b6d4ab2000-07-02 08:43:18 +10004195
Damien Millerd8cfda62000-07-01 12:56:09 +1000419620000701
4197 - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu>
Damien Miller8e81ed32000-07-01 13:17:42 +10004198 - (djm) Login fixes from Tom Bertelson <tbert@abac.com>
Damien Miller28adeef2000-07-01 13:29:26 +10004199 - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen
4200 <vinschen@cygnus.com>
Damien Miller7b413d22000-07-01 13:24:21 +10004201 - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM
Damien Millercb170cb2000-07-01 16:52:55 +10004202 - (djm) Added check for broken snprintf() functions which do not correctly
4203 terminate output string and attempt to use replacement.
Damien Millerc9270992000-07-01 19:42:32 +10004204 - (djm) Released 2.1.1p2
Damien Millerd8cfda62000-07-01 12:56:09 +10004205
Damien Miller53c5d462000-06-28 00:50:50 +1000420620000628
4207 - (djm) Fixes to lastlog code for Irix
4208 - (djm) Use atomicio in loginrec
Damien Miller91606b12000-06-28 08:22:29 +10004209 - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for
4210 Irix 6.x array sessions, project id's, and system audit trail id.
Damien Miller262ff172000-06-28 08:24:49 +10004211 - (djm) Added 'distprep' make target to simplify packaging
Damien Millere4340be2000-09-16 13:29:08 +11004212 - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA
Damien Millerb8c656e2000-06-28 15:22:41 +10004213 support. Enable using "USE_SIA=1 ./configure [options]"
Damien Miller33804262001-02-04 23:20:18 +11004214
Damien Millerf8af08d2000-06-27 09:40:06 +1000421520000627
4216 - (djm) Fixes to login code - not setting li->uid, cleanups
Damien Millerdd47aa22000-06-27 11:18:27 +10004217 - (djm) Formatting
Damien Millerf8af08d2000-06-27 09:40:06 +10004218
Damien Miller8dd33fd2000-06-26 10:20:19 +1000421920000626
Damien Millerc0fd17f2000-06-26 10:22:53 +10004220 - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net>
Damien Miller1f335fb2000-06-26 11:31:33 +10004221 - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
4222 - (djm) Added password expiry checking (no password change support)
Damien Miller64681252000-06-26 13:01:33 +10004223 - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK
4224 based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller08006472000-06-26 13:55:31 +10004225 - (djm) Fix fixed EGD code.
Damien Millerc0fd17f2000-06-26 10:22:53 +10004226 - OpenBSD CVS update
4227 - provos@cvs.openbsd.org 2000/06/25 14:17:58
4228 [channels.c]
4229 correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
4230
Damien Millerb54b40e2000-06-23 08:23:34 +1000423120000623
Damien Millere4340be2000-09-16 13:29:08 +11004232 - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
Damien Millerb54b40e2000-06-23 08:23:34 +10004233 Svante Signell <svante.signell@telia.com>
4234 - (djm) Autoconf logic to define sa_family_t if it is missing
Damien Millerbf7f4662000-06-23 10:16:38 +10004235 - OpenBSD CVS Updates:
4236 - markus@cvs.openbsd.org 2000/06/22 10:32:27
4237 [sshd.c]
4238 missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL
4239 - djm@cvs.openbsd.org 2000/06/22 17:55:00
4240 [auth-krb4.c key.c radix.c uuencode.c]
4241 Missing CVS idents; ok markus
Damien Millerb54b40e2000-06-23 08:23:34 +10004242
Damien Miller099f5052000-06-22 20:57:11 +1000424320000622
4244 - (djm) Automatically generate host key during "make install". Suggested
4245 by Gary E. Miller <gem@rellim.com>
4246 - (djm) Paranoia before kill() system call
Damien Miller6536c7d2000-06-22 21:32:31 +10004247 - OpenBSD CVS Updates:
4248 - markus@cvs.openbsd.org 2000/06/18 18:50:11
4249 [auth2.c compat.c compat.h sshconnect2.c]
4250 make userauth+pubkey interop with ssh.com-2.2.0
4251 - markus@cvs.openbsd.org 2000/06/18 20:56:17
4252 [dsa.c]
4253 mem leak + be more paranoid in dsa_verify.
4254 - markus@cvs.openbsd.org 2000/06/18 21:29:50
4255 [key.c]
4256 cleanup fingerprinting, less hardcoded sizes
4257 - markus@cvs.openbsd.org 2000/06/19 19:39:45
4258 [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
4259 [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
Damien Millere4340be2000-09-16 13:29:08 +11004260 [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
Damien Miller6536c7d2000-06-22 21:32:31 +10004261 [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
4262 [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
Damien Millere4340be2000-09-16 13:29:08 +11004263 [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
4264 [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
Damien Miller6536c7d2000-06-22 21:32:31 +10004265 [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
4266 [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
4267 OpenBSD tag
4268 - markus@cvs.openbsd.org 2000/06/21 10:46:10
4269 sshconnect2.c missing free; nuke old comment
Damien Miller099f5052000-06-22 20:57:11 +10004270
Damien Milleredb82922000-06-20 13:25:52 +1000427120000620
4272 - (djm) Replace use of '-o' and '-a' logical operators in configure tests
Damien Millerf1aa21f2001-01-05 09:30:32 +11004273 with '||' and '&&'. As suggested by Jim Knoble <jmknoble@jmknoble.cx>
Damien Milleredb82922000-06-20 13:25:52 +10004274 to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
Damien Miller2f022952000-06-20 13:50:01 +10004275 - (djm) Typo in loginrec.c
Damien Milleredb82922000-06-20 13:25:52 +10004276
Damien Miller7b22d652000-06-18 14:07:04 +1000427720000618
4278 - (djm) Add summary of configure options to end of ./configure run
Damien Millere4340be2000-09-16 13:29:08 +11004279 - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
Damien Miller7b22d652000-06-18 14:07:04 +10004280 Michael Stone <mstone@cs.loyola.edu>
Damien Millere4340be2000-09-16 13:29:08 +11004281 - (djm) rusage is a privileged operation on some Unices (incl.
Damien Miller7b22d652000-06-18 14:07:04 +10004282 Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
Damien Millere4340be2000-09-16 13:29:08 +11004283 - (djm) Avoid PAM failures when running without a TTY. Report from
Damien Miller7b22d652000-06-18 14:07:04 +10004284 Martin Petrak <petrak@spsknm.schools.sk>
4285 - (djm) Include sys/types.h when including netinet/in.h in configure tests.
4286 Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
Damien Miller0f91b4e2000-06-18 15:43:25 +10004287 - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support
Damien Millerf6d9e222000-06-18 14:50:44 +10004288 - OpenBSD CVS updates:
4289 - deraadt@cvs.openbsd.org 2000/06/17 09:58:46
4290 [channels.c]
4291 everyone says "nix it" (remove protocol 2 debugging message)
4292 - markus@cvs.openbsd.org 2000/06/17 13:24:34
4293 [sshconnect.c]
4294 allow extended server banners
4295 - markus@cvs.openbsd.org 2000/06/17 14:30:10
4296 [sshconnect.c]
4297 missing atomicio, typo
4298 - jakob@cvs.openbsd.org 2000/06/17 16:52:34
4299 [servconf.c servconf.h session.c sshd.8 sshd_config]
4300 add support for ssh v2 subsystems. ok markus@.
4301 - deraadt@cvs.openbsd.org 2000/06/17 18:57:48
4302 [readconf.c servconf.c]
4303 include = in WHITESPACE; markus ok
4304 - markus@cvs.openbsd.org 2000/06/17 19:09:10
4305 [auth2.c]
4306 implement bug compatibility with ssh-2.0.13 pubkey, server side
4307 - markus@cvs.openbsd.org 2000/06/17 21:00:28
4308 [compat.c]
4309 initial support for ssh.com's 2.2.0
4310 - markus@cvs.openbsd.org 2000/06/17 21:16:09
4311 [scp.c]
4312 typo
4313 - markus@cvs.openbsd.org 2000/06/17 22:05:02
4314 [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
4315 split auth-rsa option parsing into auth-options
4316 add options support to authorized_keys2
4317 - markus@cvs.openbsd.org 2000/06/17 22:42:54
4318 [session.c]
4319 typo
Damien Miller7b22d652000-06-18 14:07:04 +10004320
Damien Millera66626b2000-06-13 18:57:53 +1000432120000613
4322 - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
4323 - Platform define for SCO 3.x which breaks on /dev/ptmx
4324 - Detect and try to fix missing MAXPATHLEN
Damien Miller1a132252000-06-13 21:23:17 +10004325 - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
4326 <P.S.S.Camp@ukc.ac.uk>
Damien Millera66626b2000-06-13 18:57:53 +10004327
Damien Millere69f18c2000-06-12 16:38:54 +1000432820000612
4329 - (djm) Glob manpages in RPM spec files to catch compressed files
4330 - (djm) Full license in auth-pam.c
Damien Millerc29de952000-06-12 23:04:18 +10004331 - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
andre35ad6be2000-06-12 22:41:27 +00004332 - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>:
4333 - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
4334 def'd
4335 - Set AIX to use preformatted manpages
Damien Miller33804262001-02-04 23:20:18 +11004336
Damien Millerc601a752000-06-10 08:33:38 +1000433720000610
4338 - (djm) Minor doc tweaks
Damien Millerd900e452000-06-10 16:51:33 +10004339 - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc601a752000-06-10 08:33:38 +10004340
Damien Millera1cb6442000-06-09 11:58:35 +1000434120000609
4342 - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
4343 (in favour of utmpx) on Solaris 8
4344
Damien Millere37bfc12000-06-05 09:37:43 +1000434520000606
Damien Miller14c12cb2000-06-07 22:20:23 +10004346 - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
4347 list of commands (by default). Removed verbose debugging (by default).
Damien Millere4340be2000-09-16 13:29:08 +11004348 - (djm) Increased command entropy estimates and default entropy collection
Damien Miller14c12cb2000-06-07 22:20:23 +10004349 timeout
Damien Millerd5bf3072000-06-07 21:32:13 +10004350 - (djm) Remove duplicate headers from loginrec.c
Damien Miller9e110892000-06-07 21:05:46 +10004351 - (djm) Don't add /usr/local/lib to library search path on Irix
Damien Millere4340be2000-09-16 13:29:08 +11004352 - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
Damien Millerd3a18572000-06-07 19:55:44 +10004353 <tibbs@math.uh.edu>
Damien Miller5314ae72000-06-07 20:08:19 +10004354 - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
4355 <zack@wolery.cumb.org>
Damien Millerd3a18572000-06-07 19:55:44 +10004356 - (djm) OpenBSD CVS updates:
4357 - todd@cvs.openbsd.org
4358 [sshconnect2.c]
4359 teach protocol v2 to count login failures properly and also enable an
4360 explanation of why the password prompt comes up again like v1; this is NOT
4361 crypto
Damien Miller33804262001-02-04 23:20:18 +11004362 - markus@cvs.openbsd.org
Damien Millerd3a18572000-06-07 19:55:44 +10004363 [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
4364 xauth_location support; pr 1234
4365 [readconf.c sshconnect2.c]
4366 typo, unused
4367 [session.c]
4368 allow use_login only for login sessions, otherwise remote commands are
4369 execed with uid==0
4370 [sshd.8]
4371 document UseLogin better
4372 [version.h]
4373 OpenSSH 2.1.1
4374 [auth-rsa.c]
Damien Millere4340be2000-09-16 13:29:08 +11004375 fix match_hostname() logic for auth-rsa: deny access if we have a
Damien Millerd3a18572000-06-07 19:55:44 +10004376 negative match or no match at all
4377 [channels.c hostfile.c match.c]
Damien Millere4340be2000-09-16 13:29:08 +11004378 don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
Damien Millerd3a18572000-06-07 19:55:44 +10004379 kris@FreeBSD.org
4380
438120000606
Damien Millere4340be2000-09-16 13:29:08 +11004382 - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
Damien Millere37bfc12000-06-05 09:37:43 +10004383 configure.
4384
Damien Miller2994e082000-06-04 15:51:47 +1000438520000604
4386 - Configure tweaking for new login code on Irix 5.3
andrea86c7ec2000-06-04 17:00:15 +00004387 - (andre) login code changes based on djm feedback
Damien Miller2994e082000-06-04 15:51:47 +10004388
andrea86c7ec2000-06-04 17:00:15 +0000438920000603
4390 - (andre) New login code
4391 - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c
4392 - Add loginrec.[ch], logintest.c and autoconf code
Damien Miller33804262001-02-04 23:20:18 +11004393
Damien Miller2f6a0ad2000-05-31 11:20:11 +1000439420000531
4395 - Cleanup of auth.c, login.c and fake-*
4396 - Cleanup of auth-pam.c, save and print "account expired" error messages
Damien Miller1ea8ac72000-05-31 11:24:34 +10004397 - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp>
Damien Miller1c773922000-05-31 13:57:18 +10004398 - Rewrote bsd-login to use proper utmp API if available. Major cleanup
4399 of fallback DIY code.
Damien Miller2f6a0ad2000-05-31 11:20:11 +10004400
Damien Millerbe260a02000-05-30 12:57:46 +1000440120000530
4402 - Define atexit for old Solaris
Damien Millerc252e2e2000-05-30 13:12:46 +10004403 - Fix buffer overrun in login.c for systems which use syslen in utmpx.
4404 patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
Damien Millerb1715dc2000-05-30 13:44:51 +10004405 - OpenBSD CVS updates:
4406 - markus@cvs.openbsd.org
4407 [session.c]
4408 make x11-fwd work w/ localhost (xauth add host/unix:11)
4409 [cipher.c compat.c readconf.c servconf.c]
4410 check strtok() != NULL; ok niels@
4411 [key.c]
4412 fix key_read() for uuencoded keys w/o '='
4413 [serverloop.c]
4414 group ssh1 vs. ssh2 in serverloop
4415 [kex.c kex.h myproposal.h sshconnect2.c sshd.c]
4416 split kexinit/kexdh, factor out common code
4417 [readconf.c ssh.1 ssh.c]
4418 forwardagent defaults to no, add ssh -A
4419 - theo@cvs.openbsd.org
4420 [session.c]
4421 just some line shortening
Damien Miller03934f22000-05-30 14:01:10 +10004422 - Released 2.1.0p3
Damien Millerbe260a02000-05-30 12:57:46 +10004423
Damien Millerd999ae22000-05-20 12:49:31 +1000442420000520
4425 - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
Damien Millerad1bc5f2000-05-20 14:53:09 +10004426 - Don't touch utmp if USE_UTMPX defined
Damien Millerdfc83f42000-05-20 15:02:59 +10004427 - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
Damien Millerfda78d92000-05-20 15:33:44 +10004428 - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com>
Damien Millere4340be2000-09-16 13:29:08 +11004429 - HPUX and Configure fixes from Lutz Jaenicke
Damien Millerfda78d92000-05-20 15:33:44 +10004430 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Millere4340be2000-09-16 13:29:08 +11004431 - Use mkinstalldirs script to make directories instead of non-portable
Damien Millerfda78d92000-05-20 15:33:44 +10004432 "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller7b63b0f2000-05-20 15:41:26 +10004433 - Doc cleanup
Damien Millerd999ae22000-05-20 12:49:31 +10004434
Damien Milleref7df542000-05-19 00:03:23 +1000443520000518
4436 - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
4437 - OpenBSD CVS updates:
4438 - markus@cvs.openbsd.org
4439 [sshconnect.c]
4440 copy only ai_addrlen bytes; misiek@pld.org.pl
4441 [auth.c]
Damien Millere4340be2000-09-16 13:29:08 +11004442 accept an empty shell in authentication; bug reported by
Damien Milleref7df542000-05-19 00:03:23 +10004443 chris@tinker.ucr.edu
4444 [serverloop.c]
4445 we don't have stderr for interactive terminal sessions (fcntl errors)
4446
Damien Miller8d1fd572000-05-17 21:34:07 +1000444720000517
4448 - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
4449 - Fixes command line printing segfaults (spotter: Bladt Norbert)
4450 - Fixes erroneous printing of debug messages to syslog
4451 - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
4452 - Gives useful error message if PRNG initialisation fails
4453 - Reduced ssh startup delay
4454 - Measures cumulative command time rather than the time between reads
Damien Millerbe484b52000-07-15 14:14:16 +10004455 after select()
Damien Miller8d1fd572000-05-17 21:34:07 +10004456 - 'fixprogs' perl script to eliminate non-working entropy commands, and
Damien Millerbe484b52000-07-15 14:14:16 +10004457 optionally run 'ent' to measure command entropy
Damien Millerd2c208a2000-05-17 22:00:02 +10004458 - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
Damien Millerf3c6cf12000-05-17 22:08:29 +10004459 - Avoid WCOREDUMP complation errors for systems that lack it
Damien Millere4340be2000-09-16 13:29:08 +11004460 - Avoid SIGCHLD warnings from entropy commands
Damien Miller0e65eed2000-05-17 22:16:05 +10004461 - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
Damien Millerdcb6ecd2000-05-17 22:34:22 +10004462 - OpenBSD CVS update:
Damien Millere4340be2000-09-16 13:29:08 +11004463 - markus@cvs.openbsd.org
Damien Millerdcb6ecd2000-05-17 22:34:22 +10004464 [ssh.c]
4465 fix usage()
4466 [ssh2.h]
4467 draft-ietf-secsh-architecture-05.txt
4468 [ssh.1]
4469 document ssh -T -N (ssh2 only)
4470 [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
4471 enable nonblocking IO for sshd w/ proto 1, too; split out common code
4472 [aux.c]
4473 missing include
Damien Miller615f9392000-05-17 22:53:33 +10004474 - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
4475 - INSTALL typo and URL fix
4476 - Makefile fix
4477 - Solaris fixes
Damien Millere4340be2000-09-16 13:29:08 +11004478 - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
Damien Miller615f9392000-05-17 22:53:33 +10004479 <ksakai@kso.netwk.ntt-at.co.jp>
Damien Millerc4be7ce2000-05-17 23:02:03 +10004480 - RSAless operation patch from kevin_oconnor@standardandpoors.com
Damien Miller3b512e12000-05-17 23:29:18 +10004481 - Detect OpenSSL seperatly from RSA
Damien Millere4340be2000-09-16 13:29:08 +11004482 - Better test for RSA (more compatible with RSAref). Based on work by
Damien Miller3b512e12000-05-17 23:29:18 +10004483 Ed Eden <ede370@stl.rural.usda.gov>
Damien Miller8d1fd572000-05-17 21:34:07 +10004484
Damien Miller95fe91b2000-05-13 12:31:22 +1000448520000513
Damien Millere4340be2000-09-16 13:29:08 +11004486 - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
Damien Miller95fe91b2000-05-13 12:31:22 +10004487 <misiek@pld.org.pl>
4488
Damien Milleraccfeb32000-05-11 19:10:58 +1000448920000511
Damien Millere4340be2000-09-16 13:29:08 +11004490 - Fix for prng_seed permissions checking from Lutz Jaenicke
Damien Milleraccfeb32000-05-11 19:10:58 +10004491 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller95fe91b2000-05-13 12:31:22 +10004492 - "make host-key" fix for Irix
Damien Milleraccfeb32000-05-11 19:10:58 +10004493
Damien Miller30c3d422000-05-09 11:02:59 +1000449420000509
4495 - OpenBSD CVS update
4496 - markus@cvs.openbsd.org
4497 [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
4498 [ssh.h sshconnect1.c sshconnect2.c sshd.8]
4499 - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
4500 - hugh@cvs.openbsd.org
4501 [ssh.1]
4502 - zap typo
4503 [ssh-keygen.1]
4504 - One last nit fix. (markus approved)
4505 [sshd.8]
4506 - some markus certified spelling adjustments
4507 - markus@cvs.openbsd.org
4508 [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
4509 [sshconnect2.c ]
4510 - bug compat w/ ssh-2.0.13 x11, split out bugs
4511 [nchan.c]
4512 - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
4513 [ssh-keygen.c]
4514 - handle escapes in real and original key format, ok millert@
4515 [version.h]
4516 - OpenSSH-2.1
Damien Miller16e519c2000-05-09 14:28:55 +10004517 - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
Damien Miller54057c22000-05-09 15:03:37 +10004518 - Doc updates
Damien Millere4340be2000-09-16 13:29:08 +11004519 - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported
Damien Miller95e89632000-05-09 15:28:50 +10004520 by Andre Lucas <andre.lucas@dial.pipex.com>
Damien Miller30c3d422000-05-09 11:02:59 +10004521
Damien Miller58e579b2000-05-08 00:05:31 +1000452220000508
4523 - Makefile and RPM spec fixes
4524 - Generate DSA host keys during "make key" or RPM installs
Damien Miller6d488712000-05-08 13:44:52 +10004525 - OpenBSD CVS update
4526 - markus@cvs.openbsd.org
4527 [clientloop.c sshconnect2.c]
4528 - make x11-fwd interop w/ ssh-2.0.13
4529 [README.openssh2]
4530 - interop w/ SecureFX
4531 - Release 2.0.0beta2
Damien Miller58e579b2000-05-08 00:05:31 +10004532
Damien Millere4340be2000-09-16 13:29:08 +11004533 - Configure caching and cleanup patch from Andre Lucas'
Damien Miller61e50f12000-05-08 20:49:37 +10004534 <andre.lucas@dial.pipex.com>
4535
Damien Millere247cc42000-05-07 12:03:14 +1000453620000507
4537 - Remove references to SSLeay.
4538 - Big OpenBSD CVS update
4539 - markus@cvs.openbsd.org
4540 [clientloop.c]
4541 - typo
4542 [session.c]
4543 - update proctitle on pty alloc/dealloc, e.g. w/ windows client
4544 [session.c]
4545 - update proctitle for proto 1, too
4546 [channels.h nchan.c serverloop.c session.c sshd.c]
4547 - use c-style comments
4548 - deraadt@cvs.openbsd.org
4549 [scp.c]
4550 - more atomicio
Damien Millere4340be2000-09-16 13:29:08 +11004551 - markus@cvs.openbsd.org
Damien Millere247cc42000-05-07 12:03:14 +10004552 [channels.c]
4553 - set O_NONBLOCK
4554 [ssh.1]
4555 - update AUTHOR
4556 [readconf.c ssh-keygen.c ssh.h]
4557 - default DSA key file ~/.ssh/id_dsa
4558 [clientloop.c]
4559 - typo, rm verbose debug
4560 - deraadt@cvs.openbsd.org
4561 [ssh-keygen.1]
4562 - document DSA use of ssh-keygen
4563 [sshd.8]
4564 - a start at describing what i understand of the DSA side
4565 [ssh-keygen.1]
4566 - document -X and -x
4567 [ssh-keygen.c]
4568 - simplify usage
Damien Millere4340be2000-09-16 13:29:08 +11004569 - markus@cvs.openbsd.org
Damien Millere247cc42000-05-07 12:03:14 +10004570 [sshd.8]
4571 - there is no rhosts_dsa
4572 [ssh-keygen.1]
4573 - document -y, update -X,-x
4574 [nchan.c]
4575 - fix close for non-open ssh1 channels
4576 [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
4577 - s/DsaKey/HostDSAKey/, document option
4578 [sshconnect2.c]
4579 - respect number_of_password_prompts
4580 [channels.c channels.h servconf.c servconf.h session.c sshd.8]
4581 - GatewayPorts for sshd, ok deraadt@
4582 [ssh-add.1 ssh-agent.1 ssh.1]
4583 - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
4584 [ssh.1]
4585 - more info on proto 2
4586 [sshd.8]
4587 - sync AUTHOR w/ ssh.1
4588 [key.c key.h sshconnect.c]
4589 - print key type when talking about host keys
4590 [packet.c]
4591 - clear padding in ssh2
4592 [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
4593 - replace broken uuencode w/ libc b64_ntop
4594 [auth2.c]
4595 - log failure before sending the reply
4596 [key.c radix.c uuencode.c]
4597 - remote trailing comments before calling __b64_pton
4598 [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
4599 [sshconnect2.c sshd.8]
4600 - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
4601 - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
4602
Damien Miller63560f92000-05-02 09:06:04 +1000460320000502
Damien Miller6f83b8e2000-05-02 09:23:45 +10004604 - OpenBSD CVS update
4605 [channels.c]
4606 - init all fds, close all fds.
4607 [sshconnect2.c]
4608 - check whether file exists before asking for passphrase
4609 [servconf.c servconf.h sshd.8 sshd.c]
4610 - PidFile, pr 1210
4611 [channels.c]
4612 - EINTR
4613 [channels.c]
4614 - unbreak, ok niels@
4615 [sshd.c]
4616 - unlink pid file, ok niels@
4617 [auth2.c]
4618 - Add missing #ifdefs; ok - markus
Damien Millere4340be2000-09-16 13:29:08 +11004619 - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
Damien Miller0437b332000-05-02 09:56:41 +10004620 gathering commands from a text file
Damien Miller63560f92000-05-02 09:06:04 +10004621 - Release 2.0.0beta1
4622
Damien Miller7c8af4f2000-05-01 08:24:07 +1000462320000501
4624 - OpenBSD CVS update
4625 [packet.c]
4626 - send debug messages in SSH2 format
Damien Miller35dabd02000-05-01 21:10:33 +10004627 [scp.c]
4628 - fix very rare EAGAIN/EINTR issues; based on work by djm
4629 [packet.c]
4630 - less debug, rm unused
4631 [auth2.c]
4632 - disable kerb,s/key in ssh2
4633 [sshd.8]
4634 - Minor tweaks and typo fixes.
4635 [ssh-keygen.c]
4636 - Put -d into usage and reorder. markus ok.
Damien Millere4340be2000-09-16 13:29:08 +11004637 - Include missing headers for OpenSSL tests. Fix from Phil Karn
Damien Millere59ce622000-05-01 20:54:17 +10004638 <karn@ka9q.ampr.org>
Damien Millere4340be2000-09-16 13:29:08 +11004639 - Fixed __progname symbol collisions reported by Andre Lucas
Damien Miller70fb6712000-05-01 20:59:50 +10004640 <andre.lucas@dial.pipex.com>
Damien Miller0e489dc2000-05-01 22:53:53 +10004641 - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
4642 <gd@hilb1.medat.de>
Damien Miller1cead2c2000-05-01 22:55:23 +10004643 - Add some missing ifdefs to auth2.c
Damien Miller7c004262000-05-01 22:57:46 +10004644 - Deprecate perl-tk askpass.
Damien Millerfc0b11b2000-05-02 00:03:55 +10004645 - Irix portability fixes - don't include netinet headers more than once
4646 - Make sure we don't save PRNG seed more than once
Damien Miller7c8af4f2000-05-01 08:24:07 +10004647
Damien Miller1bead332000-04-30 00:47:29 +1000464820000430
4649 - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
Damien Miller4018c192000-04-30 09:30:44 +10004650 - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
4651 patch.
4652 - Adds timeout to entropy collection
4653 - Disables slow entropy sources
4654 - Load and save seed file
Damien Millere4340be2000-09-16 13:29:08 +11004655 - Changed entropy seed code to user per-user seeds only (server seed is
Damien Miller4018c192000-04-30 09:30:44 +10004656 saved in root's .ssh directory)
4657 - Use atexit() and fatal cleanups to save seed on exit
Damien Millerbd483e72000-04-30 10:00:53 +10004658 - More OpenBSD updates:
4659 [session.c]
4660 - don't call chan_write_failed() if we are not writing
4661 [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
4662 - keysize warnings error() -> log()
Damien Miller1bead332000-04-30 00:47:29 +10004663
Damien Millereba71ba2000-04-29 23:57:08 +1000466420000429
4665 - Merge big update to OpenSSH-2.0 from OpenBSD CVS
4666 [README.openssh2]
4667 - interop w/ F-secure windows client
4668 - sync documentation
4669 - ssh_host_dsa_key not ssh_dsa_key
4670 [auth-rsa.c]
4671 - missing fclose
4672 [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
4673 [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
4674 [sshd.c uuencode.c uuencode.h authfile.h]
4675 - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
4676 for trading keys with the real and the original SSH, directly from the
4677 people who invented the SSH protocol.
4678 [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
4679 [sshconnect1.c sshconnect2.c]
4680 - split auth/sshconnect in one file per protocol version
4681 [sshconnect2.c]
4682 - remove debug
4683 [uuencode.c]
4684 - add trailing =
4685 [version.h]
4686 - OpenSSH-2.0
4687 [ssh-keygen.1 ssh-keygen.c]
4688 - add -R flag: exit code indicates if RSA is alive
4689 [sshd.c]
4690 - remove unused
4691 silent if -Q is specified
4692 [ssh.h]
4693 - host key becomes /etc/ssh_host_dsa_key
4694 [readconf.c servconf.c ]
4695 - ssh/sshd default to proto 1 and 2
4696 [uuencode.c]
4697 - remove debug
4698 [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
4699 - xfree DSA blobs
4700 [auth2.c serverloop.c session.c]
4701 - cleanup logging for sshd/2, respect PasswordAuth no
4702 [sshconnect2.c]
4703 - less debug, respect .ssh/config
4704 [README.openssh2 channels.c channels.h]
Damien Millere4340be2000-09-16 13:29:08 +11004705 - clientloop.c session.c ssh.c
Damien Millereba71ba2000-04-29 23:57:08 +10004706 - support for x11-fwding, client+server
4707
Damien Millera552faf2000-04-21 15:55:20 +1000470820000421
4709 - Merge fix from OpenBSD CVS
4710 [ssh-agent.c]
4711 - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
4712 via Debian bug #59926
Damien Miller81171112000-04-23 11:14:01 +10004713 - Define __progname in session.c if libc doesn't
4714 - Remove indentation on autoconf #include statements to avoid bug in
Damien Millere4340be2000-09-16 13:29:08 +11004715 DEC Tru64 compiler. Report and fix from David Del Piero
Damien Miller81171112000-04-23 11:14:01 +10004716 <David.DelPiero@qed.qld.gov.au>
Damien Millera552faf2000-04-21 15:55:20 +10004717
Damien Miller3ef692a2000-04-20 07:33:24 +1000471820000420
Damien Millere4340be2000-09-16 13:29:08 +11004719 - Make fixpaths work with perl4, patch from Andre Lucas
Damien Miller3ef692a2000-04-20 07:33:24 +10004720 <andre.lucas@dial.pipex.com>
Damien Miller166fca82000-04-20 07:42:21 +10004721 - Sync with OpenBSD CVS:
4722 [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
4723 - pid_t
4724 [session.c]
4725 - remove bogus chan_read_failed. this could cause data
4726 corruption (missing data) at end of a SSH2 session.
Damien Millerd0cff3e2000-04-20 23:12:58 +10004727 - Merge fixes from Debian patch from Phil Hands <phil@hands.com>
4728 - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
4729 - Use vhangup to clean up Linux ttys
4730 - Force posix getopt processing on GNU libc systems
Damien Millercfabe862000-04-20 23:27:27 +10004731 - Debian bug #55910 - remove references to ssl(8) manpages
Damien Millerf3a3fee2000-04-20 23:32:48 +10004732 - Debian bug #58031 - ssh_config lies about default cipher
Damien Miller3ef692a2000-04-20 07:33:24 +10004733
Damien Miller8bb73be2000-04-19 16:26:12 +1000473420000419
4735 - OpenBSD CVS updates
4736 [channels.c]
4737 - fix pr 1196, listen_port and port_to_connect interchanged
4738 [scp.c]
Damien Millere4340be2000-09-16 13:29:08 +11004739 - after completion, replace the progress bar ETA counter with a final
Damien Miller8bb73be2000-04-19 16:26:12 +10004740 elapsed time; my idea, aaron wrote the patch
4741 [ssh_config sshd_config]
4742 - show 'Protocol' as an example, ok markus@
4743 [sshd.c]
4744 - missing xfree()
4745 - Add missing header to bsd-misc.c
4746
Damien Miller5f056372000-04-16 12:31:48 +1000474720000416
4748 - Reduce diff against OpenBSD source
Damien Millere4340be2000-09-16 13:29:08 +11004749 - All OpenSSL includes are now unconditionally referenced as
Damien Miller5f056372000-04-16 12:31:48 +10004750 openssl/foo.h
4751 - Pick up formatting changes
4752 - Other minor changed (typecasts, etc) that I missed
4753
Damien Miller4af51302000-04-16 11:18:38 +1000475420000415
4755 - OpenBSD CVS updates.
4756 [ssh.1 ssh.c]
4757 - ssh -2
4758 [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
4759 [session.c sshconnect.c]
4760 - check payload for (illegal) extra data
4761 [ALL]
4762 whitespace cleanup
4763
Damien Millere71eb912000-04-13 12:19:32 +1000476420000413
4765 - INSTALL doc updates
Damien Miller22c77262000-04-13 12:26:34 +10004766 - Merged OpenBSD updates to include paths.
Damien Millere4340be2000-09-16 13:29:08 +11004767
Damien Miller78928792000-04-12 20:17:38 +1000476820000412
4769 - OpenBSD CVS updates:
4770 - [channels.c]
4771 repair x11-fwd
4772 - [sshconnect.c]
4773 fix passwd prompt for ssh2, less debugging output.
4774 - [clientloop.c compat.c dsa.c kex.c sshd.c]
4775 less debugging output
4776 - [kex.c kex.h sshconnect.c sshd.c]
4777 check for reasonable public DH values
4778 - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
4779 [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
4780 add Cipher and Protocol options to ssh/sshd, e.g.:
4781 ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
4782 arcfour,3des-cbc'
4783 - [sshd.c]
4784 print 1.99 only if server supports both
4785
Damien Millerbc7c7cc2000-04-08 17:48:56 +1000478620000408
4787 - Avoid some compiler warnings in fake-get*.c
4788 - Add IPTOS macros for systems which lack them
Damien Miller11e37f62000-04-08 18:23:30 +10004789 - Only set define entropy collection macros if they are found
Damien Millerefb4afe2000-04-12 18:45:05 +10004790 - More large OpenBSD CVS updates:
4791 - [auth.c auth.h servconf.c servconf.h serverloop.c session.c]
4792 [session.h ssh.h sshd.c README.openssh2]
4793 ssh2 server side, see README.openssh2; enable with 'sshd -2'
4794 - [channels.c]
4795 no adjust after close
4796 - [sshd.c compat.c ]
4797 interop w/ latest ssh.com windows client.
Damien Miller33804262001-02-04 23:20:18 +11004798
Damien Miller1383bd82000-04-06 12:32:37 +1000479920000406
4800 - OpenBSD CVS update:
4801 - [channels.c]
4802 close efd on eof
4803 - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
4804 ssh2 client implementation, interops w/ ssh.com and lsh servers.
4805 - [sshconnect.c]
4806 missing free.
4807 - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
4808 remove unused argument, split cipher_mask()
4809 - [clientloop.c]
4810 re-order: group ssh1 vs. ssh2
4811 - Make Redhat spec require openssl >= 0.9.5a
4812
Damien Miller193ba882000-04-04 10:21:09 +1000481320000404
4814 - Add tests for RAND_add function when searching for OpenSSL
Damien Miller33b13562000-04-04 14:38:59 +10004815 - OpenBSD CVS update:
4816 - [packet.h packet.c]
4817 ssh2 packet format
4818 - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
4819 [channels.h channels.c]
4820 channel layer support for ssh2
4821 - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
4822 DSA, keyexchange, algorithm agreement for ssh2
Damien Miller74a333b2000-04-04 15:04:09 +10004823 - Generate manpages before make install not at the end of make all
4824 - Don't seed the rng quite so often
4825 - Always reseed rng when requested
Damien Miller193ba882000-04-04 10:21:09 +10004826
Damien Miller040f3832000-04-03 14:50:43 +1000482720000403
4828 - Wrote entropy collection routines for systems that lack /dev/random
4829 and EGD
Damien Miller70494d12000-04-03 15:57:06 +10004830 - Disable tests and typedefs for 64 bit types. They are currently unused.
Damien Miller040f3832000-04-03 14:50:43 +10004831
Damien Millerb38eff82000-04-01 11:09:21 +1000483220000401
4833 - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
4834 - [auth.c session.c sshd.c auth.h]
4835 split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
4836 - [bufaux.c bufaux.h]
4837 support ssh2 bignums
4838 - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
4839 [readconf.c ssh.c ssh.h serverloop.c]
4840 replace big switch() with function tables (prepare for ssh2)
4841 - [ssh2.h]
4842 ssh2 message type codes
4843 - [sshd.8]
4844 reorder Xr to avoid cutting
4845 - [serverloop.c]
4846 close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
4847 - [channels.c]
4848 missing close
4849 allow bigger packets
4850 - [cipher.c cipher.h]
4851 support ssh2 ciphers
4852 - [compress.c]
4853 cleanup, less code
4854 - [dispatch.c dispatch.h]
4855 function tables for different message types
4856 - [log-server.c]
4857 do not log() if debuggin to stderr
4858 rename a cpp symbol, to avoid param.h collision
4859 - [mpaux.c]
4860 KNF
4861 - [nchan.c]
4862 sync w/ channels.c
4863
Damien Miller2c9279f2000-03-26 12:12:34 +1000486420000326
4865 - Better tests for OpenSSL w/ RSAref
Damien Millere4340be2000-09-16 13:29:08 +11004866 - Added replacement setenv() function from OpenBSD libc. Suggested by
Damien Miller2c9279f2000-03-26 12:12:34 +10004867 Ben Lindstrom <mouring@pconline.com>
Damien Miller450a7a12000-03-26 13:04:51 +10004868 - OpenBSD CVS update
4869 - [auth-krb4.c]
4870 -Wall
4871 - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
4872 [match.h ssh.c ssh.h sshconnect.c sshd.c]
4873 initial support for DSA keys. ok deraadt@, niels@
4874 - [cipher.c cipher.h]
4875 remove unused cipher_attack_detected code
4876 - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
4877 Fix some formatting problems I missed before.
4878 - [ssh.1 sshd.8]
4879 fix spelling errors, From: FreeBSD
4880 - [ssh.c]
4881 switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
Damien Miller2c9279f2000-03-26 12:12:34 +10004882
Damien Miller63a46cc2000-03-24 09:24:33 +1100488320000324
4884 - Released 1.2.3
4885
Damien Miller29ea30d2000-03-17 10:54:15 +1100488620000317
4887 - Clarified --with-default-path option.
4888 - Added -blibpath handling for AIX to work around stupid runtime linking.
4889 Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11004890 <jmknoble@jmknoble.cx>
Damien Millerd6121d22000-03-17 23:26:46 +11004891 - Checks for 64 bit int types. Problem report from Mats Fredholm
4892 <matsf@init.se>
Damien Miller7684ee12000-03-17 23:40:15 +11004893 - OpenBSD CVS updates:
Damien Millere4340be2000-09-16 13:29:08 +11004894 - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
Damien Miller7684ee12000-03-17 23:40:15 +11004895 [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
4896 [sshd.c]
4897 pedantic: signed vs. unsigned, void*-arithm, etc
4898 - [ssh.1 sshd.8]
4899 Various cleanups and standardizations.
Damien Millere4340be2000-09-16 13:29:08 +11004900 - Runtime error fix for HPUX from Otmar Stahl
Damien Millere37ac5a2000-03-17 23:58:59 +11004901 <O.Stahl@lsw.uni-heidelberg.de>
Damien Miller29ea30d2000-03-17 10:54:15 +11004902
Damien Miller08c788a2000-03-16 07:52:29 +1100490320000316
Damien Millere4340be2000-09-16 13:29:08 +11004904 - Fixed configure not passing LDFLAGS to Solaris. Report from David G.
Damien Miller08c788a2000-03-16 07:52:29 +11004905 Hesprich <dghespri@sprintparanet.com>
Damien Miller166bd442000-03-16 10:48:25 +11004906 - Propogate LD through to Makefile
Damien Millerfd263682000-03-16 11:51:09 +11004907 - Doc cleanups
Damien Millerca9a49c2000-03-16 12:23:13 +11004908 - Added blurb about "scp: command not found" errors to UPGRADING
Damien Miller08c788a2000-03-16 07:52:29 +11004909
Damien Millera1ad4802000-03-15 10:04:54 +1100491020000315
4911 - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
4912 problems with gcc/Solaris.
Damien Millere4340be2000-09-16 13:29:08 +11004913 - Don't free argument to putenv() after use (in setenv() replacement).
Damien Millerf09b07a2000-03-15 11:23:48 +11004914 Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11004915 - Created contrib/ subdirectory. Included helpers from Phil Hands'
Damien Miller8b1c22b2000-03-15 12:13:01 +11004916 Debian package, README file and chroot patch from Ricardo Cerqueira
4917 <rmcc@clix.pt>
Damien Millere4340be2000-09-16 13:29:08 +11004918 - Moved gnome-ssh-askpass.c to contrib directory and removed config
Damien Miller8b1c22b2000-03-15 12:13:01 +11004919 option.
4920 - Slight cleanup to doc files
Damien Miller856799b2000-03-15 21:18:10 +11004921 - Configure fix from Bratislav ILICH <bilic@zepter.ru>
Damien Millera1ad4802000-03-15 10:04:54 +11004922
Damien Miller1c67c992000-03-14 10:16:34 +1100492320000314
Damien Millere4340be2000-09-16 13:29:08 +11004924 - Include macro for IN6_IS_ADDR_V4MAPPED. Report from
Damien Miller1c67c992000-03-14 10:16:34 +11004925 peter@frontierflying.com
Damien Millerdb819592000-03-14 13:44:01 +11004926 - Include /usr/local/include and /usr/local/lib for systems that don't
4927 do it themselves
4928 - -R/usr/local/lib for Solaris
4929 - Fix RSAref detection
4930 - Fix IN6_IS_ADDR_V4MAPPED macro
Damien Miller1c67c992000-03-14 10:16:34 +11004931
Damien Millerb85dcad2000-03-11 11:37:00 +1100493220000311
4933 - Detect RSAref
Damien Miller02491e92000-03-11 11:58:28 +11004934 - OpenBSD CVS change
4935 [sshd.c]
4936 - disallow guessing of root password
Damien Millerd58b3ab2000-03-11 20:05:11 +11004937 - More configure fixes
Damien Miller7bcb0892000-03-11 20:45:40 +11004938 - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
Damien Millerb85dcad2000-03-11 11:37:00 +11004939
Damien Miller98c7ad62000-03-09 21:27:49 +1100494020000309
4941 - OpenBSD CVS updates to v1.2.3
Damien Millerbe484b52000-07-15 14:14:16 +10004942 [ssh.h atomicio.c]
4943 - int atomicio -> ssize_t (for alpha). ok deraadt@
4944 [auth-rsa.c]
4945 - delay MD5 computation until client sends response, free() early, cleanup.
4946 [cipher.c]
4947 - void* -> unsigned char*, ok niels@
4948 [hostfile.c]
4949 - remove unused variable 'len'. fix comments.
4950 - remove unused variable
4951 [log-client.c log-server.c]
4952 - rename a cpp symbol, to avoid param.h collision
4953 [packet.c]
4954 - missing xfree()
4955 - getsockname() requires initialized tolen; andy@guildsoftware.com
4956 - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
4957 from Holger.Trapp@Informatik.TU-Chemnitz.DE
4958 [pty.c pty.h]
Damien Millere4340be2000-09-16 13:29:08 +11004959 - register cleanup for pty earlier. move code for pty-owner handling to
Damien Miller98c7ad62000-03-09 21:27:49 +11004960 pty.c ok provos@, dugsong@
Damien Millerbe484b52000-07-15 14:14:16 +10004961 [readconf.c]
4962 - turn off x11-fwd for the client, too.
4963 [rsa.c]
4964 - PKCS#1 padding
4965 [scp.c]
4966 - allow '.' in usernames; from jedgar@fxp.org
4967 [servconf.c]
4968 - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
4969 - sync with sshd_config
4970 [ssh-keygen.c]
4971 - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
4972 [ssh.1]
4973 - Change invalid 'CHAT' loglevel to 'VERBOSE'
4974 [ssh.c]
4975 - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
4976 - turn off x11-fwd for the client, too.
4977 [sshconnect.c]
4978 - missing xfree()
4979 - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
4980 - read error vs. "Connection closed by remote host"
4981 [sshd.8]
4982 - ie. -> i.e.,
4983 - do not link to a commercial page..
4984 - sync with sshd_config
4985 [sshd.c]
4986 - no need for poll.h; from bright@wintelcom.net
4987 - log with level log() not fatal() if peer behaves badly.
4988 - don't panic if client behaves strange. ok deraadt@
4989 - make no-port-forwarding for RSA keys deny both -L and -R style fwding
4990 - delay close() of pty until the pty has been chowned back to root
4991 - oops, fix comment, too.
4992 - missing xfree()
4993 - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
4994 (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
Damien Millere4340be2000-09-16 13:29:08 +11004995 - register cleanup for pty earlier. move code for pty-owner handling to
Damien Millerbe484b52000-07-15 14:14:16 +10004996 pty.c ok provos@, dugsong@
4997 - create x11 cookie file
4998 - fix pr 1113, fclose() -> pclose(), todo: remote popen()
4999 - version 1.2.3
Damien Miller98c7ad62000-03-09 21:27:49 +11005000 - Cleaned up
Damien Millere4340be2000-09-16 13:29:08 +11005001 - Removed warning workaround for Linux and devpts filesystems (no longer
Damien Miller8f975b62000-03-09 22:31:13 +11005002 required after OpenBSD updates)
Damien Miller98c7ad62000-03-09 21:27:49 +11005003
Damien Miller1a07ebd2000-03-08 09:03:44 +1100500420000308
5005 - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp>
5006
500720000307
5008 - Released 1.2.2p1
5009
Damien Miller01bedb82000-03-05 16:10:03 +1100501020000305
5011 - Fix DEC compile fix
Damien Millerfac99cd2000-03-05 16:10:45 +11005012 - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
Damien Miller9fb07e42000-03-05 16:22:59 +11005013 - Check for getpagesize in libucb.a if not found in libc. Fix for old
5014 Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millere4340be2000-09-16 13:29:08 +11005015 - Check for libwrap if --with-tcp-wrappers option specified. Suggestion
Damien Miller65165f82000-03-05 17:02:45 +11005016 Mate Wierdl <mw@moni.msci.memphis.edu>
Damien Miller01bedb82000-03-05 16:10:03 +11005017
Damien Miller4095f892000-03-03 22:13:52 +1100501820000303
5019 - Added "make host-key" target, Suggestion from Dominik Brettnacher
5020 <domi@saargate.de>
Damien Millere4340be2000-09-16 13:29:08 +11005021 - Don't permanently fail on bind() if getaddrinfo has more choices left for
Damien Miller3c7eeb22000-03-03 22:35:33 +11005022 us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
5023 Miskiewicz <misiek@pld.org.pl>
Damien Miller00d4bb12000-03-03 22:48:49 +11005024 - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
5025 - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
Damien Miller4095f892000-03-03 22:13:52 +11005026
Damien Millera22ba012000-03-02 23:09:20 +1100502720000302
5028 - Big cleanup of autoconf code
5029 - Rearranged to be a little more logical
5030 - Added -R option for Solaris
5031 - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
5032 to detect library and header location _and_ ensure library has proper
5033 RSA support built in (this is a problem with OpenSSL 0.9.5).
Damien Millerc7d8dbb2000-03-02 23:30:53 +11005034 - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de
Damien Millerc4cea3e2000-03-02 23:31:50 +11005035 - Avoid warning message with Unix98 ptys
Damien Millere4340be2000-09-16 13:29:08 +11005036 - Warning was valid - possible race condition on PTYs. Avoided using
Damien Miller204ad072000-03-02 23:56:12 +11005037 platform-specific code.
5038 - Document some common problems
Damien Millere4340be2000-09-16 13:29:08 +11005039 - Allow root access to any key. Patch from
Damien Miller2453d012000-03-02 23:57:18 +11005040 markus.friedl@informatik.uni-erlangen.de
Damien Millera22ba012000-03-02 23:09:20 +11005041
Damien Miller36143d72000-02-07 13:20:26 +1100504220000207
5043 - Removed SOCKS code. Will support through a ProxyCommand.
5044
Damien Miller18522462000-02-03 01:07:07 +1100504520000203
5046 - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu
Damien Miller0c0e4bf2000-02-03 13:58:51 +11005047 - Add --with-ssl-dir option
Damien Miller18522462000-02-03 01:07:07 +11005048
Damien Miller65527582000-02-02 19:17:40 +1100504920000202
Damien Millere4340be2000-09-16 13:29:08 +11005050 - Fix lastlog code for directory based lastlogs. Fix from Josh Durham
Damien Miller65527582000-02-02 19:17:40 +11005051 <jmd@aoe.vt.edu>
Damien Miller17872522000-02-02 20:56:20 +11005052 - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11005053 - Added URLs to Japanese translations of documents by HARUYAMA Seigo
Damien Miller17872522000-02-02 20:56:20 +11005054 <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Miller65527582000-02-02 19:17:40 +11005055
Damien Miller9e53f352000-02-01 23:05:30 +1100505620000201
5057 - Use socket pairs by default (instead of pipes). Prevents race condition
5058 on several (buggy) OSs. Report and fix from tridge@linuxcare.com
5059
Damien Millerf07390e2000-01-29 20:40:22 +1100506020000127
5061 - Seed OpenSSL's random number generator before generating RSA keypairs
5062 - Split random collector into seperate file
Damien Miller6034fdf2000-01-29 20:55:09 +11005063 - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millerf07390e2000-01-29 20:40:22 +11005064
Damien Miller27f4c782000-01-27 18:22:13 +1100506520000126
5066 - Released 1.2.2 stable
5067
Damien Millere4340be2000-09-16 13:29:08 +11005068 - NeXT keeps it lastlog in /usr/adm. Report from
Damien Miller27f4c782000-01-27 18:22:13 +11005069 mouring@newton.pconline.com
Damien Millere4340be2000-09-16 13:29:08 +11005070 - Added note in UPGRADING re interop with commercial SSH using idea.
Damien Millerf1aa21f2001-01-05 09:30:32 +11005071 Report from Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc85f9b42000-01-29 10:20:21 +11005072 - Fix linking order for Kerberos/AFS. Fix from Holget Trapp
5073 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Miller27f4c782000-01-27 18:22:13 +11005074
Damien Millerd89c24b2000-01-26 11:04:48 +1100507520000125
Damien Millere4340be2000-09-16 13:29:08 +11005076 - Fix NULL pointer dereference in login.c. Fix from Andre Lucas
Damien Millerd89c24b2000-01-26 11:04:48 +11005077 <andre.lucas@dial.pipex.com>
Damien Millerfa51a832000-01-26 11:07:22 +11005078 - Reorder PAM initialisation so it does not mess up lastlog. Reported
5079 by Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millere4340be2000-09-16 13:29:08 +11005080 - Use preformatted manpages on SCO, report from Gary E. Miller
Damien Miller0e1cf7c2000-01-26 12:15:30 +11005081 <gem@rellim.com>
5082 - New URL for x11-ssh-askpass.
Damien Millere4340be2000-09-16 13:29:08 +11005083 - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11005084 <jmknoble@jmknoble.cx>
Damien Millere4340be2000-09-16 13:29:08 +11005085 - Added 'DESTDIR' option to Makefile to ease package building. Patch from
Damien Millerf1aa21f2001-01-05 09:30:32 +11005086 Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller7d7c60d2000-01-26 14:37:48 +11005087 - Updated RPM spec files to use DESTDIR
Damien Millerd89c24b2000-01-26 11:04:48 +11005088
Damien Miller68cee102000-01-24 17:02:27 +1100508920000124
5090 - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
5091 increment)
5092
Damien Miller6fe375d2000-01-23 09:38:00 +1100509320000123
5094 - OpenBSD CVS:
5095 - [packet.c]
5096 getsockname() requires initialized tolen; andy@guildsoftware.com
Damien Millere4340be2000-09-16 13:29:08 +11005097 - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
Damien Miller1fa154b2000-01-23 10:32:03 +11005098 <drankin@bohemians.lexington.ky.us>
Damien Millerdef0dc92000-01-23 20:18:35 +11005099 - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Miller6fe375d2000-01-23 09:38:00 +11005100
Damien Miller91427002000-01-22 13:25:13 +1100510120000122
5102 - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
5103 <bent@clark.net>
Damien Miller670a4b82000-01-22 13:53:11 +11005104 - Merge preformatted manpage patch from Andre Lucas
5105 <andre.lucas@dial.pipex.com>
Damien Miller07278932000-01-22 14:05:37 +11005106 - Make IPv4 use the default in RPM packages
5107 - Irix uses preformatted manpages
Damien Miller8dbbe6e2000-01-22 18:17:42 +11005108 - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
5109 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Millerf052aaf2000-01-22 19:47:21 +11005110 - OpenBSD CVS updates:
5111 - [packet.c]
5112 use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
5113 from Holger.Trapp@Informatik.TU-Chemnitz.DE
5114 - [sshd.c]
5115 log with level log() not fatal() if peer behaves badly.
5116 - [readpass.c]
Damien Millere4340be2000-09-16 13:29:08 +11005117 instead of blocking SIGINT, catch it ourselves, so that we can clean
5118 the tty modes up and kill ourselves -- instead of our process group
Damien Miller33804262001-02-04 23:20:18 +11005119 leader (scp, cvs, ...) going away and leaving us in noecho mode.
Damien Millerf052aaf2000-01-22 19:47:21 +11005120 people with cbreak shells never even noticed..
Damien Miller14537852000-01-22 19:57:40 +11005121 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
5122 ie. -> i.e.,
Damien Miller91427002000-01-22 13:25:13 +11005123
Damien Millereca71f82000-01-20 22:38:27 +1100512420000120
5125 - Don't use getaddrinfo on AIX
Damien Miller396691a2000-01-20 22:44:08 +11005126 - Update to latest OpenBSD CVS:
5127 - [auth-rsa.c]
5128 - fix user/1056, sshd keeps restrictions; dbt@meat.net
5129 - [sshconnect.c]
5130 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
5131 - destroy keys earlier
Damien Millere4340be2000-09-16 13:29:08 +11005132 - split key exchange (kex) and user authentication (user-auth),
Damien Milleree1c0b32000-01-21 00:18:15 +11005133 ok: provos@
Damien Miller396691a2000-01-20 22:44:08 +11005134 - [sshd.c]
5135 - no need for poll.h; from bright@wintelcom.net
5136 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
Damien Millere4340be2000-09-16 13:29:08 +11005137 - split key exchange (kex) and user authentication (user-auth),
Damien Milleree1c0b32000-01-21 00:18:15 +11005138 ok: provos@
Damien Miller88b86e42000-01-20 23:13:35 +11005139 - Big manpage and config file cleanup from Andre Lucas
5140 <andre.lucas@dial.pipex.com>
Damien Miller886c63a2000-01-20 23:13:36 +11005141 - Re-added latest (unmodified) OpenBSD manpages
Damien Millereab2ce02000-01-20 23:58:22 +11005142 - Doc updates
Damien Milleree1c0b32000-01-21 00:18:15 +11005143 - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
5144 Christos Zoulas <christos@netbsd.org>
Damien Millereca71f82000-01-20 22:38:27 +11005145
Damien Miller9550a242000-01-19 10:41:23 +1100514620000119
Damien Millereaf99942000-01-19 13:45:07 +11005147 - SCO compile fixes from Gary E. Miller <gem@rellim.com>
Damien Miller9550a242000-01-19 10:41:23 +11005148 - Compile fix from Darren_Hall@progressive.com
Damien Miller7d80e342000-01-19 14:36:49 +11005149 - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
5150 addresses using getaddrinfo(). Added a configure switch to make the
5151 default lookup mode AF_INET
Damien Miller9550a242000-01-19 10:41:23 +11005152
Damien Millerdbd250f2000-01-18 08:57:14 +1100515320000118
5154 - Fixed --with-pid-dir option
Damien Millerca673b32000-01-18 09:01:27 +11005155 - Makefile fix from Gary E. Miller <gem@rellim.com>
Damien Miller33804262001-02-04 23:20:18 +11005156 - Compile fix for HPUX and Solaris from Andre Lucas
Damien Millere0f45742000-01-18 09:12:06 +11005157 <andre.lucas@dial.pipex.com>
Damien Millerdbd250f2000-01-18 08:57:14 +11005158
Damien Millerb9b94a72000-01-17 09:52:46 +1100515920000117
5160 - Clean up bsd-bindresvport.c. Use arc4random() for picking initial
5161 port, ignore EINVAL errors (Linux) when searching for free port.
Damien Millere4340be2000-09-16 13:29:08 +11005162 - Revert __snprintf -> snprintf aliasing. Apparently Solaris
Damien Miller834171e2000-01-17 09:59:41 +11005163 __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org>
Damien Millerf693d3b2000-01-17 11:56:27 +11005164 - Document location of Redhat PAM file in INSTALL.
Damien Millere4340be2000-09-16 13:29:08 +11005165 - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6
5166 INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to
Damien Miller19fe9c72000-01-17 15:23:01 +11005167 deliver (no IPv6 kernel support)
Damien Millere2192732000-01-17 13:22:55 +11005168 - Released 1.2.1pre27
Damien Millerb9b94a72000-01-17 09:52:46 +11005169
Damien Miller19fe9c72000-01-17 15:23:01 +11005170 - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c)
Damien Millere4340be2000-09-16 13:29:08 +11005171 - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
Damien Millerd426ed62000-01-17 19:22:36 +11005172 <jhuuskon@hytti.uku.fi>
Damien Millere4340be2000-09-16 13:29:08 +11005173 - Fix hang on logout if processes are still using the pty. Needs
Damien Millerb284b542000-01-17 20:55:18 +11005174 further testing.
Damien Miller66409952000-01-17 21:40:06 +11005175 - Patch from Christos Zoulas <christos@zoulas.com>
5176 - Try $prefix first when looking for OpenSSL.
5177 - Include sys/types.h when including sys/socket.h in test programs
Damien Millere4340be2000-09-16 13:29:08 +11005178 - Substitute PID directory in sshd.8. Suggestion from Andrew
Damien Millerb13c73e2000-01-17 22:02:17 +11005179 Stribblehill <a.d.stribblehill@durham.ac.uk>
Damien Miller19fe9c72000-01-17 15:23:01 +11005180
Damien Miller5eed6a22000-01-16 12:05:18 +1100518120000116
5182 - Renamed --with-xauth-path to --with-xauth
5183 - Added --with-pid-dir option
5184 - Released 1.2.1pre26
5185
Damien Miller8f926492000-01-16 18:19:25 +11005186 - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
Damien Millere4340be2000-09-16 13:29:08 +11005187 - Fixed broken bugfix for /dev/ptmx on Linux systems which lack
Damien Miller62a52ef2000-01-16 23:03:56 +11005188 openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
Damien Miller8f926492000-01-16 18:19:25 +11005189
Damien Millerb29ea912000-01-15 14:12:03 +1100519020000115
5191 - Add --with-xauth-path configure directive and explicit test for
Damien Millere4340be2000-09-16 13:29:08 +11005192 /usr/openwin/bin/xauth for Solaris systems. Report from Anders
Damien Millerb29ea912000-01-15 14:12:03 +11005193 Nordby <anders@fix.no>
Damien Millere4340be2000-09-16 13:29:08 +11005194 - Fix incorrect detection of /dev/ptmx on Linux systems that lack
Damien Millerb29ea912000-01-15 14:12:03 +11005195 openpty. Report from John Seifarth <john@waw.be>
5196 - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in
Damien Millere4340be2000-09-16 13:29:08 +11005197 sys/types.h. Fixes problems on SCO, report from Gary E. Miller
Damien Millerb29ea912000-01-15 14:12:03 +11005198 <gem@rellim.com>
5199 - Use __snprintf and __vnsprintf if they are found where snprintf and
5200 vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net>
5201 and others.
5202
Damien Miller34132e52000-01-14 15:45:46 +1100520320000114
5204 - Merged OpenBSD IPv6 patch:
5205 - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
5206 [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
5207 [hostfile.c sshd_config]
5208 ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
Damien Millere4340be2000-09-16 13:29:08 +11005209 features: sshd allows multiple ListenAddress and Port options. note
5210 that libwrap is not IPv6-ready. (based on patches from
Damien Miller34132e52000-01-14 15:45:46 +11005211 fujiwara@rcac.tdi.co.jp)
5212 - [ssh.c canohost.c]
Damien Millere4340be2000-09-16 13:29:08 +11005213 more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
Damien Miller34132e52000-01-14 15:45:46 +11005214 from itojun@
5215 - [channels.c]
5216 listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
5217 - [packet.h]
5218 allow auth-kerberos for IPv4 only
5219 - [scp.1 sshd.8 servconf.h scp.c]
5220 document -4, -6, and 'ssh -L 2022/::1/22'
5221 - [ssh.c]
Damien Millere4340be2000-09-16 13:29:08 +11005222 'ssh @host' is illegal (null user name), from
Damien Miller34132e52000-01-14 15:45:46 +11005223 karsten@gedankenpolizei.de
5224 - [sshconnect.c]
5225 better error message
5226 - [sshd.c]
5227 allow auth-kerberos for IPv4 only
5228 - Big IPv6 merge:
5229 - Cleanup overrun in sockaddr copying on RHL 6.1
5230 - Replacements for getaddrinfo, getnameinfo, etc based on versions
5231 from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
5232 - Replacement for missing structures on systems that lack IPv6
5233 - record_login needed to know about AF_INET6 addresses
5234 - Borrowed more code from OpenBSD: rresvport_af and requisites
5235
Damien Miller25e42562000-01-11 10:59:47 +1100523620000110
5237 - Fixes to auth-skey to enable it to use the standard OpenSSL libraries
5238
Damien Miller2edcda52000-01-07 08:56:05 +1100523920000107
5240 - New config.sub and config.guess to fix problems on SCO. Supplied
5241 by Gary E. Miller <gem@rellim.com>
Damien Millerfa824cb2000-01-07 18:51:27 +11005242 - SCO build fix from Gary E. Miller <gem@rellim.com>
Damien Miller25e42562000-01-11 10:59:47 +11005243 - Released 1.2.1pre25
Damien Miller2edcda52000-01-07 08:56:05 +11005244
Damien Miller105b7f02000-01-07 08:45:55 +1100524520000106
5246 - Documentation update & cleanup
5247 - Better KrbIV / AFS detection, based on patch from:
5248 Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
5249
Damien Miller1808f382000-01-06 12:03:12 +1100525020000105
Damien Millere4340be2000-09-16 13:29:08 +11005251 - Fixed annoying DES corruption problem. libcrypt has been
Damien Miller1808f382000-01-06 12:03:12 +11005252 overriding symbols in libcrypto. Removed libcrypt and crypt.h
5253 altogether (libcrypto includes its own crypt(1) replacement)
5254 - Added platform-specific rules for Irix 6.x. Included warning that
5255 they are untested.
5256
Damien Miller645c5982000-01-03 14:42:09 +1100525720000103
5258 - Add explicit make rules for files proccessed by fixpaths.
Damien Miller33804262001-02-04 23:20:18 +11005259 - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
Damien Miller645c5982000-01-03 14:42:09 +11005260 <tnh@kondara.org>
Damien Millere4340be2000-09-16 13:29:08 +11005261 - Removed "nullok" directive from default PAM configuration files.
5262 Added information on enabling EmptyPasswords on openssh+PAM in
Damien Millere9c8f4d2000-01-03 20:00:52 +11005263 UPGRADING file.
Damien Miller62ab38a2000-01-03 23:41:05 +11005264 - OpenBSD CVS updates
5265 - [ssh-agent.c]
Damien Millere4340be2000-09-16 13:29:08 +11005266 cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and
Damien Miller62ab38a2000-01-03 23:41:05 +11005267 dgaudet@arctic.org
5268 - [sshconnect.c]
5269 compare correct version for 1.3 compat mode
Damien Miller645c5982000-01-03 14:42:09 +11005270
Damien Miller5121e3a2000-01-02 11:49:28 +1100527120000102
5272 - Prevent multiple inclusion of config.h and defines.h. Suggested
5273 by Andre Lucas <andre.lucas@dial.pipex.com>
5274 - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet
5275 <dgaudet@arctic.org>
5276
Damien Miller8eb0fd61999-12-31 08:49:13 +1100527719991231
Damien Millere4340be2000-09-16 13:29:08 +11005278 - Fix password support on systems with a mixture of shadowed and
5279 non-shadowed passwords (e.g. NIS). Report and fix from
Damien Miller8eb0fd61999-12-31 08:49:13 +11005280 HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11005281 - Fix broken autoconf typedef detection. Report from Marc G.
Damien Millerf3e8be81999-12-31 08:59:04 +11005282 Fournier <marc.fournier@acadiau.ca>
Damien Miller03783f01999-12-31 09:16:40 +11005283 - Fix occasional crash on LinuxPPC. Patch from Franz Sirl
5284 <Franz.Sirl-kernel@lauterbach.com>
Damien Millere4340be2000-09-16 13:29:08 +11005285 - Prevent typedefs from being compiled more than once. Report from
Damien Millerb2532b31999-12-31 09:18:12 +11005286 Marc G. Fournier <marc.fournier@acadiau.ca>
Damien Miller3131d8b1999-12-31 09:42:24 +11005287 - Fill in ut_utaddr utmp field. Report from Benjamin Charron
5288 <iretd@bigfoot.com>
Damien Millere4340be2000-09-16 13:29:08 +11005289 - Really fix broken default path. Fix from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11005290 <jmknoble@jmknoble.cx>
Damien Milleraa7b64d1999-12-31 09:55:34 +11005291 - Remove test for quad_t. No longer needed.
Damien Miller6b85a7f2000-01-02 11:45:33 +11005292 - Released 1.2.1pre24
5293
5294 - Added support for directory-based lastlogs
5295 - Really fix typedefs, patch from Ben Taylor <bent@clark.net>
Damien Miller8eb0fd61999-12-31 08:49:13 +11005296
Damien Millerece22a81999-12-30 09:48:15 +1100529719991230
5298 - OpenBSD CVS updates:
5299 - [auth-passwd.c]
5300 check for NULL 1st
Damien Millere4340be2000-09-16 13:29:08 +11005301 - Removed most of the pam code into its own file auth-pam.[ch]. This
Damien Millere72b7af1999-12-30 15:08:44 +11005302 cleaned up sshd.c up significantly.
Damien Millere4340be2000-09-16 13:29:08 +11005303 - PAM authentication was incorrectly interpreting
Damien Miller8eb0fd61999-12-31 08:49:13 +11005304 "PermitRootLogin without-password". Report from Matthias Andree
5305 <ma@dt.e-technik.uni-dortmund.de
Damien Millere72b7af1999-12-30 15:08:44 +11005306 - Several other cleanups
Damien Miller8bdeee21999-12-30 15:50:54 +11005307 - Merged Dante SOCKS support patch from David Rankin
5308 <drankin@bohemians.lexington.ky.us>
5309 - Updated documentation with ./configure options
Damien Miller8eb0fd61999-12-31 08:49:13 +11005310 - Released 1.2.1pre23
Damien Millerece22a81999-12-30 09:48:15 +11005311
Damien Miller9550a761999-12-29 02:32:22 +1100531219991229
Damien Millere4340be2000-09-16 13:29:08 +11005313 - Applied another NetBSD portability patch from David Rankin
Damien Miller9550a761999-12-29 02:32:22 +11005314 <drankin@bohemians.lexington.ky.us>
5315 - Fix --with-default-path option.
Damien Millere4340be2000-09-16 13:29:08 +11005316 - Autodetect perl, patch from David Rankin
Damien Millere79334a1999-12-29 10:03:37 +11005317 <drankin@bohemians.lexington.ky.us>
Damien Millere4340be2000-09-16 13:29:08 +11005318 - Print whether OpenSSH was compiled with RSARef, patch from
Damien Millerd00d1611999-12-29 10:17:09 +11005319 Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
Damien Millere4340be2000-09-16 13:29:08 +11005320 - Calls to pam_setcred, patch from Nalin Dahyabhai
Damien Millerac3a4b41999-12-29 10:25:40 +11005321 <nalin@thermo.stat.ncsu.edu>
Damien Miller95058511999-12-29 10:36:45 +11005322 - Detect missing size_t and typedef it.
Damien Miller58ca7d81999-12-29 19:56:30 +11005323 - Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
5324 - Minor Makefile cleaning
Damien Miller9550a761999-12-29 02:32:22 +11005325
Damien Miller13bc0be1999-12-28 10:19:16 +1100532619991228
5327 - Replacement for getpagesize() for systems which lack it
Damien Millere4340be2000-09-16 13:29:08 +11005328 - NetBSD login.c compile fix from David Rankin
Damien Miller4ff2b9b1999-12-28 10:41:12 +11005329 <drankin@bohemians.lexington.ky.us>
5330 - Fully set ut_tv if present in utmp or utmpx
Damien Millerbeb4ba51999-12-28 15:09:35 +11005331 - Portability fixes for Irix 5.3 (now compiles OK!)
5332 - autoconf and other misc cleanups
Damien Miller74d0d4a1999-12-29 02:24:35 +11005333 - Merged AIX patch from Darren Hall <dhall@virage.org>
5334 - Cleaned up defines.h
Damien Miller06b472b1999-12-29 19:47:06 +11005335 - Released 1.2.1pre22
Damien Miller13bc0be1999-12-28 10:19:16 +11005336
Damien Millerc0d73901999-12-27 09:23:58 +1100533719991227
5338 - Automatically correct paths in manpages and configuration files. Patch
5339 and script from Andre Lucas <andre.lucas@dial.pipex.com>
5340 - Removed credits from README to CREDITS file, updated.
Damien Miller5a3e6831999-12-27 09:48:56 +11005341 - Added --with-default-path to specify custom path for server
5342 - Removed #ifdef trickery from acconfig.h into defines.h
Damien Miller373d2911999-12-27 10:45:54 +11005343 - PAM bugfix. PermitEmptyPassword was being ignored.
5344 - Fixed PAM config files to allow empty passwords if server does.
5345 - Explained spurious PAM auth warning workaround in UPGRADING
Damien Millere1276241999-12-27 11:33:56 +11005346 - Use last few chars of tty line as ut_id
Damien Miller6a5d4d61999-12-27 16:46:17 +11005347 - New SuSE RPM spec file from Chris Saia <csaia@wtower.com>
Damien Miller68e45de1999-12-27 23:54:55 +11005348 - OpenBSD CVS updates:
5349 - [packet.h auth-rhosts.c]
5350 check format string for packet_disconnect and packet_send_debug, too
5351 - [channels.c]
5352 use packet_get_maxsize for channels. consistence.
Damien Millerc0d73901999-12-27 09:23:58 +11005353
Damien Miller32b3cf21999-12-26 10:21:48 +1100535419991226
5355 - Enabled utmpx support by default for Solaris
5356 - Cleanup sshd.c PAM a little more
Damien Millerf1aa21f2001-01-05 09:30:32 +11005357 - Revised RPM package to include Jim Knoble's <jmknoble@jmknoble.cx>
Damien Miller36884401999-12-26 12:26:21 +11005358 X11 ssh-askpass program.
Damien Millerd49621e1999-12-26 14:04:33 +11005359 - Disable logging of PAM success and failures, PAM is verbose enough.
Damien Millere4340be2000-09-16 13:29:08 +11005360 Unfortunatly there is currently no way to disable auth failure
5361 messages. Mention this in UPGRADING file and sent message to PAM
Damien Millerd49621e1999-12-26 14:04:33 +11005362 developers
Damien Miller4f0fa561999-12-26 14:24:41 +11005363 - OpenBSD CVS update:
5364 - [ssh-keygen.1 ssh.1]
Damien Millere4340be2000-09-16 13:29:08 +11005365 remove ref to .ssh/random_seed, mention .ssh/environment in
Damien Miller4f0fa561999-12-26 14:24:41 +11005366 .Sh FILES, too
Damien Miller9673b2b1999-12-26 19:10:30 +11005367 - Released 1.2.1pre21
Damien Millere4340be2000-09-16 13:29:08 +11005368 - Fixed implicit '.' in default path, report from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11005369 <jmknoble@jmknoble.cx>
5370 - Redhat RPM spec fixes from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller32b3cf21999-12-26 10:21:48 +11005371
Damien Miller2e1b0821999-12-25 10:11:29 +1100537219991225
5373 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
5374 - Cleanup of auth-passwd.c for shadow and MD5 passwords
5375 - Cleanup and bugfix of PAM authentication code
Damien Miller32b3cf21999-12-26 10:21:48 +11005376 - Released 1.2.1pre20
5377
5378 - Merged fixes from Ben Taylor <bent@clark.net>
5379 - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
5380 - Disabled logging of PAM password authentication failures when password
5381 is empty. (e.g start of authentication loop). Reported by Naz
5382 <96na@eng.cam.ac.uk>)
Damien Miller2e1b0821999-12-25 10:11:29 +11005383
538419991223
Damien Millere4340be2000-09-16 13:29:08 +11005385 - Merged later HPUX patch from Andre Lucas
Damien Miller2e1b0821999-12-25 10:11:29 +11005386 <andre.lucas@dial.pipex.com>
5387 - Above patch included better utmpx support from Ben Taylor
Damien Miller32b3cf21999-12-26 10:21:48 +11005388 <bent@clark.net>
Damien Miller2e1b0821999-12-25 10:11:29 +11005389
Damien Miller365199d1999-12-22 00:12:38 +1100539019991222
Damien Millere4340be2000-09-16 13:29:08 +11005391 - Fix undefined fd_set type in ssh.h from Povl H. Pedersen
Damien Miller365199d1999-12-22 00:12:38 +11005392 <pope@netguide.dk>
Damien Miller1b0c2281999-12-22 16:09:48 +11005393 - Fix login.c breakage on systems which lack ut_host in struct
5394 utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
Damien Miller365199d1999-12-22 00:12:38 +11005395
Damien Miller76112de1999-12-21 11:18:08 +1100539619991221
Damien Millere4340be2000-09-16 13:29:08 +11005397 - Integration of large HPUX patch from Andre Lucas
5398 <andre.lucas@dial.pipex.com>. Integrating it had a few other
Damien Miller76112de1999-12-21 11:18:08 +11005399 benefits:
5400 - Ability to disable shadow passwords at configure time
5401 - Ability to disable lastlog support at configure time
5402 - Support for IP address in $DISPLAY
Damien Millerf039bad1999-12-21 20:57:20 +11005403 - OpenBSD CVS update:
5404 - [sshconnect.c]
5405 say "REMOTE HOST IDENTIFICATION HAS CHANGED"
Damien Millercb7e5f91999-12-21 21:03:09 +11005406 - Fix DISABLE_SHADOW support
5407 - Allow MD5 passwords even if shadow passwords are disabled
Damien Millere8852911999-12-21 22:50:50 +11005408 - Release 1.2.1pre19
Damien Miller76112de1999-12-21 11:18:08 +11005409
Damien Millerc4c647f1999-12-18 20:54:52 +1100541019991218
Damien Millere4340be2000-09-16 13:29:08 +11005411 - Redhat init script patch from Chun-Chung Chen
Damien Millerc4c647f1999-12-18 20:54:52 +11005412 <cjj@u.washington.edu>
Damien Millerfdb7caf1999-12-18 20:57:40 +11005413 - Avoid breakage on systems without IPv6 headers
Damien Millerc4c647f1999-12-18 20:54:52 +11005414
Damien Millerab8a4da1999-12-16 13:05:30 +1100541519991216
Damien Millere4340be2000-09-16 13:29:08 +11005416 - Makefile changes for Solaris from Peter Kocks
Damien Millerab8a4da1999-12-16 13:05:30 +11005417 <peter.kocks@baygate.com>
Damien Miller5e7c10e1999-12-16 13:18:04 +11005418 - Minor updates to docs
5419 - Merged OpenBSD CVS changes:
5420 - [authfd.c ssh-agent.c]
5421 keysize warnings talk about identity files
5422 - [packet.c]
5423 "Connection closed by x.x.x.x": fatal() -> log()
Damien Millere4340be2000-09-16 13:29:08 +11005424 - Correctly handle empty passwords in shadow file. Patch from:
Damien Miller8f9d5071999-12-16 15:10:45 +11005425 "Chris, the Young One" <cky@pobox.com>
5426 - Released 1.2.1pre18
Damien Millerab8a4da1999-12-16 13:05:30 +11005427
Damien Miller84093e91999-12-15 09:06:28 +1100542819991215
5429 - Integrated patchs from Juergen Keil <jk@tools.de>
5430 - Avoid void* pointer arithmatic
5431 - Use LDFLAGS correctly
Damien Miller864ea591999-12-15 11:04:25 +11005432 - Fix SIGIO error in scp
5433 - Simplify status line printing in scp
Damien Miller33804262001-02-04 23:20:18 +11005434 - Added better test for inline functions compiler support from
Damien Miller3b9d5e91999-12-15 09:34:31 +11005435 Darren_Hall@progressive.com
Damien Miller84093e91999-12-15 09:06:28 +11005436
Damien Millera34a28b1999-12-14 10:47:15 +1100543719991214
5438 - OpenBSD CVS Changes
5439 - [canohost.c]
Damien Millere4340be2000-09-16 13:29:08 +11005440 fix get_remote_port() and friends for sshd -i;
Damien Millera34a28b1999-12-14 10:47:15 +11005441 Holger.Trapp@Informatik.TU-Chemnitz.DE
5442 - [mpaux.c]
5443 make code simpler. no need for memcpy. niels@ ok
5444 - [pty.c]
5445 namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org
5446 fix proto; markus
5447 - [ssh.1]
5448 typo; mark.baushke@solipsa.com
5449 - [channels.c ssh.c ssh.h sshd.c]
5450 type conflict for 'extern Type *options' in channels.c; dot@dotat.at
5451 - [sshconnect.c]
5452 move checking of hostkey into own function.
5453 - [version.h]
5454 OpenSSH-1.2.1
Damien Miller36b339a1999-12-14 10:54:47 +11005455 - Clean up broken includes in pty.c
Damien Miller6ae00d61999-12-14 15:43:03 +11005456 - Some older systems don't have poll.h, they use sys/poll.h instead
5457 - Doc updates
Damien Millera34a28b1999-12-14 10:47:15 +11005458
Damien Millerc6b3bbe1999-12-13 08:27:33 +1100545919991211
Damien Millere4340be2000-09-16 13:29:08 +11005460 - Fix compilation on systems with AFS. Reported by
Damien Millerc6b3bbe1999-12-13 08:27:33 +11005461 aloomis@glue.umd.edu
Damien Millere4340be2000-09-16 13:29:08 +11005462 - Fix installation on Solaris. Reported by
Damien Millerc6b3bbe1999-12-13 08:27:33 +11005463 Gordon Rowell <gordonr@gormand.com.au>
5464 - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
5465 patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
5466 - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
5467 - Compile fix from David Agraz <dagraz@jahoopa.com>
5468 - Avoid compiler warning in bsd-snprintf.c
Damien Millere4340be2000-09-16 13:29:08 +11005469 - Added pam_limits.so to default PAM config. Suggested by
Damien Millerf1aa21f2001-01-05 09:30:32 +11005470 Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc6b3bbe1999-12-13 08:27:33 +11005471
Damien Millerbf1c9b21999-12-09 10:16:54 +1100547219991209
5473 - Import of patch from Ben Taylor <bent@clark.net>:
5474 - Improved PAM support
5475 - "uninstall" rule for Makefile
5476 - utmpx support
5477 - Should fix PAM problems on Solaris
Damien Miller50945fa1999-12-09 10:31:37 +11005478 - OpenBSD CVS updates:
5479 - [readpass.c]
5480 avoid stdio; based on work by markus, millert, and I
5481 - [sshd.c]
5482 make sure the client selects a supported cipher
5483 - [sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11005484 fix sighup handling. accept would just restart and daemon handled
5485 sighup only after the next connection was accepted. use poll on
Damien Miller50945fa1999-12-09 10:31:37 +11005486 listen sock now.
5487 - [sshd.c]
5488 make that a fatal
Damien Millerd7f66151999-12-09 10:48:58 +11005489 - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us>
5490 to fix libwrap support on NetBSD
Damien Miller6646bad1999-12-09 10:42:10 +11005491 - Released 1.2pre17
Damien Millerbf1c9b21999-12-09 10:16:54 +11005492
Damien Millerfce16481999-12-08 08:53:52 +1100549319991208
Damien Millere4340be2000-09-16 13:29:08 +11005494 - Compile fix for Solaris with /dev/ptmx from
Damien Millerfce16481999-12-08 08:53:52 +11005495 David Agraz <dagraz@jahoopa.com>
5496
Damien Miller0c078c61999-12-07 14:53:57 +1100549719991207
Damien Millerf1aa21f2001-01-05 09:30:32 +11005498 - sshd Redhat init script patch from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller0c078c61999-12-07 14:53:57 +11005499 fixes compatability with 4.x and 5.x
Damien Miller3bc14dd1999-12-07 14:54:53 +11005500 - Fixed default SSH_ASKPASS
Damien Millere4340be2000-09-16 13:29:08 +11005501 - Fix PAM account and session being called multiple times. Problem
Damien Millereabf3411999-12-07 14:56:27 +11005502 reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk>
Damien Miller037a0dc1999-12-07 15:38:31 +11005503 - Merged more OpenBSD changes:
5504 - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11005505 move atomicio into it's own file. wrap all socket write()s which
Damien Miller037a0dc1999-12-07 15:38:31 +11005506 were doing write(sock, buf, len) != len, with atomicio() calls.
5507 - [auth-skey.c]
5508 fd leak
5509 - [authfile.c]
5510 properly name fd variable
5511 - [channels.c]
5512 display great hatred towards strcpy
5513 - [pty.c pty.h sshd.c]
5514 use openpty() if it exists (it does on BSD4_4)
5515 - [tildexpand.c]
5516 check for ~ expansion past MAXPATHLEN
5517 - Modified helper.c to use new atomicio function.
5518 - Reformat Makefile a little
5519 - Moved RC4 routines from rc4.[ch] into helper.c
5520 - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
Damien Milleraf2604a1999-12-07 16:21:40 +11005521 - Updated SuSE spec from Chris Saia <csaia@wtower.com>
5522 - Tweaked Redhat spec
Damien Millerf5d69a51999-12-07 16:55:04 +11005523 - Clean up bad imports of a few files (forgot -kb)
5524 - Released 1.2pre16
Damien Miller0c078c61999-12-07 14:53:57 +11005525
Damien Millerdc33fc31999-12-04 20:24:48 +1100552619991204
5527 - Small cleanup of PAM code in sshd.c
Damien Milleraae6c611999-12-06 11:47:28 +11005528 - Merged OpenBSD CVS changes:
5529 - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h]
5530 move skey-auth from auth-passwd.c to auth-skey.c, same for krb4
5531 - [auth-rsa.c]
5532 warn only about mismatch if key is _used_
5533 warn about keysize-mismatch with log() not error()
5534 channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c
5535 ports are u_short
5536 - [hostfile.c]
5537 indent, shorter warning
5538 - [nchan.c]
5539 use error() for internal errors
5540 - [packet.c]
5541 set loglevel for SSH_MSG_DISCONNECT to log(), not fatal()
5542 serverloop.c
5543 indent
5544 - [ssh-add.1 ssh-add.c ssh.h]
5545 document $SSH_ASKPASS, reasonable default
5546 - [ssh.1]
5547 CheckHostIP is not available for connects via proxy command
5548 - [sshconnect.c]
5549 typo
5550 easier to read client code for passwd and skey auth
5551 turn of checkhostip for proxy connects, since we don't know the remote ip
Damien Millerdc33fc31999-12-04 20:24:48 +11005552
Damien Miller42b81ff1999-11-26 12:21:24 +1100555319991126
5554 - Add definition for __P()
5555 - Added [v]snprintf() replacement for systems that lack it
5556
Damien Miller78224a01999-11-25 11:55:45 +1100555719991125
5558 - More reformatting merged from OpenBSD CVS
5559 - Merged OpenBSD CVS changes:
5560 - [channels.c]
5561 fix packet_integrity_check() for !have_hostname_in_open.
5562 report from mrwizard@psu.edu via djm@ibs.com.au
5563 - [channels.c]
5564 set SO_REUSEADDR and SO_LINGER for forwarded ports.
5565 chip@valinux.com via damien@ibs.com.au
5566 - [nchan.c]
5567 it's not an error() if shutdown_write failes in nchan.
5568 - [readconf.c]
5569 remove dead #ifdef-0-code
5570 - [readconf.c servconf.c]
5571 strcasecmp instead of tolower
5572 - [scp.c]
5573 progress meter overflow fix from damien@ibs.com.au
5574 - [ssh-add.1 ssh-add.c]
5575 SSH_ASKPASS support
5576 - [ssh.1 ssh.c]
5577 postpone fork_after_authentication until command execution,
5578 request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
5579 plus: use daemon() for backgrounding
Damien Millerd8087f61999-11-25 12:31:26 +11005580 - Added BSD compatible install program and autoconf test, thanks to
5581 Niels Kristian Bech Jensen <nkbj@image.dk>
5582 - Solaris fixing, thanks to Ben Taylor <bent@clark.net>
Damien Miller063fdf81999-11-25 13:08:31 +11005583 - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com>
Damien Millerbf3f6ef1999-11-25 13:50:10 +11005584 - Release 1.2pre15
Damien Miller78224a01999-11-25 11:55:45 +11005585
Damien Miller95def091999-11-25 00:26:21 +1100558619991124
5587 - Merged very large OpenBSD source code reformat
5588 - OpenBSD CVS updates
5589 - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
5590 [ssh.h sshd.8 sshd.c]
5591 syslog changes:
5592 * Unified Logmessage for all auth-types, for success and for failed
5593 * Standard connections get only ONE line in the LOG when level==LOG:
5594 Auth-attempts are logged only, if authentication is:
5595 a) successfull or
5596 b) with passwd or
5597 c) we had more than AUTH_FAIL_LOG failues
5598 * many log() became verbose()
5599 * old behaviour with level=VERBOSE
5600 - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
5601 tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
5602 messages. allows use of s/key in windows (ttssh, securecrt) and
5603 ssh-1.2.27 clients without 'ssh -v', ok: niels@
5604 - [sshd.8]
5605 -V, for fallback to openssh in SSH2 compatibility mode
5606 - [sshd.c]
5607 fix sigchld race; cjc5@po.cwru.edu
5608
Damien Miller294df781999-11-23 10:11:29 +1100560919991123
5610 - Added SuSE package files from Chris Saia <csaia@wtower.com>
Damien Miller3744b511999-11-23 11:24:32 +11005611 - Restructured package-related files under packages/*
Damien Miller294df781999-11-23 10:11:29 +11005612 - Added generic PAM config
Damien Miller3744b511999-11-23 11:24:32 +11005613 - Numerous little Solaris fixes
Damien Miller4d2f15f1999-11-23 12:36:29 +11005614 - Add recommendation to use GNU make to INSTALL document
Damien Miller294df781999-11-23 10:11:29 +11005615
Damien Miller22218721999-11-22 12:51:42 +1100561619991122
5617 - Make <enter> close gnome-ssh-askpass (Debian bug #50299)
Damien Miller83df0691999-11-22 13:22:29 +11005618 - OpenBSD CVS Changes
Damien Millere4340be2000-09-16 13:29:08 +11005619 - [ssh-keygen.c]
5620 don't create ~/.ssh only if the user wants to store the private
5621 key there. show fingerprint instead of public-key after
Damien Miller83df0691999-11-22 13:22:29 +11005622 keygeneration. ok niels@
Damien Millerb3ca3aa1999-11-22 13:57:07 +11005623 - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h
Damien Miller859cec01999-11-22 14:27:24 +11005624 - Added timersub() macro
Damien Millerb3ca3aa1999-11-22 13:57:07 +11005625 - Tidy RCSIDs of bsd-*.c
Damien Millere4340be2000-09-16 13:29:08 +11005626 - Added autoconf test and macro to deal with old PAM libraries
Damien Miller859cec01999-11-22 14:27:24 +11005627 pam_strerror definition (one arg vs two).
Damien Millerd71b12e1999-11-22 15:24:34 +11005628 - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>)
Damien Millere4340be2000-09-16 13:29:08 +11005629 - Retry /dev/urandom reads interrupted by signal (report from
Damien Millerd71b12e1999-11-22 15:24:34 +11005630 Robert Hardy <rhardy@webcon.net>)
Damien Millerd7702521999-11-22 16:11:05 +11005631 - Added a setenv replacement for systems which lack it
Damien Millerd733c911999-11-22 18:11:23 +11005632 - Only display public key comment when presenting ssh-askpass dialog
5633 - Released 1.2pre14
Damien Miller22218721999-11-22 12:51:42 +11005634
Damien Millere4340be2000-09-16 13:29:08 +11005635 - Configure, Make and changelog corrections from Tudor Bosman
Damien Millerf7c0f821999-11-22 22:31:49 +11005636 <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk>
5637
Damien Miller6162d121999-11-21 13:23:52 +1100563819991121
Damien Miller83df0691999-11-22 13:22:29 +11005639 - OpenBSD CVS Changes:
Damien Miller22218721999-11-22 12:51:42 +11005640 - [channels.c]
5641 make this compile, bad markus
5642 - [log.c readconf.c servconf.c ssh.h]
5643 bugfix: loglevels are per host in clientconfig,
5644 factor out common log-level parsing code.
5645 - [servconf.c]
5646 remove unused index (-Wall)
5647 - [ssh-agent.c]
5648 only one 'extern char *__progname'
5649 - [sshd.8]
5650 document SIGHUP, -Q to synopsis
5651 - [sshconnect.c serverloop.c sshd.c packet.c packet.h]
5652 [channels.c clientloop.c]
5653 SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
5654 [hope this time my ISP stays alive during commit]
5655 - [OVERVIEW README] typos; green@freebsd
5656 - [ssh-keygen.c]
5657 replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me)
5658 exit if writing the key fails (no infinit loop)
5659 print usage() everytime we get bad options
5660 - [ssh-keygen.c] overflow, djm@mindrot.org
5661 - [sshd.c] fix sigchld race; cjc5@po.cwru.edu
Damien Miller33804262001-02-04 23:20:18 +11005662
Damien Millerc6398ef1999-11-20 12:18:40 +1100566319991120
Damien Millere4340be2000-09-16 13:29:08 +11005664 - Merged more Solaris support from Marc G. Fournier
Damien Millerc6398ef1999-11-20 12:18:40 +11005665 <marc.fournier@acadiau.ca>
5666 - Wrote autoconf tests for integer bit-types
5667 - Fixed enabling kerberos support
Damien Millere4340be2000-09-16 13:29:08 +11005668 - Fix segfault in ssh-keygen caused by buffer overrun in filename
Damien Millerf58db381999-11-20 17:02:56 +11005669 handling.
Damien Millerc6398ef1999-11-20 12:18:40 +11005670
Damien Miller5bbbd361999-11-19 07:56:21 +1100567119991119
5672 - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com>
Damien Miller23b78391999-11-19 08:25:48 +11005673 - Merged OpenBSD CVS changes
5674 - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c]
5675 more %d vs. %s in fmt-strings
5676 - [authfd.c]
5677 Integers should not be printed with %s
Damien Miller58fc4731999-11-19 12:05:01 +11005678 - EGD uses a socket, not a named pipe. Duh.
5679 - Fix includes in fingerprint.c
Damien Millerdc9365b1999-11-19 12:34:14 +11005680 - Fix scp progress bar bug again.
Damien Millere4340be2000-09-16 13:29:08 +11005681 - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of
Damien Miller18ac1711999-11-19 12:43:19 +11005682 David Rankin <drankin@bohemians.lexington.ky.us>
Damien Miller80297751999-11-19 13:03:25 +11005683 - Added autoconf option to enable Kerberos 4 support (untested)
5684 - Added autoconf option to enable AFS support (untested)
5685 - Added autoconf option to enable S/Key support (untested)
5686 - Added autoconf option to enable TCP wrappers support (compiles OK)
Damien Miller04f80141999-11-19 15:32:34 +11005687 - Renamed BSD helper function files to bsd-*
Damien Millere4340be2000-09-16 13:29:08 +11005688 - Added tests for login and daemon and enable OpenBSD replacements for
Damien Millerdd1c7ba1999-11-19 15:53:20 +11005689 when they are absent.
5690 - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu>
Damien Miller5bbbd361999-11-19 07:56:21 +11005691
Damien Miller81428f91999-11-18 09:28:11 +1100569219991118
5693 - Merged OpenBSD CVS changes
5694 - [scp.c] foregroundproc() in scp
5695 - [sshconnect.h] include fingerprint.h
Damien Millere4340be2000-09-16 13:29:08 +11005696 - [sshd.c] bugfix: the log() for passwd-auth escaped during logging
Damien Miller81428f91999-11-18 09:28:11 +11005697 changes.
Damien Miller6ee95641999-11-18 11:35:13 +11005698 - [ssh.1] Spell my name right.
Damien Miller81428f91999-11-18 09:28:11 +11005699 - Added openssh.com info to README
5700
Damien Miller10f6f6b1999-11-17 17:29:08 +1100570119991117
5702 - Merged OpenBSD CVS changes
5703 - [ChangeLog.Ylonen] noone needs this anymore
5704 - [authfd.c] close-on-exec for auth-socket, ok deraadt
Damien Millere4340be2000-09-16 13:29:08 +11005705 - [hostfile.c]
5706 in known_hosts key lookup the entry for the bits does not need
5707 to match, all the information is contained in n and e. This
5708 solves the problem with buggy servers announcing the wrong
Damien Miller10f6f6b1999-11-17 17:29:08 +11005709 modulus length. markus and me.
Damien Millere4340be2000-09-16 13:29:08 +11005710 - [serverloop.c]
5711 bugfix: check for space if child has terminated, from:
Damien Miller10f6f6b1999-11-17 17:29:08 +11005712 iedowse@maths.tcd.ie
5713 - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
5714 [fingerprint.c fingerprint.h]
5715 rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
5716 - [ssh-agent.1] typo
5717 - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
Damien Millere4340be2000-09-16 13:29:08 +11005718 - [sshd.c]
Damien Miller10f6f6b1999-11-17 17:29:08 +11005719 force logging to stderr while loading private key file
5720 (lost while converting to new log-levels)
5721
Damien Miller7e8e8201999-11-16 13:37:16 +1100572219991116
5723 - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com>
5724 - Merged OpenBSD CVS changes:
5725 - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
5726 [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
5727 the keysize of rsa-parameter 'n' is passed implizit,
5728 a few more checks and warnings about 'pretended' keysizes.
5729 - [cipher.c cipher.h packet.c packet.h sshd.c]
5730 remove support for cipher RC4
5731 - [ssh.c]
5732 a note for legay systems about secuity issues with permanently_set_uid(),
5733 the private hostkey and ptrace()
5734 - [sshconnect.c]
5735 more detailed messages about adding and checking hostkeys
5736
Damien Millerd05a2471999-11-15 14:25:30 +1100573719991115
5738 - Merged OpenBSD CVS changes:
Damien Millere4340be2000-09-16 13:29:08 +11005739 - [ssh-add.c] change passphrase loop logic and remove ref to
Damien Millerd05a2471999-11-15 14:25:30 +11005740 $DISPLAY, ok niels
5741 - Changed to ssh-add.c broke askpass support. Revised it to be a little more
Damien Millere4340be2000-09-16 13:29:08 +11005742 modular.
Damien Millerd05a2471999-11-15 14:25:30 +11005743 - Revised autoconf support for enabling/disabling askpass support.
Damien Miller2ccf6611999-11-15 15:25:10 +11005744 - Merged more OpenBSD CVS changes:
Damien Millerbe484b52000-07-15 14:14:16 +10005745 [auth-krb4.c]
5746 - disconnect if getpeername() fails
5747 - missing xfree(*client)
5748 [canohost.c]
5749 - disconnect if getpeername() fails
5750 - fix comment: we _do_ disconnect if ip-options are set
5751 [sshd.c]
5752 - disconnect if getpeername() fails
5753 - move checking of remote port to central place
5754 [auth-rhosts.c] move checking of remote port to central place
5755 [log-server.c] avoid extra fd per sshd, from millert@
5756 [readconf.c] print _all_ bad config-options in ssh(1), too
5757 [readconf.h] print _all_ bad config-options in ssh(1), too
5758 [ssh.c] print _all_ bad config-options in ssh(1), too
5759 [sshconnect.c] disconnect if getpeername() fails
Damien Miller2ccf6611999-11-15 15:25:10 +11005760 - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
Damien Miller3bd49ec1999-11-15 15:40:55 +11005761 - Various small cleanups to bring diff (against OpenBSD) size down.
Damien Miller3f905871999-11-15 17:10:57 +11005762 - Merged more Solaris compability from Marc G. Fournier
5763 <marc.fournier@acadiau.ca>
5764 - Wrote autoconf tests for __progname symbol
Damien Millerf1aa21f2001-01-05 09:30:32 +11005765 - RPM spec file fixes from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller2e8b1c81999-11-15 23:33:56 +11005766 - Released 1.2pre12
5767
5768 - Another OpenBSD CVS update:
5769 - [ssh-keygen.1] fix .Xr
Damien Millerd05a2471999-11-15 14:25:30 +11005770
Damien Miller0a6e6681999-11-15 09:56:06 +1100577119991114
5772 - Solaris compilation fixes (still imcomplete)
5773
Damien Millerb0284381999-11-13 13:30:28 +1100577419991113
Damien Miller192bd011999-11-13 23:56:35 +11005775 - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk>
5776 - Don't install config files if they already exist
5777 - Fix inclusion of additional preprocessor directives from acconfig.h
Damien Millerb0284381999-11-13 13:30:28 +11005778 - Removed redundant inclusions of config.h
Damien Millerc6d5ce81999-11-15 16:01:07 +11005779 - Added 'Obsoletes' lines to RPM spec file
Damien Millerb0284381999-11-13 13:30:28 +11005780 - Merged OpenBSD CVS changes:
5781 - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
Damien Millere4340be2000-09-16 13:29:08 +11005782 - [scp.c] fix overflow reported by damien@ibs.com.au: off_t
Damien Millerb0284381999-11-13 13:30:28 +11005783 totalsize, ok niels,aaron
Damien Millere4340be2000-09-16 13:29:08 +11005784 - Delay fork (-f option) in ssh until after port forwarded connections
Damien Millerb0284381999-11-13 13:30:28 +11005785 have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi>
Damien Miller2cb210f1999-11-13 15:40:10 +11005786 - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de>
5787 - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled
Damien Miller192bd011999-11-13 23:56:35 +11005788 - Tidied default config file some more
5789 - Revised Redhat initscript to fix bug: sshd (re)start would fail
5790 if executed from inside a ssh login.
Damien Millerb0284381999-11-13 13:30:28 +11005791
Damien Miller776af5d1999-11-12 08:49:09 +1100579219991112
5793 - Merged changes from OpenBSD CVS
5794 - [sshd.c] session_key_int may be zero
Damien Miller32265091999-11-12 11:33:04 +11005795 - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
Damien Millere4340be2000-09-16 13:29:08 +11005796 IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
Damien Miller32265091999-11-12 11:33:04 +11005797 deraadt,millert
5798 - Brought default sshd_config more in line with OpenBSD's
Damien Millerb9a692d1999-11-12 12:09:36 +11005799 - Grab server in gnome-ssh-askpass (Debian bug #49872)
5800 - Released 1.2pre10
Damien Miller776af5d1999-11-12 08:49:09 +11005801
Damien Millerb5f89271999-11-12 14:35:58 +11005802 - Added INSTALL documentation
Damien Miller6d7b2cd1999-11-12 15:19:27 +11005803 - Merged yet more changes from OpenBSD CVS
5804 - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c]
5805 [ssh.c ssh.h sshconnect.c sshd.c]
5806 make all access to options via 'extern Options options'
5807 and 'extern ServerOptions options' respectively;
5808 options are no longer passed as arguments:
5809 * make options handling more consistent
5810 * remove #include "readconf.h" from ssh.h
5811 * readconf.h is only included if necessary
5812 - [mpaux.c] clear temp buffer
5813 - [servconf.c] print _all_ bad options found in configfile
Damien Miller3d1b22c1999-11-12 15:46:08 +11005814 - Make ssh-askpass support optional through autoconf
Damien Miller9c8da3c1999-11-12 16:28:02 +11005815 - Fix nasty division-by-zero error in scp.c
5816 - Released 1.2pre11
Damien Millerb5f89271999-11-12 14:35:58 +11005817
Damien Millerab18c411999-11-11 10:40:23 +1100581819991111
5819 - Added (untested) Entropy Gathering Daemon (EGD) support
Damien Miller4236f6e1999-11-12 12:22:31 +11005820 - Fixed /dev/urandom fd leak (Debian bug #49722)
Damien Miller33e511e1999-11-11 11:43:13 +11005821 - Merged OpenBSD CVS changes:
5822 - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
5823 - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
5824 - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
Damien Millere4340be2000-09-16 13:29:08 +11005825 - Fix integer overflow which was messing up scp's progress bar for large
Damien Millerc4c647f1999-12-18 20:54:52 +11005826 file transfers. Fix submitted to OpenBSD developers. Report and fix
5827 from Kees Cook <cook@cpoint.net>
Damien Miller5ce662a1999-11-11 17:57:39 +11005828 - Merged more OpenBSD CVS changes:
Damien Millere4340be2000-09-16 13:29:08 +11005829 - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
Damien Miller5ce662a1999-11-11 17:57:39 +11005830 + krb-cleanup cleanup
5831 - [clientloop.c log-client.c log-server.c ]
5832 [readconf.c readconf.h servconf.c servconf.h ]
5833 [ssh.1 ssh.c ssh.h sshd.8]
5834 add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
5835 obsoletes QuietMode and FascistLogging in sshd.
Damien Miller776af5d1999-11-12 08:49:09 +11005836 - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au:
5837 allow session_key_int != sizeof(session_key)
5838 [this should fix the pre-assert-removal-core-files]
5839 - Updated default config file to use new LogLevel option and to improve
5840 readability
5841
Damien Millerb77870f1999-11-10 12:48:08 +1100584219991110
Damien Miller4236f6e1999-11-12 12:22:31 +11005843 - Merged several minor fixes:
Damien Millerb77870f1999-11-10 12:48:08 +11005844 - ssh-agent commandline parsing
5845 - RPM spec file now installs ssh setuid root
5846 - Makefile creates libdir
Damien Millerab18c411999-11-11 10:40:23 +11005847 - Merged beginnings of Solaris compability from Marc G. Fournier
5848 <marc.fournier@acadiau.ca>
Damien Millerb77870f1999-11-10 12:48:08 +11005849
Damien Millerc7b38ce1999-11-09 10:28:04 +1100585019991109
5851 - Autodetection of SSL/Crypto library location via autoconf
5852 - Fixed location of ssh-askpass to follow autoconf
5853 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
5854 - Autodetection of RSAref library for US users
5855 - Minor doc updates
Damien Millerda217a01999-11-09 10:35:52 +11005856 - Merged OpenBSD CVS changes:
5857 - [rsa.c] bugfix: use correct size for memset()
5858 - [sshconnect.c] warn if announced size of modulus 'n' != real size
Damien Miller742d2cb1999-11-09 14:28:26 +11005859 - Added GNOME passphrase requestor (use --with-gnome-askpass)
Damien Miller3f51bf51999-11-09 14:46:02 +11005860 - RPM build now creates subpackages
Damien Miller74389c91999-11-09 15:03:01 +11005861 - Released 1.2pre9
Damien Millerc7b38ce1999-11-09 10:28:04 +11005862
Damien Miller356a0b01999-11-08 15:30:59 +1100586319991108
5864 - Removed debian/ directory. This is now being maintained separately.
5865 - Added symlinks for slogin in RPM spec file
5866 - Fixed permissions on manpages in RPM spec file
5867 - Added references to required libraries in README file
5868 - Removed config.h.in from CVS
5869 - Removed pwdb support (better pluggable auth is provided by glibc)
5870 - Made PAM and requisite libdl optional
5871 - Removed lots of unnecessary checks from autoconf
5872 - Added support and autoconf test for openpty() function (Unix98 pty support)
5873 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
5874 - Added TODO file
5875 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
5876 - Added ssh-askpass program
5877 - Added ssh-askpass support to ssh-add.c
5878 - Create symlinks for slogin on install
5879 - Fix "distclean" target in makefile
5880 - Added example for ssh-agent to manpage
5881 - Added support for PAM_TEXT_INFO messages
5882 - Disable internal /etc/nologin support if PAM enabled
5883 - Merged latest OpenBSD CVS changes:
Damien Millerfd7c9111999-11-08 16:15:55 +11005884 - [all] replace assert() with error, fatal or packet_disconnect
Damien Miller356a0b01999-11-08 15:30:59 +11005885 - [sshd.c] don't send fail-msg but disconnect if too many authentication
5886 failures
Damien Miller356a0b01999-11-08 15:30:59 +11005887 - [sshd.c] remove unused argument. ok dugsong
5888 - [sshd.c] typo
5889 - [rsa.c] clear buffers used for encryption. ok: niels
5890 - [rsa.c] replace assert() with error, fatal or packet_disconnect
Damien Miller5ac5f1c1999-11-08 15:50:14 +11005891 - [auth-krb4.c] remove unused argument. ok dugsong
Damien Miller356a0b01999-11-08 15:30:59 +11005892 - Fixed coredump after merge of OpenBSD rsa.c patch
Damien Millere8d90681999-11-08 18:09:57 +11005893 - Released 1.2pre8
Damien Miller356a0b01999-11-08 15:30:59 +11005894
Damien Miller0aa8e531999-11-02 19:05:02 +1100589519991102
5896 - Merged change from OpenBSD CVS
5897 - One-line cleanup in sshd.c
5898
Damien Miller744da801999-10-30 09:12:25 +1000589919991030
5900 - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com>
Damien Miller1e4772c1999-10-30 11:39:56 +10005901 - Merged latest updates for OpenBSD CVS:
5902 - channels.[ch] - remove broken x11 fix and document istate/ostate
5903 - ssh-agent.c - call setsid() regardless of argv[]
5904 - ssh.c - save a few lines when disabling rhosts-{rsa-}auth
5905 - Documentation cleanups
5906 - Renamed README -> README.Ylonen
5907 - Renamed README.openssh ->README
Damien Miller744da801999-10-30 09:12:25 +10005908
Damien Miller070f7a11999-10-29 10:29:29 +1000590919991029
5910 - Renamed openssh* back to ssh* at request of Theo de Raadt
5911 - Incorporated latest changes from OpenBSD's CVS
5912 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
5913 - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
Damien Miller07a826d1999-10-29 11:49:20 +10005914 - Make distclean now removed configure script
5915 - Improved PAM logging
5916 - Added some debug() calls for PAM
Damien Miller65b3c131999-10-29 12:37:01 +10005917 - Removed redundant subdirectories
Damien Millere4340be2000-09-16 13:29:08 +11005918 - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
Damien Miller65b3c131999-10-29 12:37:01 +10005919 building on Debian.
Damien Millerd0562b31999-10-29 13:09:40 +10005920 - Fixed off-by-one error in PAM env patch
5921 - Released 1.2pre6
Damien Miller070f7a11999-10-29 10:29:29 +10005922
Damien Miller7f6ea021999-10-28 13:25:17 +1000592319991028
5924 - Further PAM enhancements.
5925 - Much cleaner
5926 - Now uses account and session modules for all logins.
5927 - Integrated patch from Dan Brosemer <odin@linuxfreak.com>
5928 - Build fixes
5929 - Autoconf
5930 - Change binary names to open*
5931 - Fixed autoconf script to detect PAM on RH6.1
5932 - Added tests for libpwdb, and OpenBSD functions to autoconf
Damien Millereff18d61999-10-28 14:14:38 +10005933 - Released 1.2pre4
Damien Miller29b5a591999-10-28 15:46:27 +10005934
5935 - Imported latest OpenBSD CVS code
5936 - Updated README.openssh
Damien Miller34d0b611999-10-28 17:51:40 +10005937 - Released 1.2pre5
Damien Miller29b5a591999-10-28 15:46:27 +10005938
Damien Miller7f6ea021999-10-28 13:25:17 +1000593919991027
5940 - Adapted PAM patch.
5941 - Released 1.0pre2
Damien Millerd4a8b7e1999-10-27 13:42:43 +10005942
Damien Miller7f6ea021999-10-28 13:25:17 +10005943 - Excised my buggy replacements for strlcpy and mkdtemp
5944 - Imported correct OpenBSD strlcpy and mkdtemp routines.
5945 - Reduced arc4random_stir entropy read to 32 bytes (256 bits)
5946 - Picked up correct version number from OpenBSD
5947 - Added sshd.pam PAM configuration file
5948 - Added sshd.init Redhat init script
5949 - Added openssh.spec RPM spec file
5950 - Released 1.2pre3
Damien Millerd4a8b7e1999-10-27 13:42:43 +10005951
Damien Miller7f6ea021999-10-28 13:25:17 +1000595219991026
5953 - Fixed include paths of OpenSSL functions
5954 - Use OpenSSL MD5 routines
5955 - Imported RC4 code from nanocrypt
5956 - Wrote replacements for OpenBSD arc4random* functions
5957 - Wrote replacements for strlcpy and mkdtemp
5958 - Released 1.0pre1
Damien Millere9cf3572001-02-09 12:55:35 +11005959
Ben Lindstrom809744e2001-07-04 05:26:06 +00005960$Id: ChangeLog,v 1.1376 2001/07/04 05:26:06 mouring Exp $