blob: cf42f3650d4dd37277cfb9bf91a4fbe60c3d207c [file] [log] [blame]
Ben Lindstromcdb66e02002-04-02 20:17:43 +0000120020402
2 - (bal) Hand Sync of scp.c (reverted to upstream code)
3 - deraadt@cvs.openbsd.org 2002/03/30 17:45:46
4 [scp.c]
5 stretch banners
Ben Lindstrom1e259bb2002-04-02 20:53:39 +00006 - (bal) CVS ID sync of uidswap.c
Ben Lindstrom155b9812002-04-02 20:26:26 +00007 - (bal) OpenBSD CVS Sync (now for the real sync)
8 - markus@cvs.openbsd.org 2002/03/27 22:21:45
9 [ssh-keygen.c]
10 try to import keys with extra trailing === (seen with ssh.com < 2.0.12)
Ben Lindstrom2bf56e22002-04-02 20:32:46 +000011 - markus@cvs.openbsd.org 2002/03/28 15:34:51
12 [session.c]
13 do not call record_login twice (for use_privsep)
Ben Lindstromc447fee2002-04-02 20:35:35 +000014 - markus@cvs.openbsd.org 2002/03/29 18:59:32
15 [session.c session.h]
16 retrieve last login time before the pty is allocated, store per session
Ben Lindstrom0d0be022002-04-02 20:39:29 +000017 - stevesk@cvs.openbsd.org 2002/03/29 19:16:22
18 [sshd.8]
19 RSA key modulus size minimum 768; ok markus@
Ben Lindstrom03f39322002-04-02 20:43:11 +000020 - stevesk@cvs.openbsd.org 2002/03/29 19:18:33
21 [auth-rsa.c ssh-rsa.c ssh.h]
22 make RSA modulus minimum #define; ok markus@
Ben Lindstrom47fd8112002-04-02 20:48:19 +000023 - markus@cvs.openbsd.org 2002/03/30 18:51:15
24 [monitor.c serverloop.c sftp-int.c sftp.c sshd.c]
25 check waitpid for EINTR; based on patch from peter@ifm.liu.se
Ben Lindstromcdb66e02002-04-02 20:17:43 +000026
Kevin Stevesbd1901b2002-04-01 18:04:35 +00002720020401
28 - (stevesk) [monitor.c] PAM should work again; will *not* work with
29 UsePrivilegeSeparation=yes.
Kevin Steves38c4a282002-04-02 03:24:56 +000030 - (stevesk) [auth1.c] fix password auth for protocol 1 when
31 !USE_PAM && !HAVE_OSF_SIA; merge issue.
Kevin Stevesbd1901b2002-04-01 18:04:35 +000032
Tim Rice49e457c2002-03-31 11:23:06 -08003320020331
34 - (tim) [configure.ac] use /bin/test -L to work around broken builtin on
35 Solaris 8
Tim Ricec8549622002-03-31 12:49:38 -080036 - (tim) [sshconnect2.c] change uint32_t to u_int32_t
Tim Rice49e457c2002-03-31 11:23:06 -080037
Kevin Steves117b06d2002-03-30 17:55:21 +00003820020330
39 - (stevesk) [configure.ac] remove header check for sys/ttcompat.h
40 bug 167
41
Ben Lindstrom53f18302002-03-27 16:50:03 +00004220020327
43 - (bal) 'pw' should be 'authctxt->pw' in auth1.c spotted by
44 kent@lysator.liu.se
Ben Lindstromf1813842002-03-27 17:18:31 +000045 - (bal) OpenBSD CVS Sync
46 - markus@cvs.openbsd.org 2002/03/26 11:34:49
47 [ssh.1 sshd.8]
48 update to recent drafts
Ben Lindstromeb041dc2002-03-27 17:20:38 +000049 - markus@cvs.openbsd.org 2002/03/26 11:37:05
50 [ssh.c]
51 update Copyright
Ben Lindstromcd8bbce2002-03-27 17:23:44 +000052 - markus@cvs.openbsd.org 2002/03/26 15:23:40
53 [bufaux.c]
54 do not talk about packets in bufaux
Ben Lindstrom43a5e2f2002-03-27 17:33:17 +000055 - rees@cvs.openbsd.org 2002/03/26 18:46:59
56 [scard.c]
57 try_AUT0 in read_pubkey too, for those paranoid few who want to acl 'sh'
Ben Lindstrom57686a82002-03-27 17:36:41 +000058 - markus@cvs.openbsd.org 2002/03/26 22:50:39
59 [channels.h]
60 CHANNEL_EFD_OUTPUT_ACTIVE is false for CHAN_CLOSE_RCVD, too
Ben Lindstrome1f9e322002-03-27 17:38:43 +000061 - markus@cvs.openbsd.org 2002/03/26 23:13:03
62 [auth-rsa.c]
63 disallow RSA keys < 768 for protocol 1, too (rhosts-rsa and rsa auth)
Ben Lindstrom59971722002-03-27 17:42:57 +000064 - markus@cvs.openbsd.org 2002/03/26 23:14:51
65 [kex.c]
66 generate a new cookie for each SSH2_MSG_KEXINIT message we send out
Ben Lindstromb57a4bf2002-03-27 18:00:59 +000067 - mouring@cvs.openbsd.org 2002/03/27 11:45:42
68 [monitor.c]
69 monitor_allowed_key() returns int instead of pointer. ok markus@
70
Kevin Steves6205a182002-03-26 00:12:49 +00007120020325
72 - (stevesk) import OpenBSD <sys/tree.h> as "openbsd-compat/tree.h"
Ben Lindstromf90f58d2002-03-26 01:53:03 +000073 - (bal) OpenBSD CVS Sync
74 - stevesk@cvs.openbsd.org 2002/03/23 20:57:26
75 [sshd.c]
76 setproctitle() after preauth child; ok markus@
Ben Lindstrom3dc40f92002-03-26 02:01:30 +000077 - markus@cvs.openbsd.org 2002/03/24 16:00:27
78 [serverloop.c]
79 remove unused debug
Ben Lindstrom8b08d812002-03-26 02:09:41 +000080 - markus@cvs.openbsd.org 2002/03/24 16:01:13
81 [packet.c]
82 debug->debug3 for extra padding
Ben Lindstromfcad1c92002-03-26 02:20:06 +000083 - stevesk@cvs.openbsd.org 2002/03/24 17:27:03
84 [kexgex.c]
85 typo; ok markus@
Ben Lindstrom31ee7ae2002-03-26 02:36:29 +000086 - stevesk@cvs.openbsd.org 2002/03/24 17:53:16
87 [monitor_fdpass.c]
88 minor cleanup and more error checking; ok markus@
Ben Lindstromc2c6cbc2002-03-26 02:44:44 +000089 - markus@cvs.openbsd.org 2002/03/24 18:05:29
90 [scard.c]
91 we need to figure out AUT0 for sc_private_encrypt, too
Ben Lindstrom2e9d8662002-03-26 02:49:34 +000092 - stevesk@cvs.openbsd.org 2002/03/24 23:20:00
93 [monitor.c]
94 remove "\n" from fatal()
Ben Lindstromf6d367b2002-03-26 02:59:31 +000095 - markus@cvs.openbsd.org 2002/03/25 09:21:13
96 [auth-rsa.c]
97 return 0 (not NULL); tomh@po.crl.go.jp
Ben Lindstrom5facb2b2002-03-26 03:08:47 +000098 - markus@cvs.openbsd.org 2002/03/25 09:25:06
99 [auth-rh-rsa.c]
100 rm bogus comment
Ben Lindstrom0936a5b2002-03-26 03:17:42 +0000101 - markus@cvs.openbsd.org 2002/03/25 17:34:27
102 [scard.c scard.h ssh-agent.c ssh-keygen.c ssh.c]
103 change sc_get_key to sc_get_keys and hide smartcard details in scard.c
Ben Lindstromc8615472002-03-26 03:20:45 +0000104 - stevesk@cvs.openbsd.org 2002/03/25 20:12:10
105 [monitor_mm.c monitor_wrap.c]
106 ssize_t args use "%ld" and cast to (long)
107 size_t args use "%lu" and cast to (u_long)
108 ok markus@ and thanks millert@
Ben Lindstrom4f054602002-03-26 03:23:00 +0000109 - markus@cvs.openbsd.org 2002/03/25 21:04:02
110 [ssh.c]
111 simplify num_identity_files handling
Ben Lindstromcf159442002-03-26 03:26:24 +0000112 - markus@cvs.openbsd.org 2002/03/25 21:13:51
113 [channels.c channels.h compat.c compat.h nchan.c]
114 don't send stderr data after EOF, accept this from older known (broken)
115 sshd servers only, fixes http://bugzilla.mindrot.org/show_bug.cgi?id=179
Ben Lindstrom28364ec2002-03-26 03:42:20 +0000116 - stevesk@cvs.openbsd.org 2002/03/26 03:24:01
117 [monitor.h monitor_fdpass.h monitor_mm.h monitor_wrap.h]
118 $OpenBSD$
Kevin Steves6205a182002-03-26 00:12:49 +0000119
Kevin Stevesb4799a32002-03-24 23:19:54 +000012020020324
121 - (stevesk) [session.c] disable LOGIN_NEEDS_TERM until we are sure
122 it can be removed. only used on solaris. will no longer compile with
123 privsep shuffling.
124
Kevin Steves939c9db2002-03-22 17:23:25 +000012520020322
126 - (stevesk) HAVE_ACCRIGHTS_IN_MSGHDR configure support
Kevin Steves7e147602002-03-22 18:07:17 +0000127 - (stevesk) [monitor.c monitor_wrap.c] #ifdef HAVE_PW_CLASS_IN_PASSWD
Kevin Steves4846f4a2002-03-22 18:19:53 +0000128 - (stevesk) configure and cpp __FUNCTION__ gymnastics to handle nielsisms
Kevin Steves1adb1202002-03-22 19:32:53 +0000129 - (stevesk) [monitor_fdpass.c] support for access rights style file
130 descriptor passing
Kevin Steves205cc1e2002-03-22 20:43:05 +0000131 - (stevesk) [auth2.c] merge cleanup/sync
Kevin Steves219bef12002-03-22 20:53:32 +0000132 - (stevesk) [defines.h] hp-ux 11 has ancillary data style fd passing, but
133 is missing CMSG_LEN() and CMSG_SPACE() macros.
Kevin Steves4435a552002-03-22 21:08:03 +0000134 - (stevesk) [defines.h] #define MAP_ANON MAP_ANONYMOUS for HP-UX; other
135 platforms may need this--I'm not sure. mmap() issues will need to be
136 addressed further.
Tim Ricef29a6532002-03-22 13:27:40 -0800137 - (tim) [cipher.c] fix problem with OpenBSD sync
Kevin Steves4408c202002-03-23 02:20:07 +0000138 - (stevesk) [LICENCE] OpenBSD sync
Kevin Steves939c9db2002-03-22 17:23:25 +0000139
Ben Lindstromd45f28c2002-03-22 01:00:57 +000014020020321
141 - (bal) OpenBSD CVS Sync
142 - itojun@cvs.openbsd.org 2002/03/08 06:10:16
143 [sftp-client.c]
144 printf type mismatch
Ben Lindstromeb505452002-03-22 01:03:15 +0000145 - itojun@cvs.openbsd.org 2002/03/11 03:18:49
146 [sftp-client.c]
147 correct type mismatches (u_int64_t != unsigned long long)
Ben Lindstrom83b79e42002-03-22 01:05:27 +0000148 - itojun@cvs.openbsd.org 2002/03/11 03:19:53
149 [sftp-client.c]
150 indent
Ben Lindstrom5c159582002-03-22 01:08:07 +0000151 - markus@cvs.openbsd.org 2002/03/14 15:24:27
152 [sshconnect1.c]
153 don't trust size sent by (rogue) server; noted by s.esser@e-matters.de
Ben Lindstromabcb1452002-03-22 01:10:21 +0000154 - markus@cvs.openbsd.org 2002/03/14 16:38:26
155 [sshd.c]
156 split out ssh1 session key decryption; ok provos@
Ben Lindstrom9c8aefe2002-03-22 01:12:58 +0000157 - markus@cvs.openbsd.org 2002/03/14 16:56:33
158 [auth-rh-rsa.c auth-rsa.c auth.h]
159 split auth_rsa() for better readability and privsep; ok provos@
Ben Lindstromb61e6df2002-03-22 01:15:33 +0000160 - itojun@cvs.openbsd.org 2002/03/15 11:00:38
161 [auth.c]
162 fix file type checking (use S_ISREG). ok by markus
Ben Lindstromce398b22002-03-22 01:17:52 +0000163 - markus@cvs.openbsd.org 2002/03/16 11:24:53
164 [compress.c]
165 skip inflateEnd if inflate fails; ok provos@
Ben Lindstrom186b7da2002-03-22 01:20:32 +0000166 - markus@cvs.openbsd.org 2002/03/16 17:22:09
167 [auth-rh-rsa.c auth.h]
168 split auth_rhosts_rsa(), ok provos@
Ben Lindstromeacc71b2002-03-22 01:22:27 +0000169 - stevesk@cvs.openbsd.org 2002/03/16 17:41:25
170 [auth-krb5.c]
171 BSD license. from Daniel Kouril via Dug Song. ok markus@
Ben Lindstrom2ae18f42002-03-22 01:24:38 +0000172 - provos@cvs.openbsd.org 2002/03/17 20:25:56
173 [auth.c auth.h auth1.c auth2.c]
174 getpwnamallow returns struct passwd * only if user valid; okay markus@
Ben Lindstrom73ab9ba2002-03-22 01:27:35 +0000175 - provos@cvs.openbsd.org 2002/03/18 01:12:14
176 [auth.h auth1.c auth2.c sshd.c]
177 have the authentication functions return the authentication context
178 and then do_authenticated; okay millert@
Ben Lindstromabf31442002-03-22 01:30:40 +0000179 - dugsong@cvs.openbsd.org 2002/03/18 01:30:10
180 [auth-krb4.c]
181 set client to NULL after xfree(), from Rolf Braun
182 <rbraun+ssh@andrew.cmu.edu>
Ben Lindstromb481e132002-03-22 01:35:47 +0000183 - provos@cvs.openbsd.org 2002/03/18 03:41:08
184 [auth.c session.c]
185 move auth_approval into getpwnamallow with help from millert@
Ben Lindstrom212faca2002-03-22 01:39:44 +0000186 - markus@cvs.openbsd.org 2002/03/18 17:13:15
187 [cipher.c cipher.h]
188 export/import cipher states; needed by ssh-privsep
Ben Lindstromf6027d32002-03-22 01:42:04 +0000189 - markus@cvs.openbsd.org 2002/03/18 17:16:38
190 [packet.c packet.h]
191 export/import cipher state, iv and ssh2 seqnr; needed by ssh-privsep
Ben Lindstroma674e8d2002-03-22 01:45:53 +0000192 - markus@cvs.openbsd.org 2002/03/18 17:23:31
193 [key.c key.h]
194 add key_demote() for ssh-privsep
Ben Lindstrom88aa1b42002-03-22 01:47:52 +0000195 - provos@cvs.openbsd.org 2002/03/18 17:25:29
196 [bufaux.c bufaux.h]
197 buffer_skip_string and extra sanity checking; needed by ssh-privsep
Ben Lindstrom0f345f52002-03-22 01:51:24 +0000198 - provos@cvs.openbsd.org 2002/03/18 17:31:54
199 [compress.c]
200 export compression streams for ssh-privsep
Ben Lindstrom7a2073c2002-03-22 02:30:41 +0000201 - provos@cvs.openbsd.org 2002/03/18 17:50:31
202 [auth-bsdauth.c auth-options.c auth-rh-rsa.c auth-rsa.c auth-skey.c auth.h
203 auth1.c auth2-chall.c auth2.c kex.c kex.h kexdh.c kexgex.c servconf.c
204 session.h servconf.h serverloop.c session.c sshd.c]
205 integrate privilege separated openssh; its turned off by default for now.
206 work done by me and markus@
Ben Lindstrom000dda52002-03-22 02:33:12 +0000207 - provos@cvs.openbsd.org 2002/03/18 17:53:08
208 [sshd.8]
209 credits for privsep
Ben Lindstrom191c8e52002-03-22 02:37:50 +0000210 - provos@cvs.openbsd.org 2002/03/18 17:59:09
211 [sshd.8]
212 document UsePrivilegeSeparation
Ben Lindstrom01426a62002-03-22 02:40:03 +0000213 - stevesk@cvs.openbsd.org 2002/03/18 23:52:51
214 [servconf.c]
215 UnprivUser/UnprivGroup usable now--specify numeric user/group; ok
216 provos@
Ben Lindstrom7a7edf72002-03-22 02:42:37 +0000217 - stevesk@cvs.openbsd.org 2002/03/19 03:03:43
218 [pathnames.h servconf.c servconf.h sshd.c]
219 _PATH_PRIVSEP_CHROOT_DIR; ok provos@
Ben Lindstrom85520a62002-03-22 02:44:40 +0000220 - stevesk@cvs.openbsd.org 2002/03/19 05:23:08
221 [sshd.8]
222 Banner has no default.
Ben Lindstromcb1f60e2002-03-22 02:47:28 +0000223 - mpech@cvs.openbsd.org 2002/03/19 06:32:56
224 [sftp-int.c]
225 use xfree() after xstrdup().
226
227 markus@ ok
Ben Lindstrom08105192002-03-22 02:50:06 +0000228 - markus@cvs.openbsd.org 2002/03/19 10:35:39
229 [auth-options.c auth.h session.c session.h sshd.c]
230 clean up prototypes
Ben Lindstrom6328ab32002-03-22 02:54:23 +0000231 - markus@cvs.openbsd.org 2002/03/19 10:49:35
232 [auth-krb5.c auth-rh-rsa.c auth.c cipher.c key.c misc.h packet.c session.c
233 sftp-client.c sftp-glob.h sftp.c ssh-add.c ssh.c sshconnect2.c sshd.c
234 ttymodes.c]
235 KNF whitespace
Ben Lindstrom7ebb6352002-03-22 03:04:08 +0000236 - markus@cvs.openbsd.org 2002/03/19 14:27:39
237 [auth.c auth1.c auth2.c]
238 make getpwnamallow() allways call pwcopy()
Ben Lindstromf34e4eb2002-03-22 03:08:30 +0000239 - markus@cvs.openbsd.org 2002/03/19 15:31:47
240 [auth.c]
241 check for NULL; from provos@
Ben Lindstromc7431342002-03-22 03:11:49 +0000242 - stevesk@cvs.openbsd.org 2002/03/20 19:12:25
243 [servconf.c servconf.h ssh.h sshd.c]
244 for unprivileged user, group do:
245 pw=getpwnam(SSH_PRIVSEP_USER); do_setusercontext(pw). ok provos@
Ben Lindstrom58b391b2002-03-22 03:21:16 +0000246 - stevesk@cvs.openbsd.org 2002/03/20 21:08:08
247 [sshd.c]
248 strerror() on chdir() fail; ok provos@
Ben Lindstrom1ee9ec32002-03-22 03:14:45 +0000249 - markus@cvs.openbsd.org 2002/03/21 10:21:20
250 [ssh-add.c]
251 ignore errors for nonexisting default keys in ssh-add,
252 fixes http://bugzilla.mindrot.org/show_bug.cgi?id=158
Ben Lindstrom5589f4b2002-03-22 03:24:32 +0000253 - jakob@cvs.openbsd.org 2002/03/21 15:17:26
254 [clientloop.c ssh.1]
255 add built-in command line for adding new port forwardings on the fly.
256 based on a patch from brian wellington. ok markus@.
Ben Lindstrom0b675b12002-03-22 03:28:11 +0000257 - markus@cvs.openbsd.org 2002/03/21 16:38:06
258 [scard.c]
259 make compile w/ openssl 0.9.7
Ben Lindstrom70e3ad82002-03-22 03:33:43 +0000260 - markus@cvs.openbsd.org 2002/03/21 16:54:53
261 [scard.c scard.h ssh-keygen.c]
262 move key upload to scard.[ch]
263 - markus@cvs.openbsd.org 2002/03/21 16:57:15
264 [scard.c]
265 remove const
Ben Lindstromeda98a72002-03-22 03:35:48 +0000266 - markus@cvs.openbsd.org 2002/03/21 16:58:13
267 [clientloop.c]
268 remove unused
Ben Lindstrom818659a2002-03-22 03:38:35 +0000269 - rees@cvs.openbsd.org 2002/03/21 18:08:15
270 [scard.c]
271 In sc_put_key(), sc_reader_id should be id.
Ben Lindstromfa1336f2002-03-22 03:40:58 +0000272 - markus@cvs.openbsd.org 2002/03/21 20:51:12
273 [sshd_config]
274 add privsep (off)
Ben Lindstrom943481c2002-03-22 03:43:46 +0000275 - markus@cvs.openbsd.org 2002/03/21 21:23:34
276 [sshd.c]
277 add privsep_preauth() and remove 1 goto; ok provos@
Ben Lindstrom266ec632002-03-22 03:47:38 +0000278 - rees@cvs.openbsd.org 2002/03/21 21:54:34
279 [scard.c scard.h ssh-keygen.c]
280 Add PIN-protection for secret key.
Ben Lindstromba72d302002-03-22 03:51:06 +0000281 - rees@cvs.openbsd.org 2002/03/21 22:44:05
282 [authfd.c authfd.h ssh-add.c ssh-agent.c ssh.c]
283 Add PIN-protection for secret key.
Ben Lindstrom681d9322002-03-22 03:53:00 +0000284 - markus@cvs.openbsd.org 2002/03/21 23:07:37
285 [clientloop.c]
286 remove unused, sync w/ cmdline patch in my tree.
Ben Lindstromfa1336f2002-03-22 03:40:58 +0000287
Tim Rice88f2ab52002-03-17 12:17:34 -080028820020317
289 - (tim) [configure.ac] Assume path given with --with-pid-dir=PATH is wanted,
290 warn if directory does not exist. Put system directories in front of
291 PATH for finding entorpy commands.
Tim Rice3a423462002-03-17 14:05:24 -0800292 - (tim) [contrib/aix/buildbff.sh contrib/aix/inventory.sh] AIX package
293 build fixes. Patch by Darren Tucker <dtucker@zip.com.au>
294 [contrib/solaris/buildpkg.sh] add missing dirs to SYSTEM_DIR. Have
295 postinstall check for $piddir and add if necessary.
Tim Rice88f2ab52002-03-17 12:17:34 -0800296
Tim Rice29bdd2c2002-03-11 20:55:53 -080029720020311
298 - (tim) [contrib/solaris/buildpkg.sh, contrib/solaris/README] Updated to
299 build on all platforms that support SVR4 style package tools. Now runs
300 from build dir. Parts are based on patches from Antonio Navarro, and
301 Darren Tucker.
302
Damien Millerff8f94c2002-03-11 10:48:53 +110030320020308
Damien Millerc7375ac2002-03-11 10:51:17 +1100304 - (djm) Revert bits of Markus' OpenSSL compat patch which was
305 accidentally committed.
306 - (djm) Add Markus' patch for compat wih OpenSSL < 0.9.6.
307 Known issue: Blowfish for SSH1 does not work
Kevin Steves58193072002-03-11 00:16:34 +0000308 - (stevesk) entropy.c: typo in debug message
Damien Miller4a10d2e2002-03-11 22:53:29 +1100309 - (djm) ssh-keygen -i needs seeded RNG; report from markus@
Damien Millerff8f94c2002-03-11 10:48:53 +1100310
Damien Miller6ba693f2002-03-07 12:58:24 +110031120020307
312 - (djm) OpenBSD CVS Sync
313 - markus@cvs.openbsd.org 2002/03/06 00:20:54
314 [compat.c dh.c]
315 compat.c
Damien Miller6d6c5d22002-03-07 12:58:42 +1100316 - markus@cvs.openbsd.org 2002/03/06 00:23:27
317 [compat.c dh.c]
318 undo
Damien Miller4e431d42002-03-07 12:59:02 +1100319 - markus@cvs.openbsd.org 2002/03/06 00:24:39
320 [compat.c]
321 compat.c
Damien Miller3fd28722002-03-07 13:02:19 +1100322 - markus@cvs.openbsd.org 2002/03/06 00:25:55
323 [version.h]
324 OpenSSH_3.1
Damien Miller6e96c882002-03-07 13:04:37 +1100325 - (djm) Update RPM spec files with new version number
Ben Lindstromdc163542002-03-07 17:49:39 +0000326 - (bal) Updated INSTALL to reflect 0.9.6 OpenSSL requirement
Ben Lindstrom7577fd82002-03-08 03:11:07 +0000327 - (bal) Add in check for rpc/types.h since it is needed on
328 some platforms for INADDR_LOOPBACK. We should retest
329 SCO 3 to see if this fixes their problem also.
Ben Lindstrom784e2342002-03-08 03:50:57 +0000330 - (bal) Test for IRIX JOBS support at runtime. Patch provided
331 by David Kaelbling <drk@sgi.com>
332
Kevin Steves664b2432002-03-05 18:03:10 +000033320020305
334 - stevesk@cvs.openbsd.org 2002/03/02 09:34:42
335 [LICENCE]
336 correct copyright dates for scp license; ok markus@
337
Ben Lindstroma54f61c2002-03-05 01:23:13 +000033820020304
339 - OpenBSD CVS Sync
340 - deraadt@cvs.openbsd.org 2002/02/26 18:52:32
341 [sftp.1]
342 Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org
Ben Lindstroma48f3682002-03-05 01:24:52 +0000343 - mouring@cvs.openbsd.org 2002/02/26 19:04:37
344 [sftp.1]
345 > Ic cannot have that many arguments; spotted by mouring@etoh.eviladmin.org
346 Last Ic on the first line should not have a space between it and the final
347 comma.
Ben Lindstrom3612bda2002-03-05 01:26:38 +0000348 - deraadt@cvs.openbsd.org 2002/02/26 19:06:43
349 [sftp.1]
350 no, look closely. the comma was highlighted. split .Ic even more
Ben Lindstrome86de512002-03-05 01:28:14 +0000351 - stevesk@cvs.openbsd.org 2002/02/26 20:03:51
352 [misc.c]
353 use socklen_t
Ben Lindstrom733a2352002-03-05 01:31:28 +0000354 - stevesk@cvs.openbsd.org 2002/02/27 21:23:13
355 [canohost.c channels.c packet.c sshd.c]
356 remove unneeded casts in [gs]etsockopt(); ok markus@
Ben Lindstrom80cb27d2002-03-05 01:33:36 +0000357 - markus@cvs.openbsd.org 2002/02/28 15:46:33
358 [authfile.c kex.c kexdh.c kexgex.c key.c ssh-dss.c]
359 add some const EVP_MD for openssl-0.9.7
Ben Lindstrom916d83d2002-03-05 01:35:23 +0000360 - stevesk@cvs.openbsd.org 2002/02/28 19:36:28
361 [auth.c match.c match.h]
362 delay hostname lookup until we see a ``@'' in DenyUsers and AllowUsers
363 for sshd -u0; ok markus@
Ben Lindstrom778bf552002-03-05 01:37:12 +0000364 - stevesk@cvs.openbsd.org 2002/02/28 20:36:42
365 [sshd.8]
366 DenyUsers allows user@host pattern also
Ben Lindstromea03db92002-03-05 01:38:57 +0000367 - stevesk@cvs.openbsd.org 2002/02/28 20:46:10
368 [sshd.8]
369 -u0 DNS for user@host
Ben Lindstrom6ef9ec62002-03-05 01:40:37 +0000370 - stevesk@cvs.openbsd.org 2002/02/28 20:56:00
371 [auth.c]
372 log user not allowed details, from dwd@bell-labs.com; ok markus@
Ben Lindstrom3fb5d002002-03-05 01:42:42 +0000373 - markus@cvs.openbsd.org 2002/03/01 13:12:10
374 [auth.c match.c match.h]
375 undo the 'delay hostname lookup' change
376 match.c must not use compress.c (via canonhost.c/packet.c)
377 thanks to wilfried@
Ben Lindstromd96c8b32002-03-05 01:45:56 +0000378 - markus@cvs.openbsd.org 2002/03/04 12:43:06
379 [auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
Ben Lindstrom84fcb312002-03-05 01:48:09 +0000380 - markus@cvs.openbsd.org 2002/03/04 13:10:46
381 [misc.c]
382 error-> debug, because O_NONBLOCK for /dev/null causes too many different
383 errnos; ok stevesk@, deraadt@
Ben Lindstromd96c8b32002-03-05 01:45:56 +0000384 unused include
Ben Lindstrom05764b92002-03-05 01:53:02 +0000385 - stevesk@cvs.openbsd.org 2002/03/04 17:27:39
386 [auth-krb5.c auth-options.h auth.h authfd.h authfile.h bufaux.h buffer.h
387 channels.h cipher.h compat.h compress.h crc32.h deattack.c getput.h
388 groupaccess.c misc.c mpaux.h packet.h readconf.h rsa.h scard.h
389 servconf.h ssh-agent.c ssh.h ssh2.h sshpty.h sshtty.c ttymodes.h
390 uuencode.c xmalloc.h]
391 $OpenBSD$ and RCSID() cleanup: don't use RCSID() in .h files; add
392 missing RCSID() to .c files and remove dup /*$OpenBSD$*/ from .c
393 files. ok markus@
Ben Lindstrom6b28c352002-03-05 01:54:52 +0000394 - stevesk@cvs.openbsd.org 2002/03/04 18:30:23
395 [ssh-keyscan.c]
396 handle connection close during read of protocol version string.
397 fixes erroneous "bad greeting". ok markus@
Ben Lindstrom79548872002-03-05 01:57:44 +0000398 - markus@cvs.openbsd.org 2002/03/04 19:37:58
399 [channels.c]
400 off by one; thanks to joost@pine.nl
Ben Lindstrom01e7fa12002-03-05 03:38:35 +0000401 - (bal) Added contrib/aix/ to support BFF package generation provided
402 by Darren Tucker <dtucker@zip.com.au>
Tim Rice4cec93f2002-02-26 08:40:48 -080040320020226
404 - (tim) Bug 12 [configure.ac] add sys/bitypes.h to int64_t tests
405 based on patch by mooney@dogbert.cc.ndsu.nodak.edu (Tim Mooney)
406 Bug 45 [configure.ac] modify skey test to work around conflict with autoconf
407 reported by nolan@naic.edu (Michael Nolan)
408 patch by Pekka Savola <pekkas@netcore.fi>
409 Bug 74 [configure.ac defines.h] add sig_atomic_t test
410 reported by dwd@bell-labs.com (Dave Dykstra)
411 Bug 102 [defines.h] UNICOS fixes. patch by wendyp@cray.com
412 [configure.ac Makefile.in] link libwrap only with sshd
413 based on patch by Maciej W. Rozycki <macro@ds2.pg.gda.pl>
414 Bug 123 link libpam only with sshd
415 reported by peak@argo.troja.mff.cuni.cz (Pavel Kankovsky)
416 [configure.ac defines.h] modify previous SCO3 fix to not break Solaris 7
417 [acconfig.h] remove unused HAVE_REGCOMP
Tim Rice7d2d1f12002-02-26 22:05:11 -0800418 [configure.ac] put back in search for prngd-socket
Kevin Stevesa2b96072002-02-26 16:59:58 +0000419 - (stevesk) openbsd-compat/base64.h: typo in comment
Ben Lindstrom351e9192002-02-26 17:49:55 +0000420 - (bal) Update sshd_config CVSID
Ben Lindstromb8550282002-02-26 17:46:11 +0000421 - (bal) OpenBSD CVS Sync
422 - markus@cvs.openbsd.org 2002/02/15 23:54:10
423 [auth-krb5.c]
424 krb5_get_err_text() does not like context==NULL; he@nordu.net via google;
425 ok provos@
Ben Lindstrom9c8edc92002-02-26 17:52:14 +0000426 - markus@cvs.openbsd.org 2002/02/22 12:20:34
427 [log.c log.h ssh-keyscan.c]
428 overwrite fatal() in ssh-keyscan.c; fixes pr 2354; ok provos@
Ben Lindstrom14519082002-02-26 17:58:29 +0000429 - markus@cvs.openbsd.org 2002/02/23 17:59:02
430 [kex.c kexdh.c kexgex.c]
431 don't allow garbage after payload.
Ben Lindstrom13c5d3b2002-02-26 18:00:48 +0000432 - stevesk@cvs.openbsd.org 2002/02/24 16:09:52
433 [sshd.c]
434 use u_char* here; ok markus@
Ben Lindstrom021fcd32002-02-26 18:02:43 +0000435 - markus@cvs.openbsd.org 2002/02/24 16:57:19
436 [sftp-client.c]
437 early close(), missing free; ok stevesk@
Ben Lindstrom4a7714a2002-02-26 18:04:38 +0000438 - markus@cvs.openbsd.org 2002/02/24 16:58:32
439 [packet.c]
440 make 'cp' unsigned and merge with 'ucp'; ok stevesk@
Ben Lindstrome45a2cb2002-02-26 18:07:26 +0000441 - markus@cvs.openbsd.org 2002/02/24 18:31:09
442 [uuencode.c]
443 typo in comment
Ben Lindstrom90fd8142002-02-26 18:09:42 +0000444 - markus@cvs.openbsd.org 2002/02/24 19:14:59
445 [auth2.c authfd.c authfd.h authfile.c kexdh.c kexgex.c key.c key.h
446 ssh-dss.c ssh-dss.h ssh-keygen.c ssh-rsa.c ssh-rsa.h sshconnect2.c]
447 signed vs. unsigned: make size arguments u_int, ok stevesk@
Ben Lindstrom1ebd7a52002-02-26 18:12:51 +0000448 - stevesk@cvs.openbsd.org 2002/02/24 19:59:42
449 [channels.c misc.c]
450 disable Nagle in connect_to() and channel_post_port_listener() (port
451 forwarding endpoints). the intention is to preserve the on-the-wire
452 appearance to applications at either end; the applications can then
453 enable TCP_NODELAY according to their requirements. ok markus@
Ben Lindstromc58ab022002-02-26 18:15:09 +0000454 - markus@cvs.openbsd.org 2002/02/25 16:33:27
455 [ssh-keygen.c sshconnect2.c uuencode.c uuencode.h]
456 more u_* fixes
Ben Lindstrom88c0cd82002-02-26 19:24:21 +0000457 - (bal) Imported missing fatal.c and fixed up Makefile.in
Tim Rice7d2d1f12002-02-26 22:05:11 -0800458 - (tim) [configure.ac] correction to Bug 123 fix
Tim Rice200a5c02002-02-26 22:12:34 -0800459 [configure.ac] correction to sig_atomic_t test
Tim Rice4cec93f2002-02-26 08:40:48 -0800460
Ben Lindstromc0041352002-02-25 15:48:02 +000046120020225
462 - (bal) Last AIX patch. Moved aix_usrinfo() outside of do_setuserconext()
463 since we need more session information than provided by that function.
464
Ben Lindstrom127398c2002-02-24 20:25:46 +000046520020224
466 - (bal) Drop Session *s usage in ports-aix.[ch] and pass just what we
467 need to do the jobs (AIX still does not fully compile, but that is
468 coming).
Ben Lindstrom839ac4f2002-02-24 20:42:46 +0000469 - (bal) Part two.. Drop unused AIX header, fix up missing char *cp. All
470 that is left is handling aix_usrinfo().
Tim Ricee06ae4a2002-02-24 17:56:46 -0800471 - (tim) [loginrec.c session.c sshlogin.c sshlogin.h] Bug 84
472 patch by wknox@mitre.org (William Knox).
473 [sshlogin.h] declare record_utmp_only for session.c
Ben Lindstrom127398c2002-02-24 20:25:46 +0000474
Ben Lindstrom3107efc2002-02-21 15:37:02 +000047520020221
Ben Lindstrom127398c2002-02-24 20:25:46 +0000476 - (bal) Minor session.c fixup for cygwin. mispelt 'is_winnt' variable.
Ben Lindstrom3107efc2002-02-21 15:37:02 +0000477
Damien Miller7af3d102002-02-19 15:19:42 +110047820020219
479 - (djm) OpenBSD CVS Sync
480 - mpech@cvs.openbsd.org 2002/02/13 08:33:47
481 [ssh-keyscan.1]
482 When you give command examples and etc., in a manual page prefix them with: $ command
483 or
484 # command
Damien Miller2aa0c192002-02-19 15:20:08 +1100485 - markus@cvs.openbsd.org 2002/02/14 23:27:59
486 [channels.c]
487 increase the SSH v2 window size to 4 packets. comsumes a little
488 bit more memory for slow receivers but increases througput.
Damien Miller19a59452002-02-19 15:20:57 +1100489 - markus@cvs.openbsd.org 2002/02/14 23:28:00
490 [channels.h session.c ssh.c]
491 increase the SSH v2 window size to 4 packets. comsumes a little
492 bit more memory for slow receivers but increases througput.
Damien Miller963f6b22002-02-19 15:21:23 +1100493 - markus@cvs.openbsd.org 2002/02/14 23:41:01
494 [authfile.c cipher.c cipher.h kex.c kex.h packet.c]
495 hide some more implementation details of cipher.[ch] and prepares for move
496 to EVP, ok deraadt@
Damien Miller55fafa02002-02-19 15:22:07 +1100497 - stevesk@cvs.openbsd.org 2002/02/16 14:53:37
498 [ssh-keygen.1]
499 -t required now for key generation
Damien Miller993dd552002-02-19 15:22:47 +1100500 - stevesk@cvs.openbsd.org 2002/02/16 20:40:08
501 [ssh-keygen.c]
502 default to rsa keyfile path for non key generation operations where
503 keyfile not specified. fixes core dump in those cases. ok markus@
Damien Millerb0462112002-02-19 15:24:43 +1100504 - millert@cvs.openbsd.org 2002/02/16 21:27:53
505 [auth.h]
506 Part one of userland __P removal. Done with a simple regexp with
507 some minor hand editing to make comments line up correctly. Another
508 pass is forthcoming that handles the cases that could not be done
509 automatically.
Damien Millera93c6d82002-02-19 15:25:29 +1100510 - millert@cvs.openbsd.org 2002/02/17 19:42:32
511 [auth.h]
512 Manual cleanup of remaining userland __P use (excluding packages
513 maintained outside the tree)
Damien Miller21cf4e02002-02-19 15:26:42 +1100514 - markus@cvs.openbsd.org 2002/02/18 13:05:32
515 [cipher.c cipher.h]
516 switch to EVP, ok djm@ deraadt@
Damien Miller85221b22002-02-19 15:27:23 +1100517 - markus@cvs.openbsd.org 2002/02/18 17:55:20
518 [ssh.1]
519 -q: Fatal errors are _not_ displayed.
Damien Miller95ca7e92002-02-19 15:29:02 +1100520 - deraadt@cvs.openbsd.org 2002/02/19 02:50:59
521 [sshd_config]
522 stategy is not an english word
Ben Lindstroma9c039c2002-02-19 20:27:55 +0000523 - (bal) Migrated IRIX jobs/projects/audit/etc code to
Ben Lindstromf095a852002-02-19 20:02:48 +0000524 openbsd-compat/port-irix.[ch] to improve readiblity of do_child()
Ben Lindstroma9c039c2002-02-19 20:27:55 +0000525 - (bal) Migrated AIX getuserattr and usrinfo code to
526 openbsd-compat/port-aix.[c] to improve readilbity of do_child() and
527 simplify our diffs against upstream source.
Ben Lindstrom4e97e852002-02-19 21:50:43 +0000528 - (bal) OpenBSD CVS Sync
529 - markus@cvs.openbsd.org 2002/02/15 23:11:26
530 [session.c]
531 split do_child(), ok mouring@
Ben Lindstrome37f63f2002-02-19 21:58:19 +0000532 - markus@cvs.openbsd.org 2002/02/16 00:51:44
533 [session.c]
534 typo
535 - (bal) CVS ID sync since the last two patches were merged mistakenly
Damien Miller7af3d102002-02-19 15:19:42 +1100536
Tim Rice92c1fc42002-02-18 15:18:56 -080053720020218
538 - (tim) newer config.guess from ftp://ftp.gnu.org/gnu/config/config.guess
539
Damien Millerd054b072002-02-14 08:44:04 +110054020020213
Damien Miller72476d42002-02-14 20:39:49 +1100541 - (djm) Don't use system sys/queue.h on AIX. Report from
542 gert@greenie.muc.de
543 - (djm) Bug #114 - not starting PAM for SSH protocol 1 invalid users
Damien Millerd054b072002-02-14 08:44:04 +1100544
54520020213
Damien Millerbc27d4e2002-02-13 13:54:06 +1100546 - (djm) OpenBSD CVS Sync
547 - markus@cvs.openbsd.org 2002/02/11 16:10:15
548 [kex.c]
549 restore kexinit handler if we reset the dispatcher, this unbreaks
550 rekeying s/kex_clear_dispatch/kex_reset_dispatch/
Damien Miller2ce18da2002-02-13 13:54:27 +1100551 - markus@cvs.openbsd.org 2002/02/11 16:15:46
552 [sshconnect1.c]
553 include md5.h, not evp.h
Damien Miller654c03f2002-02-13 13:54:44 +1100554 - markus@cvs.openbsd.org 2002/02/11 16:17:55
555 [sshd.c]
556 do not complain about port > 1024 if rhosts-auth is disabled
Damien Miller6a47f302002-02-13 13:55:06 +1100557 - markus@cvs.openbsd.org 2002/02/11 16:19:39
558 [sshd.c]
559 include md5.h not hmac.h
Damien Millerafc7a5d2002-02-13 13:55:30 +1100560 - markus@cvs.openbsd.org 2002/02/11 16:21:42
561 [match.c]
562 support up to 40 algorithms per proposal
Damien Miller16a13332002-02-13 14:03:56 +1100563 - djm@cvs.openbsd.org 2002/02/12 12:32:27
564 [sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
565 Perform multiple overlapping read/write requests in file transfer. Mostly
566 done by Tobias Ringstrom <tori@ringstrom.mine.nu>; ok markus@
Damien Miller5873dfd2002-02-13 14:04:37 +1100567 - djm@cvs.openbsd.org 2002/02/12 12:44:46
568 [sftp-client.c]
569 Let overlapped upload path handle servers which reorder ACKs. This may be
570 permitted by the protocol spec; ok markus@
Damien Miller00c92172002-02-13 14:05:00 +1100571 - markus@cvs.openbsd.org 2002/02/13 00:28:13
572 [sftp-server.c]
573 handle SSH2_FILEXFER_ATTR_SIZE in SSH2_FXP_(F)SETSTAT; ok djm@
Damien Miller3606ee22002-02-13 14:05:23 +1100574 - markus@cvs.openbsd.org 2002/02/13 00:39:15
575 [readpass.c]
576 readpass.c is not longer from UCB, since we now use readpassphrase(3)
Damien Miller3db5f532002-02-13 14:10:32 +1100577 - djm@cvs.openbsd.org 2002/02/13 00:59:23
578 [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp.h]
579 [sftp-int.c sftp-int.h]
580 API cleanup and backwards compat for filexfer v.0 servers; ok markus@
Damien Miller8e3bdca2002-02-13 16:00:15 +1100581 - (djm) Sync openbsd-compat with OpenBSD CVS too
Damien Miller150c8b52002-02-13 23:06:56 +1100582 - (djm) Bug #106: Add --without-rpath configure option. Patch from
583 Nicolas.Williams@ubsw.com
Tim Rice57e3fa82002-02-13 10:14:52 -0800584 - (tim) [configure.ac, defines.h ] add rpc/rpc.h for INADDR_LOOPBACK
585 on SCO OSR3
Damien Millerbc27d4e2002-02-13 13:54:06 +1100586
Damien Miller05eda432002-02-10 18:32:28 +110058720020210
588 - (djm) OpenBSD CVS Sync
589 - deraadt@cvs.openbsd.org 2002/02/09 17:37:34
590 [pathnames.h session.c ssh.1 sshd.8 sshd_config ssh-keyscan.1]
591 move ssh config files to /etc/ssh
592 - (djm) Adjust portable Makefile.in tnd ssh-rand-helper.c o match
Damien Millerafcc2252002-02-10 18:32:55 +1100593 - deraadt@cvs.openbsd.org 2002/02/10 01:07:05
594 [readconf.h sshd.8]
595 more /etc/ssh; openbsd@davidkrause.com
Damien Miller05eda432002-02-10 18:32:28 +1100596
Damien Miller5aa5d782002-02-08 22:01:54 +110059720020208
598 - (djm) OpenBSD CVS Sync
599 - markus@cvs.openbsd.org 2002/02/04 12:15:25
600 [sshd.c]
601 add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
602 fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
Damien Millere8c9ed42002-02-08 22:02:16 +1100603 - stevesk@cvs.openbsd.org 2002/02/04 20:41:16
604 [ssh-agent.1]
605 more sync for default ssh-add identities; ok markus@
Damien Miller8829d362002-02-08 22:04:05 +1100606 - djm@cvs.openbsd.org 2002/02/05 00:00:46
607 [sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
608 Add "-B" option to specify copy buffer length (default 32k); ok markus@
Damien Millera500cd62002-02-08 22:04:26 +1100609 - markus@cvs.openbsd.org 2002/02/05 14:32:55
610 [channels.c channels.h ssh.c]
611 merge channel_request() into channel_request_start()
Damien Miller81b6e782002-02-08 22:06:03 +1100612 - markus@cvs.openbsd.org 2002/02/06 14:22:42
613 [sftp.1]
614 sort options; ok mpech@, stevesk@
Damien Miller025e01c2002-02-08 22:06:29 +1100615 - mpech@cvs.openbsd.org 2002/02/06 14:27:23
616 [sftp.c]
617 sync usage() with manual.
Damien Millerf3dcf1f2002-02-08 22:06:48 +1100618 - markus@cvs.openbsd.org 2002/02/06 14:37:22
619 [session.c]
620 minor KNF
Damien Miller699d0032002-02-08 22:07:16 +1100621 - markus@cvs.openbsd.org 2002/02/06 14:55:16
622 [channels.c clientloop.c serverloop.c ssh.c]
623 channel_new never returns NULL, mouring@; ok djm@
Damien Miller48606502002-02-08 22:07:33 +1100624 - markus@cvs.openbsd.org 2002/02/07 09:35:39
625 [ssh.c]
626 remove bogus comments
Damien Miller5aa5d782002-02-08 22:01:54 +1100627
Damien Miller398e1cf2002-02-05 11:52:13 +110062820020205
Damien Millerf3451a22002-02-05 12:40:46 +1100629 - (djm) Cleanup after sync:
630 - :%s/reverse_mapping_check/verify_reverse_mapping/g
Damien Miller398e1cf2002-02-05 11:52:13 +1100631 - (djm) OpenBSD CVS Sync
632 - stevesk@cvs.openbsd.org 2002/01/24 21:09:25
633 [channels.c misc.c misc.h packet.c]
634 add set_nodelay() to set TCP_NODELAY on a socket (prep for nagle tuning).
635 no nagle changes just yet; ok djm@ markus@
Damien Miller4d007762002-02-05 11:52:54 +1100636 - stevesk@cvs.openbsd.org 2002/01/24 21:13:23
637 [packet.c]
638 need misc.h for set_nodelay()
Damien Miller3a8262f2002-02-05 11:53:15 +1100639 - markus@cvs.openbsd.org 2002/01/25 21:00:24
640 [sshconnect2.c]
641 unused include
Damien Millerc516e922002-02-05 11:53:43 +1100642 - markus@cvs.openbsd.org 2002/01/25 21:42:11
643 [ssh-dss.c ssh-rsa.c]
644 use static EVP_MAX_MD_SIZE buffers for EVP_DigestFinal; ok stevesk@
645 don't use evp_md->md_size, it's not public.
Damien Miller3672e4b2002-02-05 11:54:07 +1100646 - markus@cvs.openbsd.org 2002/01/25 22:07:40
647 [kex.c kexdh.c kexgex.c key.c mac.c]
648 use EVP_MD_size(evp_md) and not evp_md->md_size; ok steveks@
Damien Miller512bccb2002-02-05 12:11:02 +1100649 - stevesk@cvs.openbsd.org 2002/01/26 16:44:22
650 [includes.h session.c]
651 revert code to add x11 localhost display authorization entry for
652 hostname/unix:d and uts.nodename/unix:d if nodename was different than
653 hostname. just add entry for unix:d instead. ok markus@
Damien Miller95c249f2002-02-05 12:11:34 +1100654 - stevesk@cvs.openbsd.org 2002/01/27 14:57:46
655 [channels.c servconf.c servconf.h session.c sshd.8 sshd_config]
656 add X11UseLocalhost; ok markus@
Damien Miller35b13d62002-02-05 12:12:09 +1100657 - stevesk@cvs.openbsd.org 2002/01/27 18:08:17
658 [ssh.c]
659 handle simple case to identify FamilyLocal display; ok markus@
Damien Miller43cba342002-02-05 12:12:49 +1100660 - markus@cvs.openbsd.org 2002/01/29 14:27:57
661 [ssh-add.c]
662 exit 2 if no agent, exit 1 if list fails; debian#61078; ok djm@
Damien Millerc5d86352002-02-05 12:13:41 +1100663 - markus@cvs.openbsd.org 2002/01/29 14:32:03
664 [auth2.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c canohost.c]
665 [servconf.c servconf.h session.c sshd.8 sshd_config]
666 s/ReverseMappingCheck/VerifyReverseMapping/ and avoid confusion;
667 ok stevesk@
Damien Millerbaa08702002-02-05 12:14:10 +1100668 - stevesk@cvs.openbsd.org 2002/01/29 16:29:02
669 [session.c]
670 limit subsystem length in log; ok markus@
Damien Millerc313be22002-02-05 12:14:41 +1100671 - markus@cvs.openbsd.org 2002/01/29 16:41:19
672 [ssh-add.1]
673 add DIAGNOSTICS; ok stevesk@
Damien Miller5fab4b92002-02-05 12:15:07 +1100674 - markus@cvs.openbsd.org 2002/01/29 22:46:41
675 [session.c]
676 don't depend on servconf.c; ok djm@
Damien Miller07a2d422002-02-05 12:16:15 +1100677 - markus@cvs.openbsd.org 2002/01/29 23:50:37
678 [scp.1 ssh.1]
679 mention exit status; ok stevesk@
Damien Miller9ab47ee2002-02-05 12:19:52 +1100680 - markus@cvs.openbsd.org 2002/01/31 13:35:11
681 [kexdh.c kexgex.c]
682 cross check announced key type and type from key blob
Damien Miller664d6b92002-02-05 12:20:16 +1100683 - markus@cvs.openbsd.org 2002/01/31 15:00:05
684 [serverloop.c]
685 no need for WNOHANG; ok stevesk@
Damien Millerc7ef63d2002-02-05 12:21:42 +1100686 - markus@cvs.openbsd.org 2002/02/03 17:53:25
687 [auth1.c serverloop.c session.c session.h]
688 don't use channel_input_channel_request and callback
689 use new server_input_channel_req() instead:
690 server_input_channel_req does generic request parsing on server side
691 session_input_channel_req handles just session specific things now
692 ok djm@
Damien Miller50e884d2002-02-05 12:22:08 +1100693 - markus@cvs.openbsd.org 2002/02/03 17:55:55
694 [channels.c channels.h]
695 remove unused channel_input_channel_request
Damien Miller67f0bc02002-02-05 12:23:08 +1100696 - markus@cvs.openbsd.org 2002/02/03 17:58:21
697 [channels.c channels.h ssh.c]
698 generic callbacks are not really used, remove and
699 add a callback for msg of type SSH2_MSG_CHANNEL_OPEN_CONFIRMATION
700 ok djm@
Damien Miller68f45982002-02-05 12:23:32 +1100701 - markus@cvs.openbsd.org 2002/02/03 17:59:23
702 [sshconnect2.c]
703 more cross checking if announced vs. used key type; ok stevesk@
Damien Miller9749c0c2002-02-05 12:23:58 +1100704 - stevesk@cvs.openbsd.org 2002/02/03 22:35:57
705 [ssh.1 sshd.8]
706 some KeepAlive cleanup/clarify; ok markus@
Damien Millerd2b8f162002-02-05 12:24:19 +1100707 - stevesk@cvs.openbsd.org 2002/02/03 23:22:59
708 [ssh-agent.1]
709 ssh-add also adds $HOME/.ssh/id_rsa and $HOME/.ssh/id_dsa now.
Damien Miller4d4d53f2002-02-05 12:25:28 +1100710 - stevesk@cvs.openbsd.org 2002/02/04 00:53:39
711 [ssh-agent.c]
712 unneeded includes
Damien Miller9b74bfc2002-02-05 12:26:03 +1100713 - markus@cvs.openbsd.org 2002/02/04 11:58:10
714 [auth2.c]
715 cross checking of announced vs actual pktype in pubkey/hostbaed auth;
716 ok stevesk@
Damien Millerfcd93202002-02-05 12:26:34 +1100717 - markus@cvs.openbsd.org 2002/02/04 12:15:25
718 [log.c log.h readconf.c servconf.c]
719 add SYSLOG_FACILITY_NOT_SET = -1, SYSLOG_LEVEL_NOT_SET = -1,
720 fixes arm/netbsd; based on patch from bjh21@netbsd.org; ok djm@
Damien Millerab57f352002-02-05 12:26:58 +1100721 - stevesk@cvs.openbsd.org 2002/02/04 20:41:16
722 [ssh-add.1]
723 more sync for default ssh-add identities; ok markus@
Damien Millerd14ee1e2002-02-05 12:27:31 +1100724 - djm@cvs.openbsd.org 2002/02/04 21:53:12
725 [sftp.1 sftp.c]
726 Add "-P" option to directly connect to a local sftp-server. Should be
727 useful for regression testing; ok markus@
Damien Millercb8ea152002-02-05 12:27:58 +1100728 - djm@cvs.openbsd.org 2002/02/05 00:00:46
729 [sftp.1 sftp.c sftp-client.c sftp-client.h sftp-int.c]
730 Add "-B" option to specify copy buffer length (default 32k); ok markus@
Damien Miller398e1cf2002-02-05 11:52:13 +1100731
Damien Miller8eb71412002-01-30 09:37:06 +110073220020130
733 - (djm) Delay PRNG seeding until we need it in ssh-keygen, from markus@
Tim Rice1e2c6002002-01-30 22:14:03 -0800734 - (tim) [configure.ac] fix logic on when ssh-rand-helper is installed.
735 [sshd_config] put back in line that tells what PATH was compiled into sshd.
Damien Miller8eb71412002-01-30 09:37:06 +1100736
Damien Miller414642b2002-01-25 00:46:04 +110073720020125
Damien Miller6677d412002-01-25 00:59:25 +1100738 - (djm) Don't grab Xserver or pointer by default. x11-ssh-askpass doesn't
739 and grabbing can cause deadlocks with kinput2.
Damien Miller414642b2002-01-25 00:46:04 +1100740
Kevin Steves020daf42002-01-23 23:26:43 +000074120020124
742 - (stevesk) Makefile.in: bug #61; delete commented line for now.
743
Damien Miller6385ba02002-01-23 08:12:36 +110074420020123
745 - (djm) Fix non-standard shell syntax in autoconf. Patch from
746 Dave Dykstra <dwd@bell-labs.com>
Kevin Steves7dc81972002-01-22 21:59:31 +0000747 - (stevesk) fix --with-zlib=
Damien Millere996d722002-01-23 11:20:59 +1100748 - (djm) Use case statements in autoconf to clean up some tests
Ben Lindstromfa9b6412002-01-23 06:54:30 +0000749 - (bal) reverted out of 5/2001 change to atexit(). I assume I
750 did it to handle SonyOS. If that is the case than we will
751 do a special case for them.
Damien Miller6385ba02002-01-23 08:12:36 +1100752
Damien Miller6c21c512002-01-22 21:57:53 +110075320020122
754 - (djm) autoconf hacking:
755 - We don't support --without-zlib currently, so don't allow it.
756 - Rework cryptographic random number support detection. We now detect
757 whether OpenSSL seeds itself. If it does, then we don't bother with
758 the ssh-rand-helper program. You can force the use of ssh-rand-helper
759 using the --with-rand-helper configure argument
760 - Simplify and clean up ssh-rand-helper configuration
Damien Millerec932372002-01-22 22:16:03 +1100761 - Add OpenSSL sanity check: verify that header version matches version
762 reported by library
Damien Millerc46cc542002-01-22 21:58:27 +1100763 - (djm) Fix some bugs I introduced into ssh-rand-helper yesterday
Damien Millera41c8b12002-01-22 23:05:08 +1100764 - OpenBSD CVS Sync
765 - djm@cvs.openbsd.org 2001/12/21 08:52:22
766 [ssh-keygen.1 ssh-keygen.c]
767 Remove default (rsa1) key type; ok markus@
Damien Millerf451e222002-01-22 23:05:31 +1100768 - djm@cvs.openbsd.org 2001/12/21 08:53:45
769 [readpass.c]
770 Avoid interruptable passphrase read; ok markus@
Damien Miller6e1057c2002-01-22 23:05:59 +1100771 - djm@cvs.openbsd.org 2001/12/21 10:06:43
772 [ssh-add.1 ssh-add.c]
773 Try all standard key files (id_rsa, id_dsa, identity) when invoked with
774 no arguments; ok markus@
Damien Miller7c318092002-01-22 23:06:22 +1100775 - markus@cvs.openbsd.org 2001/12/21 12:17:33
776 [serverloop.c]
777 remove ifdef for USE_PIPES since fdin != fdout; ok djm@
Damien Millera055c252002-01-22 23:07:01 +1100778 - deraadt@cvs.openbsd.org 2001/12/24 07:29:43
779 [ssh-add.c]
780 try all listed keys.. how did this get broken?
Damien Miller503761a2002-01-22 23:07:21 +1100781 - markus@cvs.openbsd.org 2001/12/25 18:49:56
782 [key.c]
783 be more careful on allocation
Damien Milleraef7a092002-01-22 23:07:52 +1100784 - markus@cvs.openbsd.org 2001/12/25 18:53:00
785 [auth1.c]
786 be more carefull on allocation
Damien Miller154dda72002-01-22 23:08:16 +1100787 - markus@cvs.openbsd.org 2001/12/27 18:10:29
788 [ssh-keygen.c]
789 -t is only needed for key generation (unbreaks -i, -e, etc).
Damien Millerda755162002-01-22 23:09:22 +1100790 - markus@cvs.openbsd.org 2001/12/27 18:22:16
791 [auth1.c authfile.c auth-rsa.c dh.c kexdh.c kexgex.c key.c rsa.c]
792 [scard.c ssh-agent.c sshconnect1.c sshd.c ssh-dss.c]
793 call fatal() for openssl allocation failures
Damien Miller7d1ded42002-01-22 23:09:41 +1100794 - stevesk@cvs.openbsd.org 2001/12/27 18:22:53
795 [sshd.8]
796 clarify -p; ok markus@
Damien Miller040b64f2002-01-22 23:10:04 +1100797 - markus@cvs.openbsd.org 2001/12/27 18:26:13
798 [authfile.c]
799 missing include
Damien Miller9ef95dd2002-01-22 23:10:33 +1100800 - markus@cvs.openbsd.org 2001/12/27 19:37:23
801 [dh.c kexdh.c kexgex.c]
802 always use BN_clear_free instead of BN_free
Damien Millerd221ca62002-01-22 23:11:00 +1100803 - markus@cvs.openbsd.org 2001/12/27 19:54:53
804 [auth1.c auth.h auth-rh-rsa.c]
805 auth_rhosts_rsa now accept generic keys.
Damien Miller66823cd2002-01-22 23:11:38 +1100806 - markus@cvs.openbsd.org 2001/12/27 20:39:58
807 [auth1.c auth-rsa.c channels.c clientloop.c packet.c packet.h]
808 [serverloop.c session.c ssh.c sshconnect1.c sshd.c ttymodes.c]
809 get rid of packet_integrity_check, use packet_done() instead.
Damien Miller29f75f52002-01-22 23:14:10 +1100810 - markus@cvs.openbsd.org 2001/12/28 12:14:27
Damien Millerd432ccf2002-01-22 23:14:44 +1100811 [auth1.c auth2.c auth2-chall.c auth-rsa.c channels.c clientloop.c]
812 [kex.c kexdh.c kexgex.c packet.c packet.h serverloop.c session.c]
813 [ssh.c sshconnect1.c sshconnect2.c sshd.c]
Damien Miller29f75f52002-01-22 23:14:10 +1100814 s/packet_done/packet_check_eom/ (end-of-message); ok djm@
Damien Millerd432ccf2002-01-22 23:14:44 +1100815 - markus@cvs.openbsd.org 2001/12/28 13:57:33
816 [auth1.c kexdh.c kexgex.c packet.c packet.h sshconnect1.c sshd.c]
817 packet_get_bignum* no longer returns a size
Damien Miller76e1e362002-01-22 23:15:57 +1100818 - markus@cvs.openbsd.org 2001/12/28 14:13:13
819 [bufaux.c bufaux.h packet.c]
820 buffer_get_bignum: int -> void
Damien Millerdff50992002-01-22 23:16:32 +1100821 - markus@cvs.openbsd.org 2001/12/28 14:50:54
822 [auth1.c auth-rsa.c channels.c dispatch.c kex.c kexdh.c kexgex.c]
823 [packet.c packet.h serverloop.c session.c ssh.c sshconnect1.c]
824 [sshconnect2.c sshd.c]
825 packet_read* no longer return the packet length, since it's not used.
Damien Miller630d6f42002-01-22 23:17:30 +1100826 - markus@cvs.openbsd.org 2001/12/28 15:06:00
827 [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
828 [dispatch.h kex.c kex.h serverloop.c ssh.c sshconnect2.c]
829 remove plen from the dispatch fn. it's no longer used.
Damien Millerdc9e0672002-01-22 23:17:51 +1100830 - stevesk@cvs.openbsd.org 2001/12/28 22:37:48
831 [ssh.1 sshd.8]
832 document LogLevel DEBUG[123]; ok markus@
Damien Miller708d21c2002-01-22 23:18:15 +1100833 - stevesk@cvs.openbsd.org 2001/12/29 21:56:01
834 [authfile.c channels.c compress.c packet.c sftp-server.c]
835 [ssh-agent.c ssh-keygen.c]
836 remove unneeded casts and some char->u_char cleanup; ok markus@
Damien Miller56ccf412002-01-22 23:18:32 +1100837 - stevesk@cvs.openbsd.org 2002/01/03 04:11:08
838 [ssh_config]
839 grammar in comment
Damien Millerf51b0e12002-01-22 23:18:49 +1100840 - stevesk@cvs.openbsd.org 2002/01/04 17:59:17
841 [readconf.c servconf.c]
842 remove #ifdef _PATH_XAUTH/#endif; ok markus@
Damien Miller7fc23732002-01-22 23:19:11 +1100843 - stevesk@cvs.openbsd.org 2002/01/04 18:14:16
844 [servconf.c sshd.8]
845 protocol 2 HostKey code default is now /etc/ssh_host_rsa_key and
846 /etc/ssh_host_dsa_key like we have in sshd_config. ok markus@
Damien Millera90fc082002-01-22 23:19:38 +1100847 - markus@cvs.openbsd.org 2002/01/05 10:43:40
848 [channels.c]
849 fix hanging x11 channels for rejected cookies (e.g.
850 XAUTHORITY=/dev/null xbiff) bug #36, based on patch from
851 djast@cs.toronto.edu
Damien Miller70972eb2002-01-22 23:19:55 +1100852 - stevesk@cvs.openbsd.org 2002/01/05 21:51:56
853 [ssh.1 sshd.8]
854 some missing and misplaced periods
Damien Millera1db12b2002-01-22 23:20:15 +1100855 - markus@cvs.openbsd.org 2002/01/09 13:49:27
856 [ssh-keygen.c]
857 append \n only for public keys
Damien Millerde6987c2002-01-22 23:20:40 +1100858 - markus@cvs.openbsd.org 2002/01/09 17:16:00
859 [channels.c]
860 merge channel_pre_open_15/channel_pre_open_20; ok provos@
Damien Miller76765c02002-01-22 23:21:15 +1100861 - markus@cvs.openbsd.org 2002/01/09 17:26:35
862 [channels.c nchan.c]
863 replace buffer_consume(b, buffer_len(b)) with buffer_clear(b);
864 ok provos@
Damien Miller056cf732002-01-22 23:21:39 +1100865 - markus@cvs.openbsd.org 2002/01/10 11:13:29
866 [serverloop.c]
867 skip client_alive_check until there are channels; ok beck@
Damien Millerc3fa4072002-01-22 23:21:58 +1100868 - markus@cvs.openbsd.org 2002/01/10 11:24:04
869 [clientloop.c]
870 handle SSH2_MSG_GLOBAL_REQUEST (just reply with failure); ok djm@
Damien Miller4ce25952002-01-22 23:22:20 +1100871 - markus@cvs.openbsd.org 2002/01/10 12:38:26
872 [nchan.c]
873 remove dead code (skip drain)
Damien Miller66ac6a42002-01-22 23:22:44 +1100874 - markus@cvs.openbsd.org 2002/01/10 12:47:59
875 [nchan.c]
876 more unused code (with channels.c:1.156)
Damien Miller659811f2002-01-22 23:23:11 +1100877 - markus@cvs.openbsd.org 2002/01/11 10:31:05
878 [packet.c]
879 handle received SSH2_MSG_UNIMPLEMENTED messages; ok djm@
Damien Miller84b8ab32002-01-22 23:23:41 +1100880 - markus@cvs.openbsd.org 2002/01/11 13:36:43
881 [ssh2.h]
882 add defines for msg type ranges
Damien Miller7d053392002-01-22 23:24:13 +1100883 - markus@cvs.openbsd.org 2002/01/11 13:39:36
884 [auth2.c dispatch.c dispatch.h kex.c]
885 a single dispatch_protocol_error() that sends a message of
886 type 'UNIMPLEMENTED'
887 dispatch_range(): set handler for a ranges message types
888 use dispatch_protocol_ignore() for authentication requests after
889 successful authentication (the drafts requirement).
890 serverloop/clientloop now send a 'UNIMPLEMENTED' message instead
891 of exiting.
Damien Millera5ebe0c2002-01-22 23:24:33 +1100892 - markus@cvs.openbsd.org 2002/01/11 20:14:11
893 [auth2-chall.c auth-skey.c]
894 use strlcpy not strlcat; mouring@
Damien Miller85830d12002-01-22 23:24:51 +1100895 - markus@cvs.openbsd.org 2002/01/11 23:02:18
896 [readpass.c]
897 use _PATH_TTY
Damien Miller209ee4e2002-01-22 23:25:08 +1100898 - markus@cvs.openbsd.org 2002/01/11 23:02:51
899 [auth2-chall.c]
900 use snprintf; mouring@
Damien Miller73f18342002-01-22 23:25:30 +1100901 - markus@cvs.openbsd.org 2002/01/11 23:26:30
902 [auth-skey.c]
903 use snprintf; mouring@
Damien Millerdf224032002-01-22 23:25:46 +1100904 - markus@cvs.openbsd.org 2002/01/12 13:10:29
905 [auth-skey.c]
906 undo local change
Damien Miller1a534ae2002-01-22 23:26:13 +1100907 - provos@cvs.openbsd.org 2002/01/13 17:27:07
908 [ssh-agent.c]
909 change to use queue.h macros; okay markus@
Damien Miller0e3b8722002-01-22 23:26:38 +1100910 - markus@cvs.openbsd.org 2002/01/13 17:57:37
911 [auth2.c auth2-chall.c compat.c sshconnect2.c sshd.c]
912 use buffer API and avoid static strings of fixed size;
913 ok provos@/mouring@
Damien Millerabea8ee2002-01-22 23:27:11 +1100914 - markus@cvs.openbsd.org 2002/01/13 21:31:20
915 [channels.h nchan.c]
916 add chan_set_[io]state(), order states, state is now an u_int,
917 simplifies debugging messages; ok provos@
Damien Millerfcfc43b2002-01-22 23:27:45 +1100918 - markus@cvs.openbsd.org 2002/01/14 13:22:35
919 [nchan.c]
920 chan_send_oclose1() no longer calls chan_shutdown_write(); ok provos@
921 - markus@cvs.openbsd.org 2002/01/14 13:34:07
922 [nchan.c]
923 merge chan_[io]buf_empty[12]; ok provos@
Damien Millerebc11d32002-01-22 23:28:13 +1100924 - markus@cvs.openbsd.org 2002/01/14 13:40:10
925 [nchan.c]
926 correct fn names for ssh2, do not switch from closed to closed;
927 ok provos@
Damien Miller472d0572002-01-22 23:28:28 +1100928 - markus@cvs.openbsd.org 2002/01/14 13:41:13
929 [nchan.c]
930 remove duplicated code; ok provos@
Damien Miller5144df92002-01-22 23:28:45 +1100931 - markus@cvs.openbsd.org 2002/01/14 13:55:55
932 [channels.c channels.h nchan.c]
933 remove function pointers for events, remove chan_init*; ok provos@
Damien Millerb51ed392002-01-22 23:29:03 +1100934 - markus@cvs.openbsd.org 2002/01/14 13:57:03
935 [channels.h nchan.c]
936 (c) 2002
Damien Millerb16461c2002-01-22 23:29:22 +1100937 - markus@cvs.openbsd.org 2002/01/16 13:17:51
938 [channels.c channels.h serverloop.c ssh.c]
939 wrapper for channel_setup_fwd_listener
Damien Miller2bec5c12002-01-22 23:32:07 +1100940 - stevesk@cvs.openbsd.org 2002/01/16 17:40:23
941 [sshd_config]
942 The stategy now used for options in the default sshd_config shipped
943 with OpenSSH is to specify options with their default value where
944 possible, but leave them commented. Uncommented options change a
945 default value. Subsystem is currently the only default option
946 changed. ok markus@
Damien Millerfae23862002-01-22 23:32:26 +1100947 - stevesk@cvs.openbsd.org 2002/01/16 17:42:33
948 [ssh.1]
949 correct defaults for -i/IdentityFile; ok markus@
Damien Millerc497e382002-01-22 23:32:39 +1100950 - stevesk@cvs.openbsd.org 2002/01/16 17:55:33
951 [ssh_config]
952 correct some commented defaults. add Ciphers default. ok markus@
Damien Miller5488b7e2002-01-22 23:32:57 +1100953 - stevesk@cvs.openbsd.org 2002/01/17 04:27:37
954 [log.c]
955 casts to silence enum type warnings for bugzilla bug 37; ok markus@
Damien Miller9c3f9502002-01-22 23:33:15 +1100956 - stevesk@cvs.openbsd.org 2002/01/18 17:14:16
957 [sshd.8]
958 correct Ciphers default; paola.mannaro@ubs.com
Damien Miller4a8ed542002-01-22 23:33:31 +1100959 - stevesk@cvs.openbsd.org 2002/01/18 18:14:17
960 [authfd.c bufaux.c buffer.c cipher.c packet.c ssh-agent.c ssh-keygen.c]
961 unneeded cast cleanup; ok markus@
Damien Millerdf64a682002-01-22 23:33:45 +1100962 - stevesk@cvs.openbsd.org 2002/01/18 20:46:34
963 [sshd.8]
964 clarify Allow(Groups|Users) and Deny(Groups|Users); suggestion from
965 allard@oceanpark.com; ok markus@
Damien Miller49d795c2002-01-22 23:34:12 +1100966 - markus@cvs.openbsd.org 2002/01/21 15:13:51
967 [sshconnect.c]
968 use read_passphrase+ECHO in confirm(), allows use of ssh-askpass
969 for hostkey confirm.
Damien Miller914bef42002-01-22 23:34:35 +1100970 - markus@cvs.openbsd.org 2002/01/21 22:30:12
971 [cipher.c compat.c myproposal.h]
972 remove "rijndael-*", just use "aes-" since this how rijndael is called
973 in the drafts; ok stevesk@
Damien Miller73f10742002-01-22 23:34:52 +1100974 - markus@cvs.openbsd.org 2002/01/21 23:27:10
975 [channels.c nchan.c]
976 cleanup channels faster if the are empty and we are in drain-state;
977 ok deraadt@
Damien Miller4fbf08a2002-01-22 23:35:09 +1100978 - stevesk@cvs.openbsd.org 2002/01/22 02:52:41
979 [servconf.c]
980 typo in error message; from djast@cs.toronto.edu
Damien Miller1fc23432002-01-22 23:43:12 +1100981 - (djm) Make auth2-pam.c compile again after dispatch.h and packet.h
982 changes
Damien Miller28e4d8f2002-01-22 23:51:42 +1100983 - (djm) Recent Glibc includes an incompatible sys/queue.h. Treat it as
984 bogus in configure
Damien Millerec52d7c2002-01-22 23:52:17 +1100985 - (djm) Use local sys/queue.h if necessary in ssh-agent.c
Damien Miller6c21c512002-01-22 21:57:53 +1100986
Damien Miller7b10ef42002-01-21 23:44:12 +110098720020121
988 - (djm) Rework ssh-rand-helper:
989 - Reduce quantity of ifdef code, in preparation for ssh_rand_conf
990 - Always seed from system calls, even when doing PRNGd seeding
991 - Tidy and comment #define knobs
992 - Remove unused facility for multiple runs through command list
993 - KNF, cleanup, update copyright
994
Damien Millera2344512002-01-14 19:01:03 +110099520020114
996 - (djm) Bug #50 - make autoconf entropy path checks more robust
997
Damien Millerbb9ffc12002-01-08 10:59:32 +110099820020108
999 - (djm) Merge Cygwin copy_environment with do_pam_environment, removing
1000 fixed env var size limit in the process. Report from Corinna Vinschen
1001 <vinschen@redhat.com>
Kevin Steves2f8f6e32002-01-08 21:59:06 +00001002 - (stevesk) defines.h: use "/var/spool/sockets/X11/%u" for HP-UX. does
1003 not depend on transition links. from Lutz Jaenicke.
Damien Millerbb9ffc12002-01-08 10:59:32 +11001004
Kevin Stevesf49a1192002-01-06 02:32:57 +0000100520020106
1006 - (stevesk) defines.h: determine _PATH_UNIX_X; currently "/tmp/.X11-unix/X%u"
1007 for all platforms except HP-UX, which is "/usr/spool/sockets/X11/%u".
1008
Ben Lindstrom381d8d92002-01-05 17:15:30 +0000100920020105
1010 - (bal) NCR requies use_pipes to operate correctly.
Kevin Steves0bd4b342002-01-05 23:24:27 +00001011 - (stevesk) fix spurious ; from NCR change.
Ben Lindstrom381d8d92002-01-05 17:15:30 +00001012
Damien Millerf9661092002-01-03 10:30:56 +1100101320020103
1014 - (djm) Use bigcrypt() on systems with SCO_PROTECTED_PW. Patch from
1015 Roger Cornelius <rac@tenzing.org>
1016
Damien Miller0dea79d2001-12-29 14:08:28 +1100101720011229
1018 - (djm) Apply Cygwin pointer deref fix from Corinna Vinschen
1019 <vinschen@redhat.com> Could be abused to guess valid usernames
Damien Miller6a568f32001-12-29 14:10:09 +11001020 - (djm) Typo in contrib/cygwin/README Fix from Corinna Vinschen
1021 <vinschen@redhat.com>
Damien Miller0dea79d2001-12-29 14:08:28 +11001022
Damien Miller6cb127f2001-12-28 09:57:33 +1100102320011228
1024 - (djm) Remove recommendation to use GNU make, we should support most
1025 make programs.
1026
Kevin Steves94435082001-12-25 04:32:58 +0000102720011225
1028 - (stevesk) [Makefile.in ssh-rand-helper.c]
1029 portable lib and __progname support for ssh-rand-helper; ok djm@
1030
Ben Lindstrom2ad31ee2001-12-24 02:59:19 +0000103120011223
1032 - (bal) Removed contrib/chroot.diff and noted in contrib/README that it
1033 was not being maintained.
1034
Damien Miller62116dc2001-12-24 01:41:47 +1100103520011222
1036 - (djm) Ignore fix & patchlevel in OpenSSL version check. Patch from
1037 solar@openwall.com
1038 - (djm) Rework entropy code. If the OpenSSL PRNG is has not been
1039 internally seeded, execute a subprogram "ssh-rand-helper" to obtain
1040 some entropy for us. Rewrite the old in-process entropy collecter as
1041 an example ssh-rand-helper.
1042 - (djm) Always perform ssh_prng_cmds path lookups in configure, even if
1043 we don't end up using ssh_prng_cmds (so we always get a valid file)
1044
Damien Millerfaf2f642001-12-21 10:28:07 +1100104520011221
1046 - (djm) Add option to gnome-ssh-askpass to stop it from grabbing the X
1047 server. I have found this necessary to avoid server hangs with X input
1048 extensions (e.g. kinput2). Enable by setting the environment variable
1049 "GNOME_SSH_ASKPASS_NOGRAB"
Damien Miller3afe3752001-12-21 12:39:51 +11001050 - OpenBSD CVS Sync
1051 - stevesk@cvs.openbsd.org 2001/12/08 17:49:28
1052 [channels.c pathnames.h]
1053 use only one path to X11 UNIX domain socket vs. an array of paths
1054 to try. report from djast@cs.toronto.edu. ok markus@
Damien Milleree116252001-12-21 12:42:34 +11001055 - markus@cvs.openbsd.org 2001/12/09 18:45:56
1056 [auth2.c auth2-chall.c auth.h]
1057 add auth2_challenge_stop(), simplifies cleanup of kbd-int sessions,
1058 fixes memleak.
Damien Miller72c336d2001-12-21 12:44:28 +11001059 - stevesk@cvs.openbsd.org 2001/12/10 16:45:04
1060 [sshd.c]
1061 possible fd leak on error; ok markus@
Damien Miller83c02ef2001-12-21 12:45:43 +11001062 - markus@cvs.openbsd.org 2001/12/10 20:34:31
1063 [ssh-keyscan.c]
1064 check that server supports v1 for -t rsa1, report from wirth@dfki.de
Damien Miller5b2aea92001-12-21 12:47:09 +11001065 - jakob@cvs.openbsd.org 2001/12/18 10:04:21
1066 [auth.h hostfile.c hostfile.h]
1067 remove auth_rsa_read_key, make hostfile_ready_key non static; ok markus@
Damien Millerda9edca2001-12-21 12:48:54 +11001068 - jakob@cvs.openbsd.org 2001/12/18 10:05:15
1069 [auth2.c]
1070 log fingerprint on successful public key authentication; ok markus@
Damien Miller89681212001-12-21 12:52:39 +11001071 - jakob@cvs.openbsd.org 2001/12/18 10:06:24
1072 [auth-rsa.c]
1073 log fingerprint on successful public key authentication, simplify
1074 usage of key structs; ok markus@
Damien Miller9f0f5c62001-12-21 14:45:46 +11001075 - deraadt@cvs.openbsd.org 2001/12/19 07:18:56
1076 [auth1.c auth2.c auth2-chall.c auth-bsdauth.c auth.c authfile.c auth.h]
1077 [auth-krb4.c auth-rhosts.c auth-skey.c bufaux.c canohost.c channels.c]
1078 [cipher.c clientloop.c compat.c compress.c deattack.c key.c log.c mac.c]
1079 [match.c misc.c nchan.c packet.c readconf.c rijndael.c rijndael.h scard.c]
1080 [servconf.c servconf.h serverloop.c session.c sftp.c sftp-client.c]
1081 [sftp-glob.c sftp-int.c sftp-server.c ssh-add.c ssh-agent.c ssh.c]
1082 [sshconnect1.c sshconnect2.c sshconnect.c sshd.8 sshd.c sshd_config]
1083 [ssh-keygen.c sshlogin.c sshpty.c sshtty.c ttymodes.c uidswap.c]
1084 basic KNF done while i was looking for something else
Damien Millerf6681a32001-12-21 14:53:11 +11001085 - markus@cvs.openbsd.org 2001/12/19 16:09:39
1086 [serverloop.c]
1087 fix race between SIGCHLD and select with an additional pipe. writing
1088 to the pipe on SIGCHLD wakes up select(). using pselect() is not
1089 portable and siglongjmp() ugly. W. R. Stevens suggests similar solution.
1090 initial idea by pmenage@ensim.com; ok deraadt@, djm@
Damien Miller5a6b4fe2001-12-21 14:56:54 +11001091 - stevesk@cvs.openbsd.org 2001/12/19 17:16:13
1092 [authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
1093 change the buffer/packet interface to use void* vs. char*; ok markus@
Damien Millere7378562001-12-21 14:58:35 +11001094 - markus@cvs.openbsd.org 2001/12/20 16:37:29
1095 [channels.c channels.h session.c]
1096 setup x11 listen socket for just one connect if the client requests so.
1097 (v2 only, but the openssh client does not support this feature).
Damien Miller278f9072001-12-21 15:00:19 +11001098 - djm@cvs.openbsd.org 2001/12/20 22:50:24
1099 [auth2.c auth2-chall.c channels.c channels.h clientloop.c dispatch.c]
1100 [dispatch.h kex.c kex.h packet.c packet.h serverloop.c ssh.c]
1101 [sshconnect2.c]
1102 Conformance fix: we should send failing packet sequence number when
1103 responding with a SSH_MSG_UNIMPLEMENTED message. Spotted by
1104 yakk@yakk.dot.net; ok markus@
Damien Millerfaf2f642001-12-21 10:28:07 +11001105
Kevin Steves366298c2001-12-19 17:58:01 +0000110620011219
1107 - (stevesk) OpenBSD CVS sync X11 localhost display
1108 - stevesk@cvs.openbsd.org 2001/11/29 14:10:51
1109 [channels.h channels.c session.c]
1110 sshd X11 fake server will now listen on localhost by default:
1111 $ echo $DISPLAY
1112 localhost:12.0
1113 $ netstat -an|grep 6012
1114 tcp 0 0 127.0.0.1.6012 *.* LISTEN
1115 tcp6 0 0 ::1.6012 *.* LISTEN
1116 sshd_config gatewayports=yes can be used to revert back to the old
1117 behavior. will control this with another option later. ok markus@
1118 - stevesk@cvs.openbsd.org 2001/12/19 08:43:11
1119 [includes.h session.c]
1120 handle utsname.nodename case for FamilyLocal X authorization; ok markus@
1121
Ben Lindstromc97b1af2001-12-07 17:20:47 +0000112220011207
1123 - (bal) PCRE no longer required. Banished from the source along with
1124 fake-regex.h
Ben Lindstrome181a4d2001-12-07 17:24:49 +00001125 - (bal) OpenBSD CVS Sync
1126 - stevesk@cvs.openbsd.org 2001/12/06 18:02:32
1127 [channels.c sshconnect.c]
1128 shutdown(sock, SHUT_RDWR) not needed here; ok markus@
Ben Lindstromccd8d072001-12-07 17:26:48 +00001129 - stevesk@cvs.openbsd.org 2001/12/06 18:09:23
1130 [channels.c session.c]
1131 strncpy->strlcpy. remaining strncpy's are necessary. ok markus@
Ben Lindstrom73f57be2001-12-07 17:28:34 +00001132 - stevesk@cvs.openbsd.org 2001/12/06 18:20:32
1133 [channels.c]
1134 disable nagle for X11 fake server and client TCPs. from netbsd.
1135 ok markus@
Ben Lindstromc97b1af2001-12-07 17:20:47 +00001136
113720011206
Ben Lindstrom07958482001-12-06 16:19:01 +00001138 - (bal) OpenBSD CVS Sync
1139 - deraadt@cvs.openbsd.org 2001/11/14 20:45:08
1140 [sshd.c]
1141 errno saving wrapping in a signal handler
Ben Lindstromeaffb9d2001-12-06 16:28:19 +00001142 - markus@cvs.openbsd.org 2001/11/16 12:46:13
1143 [ssh-keyscan.c]
1144 handle empty lines instead of dumping core; report from sha@sha-1.net
Ben Lindstrom65366a82001-12-06 16:32:47 +00001145 - stevesk@cvs.openbsd.org 2001/11/17 19:14:34
1146 [auth2.c auth.c readconf.c servconf.c ssh-agent.c ssh-keygen.c]
1147 enum/int type cleanup where it made sense to do so; ok markus@
Ben Lindstromd84df982001-12-06 16:35:40 +00001148 - markus@cvs.openbsd.org 2001/11/19 11:20:21
1149 [sshd.c]
1150 fd leak on HUP; ok stevesk@
Ben Lindstrom11f790b2001-12-06 16:37:51 +00001151 - stevesk@cvs.openbsd.org 2001/11/19 18:40:46
1152 [ssh-agent.1]
1153 clarify/state that private keys are not exposed to clients using the
1154 agent; ok markus@
Ben Lindstrom70a290c2001-12-06 16:39:56 +00001155 - mpech@cvs.openbsd.org 2001/11/19 19:02:16
1156 [deattack.c radix.c]
1157 kill more registers
1158 millert@ ok
Ben Lindstrom4cbc1812001-12-06 16:41:41 +00001159 - markus@cvs.openbsd.org 2001/11/21 15:51:24
1160 [key.c]
1161 mem leak
Ben Lindstrom4e366d52001-12-06 16:43:21 +00001162 - stevesk@cvs.openbsd.org 2001/11/21 18:49:14
1163 [ssh-keygen.1]
1164 more on passphrase construction; ok markus@
Ben Lindstrom28c603b2001-12-06 16:45:10 +00001165 - stevesk@cvs.openbsd.org 2001/11/22 05:27:29
1166 [ssh-keyscan.c]
1167 don't use "\n" in fatal()
Ben Lindstrom5e71c542001-12-06 16:48:14 +00001168 - markus@cvs.openbsd.org 2001/11/22 12:34:22
1169 [clientloop.c serverloop.c sshd.c]
1170 volatile sig_atomic_t
Ben Lindstrom623e4a02001-12-06 16:49:57 +00001171 - stevesk@cvs.openbsd.org 2001/11/29 19:06:39
1172 [channels.h]
1173 remove dead function prototype; ok markus@
Ben Lindstrom57fe5b52001-12-06 17:41:25 +00001174 - markus@cvs.openbsd.org 2001/11/29 22:08:48
1175 [auth-rsa.c]
1176 fix protocol error: send 'failed' message instead of a 2nd challenge
1177 (happens if the same key is in authorized_keys twice).
1178 reported Ralf_Meister@genua.de; ok djm@
Ben Lindstrom4a4bd712001-12-06 17:45:19 +00001179 - stevesk@cvs.openbsd.org 2001/11/30 20:39:28
1180 [ssh.c]
1181 sscanf() length dependencies are clearer now; can also shrink proto
1182 and data if desired, but i have not done that. ok markus@
Ben Lindstrom38b951c2001-12-06 17:47:47 +00001183 - markus@cvs.openbsd.org 2001/12/01 21:41:48
1184 [session.c sshd.8]
1185 don't pass user defined variables to /usr/bin/login
Ben Lindstromd05487d2001-12-06 17:50:03 +00001186 - deraadt@cvs.openbsd.org 2001/12/02 02:08:32
1187 [sftp-common.c]
1188 zap };
Ben Lindstromf8f065b2001-12-06 17:52:16 +00001189 - itojun@cvs.openbsd.org 2001/12/05 03:50:01
1190 [clientloop.c serverloop.c sshd.c]
1191 deal with LP64 printf issue with sig_atomic_t. from thorpej
Ben Lindstrom3c36bb22001-12-06 17:55:26 +00001192 - itojun@cvs.openbsd.org 2001/12/05 03:56:39
1193 [auth1.c auth2.c canohost.c channels.c deattack.c packet.c scp.c
1194 sshconnect2.c]
1195 make it compile with more strict prototype checking
Ben Lindstrom1c37c6a2001-12-06 18:00:18 +00001196 - deraadt@cvs.openbsd.org 2001/12/05 10:06:12
1197 [authfd.c authfile.c bufaux.c channels.c compat.c kex.c kexgex.c
1198 key.c misc.c packet.c servconf.c ssh-agent.c sshconnect2.c
1199 sshconnect.c sshd.c ssh-dss.c ssh-keygen.c ssh-rsa.c]
1200 minor KNF
Ben Lindstromff4a14f2001-12-06 18:02:59 +00001201 - markus@cvs.openbsd.org 2001/12/05 15:04:48
1202 [version.h]
1203 post 3.0.2
Ben Lindstrom9eab2622001-12-06 18:06:05 +00001204 - markus@cvs.openbsd.org 2001/12/05 16:54:51
1205 [compat.c match.c match.h]
1206 make theo and djm happy: bye bye regexp
Ben Lindstromade03f62001-12-06 18:22:17 +00001207 - markus@cvs.openbsd.org 2001/12/06 13:30:06
1208 [servconf.c servconf.h sshd.8 sshd.c]
1209 add -o to sshd, too. ok deraadt@
1210 - (bal) Minor white space fix up in servconf.c
Ben Lindstrom07958482001-12-06 16:19:01 +00001211
Tim Ricefe1d1002001-11-26 17:19:43 -0800121220011126
1213 - (tim) [contrib/cygwin/README, openbsd-compat/bsd-cygwin_util.c,
1214 openbsd-compat/bsd-cygwin_util.h, openbsd-compat/daemon.c]
1215 Allow SSHD to install as service under WIndows 9x/Me
1216 [configure.ac] Fix to allow linking against PCRE on Cygwin
1217 Patches by Corinna Vinschen <vinschen@redhat.com>
1218
Damien Millerefdc1f12001-11-15 08:40:45 +1100121920011115
1220 - (djm) Fix IPv4 default in ssh-keyscan. Spotted by Dan Astoorian
1221 <djast@cs.toronto.edu> Fix from markus@
Damien Millerf7c6f952001-11-15 23:16:50 +11001222 - (djm) Release 3.0.1p1
Damien Millerefdc1f12001-11-15 08:40:45 +11001223
Damien Miller056ca1e2001-11-13 11:20:07 +1100122420011113
1225 - (djm) Fix early (and double) free of remote user when using Kerberos.
1226 Patch from Simon Wilkinson <simon@sxw.org.uk>
Damien Millere49d0962001-11-13 23:46:18 +11001227 - (djm) AIX login{success,failed} changes. Move loginsuccess call to
1228 do_authenticated. Call loginfailed for protocol 2 failures > MAX like
1229 we do for protocol 1. Reports from Ralf Wenk <wera0003@fh-karlsruhe.de>,
1230 K.Wolkersdorfer@fz-juelich.de and others
Damien Miller61b05cf2001-11-14 00:02:10 +11001231 - (djm) OpenBSD CVS Sync
1232 - dugsong@cvs.openbsd.org 2001/11/11 18:47:10
1233 [auth-krb5.c]
1234 fix krb5 authorization check. found by <jhawk@MIT.EDU>. from
1235 art@, deraadt@ ok
Damien Miller527366c2001-11-14 00:03:14 +11001236 - markus@cvs.openbsd.org 2001/11/12 11:17:07
1237 [servconf.c]
1238 enable authorized_keys2 again. tested by fries@
Damien Millerc3070c82001-11-14 00:05:29 +11001239 - markus@cvs.openbsd.org 2001/11/13 02:03:57
1240 [version.h]
1241 enter 3.0.1
Damien Miller353f6082001-11-14 00:05:57 +11001242 - (djm) Bump RPM package versions
Damien Miller056ca1e2001-11-13 11:20:07 +11001243
Damien Millerf41d6182001-11-12 10:34:22 +1100124420011112
1245 - (djm) Makefile correctness fix from Mark D. Baushke <mdb@juniper.net>
Damien Milleraba690c2001-11-12 10:36:21 +11001246 - (djm) Cygwin config patch from Corinna Vinschen <vinschen@redhat.com>
Damien Miller00b61642001-11-12 10:51:23 +11001247 - OpenBSD CVS Sync
1248 - markus@cvs.openbsd.org 2001/10/24 08:41:41
1249 [sshd.c]
1250 mention remote port in debug message
Damien Miller595bb4f2001-11-12 10:51:40 +11001251 - markus@cvs.openbsd.org 2001/10/24 08:41:20
1252 [ssh.c]
1253 remove unused
Damien Miller07cd5892001-11-12 10:52:03 +11001254 - markus@cvs.openbsd.org 2001/10/24 08:51:35
1255 [clientloop.c ssh.c]
1256 ignore SIGPIPE early, makes ssh work if agent dies, netbsd-pr via itojun@
Damien Miller96507ef2001-11-12 10:52:25 +11001257 - markus@cvs.openbsd.org 2001/10/24 19:57:40
1258 [clientloop.c]
1259 make ~& (backgrounding) work again for proto v1; add support ~& for v2, too
Damien Millereb5fec62001-11-12 10:52:44 +11001260 - markus@cvs.openbsd.org 2001/10/25 21:14:32
1261 [ssh-keygen.1 ssh-keygen.c]
1262 better docu for fingerprinting, ok deraadt@
Damien Miller91c18472001-11-12 11:02:03 +11001263 - markus@cvs.openbsd.org 2001/10/29 19:27:15
1264 [sshconnect2.c]
1265 hostbased: check for client hostkey before building chost
Damien Miller1f8dddc2001-11-12 11:02:25 +11001266 - markus@cvs.openbsd.org 2001/10/30 20:29:09
1267 [ssh.1]
1268 ssh.1
Damien Miller9f643902001-11-12 11:02:52 +11001269 - markus@cvs.openbsd.org 2001/11/07 16:03:17
1270 [packet.c packet.h sshconnect2.c]
1271 pad using the padding field from the ssh2 packet instead of sending
1272 extra ignore messages. tested against several other ssh servers.
Damien Miller9af8c3c2001-11-12 11:03:16 +11001273 - markus@cvs.openbsd.org 2001/11/07 21:40:21
1274 [ssh-rsa.c]
1275 ssh_rsa_sign/verify: SSH_BUG_SIGBLOB not supported
Damien Miller36e603d2001-11-12 11:03:35 +11001276 - markus@cvs.openbsd.org 2001/11/07 22:10:28
1277 [ssh-dss.c ssh-rsa.c]
1278 missing free and sync dss/rsa code.
Damien Miller60d8aaf2001-11-12 11:04:05 +11001279 - markus@cvs.openbsd.org 2001/11/07 22:12:01
1280 [sshd.8]
1281 s/Keepalive/KeepAlive/; from openbsd@davidkrause.com
Damien Miller6fd5b392001-11-12 11:04:28 +11001282 - markus@cvs.openbsd.org 2001/11/07 22:41:51
1283 [auth2.c auth-rh-rsa.c]
1284 unused includes
Damien Miller36f8dd32001-11-12 11:04:54 +11001285 - markus@cvs.openbsd.org 2001/11/07 22:53:21
1286 [channels.h]
1287 crank c->path to 256 so they can hold a full hostname; dwd@bell-labs.com
Damien Miller637b8ae2001-11-12 11:05:20 +11001288 - markus@cvs.openbsd.org 2001/11/08 10:51:08
1289 [readpass.c]
1290 don't strdup too much data; from gotoh@taiyo.co.jp; ok millert.
Damien Miller705499b2001-11-12 11:05:38 +11001291 - markus@cvs.openbsd.org 2001/11/08 17:49:53
1292 [ssh.1]
1293 mention setuid root requirements; noted by cnorris@csc.UVic.ca; ok stevesk@
Damien Millerf6552072001-11-12 11:06:06 +11001294 - markus@cvs.openbsd.org 2001/11/08 20:02:24
1295 [auth.c]
1296 don't print ROOT in CAPS for the authentication messages, i.e.
1297 Accepted publickey for ROOT from 127.0.0.1 port 42734 ssh2
1298 becomes
1299 Accepted publickey for root from 127.0.0.1 port 42734 ssh2
Damien Miller79faeff2001-11-12 11:06:32 +11001300 - markus@cvs.openbsd.org 2001/11/09 18:59:23
1301 [clientloop.c serverloop.c]
1302 don't memset too much memory, ok millert@
1303 original patch from jlk@kamens.brookline.ma.us via nalin@redhat.com
Damien Miller6a4a4b92001-11-12 11:07:11 +11001304 - markus@cvs.openbsd.org 2001/11/10 13:19:45
1305 [sshd.c]
Damien Miller726273e2001-11-12 11:40:11 +11001306 cleanup libwrap support (remove bogus comment, bogus close(), add
1307 debug, etc).
Damien Millereacff852001-11-12 11:07:35 +11001308 - markus@cvs.openbsd.org 2001/11/10 13:22:42
1309 [ssh-rsa.c]
1310 KNF (unexpand)
Damien Miller084b8d42001-11-12 11:07:58 +11001311 - markus@cvs.openbsd.org 2001/11/10 13:37:20
1312 [packet.c]
1313 remove extra debug()
Damien Miller75413ac2001-11-12 11:14:35 +11001314 - markus@cvs.openbsd.org 2001/11/11 13:02:31
1315 [servconf.c]
Damien Miller726273e2001-11-12 11:40:11 +11001316 make AuthorizedKeysFile2 fallback to AuthorizedKeysFile if
1317 AuthorizedKeysFile is specified.
1318 - (djm) Reorder portable-specific server options so that they come first.
1319 This should help reduce diff collisions for new server options (as they
1320 will appear at the end)
Damien Millerf41d6182001-11-12 10:34:22 +11001321
Kevin Stevesde77b462001-11-09 20:22:16 +0000132220011109
1323 - (stevesk) auth-pam.c: use do_pam_authenticate(PAM_DISALLOW_NULL_AUTHTOK)
1324 if permit_empty_passwd == 0 so null password check cannot be bypassed.
1325 jayaraj@amritapuri.com OpenBSD bug 2168
Damien Millere4a0ff42001-11-12 11:06:54 +11001326 - markus@cvs.openbsd.org 2001/11/09 19:08:35
1327 [sshd.c]
1328 remove extra trailing dot from log message; pilot@naughty.monkey.org
1329
Tim Ricee589a292001-11-03 11:09:32 -0800133020011103
1331 - (tim) [ contrib/caldera/openssh.spec contrib/caldera/sshd.init] Updates
1332 from Raymund Will <ray@caldera.de>
1333 [acconfig.h configure.in] Clean up login checks.
1334 Problem reported by Jim Knoble <jmknoble@pobox.com>
1335
133620011101
Damien Miller14a5c992001-11-01 09:32:34 +11001337 - (djm) Compat define for OpenSSL < 0.9.6 (No OPENSSL_free)
1338
Damien Miller12eceb22001-10-31 10:31:13 +1100133920011031
1340 - (djm) Unsmoke drugs: config files should be noreplace.
1341
Damien Miller1c613242001-10-30 22:03:51 +1100134220011030
1343 - (djm) Redhat RPM spec: remove noreplace from config files, allow IPv6
1344 by default (can force IPv4 using --define "noipv6 1")
1345
Tim Riceb89e6942001-10-29 18:50:39 -0800134620011029
1347 - (tim) [TODO defines.h loginrec.c] Change the references to configure.in
1348 to configure.ac
1349
Damien Miller33cdd9e2001-10-28 22:33:48 +1100135020011028
1351 - (djm) Avoid bug in Solaris PAM libs
Damien Millerc3aa3dd2001-10-28 22:34:52 +11001352 - (djm) Disconnect if no tty and PAM reports password expired
Damien Miller09256482001-10-28 22:36:55 +11001353 - (djm) Fix for PAM password changes being echoed (from stevesk)
Kevin Stevesfe2f4a12001-10-28 17:32:38 +00001354 - (stevesk) Fix compile problem with PAM password change fix
Kevin Stevesc3ad02e2001-10-28 18:10:22 +00001355 - (stevesk) README: zlib location is http://www.gzip.org/zlib/
Damien Miller33cdd9e2001-10-28 22:33:48 +11001356
Tim Riceffdf4aa2001-10-27 10:45:36 -0700135720011027
1358 - (tim) [configure.ac] Fixes for ReliantUNIX (don't use libucb)
1359 Patch by Robert Dahlem <Robert.Dahlem@siemens.com>
1360
Ben Lindstrom9197c592001-10-26 15:56:55 +0000136120011026
1362 - (bal) Set the correct current time in login_utmp_only(). Patch by
1363 Wayne Davison <wayned@users.sourceforge.net>
Tim Riceafefd162001-10-26 17:33:18 -07001364 - (tim) [scard/Makefile.in] Fix install: when building outside of source
1365 tree and using --src=/full_path/to/openssh
1366 Patch by Mark D. Baushke <mdb@juniper.net>
Ben Lindstrom9197c592001-10-26 15:56:55 +00001367
Ben Lindstroma0bd44c2001-10-25 15:02:35 +0000136820011025
1369 - (bal) Use VDISABLE if _POSIX_VDISABLE is set in readpassphrase.c. Patch
1370 by todd@
Tim Rice02cebcd2001-10-25 10:01:30 -07001371 - (tim) [configure.ac] Give path given in --with-xxx= for pcre,zlib, and
1372 tcp-wrappers precedence over system libraries and includes.
1373 Report from Dave Dykstra <dwd@bell-labs.com>
Ben Lindstroma0bd44c2001-10-25 15:02:35 +00001374
Ben Lindstrom3a78c842001-10-24 21:06:07 +0000137520011024
1376 - (bal) Should be 3.0p1 not 3.0p2. Corrected version.h already.
Tim Rice8ad995f2001-10-24 21:15:26 -07001377 - (tim) configure.in -> configure.ac
Ben Lindstrom3a78c842001-10-24 21:06:07 +00001378
Ben Lindstromab73b9b2001-10-23 16:12:54 +0000137920011023
1380 - (bal) Updated version to 3.0p1 in preparing for release.
Ben Lindstrom95276712001-10-23 17:14:00 +00001381 - (bal) Added 'PAM_TTY_KLUDGE' to Solaris platform.
Tim Rice17b93e52001-10-23 22:36:54 -07001382 - (tim) [configure.in] Fix test for broken dirname. Based on patch from
1383 Dave Dykstra <dwd@bell-labs.com>. Remove un-needed test for zlib.h.
1384 [contrib/caldera/openssh.spec, contrib/redhat/openssh.spec,
1385 contrib/suse/openssh.spec] Update version to match version.h
Ben Lindstromab73b9b2001-10-23 16:12:54 +00001386
Damien Miller3a8a5cd2001-10-22 16:49:22 +1000138720011022
1388 - (djm) Fix fd leak in loginrec.c (ro fd to lastlog was left open).
1389 Report from Michal Zalewski <lcamtuf@coredump.cx>
1390
Tim Rice13aae5e2001-10-21 17:53:58 -0700139120011021
1392 - (tim) [configure.in] Clean up library testing. Add optional PATH to
1393 --with-pcre, --with-zlib, and --with-tcp-wrappers. Based on
1394 patch by albert chin (china@thewrittenword.com)
1395 Re-arange AC_CHECK_HEADERS and AC_CHECK_FUNCS for eaiser reading
1396 of patches to configure.in. Replace obsolete AC_STRUCT_ST_BLKSIZE
1397 with AC_CHECK_MEMBERS. Add test for broken dirname() on
1398 Solaris 2.5.1 by Dan Astoorian <djast@cs.toronto.edu>
1399 [acconfig.h aclocal.m4 defines.h configure.in] Better socklen_t test.
1400 patch by albert chin (china@thewrittenword.com)
1401 [scp.c] Replace obsolete HAVE_ST_BLKSIZE with
1402 HAVE_STRUCT_STAT_ST_BLKSIZE.
1403 [Makefile.in] When running make in top level, always do make
1404 in openbsd-compat. patch by Dave Dykstra <dwd@bell-labs.com>
1405
Ben Lindstromf2366b52001-10-19 20:36:23 +0000140620011019
1407 - (bal) Fixed up init.d symlink issue and piddir stuff. Patches by
1408 Zoran Milojevic <Zoran.Milojevic@SS8.com> and j.petersen@msh.de
1409
Damien Miller3ec27592001-10-12 11:35:04 +1000141020011012
1411 - (djm) OpenBSD CVS Sync
1412 - markus@cvs.openbsd.org 2001/10/10 22:18:47
1413 [channels.c channels.h clientloop.c nchan.c serverloop.c]
1414 [session.c session.h]
1415 try to keep channels open until an exit-status message is sent.
1416 don't kill the login shells if the shells stdin/out/err is closed.
1417 this should now work:
1418 ssh -2n localhost 'exec > /dev/null 2>&1; sleep 10; exit 5'; echo ?
Damien Miller0585d512001-10-12 11:35:50 +10001419 - markus@cvs.openbsd.org 2001/10/11 13:45:21
1420 [session.c]
1421 delay detach of session if a channel gets closed but the child is
1422 still alive. however, release pty, since the fd's to the child are
1423 already closed.
Damien Miller164a7f42001-10-12 11:36:09 +10001424 - markus@cvs.openbsd.org 2001/10/11 15:24:00
1425 [clientloop.c]
1426 clear select masks if we return before calling select().
Damien Miller5f012802001-10-12 12:04:04 +10001427 - (djm) "make veryclean" fix from Tom Holroyd <tomh@po.crl.go.jp>
Damien Miller7c734052001-10-12 19:15:27 +10001428 - (djm) Clean some autoconf-2.52 junk when doing "make distclean"
Damien Miller4a820ea2001-10-12 19:15:48 +10001429 - (djm) Cleanup sshpty.c a little
Ben Lindstrom8b5ba1c2001-10-12 20:30:52 +00001430 - (bal) First wave of contrib/solaris/ package upgrades. Still more
1431 work needs to be done, but it is a 190% better then the stuff we
1432 had before!
Ben Lindstrom7a973392001-10-12 21:52:39 +00001433 - (bal) Minor bug fix in contrib/solaris/opensshd.in .. $etcdir was not
1434 set right.
Damien Miller3ec27592001-10-12 11:35:04 +10001435
Damien Milleraf3030f2001-10-10 15:00:49 +1000143620011010
1437 - (djm) OpenBSD CVS Sync
1438 - markus@cvs.openbsd.org 2001/10/04 14:34:16
1439 [key.c]
1440 call OPENSSL_free() for memory allocated by openssl; from chombier@mac.com
Damien Milleraf5f2e62001-10-10 15:01:16 +10001441 - markus@cvs.openbsd.org 2001/10/04 15:05:40
1442 [channels.c serverloop.c]
1443 comment out bogus conditions for selecting on connection_in
Damien Miller8c3902a2001-10-10 15:01:40 +10001444 - markus@cvs.openbsd.org 2001/10/04 15:12:37
1445 [serverloop.c]
1446 client_alive_check cleanup
Damien Millere3980042001-10-10 15:02:03 +10001447 - markus@cvs.openbsd.org 2001/10/06 00:14:50
1448 [sshconnect.c]
1449 remove unused argument
Damien Miller9c751422001-10-10 15:02:46 +10001450 - markus@cvs.openbsd.org 2001/10/06 00:36:42
1451 [session.c]
1452 fix typo in error message, sync with do_exec_nopty
Damien Miller59d9fb92001-10-10 15:03:11 +10001453 - markus@cvs.openbsd.org 2001/10/06 11:18:19
1454 [sshconnect1.c sshconnect2.c sshconnect.c]
1455 unify hostkey check error messages, simplify prompt.
Damien Miller058655c2001-10-10 15:03:36 +10001456 - markus@cvs.openbsd.org 2001/10/07 10:29:52
1457 [authfile.c]
1458 grammer; Matthew_Clarke@mindlink.bc.ca
Damien Miller4623a752001-10-10 15:03:58 +10001459 - markus@cvs.openbsd.org 2001/10/07 17:49:40
1460 [channels.c channels.h]
1461 avoid possible FD_ISSET overflow for channels established
1462 during channnel_after_select() (used for dynamic channels).
Damien Millerd3c04b92001-10-10 15:04:20 +10001463 - markus@cvs.openbsd.org 2001/10/08 11:48:57
1464 [channels.c]
1465 better debug
Damien Miller7ea6f202001-10-10 15:04:41 +10001466 - markus@cvs.openbsd.org 2001/10/08 16:15:47
1467 [sshconnect.c]
1468 use correct family for -b option
Damien Miller139d4cd2001-10-10 15:07:44 +10001469 - markus@cvs.openbsd.org 2001/10/08 19:05:05
1470 [ssh.c sshconnect.c sshconnect.h ssh-keyscan.c]
1471 some more IPv4or6 cleanup
1472 - markus@cvs.openbsd.org 2001/10/09 10:12:08
1473 [session.c]
1474 chdir $HOME after krb_afslog(); from bbense@networking.stanford.edu
Damien Millerae452462001-10-10 15:08:06 +10001475 - markus@cvs.openbsd.org 2001/10/09 19:32:49
1476 [session.c]
1477 stat subsystem command before calling do_exec, and return error to client.
Damien Millerc71f4e42001-10-10 15:08:36 +10001478 - markus@cvs.openbsd.org 2001/10/09 19:51:18
1479 [serverloop.c]
1480 close all channels if the connection to the remote host has been closed,
1481 should fix sshd's hanging with WCHAN==wait
Damien Miller52b77be2001-10-10 15:14:37 +10001482 - markus@cvs.openbsd.org 2001/10/09 21:59:41
1483 [channels.c channels.h serverloop.c session.c session.h]
1484 simplify session close: no more delayed session_close, no more
1485 blocking wait() calls.
Ben Lindstrom926ce582001-10-10 20:38:55 +00001486 - (bal) removed two unsed headers in openbsd-compat/bsd-misc.c
Ben Lindstrom4e088e42001-10-10 20:45:43 +00001487 - (bal) seed_init() and seed_rng() required in ssh-keyscan.c
Damien Milleraf3030f2001-10-10 15:00:49 +10001488
Ben Lindstromf16c81f2001-10-08 01:54:24 +0000148920011007
1490 - (bal) ssh-copy-id corrected permissions for .ssh/ and authorized_keys.
1491 Prompted by Matthew Vernon <matthew@sel.cam.ac.uk>
1492
Ben Lindstrom4c901492001-10-06 00:08:09 +0000149320011005
1494 - (bal) AES works under Cray, no more hack.
1495
Ben Lindstrom8bceffb2001-10-04 21:16:57 +0000149620011004
1497 - (bal) nchan2.ms resync. BSD License applied.
1498
Ben Lindstrom9b023ed2001-10-03 17:03:54 +0000149920011003
1500 - (bal) CVS ID fix up in version.h
Ben Lindstromae3de4b2001-10-03 17:10:17 +00001501 - (bal) OpenBSD CVS Sync:
1502 - markus@cvs.openbsd.org 2001/09/27 11:58:16
1503 [compress.c]
1504 mem leak; chombier@mac.com
1505 - markus@cvs.openbsd.org 2001/09/27 11:59:37
1506 [packet.c]
1507 missing called=1; chombier@mac.com
Ben Lindstrombdfb4df2001-10-03 17:12:43 +00001508 - markus@cvs.openbsd.org 2001/09/27 15:31:17
1509 [auth2.c auth2-chall.c sshconnect1.c]
1510 typos; from solar
Ben Lindstrom6149a6c2001-10-03 17:15:32 +00001511 - camield@cvs.openbsd.org 2001/09/27 17:53:24
1512 [sshd.8]
1513 don't talk about compile-time options
1514 ok markus@
Ben Lindstrom1af4d3b2001-10-03 17:18:37 +00001515 - djm@cvs.openbsd.org 2001/09/28 12:07:09
1516 [ssh-keygen.c]
1517 bzero private key after loading to smartcard; ok markus@
Ben Lindstrom83f07d12001-10-03 17:22:29 +00001518 - markus@cvs.openbsd.org 2001/09/28 15:46:29
1519 [ssh.c]
1520 bug: read user config first; report kaukasoi@elektroni.ee.tut.fi
Ben Lindstrom3e45e4c2001-10-03 17:30:58 +00001521 - markus@cvs.openbsd.org 2001/10/01 08:06:28
1522 [scp.c]
1523 skip filenames containing \n; report jdamery@chiark.greenend.org.uk
1524 and matthew@debian.org
Ben Lindstrom908afed2001-10-03 17:34:59 +00001525 - markus@cvs.openbsd.org 2001/10/01 21:38:53
1526 [channels.c channels.h ssh.c sshd.c]
1527 remove ugliness; vp@drexel.edu via angelos
Ben Lindstrom3cecc9a2001-10-03 17:39:38 +00001528 - markus@cvs.openbsd.org 2001/10/01 21:51:16
1529 [readconf.c readconf.h ssh.1 sshconnect.c]
1530 add NoHostAuthenticationForLocalhost; note that the hostkey is
1531 now check for localhost, too.
Ben Lindstrom569f88d2001-10-03 17:43:01 +00001532 - djm@cvs.openbsd.org 2001/10/02 08:38:50
1533 [ssh-add.c]
1534 return non-zero exit code on error; ok markus@
Ben Lindstrom1bae4042001-10-03 17:46:39 +00001535 - stevesk@cvs.openbsd.org 2001/10/02 22:56:09
1536 [sshd.c]
1537 #include "channels.h" for channel_set_af()
Ben Lindstromc3e49e72001-10-03 17:55:26 +00001538 - markus@cvs.openbsd.org 2001/10/03 10:01:20
1539 [auth.c]
1540 use realpath() for homedir, too. from jinmei@isl.rdc.toshiba.co.jp
Ben Lindstrom9b023ed2001-10-03 17:03:54 +00001541
Kevin Steves52172652001-10-02 00:29:00 +0000154220011001
1543 - (stevesk) loginrec.c: fix type conversion problems exposed when using
1544 64-bit off_t.
1545
Ben Lindstrom819f1be2001-09-29 14:27:00 +0000154620010929
1547 - (bal) move reading 'config.h' up higher. Patch by albert chin
1548 <china@thewrittenword.com)
1549
Damien Miller3ff36d62001-09-28 19:51:54 +1000155020010928
1551 - (djm) OpenBSD CVS sync:
1552 - djm@cvs.openbsd.org 2001/09/28 09:49:31
1553 [scard.c]
1554 Fix segv when smartcard communication error occurs during key load.
1555 ok markus@
Damien Millerbccb5a92001-09-28 20:03:25 +10001556 - (djm) Update spec files for new x11-askpass
Damien Miller3ff36d62001-09-28 19:51:54 +10001557
Kevin Stevesa0957d62001-09-27 19:50:26 +0000155820010927
1559 - (stevesk) session.c: declare do_pre_login() before use
1560 wayned@users.sourceforge.net
1561
Damien Miller964fed52001-09-25 12:58:23 +1000156220010925
1563 - (djm) Pull in auth-krb5.c from OpenBSD CVS. NB. it is not currently used.
Damien Miller16fcade2001-09-25 13:06:18 +10001564 - (djm) Sync $sysconfdir/moduli
Damien Millere8bb4502001-09-25 16:39:35 +10001565 - (djm) Add AC_SYS_LARGEFILE configure test
Damien Miller5f4b1002001-09-25 22:21:52 +10001566 - (djm) Avoid bad and unportable sprintf usage in compat code
Damien Miller964fed52001-09-25 12:58:23 +10001567
Ben Lindstromb85544d2001-09-23 13:54:57 +0000156820010923
Ben Lindstrom5ccf63a2001-09-24 20:00:10 +00001569 - (bal) updated ssh.c to mirror minor getopts 'extern int' formating done
1570 by stevesk@
Ben Lindstrom40a0d202001-09-24 22:04:02 +00001571 - (bal) Removed 'extern int optopt;' since it is dead wood.
Ben Lindstrom8b16c0e2001-09-24 23:15:15 +00001572 - (bal) Updated all *.specs for 2.9.9p1 and updated version.h
Ben Lindstrom5ccf63a2001-09-24 20:00:10 +00001573
157420010923
Ben Lindstromb85544d2001-09-23 13:54:57 +00001575 - (bal) OpenBSD CVS Sync
1576 - markus@cvs.openbsd.org 2001/09/23 11:09:13
1577 [authfile.c]
1578 relax permission check for private key files.
Ben Lindstrombffa1cb2001-09-23 13:58:38 +00001579 - markus@cvs.openbsd.org 2001/09/23 09:58:13
1580 [LICENCE]
1581 new rijndael implementation
Ben Lindstromb85544d2001-09-23 13:54:57 +00001582
Tim Rice1ce8f0c2001-09-20 11:39:35 -0700158320010920
1584 - (tim) [scard/Makefile.in] Don't strip the Java binary
Kevin Steves50abba52001-09-20 19:43:41 +00001585 - (stevesk) sun_len, SUN_LEN() configure stuff no longer required
Ben Lindstrom406b4f02001-09-20 23:09:16 +00001586 - (bal) OpenBSD CVS Sync
1587 - stevesk@cvs.openbsd.org 2001/09/20 00:15:54
1588 [sshd.8]
1589 fix ClientAliveCountMax
Ben Lindstrom1bc3bdb2001-09-20 23:11:26 +00001590 - markus@cvs.openbsd.org 2001/09/20 13:46:48
1591 [auth2.c]
1592 key_read returns now -1 or 1
Ben Lindstromf558cf62001-09-20 23:13:49 +00001593 - markus@cvs.openbsd.org 2001/09/20 13:50:40
1594 [compat.c compat.h ssh.c]
1595 bug compat: request a dummy channel for -N (no shell) sessions +
1596 cleanup; vinschen@redhat.com
Ben Lindstrom15da0332001-09-20 23:15:44 +00001597 - mouring@cvs.openbsd.org 2001/09/20 20:57:51
1598 [sshd_config]
1599 CheckMail removed. OKed stevesk@
Tim Rice1ce8f0c2001-09-20 11:39:35 -07001600
Ben Lindstrom20daef72001-09-20 00:54:01 +0000160120010919
Ben Lindstrom84a6bfb2001-09-20 02:07:50 +00001602 - (bal) OpenBSD Sync
Ben Lindstrom20daef72001-09-20 00:54:01 +00001603 - markus@cvs.openbsd.org 2001/09/19 10:08:51
1604 [sshd.8]
1605 command=xxx applies to subsystem now, too
Ben Lindstrom309f3d12001-09-20 00:55:53 +00001606 - markus@cvs.openbsd.org 2001/09/19 13:23:29
1607 [key.c]
1608 key_read() now returns -1 on type mismatch, too
Ben Lindstrom2b7a0e92001-09-20 00:57:55 +00001609 - stevesk@cvs.openbsd.org 2001/09/19 19:24:19
1610 [readconf.c readconf.h scp.c sftp.c ssh.1]
1611 add ClearAllForwardings ssh option and set it in scp and sftp; ok
1612 markus@
Ben Lindstromb1d822c2001-09-20 01:03:31 +00001613 - stevesk@cvs.openbsd.org 2001/09/19 19:35:30
1614 [authfd.c]
1615 use sizeof addr vs. SUN_LEN(addr) for sockaddr_un. Stevens
1616 blesses this and we do it this way elsewhere. this helps in
1617 portable because not all systems have SUN_LEN() and
1618 sockaddr_un.sun_len. ok markus@
Ben Lindstromdfd18502001-09-20 01:06:08 +00001619 - stevesk@cvs.openbsd.org 2001/09/19 21:04:53
1620 [sshd.8]
1621 missing -t in usage
Ben Lindstrom03598a12001-09-20 01:07:57 +00001622 - stevesk@cvs.openbsd.org 2001/09/19 21:41:57
1623 [sshd.8]
1624 don't advertise -V in usage; ok markus@
Ben Lindstrom84a6bfb2001-09-20 02:07:50 +00001625 - (bal) openbsd-compat/vis.[ch] is dead wood. Removed.
Ben Lindstrom20daef72001-09-20 00:54:01 +00001626
Damien Miller85de5802001-09-18 14:01:11 +1000162720010918
Damien Millerff5f47e2001-09-18 15:05:20 +10001628 - (djm) Configure support for smartcards. Based on Ben's work.
Damien Millerffbe6982001-09-18 14:03:03 +10001629 - (djm) Revert setgroups call, it causes problems on OS-X
Damien Millerff5f47e2001-09-18 15:05:20 +10001630 - (djm) Avoid warning on BSDgetopt
Damien Millerd97c2ce2001-09-18 15:06:21 +10001631 - (djm) More makefile infrastructre for smartcard support, also based
1632 on Ben's work
Damien Miller7948d932001-09-18 15:12:10 +10001633 - (djm) Specify --datadir in RPM spec files so smartcard applet gets
1634 put somewhere sane. Add Ssh.bin to manifest.
Damien Millerf2bd06c2001-09-18 15:33:07 +10001635 - (djm) Make smartcard support conditional in Redhat RPM spec
Ben Lindstrom033e4552001-09-18 05:36:27 +00001636 - (bal) LICENCE update. Has not been done in a while.
Kevin Steves871f6622001-09-18 16:08:24 +00001637 - (stevesk) nchan.c: we use X/Open Sockets on HP-UX now so shutdown(2)
1638 returns ENOTCONN vs. EINVAL for socket not connected; remove EINVAL
1639 check. ok Lutz Jaenicke
Ben Lindstrom84a6bfb2001-09-20 02:07:50 +00001640 - (bal) OpenBSD CVS Sync
Ben Lindstrom1e243242001-09-18 05:38:44 +00001641 - stevesk@cvs.openbsd.org 2001/09/17 17:57:57
1642 [scp.1 scp.c sftp.1 sftp.c]
1643 add -Fssh_config option; ok markus@
Ben Lindstrom9e0ddd42001-09-18 05:41:19 +00001644 - stevesk@cvs.openbsd.org 2001/09/17 19:27:15
1645 [kexdh.c kexgex.c key.c key.h ssh-dss.c ssh-keygen.c ssh-rsa.c]
1646 u_char*/char* cleanup; ok markus
Ben Lindstroma2fec902001-09-18 05:45:44 +00001647 - markus@cvs.openbsd.org 2001/09/17 20:22:14
1648 [scard.c]
1649 never keep a connection to the smartcard open.
1650 allows ssh-keygen -D U while the agent is running; report from
1651 jakob@
Ben Lindstrom6a337632001-09-18 05:47:32 +00001652 - stevesk@cvs.openbsd.org 2001/09/17 20:38:09
1653 [sftp.1 sftp.c]
1654 cleanup and document -1, -s and -S; ok markus@
Ben Lindstrom99a30f12001-09-18 05:49:14 +00001655 - markus@cvs.openbsd.org 2001/09/17 20:50:22
1656 [key.c ssh-keygen.c]
1657 better error handling if you try to export a bad key to ssh.com
Ben Lindstrom944c4f02001-09-18 05:51:13 +00001658 - markus@cvs.openbsd.org 2001/09/17 20:52:47
1659 [channels.c channels.h clientloop.c]
1660 try to fix agent-forwarding-backconnection-bug, as seen on HPUX,
1661 for example; with Lutz.Jaenicke@aet.TU-Cottbus.DE,
Ben Lindstrom6d218f42001-09-18 05:53:12 +00001662 - markus@cvs.openbsd.org 2001/09/17 21:04:02
1663 [channels.c serverloop.c]
1664 don't send fake dummy packets on CR (\r)
1665 bugreport from yyua@cs.sfu.ca via solar@@openwall.com
Ben Lindstrom3b4d42c2001-09-18 05:55:10 +00001666 - markus@cvs.openbsd.org 2001/09/17 21:09:47
1667 [compat.c]
1668 more versions suffering the SSH_BUG_DEBUG bug;
1669 3.0.x reported by dbutts@maddog.storability.com
Ben Lindstromcc7aafc2001-09-18 05:56:57 +00001670 - stevesk@cvs.openbsd.org 2001/09/17 23:56:07
1671 [scp.1]
1672 missing -B in usage string
Damien Miller85de5802001-09-18 14:01:11 +10001673
Damien Miller01ebad02001-09-17 15:07:23 +1000167420010917
1675 - (djm) x11-ssh-askpass-1.2.4 in RPM spec, revert workarounds
Tim Ricea4f7ae12001-09-17 14:34:33 -07001676 - (tim) [includes.h openbsd-compat/getopt.c openbsd-compat/getopt.h]
1677 rename getopt() to BSDgetopt() to keep form conflicting with
1678 system getopt().
1679 [Makefile.in configure.in] disable filepriv until I can add
1680 missing procpriv calls.
Damien Miller01ebad02001-09-17 15:07:23 +10001681
Damien Miller0b9278e2001-09-16 17:13:45 +1000168220010916
1683 - (djm) Workaround XFree breakage in RPM spec file
Ben Lindstrom37e41c92001-09-16 22:17:15 +00001684 - (bal) OpenBSD CVS Sync
1685 - markus@cvs.openbsd.org 2001/09/16 14:46:54
1686 [session.c]
1687 calls krb_afslog() after setting $HOME; mattiasa@e.kth.se; fixes
1688 pr 1943b
Damien Miller0b9278e2001-09-16 17:13:45 +10001689
Damien Miller599d8eb2001-09-15 12:25:53 +1000169020010915
1691 - (djm) Make do_pre_login static to avoid prototype #ifdef hell
Damien Miller69e00a12001-09-15 20:58:46 +10001692 - (djm) Sync scard/ stuff
Damien Miller0c217b72001-09-15 21:01:41 +10001693 - (djm) Redhat spec file cleanups from Pekka Savola <pekkas@netcore.fi> and
1694 Redhat
Damien Millerba6f9f92001-09-15 21:03:10 +10001695 - (djm) Redhat initscript config sanity checking from Pekka Savola
1696 <pekkas@netcore.fi>
Damien Millerebf989e2001-09-15 21:12:49 +10001697 - (djm) Clear supplemental groups at sshd start to prevent them from
1698 being propogated to random PAM modules. Based on patch from Redhat via
1699 Pekka Savola <pekkas@netcore.fi>
Damien Miller426d6bd2001-09-16 17:13:11 +10001700 - (djm) Make sure rijndael.c picks config.h
1701 - (djm) Ensure that u_char gets defined
Damien Miller599d8eb2001-09-15 12:25:53 +10001702
Ben Lindstromd5e1c042001-09-14 23:09:29 +0000170320010914
1704 - (bal) OpenBSD CVS Sync
1705 - markus@cvs.openbsd.org 2001/09/13
1706 [rijndael.c rijndael.h]
1707 missing $OpenBSD
Ben Lindstromb09f6b52001-09-14 23:12:07 +00001708 - markus@cvs.openbsd.org 2001/09/14
1709 [session.c]
1710 command=xxx overwrites subsystems, too
Ben Lindstrom23124ea2001-09-14 23:14:25 +00001711 - markus@cvs.openbsd.org 2001/09/14
1712 [sshd.c]
1713 typo
Ben Lindstromb09f6b52001-09-14 23:12:07 +00001714
Ben Lindstrom319fc732001-09-14 02:47:33 +0000171520010913
1716 - (bal) OpenBSD CVS Sync
1717 - markus@cvs.openbsd.org 2001/08/23 11:31:59
1718 [cipher.c cipher.h]
1719 switch to the optimised AES reference code from
1720 http://www.esat.kuleuven.ac.be/~rijmen/rijndael/rijndael-fst-3.0.zip
1721
Ben Lindstrom91e98682001-09-12 16:32:14 +0000172220010912
1723 - (bal) OpenBSD CVS Sync
1724 - jakob@cvs.openbsd.org 2001/08/16 19:18:34
1725 [servconf.c servconf.h session.c sshd.8]
1726 deprecate CheckMail. ok markus@
Ben Lindstrom1c0fd092001-09-12 16:36:17 +00001727 - stevesk@cvs.openbsd.org 2001/08/16 20:14:57
1728 [ssh.1 sshd.8]
1729 document case sensitivity for ssh, sshd and key file
1730 options and arguments; ok markus@
Ben Lindstrom7bb37b22001-09-12 16:40:05 +00001731 - stevesk@cvs.openbsd.org 2001/08/17 18:59:47
1732 [servconf.h]
1733 typo in comment
Ben Lindstrome59433d2001-09-12 16:41:37 +00001734 - stevesk@cvs.openbsd.org 2001/08/21 21:47:42
1735 [ssh.1 sshd.8]
1736 minor typos and cleanup
Ben Lindstroma10aed82001-09-12 16:43:26 +00001737 - stevesk@cvs.openbsd.org 2001/08/22 16:21:21
1738 [ssh.1]
1739 hostname not optional; ok markus@
Ben Lindstrom044274b2001-09-12 16:46:08 +00001740 - stevesk@cvs.openbsd.org 2001/08/22 16:30:02
1741 [sshd.8]
1742 no rexd; ok markus@
Ben Lindstromffa1dd62001-09-12 16:52:28 +00001743 - stevesk@cvs.openbsd.org 2001/08/22 17:45:16
1744 [ssh.1]
1745 document cipher des for protocol 1; ok deraadt@
Ben Lindstromce89dac2001-09-12 16:58:04 +00001746 - camield@cvs.openbsd.org 2001/08/23 17:59:31
1747 [sshd.c]
1748 end request with 0, not NULL
1749 ok markus@
Ben Lindstromba1fa1d2001-09-12 17:02:49 +00001750 - stevesk@cvs.openbsd.org 2001/08/23 18:02:48
1751 [ssh-agent.1]
1752 fix usage; ok markus@
Ben Lindstrom8d066fb2001-09-12 17:06:13 +00001753 - stevesk@cvs.openbsd.org 2001/08/23 18:08:59
1754 [ssh-add.1 ssh-keyscan.1]
1755 minor cleanup
Ben Lindstrom78bbd9e2001-09-12 17:10:40 +00001756 - danh@cvs.openbsd.org 2001/08/27 22:02:13
1757 [ssh-keyscan.c]
1758 fix memory fault if non-existent filename is given to the -f option
1759 ok markus@
Ben Lindstrom525a0932001-09-12 17:35:27 +00001760 - markus@cvs.openbsd.org 2001/08/28 09:51:26
1761 [readconf.c]
1762 don't set DynamicForward unless Host matches
Ben Lindstrom14f31ab2001-09-12 17:48:04 +00001763 - markus@cvs.openbsd.org 2001/08/28 15:39:48
1764 [ssh.1 ssh.c]
1765 allow: ssh -F configfile host
Ben Lindstrom5fccbc22001-09-12 17:49:48 +00001766 - markus@cvs.openbsd.org 2001/08/29 20:44:03
1767 [scp.c]
1768 clear the malloc'd buffer, otherwise source() will leak malloc'd
1769 memory; ok theo@
Ben Lindstrom6f672c02001-09-12 17:51:55 +00001770 - stevesk@cvs.openbsd.org 2001/08/29 23:02:21
1771 [sshd.8]
1772 add text about -u0 preventing DNS requests; ok markus@
Ben Lindstrom19ceb172001-09-12 17:54:24 +00001773 - stevesk@cvs.openbsd.org 2001/08/29 23:13:10
1774 [ssh.1 ssh.c]
1775 document -D and DynamicForward; ok markus@
Ben Lindstrom1a174712001-09-12 17:56:15 +00001776 - stevesk@cvs.openbsd.org 2001/08/29 23:27:23
1777 [ssh.c]
1778 validate ports for -L/-R; ok markus@
Ben Lindstrom60d82be2001-09-12 17:58:15 +00001779 - stevesk@cvs.openbsd.org 2001/08/29 23:39:40
1780 [ssh.1 sshd.8]
1781 additional documentation for GatewayPorts; ok markus@
Ben Lindstrom6e69d532001-09-12 17:59:59 +00001782 - naddy@cvs.openbsd.org 2001/08/30 15:42:36
1783 [ssh.1]
1784 add -D to synopsis line; ok markus@
Ben Lindstrom62c25a42001-09-12 18:01:59 +00001785 - stevesk@cvs.openbsd.org 2001/08/30 16:04:35
1786 [readconf.c ssh.1]
1787 validate ports for LocalForward/RemoteForward.
1788 add host/port alternative syntax for IPv6 (like -L/-R).
1789 ok markus@
Ben Lindstromd71ba572001-09-12 18:03:31 +00001790 - stevesk@cvs.openbsd.org 2001/08/30 20:36:34
1791 [auth-options.c sshd.8]
1792 validate ports for permitopen key file option. add host/port
1793 alternative syntax for IPv6. ok markus@
Ben Lindstrom520b55c2001-09-12 18:05:05 +00001794 - markus@cvs.openbsd.org 2001/08/30 22:22:32
1795 [ssh-keyscan.c]
1796 do not pass pointers to longjmp; fix from wayne@blorf.net
Ben Lindstrom7d199962001-09-12 18:29:00 +00001797 - markus@cvs.openbsd.org 2001/08/31 11:46:39
1798 [sshconnect2.c]
Ben Lindstromedc0cf22001-09-12 18:32:20 +00001799 disable kbd-interactive if we don't get SSH2_MSG_USERAUTH_INFO_REQUEST
1800 messages
1801 - stevesk@cvs.openbsd.org 2001/09/03 20:58:33
1802 [readconf.c readconf.h ssh.c]
1803 fatal() for nonexistent -Fssh_config. ok markus@
Ben Lindstrom594e2032001-09-12 18:35:30 +00001804 - deraadt@cvs.openbsd.org 2001/09/05 06:23:07
1805 [scp.1 sftp.1 ssh.1 ssh-agent.1 sshd.8 ssh-keygen.1 ssh-keyscan.1]
1806 avoid first person in manual pages
Ben Lindstrom4213c552001-09-12 18:45:09 +00001807 - stevesk@cvs.openbsd.org 2001/09/12 18:18:25
1808 [scp.c]
1809 don't forward agent for non third-party copies; ok markus@
Ben Lindstrom91e98682001-09-12 16:32:14 +00001810
Ben Lindstromd0ff4082001-08-15 22:58:59 +0000181120010815
1812 - (bal) Fixed stray code in readconf.c that went in by mistake.
Ben Lindstromc9a26362001-08-15 23:04:50 +00001813 - OpenBSD CVS Sync
1814 - markus@cvs.openbsd.org 2001/08/07 10:37:46
1815 [authfd.c authfd.h]
1816 extended failure messages from galb@vandyke.com
Ben Lindstrom79e93bc2001-08-15 23:06:59 +00001817 - deraadt@cvs.openbsd.org 2001/08/08 07:16:58
1818 [scp.1]
1819 when describing the -o option, give -o Protocol=1 as the specific example
1820 since we are SICK AND TIRED of clueless people who cannot have difficulty
1821 thinking on their own.
Ben Lindstroma6603932001-08-15 23:14:49 +00001822 - markus@cvs.openbsd.org 2001/08/08 18:20:15
1823 [uidswap.c]
1824 permanently_set_uid is a noop if user is not privilegued;
1825 fixes bug on solaris; from sbi@uchicago.edu
Ben Lindstrom049e0dd2001-08-15 23:17:22 +00001826 - markus@cvs.openbsd.org 2001/08/08 21:34:19
1827 [uidswap.c]
1828 undo last change; does not work for sshd
Ben Lindstrom930b14a2001-08-15 23:19:21 +00001829 - jakob@cvs.openbsd.org 2001/08/11 22:51:27
1830 [ssh.c tildexpand.c]
1831 fix more paths beginning with "//"; <bradshaw@staff.crosswalk.com>.
1832 ok markus@
Ben Lindstrom1fa90102001-08-15 23:21:01 +00001833 - stevesk@cvs.openbsd.org 2001/08/13 23:38:54
1834 [scp.c]
1835 don't need main prototype (also sync with rcp); ok markus@
Ben Lindstrom59e12492001-08-15 23:22:56 +00001836 - markus@cvs.openbsd.org 2001/08/14 09:23:02
1837 [sftp.1 sftp-int.c]
1838 "bye"; hk63a@netscape.net
Ben Lindstrom14c62eb2001-08-15 23:25:46 +00001839 - stevesk@cvs.openbsd.org 2001/08/14 17:54:29
1840 [scp.1 sftp.1 ssh.1]
1841 consistent documentation and example of ``-o ssh_option'' for sftp and
1842 scp; document keyword=argument for ssh.
Ben Lindstrom19d7b8d2001-08-16 00:09:49 +00001843 - (bal) QNX resync. OK tim@
Ben Lindstromd0ff4082001-08-15 22:58:59 +00001844
Kevin Stevesad4aa562001-08-14 20:35:35 +0000184520010814
1846 - (stevesk) sshpty.c, cray.[ch]: whitespace, formatting and cleanup
1847 for some #ifdef _CRAY code; ok wendyp@cray.com
Kevin Steves25ee4e42001-08-14 20:41:34 +00001848 - (stevesk) sshpty.c: return 0 on error in cray pty code;
1849 ok wendyp@cray.com
Kevin Steves72992af2001-08-14 20:54:52 +00001850 - (stevesk) bsd-cray.c: utmp strings are not C strings
Kevin Steves4da21ab2001-08-14 21:02:15 +00001851 - (stevesk) bsd-cray.c: more cleanup; ok wendyp@cray.com
Kevin Stevesad4aa562001-08-14 20:35:35 +00001852
Damien Miller56cb9292001-08-12 13:02:50 +1000185320010812
1854 - (djm) Fix detection of long long int support. Based on patch from
1855 Michael Stone <mstone@cs.loyola.edu>. ok stevesk, tim
1856
Ben Lindstrom113339e2001-08-09 00:56:52 +0000185720010808
1858 - (bal) Minor correction to inet_ntop.h. _BSD_RRESVPORT_H should be
1859 _BSD_INET_NTOP_H. Pointed out by Mark Miller <markm@swoon.net>
1860
Tim Ricee991e3c2001-08-07 15:29:07 -0700186120010807
1862 - (tim) [configure.in sshconnect.c openbsd-compat/Makefile.in
1863 openbsd-compat/openbsd-compat.h ] Add inet_ntop.c inet_ntop.h back
1864 in. Needed for sshconnect.c
1865 [sshconnect.c] fix INET6_ADDRSTRLEN for non IPv6 machines
1866 [configure.in] make tests with missing libraries fail
1867 patch by Wendy Palm <wendyp@cray.com>
1868 Added openbsd-compat/bsd-cray.h. Selective patches from
1869 William L. Jones <jones@mail.utexas.edu>
1870
Ben Lindstromc88785e2001-08-06 20:47:23 +0000187120010806
1872 - OpenBSD CVS Sync
1873 - markus@cvs.openbsd.org 2001/07/22 21:32:27
1874 [sshpty.c]
1875 update comment
Ben Lindstrome2b9b062001-08-06 20:50:55 +00001876 - pvalchev@cvs.openbsd.org 2001/07/22 21:32:42
1877 [ssh.1]
1878 There is no option "Compress", point to "Compression" instead; ok
1879 markus
Ben Lindstrom0076d752001-08-06 20:53:26 +00001880 - markus@cvs.openbsd.org 2001/07/22 22:04:19
1881 [readconf.c ssh.1]
1882 enable challenge-response auth by default; ok millert@
Ben Lindstromc8e29ce2001-08-06 20:55:28 +00001883 - markus@cvs.openbsd.org 2001/07/22 22:24:16
1884 [sshd.8]
1885 Xr login.conf
Ben Lindstrom45350e82001-08-06 20:57:11 +00001886 - markus@cvs.openbsd.org 2001/07/23 09:06:28
1887 [sshconnect2.c]
1888 reorder default sequence of userauth methods to match ssh behaviour:
1889 hostbased,publickey,keyboard-interactive,password
Ben Lindstroma9086a12001-08-06 20:58:51 +00001890 - markus@cvs.openbsd.org 2001/07/23 12:47:05
1891 [ssh.1]
1892 sync PreferredAuthentications
Ben Lindstromd18c80c2001-08-06 21:00:27 +00001893 - aaron@cvs.openbsd.org 2001/07/23 14:14:18
1894 [ssh-keygen.1]
1895 Fix typo.
Ben Lindstrom940fb862001-08-06 21:01:49 +00001896 - stevesk@cvs.openbsd.org 2001/07/23 18:14:58
1897 [auth2.c auth-rsa.c]
1898 use %lu; ok markus@
Ben Lindstromff6458e2001-08-06 21:03:23 +00001899 - stevesk@cvs.openbsd.org 2001/07/23 18:21:46
1900 [xmalloc.c]
1901 no zero size xstrdup() error; ok markus@
Ben Lindstromf9bedf12001-08-06 21:05:05 +00001902 - markus@cvs.openbsd.org 2001/07/25 11:59:35
1903 [scard.c]
1904 typo in comment
Ben Lindstromf9cedb92001-08-06 21:07:11 +00001905 - markus@cvs.openbsd.org 2001/07/25 14:35:18
1906 [readconf.c ssh.1 ssh.c sshconnect.c]
1907 cleanup connect(); connection_attempts 4 -> 1; from
1908 eivind@freebsd.org
Ben Lindstrom794325a2001-08-06 21:09:07 +00001909 - stevesk@cvs.openbsd.org 2001/07/26 17:18:22
1910 [sshd.8 sshd.c]
1911 add -t option to test configuration file and keys; pekkas@netcore.fi
1912 ok markus@
Ben Lindstrom60df8e42001-08-06 21:10:52 +00001913 - rees@cvs.openbsd.org 2001/07/26 20:04:27
1914 [scard.c ssh-keygen.c]
1915 Inquire Cyberflex class for 0xf0 cards
1916 change aid to conform to 7816-5
1917 remove gratuitous fid selects
Ben Lindstrom711b04a2001-08-06 21:12:42 +00001918 - millert@cvs.openbsd.org 2001/07/27 14:50:45
1919 [ssh.c]
1920 If smart card support is compiled in and a smart card is being used
1921 for authentication, make it the first method used. markus@ OK
Ben Lindstrom2772a3f2001-08-06 21:17:12 +00001922 - deraadt@cvs.openbsd.org 2001/07/27 17:26:16
1923 [scp.c]
1924 shorten lines
Ben Lindstrom07d24dc2001-08-06 21:18:57 +00001925 - markus@cvs.openbsd.org 2001/07/28 09:21:15
1926 [sshd.8]
1927 cleanup some RSA vs DSA vs SSH1 vs SSH2 notes
Ben Lindstrom50e22c92001-08-06 21:20:22 +00001928 - mouring@cvs.openbsd.org 2001/07/29 17:02:46
1929 [scp.1]
1930 Clarified -o option in scp.1 OKed by Markus@
Ben Lindstrom30b00be2001-08-06 21:22:10 +00001931 - jakob@cvs.openbsd.org 2001/07/30 16:06:07
1932 [scard.c scard.h]
1933 better errorcodes from sc_*; ok markus@
Ben Lindstrom0256e8b2001-08-06 21:24:11 +00001934 - stevesk@cvs.openbsd.org 2001/07/30 16:23:30
1935 [rijndael.c rijndael.h]
1936 new BSD-style license:
1937 Brian Gladman <brg@gladman.plus.com>:
1938 >I have updated my code at:
1939 >http://fp.gladman.plus.com/cryptography_technology/rijndael/index.htm
1940 >with a copyright notice as follows:
1941 >[...]
1942 >I am not sure which version of my old code you are using but I am
1943 >happy for the notice above to be substituted for my existing copyright
1944 >intent if this meets your purpose.
Ben Lindstrom94baf302001-08-06 21:25:38 +00001945 - jakob@cvs.openbsd.org 2001/07/31 08:41:10
1946 [scard.c]
1947 do not complain about missing smartcards. ok markus@
Ben Lindstromae996bf2001-08-06 21:27:53 +00001948 - jakob@cvs.openbsd.org 2001/07/31 09:28:44
1949 [readconf.c readconf.h ssh.1 ssh.c]
1950 add 'SmartcardDevice' client option to specify which smartcard device
1951 is used to access a smartcard used for storing the user's private RSA
1952 key. ok markus@.
Ben Lindstrom95148e32001-08-06 21:30:53 +00001953 - jakob@cvs.openbsd.org 2001/07/31 12:42:50
1954 [sftp-int.c sftp-server.c]
1955 avoid paths beginning with "//"; <vinschen@redhat.com>
1956 ok markus@
Ben Lindstrom3ab1dfa2001-08-06 21:33:44 +00001957 - jakob@cvs.openbsd.org 2001/07/31 12:53:34
1958 [scard.c]
1959 close smartcard connection if card is missing
Ben Lindstromf7db3bb2001-08-06 21:35:51 +00001960 - markus@cvs.openbsd.org 2001/08/01 22:03:33
1961 [authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c
1962 ssh-agent.c ssh.c]
1963 use strings instead of ints for smartcard reader ids
Ben Lindstrom020a8692001-08-06 21:38:10 +00001964 - markus@cvs.openbsd.org 2001/08/01 22:16:45
1965 [ssh.1 sshd.8]
1966 refer to current ietf drafts for protocol v2
Ben Lindstrom6818bfb2001-08-06 21:40:04 +00001967 - markus@cvs.openbsd.org 2001/08/01 23:33:09
1968 [ssh-keygen.c]
1969 allow uploading RSA keys for non-default AUT0 (sha1 over passphrase
1970 like sectok).
Ben Lindstrom6db66ff2001-08-06 23:29:16 +00001971 - markus@cvs.openbsd.org 2001/08/01 23:38:45
Ben Lindstroma6c8a8d2001-08-06 21:42:00 +00001972 [scard.c ssh.c]
1973 support finish rsa keys.
1974 free public keys after login -> call finish -> close smartcard.
Ben Lindstrom8282d6a2001-08-06 21:44:05 +00001975 - markus@cvs.openbsd.org 2001/08/02 00:10:17
1976 [ssh-keygen.c]
1977 add -D readerid option (download, i.e. print public RSA key to stdout).
1978 check for card present when uploading keys.
1979 use strings instead of ints for smartcard reader ids, too.
Ben Lindstromf19578c2001-08-06 21:46:54 +00001980 - jakob@cvs.openbsd.org 2001/08/02 08:58:35
1981 [ssh-keygen.c]
1982 change -u (upload smartcard key) to -U. ok markus@
Ben Lindstrom97be31e2001-08-06 21:49:06 +00001983 - jakob@cvs.openbsd.org 2001/08/02 15:06:52
1984 [ssh-keygen.c]
1985 more verbose usage(). ok markus@
Ben Lindstroma1ec4a92001-08-06 21:51:34 +00001986 - jakob@cvs.openbsd.org 2001/08/02 15:07:23
1987 [ssh-keygen.1]
1988 document smartcard upload/download. ok markus@
Ben Lindstrom61eb9562001-08-06 21:53:42 +00001989 - jakob@cvs.openbsd.org 2001/08/02 15:32:10
1990 [ssh.c]
1991 add smartcard to usage(). ok markus@
Ben Lindstromffce1472001-08-06 21:57:31 +00001992 - jakob@cvs.openbsd.org 2001/08/02 15:43:57
1993 [ssh-agent.c ssh.c ssh-keygen.c]
1994 add /* SMARTCARD */ to #else/#endif. ok markus@
Ben Lindstrom6db66ff2001-08-06 23:29:16 +00001995 - jakob@cvs.openbsd.org 2001/08/02 16:14:05
Ben Lindstrombcc18082001-08-06 21:59:25 +00001996 [scard.c ssh-agent.c ssh.c ssh-keygen.c]
1997 clean up some /* SMARTCARD */. ok markus@
Ben Lindstrom0b5afb92001-08-06 22:01:29 +00001998 - mpech@cvs.openbsd.org 2001/08/02 18:37:35
1999 [ssh-keyscan.1]
2000 o) .Sh AUTHOR -> .Sh AUTHORS;
2001 o) .Sh EXAMPLE -> .Sh EXAMPLES;
2002 o) Delete .Sh OPTIONS. Text moved to .Sh DESCRIPTION;
2003
2004 millert@ ok
Ben Lindstrome6901212001-08-06 22:03:08 +00002005 - jakob@cvs.openbsd.org 2001/08/03 10:31:19
2006 [ssh-add.1]
2007 document smartcard options. ok markus@
Ben Lindstromddfb1e32001-08-06 22:06:35 +00002008 - jakob@cvs.openbsd.org 2001/08/03 10:31:30
2009 [ssh-add.c ssh-agent.c ssh-keyscan.c]
2010 improve usage(). ok markus@
Ben Lindstrom325e70c2001-08-06 22:41:30 +00002011 - markus@cvs.openbsd.org 2001/08/05 23:18:20
2012 [ssh-keyscan.1 ssh-keyscan.c]
2013 ssh 2 support; from wayned@users.sourceforge.net
Ben Lindstromde8fc6f2001-08-06 22:43:50 +00002014 - markus@cvs.openbsd.org 2001/08/05 23:29:58
2015 [ssh-keyscan.c]
2016 make -t dsa work with commercial servers, too
Ben Lindstrom958d9f62001-08-06 22:48:19 +00002017 - stevesk@cvs.openbsd.org 2001/08/06 19:47:05
2018 [scp.c]
2019 use alarm vs. setitimer for portable; ok markus@
Ben Lindstromff2866c2001-08-06 22:56:46 +00002020 - (bal) ssh-keyscan double -lssh hack due to seed_rng().
Ben Lindstrom6db66ff2001-08-06 23:29:16 +00002021 - (bal) Second around of UNICOS patches. A few other things left.
2022 Patches by William L. Jones <jones@mail.utexas.edu>
Ben Lindstromc88785e2001-08-06 20:47:23 +00002023
Damien Miller2ab59242001-08-06 16:51:49 +1000202420010803
2025 - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
2026 a fast UltraSPARC.
2027
Kevin Stevese26a1552001-07-26 17:51:49 +0000202820010726
2029 - (stevesk) use mysignal() in protocol 1 loop now that the SIGCHLD
2030 handler has converged.
2031
Ben Lindstrom8103de72001-07-25 16:24:33 +0000203220010725
2033 - (bal) Added 'install-nokeys' to Makefile to assist package builders.
2034
Ben Lindstrom8e2aa5b2001-07-24 17:00:13 +0000203520010724
2036 - (bal) 4711 not 04711 for ssh binary.
2037
Ben Lindstromd9e08242001-07-22 19:32:00 +0000203820010722
2039 - (bal) Starting the Unicossmk merger. File merged TODO, configure.in,
2040 myproposal.h, ssh_prng_cmds.in, and openbsd-compat/Makefile.in.
2041 Added openbsd-compat/bsd-cray.c. Rest will be merged after
2042 approval. Selective patches from William L. Jones
2043 <jones@mail.utexas.edu>
Ben Lindstromd01ba982001-07-22 20:36:57 +00002044 - OpenBSD CVS Sync
2045 - markus@cvs.openbsd.org 2001/07/18 21:10:43
2046 [sshpty.c]
2047 pr #1946, allow sshd if /dev is readonly
Ben Lindstrom3fdf8762001-07-22 20:40:24 +00002048 - stevesk@cvs.openbsd.org 2001/07/18 21:40:40
2049 [ssh-agent.c]
2050 chdir("/") from bbraun@synack.net; ok markus@
Ben Lindstrom66007692001-07-22 20:41:59 +00002051 - stevesk@cvs.openbsd.org 2001/07/19 00:41:44
2052 [ssh.1]
2053 escape chars are below now
Ben Lindstrom0250da02001-07-22 20:44:00 +00002054 - markus@cvs.openbsd.org 2001/07/20 14:46:11
2055 [ssh-agent.c]
2056 do not exit() from signal handlers; ok deraadt@
Ben Lindstrom979c9812001-07-22 20:45:39 +00002057 - stevesk@cvs.openbsd.org 2001/07/20 18:41:51
2058 [ssh.1]
2059 "the" command line
Ben Lindstromd9e08242001-07-22 19:32:00 +00002060
Tim Rice5d629cb2001-07-19 20:33:46 -0700206120010719
2062 - (tim) [configure.in] put inet_aton back in AC_CHECK_FUNCS.
2063 report from Mark Miller <markm@swoon.net>
2064
Ben Lindstromad773132001-07-18 15:45:44 +0000206520010718
2066 - OpenBSD CVS Sync
Ben Lindstrom36857f62001-07-18 15:48:57 +00002067 - stevesk@cvs.openbsd.org 2001/07/14 15:10:17
2068 [readpass.c sftp-client.c sftp-common.c sftp-glob.c]
2069 delete spurious #includes; ok deraadt@ markus@
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002070 - markus@cvs.openbsd.org 2001/07/15 16:17:08
Ben Lindstrom36857f62001-07-18 15:48:57 +00002071 [serverloop.c]
2072 schedule client alive for ssh2 only, greg@cheers.bungi.com
Ben Lindstroma4a53232001-07-18 15:51:00 +00002073 - stevesk@cvs.openbsd.org 2001/07/15 16:57:21
2074 [ssh-agent.1]
2075 -d will not fork; ok markus@
Ben Lindstroma7fc2f72001-07-18 15:53:39 +00002076 - stevesk@cvs.openbsd.org 2001/07/15 16:58:29
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002077 [ssh-agent.c]
Ben Lindstroma7fc2f72001-07-18 15:53:39 +00002078 typo in usage; ok markus@
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002079 - markus@cvs.openbsd.org 2001/07/17 20:48:42
2080 [ssh-agent.c]
Ben Lindstroma3d5a4c2001-07-18 15:58:08 +00002081 update maxfd if maxfd is closed; report from jmcelroy@dtgnet.com
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002082 - markus@cvs.openbsd.org 2001/07/17 21:04:58
2083 [channels.c channels.h clientloop.c nchan.c serverloop.c]
Ben Lindstrom16d29d52001-07-18 16:01:46 +00002084 keep track of both maxfd and the size of the malloc'ed fdsets.
2085 update maxfd if maxfd gets closed.
Ben Lindstromdc00c932001-07-18 16:50:33 +00002086 - mouring@cvs.openbsd.org 2001/07/18 16:45:52
2087 [scp.c]
2088 Missing -o in scp usage()
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002089 - (bal) Cleaned up trailing spaces in ChangeLog.
Ben Lindstromcff94be2001-07-18 16:19:48 +00002090 - (bal) Allow sshd to switch user context without password for Cygwin.
2091 Patch by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstroma5820292001-07-18 16:25:41 +00002092 - (bal) Updated cygwin README and ssh-host-config. Patch by
Ben Lindstroma92783f2001-07-18 16:27:31 +00002093 Corinna Vinschen <vinschen@redhat.com>
Ben Lindstromad773132001-07-18 15:45:44 +00002094
Ben Lindstromfed7bb42001-07-15 18:30:42 +0000209520010715
2096 - (bal) Set "BROKEN_GETADDRINFO" for darwin platform. Reported by
2097 Josh Larios <jdlarios@cac.washington.edu>
Tim Rice2db53712001-07-15 19:07:49 -07002098 - (tim) put openssh/openbsd-compat/inet_aton.[ch] back in.
2099 needed by openbsd-compat/fake-getaddrinfo.c
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002100
Kevin Steves60193f72001-07-14 16:05:55 +0000210120010714
2102 - (stevesk) change getopt() declaration
Kevin Steves6482ec82001-07-15 02:09:28 +00002103 - (stevesk) configure.in: use ll suffix for long long constant
2104 in snprintf() test
Kevin Steves60193f72001-07-14 16:05:55 +00002105
Damien Millerc62f1fc2001-07-14 11:54:05 +1000210620010713
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002107 - (djm) Enable /etc/nologin check on PAM systems, as some lack the
2108 pam_nologin module. Report from William Yodlowsky
Damien Millerc62f1fc2001-07-14 11:54:05 +10002109 <bsd@openbsd.rutgers.edu>
Damien Miller98273e32001-07-14 11:55:15 +10002110 - (djm) Revert dirname fix, a better one is on its way.
Damien Miller48bfa9c2001-07-14 12:12:55 +10002111 - OpenBSD CVS Sync
2112 - markus@cvs.openbsd.org 2001/07/04 22:47:19
2113 [ssh-agent.c]
2114 ignore SIGPIPE when debugging, too
Damien Miller694be4b2001-07-14 12:13:26 +10002115 - markus@cvs.openbsd.org 2001/07/04 23:13:10
2116 [scard.c scard.h ssh-agent.c]
2117 handle card removal more gracefully, add sc_close() to scard.h
Damien Miller8d4bf172001-07-14 12:13:49 +10002118 - markus@cvs.openbsd.org 2001/07/04 23:39:07
2119 [ssh-agent.c]
2120 for smartcards remove both RSA1/2 keys
Damien Millerf3512d92001-07-14 12:14:27 +10002121 - markus@cvs.openbsd.org 2001/07/04 23:49:27
2122 [ssh-agent.c]
2123 handle mutiple adds of the same smartcard key
Damien Miller40eb1d82001-07-14 12:16:59 +10002124 - espie@cvs.openbsd.org 2001/07/05 11:43:33
2125 [sftp-glob.c]
2126 Directly cast to the right type. Ok markus@
2127 - stevesk@cvs.openbsd.org 2001/07/05 20:32:47
2128 [sshconnect1.c]
2129 statement after label; ok dugsong@
Damien Miller40857852001-07-14 12:17:33 +10002130 - stevesk@cvs.openbsd.org 2001/07/08 15:23:38
2131 [servconf.c]
2132 fix ``MaxStartups max''; ok markus@
Damien Millerf4614452001-07-14 12:18:10 +10002133 - fgsch@cvs.openbsd.org 2001/07/09 05:58:47
2134 [ssh.c]
2135 Use getopt(3); markus@ ok.
Damien Millerefb1edf2001-07-14 12:19:36 +10002136 - deraadt@cvs.openbsd.org 2001/07/09 07:04:53
2137 [session.c sftp-int.c]
2138 correct type on last arg to execl(); nordin@cse.ogi.edu
Damien Miller07ab49e2001-07-14 12:19:56 +10002139 - markus@cvs.openbsd.org 2001/07/10 21:49:12
2140 [readpass.c]
2141 don't panic if fork or pipe fail (just return an empty passwd).
Damien Millerc4b7fea2001-07-14 12:20:32 +10002142 - itojun@cvs.openbsd.org 2001/07/11 00:24:53
2143 [servconf.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002144 make it compilable in all 4 combination of KRB4/KRB5 settings.
Damien Millerc4b7fea2001-07-14 12:20:32 +10002145 dugsong ok
2146 XXX isn't it sensitive to the order of -I/usr/include/kerberosIV and
2147 -I/usr/include/kerberosV?
Damien Miller0ae6e002001-07-14 12:21:34 +10002148 - markus@cvs.openbsd.org 2001/07/11 16:29:59
2149 [ssh.c]
2150 sort options string, fix -p, add -k
2151 - markus@cvs.openbsd.org 2001/07/11 18:26:15
2152 [auth.c]
2153 no need to call dirname(pw->pw_dir).
2154 note that dirname(3) modifies its argument on some systems.
Damien Miller8f6bc302001-07-14 13:07:43 +10002155 - (djm) Reorder Makefile.in so clean targets work a little better when
2156 run directly from Makefile.in
Damien Miller4f8e6692001-07-14 13:22:53 +10002157 - (djm) Pull in getopt(3) from OpenBSD libc for the optreset extension.
Damien Millerc62f1fc2001-07-14 11:54:05 +10002158
Damien Millereec0c252001-07-11 21:32:20 +1000215920010711
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002160 - (djm) dirname(3) may modify its argument on glibc and other systems.
Damien Millereec0c252001-07-11 21:32:20 +10002161 Patch from markus@, spotted by Tom Holroyd <tomh@po.crl.go.jp>
2162
Ben Lindstrom44697232001-07-04 03:32:30 +0000216320010704
2164 - OpenBSD CVS Sync
2165 - markus@cvs.openbsd.org 2001/06/25 08:25:41
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002166 [channels.c channels.h cipher.c clientloop.c compat.c compat.h
2167 hostfile.c kex.c kex.h key.c key.h nchan.c packet.c serverloop.c
Ben Lindstrom44697232001-07-04 03:32:30 +00002168 session.c session.h sftp-server.c ssh-add.c ssh-agent.c uuencode.h]
2169 update copyright for 2001
Ben Lindstrombda98b02001-07-04 03:35:24 +00002170 - markus@cvs.openbsd.org 2001/06/25 17:18:27
2171 [ssh-keygen.1]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002172 sshd(8) will never read the private keys, but ssh(1) does;
Ben Lindstrombda98b02001-07-04 03:35:24 +00002173 hugh@mimosa.com
Ben Lindstrom248c0782001-07-04 03:40:39 +00002174 - provos@cvs.openbsd.org 2001/06/25 17:54:47
2175 [auth.c auth.h auth-rsa.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002176 terminate secure_filename checking after checking homedir. that way
Ben Lindstrom79073822001-07-04 03:42:30 +00002177 it works on AFS. okay markus@
2178 - stevesk@cvs.openbsd.org 2001/06/25 20:26:37
2179 [auth2.c sshconnect2.c]
2180 prototype cleanup; ok markus@
Ben Lindstromcd392282001-07-04 03:44:03 +00002181 - markus@cvs.openbsd.org 2001/06/26 02:47:07
2182 [ssh-keygen.c]
2183 allow loading a private RSA key to a cyberflex card.
Ben Lindstromd94580c2001-07-04 03:48:02 +00002184 - markus@cvs.openbsd.org 2001/06/26 04:07:06
2185 [ssh-agent.1 ssh-agent.c]
2186 add debug flag
Ben Lindstrom036a6b22001-07-04 03:50:02 +00002187 - markus@cvs.openbsd.org 2001/06/26 04:59:59
2188 [authfd.c authfd.h ssh-add.c]
2189 initial support for smartcards in the agent
Ben Lindstromdb6b2762001-07-04 03:51:35 +00002190 - markus@cvs.openbsd.org 2001/06/26 05:07:43
2191 [ssh-agent.c]
2192 update usage
Ben Lindstrom3f471632001-07-04 03:53:15 +00002193 - markus@cvs.openbsd.org 2001/06/26 05:33:34
2194 [ssh-agent.c]
2195 more smartcard support.
Ben Lindstrom88a6b752001-07-04 03:55:21 +00002196 - mpech@cvs.openbsd.org 2001/06/26 05:48:07
2197 [sshd.8]
2198 remove unnecessary .Pp between .It;
2199 millert@ ok
Ben Lindstrom90279d82001-07-04 03:56:56 +00002200 - markus@cvs.openbsd.org 2001/06/26 05:50:11
2201 [auth2.c]
2202 new interface for secure_filename()
Ben Lindstrom16ae3d02001-07-04 04:02:36 +00002203 - itojun@cvs.openbsd.org 2001/06/26 06:32:58
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002204 [atomicio.h authfd.h authfile.h auth.h auth-options.h bufaux.h
2205 buffer.h canohost.h channels.h cipher.h clientloop.h compat.h
2206 compress.h crc32.h deattack.h dh.h dispatch.h groupaccess.h
2207 hostfile.h kex.h key.h log.h mac.h match.h misc.h mpaux.h packet.h
Ben Lindstrom16ae3d02001-07-04 04:02:36 +00002208 radix.h readconf.h readpass.h rsa.h]
2209 prototype pedant. not very creative...
2210 - () -> (void)
2211 - no variable names
Ben Lindstromb4c774c2001-07-04 04:07:12 +00002212 - itojun@cvs.openbsd.org 2001/06/26 06:33:07
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002213 [servconf.h serverloop.h session.h sftp-client.h sftp-common.h
2214 sftp-glob.h sftp-int.h sshconnect.h ssh-dss.h sshlogin.h sshpty.h
Ben Lindstromb4c774c2001-07-04 04:07:12 +00002215 ssh-rsa.h tildexpand.h uidswap.h uuencode.h xmalloc.h]
2216 prototype pedant. not very creative...
2217 - () -> (void)
2218 - no variable names
Ben Lindstromec95ed92001-07-04 04:21:14 +00002219 - dugsong@cvs.openbsd.org 2001/06/26 16:15:25
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002220 [auth1.c auth.h auth-krb4.c auth-passwd.c readconf.c readconf.h
Ben Lindstromec95ed92001-07-04 04:21:14 +00002221 servconf.c servconf.h session.c sshconnect1.c sshd.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002222 Kerberos v5 support for SSH1, mostly from Assar Westerlund
Ben Lindstromec95ed92001-07-04 04:21:14 +00002223 <assar@freebsd.org> and Bjorn Gronvall <bg@sics.se>. markus@ ok
Ben Lindstrom5bf5d672001-07-04 04:31:38 +00002224 - markus@cvs.openbsd.org 2001/06/26 17:25:34
2225 [ssh.1]
2226 document SSH_ASKPASS; fubob@MIT.EDU
Ben Lindstrom4cc240d2001-07-04 04:46:56 +00002227 - markus@cvs.openbsd.org 2001/06/26 17:27:25
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002228 [authfd.h authfile.h auth.h auth-options.h bufaux.h buffer.h
2229 canohost.h channels.h cipher.h clientloop.h compat.h compress.h
2230 crc32.h deattack.h dh.h dispatch.h groupaccess.c groupaccess.h
2231 hostfile.h kex.h key.h log.c log.h mac.h misc.c misc.h mpaux.h
2232 packet.h radix.h readconf.h readpass.h rsa.h servconf.h serverloop.h
2233 session.h sftp-common.c sftp-common.h sftp-glob.h sftp-int.h
2234 sshconnect.h ssh-dss.h sshlogin.h sshpty.h ssh-rsa.h sshtty.h
Ben Lindstrom4cc240d2001-07-04 04:46:56 +00002235 tildexpand.h uidswap.h uuencode.h xmalloc.h]
2236 remove comments from .h, since they are cut&paste from the .c files
2237 and out of sync
Ben Lindstromeb7a84c2001-07-04 04:48:36 +00002238 - dugsong@cvs.openbsd.org 2001/06/26 17:41:49
2239 [servconf.c]
2240 #include <kafs.h>
Ben Lindstrombddd5512001-07-04 04:53:53 +00002241 - markus@cvs.openbsd.org 2001/06/26 20:14:11
2242 [key.c key.h ssh.c sshconnect1.c sshconnect2.c]
2243 add smartcard support to the client, too (now you can use both
2244 the agent and the client).
2245 - markus@cvs.openbsd.org 2001/06/27 02:12:54
2246 [serverloop.c serverloop.h session.c session.h]
2247 quick hack to make ssh2 work again.
Ben Lindstrom60260022001-07-04 04:56:44 +00002248 - markus@cvs.openbsd.org 2001/06/27 04:48:53
2249 [auth.c match.c sshd.8]
2250 tridge@samba.org
Ben Lindstrom680b2762001-07-04 05:00:11 +00002251 - markus@cvs.openbsd.org 2001/06/27 05:35:42
2252 [ssh-keygen.c]
2253 use cyberflex_inq_class to inquire class.
Ben Lindstromf7297dd2001-07-04 05:02:23 +00002254 - markus@cvs.openbsd.org 2001/06/27 05:42:25
2255 [rsa.c rsa.h ssh-agent.c ssh-keygen.c]
2256 s/generate_additional_parameters/rsa_generate_additional_parameters/
2257 http://www.humppa.com/
Ben Lindstrom44e49af2001-07-04 05:03:51 +00002258 - markus@cvs.openbsd.org 2001/06/27 06:26:36
2259 [ssh-add.c]
2260 convert to getopt(3)
Ben Lindstrom511d69e2001-07-04 05:05:27 +00002261 - stevesk@cvs.openbsd.org 2001/06/28 19:57:35
2262 [ssh-keygen.c]
2263 '\0' terminated data[] is ok; ok markus@
Ben Lindstrom7feba352001-07-04 05:06:59 +00002264 - markus@cvs.openbsd.org 2001/06/29 07:06:34
2265 [ssh-keygen.c]
2266 new error handling for cyberflex_*
Ben Lindstromd6e049c2001-07-04 05:08:39 +00002267 - markus@cvs.openbsd.org 2001/06/29 07:11:01
2268 [ssh-keygen.c]
2269 initialize early
Ben Lindstromdb47f382001-07-04 05:10:27 +00002270 - stevesk@cvs.openbsd.org 2001/06/29 18:38:44
2271 [clientloop.c]
2272 sync function definition with declaration; ok markus@
Ben Lindstrom11180952001-07-04 05:13:35 +00002273 - stevesk@cvs.openbsd.org 2001/06/29 18:40:28
2274 [channels.c]
2275 use socklen_t for getsockopt arg #5; ok markus@
Ben Lindstrom173e6462001-07-04 05:15:15 +00002276 - stevesk@cvs.openbsd.org 2001/06/30 18:08:40
2277 [channels.c channels.h clientloop.c]
2278 adress -> address; ok markus@
Ben Lindstrom4983d5e2001-07-04 05:17:40 +00002279 - markus@cvs.openbsd.org 2001/07/02 13:59:15
2280 [serverloop.c session.c session.h]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002281 wait until !session_have_children(); bugreport from
Ben Lindstrom4983d5e2001-07-04 05:17:40 +00002282 Lutz.Jaenicke@aet.TU-Cottbus.DE
Ben Lindstrom4f42d8c2001-07-04 05:19:27 +00002283 - markus@cvs.openbsd.org 2001/07/02 22:29:20
2284 [readpass.c]
2285 do not return NULL, use "" instead.
Ben Lindstrom00477642001-07-04 05:24:27 +00002286 - markus@cvs.openbsd.org 2001/07/02 22:40:18
2287 [ssh-keygen.c]
2288 update for sectok.h interface changes.
Ben Lindstrom809744e2001-07-04 05:26:06 +00002289 - markus@cvs.openbsd.org 2001/07/02 22:52:57
2290 [channels.c channels.h serverloop.c]
2291 improve cleanup/exit logic in ssh2:
2292 stop listening to channels, detach channel users (e.g. sessions).
2293 wait for children (i.e. dying sessions), send exit messages,
2294 cleanup all channels.
Ben Lindstrom3133dbb2001-07-04 05:35:00 +00002295 - (bal) forget a few new files in sync up.
Ben Lindstromf70b59c2001-07-04 05:40:19 +00002296 - (bal) Makefile fix up requires scard.c
Kevin Stevesd009ae32001-07-04 17:25:54 +00002297 - (stevesk) sync misc.h
Kevin Steves8f63caa2001-07-04 18:23:02 +00002298 - (stevesk) more sync for session.c
Kevin Stevese468de62001-07-04 18:37:20 +00002299 - (stevesk) sync servconf.h (comments)
Tim Rice7281a9b2001-07-04 17:45:28 -07002300 - (tim) [contrib/caldera/openssh.spec] sync with Caldera
Tim Rice024acc42001-07-04 21:27:20 -07002301 - (tim) [openbsd-compat/dirname.h] Remove ^M causing some compilers to
2302 issue warning (line 1: tokens ignored at end of directive line)
2303 - (tim) [sshconnect1.c] give the compiler something to do for success:
2304 if KRB5 and AFS are not defined
2305 (ERROR: "sshconnect1.c", line 1274: Syntax error before or at: })
Ben Lindstrom3133dbb2001-07-04 05:35:00 +00002306
Ben Lindstromdeacfcc2001-06-29 12:32:31 +0000230720010629
2308 - (bal) Removed net_aton() since we don't use it any more
Ben Lindstrom5d739a42001-06-29 12:35:12 +00002309 - (bal) Fixed _DISABLE_VPOSIX in readpassphrase.c.
Ben Lindstrom1cd6fef2001-06-29 12:39:23 +00002310 - (bal) Updated zlib's home. Thanks to David Howe <DaveHowe@gmx.co.uk>.
Kevin Steves78e83b32001-06-29 16:56:16 +00002311 - (stevesk) remove _REENTRANT #define
Kevin Steves9b26f962001-06-29 17:52:17 +00002312 - (stevesk) session.c: use u_int for envsize
Kevin Steves5cc6e922001-06-29 19:51:48 +00002313 - (stevesk) remove cli.[ch]
Ben Lindstromdeacfcc2001-06-29 12:32:31 +00002314
Damien Miller180207f2001-06-28 14:48:28 +1000231520010628
2316 - (djm) Sync openbsd-compat with -current libc
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002317 - (djm) Fix from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE> for my
Damien Milleracf59e62001-06-28 20:23:14 +10002318 broken makefile
Ben Lindstrome6affc62001-06-28 23:27:37 +00002319 - (bal) Removed strtok_r() and inet_ntop() since they are no longer used.
2320 - (bal) Remove getusershell() since it's no longer used.
Damien Miller180207f2001-06-28 14:48:28 +10002321
Damien Miller665af9c2001-06-27 09:34:15 +1000232220010627
2323 - (djm) Reintroduce pam_session call for non-pty sessions.
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002324 - (djm) Remove redundant and incorrect test for max auth attempts in
2325 PAM kbdint code. Based on fix from Matthew Melvin
Damien Millerec9868a2001-06-27 15:36:43 +10002326 <matthewm@webcentral.com.au>
Damien Miller407548b2001-06-27 17:07:16 +10002327 - (djm) Rename sysconfdir/primes => sysconfdir/moduli
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002328 - (djm) Oops, forgot make logic for primes=>moduli. Also try to rename
Damien Millerb5b0af42001-06-27 21:52:32 +10002329 existing primes->moduli if it exists.
Damien Millerb90416b2001-06-27 23:26:38 +10002330 - (djm) Sync with -current openbsd-compat/readpassphrase.c:
2331 - djm@cvs.openbsd.org 2001/06/27 13:23:30
2332 typo, spotted by Tom Holroyd <tomh@po.crl.go.jp>; ok deraadt@
Damien Miller649d9992001-06-27 23:35:51 +10002333 - (djm) Turn up warnings if gcc or egcs detected
Kevin Steves6a7b0de2001-06-27 16:32:24 +00002334 - (stevesk) for HP-UX 11.X use X/Open socket interface;
2335 pulls in modern socket prototypes and eliminates a number of compiler
2336 warnings. see xopen_networking(7).
Kevin Steves37a777e2001-06-28 00:13:48 +00002337 - (stevesk) fix x11 forwarding from _PATH_XAUTH change
Kevin Steves315f8b72001-06-28 00:24:41 +00002338 - (stevesk) use X/Open socket interface for HP-UX 10.X also
Damien Miller665af9c2001-06-27 09:34:15 +10002339
Ben Lindstromb710f782001-06-25 04:32:38 +0000234020010625
Ben Lindstrom07094e52001-06-25 03:59:43 +00002341 - OpenBSD CVS Sync
Ben Lindstrom488d8802001-06-25 04:24:49 +00002342 - markus@cvs.openbsd.org 2001/06/21 21:08:25
2343 [session.c]
2344 don't reset forced_command (we allow multiple login shells in
2345 ssh2); dwd@bell-labs.com
Ben Lindstromd2bf0d62001-06-25 04:10:54 +00002346 - mpech@cvs.openbsd.org 2001/06/22 10:17:51
2347 [ssh.1 sshd.8 ssh-keyscan.1]
2348 o) .Sh AUTHOR -> .Sh AUTHORS;
2349 o) remove unnecessary .Pp;
2350 o) better -mdoc style;
2351 o) typo;
2352 o) sort SEE ALSO;
Ben Lindstromd2bf0d62001-06-25 04:10:54 +00002353 aaron@ ok
Ben Lindstrom93a29e02001-06-25 04:13:25 +00002354 - provos@cvs.openbsd.org 2001/06/22 21:27:08
2355 [dh.c pathnames.h]
2356 use /etc/moduli instead of /etc/primes, okay markus@
Ben Lindstromae1c51c2001-06-25 04:14:59 +00002357 - provos@cvs.openbsd.org 2001/06/22 21:28:53
2358 [sshd.8]
2359 document /etc/moduli
Ben Lindstromf96704d2001-06-25 04:17:12 +00002360 - markus@cvs.openbsd.org 2001/06/22 21:55:49
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002361 [auth2.c auth-rsa.c pathnames.h ssh.1 sshd.8 sshd_config
Ben Lindstromf96704d2001-06-25 04:17:12 +00002362 ssh-keygen.1]
2363 merge authorized_keys2 into authorized_keys.
2364 authorized_keys2 is used for backward compat.
2365 (just append authorized_keys2 to authorized_keys).
Ben Lindstromaf738802001-06-25 04:18:59 +00002366 - provos@cvs.openbsd.org 2001/06/22 21:57:59
2367 [dh.c]
2368 increase linebuffer to deal with larger moduli; use rewind instead of
2369 close/open
Ben Lindstrom488d8802001-06-25 04:24:49 +00002370 - markus@cvs.openbsd.org 2001/06/22 22:21:20
2371 [sftp-server.c]
2372 allow long usernames/groups in readdir
Ben Lindstrome586c4c2001-06-25 05:04:58 +00002373 - markus@cvs.openbsd.org 2001/06/22 23:35:21
Ben Lindstrom6ab64862001-06-25 04:26:55 +00002374 [ssh.c]
2375 don't overwrite argv (fixes ssh user@host in 'ps'), report by ericj@
Ben Lindstrom7d5ed3a2001-06-25 04:28:30 +00002376 - deraadt@cvs.openbsd.org 2001/06/23 00:16:16
2377 [scp.c]
2378 slightly better care
Ben Lindstrom83647ce2001-06-25 04:30:16 +00002379 - markus@cvs.openbsd.org 2001/06/23 00:20:57
2380 [auth2.c auth.c auth.h auth-rh-rsa.c]
2381 *known_hosts2 is obsolete for hostbased authentication and
2382 only used for backward compat. merge ssh1/2 hostkey check
2383 and move it to auth.c
Ben Lindstromb710f782001-06-25 04:32:38 +00002384 - deraadt@cvs.openbsd.org 2001/06/23 02:33:05
2385 [sftp.1 sftp-server.8 ssh-keygen.1]
2386 join .%A entries; most by bk@rt.fm
Ben Lindstromd6481ea2001-06-25 04:37:41 +00002387 - markus@cvs.openbsd.org 2001/06/23 02:34:33
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002388 [kexdh.c kexgex.c kex.h pathnames.h readconf.c servconf.h ssh.1
Ben Lindstromd6481ea2001-06-25 04:37:41 +00002389 sshconnect1.c sshconnect2.c sshconnect.c sshconnect.h sshd.8]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002390 get rid of known_hosts2, use it for hostkey lookup, but do not
Ben Lindstromd6481ea2001-06-25 04:37:41 +00002391 modify.
Ben Lindstrom3c798d42001-06-25 04:39:22 +00002392 - markus@cvs.openbsd.org 2001/06/23 03:03:59
2393 [sshd.8]
2394 draft-ietf-secsh-dh-group-exchange-01.txt
Ben Lindstroma4789ef2001-06-25 04:40:49 +00002395 - markus@cvs.openbsd.org 2001/06/23 03:04:42
2396 [auth2.c auth-rh-rsa.c]
2397 restore correct ignore_user_known_hosts logic.
Ben Lindstrom5363aee2001-06-25 04:42:20 +00002398 - markus@cvs.openbsd.org 2001/06/23 05:26:02
2399 [key.c]
2400 handle sigature of size 0 (some broken clients send this).
Ben Lindstrom90fd0602001-06-25 04:45:33 +00002401 - deraadt@cvs.openbsd.org 2001/06/23 05:57:09
2402 [sftp.1 sftp-server.8 ssh-keygen.1]
2403 ok, tmac is now fixed
Ben Lindstrom34f91882001-06-25 04:47:54 +00002404 - markus@cvs.openbsd.org 2001/06/23 06:41:10
2405 [ssh-keygen.c]
2406 try to decode ssh-3.0.0 private rsa keys
2407 (allow migration to openssh, not vice versa), #910
Ben Lindstrombba81212001-06-25 05:01:22 +00002408 - itojun@cvs.openbsd.org 2001/06/23 15:12:20
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002409 [auth1.c auth2.c auth2-chall.c authfd.c authfile.c auth-rhosts.c
2410 canohost.c channels.c cipher.c clientloop.c deattack.c dh.c
2411 hostfile.c kex.c kexdh.c kexgex.c key.c nchan.c packet.c radix.c
2412 readpass.c scp.c servconf.c serverloop.c session.c sftp.c
2413 sftp-client.c sftp-glob.c sftp-int.c sftp-server.c ssh-add.c
2414 ssh-agent.c ssh.c sshconnect1.c sshconnect2.c sshconnect.c sshd.c
Ben Lindstrombba81212001-06-25 05:01:22 +00002415 ssh-keygen.c ssh-keyscan.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002416 more strict prototypes. raise warning level in Makefile.inc.
Ben Lindstrombba81212001-06-25 05:01:22 +00002417 markus ok'ed
2418 TODO; cleanup headers
Ben Lindstrome586c4c2001-06-25 05:04:58 +00002419 - markus@cvs.openbsd.org 2001/06/23 17:05:22
2420 [ssh-keygen.c]
2421 fix import for (broken?) ssh.com/f-secure private keys
2422 (i tested > 1000 RSA keys)
Ben Lindstrom24643222001-06-25 05:08:11 +00002423 - itojun@cvs.openbsd.org 2001/06/23 17:48:18
2424 [sftp.1 ssh.1 sshd.8 ssh-keyscan.1]
2425 kill whitespace at EOL.
Ben Lindstrom98097862001-06-25 05:10:20 +00002426 - markus@cvs.openbsd.org 2001/06/23 19:12:43
2427 [sshd.c]
2428 pidfile/sigterm race; bbraun@synack.net
Ben Lindstrom05209452001-06-25 05:16:02 +00002429 - markus@cvs.openbsd.org 2001/06/23 22:37:46
2430 [sshconnect1.c]
2431 consistent with ssh2: skip key if empty passphrase is entered,
2432 retry num_of_passwd_prompt times if passphrase is wrong. ok fgsch@
Ben Lindstromf0c50292001-06-25 05:17:53 +00002433 - markus@cvs.openbsd.org 2001/06/24 05:25:10
2434 [auth-options.c match.c match.h]
2435 move ip+hostname check to match.c
Ben Lindstrom949974b2001-06-25 05:20:31 +00002436 - markus@cvs.openbsd.org 2001/06/24 05:35:33
2437 [readpass.c readpass.h ssh-add.c sshconnect2.c ssh-keygen.c]
2438 switch to readpassphrase(3)
2439 2.7/8-stable needs readpassphrase.[ch] from libc
Ben Lindstrom126c56a2001-06-25 05:22:53 +00002440 - markus@cvs.openbsd.org 2001/06/24 05:47:13
2441 [sshconnect2.c]
2442 oops, missing format string
Ben Lindstrom491bbb82001-06-25 05:24:16 +00002443 - markus@cvs.openbsd.org 2001/06/24 17:18:31
2444 [ttymodes.c]
2445 passing modes works fine: debug2->3
Damien Miller2d5ac082001-06-25 17:07:59 +10002446 - (djm) -Wall fix for session.c
Damien Millerc8a38682001-06-25 18:09:16 +10002447 - (djm) Bring in readpassphrase() from OpenBSD libc. Compiles OK on Linux and
2448 Solaris
Ben Lindstrom07094e52001-06-25 03:59:43 +00002449
Kevin Steves82456952001-06-22 21:14:18 +0000245020010622
2451 - (stevesk) handle systems without pw_expire and pw_change.
2452
Ben Lindstrom352b1c22001-06-21 03:04:37 +0000245320010621
2454 - OpenBSD CVS Sync
2455 - markus@cvs.openbsd.org 2001/06/16 08:49:38
2456 [misc.c]
2457 typo; dunlap@apl.washington.edu
Ben Lindstrom83417a82001-06-21 03:07:27 +00002458 - markus@cvs.openbsd.org 2001/06/16 08:50:39
2459 [channels.h]
2460 bad //-style comment; thx to stevev@darkwing.uoregon.edu
Ben Lindstrom738f51e2001-06-21 03:08:58 +00002461 - markus@cvs.openbsd.org 2001/06/16 08:57:35
2462 [scp.c]
2463 no stdio or exit() in signal handlers.
Ben Lindstrom3af4d462001-06-21 03:11:27 +00002464 - markus@cvs.openbsd.org 2001/06/16 08:58:34
2465 [misc.c]
2466 copy pw_expire and pw_change, too.
Ben Lindstromc85ab8a2001-06-21 03:13:10 +00002467 - markus@cvs.openbsd.org 2001/06/19 12:34:09
2468 [session.c]
2469 cleanup forced command handling, from dwd@bell-labs.com
Ben Lindstrom699776e2001-06-21 03:14:49 +00002470 - markus@cvs.openbsd.org 2001/06/19 14:09:45
2471 [session.c sshd.8]
2472 disable x11-fwd if use_login is enabled; from lukem@wasabisystems.com
Ben Lindstrom0a7ca6c2001-06-21 03:17:42 +00002473 - markus@cvs.openbsd.org 2001/06/19 15:40:45
2474 [session.c]
2475 allocate and free at the same level.
Ben Lindstrom601e4362001-06-21 03:19:23 +00002476 - markus@cvs.openbsd.org 2001/06/20 13:56:39
2477 [channels.c channels.h clientloop.c packet.c serverloop.c]
2478 move from channel_stop_listening to channel_free_all,
2479 call channel_free_all before calling waitpid() in serverloop.
2480 fixes the utmp handling; report from Lutz.Jaenicke@aet.TU-Cottbus.DE
Ben Lindstrom352b1c22001-06-21 03:04:37 +00002481
Kevin Steves974fb9c2001-06-15 00:04:23 +0000248220010615
2483 - (stevesk) don't set SA_RESTART and set SIGCHLD to SIG_DFL
2484 around grantpt().
Kevin Steves805cf5a2001-06-15 04:23:12 +00002485 - (stevesk) update TODO: STREAMS pty systems don't call vhangup() now
Kevin Steves974fb9c2001-06-15 00:04:23 +00002486
Ben Lindstrom7a837222001-06-13 19:23:32 +0000248720010614
2488 - OpenBSD CVS Sync
2489 - markus@cvs.openbsd.org 2001/06/13 09:10:31
2490 [session.c]
2491 typo, use pid not s->pid, mstone@cs.loyola.edu
2492
Ben Lindstrom7eaf8e42001-06-13 04:35:43 +0000249320010613
Ben Lindstrom7a837222001-06-13 19:23:32 +00002494 - OpenBSD CVS Sync
Ben Lindstrom7eaf8e42001-06-13 04:35:43 +00002495 - markus@cvs.openbsd.org 2001/06/12 10:58:29
2496 [session.c]
2497 merge session_free into session_close()
2498 merge pty_cleanup_proc into session_pty_cleanup()
Ben Lindstrom49c12602001-06-13 04:37:36 +00002499 - markus@cvs.openbsd.org 2001/06/12 16:10:38
2500 [session.c]
2501 merge ssh1/ssh2 tty msg parse and alloc code
Ben Lindstrom16d45b32001-06-13 04:39:18 +00002502 - markus@cvs.openbsd.org 2001/06/12 16:11:26
2503 [packet.c]
2504 do not log() packet_set_maxsize
Ben Lindstrom2bcdf062001-06-13 04:41:41 +00002505 - markus@cvs.openbsd.org 2001/06/12 21:21:29
2506 [session.c]
2507 remove xauth-cookie-in-tmp handling. use default $XAUTHORITY, since
2508 we do already trust $HOME/.ssh
2509 you can use .ssh/sshrc and .ssh/environment if you want to customize
2510 the location of the xauth cookies
Ben Lindstromc51ae1b2001-06-13 04:43:52 +00002511 - markus@cvs.openbsd.org 2001/06/12 21:30:57
2512 [session.c]
2513 unused
Ben Lindstrom7eaf8e42001-06-13 04:35:43 +00002514
Ben Lindstrom16c1bd62001-06-12 00:12:56 +0000251520010612
Ben Lindstrom0a0c3a62001-06-12 00:15:57 +00002516 - scp.c ID update (upstream synced vfsprintf() from us)
2517 - OpenBSD CVS Sync
Ben Lindstrom16c1bd62001-06-12 00:12:56 +00002518 - markus@cvs.openbsd.org 2001/06/10 11:29:20
2519 [dispatch.c]
2520 we support rekeying
2521 protocol errors are fatal.
Ben Lindstrom88259fb2001-06-12 00:21:34 +00002522 - markus@cvs.openbsd.org 2001/06/11 10:18:24
2523 [session.c]
2524 reset pointer to NULL after xfree(); report from solar@openwall.com
Ben Lindstrom34a99682001-06-12 00:23:12 +00002525 - markus@cvs.openbsd.org 2001/06/11 16:04:38
2526 [sshd.8]
2527 typo; bdubreuil@crrel.usace.army.mil
Ben Lindstrom16c1bd62001-06-12 00:12:56 +00002528
Ben Lindstrom68c3ce12001-06-10 17:24:51 +0000252920010611
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002530 - (bal) NeXT/MacOS X lack libgen.h and dirname(). Patch by Mark Miller
2531 <markm@swoon.net>
Ben Lindstromd7d7da12001-06-10 17:35:45 +00002532 - (bal) Handle broken krb4 issues on Solaris with multiple defined u_*_t
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002533 types. Patch by Jan IVEN <Jan.Iven@cern.ch>
Ben Lindstrom0b355722001-06-10 17:43:35 +00002534 - (bal) Fixed Makefile.in so that 'configure; make install' works.
Ben Lindstrom68c3ce12001-06-10 17:24:51 +00002535
Ben Lindstromd1aed9c2001-06-10 00:41:18 +0000253620010610
2537 - (bal) Missed two files in major resync. auth-bsdauth.c and auth-skey.c
2538
Ben Lindstrome6455ae2001-06-09 00:17:10 +0000253920010609
2540 - OpenBSD CVS Sync
2541 - markus@cvs.openbsd.org 2001/05/30 12:55:13
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002542 [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
Ben Lindstrome6455ae2001-06-09 00:17:10 +00002543 packet.c serverloop.c session.c ssh.c ssh1.h]
2544 channel layer cleanup: merge header files and split .c files
Ben Lindstrom5ec26452001-06-09 00:18:51 +00002545 - markus@cvs.openbsd.org 2001/05/30 15:20:10
2546 [ssh.c]
2547 merge functions, simplify.
Ben Lindstromc7637672001-06-09 00:36:26 +00002548 - markus@cvs.openbsd.org 2001/05/31 10:30:17
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002549 [auth-options.c auth2.c channels.c channels.h clientloop.c nchan.c
Ben Lindstromc7637672001-06-09 00:36:26 +00002550 packet.c serverloop.c session.c ssh.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002551 undo the .c file split, just merge the header and keep the cvs
Ben Lindstromc7637672001-06-09 00:36:26 +00002552 history
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002553 - (bal) Channels.c and Channels.h -- "Merge Functions, simplify" (draged
Ben Lindstrome9c99912001-06-09 00:41:05 +00002554 out of ssh Attic)
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002555 - (bal) Ooops.. nchan.c (and remove nchan.h) resync from OpenBSD ssh
Ben Lindstromc4b72252001-06-09 01:09:51 +00002556 Attic.
2557 - OpenBSD CVS Sync
2558 - markus@cvs.openbsd.org 2001/05/31 13:08:04
2559 [sshd_config]
2560 group options and add some more comments
Ben Lindstrom838394c2001-06-09 01:11:59 +00002561 - markus@cvs.openbsd.org 2001/06/03 14:55:39
2562 [channels.c channels.h session.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002563 use fatal_register_cleanup instead of atexit, sync with x11 authdir
Ben Lindstrom838394c2001-06-09 01:11:59 +00002564 handling
Ben Lindstrom2a097a42001-06-09 01:13:40 +00002565 - markus@cvs.openbsd.org 2001/06/03 19:36:44
2566 [ssh-keygen.1]
2567 1-2 bits of entrophy per character (not per word), ok stevesk@
Ben Lindstrom9cc94642001-06-09 01:15:11 +00002568 - markus@cvs.openbsd.org 2001/06/03 19:38:42
2569 [scp.c]
2570 pass -v to ssh; from slade@shore.net
Ben Lindstrom742e89e2001-06-09 01:17:23 +00002571 - markus@cvs.openbsd.org 2001/06/03 20:06:11
2572 [auth2-chall.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002573 the challenge response device decides how to handle non-existing
Ben Lindstrom742e89e2001-06-09 01:17:23 +00002574 users.
2575 -> fake challenges for skey and cryptocard
Ben Lindstrom983c0982001-06-09 01:20:06 +00002576 - markus@cvs.openbsd.org 2001/06/04 21:59:43
2577 [channels.c channels.h session.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002578 switch uid when cleaning up tmp files and sockets; reported by
Ben Lindstrom983c0982001-06-09 01:20:06 +00002579 zen-parse@gmx.net on bugtraq
Ben Lindstromec46e0b2001-06-09 01:27:31 +00002580 - markus@cvs.openbsd.org 2001/06/04 23:07:21
2581 [clientloop.c serverloop.c sshd.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002582 set flags in the signal handlers, do real work in the main loop,
Ben Lindstromec46e0b2001-06-09 01:27:31 +00002583 ok provos@
Ben Lindstrom768176b2001-06-09 01:29:12 +00002584 - markus@cvs.openbsd.org 2001/06/04 23:16:16
2585 [session.c]
2586 merge ssh1/2 x11-fwd setup, create listener after tmp-dir
Ben Lindstroma238f6e2001-06-09 01:30:39 +00002587 - pvalchev@cvs.openbsd.org 2001/06/05 05:05:39
2588 [ssh-keyscan.1 ssh-keyscan.c]
2589 License clarification from David Mazieres, ok deraadt@
Ben Lindstromdf4981b2001-06-09 01:32:29 +00002590 - markus@cvs.openbsd.org 2001/06/05 10:24:32
2591 [channels.c]
2592 don't delete the auth socket in channel_stop_listening()
2593 auth_sock_cleanup_proc() will take care of this.
Ben Lindstromcb3929d2001-06-09 01:34:15 +00002594 - markus@cvs.openbsd.org 2001/06/05 16:46:19
2595 [session.c]
2596 let session_close() delete the pty. deny x11fwd if xauthfile is set.
Ben Lindstromc66d4362001-06-09 01:36:21 +00002597 - markus@cvs.openbsd.org 2001/06/06 23:13:54
2598 [ssh-dss.c ssh-rsa.c]
2599 cleanup, remove old code
Ben Lindstrom5acb5d02001-06-09 01:38:24 +00002600 - markus@cvs.openbsd.org 2001/06/06 23:19:35
2601 [ssh-add.c]
2602 remove debug message; Darren.Moffat@eng.sun.com
Ben Lindstrom9d0c0662001-06-09 01:40:00 +00002603 - markus@cvs.openbsd.org 2001/06/07 19:57:53
2604 [auth2.c]
2605 style is used for bsdauth.
2606 disconnect on user/service change (ietf-drafts)
Ben Lindstrom664408d2001-06-09 01:42:01 +00002607 - markus@cvs.openbsd.org 2001/06/07 20:23:05
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002608 [authfd.c authfile.c channels.c kexdh.c kexgex.c packet.c ssh.c
Ben Lindstrom664408d2001-06-09 01:42:01 +00002609 sshconnect.c sshconnect1.c]
2610 use xxx_put_cstring()
Ben Lindstrom4d3f2272001-06-09 01:44:07 +00002611 - markus@cvs.openbsd.org 2001/06/07 22:25:02
2612 [session.c]
2613 don't overwrite errno
2614 delay deletion of the xauth cookie
Ben Lindstrom1bf11f62001-06-09 01:48:01 +00002615 - markus@cvs.openbsd.org 2001/06/08 15:25:40
2616 [includes.h pathnames.h readconf.c servconf.c]
2617 move the path for xauth to pathnames.h
Ben Lindstrom23fec142001-06-09 02:16:28 +00002618 - (bal) configure.in fix for Tru64 (forgeting to reset $LIB)
Ben Lindstromb30768f2001-06-09 02:22:16 +00002619 - (bal) ANSIify strmode()
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002620 - (bal) --with-catman should be --with-mantype patch by Dave
2621 Dykstra <dwd@bell-labs.com>
Ben Lindstrom1bf11f62001-06-09 01:48:01 +00002622
Ben Lindstromc4bcb7d2001-06-05 18:39:10 +0000262320010606
Ben Lindstrome6455ae2001-06-09 00:17:10 +00002624 - OpenBSD CVS Sync
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002625 - markus@cvs.openbsd.org 2001/05/17 21:34:15
Ben Lindstrome6455ae2001-06-09 00:17:10 +00002626 [ssh.1]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002627 no spaces in PreferredAuthentications;
Ben Lindstrom551ea372001-06-05 18:56:16 +00002628 meixner@rbg.informatik.tu-darmstadt.de
2629 - markus@cvs.openbsd.org 2001/05/18 14:13:29
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002630 [auth-chall.c auth.h auth1.c auth2-chall.c auth2.c readconf.c
Ben Lindstrom551ea372001-06-05 18:56:16 +00002631 readconf.h servconf.c servconf.h sshconnect1.c sshconnect2.c sshd.c]
2632 improved kbd-interactive support. work by per@appgate.com and me
Ben Lindstrom7d68fbf2001-06-05 19:29:20 +00002633 - djm@cvs.openbsd.org 2001/05/19 00:36:40
2634 [session.c]
2635 Disable X11 forwarding if xauth binary is not found. Patch from Nalin
2636 Dahyabhai <nalin@redhat.com>; ok markus@
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002637 - markus@cvs.openbsd.org 2001/05/19 16:05:41
2638 [scp.c]
Ben Lindstrom7bad55b2001-06-05 19:31:41 +00002639 ftruncate() instead of open()+O_TRUNC like rcp.c does
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002640 allows scp /path/to/file localhost:/path/to/file
2641 - markus@cvs.openbsd.org 2001/05/19 16:08:43
2642 [sshd.8]
Ben Lindstrom608d1d12001-06-05 19:33:22 +00002643 sort options; Matthew.Stier@fnc.fujitsu.com
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002644 - markus@cvs.openbsd.org 2001/05/19 16:32:16
2645 [ssh.1 sshconnect2.c]
2646 change preferredauthentication order to
2647 publickey,hostbased,password,keyboard-interactive
Ben Lindstrom1bfe2912001-06-05 19:37:25 +00002648 document that hostbased defaults to no, document order
Ben Lindstrombd0e2de2001-06-05 19:52:52 +00002649 - markus@cvs.openbsd.org 2001/05/19 16:46:19
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002650 [ssh.1 sshd.8]
2651 document MACs defaults with .Dq
2652 - stevesk@cvs.openbsd.org 2001/05/19 19:43:57
2653 [misc.c misc.h servconf.c sshd.8 sshd.c]
2654 sshd command-line arguments and configuration file options that
2655 specify time may be expressed using a sequence of the form:
Ben Lindstrom1bda4c82001-06-05 19:59:08 +00002656 time[qualifier], where time is a positive integer value and qualifier
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002657 is one of the following:
2658 <none>,s,m,h,d,w
2659 Examples:
2660 600 600 seconds (10 minutes)
2661 10m 10 minutes
2662 1h30m 1 hour 30 minutes (90 minutes)
2663 ok markus@
Ben Lindstrome2595442001-06-05 20:01:39 +00002664 - stevesk@cvs.openbsd.org 2001/05/19 19:57:09
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002665 [channels.c]
2666 typo in error message
Ben Lindstrome6455ae2001-06-09 00:17:10 +00002667 - markus@cvs.openbsd.org 2001/05/20 17:20:36
Ben Lindstrombfb3a0e2001-06-05 20:25:05 +00002668 [auth-rsa.c auth.c auth.h auth2.c servconf.c servconf.h sshd.8
2669 sshd_config]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002670 configurable authorized_keys{,2} location; originally from peter@;
2671 ok djm@
Ben Lindstrom60567ff2001-06-05 20:27:53 +00002672 - markus@cvs.openbsd.org 2001/05/24 11:12:42
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002673 [auth.c]
2674 fix comment; from jakob@
2675 - stevesk@cvs.openbsd.org 2001/05/24 18:57:53
2676 [clientloop.c readconf.c ssh.c ssh.h]
Ben Lindstrom2b1f71b2001-06-05 20:32:21 +00002677 don't perform escape processing when ``EscapeChar none''; ok markus@
Ben Lindstromd78ae762001-06-05 20:35:09 +00002678 - markus@cvs.openbsd.org 2001/05/25 14:37:32
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002679 [ssh-keygen.c]
2680 use -P for -e and -y, too.
Ben Lindstrom3b89c5e2001-06-05 20:44:16 +00002681 - markus@cvs.openbsd.org 2001/05/28 08:04:39
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002682 [ssh.c]
2683 fix usage()
2684 - markus@cvs.openbsd.org 2001/05/28 10:08:55
2685 [authfile.c]
Ben Lindstrom322915d2001-06-05 20:46:32 +00002686 key_load_private: set comment to filename for PEM keys
Ben Lindstroma3828d42001-06-05 20:50:16 +00002687 - markus@cvs.openbsd.org 2001/05/28 22:51:11
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002688 [cipher.c cipher.h]
2689 simpler 3des for ssh1
2690 - markus@cvs.openbsd.org 2001/05/28 23:14:49
2691 [channels.c channels.h nchan.c]
Ben Lindstromc0dee1a2001-06-05 20:52:50 +00002692 undo broken channel fix and try a different one. there
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002693 should be still some select errors...
2694 - markus@cvs.openbsd.org 2001/05/28 23:25:24
2695 [channels.c]
2696 cleanup, typo
Ben Lindstrom80c6d772001-06-05 21:09:18 +00002697 - markus@cvs.openbsd.org 2001/05/28 23:58:35
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002698 [packet.c packet.h sshconnect.c sshd.c]
2699 remove some lines, simplify.
Ben Lindstrom2d0356f2001-06-05 21:13:57 +00002700 - markus@cvs.openbsd.org 2001/05/29 12:31:27
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002701 [authfile.c]
2702 typo
Ben Lindstrom551ea372001-06-05 18:56:16 +00002703
Tim Rice36fb6e52001-05-28 10:17:34 -0700270420010528
2705 - (tim) [conifgure.in] add setvbuf test needed for sftp-int.c
2706 Patch by Corinna Vinschen <vinschen@redhat.com>
2707
Ben Lindstromabbb73d2001-05-17 03:14:57 +0000270820010517
2709 - OpenBSD CVS Sync
2710 - markus@cvs.openbsd.org 2001/05/12 19:53:13
2711 [sftp-server.c]
2712 readlink does not NULL-terminate; mhe@home.se
Ben Lindstrom71215072001-05-17 03:16:18 +00002713 - deraadt@cvs.openbsd.org 2001/05/15 22:04:01
2714 [ssh.1]
2715 X11 forwarding details improved
Ben Lindstrom06b08012001-05-17 03:17:55 +00002716 - markus@cvs.openbsd.org 2001/05/16 20:51:57
2717 [authfile.c]
2718 return comments for private pem files, too; report from nolan@naic.edu
Ben Lindstromc8b3f472001-05-17 03:19:40 +00002719 - markus@cvs.openbsd.org 2001/05/16 21:53:53
2720 [clientloop.c]
2721 check for open sessions before we call select(); fixes the x11 client
2722 bug reported by bowman@math.ualberta.ca
Ben Lindstromb6147ab2001-05-17 03:21:27 +00002723 - markus@cvs.openbsd.org 2001/05/16 22:09:21
2724 [channels.c nchan.c]
2725 more select() error fixes (don't set rfd/wfd to -1).
Ben Lindstromca60a9b2001-05-17 03:32:50 +00002726 - (bal) Enabled USE_PIPES for Cygwin on Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002727 - (bal) Corrected on_exit() emulation via atexit().
Ben Lindstromabbb73d2001-05-17 03:14:57 +00002728
Ben Lindstromc93e84c2001-05-12 00:08:37 +0000272920010512
2730 - OpenBSD CVS Sync
2731 - markus@cvs.openbsd.org 2001/05/11 14:59:56
2732 [clientloop.c misc.c misc.h]
2733 add unset_nonblock for stdout/err flushing in client_loop().
Ben Lindstrom6ef39642001-05-12 16:50:50 +00002734 - (bal) Patch to partial sync up contrib/solaris/ packaging software.
2735 Patch by pete <ninjaz@webexpress.com>
Ben Lindstromc93e84c2001-05-12 00:08:37 +00002736
Ben Lindstrom6d618462001-05-10 23:24:49 +0000273720010511
2738 - OpenBSD CVS Sync
2739 - markus@cvs.openbsd.org 2001/05/09 22:51:57
2740 [channels.c]
2741 fix -R for protocol 2, noticed by greg@nest.cx.
2742 bug was introduced with experimental dynamic forwarding.
Ben Lindstromddb4f242001-05-10 23:26:11 +00002743 - markus@cvs.openbsd.org 2001/05/09 23:01:31
2744 [rijndael.h]
2745 fix prototype; J.S.Peatfield@damtp.cam.ac.uk
Ben Lindstrom6d618462001-05-10 23:24:49 +00002746
Ben Lindstrome487d842001-05-08 20:05:44 +0000274720010509
2748 - OpenBSD CVS Sync
2749 - markus@cvs.openbsd.org 2001/05/06 21:23:31
2750 [cli.c]
2751 cli_read() fails to catch SIGINT + overflow; from obdb@zzlevo.net
Ben Lindstrom69128662001-05-08 20:07:39 +00002752 - markus@cvs.openbsd.org 2001/05/08 19:17:31
Ben Lindstroma69d89b2001-05-09 00:01:18 +00002753 [channels.c serverloop.c clientloop.c]
Ben Lindstrom69128662001-05-08 20:07:39 +00002754 adds correct error reporting to async connect()s
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002755 fixes the server-discards-data-before-connected-bug found by
Ben Lindstrom69128662001-05-08 20:07:39 +00002756 onoe@sm.sony.co.jp
Ben Lindstrom387c4722001-05-08 20:27:25 +00002757 - mouring@cvs.openbsd.org 2001/05/08 19:45:25
2758 [misc.c misc.h scp.c sftp.c]
2759 Use addargs() in sftp plus some clean up of addargs(). OK Markus
Ben Lindstrom23fedf52001-05-08 23:58:37 +00002760 - markus@cvs.openbsd.org 2001/05/06 21:45:14
2761 [clientloop.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002762 use atomicio for flushing stdout/stderr bufs. thanks to
Ben Lindstrom23fedf52001-05-08 23:58:37 +00002763 jbw@izanami.cee.hw.ac.uk
Ben Lindstrom56b9d452001-05-09 00:02:52 +00002764 - markus@cvs.openbsd.org 2001/05/08 22:48:07
2765 [atomicio.c]
2766 no need for xmalloc.h, thanks to espie@
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002767 - (bal) UseLogin patch for Solaris/UNICOS. Patch by Wayne Davison
Ben Lindstrom97c677d2001-05-08 20:33:05 +00002768 <wayne@blorf.net>
Ben Lindstrom72af2ef2001-05-08 20:42:28 +00002769 - (bal) ./configure support to disable SIA on OSF1. Patch by
2770 Chris Adams <cmadams@hiwaay.net>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002771 - (bal) Updates from the Sony NEWS-OS platform by NAKAJI Hiroyuki
Ben Lindstrom6aebb342001-05-09 00:38:19 +00002772 <nakaji@tutrp.tut.ac.jp>
Ben Lindstrome487d842001-05-08 20:05:44 +00002773
Ben Lindstrom253effb2001-05-07 12:54:26 +0000277420010508
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002775 - (bal) Fixed configure test for USE_SIA.
Ben Lindstrom253effb2001-05-07 12:54:26 +00002776
Damien Miller5bf5f2c2001-05-06 10:54:15 +1000277720010506
2778 - (djm) Update config.guess and config.sub with latest versions (from
2779 ftp://ftp.gnu.org/gnu/config/) to allow configure on ia64-hpux.
2780 Suggested by Jason Mader <jason@ncac.gwu.edu>
Ben Lindstrom5428bea2001-05-06 02:53:25 +00002781 - (bal) White Space and #ifdef sync with OpenBSD
Ben Lindstrom93d1fe82001-05-06 02:57:20 +00002782 - (bal) Add 'seed_rng()' to ssh-add.c
Ben Lindstromf2786132001-05-06 18:01:43 +00002783 - (bal) CVS ID updates for readpass.c, readpass.h, cli.c, and cli.h
Ben Lindstromaafff9c2001-05-06 03:01:02 +00002784 - OpenBSD CVS Sync
2785 - stevesk@cvs.openbsd.org 2001/05/05 13:42:52
2786 [sftp.1 ssh-add.1 ssh-keygen.1]
2787 typos, grammar
Damien Miller5bf5f2c2001-05-06 10:54:15 +10002788
Ben Lindstromf0609f82001-05-04 22:38:43 +0000278920010505
2790 - OpenBSD CVS Sync
2791 - stevesk@cvs.openbsd.org 2001/05/04 14:21:56
2792 [ssh.1 sshd.8]
2793 typos
Ben Lindstromc8cb8c02001-05-04 22:40:28 +00002794 - markus@cvs.openbsd.org 2001/05/04 14:34:34
2795 [channels.c]
Damien Miller5bf5f2c2001-05-06 10:54:15 +10002796 channel_new() reallocs channels[], we cannot use Channel *c after
2797 calling channel_new(), XXX fix this in the future...
Ben Lindstrom99c73b32001-05-05 04:09:47 +00002798 - markus@cvs.openbsd.org 2001/05/04 23:47:34
2799 [channels.c channels.h clientloop.c nchan.c nchan.h serverloop.c ssh.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002800 move to Channel **channels (instead of Channel *channels), fixes realloc
2801 problems. channel_new now returns a Channel *, favour Channel * over
Ben Lindstrom99c73b32001-05-05 04:09:47 +00002802 channel id. remove old channel_allocate interface.
Ben Lindstromf0609f82001-05-04 22:38:43 +00002803
Ben Lindstrom2b451802001-05-03 22:35:32 +0000280420010504
2805 - OpenBSD CVS Sync
2806 - stevesk@cvs.openbsd.org 2001/05/03 15:07:39
2807 [channels.c]
2808 typo in debug() string
Ben Lindstrom60402fd2001-05-03 22:37:26 +00002809 - markus@cvs.openbsd.org 2001/05/03 15:45:15
2810 [session.c]
2811 exec shell -c /bin/sh .ssh/sshrc, from abartlet@pcug.org.au
Ben Lindstroma6218b82001-05-03 22:39:11 +00002812 - stevesk@cvs.openbsd.org 2001/05/03 21:43:01
2813 [servconf.c]
2814 remove "\n" from fatal()
Ben Lindstrom4529b702001-05-03 23:39:53 +00002815 - mouring@cvs.openbsd.org 2001/05/03 23:09:53
2816 [misc.c misc.h scp.c sftp.c]
2817 Move colon() and cleanhost() to misc.c where I should I have put it in
2818 the first place
Ben Lindstrom834417a2001-05-03 22:45:21 +00002819 - (bal) Updated Cygwin README by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom3524d692001-05-03 22:59:24 +00002820 - (bal) Avoid socket file security issues in ssh-agent for Cygwin.
2821 Patch by Egor Duda <deo@logos-m.ru>
Ben Lindstrom2b451802001-05-03 22:35:32 +00002822
Ben Lindstrom8a137132001-05-02 22:40:12 +0000282320010503
2824 - OpenBSD CVS Sync
2825 - markus@cvs.openbsd.org 2001/05/02 16:41:20
2826 [ssh-add.c]
2827 fix prompt for ssh-add.
2828
Ben Lindstrom6d849312001-05-02 01:30:32 +0000282920010502
2830 - OpenBSD CVS Sync
2831 - mouring@cvs.openbsd.org 2001/05/02 01:25:39
2832 [readpass.c]
2833 Put the 'const' back into ssh_askpass() function. Pointed out
2834 by Mark Miller <markm@swoon.net>. OK Markus
2835
Ben Lindstrome0f88042001-04-30 13:06:24 +0000283620010501
2837 - OpenBSD CVS Sync
2838 - markus@cvs.openbsd.org 2001/04/30 11:18:52
2839 [readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
2840 implement 'ssh -b bind_address' like 'telnet -b'
Ben Lindstrom8c963922001-04-30 23:06:57 +00002841 - markus@cvs.openbsd.org 2001/04/30 15:50:46
2842 [compat.c compat.h kex.c]
2843 allow interop with weaker key generation used by ssh-2.0.x, x < 10
Ben Lindstromaebd0b62001-04-30 23:09:45 +00002844 - markus@cvs.openbsd.org 2001/04/30 16:02:49
2845 [compat.c]
2846 ssh-2.0.10 has the weak-key-bug, too.
Tim Rice67bf50e2001-04-30 11:00:11 -07002847 - (tim) [contrib/caldera/openssh.spec] add Requires line for Caldera 3.1
Ben Lindstrome0f88042001-04-30 13:06:24 +00002848
Tim Rice45344922001-04-29 18:01:51 -0700284920010430
Ben Lindstrom2f0304c2001-04-29 19:49:14 +00002850 - OpenBSD CVS Sync
2851 - markus@cvs.openbsd.org 2001/04/29 18:32:52
2852 [serverloop.c]
2853 fix whitespace
Ben Lindstromf3436742001-04-29 19:52:00 +00002854 - markus@cvs.openbsd.org 2001/04/29 19:16:52
2855 [channels.c clientloop.c compat.c compat.h serverloop.c]
2856 more ssh.com-2.0.x bug-compat; from per@appgate.com
Tim Rice45344922001-04-29 18:01:51 -07002857 - (tim) New version of mdoc2man.pl from Mark D. Roth <roth+openssh@feep.net>
Damien Miller8a188a82001-04-30 13:55:37 +10002858 - (djm) Add .cvsignore files, suggested by Wayne Davison <wayne@blorf.net>
Ben Lindstrom2f0304c2001-04-29 19:49:14 +00002859
Ben Lindstroma4c02d82001-04-28 16:32:10 +0000286020010429
2861 - (bal) Updated INSTALL. PCRE moved to a new place.
Damien Millerd2401222001-04-29 20:45:50 +10002862 - (djm) Release OpenSSH-2.9p1
Ben Lindstroma4c02d82001-04-28 16:32:10 +00002863
Ben Lindstrom4468b262001-04-26 23:03:37 +0000286420010427
2865 - (bal) Fixed uidswap.c so it should work on non-posix complient systems.
2866 patch based on 2.5.2 version by djm.
Ben Lindstrom38862182001-04-27 00:31:07 +00002867 - (bal) Build manpages and config files once unless changed. Patch by
2868 Carson Gaspar <carson@taltos.org>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002869 - (bal) arpa/nameser.h does not exist on Cygwin. Patch by Corinna
Ben Lindstrome39867d2001-04-27 00:34:44 +00002870 Vinschen <vinschen@redhat.com>
Ben Lindstrom26f33892001-04-27 00:46:17 +00002871 - (bal) Add /etc/sysconfig/sshd support to redhat's sshd.init. Patch by
2872 Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002873 - (bal) Cygwin lacks setgroups() API. Patch by Corinna Vinschen
Ben Lindstrom0f853482001-04-27 02:10:15 +00002874 <vinschen@redhat.com>
Ben Lindstrombb346252001-04-27 02:15:00 +00002875 - (bal) version.h synced, RPM specs updated for 2.9
Tim Ricea8c7a622001-04-26 22:50:48 -07002876 - (tim) update contrib/caldera files with what Caldera is using.
2877 <sps@caldera.de>
Ben Lindstrom4468b262001-04-26 23:03:37 +00002878
Ben Lindstrom46c264f2001-04-24 16:56:58 +0000287920010425
2880 - OpenBSD CVS Sync
2881 - markus@cvs.openbsd.org 2001/04/23 21:57:07
2882 [ssh-keygen.1 ssh-keygen.c]
2883 allow public key for -e, too
Ben Lindstrom30358602001-04-24 16:59:28 +00002884 - markus@cvs.openbsd.org 2001/04/23 22:14:13
2885 [ssh-keygen.c]
2886 remove debug
Ben Lindstrom768f9752001-04-25 06:27:11 +00002887 - (bal) Whitespace resync w/ OpenBSD for uidswap.c
Damien Millerf8154422001-04-25 22:44:14 +10002888 - (djm) Add new server configuration directive 'PAMAuthenticationViaKbdInt'
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002889 (default: off), implies KbdInteractiveAuthentication. Suggestion from
Damien Millerf8154422001-04-25 22:44:14 +10002890 markus@
Damien Millerda2ed562001-04-25 22:50:18 +10002891 - (djm) Include crypt.h if available in auth-passwd.c
Tim Rice07183b82001-04-25 21:40:28 -07002892 - tim@mindrot.org 2001/04/25 21:38:01 [configure.in]
2893 man page detection fixes for SCO
Ben Lindstrom46c264f2001-04-24 16:56:58 +00002894
Ben Lindstromc65e6a02001-04-23 13:02:16 +0000289520010424
2896 - OpenBSD CVS Sync
2897 - markus@cvs.openbsd.org 2001/04/22 23:58:36
2898 [ssh-keygen.1 ssh.1 sshd.8]
2899 document hostbased and other cleanup
Kevin Steves265fb442001-04-23 17:55:26 +00002900 - (stevesk) start_pam() doesn't use DNS now for sshd -u0.
Kevin Steves706e7a92001-04-23 18:38:37 +00002901 - (stevesk) auth-pam.c: use PERMIT_NO_PASSWD
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002902 - (bal) sys/queue.h is bogus for NCR platform. Patch by Daniel Carroll
Ben Lindstrom34328342001-04-23 22:39:42 +00002903 <dan@mesastate.edu>
Ben Lindstrom4adb0912001-04-24 00:03:58 +00002904 - (bal) Fixed contrib/postinstall.in. Patch by wsanders@wsanders.net
Ben Lindstromc65e6a02001-04-23 13:02:16 +00002905
Ben Lindstromee2786a2001-04-22 17:08:00 +0000290620010422
2907 - OpenBSD CVS Sync
2908 - markus@cvs.openbsd.org 2001/04/20 16:32:22
2909 [uidswap.c]
2910 set non-privileged gid before uid; tholo@ and deraadt@
Ben Lindstrom8376ac32001-04-22 17:10:11 +00002911 - mouring@cvs.openbsd.org 2001/04/21 00:55:57
2912 [sftp.1]
2913 Spelling
Ben Lindstromf8d24572001-04-22 17:11:56 +00002914 - djm@cvs.openbsd.org 2001/04/22 08:13:30
2915 [ssh.1]
2916 typos spotted by stevesk@; ok deraadt@
Ben Lindstrom4eda71d2001-04-22 17:13:20 +00002917 - markus@cvs.openbsd.org 2001/04/22 12:34:05
2918 [scp.c]
2919 scp > 2GB; niles@scyld.com; ok deraadt@, djm@
Ben Lindstrom5a707822001-04-22 17:15:46 +00002920 - markus@cvs.openbsd.org 2001/04/22 13:25:37
2921 [ssh-keygen.1 ssh-keygen.c]
2922 rename arguments -x -> -e (export key), -X -> -i (import key)
2923 xref draft-ietf-secsh-publickeyfile-01.txt
Ben Lindstrom160ec622001-04-22 17:17:46 +00002924 - markus@cvs.openbsd.org 2001/04/22 13:32:27
2925 [sftp-server.8 sftp.1 ssh.1 sshd.8]
2926 xref draft-ietf-secsh-*
Ben Lindstrom2857d9c2001-04-22 17:19:46 +00002927 - markus@cvs.openbsd.org 2001/04/22 13:41:02
2928 [ssh-keygen.1 ssh-keygen.c]
2929 style, noted by stevesk; sort flags in usage
Ben Lindstromee2786a2001-04-22 17:08:00 +00002930
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +0000293120010421
2932 - OpenBSD CVS Sync
2933 - djm@cvs.openbsd.org 2001/04/20 07:17:51
2934 [clientloop.c ssh.1]
2935 Split out and improve escape character documentation, mention ~R in
2936 ~? help text; ok markus@
Damien Millerc3d00712001-04-20 23:19:37 +10002937 - Update RPM spec files for CVS version.h
Kevin Steves85ecbe72001-04-20 17:43:47 +00002938 - (stevesk) set the default PAM service name to __progname instead
2939 of the hard-coded value "sshd"; from Mark D. Roth <roth@feep.net>
Kevin Steves32c97c32001-04-20 20:56:21 +00002940 - (stevesk) document PAM service name change in INSTALL
Tim Riceb8fbb8e2001-04-21 14:31:52 -07002941 - tim@mindrot.org 2001/04/21 14:25:57 [Makefile.in configure.in]
2942 fix perl test, fix nroff test, fix Makefile to build outside source tree
Ben Lindstrom9ffdcb52001-04-20 12:50:51 +00002943
Ben Lindstromf73e05e2001-04-19 20:31:02 +0000294420010420
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002945 - OpenBSD CVS Sync
Ben Lindstromf73e05e2001-04-19 20:31:02 +00002946 - ian@cvs.openbsd.org 2001/04/18 16:21:05
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002947 [ssh-keyscan.1]
2948 Fix typo reported in PR/1779
2949 - markus@cvs.openbsd.org 2001/04/18 21:57:42
2950 [readpass.c ssh-add.c]
Ben Lindstrom5eb97b62001-04-19 20:33:07 +00002951 call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002952 - markus@cvs.openbsd.org 2001/04/18 22:03:45
2953 [auth2.c sshconnect2.c]
Ben Lindstrom2bffd6f2001-04-19 20:35:40 +00002954 use FDQN with trailing dot in the hostbased auth packets, ok deraadt@
Ben Lindstrom4aa603c2001-04-19 20:38:06 +00002955 - markus@cvs.openbsd.org 2001/04/18 22:48:26
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002956 [auth2.c]
2957 no longer const
2958 - markus@cvs.openbsd.org 2001/04/18 23:43:26
2959 [auth2.c compat.c sshconnect2.c]
2960 more ssh v2 hostbased-auth interop: ssh.com >= 2.1.0 works now
Ben Lindstrom671388f2001-04-19 20:40:45 +00002961 (however the 2.1.0 server seems to work only if debug is enabled...)
Ben Lindstrom648772f2001-04-19 20:47:10 +00002962 - markus@cvs.openbsd.org 2001/04/18 23:44:51
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002963 [authfile.c]
2964 error->debug; noted by fries@
2965 - markus@cvs.openbsd.org 2001/04/19 00:05:11
2966 [auth2.c]
2967 use local variable, no function call needed.
Ben Lindstrom3f364962001-04-19 20:50:07 +00002968 (btw, hostbased works now with ssh.com >= 2.0.13)
Ben Lindstrom82f077d2001-04-20 04:59:22 +00002969 - (bal) Put scp-common.h back into scp.c (it exists in the upstream
2970 tree) pointed out by Tom Holroyd <tomh@po.crl.go.jp>
Ben Lindstromf73e05e2001-04-19 20:31:02 +00002971
Ben Lindstrom005dd222001-04-18 15:29:33 +0000297220010418
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00002973 - OpenBSD CVS Sync
Ben Lindstrom005dd222001-04-18 15:29:33 +00002974 - markus@cvs.openbsd.org 2001/04/17 19:34:25
Ben Lindstrom121c7852001-04-18 15:32:44 +00002975 [session.c]
2976 move auth_approval to do_authenticated().
2977 do_child(): nuke hostkeys from memory
2978 don't source .ssh/rc for subsystems.
2979 - markus@cvs.openbsd.org 2001/04/18 14:15:00
2980 [canohost.c]
2981 debug->debug3
Ben Lindstrome2e66a22001-04-18 15:46:01 +00002982 - (bal) renabled 'catman-do:' and fixed it. So now catman pages should
2983 be working again.
Ben Lindstrombc709922001-04-18 18:04:21 +00002984 - (bal) Makfile day... Cleaned up multiple mantype support (Patch by
2985 Mark D. Roth <roth+openssh@feep.net>), and fixed PIDDIR support.
Ben Lindstrom121c7852001-04-18 15:32:44 +00002986
Ben Lindstrom47e0c0b2001-04-17 17:57:09 +0000298720010417
2988 - (bal) Add perl5 check for HP/UX, Removed GNUness from Makefile.in
Ben Lindstrom04eeade2001-04-17 17:58:55 +00002989 and temporary commented out 'catman-do:' since it is broken. Patches
Ben Lindstrom47e0c0b2001-04-17 17:57:09 +00002990 for the first two by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom459d1912001-04-17 18:06:14 +00002991 - OpenBSD CVS Sync
Ben Lindstrom2b261b92001-04-17 18:14:34 +00002992 - deraadt@cvs.openbsd.org 2001/04/16 08:26:04
2993 [key.c]
2994 better safe than sorry in later mods; yongari@kt-is.co.kr
2995 - markus@cvs.openbsd.org 2001/04/17 08:14:01
2996 [sshconnect1.c]
2997 check for key!=NULL, thanks to costa
2998 - markus@cvs.openbsd.org 2001/04/17 09:52:48
2999 [clientloop.c]
Ben Lindstrom4c8cff12001-04-17 18:09:42 +00003000 handle EINTR/EAGAIN on read; ok deraadt@
Ben Lindstrom2b261b92001-04-17 18:14:34 +00003001 - markus@cvs.openbsd.org 2001/04/17 10:53:26
3002 [key.c key.h readconf.c readconf.h ssh.1 sshconnect2.c]
Ben Lindstrom982dbbc2001-04-17 18:11:36 +00003003 add HostKeyAlgorithms; based on patch from res@shore.net; ok provos@
Ben Lindstrom2b261b92001-04-17 18:14:34 +00003004 - markus@cvs.openbsd.org 2001/04/17 12:55:04
3005 [channels.c ssh.c]
3006 undo socks5 and https support since they are not really used and
3007 only bloat ssh. remove -D from usage(), since '-D' is experimental.
3008
Ben Lindstromac2f0032001-04-15 14:25:12 +0000300920010416
3010 - OpenBSD CVS Sync
3011 - stevesk@cvs.openbsd.org 2001/04/15 01:35:22
3012 [ttymodes.c]
3013 fix comments
Ben Lindstrom206941f2001-04-15 14:27:16 +00003014 - markus@cvs.openbsd.org 2001/04/15 08:43:47
3015 [dh.c sftp-glob.c sftp-glob.h sftp-int.c sshconnect2.c sshd.c]
3016 some unused variable and typos; from tomh@po.crl.go.jp
Ben Lindstrom15f33862001-04-16 02:00:02 +00003017 - markus@cvs.openbsd.org 2001/04/15 16:58:03
3018 [authfile.c ssh-keygen.c sshd.c]
3019 don't use errno for key_{load,save}_private; discussion w/ solar@openwall
Ben Lindstrom302ea6f2001-04-16 02:01:25 +00003020 - markus@cvs.openbsd.org 2001/04/15 17:16:00
3021 [clientloop.c]
3022 set stdin/out/err to nonblocking in SSH proto 1, too. suggested by ho@
3023 should fix some of the blocking problems for rsync over SSH-1
Ben Lindstroma8f39722001-04-16 02:03:49 +00003024 - stevesk@cvs.openbsd.org 2001/04/15 19:41:21
3025 [sshd.8]
3026 some ClientAlive cleanup; ok markus@
Ben Lindstromb5cdc662001-04-16 02:13:26 +00003027 - stevesk@cvs.openbsd.org 2001/04/15 21:28:35
3028 [readconf.c servconf.c]
3029 use fatal() or error() vs. fprintf(); ok markus@
Damien Miller897741e2001-04-16 10:41:46 +10003030 - (djm) Convert mandoc manpages to man automatically. Patch from Mark D.
3031 Roth <roth+openssh@feep.net>
Ben Lindstrombdc2beb2001-04-16 02:11:52 +00003032 - (bal) CVS ID fix up and slight manpage fix from OpenBSD tree.
Damien Miller21134b52001-04-16 18:26:41 +10003033 - (djm) OpenBSD CVS Sync
3034 - mouring@cvs.openbsd.org 2001/04/16 02:31:44
3035 [scp.c sftp.c]
3036 IPv6 support for sftp (which I bungled in my last patch) which is
3037 borrowed from scp.c. Thanks to Markus@ for pointing it out.
Damien Miller0b1e0a12001-04-16 18:27:07 +10003038 - deraadt@cvs.openbsd.org 2001/04/16 08:05:34
3039 [xmalloc.c]
3040 xrealloc dealing with ptr == nULL; mouring
Damien Millercf205e82001-04-16 18:29:15 +10003041 - djm@cvs.openbsd.org 2001/04/16 08:19:31
3042 [session.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003043 Split motd and hushlogin checks into seperate functions, helps for
Damien Millercf205e82001-04-16 18:29:15 +10003044 portable. From Chris Adams <cmadams@hiwaay.net>; ok markus@
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003045 - Fix OSF SIA support displaying too much information for quiet
3046 logins and logins where access was denied by SIA. Patch from Chris Adams
Damien Miller364a9bd2001-04-16 18:37:05 +10003047 <cmadams@hiwaay.net>
Ben Lindstromac2f0032001-04-15 14:25:12 +00003048
Ben Lindstromda5d9b12001-04-14 23:07:16 +0000304920010415
3050 - OpenBSD CVS Sync
3051 - deraadt@cvs.openbsd.org 2001/04/14 04:31:01
3052 [ssh-add.c]
3053 do not double free
Ben Lindstromd334b272001-04-14 23:08:36 +00003054 - markus@cvs.openbsd.org 2001/04/14 16:17:14
3055 [channels.c]
3056 remove some channels that are not appropriate for keepalive.
Ben Lindstrom7457f2a2001-04-14 23:10:09 +00003057 - markus@cvs.openbsd.org 2001/04/14 16:27:57
3058 [ssh-add.c]
3059 use clear_pass instead of xfree()
Ben Lindstromae8e2d32001-04-14 23:13:02 +00003060 - stevesk@cvs.openbsd.org 2001/04/14 16:33:20
3061 [clientloop.c packet.h session.c ssh.c ttymodes.c ttymodes.h]
3062 protocol 2 tty modes support; ok markus@
Ben Lindstromf719a202001-04-14 23:14:22 +00003063 - stevesk@cvs.openbsd.org 2001/04/14 17:04:42
3064 [scp.c]
3065 'T' handling rcp/scp sync; ok markus@
Ben Lindstromac2f0032001-04-15 14:25:12 +00003066 - Missed sshtty.[ch] in Sync.
Ben Lindstromda5d9b12001-04-14 23:07:16 +00003067
Damien Miller6e77a532001-04-14 00:22:33 +1000306820010414
3069 - Sync with OpenBSD glob.c, strlcat.c and vis.c changes
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003070 - Cygwin sftp/sftp-server binary mode patch from Corinna Vinschen
Damien Miller402b3312001-04-14 00:28:42 +10003071 <vinschen@redhat.com>
Ben Lindstrom5744dc42001-04-13 23:28:01 +00003072 - OpenBSD CVS Sync
3073 - beck@cvs.openbsd.org 2001/04/13 22:46:54
3074 [channels.c channels.h servconf.c servconf.h serverloop.c sshd.8]
3075 Add options ClientAliveInterval and ClientAliveCountMax to sshd.
3076 This gives the ability to do a "keepalive" via the encrypted channel
3077 which can't be spoofed (unlike TCP keepalives). Useful for when you want
3078 to use ssh connections to authenticate people for something, and know
3079 relatively quickly when they are no longer authenticated. Disabled
3080 by default (of course). ok markus@
Damien Miller6e77a532001-04-14 00:22:33 +10003081
Ben Lindstrom2b646522001-04-12 16:16:57 +0000308220010413
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003083 - OpenBSD CVS Sync
3084 - markus@cvs.openbsd.org 2001/04/12 14:29:09
3085 [ssh.c]
3086 show debug output during option processing, report from
Ben Lindstrom2b646522001-04-12 16:16:57 +00003087 pekkas@netcore.fi
Ben Lindstrom5eabda32001-04-12 23:34:34 +00003088 - markus@cvs.openbsd.org 2001/04/12 19:15:26
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003089 [auth-rhosts.c auth.h auth2.c buffer.c canohost.c canohost.h
3090 compat.c compat.h hostfile.c pathnames.h readconf.c readconf.h
3091 servconf.c servconf.h ssh.c sshconnect.c sshconnect.h sshconnect1.c
Ben Lindstrom5eabda32001-04-12 23:34:34 +00003092 sshconnect2.c sshd_config]
3093 implement HostbasedAuthentication (= RhostRSAAuthentication for ssh v2)
3094 similar to RhostRSAAuthentication unless you enable (the experimental)
3095 HostbasedUsesNameFromPacketOnly option. please test. :)
Ben Lindstromd69dab32001-04-12 23:36:05 +00003096 - markus@cvs.openbsd.org 2001/04/12 19:39:27
3097 [readconf.c]
3098 typo
Ben Lindstrom19066a12001-04-12 23:39:26 +00003099 - stevesk@cvs.openbsd.org 2001/04/12 20:09:38
3100 [misc.c misc.h readconf.c servconf.c ssh.c sshd.c]
3101 robust port validation; ok markus@ jakob@
Ben Lindstrom63667f62001-04-13 00:00:14 +00003102 - mouring@cvs.openbsd.org 2001/04/12 23:17:54
3103 [sftp-int.c sftp-int.h sftp.1 sftp.c]
3104 Add support for:
3105 sftp [user@]host[:file [file]] - Fetch remote file(s)
3106 sftp [user@]host[:dir[/]] - Start in remote dir/
3107 OK deraadt@
Ben Lindstrom92d4a022001-04-13 04:44:37 +00003108 - stevesk@cvs.openbsd.org 2001/04/13 01:26:17
3109 [ssh.c]
3110 missing \n in error message
Ben Lindstrom09988722001-04-12 21:35:52 +00003111 - (bal) Added openbsd-compat/inet_ntop.[ch] since HP/UX (and others)
3112 lack it.
Ben Lindstrom2b646522001-04-12 16:16:57 +00003113
Ben Lindstromb3921512001-04-11 15:57:50 +0000311420010412
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003115 - OpenBSD CVS Sync
Ben Lindstromb3921512001-04-11 15:57:50 +00003116 - markus@cvs.openbsd.org 2001/04/10 07:46:58
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003117 [channels.c]
3118 cleanup socks4 handling
3119 - itojun@cvs.openbsd.org 2001/04/10 09:13:22
Ben Lindstrom18a82ac2001-04-11 15:59:35 +00003120 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003121 document id_rsa{.pub,}. markus ok
Ben Lindstromc486d882001-04-11 16:08:34 +00003122 - markus@cvs.openbsd.org 2001/04/10 12:15:23
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003123 [channels.c]
3124 debug cleanup
Ben Lindstrom23d9a6d2001-04-11 23:05:17 +00003125 - djm@cvs.openbsd.org 2001/04/11 07:06:22
3126 [sftp-int.c]
3127 'mget' and 'mput' aliases; ok markus@
Ben Lindstrom146edb92001-04-11 23:06:28 +00003128 - markus@cvs.openbsd.org 2001/04/11 10:59:01
3129 [ssh.c]
3130 use strtol() for ports, thanks jakob@
Ben Lindstrom6fa9d102001-04-11 23:08:17 +00003131 - markus@cvs.openbsd.org 2001/04/11 13:56:13
3132 [channels.c ssh.c]
3133 https-connect and socks5 support. i feel so bad.
Ben Lindstrom9fce9f02001-04-11 23:10:09 +00003134 - lebel@cvs.openbsd.org 2001/04/11 16:25:30
3135 [sshd.8 sshd.c]
3136 implement the -e option into sshd:
3137 -e When this option is specified, sshd will send the output to the
3138 standard error instead of the system log.
3139 markus@ OK.
Ben Lindstromb3921512001-04-11 15:57:50 +00003140
Ben Lindstrom94924842001-04-10 02:40:17 +0000314120010410
3142 - OpenBSD CVS Sync
3143 - deraadt@cvs.openbsd.org 2001/04/08 20:52:55
3144 [sftp.c]
3145 do not modify an actual argv[] entry
Ben Lindstrom4b3564e2001-04-10 02:41:56 +00003146 - stevesk@cvs.openbsd.org 2001/04/08 23:28:27
3147 [sshd.8]
3148 spelling
Ben Lindstrom8ffeacf2001-04-10 02:43:57 +00003149 - stevesk@cvs.openbsd.org 2001/04/09 00:42:05
3150 [sftp.1]
3151 spelling
Ben Lindstromee617942001-04-10 02:45:32 +00003152 - markus@cvs.openbsd.org 2001/04/09 15:12:23
3153 [ssh-add.c]
3154 passphrase caching: ssh-add tries last passphrase, clears passphrase if
3155 not successful and after last try.
3156 based on discussions with espie@, jakob@, ... and code from jakob@ and
3157 wolfgang@wsrcc.com
Ben Lindstrom12de6162001-04-10 02:46:54 +00003158 - markus@cvs.openbsd.org 2001/04/09 15:19:49
3159 [ssh-add.1]
3160 ssh-add retries the last passphrase...
Ben Lindstrom1a598a42001-04-10 02:48:50 +00003161 - stevesk@cvs.openbsd.org 2001/04/09 18:00:15
3162 [sshd.8]
3163 ListenAddress mandoc from aaron@
Ben Lindstrom94924842001-04-10 02:40:17 +00003164
Ben Lindstrom49e57a82001-04-08 18:02:43 +0000316520010409
Kevin Stevescb17e992001-04-09 14:50:52 +00003166 - (stevesk) use setresgid() for setegid() if needed
Kevin Steves393d2f72001-04-08 22:50:43 +00003167 - (stevesk) configure.in: typo
Ben Lindstrom49e57a82001-04-08 18:02:43 +00003168 - OpenBSD CVS Sync
3169 - stevesk@cvs.openbsd.org 2001/04/08 16:01:36
3170 [sshd.8]
3171 document ListenAddress addr:port
Ben Lindstromd5730a82001-04-08 18:04:36 +00003172 - markus@cvs.openbsd.org 2001/04/08 13:03:00
3173 [ssh-add.c]
3174 init pointers with NULL, thanks to danimal@danimal.org
Ben Lindstromd3447632001-04-08 18:07:22 +00003175 - markus@cvs.openbsd.org 2001/04/08 11:27:33
3176 [clientloop.c]
3177 leave_raw_mode if ssh2 "session" is closed
Ben Lindstrom3fcf1a22001-04-08 18:26:59 +00003178 - markus@cvs.openbsd.org 2001/04/06 21:00:17
3179 [auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth2.c channels.c session.c
3180 ssh.c sshconnect.c sshconnect.h uidswap.c uidswap.h]
3181 do gid/groups-swap in addition to uid-swap, should help if /home/group
3182 is chmod 750 + chgrp grp /home/group/, work be deraadt and me, thanks
3183 to olar@openwall.com is comments. we had many requests for this.
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +00003184 - markus@cvs.openbsd.org 2001/04/07 08:55:18
3185 [buffer.c channels.c channels.h readconf.c ssh.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003186 allow the ssh client act as a SOCKS4 proxy (dynamic local
3187 portforwarding). work by Dan Kaminsky <dankamin@cisco.com> and me.
3188 thanks to Dan for this great patch: use 'ssh -D 1080 host' and make
Ben Lindstrom3bb4f9d2001-04-08 18:30:26 +00003189 netscape use localhost:1080 as a socks proxy.
Ben Lindstromf52373f2001-04-08 18:38:04 +00003190 - markus@cvs.openbsd.org 2001/04/08 11:24:33
3191 [uidswap.c]
3192 KNF
Ben Lindstrom49e57a82001-04-08 18:02:43 +00003193
Ben Lindstromab0cedc2001-04-07 17:23:43 +0000319420010408
3195 - OpenBSD CVS Sync
3196 - stevesk@cvs.openbsd.org 2001/04/06 22:12:47
3197 [hostfile.c]
3198 unused; typo in comment
Ben Lindstromc510af42001-04-07 17:25:48 +00003199 - stevesk@cvs.openbsd.org 2001/04/06 22:25:25
3200 [servconf.c]
3201 in addition to:
3202 ListenAddress host|ipv4_addr|ipv6_addr
3203 permit:
3204 ListenAddress [host|ipv4_addr|ipv6_addr]:port
3205 ListenAddress host|ipv4_addr:port
3206 sshd.8 updates coming. ok markus@
Ben Lindstromab0cedc2001-04-07 17:23:43 +00003207
Ben Lindstrom8248d112001-04-07 01:08:46 +0000320820010407
3209 - (bal) CVS ID Resync of version.h
Ben Lindstrome34ab4c2001-04-07 01:12:11 +00003210 - OpenBSD CVS Sync
3211 - markus@cvs.openbsd.org 2001/04/05 23:39:20
3212 [serverloop.c]
3213 keep the ssh session even if there is no active channel.
3214 this is more in line with the protocol spec and makes
3215 ssh -N -L 1234:server:110 host
3216 more useful.
3217 based on discussion with <mats@mindbright.se> long time ago
3218 and recent mail from <res@shore.net>
Ben Lindstromd47cf4d2001-04-07 01:14:38 +00003219 - deraadt@cvs.openbsd.org 2001/04/06 16:46:59
3220 [scp.c]
3221 remove trailing / from source paths; fixes pr#1756
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003222
Kevin Stevesff8b4952001-04-05 23:05:22 +0000322320010406
3224 - (stevesk) logintest.c: fix for systems without __progname
Kevin Stevesbe48f2b2001-04-06 01:58:37 +00003225 - (stevesk) Makefile.in: log.o is in libssh.a
Ben Lindstrom4f3ae4c2001-04-05 23:19:21 +00003226 - OpenBSD CVS Sync
3227 - markus@cvs.openbsd.org 2001/04/05 10:00:06
3228 [compat.c]
3229 2.3.x does old GEX, too; report jakob@
Ben Lindstromfb50cdf2001-04-05 23:20:46 +00003230 - markus@cvs.openbsd.org 2001/04/05 10:39:03
3231 [compress.c compress.h packet.c]
3232 reset compress state per direction when rekeying.
Ben Lindstroma6c20142001-04-05 23:22:25 +00003233 - markus@cvs.openbsd.org 2001/04/05 10:39:48
3234 [version.h]
3235 temporary version 2.5.4 (supports rekeying).
3236 this is not an official release.
Ben Lindstroma3700052001-04-05 23:26:32 +00003237 - markus@cvs.openbsd.org 2001/04/05 10:42:57
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003238 [auth-chall.c authfd.c channels.c clientloop.c kex.c kexgex.c key.c
3239 mac.c packet.c serverloop.c sftp-client.c sftp-client.h sftp-glob.c
3240 sftp-glob.h sftp-int.c sftp-server.c sftp.c ssh-keygen.c sshconnect.c
Ben Lindstroma3700052001-04-05 23:26:32 +00003241 sshconnect2.c sshd.c]
3242 fix whitespace: unexpand + trailing spaces.
Ben Lindstroma8baf362001-04-05 23:28:36 +00003243 - markus@cvs.openbsd.org 2001/04/05 11:09:17
3244 [clientloop.c compat.c compat.h]
3245 add SSH_BUG_NOREKEY and detect broken (=all old) openssh versions.
Ben Lindstromf3272352001-04-05 23:29:59 +00003246 - markus@cvs.openbsd.org 2001/04/05 15:45:43
3247 [ssh.1]
3248 ssh defaults to protocol v2; from quisar@quisar.ambre.net
Ben Lindstromf15a3862001-04-05 23:32:17 +00003249 - stevesk@cvs.openbsd.org 2001/04/05 15:48:18
3250 [canohost.c canohost.h session.c]
3251 move get_remote_name_or_ip() to canohost.[ch]; for portable. ok markus@
Ben Lindstrom11bd8992001-04-05 23:34:29 +00003252 - markus@cvs.openbsd.org 2001/04/05 20:01:10
3253 [clientloop.c]
3254 for ~R print message if server does not support rekeying. (and fix ~R).
Ben Lindstromd7dd23f2001-04-05 23:36:01 +00003255 - markus@cvs.openbsd.org 2001/04/05 21:02:46
3256 [buffer.c]
3257 better error message
Ben Lindstrom4c3f77d2001-04-05 23:37:36 +00003258 - markus@cvs.openbsd.org 2001/04/05 21:05:24
3259 [clientloop.c ssh.c]
3260 don't request a session for 'ssh -N', pointed out slade@shore.net
Kevin Stevesff8b4952001-04-05 23:05:22 +00003261
Ben Lindstrom238abf62001-04-04 17:52:53 +0000326220010405
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003263 - OpenBSD CVS Sync
3264 - markus@cvs.openbsd.org 2001/04/04 09:48:35
Ben Lindstrom238abf62001-04-04 17:52:53 +00003265 [kex.c kex.h kexdh.c kexgex.c packet.c sshconnect2.c sshd.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003266 don't sent multiple kexinit-requests.
3267 send newkeys, block while waiting for newkeys.
3268 fix comments.
3269 - markus@cvs.openbsd.org 2001/04/04 14:34:58
3270 [clientloop.c kex.c kex.h serverloop.c sshconnect2.c sshd.c]
3271 enable server side rekeying + some rekey related clientup.
Ben Lindstrom8ac91062001-04-04 17:57:54 +00003272 todo: we should not send any non-KEX messages after we send KEXINIT
Ben Lindstrom78c261a2001-04-04 23:43:26 +00003273 - markus@cvs.openbsd.org 2001/04/04 15:50:55
3274 [compat.c]
3275 f-secure 1.3.2 does not handle IGNORE; from milliondl@ornl.gov
Ben Lindstrombe2cc432001-04-04 23:46:07 +00003276 - markus@cvs.openbsd.org 2001/04/04 20:25:38
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003277 [channels.c channels.h clientloop.c kex.c kex.h serverloop.c
Ben Lindstrombe2cc432001-04-04 23:46:07 +00003278 sshconnect2.c sshd.c]
3279 more robust rekeying
3280 don't send channel data after rekeying is started.
Ben Lindstrom0cae0402001-04-04 23:47:52 +00003281 - markus@cvs.openbsd.org 2001/04/04 20:32:56
3282 [auth2.c]
3283 we don't care about missing bannerfiles; from tsoome@ut.ee, ok deraadt@
Ben Lindstrom8e312f32001-04-04 23:50:21 +00003284 - markus@cvs.openbsd.org 2001/04/04 22:04:35
3285 [kex.c kexgex.c serverloop.c]
3286 parse full kexinit packet.
3287 make server-side more robust, too.
Ben Lindstrom5ba23b32001-04-05 02:05:21 +00003288 - markus@cvs.openbsd.org 2001/04/04 23:09:18
3289 [dh.c kex.c packet.c]
3290 clear+free keys,iv for rekeying.
3291 + fix DH mem leaks. ok niels@
Kevin Steves86a52b32001-04-05 17:15:08 +00003292 - (stevesk) don't use vhangup() if defined(HAVE_DEV_PTMX); also removes
3293 BROKEN_VHANGUP
Ben Lindstrom238abf62001-04-04 17:52:53 +00003294
Ben Lindstrom0d3e8fa2001-04-04 01:51:25 +0000329520010404
3296 - OpenBSD CVS Sync
3297 - deraadt@cvs.openbsd.org 2001/04/02 17:32:23
3298 [ssh-agent.1]
3299 grammar; slade@shore.net
Ben Lindstrom86ebcb62001-04-04 01:53:20 +00003300 - stevesk@cvs.openbsd.org 2001/04/03 13:56:11
3301 [sftp-glob.c ssh-agent.c ssh-keygen.c]
3302 free() -> xfree()
Ben Lindstrom20d7c7b2001-04-04 01:56:17 +00003303 - markus@cvs.openbsd.org 2001/04/03 19:53:29
3304 [dh.c dh.h kex.c kex.h sshconnect2.c sshd.c]
3305 move kex to kex*.c, used dispatch_set() callbacks for kex. should
3306 make rekeying easier.
Ben Lindstrom9323d962001-04-04 01:58:48 +00003307 - todd@cvs.openbsd.org 2001/04/03 21:19:38
3308 [ssh_config]
3309 id_rsa1/2 -> id_rsa; ok markus@
Ben Lindstrom2d90e002001-04-04 02:00:54 +00003310 - markus@cvs.openbsd.org 2001/04/03 23:32:12
3311 [kex.c kex.h packet.c sshconnect2.c sshd.c]
3312 undo parts of recent my changes: main part of keyexchange does not
3313 need dispatch-callbacks, since application data is delayed until
3314 the keyexchange completes (if i understand the drafts correctly).
3315 add some infrastructure for re-keying.
Ben Lindstromf28f6342001-04-04 02:03:04 +00003316 - markus@cvs.openbsd.org 2001/04/04 00:06:54
3317 [clientloop.c sshconnect2.c]
3318 enable client rekeying
3319 (1) force rekeying with ~R, or
3320 (2) if the server requests rekeying.
3321 works against ssh-2.0.12/2.0.13/2.1.0/2.2.0/2.3.0/2.3.1/2.4.0
Ben Lindstrom22b19b42001-04-04 17:39:19 +00003322 - (bal) Oops.. Missed including kexdh.c and kexgex.c in OpenBSD sync.
Ben Lindstrom0d3e8fa2001-04-04 01:51:25 +00003323
Ben Lindstrom55b99e32001-04-02 18:18:21 +0000332420010403
3325 - OpenBSD CVS Sync
3326 - stevesk@cvs.openbsd.org 2001/04/02 14:15:31
3327 [sshd.8]
3328 typo; ok markus@
Ben Lindstrom3704c262001-04-02 18:20:03 +00003329 - stevesk@cvs.openbsd.org 2001/04/02 14:20:23
3330 [readconf.c servconf.c]
3331 correct comment; ok markus@
Kevin Stevesefe5fd82001-04-03 13:02:48 +00003332 - (stevesk) nchan.c: remove ostate checks and add EINVAL to
3333 shutdown(SHUT_RD) error() bypass for HP-UX.
Ben Lindstrom55b99e32001-04-02 18:18:21 +00003334
Kevin Stevesedcd5762001-04-02 13:45:00 +0000333520010402
3336 - (stevesk) log.c openbsd sync; missing newlines
Kevin Steves6189e192001-04-02 14:02:55 +00003337 - (stevesk) sshpty.h openbsd sync; PTY_H -> SSHPTY_H
Kevin Stevesedcd5762001-04-02 13:45:00 +00003338
Damien Millerd8f72ca2001-03-30 10:23:17 +1000333920010330
3340 - (djm) Another openbsd-compat/glob.c sync
Damien Miller2557bfc2001-03-30 10:47:14 +10003341 - (djm) OpenBSD CVS Sync
3342 - provos@cvs.openbsd.org 2001/03/28 21:59:41
3343 [kex.c kex.h sshconnect2.c sshd.c]
3344 forgot to include min and max params in hash, okay markus@
Damien Miller23e526e2001-03-30 10:47:43 +10003345 - provos@cvs.openbsd.org 2001/03/28 22:04:57
3346 [dh.c]
3347 more sanity checking on primes file
Damien Miller5d57e502001-03-30 10:48:31 +10003348 - markus@cvs.openbsd.org 2001/03/28 22:43:31
3349 [auth.h auth2.c auth2-chall.c]
3350 check auth_root_allowed for kbd-int auth, too.
Damien Miller653ae112001-03-30 10:49:05 +10003351 - provos@cvs.openbsd.org 2001/03/29 14:24:59
3352 [sshconnect2.c]
3353 use recommended defaults
Damien Millera0ff4662001-03-30 10:49:35 +10003354 - stevesk@cvs.openbsd.org 2001/03/29 21:06:21
3355 [sshconnect2.c sshd.c]
3356 need to set both STOC and CTOS for SSH_BUG_BIGENDIANAES; ok markus@
Damien Miller9709f902001-03-30 10:50:10 +10003357 - markus@cvs.openbsd.org 2001/03/29 21:17:40
3358 [dh.c dh.h kex.c kex.h]
3359 prepare for rekeying: move DH code to dh.c
Damien Millerff75ac42001-03-30 10:50:32 +10003360 - djm@cvs.openbsd.org 2001/03/29 23:42:01
3361 [sshd.c]
3362 Protocol 1 key regeneration log => verbose, some KNF; ok markus@
Damien Millerd8f72ca2001-03-30 10:23:17 +10003363
Ben Lindstrom89b0bd62001-03-29 00:27:11 +0000336420010329
3365 - OpenBSD CVS Sync
3366 - stevesk@cvs.openbsd.org 2001/03/26 15:47:59
3367 [ssh.1]
3368 document more defaults; misc. cleanup. ok markus@
Ben Lindstromc1116602001-03-29 00:28:37 +00003369 - markus@cvs.openbsd.org 2001/03/26 23:12:42
3370 [authfile.c]
3371 KNF
Ben Lindstromd09fcf52001-03-29 00:29:54 +00003372 - markus@cvs.openbsd.org 2001/03/26 23:23:24
3373 [rsa.c rsa.h ssh-agent.c ssh-keygen.c]
3374 try to read private f-secure ssh v2 rsa keys.
Ben Lindstrom425fb022001-03-29 00:31:20 +00003375 - markus@cvs.openbsd.org 2001/03/27 10:34:08
3376 [ssh-rsa.c sshd.c]
3377 use EVP_get_digestbynid, reorder some calls and fix missing free.
Ben Lindstrom60a43812001-03-29 00:32:56 +00003378 - markus@cvs.openbsd.org 2001/03/27 10:57:00
3379 [compat.c compat.h ssh-rsa.c]
3380 some older systems use NID_md5 instead of NID_sha1 for RSASSA-PKCS1-v1_5
3381 signatures in SSH protocol 2, ok djm@
Ben Lindstromdf221392001-03-29 00:36:16 +00003382 - provos@cvs.openbsd.org 2001/03/27 17:46:50
3383 [compat.c compat.h dh.c dh.h ssh2.h sshconnect2.c sshd.c version.h]
3384 make dh group exchange more flexible, allow min and max group size,
3385 okay markus@, deraadt@
Ben Lindstrombd472262001-03-29 00:39:55 +00003386 - stevesk@cvs.openbsd.org 2001/03/28 19:56:23
3387 [scp.c]
3388 start to sync scp closer to rcp; ok markus@
Ben Lindstromff2618c2001-03-29 00:43:54 +00003389 - stevesk@cvs.openbsd.org 2001/03/28 20:04:38
3390 [scp.c]
3391 usage more like rcp and add missing -B to usage; ok markus@
Ben Lindstrom7de696e2001-03-29 00:45:12 +00003392 - markus@cvs.openbsd.org 2001/03/28 20:50:45
3393 [sshd.c]
3394 call refuse() before close(); from olemx@ans.pl
Ben Lindstrom89b0bd62001-03-29 00:27:11 +00003395
Damien Millerc79bc0d2001-03-28 13:03:42 +1000339620010328
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003397 - (djm) Reorder tests and library inclusion for Krb4/AFS to try to
3398 resolve linking conflicts with libcrypto. Report and suggested fix
Damien Millerc79bc0d2001-03-28 13:03:42 +10003399 from Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Miller18bb4732001-03-28 14:35:30 +10003400 - (djm) Work around Solaris' broken struct dirent. Diagnosis and suggested
3401 fix from Philippe Levan <levan@epix.net>
Damien Miller98344742001-03-28 14:37:06 +10003402 - (djm) Rework krbIV tests to get us closer to building on Redhat. Still
3403 doesn't work because of conflicts between krbIV's and OpenSSL's des.h
Damien Millerb68af622001-03-28 21:05:26 +10003404 - (djm) Sync openbsd-compat/glob.c
Damien Millerc79bc0d2001-03-28 13:03:42 +10003405
Ben Lindstrom8ca93562001-03-26 05:32:16 +0000340620010327
3407 - Attempt sync with sshlogin.c w/ OpenBSD (mainly CVS ID)
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003408 - Fix pointer issues in waitpid() and wait() replaces. Patch by Lutz
Ben Lindstrom95318252001-03-26 05:35:33 +00003409 Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom60294322001-03-26 05:38:25 +00003410 - OpenBSD CVS Sync
3411 - djm@cvs.openbsd.org 2001/03/25 00:01:34
3412 [session.c]
3413 shorten; ok markus@
Ben Lindstrom7bfff362001-03-26 05:45:53 +00003414 - stevesk@cvs.openbsd.org 2001/03/25 13:16:11
3415 [servconf.c servconf.h session.c sshd.8 sshd_config]
3416 PrintLastLog option; from chip@valinux.com with some minor
3417 changes by me. ok markus@
Damien Millerf9e93002001-03-27 16:12:24 +10003418 - markus@cvs.openbsd.org 2001/03/26 08:07:09
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003419 [authfile.c authfile.h ssh-add.c ssh-keygen.c ssh.c sshconnect.c
Damien Millerf9e93002001-03-27 16:12:24 +10003420 sshconnect.h sshconnect1.c sshconnect2.c sshd.c]
3421 simpler key load/save interface, see authfile.h
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003422 - (djm) Reestablish PAM credentials (which can be supplemental group
Damien Millerf9e93002001-03-27 16:12:24 +10003423 memberships) after initgroups() blows them away. Report and suggested
3424 fix from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom8ca93562001-03-26 05:32:16 +00003425
Ben Lindstromb94f8b22001-03-24 00:20:56 +0000342620010324
3427 - Fixed permissions ssh-keyscan. Thanks to Christopher Linn <celinn@mtu.edu>.
Ben Lindstromc8530c72001-03-24 00:35:19 +00003428 - OpenBSD CVS Sync
3429 - djm@cvs.openbsd.org 2001/03/23 11:04:07
3430 [compat.c compat.h sshconnect2.c sshd.c]
3431 Compat for OpenSSH with broken Rijndael/AES. ok markus@
Ben Lindstrom9e2057c2001-03-24 00:37:59 +00003432 - markus@cvs.openbsd.org 2001/03/23 12:02:49
3433 [auth1.c]
3434 authctxt is now passed to do_authenticated
Ben Lindstrom7527f8b2001-03-24 00:39:12 +00003435 - markus@cvs.openbsd.org 2001/03/23 13:10:57
3436 [sftp-int.c]
3437 fix put, upload to _absolute_ path, ok djm@
Ben Lindstromde71cda2001-03-24 00:43:26 +00003438 - markus@cvs.openbsd.org 2001/03/23 14:28:32
3439 [session.c sshd.c]
3440 ignore SIGPIPE, restore in child, fixes x11-fwd crashes; with djm@
Damien Millerb44fe062001-03-24 15:39:38 +11003441 - (djm) Pull out our own SIGPIPE hacks
Ben Lindstromb94f8b22001-03-24 00:20:56 +00003442
Ben Lindstrom69d8c072001-03-22 22:45:33 +0000344320010323
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003444 - OpenBSD CVS Sync
Ben Lindstrom69d8c072001-03-22 22:45:33 +00003445 - deraadt@cvs.openbsd.org 2001/03/22 20:22:55
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003446 [sshd.c]
3447 do not place linefeeds in buffer
Ben Lindstrom69d8c072001-03-22 22:45:33 +00003448
Damien Millerbebd8be2001-03-22 11:58:15 +1100344920010322
3450 - (djm) Better AIX no tty fix, spotted by Gert Doering <gert@greenie.muc.de>
Ben Lindstromebf3d512001-03-22 01:08:39 +00003451 - (bal) version.c CVS ID resync
Ben Lindstromeebc4a22001-03-22 01:22:03 +00003452 - (bal) auth-chall.c auth-passwd.c auth.h auth1.c auth2.c session.c CVS ID
3453 resync
Ben Lindstrom57f82e22001-03-22 02:04:08 +00003454 - (bal) scp.c CVS ID resync
Ben Lindstrom6b776432001-03-22 01:24:04 +00003455 - OpenBSD CVS Sync
3456 - markus@cvs.openbsd.org 2001/03/20 19:10:16
3457 [readconf.c]
3458 default to SSH protocol version 2
Ben Lindstromb4c961d2001-03-22 01:25:37 +00003459 - markus@cvs.openbsd.org 2001/03/20 19:21:21
3460 [session.c]
3461 remove unused arg
Ben Lindstromfc9b07d2001-03-22 01:27:23 +00003462 - markus@cvs.openbsd.org 2001/03/20 19:21:21
3463 [session.c]
3464 remove unused arg
Ben Lindstromb31783d2001-03-22 02:02:12 +00003465 - markus@cvs.openbsd.org 2001/03/21 11:43:45
3466 [auth1.c auth2.c session.c session.h]
3467 merge common ssh v1/2 code
Ben Lindstromf1107f52001-03-22 02:05:32 +00003468 - jakob@cvs.openbsd.org 2001/03/21 14:20:45
3469 [ssh-keygen.c]
3470 add -B flag to usage
Ben Lindstromd9267452001-03-22 02:06:57 +00003471 - markus@cvs.openbsd.org 2001/03/21 21:06:30
3472 [session.c]
3473 missing init; from mib@unimelb.edu.au
Damien Millerbebd8be2001-03-22 11:58:15 +11003474
Damien Millerbe081762001-03-21 11:11:57 +1100347520010321
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003476 - (djm) Fix ttyname breakage for AIX and Tru64. Patch from Steve
Damien Millerbe081762001-03-21 11:11:57 +11003477 VanDevender <stevev@darkwing.uoregon.edu>
Damien Miller2e9adb22001-03-21 12:16:24 +11003478 - (djm) Make sure pam_retval is initialised on call to pam_end. Patch
3479 from Solar Designer <solar@openwall.com>
Damien Millerec7e1b12001-03-21 13:01:35 +11003480 - (djm) Don't loop forever when changing password via PAM. Patch
3481 from Solar Designer <solar@openwall.com>
Damien Miller4b4e2d32001-03-21 13:13:40 +11003482 - (djm) Generate config files before build
Damien Millerb69407d2001-03-21 16:13:03 +11003483 - (djm) Correctly handle SIA and AIX when no tty present. Spotted and
3484 suggested fix from Mike Battersby <mib@unimelb.edu.au>
Damien Millerbe081762001-03-21 11:11:57 +11003485
Ben Lindstroma77d6412001-03-19 18:58:13 +0000348620010320
Ben Lindstrom11c78f82001-03-19 19:00:09 +00003487 - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS).
3488 - (bal) glob.c update to set gl_pathv to NULL (OpenBSD CVS).
Ben Lindstrom9911f122001-03-19 21:29:30 +00003489 - (bal) Oops. Missed globc.h change (OpenBSD CVS).
Damien Millere7cf07c2001-03-20 09:15:57 +11003490 - (djm) OpenBSD CVS Sync
3491 - markus@cvs.openbsd.org 2001/03/19 17:07:23
3492 [auth.c readconf.c]
3493 undo /etc/shell and proto 2,1 change for openssh-2.5.2
Damien Miller41be73b2001-03-20 09:16:34 +11003494 - markus@cvs.openbsd.org 2001/03/19 17:12:10
3495 [version.h]
3496 version 2.5.2
Damien Miller82e7ae52001-03-20 09:30:50 +11003497 - (djm) Update RPM spec version
3498 - (djm) Release 2.5.2p1
Tim Riced14d7022001-03-19 18:31:44 -08003499- tim@mindrot.org 2001/03/19 18:33:47 [defines.h]
3500 change S_ISLNK macro to work for UnixWare 2.03
Tim Riced9d5ba22001-03-19 20:46:50 -08003501- tim@mindrot.org 2001/03/19 20:45:11 [openbsd-compat/glob.c]
3502 add get_arg_max(). Use sysconf() if ARG_MAX is not defined
Ben Lindstroma77d6412001-03-19 18:58:13 +00003503
Damien Miller60bc5172001-03-19 09:38:15 +1100350420010319
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003505 - (djm) Seed PRNG at startup, rather than waiting for arc4random calls to
Damien Miller60bc5172001-03-19 09:38:15 +11003506 do it implicitly.
Damien Miller9de61e82001-03-19 10:09:27 +11003507 - (djm) Add getusershell() functions from OpenBSD CVS
Ben Lindstrom2d70f982001-03-19 00:13:46 +00003508 - OpenBSD CVS Sync
3509 - markus@cvs.openbsd.org 2001/03/18 12:07:52
3510 [auth-options.c]
3511 ignore permitopen="host:port" if AllowTcpForwarding==no
Damien Millerffd0e102001-03-19 12:45:02 +11003512 - (djm) Make scp work on systems without 64-bit ints
Tim Riced19a75a2001-03-18 18:27:26 -08003513 - tim@mindrot.org 2001/03/18 18:28:39 [defines.h]
3514 move HAVE_LONG_LONG_INT where it works
Ben Lindstrom8feff452001-03-19 03:09:40 +00003515 - (bal) Use 'NGROUPS' for NeXT Since 'MAX_NGROUPS' is wrapped up in -lposix
Ben Lindstrom6cabb6f2001-03-19 03:01:56 +00003516 stuff. Change suggested by Mark Miller <markm@swoon.net>
Ben Lindstrom8feff452001-03-19 03:09:40 +00003517 - (bal) Small fix to scp. %lu vs %ld
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003518 - (bal) NeXTStep lacks S_ISLNK. Plus split up S_IS*
Damien Millercafff192001-03-19 22:29:46 +11003519 - (djm) OpenBSD CVS Sync
3520 - djm@cvs.openbsd.org 2001/03/19 03:52:51
3521 [sftp-client.c]
3522 Report ssh connection closing correctly; ok deraadt@
Damien Miller27dbe6f2001-03-19 22:36:20 +11003523 - deraadt@cvs.openbsd.org 2001/03/18 23:30:55
3524 [compat.c compat.h sshd.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003525 specifically version match on ssh scanners. do not log scan
Damien Miller27dbe6f2001-03-19 22:36:20 +11003526 information to the console
Damien Millerc2c5d9f2001-03-19 23:16:08 +11003527 - djm@cvs.openbsd.org 2001/03/19 12:10:17
Damien Millera243fde2001-03-19 23:16:08 +11003528 [sshd.8]
Damien Millerc2c5d9f2001-03-19 23:16:08 +11003529 Document permitopen authorized_keys option; ok markus@
Damien Miller1e42f302001-03-19 23:59:11 +11003530 - djm@cvs.openbsd.org 2001/03/19 05:49:52
3531 [ssh.1]
3532 document PreferredAuthentications option; ok markus@
Ben Lindstromaad56ce2001-03-19 13:42:21 +00003533 - (bal) Minor NeXT fixed. Forgot to #undef NGROUPS_MAX
Damien Miller60bc5172001-03-19 09:38:15 +11003534
Ben Lindstromfea72782001-03-17 18:07:46 +0000353520010318
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003536 - (bal) Fixed scp type casing issue which causes "scp: protocol error:
Ben Lindstromfea72782001-03-17 18:07:46 +00003537 size not delimited" fatal errors when tranfering.
Ben Lindstromd69191b2001-03-17 23:13:27 +00003538 - OpenBSD CVS Sync
3539 - markus@cvs.openbsd.org 2001/03/17 17:27:59
3540 [auth.c]
3541 check /etc/shells, too
Tim Riceb399be42001-03-17 18:43:16 -08003542 - tim@mindrot.org 2001/03/17 18:45:25 [compat.c]
3543 openbsd-compat/fake-regex.h
Ben Lindstromfea72782001-03-17 18:07:46 +00003544
Damien Miller168a7002001-03-17 10:29:50 +1100354520010317
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003546 - Support usrinfo() on AIX. Based on patch from Gert Doering
Damien Miller168a7002001-03-17 10:29:50 +11003547 <gert@greenie.muc.de>
Ben Lindstroma4c57662001-03-17 00:10:20 +00003548 - OpenBSD CVS Sync
3549 - markus@cvs.openbsd.org 2001/03/15 15:05:59
3550 [scp.c]
3551 use %lld in printf, ok millert@/deraadt@; report from ssh@client.fi
Ben Lindstrom86fe8682001-03-17 00:32:57 +00003552 - markus@cvs.openbsd.org 2001/03/15 22:07:08
3553 [session.c]
3554 pass Session to do_child + KNF
Ben Lindstromc8d1c302001-03-17 00:34:46 +00003555 - djm@cvs.openbsd.org 2001/03/16 08:16:18
3556 [sftp-client.c sftp-client.h sftp-glob.c sftp-int.c]
3557 Revise globbing for get/put to be more shell-like. In particular,
3558 "get/put file* directory/" now works. ok markus@
Ben Lindstrom5df2ffa2001-03-17 00:36:17 +00003559 - markus@cvs.openbsd.org 2001/03/16 09:55:53
3560 [sftp-int.c]
3561 fix memset and whitespace
Ben Lindstromcf00df62001-03-17 00:37:31 +00003562 - markus@cvs.openbsd.org 2001/03/16 13:44:24
3563 [sftp-int.c]
3564 discourage strcat/strcpy
Ben Lindstrom7bb8b492001-03-17 00:47:54 +00003565 - markus@cvs.openbsd.org 2001/03/16 19:06:30
3566 [auth-options.c channels.c channels.h serverloop.c session.c]
3567 implement "permitopen" key option, restricts -L style forwarding to
3568 to specified host:port pairs. based on work by harlan@genua.de
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003569 - Check for gl_matchc support in glob_t and fall back to the
Ben Lindstrom45b14db2001-03-17 01:15:38 +00003570 openbsd-compat/glob.[ch] support if it does not exist.
Damien Miller168a7002001-03-17 10:29:50 +11003571
Ben Lindstrom025df4a2001-03-14 15:16:34 +0000357220010315
3573 - OpenBSD CVS Sync
3574 - markus@cvs.openbsd.org 2001/03/14 08:57:14
3575 [sftp-client.c]
3576 Wall
Ben Lindstromf78682d2001-03-14 21:26:27 +00003577 - markus@cvs.openbsd.org 2001/03/14 15:15:58
3578 [sftp-int.c]
3579 add version command
Ben Lindstromc7f4ccd2001-03-15 00:09:15 +00003580 - deraadt@cvs.openbsd.org 2001/03/14 22:50:25
3581 [sftp-server.c]
3582 note no getopt()
Kevin Steves54f15b62001-03-14 18:37:13 +00003583 - (stevesk) ssh-keyscan.c: specify "openbsd-compat/fake-queue.h"
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003584 - (bal) Cygwin README change by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom025df4a2001-03-14 15:16:34 +00003585
Damien Miller056ddf72001-03-14 10:15:20 +1100358620010314
3587 - OpenBSD CVS Sync
Ben Lindstromf78682d2001-03-14 21:26:27 +00003588 - markus@cvs.openbsd.org 2001/03/13 17:34:42
3589 [auth-options.c]
3590 missing xfree, deny key on parse error; ok stevesk@
3591 - djm@cvs.openbsd.org 2001/03/13 22:42:54
3592 [sftp-client.c sftp-client.h sftp-glob.c sftp-glob.h sftp-int.c]
3593 sftp client filename globbing for get, put, ch{mod,grp,own}. ok markus@
Damien Miller3c027682001-03-14 11:39:45 +11003594 - (bal) Fix strerror() in bsd-misc.c
3595 - (djm) Add replacement glob() from OpenBSD libc if the system glob is
3596 missing or lacks the GLOB_ALTDIRFUNC extension
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003597 - (djm) Remove -I$(srcdir)/openbsd-compat from CFLAGS, refer to headers
Damien Miller3c027682001-03-14 11:39:45 +11003598 relatively. Avoids conflict between glob.h and /usr/include/glob.h
Damien Miller056ddf72001-03-14 10:15:20 +11003599
Ben Lindstromcfccef92001-03-13 04:57:58 +0000360020010313
3601 - OpenBSD CVS Sync
3602 - markus@cvs.openbsd.org 2001/03/12 22:02:02
3603 [key.c key.h ssh-add.c ssh-keygen.c sshconnect.c sshconnect2.c]
3604 remove old key_fingerprint interface, s/_ex//
3605
Ben Lindstromb54873a2001-03-11 20:01:55 +0000360620010312
3607 - OpenBSD CVS Sync
3608 - markus@cvs.openbsd.org 2001/03/11 13:25:36
3609 [auth2.c key.c]
3610 debug
Ben Lindstrom96e8ea62001-03-11 20:03:44 +00003611 - jakob@cvs.openbsd.org 2001/03/11 15:03:16
3612 [key.c key.h]
3613 add improved fingerprint functions. based on work by Carsten
3614 Raskgaard <cara@int.tele.dk> and modified by me. ok markus@.
Ben Lindstroma8a73e62001-03-11 20:05:19 +00003615 - jakob@cvs.openbsd.org 2001/03/11 15:04:16
3616 [ssh-keygen.1 ssh-keygen.c]
3617 print both md5, sha1 and bubblebabble fingerprints when using
3618 ssh-keygen -l -v. ok markus@.
Ben Lindstromcbe3ad22001-03-11 20:06:59 +00003619 - jakob@cvs.openbsd.org 2001/03/11 15:13:09
3620 [key.c]
3621 cleanup & shorten some var names key_fingerprint_bubblebabble.
Ben Lindstromca0bf572001-03-11 20:08:29 +00003622 - deraadt@cvs.openbsd.org 2001/03/11 16:39:03
3623 [ssh-keygen.c]
3624 KNF, and SHA1 binary output is just creeping featurism
Tim Ricebee3f222001-03-11 17:32:12 -08003625 - tim@mindrot.org 2001/03/11 17:29:32 [configure.in]
3626 test if snprintf() supports %ll
3627 add /dev to search path for PRNGD/EGD socket
3628 fix my mistake in USER_PATH test program
Ben Lindstromf0b48532001-03-12 02:59:31 +00003629 - OpenBSD CVS Sync
3630 - markus@cvs.openbsd.org 2001/03/11 18:29:51
3631 [key.c]
3632 style+cleanup
Ben Lindstrom8fd372b2001-03-12 03:02:17 +00003633 - markus@cvs.openbsd.org 2001/03/11 22:33:24
3634 [ssh-keygen.1 ssh-keygen.c]
3635 remove -v again. use -B instead for bubblebabble. make -B consistent
3636 with -l and make -B work with /path/to/known_hosts. ok deraadt@
Damien Miller547c2762001-03-12 14:23:52 +11003637 - (djm) Bump portable version number for generating test RPMs
Damien Miller3e292fa2001-03-12 14:47:30 +11003638 - (djm) Add "static_openssl" RPM build option, remove rsh build dependency
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003639 - (bal) Reorder includes in Makefile.
Ben Lindstromb54873a2001-03-11 20:01:55 +00003640
Ben Lindstrom329782e2001-03-10 17:08:59 +0000364120010311
3642 - OpenBSD CVS Sync
3643 - markus@cvs.openbsd.org 2001/03/10 12:48:27
3644 [sshconnect2.c]
3645 ignore nonexisting private keys; report rjmooney@mediaone.net
Ben Lindstrom068f3dc2001-03-10 17:15:39 +00003646 - deraadt@cvs.openbsd.org 2001/03/10 12:53:51
3647 [readconf.c ssh_config]
3648 default to SSH2, now that m68k runs fast
Ben Lindstrom00261542001-03-10 17:17:28 +00003649 - stevesk@cvs.openbsd.org 2001/03/10 15:02:05
3650 [ttymodes.c ttymodes.h]
3651 remove unused sgtty macros; ok markus@
Ben Lindstromd20d0f32001-03-10 17:22:20 +00003652 - deraadt@cvs.openbsd.org 2001/03/10 15:31:00
3653 [compat.c compat.h sshconnect.c]
3654 all known netscreen ssh versions, and older versions of OSU ssh cannot
3655 handle password padding (newer OSU is fixed)
Tim Rice7f283fc2001-03-10 16:52:25 -08003656 - tim@mindrot.org 2001/03/10 16:33:42 [configure.in Makefile.in sshd_config]
3657 make sure $bindir is in USER_PATH so scp will work
Ben Lindstromb9be60a2001-03-11 01:49:19 +00003658 - OpenBSD CVS Sync
3659 - markus@cvs.openbsd.org 2001/03/10 17:51:04
3660 [kex.c match.c match.h readconf.c readconf.h sshconnect2.c]
3661 add PreferredAuthentications
Ben Lindstrom329782e2001-03-10 17:08:59 +00003662
Ben Lindstrom5fc62702001-03-09 18:19:24 +0000366320010310
3664 - OpenBSD CVS Sync
3665 - deraadt@cvs.openbsd.org 2001/03/09 03:14:39
3666 [ssh-keygen.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003667 create *.pub files with umask 0644, so that you can mv them to
Ben Lindstrom5fc62702001-03-09 18:19:24 +00003668 authorized_keys
Ben Lindstromca42d5f2001-03-09 18:25:32 +00003669 - deraadt@cvs.openbsd.org 2001/03/09 12:30:29
3670 [sshd.c]
3671 typo; slade@shore.net
Ben Lindstrom5f5419a2001-03-09 19:48:37 +00003672 - Removed log.o from sftp client. Not needed.
Ben Lindstrom5fc62702001-03-09 18:19:24 +00003673
Ben Lindstroma0384982001-03-08 20:37:22 +0000367420010309
3675 - OpenBSD CVS Sync
3676 - stevesk@cvs.openbsd.org 2001/03/08 18:47:12
3677 [auth1.c]
3678 unused; ok markus@
Ben Lindstrom283cb822001-03-09 00:09:02 +00003679 - stevesk@cvs.openbsd.org 2001/03/08 20:44:48
3680 [sftp.1]
3681 spelling, cleanup; ok deraadt@
Ben Lindstrom266dfdf2001-03-09 00:12:22 +00003682 - markus@cvs.openbsd.org 2001/03/08 21:42:33
3683 [compat.c compat.h readconf.h ssh.c sshconnect1.c sshconnect2.c]
3684 implement client side of SSH2_MSG_USERAUTH_PK_OK (test public key ->
3685 no need to do enter passphrase or do expensive sign operations if the
3686 server does not accept key).
Ben Lindstroma0384982001-03-08 20:37:22 +00003687
Damien Miller058316f2001-03-08 10:08:49 +1100368820010308
3689 - OpenBSD CVS Sync
Ben Lindstromcebc8582001-03-08 03:39:10 +00003690 - djm@cvs.openbsd.org 2001/03/07 10:11:23
3691 [sftp-client.c sftp-client.h sftp-int.c sftp-server.c sftp.1 sftp.c sftp.h]
3692 Support for new draft (draft-ietf-secsh-filexfer-01). New symlink handling
3693 functions and small protocol change.
3694 - markus@cvs.openbsd.org 2001/03/08 00:15:48
3695 [readconf.c ssh.1]
3696 turn off useprivilegedports by default. only rhost-auth needs
3697 this. older sshd's may need this, too.
Kevin Steves52dd4682001-03-08 18:26:57 +00003698 - (stevesk) Reliant Unix (SNI) needs HAVE_BOGUS_SYS_QUEUE_H;
3699 Dirk Markwardt <D.Markwardt@tu-bs.de>
Damien Miller058316f2001-03-08 10:08:49 +11003700
Ben Lindstrome21c4ad2001-03-07 01:23:30 +0000370120010307
3702 - (bal) OpenBSD CVS Sync
3703 - deraadt@cvs.openbsd.org 2001/03/06 06:11:18
3704 [ssh-keyscan.c]
3705 appease gcc
Ben Lindstrom562c26b2001-03-07 01:26:48 +00003706 - deraadt@cvs.openbsd.org 2001/03/06 06:11:44
3707 [sftp-int.c sftp.1 sftp.c]
3708 sftp -b batchfile; mouring@etoh.eviladmin.org
Ben Lindstromc9b6eab2001-03-07 01:29:17 +00003709 - deraadt@cvs.openbsd.org 2001/03/06 15:10:42
3710 [sftp.1]
3711 order things
Ben Lindstromd58eb5f2001-03-07 06:07:22 +00003712 - deraadt@cvs.openbsd.org 2001/03/07 01:19:06
3713 [ssh.1 sshd.8]
3714 the name "secure shell" is boring, noone ever uses it
Ben Lindstromb29e34d2001-03-07 06:08:50 +00003715 - deraadt@cvs.openbsd.org 2001/03/07 04:05:58
3716 [ssh.1]
3717 removed dated comment
Damien Miller8ac0a7e2001-03-07 21:38:19 +11003718 - Cygwin contrib improvements from Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrome21c4ad2001-03-07 01:23:30 +00003719
Ben Lindstromff8b4942001-03-06 01:00:03 +0000372020010306
3721 - (bal) OpenBSD CVS Sync
3722 - deraadt@cvs.openbsd.org 2001/03/05 14:28:47
3723 [sshd.8]
3724 alpha order; jcs@rt.fm
Ben Lindstrom35f1f4e2001-03-06 01:02:41 +00003725 - stevesk@cvs.openbsd.org 2001/03/05 15:44:51
3726 [servconf.c]
3727 sync error message; ok markus@
Ben Lindstromec26fb12001-03-06 01:05:23 +00003728 - deraadt@cvs.openbsd.org 2001/03/05 15:56:16
3729 [myproposal.h ssh.1]
3730 switch to aes128-cbc/hmac-md5 by default in SSH2 -- faster;
3731 provos & markus ok
Ben Lindstromc78a1872001-03-06 01:06:58 +00003732 - deraadt@cvs.openbsd.org 2001/03/05 16:07:15
3733 [sshd.8]
3734 detail default hmac setup too
Ben Lindstrom4c4f05e2001-03-06 01:09:20 +00003735 - markus@cvs.openbsd.org 2001/03/05 17:17:21
3736 [kex.c kex.h sshconnect2.c sshd.c]
3737 generate a 2*need size (~300 instead of 1024/2048) random private
3738 exponent during the DH key agreement. according to Niels (the great
3739 german advisor) this is safe since /etc/primes contains strong
3740 primes only.
3741
3742 References:
3743 P. C. van Oorschot and M. J. Wiener, On Diffie-Hellman key
3744 agreement with short exponents, In Advances in Cryptology
3745 - EUROCRYPT'96, LNCS 1070, Springer-Verlag, 1996, pp.332-343.
Ben Lindstrom1e621742001-03-06 01:10:53 +00003746 - stevesk@cvs.openbsd.org 2001/03/05 17:40:48
3747 [ssh.1]
3748 more ssh_known_hosts2 documentation; ok markus@
Ben Lindstrombe6a5a62001-03-06 01:13:06 +00003749 - stevesk@cvs.openbsd.org 2001/03/05 17:58:22
3750 [dh.c]
3751 spelling
Ben Lindstromb3144e52001-03-06 03:31:34 +00003752 - deraadt@cvs.openbsd.org 2001/03/06 00:33:04
3753 [authfd.c cli.c ssh-agent.c]
3754 EINTR/EAGAIN handling is required in more cases
Ben Lindstrom884a4ac2001-03-06 03:33:04 +00003755 - millert@cvs.openbsd.org 2001/03/06 01:06:03
3756 [ssh-keyscan.c]
3757 Don't assume we wil get the version string all in one read().
3758 deraadt@ OK'd
Ben Lindstromebc88272001-03-06 03:34:40 +00003759 - millert@cvs.openbsd.org 2001/03/06 01:08:27
3760 [clientloop.c]
3761 If read() fails with EINTR deal with it the same way we treat EAGAIN
Ben Lindstromff8b4942001-03-06 01:00:03 +00003762
Ben Lindstrom6ed8c042001-03-05 03:53:02 +0000376320010305
3764 - (bal) CVS ID touch up on sshpty.[ch] and sshlogin.[ch]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003765 - (bal) CVS ID touch up on sftp-int.c
Ben Lindstromcf0da402001-03-05 06:42:58 +00003766 - (bal) CVS ID touch up on uuencode.c
Ben Lindstrom9c532442001-03-05 07:33:14 +00003767 - (bal) CVS ID touch up on auth2.c, serverloop.c, session.c & sshd.c
Ben Lindstromb0a4cd82001-03-05 04:54:49 +00003768 - (bal) OpenBSD CVS Sync
Ben Lindstrom53992c72001-03-05 04:47:55 +00003769 - deraadt@cvs.openbsd.org 2001/02/17 23:48:48
3770 [sshd.8]
3771 it's the OpenSSH one
Ben Lindstromb0a4cd82001-03-05 04:54:49 +00003772 - deraadt@cvs.openbsd.org 2001/02/21 07:37:04
3773 [ssh-keyscan.c]
3774 inline -> __inline__, and some indent
Ben Lindstromb257cca2001-03-05 04:59:27 +00003775 - deraadt@cvs.openbsd.org 2001/02/21 09:05:54
3776 [authfile.c]
3777 improve fd handling
Ben Lindstrom36592512001-03-05 05:02:08 +00003778 - deraadt@cvs.openbsd.org 2001/02/21 09:12:56
3779 [sftp-server.c]
3780 careful with & and &&; markus ok
Ben Lindstrom87af95b2001-03-05 05:04:57 +00003781 - stevesk@cvs.openbsd.org 2001/02/21 21:14:04
3782 [ssh.c]
3783 -i supports DSA identities now; ok markus@
Ben Lindstrom33a3cc32001-03-05 05:07:52 +00003784 - deraadt@cvs.openbsd.org 2001/02/22 04:29:37
3785 [servconf.c]
3786 grammar; slade@shore.net
Ben Lindstromb7c92322001-03-05 05:10:52 +00003787 - deraadt@cvs.openbsd.org 2001/02/22 06:43:55
3788 [ssh-keygen.1 ssh-keygen.c]
3789 document -d, and -t defaults to rsa1
Ben Lindstrom7ab51172001-03-05 05:13:38 +00003790 - deraadt@cvs.openbsd.org 2001/02/22 08:03:51
3791 [ssh-keygen.1 ssh-keygen.c]
3792 bye bye -d
Ben Lindstrom531a4452001-03-05 05:17:18 +00003793 - deraadt@cvs.openbsd.org 2001/02/22 18:09:06
3794 [sshd_config]
3795 activate RSA 2 key
Ben Lindstromebd888d2001-03-05 05:49:29 +00003796 - markus@cvs.openbsd.org 2001/02/22 21:57:27
3797 [ssh.1 sshd.8]
3798 typos/grammar from matt@anzen.com
Ben Lindstrom086cf212001-03-05 05:56:40 +00003799 - markus@cvs.openbsd.org 2001/02/22 21:59:44
3800 [auth.c auth.h auth1.c auth2.c misc.c misc.h ssh.c]
3801 use pwcopy in ssh.c, too
Ben Lindstromf4c73112001-03-05 05:58:23 +00003802 - markus@cvs.openbsd.org 2001/02/23 15:34:53
3803 [serverloop.c]
3804 debug2->3
Ben Lindstromeb648a72001-03-05 06:00:29 +00003805 - markus@cvs.openbsd.org 2001/02/23 18:15:13
3806 [sshd.c]
3807 the random session key depends now on the session_key_int
3808 sent by the 'attacker'
3809 dig1 = md5(cookie|session_key_int);
3810 dig2 = md5(dig1|cookie|session_key_int);
3811 fake_session_key = dig1|dig2;
3812 this change is caused by a mail from anakin@pobox.com
3813 patch based on discussions with my german advisor niels@openbsd.org
Ben Lindstromb00d4fb2001-03-05 06:03:03 +00003814 - deraadt@cvs.openbsd.org 2001/02/24 10:37:55
3815 [readconf.c]
3816 look for id_rsa by default, before id_dsa
Ben Lindstrom4b00c8b2001-03-05 06:05:35 +00003817 - deraadt@cvs.openbsd.org 2001/02/24 10:37:26
3818 [sshd_config]
3819 ssh2 rsa key before dsa key
Ben Lindstrom6a5cde02001-03-05 06:07:00 +00003820 - markus@cvs.openbsd.org 2001/02/27 10:35:27
3821 [packet.c]
3822 fix random padding
Ben Lindstrom5de86cc2001-03-05 06:08:19 +00003823 - markus@cvs.openbsd.org 2001/02/27 11:00:11
3824 [compat.c]
3825 support SSH-2.0-2.1 ; from Christophe_Moret@hp.com
Ben Lindstrom06909012001-03-05 06:09:31 +00003826 - deraadt@cvs.openbsd.org 2001/02/28 05:34:28
3827 [misc.c]
3828 pull in protos
Ben Lindstromec19a402001-03-05 06:12:01 +00003829 - deraadt@cvs.openbsd.org 2001/02/28 05:36:28
3830 [sftp.c]
3831 do not kill the subprocess on termination (we will see if this helps
3832 things or hurts things)
Ben Lindstrome9613cf2001-03-05 06:14:02 +00003833 - markus@cvs.openbsd.org 2001/02/28 08:45:39
3834 [clientloop.c]
3835 fix byte counts for ssh protocol v1
Ben Lindstrom7fbd4552001-03-05 06:16:11 +00003836 - markus@cvs.openbsd.org 2001/02/28 08:54:55
3837 [channels.c nchan.c nchan.h]
3838 make sure remote stderr does not get truncated.
3839 remove closed fd's from the select mask.
Ben Lindstrom5699c5f2001-03-05 06:17:49 +00003840 - markus@cvs.openbsd.org 2001/02/28 09:57:07
3841 [packet.c packet.h sshconnect2.c]
3842 in ssh protocol v2 use ignore messages for padding (instead of
3843 trailing \0).
Ben Lindstromcc74df72001-03-05 06:20:14 +00003844 - markus@cvs.openbsd.org 2001/02/28 12:55:07
3845 [channels.c]
3846 unify debug messages
Ben Lindstrom40304422001-03-05 06:22:01 +00003847 - deraadt@cvs.openbsd.org 2001/02/28 17:52:54
3848 [misc.c]
3849 for completeness, copy pw_gecos too
Ben Lindstrom941ac822001-03-05 06:25:23 +00003850 - markus@cvs.openbsd.org 2001/02/28 21:21:41
3851 [sshd.c]
3852 generate a fake session id, too
Ben Lindstrome229b252001-03-05 06:28:06 +00003853 - markus@cvs.openbsd.org 2001/02/28 21:27:48
3854 [channels.c packet.c packet.h serverloop.c]
3855 use ignore message to simulate a SSH2_MSG_CHANNEL_DATA message
3856 use random content in ignore messages.
Ben Lindstromb40204b2001-03-05 06:29:44 +00003857 - markus@cvs.openbsd.org 2001/02/28 21:31:32
3858 [channels.c]
3859 typo
Ben Lindstromafd34752001-03-05 06:33:23 +00003860 - deraadt@cvs.openbsd.org 2001/03/01 02:11:25
3861 [authfd.c]
3862 split line so that p will have an easier time next time around
Ben Lindstrom0ab2a012001-03-05 06:45:21 +00003863 - deraadt@cvs.openbsd.org 2001/03/01 02:29:04
3864 [ssh.c]
3865 shorten usage by a line
Ben Lindstrom204e4882001-03-05 06:47:00 +00003866 - deraadt@cvs.openbsd.org 2001/03/01 02:45:10
3867 [auth-rsa.c auth2.c deattack.c packet.c]
3868 KNF
Ben Lindstromb22c2b82001-03-05 06:50:47 +00003869 - deraadt@cvs.openbsd.org 2001/03/01 03:38:33
3870 [cli.c cli.h rijndael.h ssh-keyscan.1]
3871 copyright notices on all source files
Ben Lindstrom4040fe12001-03-05 06:52:57 +00003872 - markus@cvs.openbsd.org 2001/03/01 22:46:37
3873 [ssh.c]
3874 don't truncate remote ssh-2 commands; from mkubita@securities.cz
3875 use min, not max for logging, fixes overflow.
Ben Lindstrom49a098d2001-03-05 06:55:18 +00003876 - deraadt@cvs.openbsd.org 2001/03/02 06:21:01
3877 [sshd.8]
3878 explain SIGHUP better
Ben Lindstromd7f5b512001-03-05 06:57:23 +00003879 - deraadt@cvs.openbsd.org 2001/03/02 09:42:49
3880 [sshd.8]
3881 doc the dsa/rsa key pair files
Ben Lindstrom92a2e382001-03-05 06:59:27 +00003882 - deraadt@cvs.openbsd.org 2001/03/02 18:54:31
3883 [atomicio.c atomicio.h auth-chall.c auth.c auth2-chall.c crc32.h
3884 scp.c serverloop.c session.c sftp-server.8 sftp.1 ssh-add.1 ssh-add.c
3885 ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh.1 sshd.8]
3886 make copyright lines the same format
Ben Lindstromd20b8552001-03-05 07:01:18 +00003887 - deraadt@cvs.openbsd.org 2001/03/03 06:53:12
3888 [ssh-keyscan.c]
3889 standard theo sweep
Ben Lindstromc1e04212001-03-05 07:04:38 +00003890 - millert@cvs.openbsd.org 2001/03/03 21:19:41
3891 [ssh-keyscan.c]
3892 Dynamically allocate read_wait and its copies. Since maxfd is
3893 based on resource limits it is often (usually?) larger than FD_SETSIZE.
Ben Lindstromcb80bdf2001-03-05 07:06:12 +00003894 - millert@cvs.openbsd.org 2001/03/03 21:40:30
3895 [sftp-server.c]
3896 Dynamically allocate fd_set; deraadt@ OK
Ben Lindstromcb978aa2001-03-05 07:07:49 +00003897 - millert@cvs.openbsd.org 2001/03/03 21:41:07
3898 [packet.c]
3899 Dynamically allocate fd_set; deraadt@ OK
Ben Lindstrom1addabd2001-03-05 07:09:11 +00003900 - deraadt@cvs.openbsd.org 2001/03/03 22:07:50
3901 [sftp-server.c]
3902 KNF
Ben Lindstrom46d6e092001-03-05 07:10:47 +00003903 - markus@cvs.openbsd.org 2001/03/03 23:52:22
3904 [sftp.c]
3905 clean up arg processing. based on work by Christophe_Moret@hp.com
Ben Lindstrom8a432f52001-03-05 07:24:46 +00003906 - markus@cvs.openbsd.org 2001/03/03 23:59:34
3907 [log.c ssh.c]
3908 log*.c -> log.c
Ben Lindstromb1131e92001-03-05 07:27:13 +00003909 - markus@cvs.openbsd.org 2001/03/04 00:03:59
3910 [channels.c]
3911 debug1->2
Ben Lindstrom3d73a342001-03-05 07:39:01 +00003912 - stevesk@cvs.openbsd.org 2001/03/04 10:57:53
3913 [ssh.c]
3914 add -m to usage; ok markus@
Ben Lindstrom323c98f2001-03-05 07:40:40 +00003915 - stevesk@cvs.openbsd.org 2001/03/04 11:04:41
3916 [sshd.8]
3917 small cleanup and clarify for PermitRootLogin; ok markus@
Ben Lindstromd9cae222001-03-05 07:42:03 +00003918 - stevesk@cvs.openbsd.org 2001/03/04 11:16:06
3919 [servconf.c sshd.8]
3920 kill obsolete RandomSeed; ok markus@ deraadt@
Ben Lindstromfafea182001-03-05 07:43:27 +00003921 - stevesk@cvs.openbsd.org 2001/03/04 12:54:04
3922 [sshd.8]
3923 spelling
Ben Lindstrom6df8ef42001-03-05 07:47:23 +00003924 - millert@cvs.openbsd.org 2001/03/04 17:42:28
3925 [authfd.c channels.c dh.c log.c readconf.c servconf.c sftp-int.c
3926 ssh.c sshconnect.c sshd.c]
3927 log functions should not be passed strings that end in newline as they
3928 get passed on to syslog() and when logging to stderr, do_log() appends
3929 its own newline.
Ben Lindstromfd2e05b2001-03-05 07:48:45 +00003930 - deraadt@cvs.openbsd.org 2001/03/04 18:21:28
3931 [sshd.8]
3932 list SSH2 ciphers
Ben Lindstrom0f68db42001-03-05 07:57:09 +00003933 - (bal) Put HAVE_PW_CLASS_IN_PASSWD back into pwcopy()
Ben Lindstrom2d9bfb12001-03-05 08:16:54 +00003934 - (bal) Fix up logging since it changed. removed log-*.c
Damien Miller30246a82001-03-05 21:23:31 +11003935 - (djm) Fix up LOG_AUTHPRIV for systems that have it
Kevin Steves935aa242001-03-05 19:46:37 +00003936 - (stevesk) OpenBSD sync:
3937 - deraadt@cvs.openbsd.org 2001/03/05 08:37:27
3938 [ssh-keyscan.c]
3939 skip inlining, why bother
Kevin Steves12888d12001-03-05 19:50:57 +00003940 - (stevesk) sftp.c: handle __progname
Ben Lindstrom6ed8c042001-03-05 03:53:02 +00003941
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +0000394220010304
3943 - (bal) Remove make-ssh-known-hosts.1 since it's no longer valid.
Ben Lindstromcfb93702001-03-03 21:43:19 +00003944 - (bal) Updated contrib/README to remove 'make-ssh-known-hosts' and
3945 give Mark Roth credit for mdoc2man.pl
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +00003946
Damien Miller459ac4b2001-03-03 20:00:36 +1100394720010303
Ben Lindstrom59a5f9b2001-03-03 21:37:50 +00003948 - (djm) Remove make-ssh-known-hosts.pl, ssh-keyscan is better.
3949 - (djm) Document PAM ChallengeResponseAuthentication in sshd.8
3950 - (djm) Disable and comment ChallengeResponseAuthentication in sshd_config
3951 - (djm) Allow PRNGd entropy collection from localhost TCP socket. Replace
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003952 "--with-egd-pool" configure option with "--with-prngd-socket" and
Damien Millerd0ccb982001-03-04 00:29:20 +11003953 "--with-prngd-port" options. Debugged and improved by Lutz Jaenicke
3954 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller459ac4b2001-03-03 20:00:36 +11003955
Damien Miller95aa2d62001-03-01 09:16:11 +1100395620010301
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003957 - (djm) Properly add -lcrypt if needed.
Damien Miller882c2ee2001-03-01 09:18:57 +11003958 - (djm) Force standard PAM conversation function in a few more places.
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003959 Patch from Redhat 2.5.1p1-2 RPM, probably Nalin Dahyabhai
Damien Miller882c2ee2001-03-01 09:18:57 +11003960 <nalin@redhat.com>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003961 - (djm) Cygwin needs pw->pw_gecos copied too. Patch from Corinna Vinschen
Damien Millerb5b62182001-03-01 09:48:13 +11003962 <vinschen@redhat.com>
Damien Miller9de5f052001-03-01 11:09:42 +11003963 - (djm) Released 2.5.1p2
Damien Miller95aa2d62001-03-01 09:16:11 +11003964
Damien Miller4df5c762001-02-28 08:14:22 +1100396520010228
3966 - (djm) Detect endianness in configure and use it in rijndael.c. Fixes
3967 "Bad packet length" bugs.
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003968 - (djm) Fully revert PAM session patch (again). All PAM session init is
Damien Millerefb71792001-02-28 11:48:06 +11003969 now done before the final fork().
Damien Miller3d8ae612001-02-28 12:49:38 +11003970 - (djm) EGD detection patch from Tim Rice <tim@multitalents.net>
Damien Millere8546622001-02-28 12:51:18 +11003971 - (djm) Remove /tmp from EGD socket search list
Damien Miller4df5c762001-02-28 08:14:22 +11003972
Damien Millerfbd884a2001-02-27 08:39:07 +1100397320010227
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003974 - (bal) Applied shutdown() patch for sftp.c by Corinna Vinschen
Ben Lindstrom10b9bf92001-02-26 20:04:45 +00003975 <vinschen@redhat.com>
Ben Lindstrom7603b2d2001-02-26 20:13:32 +00003976 - (bal) OpenBSD Sync
3977 - markus@cvs.openbsd.org 2001/02/23 15:37:45
3978 [session.c]
3979 handle SSH_PROTOFLAG_SCREEN_NUMBER for buggy clients
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003980 - (bal) sshd.init support for all Redhat release. Patch by Jim Knoble
Ben Lindstrom0c100872001-02-26 20:38:53 +00003981 <jmknoble@jmknoble.cx>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003982 - (djm) Fix up POSIX saved uid support. Report from Mark Miller
Ben Lindstromdd784b22001-02-26 22:11:59 +00003983 <markm@swoon.net>
3984 - (djm) Search for -lcrypt on FreeBSD too
Damien Miller767c7fc2001-02-27 09:20:57 +11003985 - (djm) fatal() on OpenSSL version mismatch
Damien Miller5a761312001-02-27 09:28:23 +11003986 - (djm) Move PAM init to after fork for non-Solaris derived PAMs
Damien Miller248131a2001-02-27 09:47:16 +11003987 - (djm) Warning fix on entropy.c saved uid stuff. Patch from Mark Miller
3988 <markm@swoon.net>
Damien Miller7bd1c622001-02-27 10:48:01 +11003989 - (djm) Fix PAM fix
Damien Miller9b405802001-02-27 10:53:00 +11003990 - (djm) Remove 'noreplace' flag from sshd_config in RPM spec files. This
3991 change is being made as 2.5.x configfiles are not back-compatible with
Damien Miller0bcf9ea2001-02-27 14:03:30 +11003992 2.3.x.
3993 - (djm) Avoid warnings for missing broken IP_TOS. Patch from Mark Miller
3994 <markm@swoon.net>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003995 - (djm) Open Server 5 doesn't need BROKEN_SAVED_UIDS. Patch from Tim Rice
Damien Miller6007f192001-02-27 14:42:58 +11003996 <tim@multitalents.net>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00003997 - (djm) Avoid multiple definition of _PATH_LS. Patch from Tim Rice
Damien Miller6007f192001-02-27 14:42:58 +11003998 <tim@multitalents.net>
Ben Lindstrom10b9bf92001-02-26 20:04:45 +00003999
400020010226
Ben Lindstrom63941f92001-02-25 23:20:40 +00004001 - (bal) Fixed bsd-snprinf.c so it now honors 'BROKEN_SNPRINTF' again.
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004002 - (djm) Some systems (SCO3, NeXT) have weird saved uid semantics.
Damien Millerbb7c9762001-02-26 20:49:58 +11004003 Based on patch from Tim Rice <tim@multitalents.net>
Ben Lindstrom63941f92001-02-25 23:20:40 +00004004
Damien Miller73bb0582001-02-25 09:36:29 +1100400520010225
4006 - (djm) Use %{_libexecdir} rather than hardcoded path in RPM specfile
4007 Patch from Adrian Ho <lexfiend@usa.net>
Ben Lindstrom416d8742001-02-25 02:02:43 +00004008 - (bal) Replace 'unsigned long long' to 'u_int64_t' since not every
4009 platform defines u_int64_t as being that.
Damien Miller73bb0582001-02-25 09:36:29 +11004010
Ben Lindstrom65981152001-02-24 00:05:29 +0000401120010224
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004012 - (bal) Missed part of the UNIX sockets patch. Patch by Corinna
Ben Lindstrom8697e082001-02-24 21:41:10 +00004013 Vinschen <vinschen@redhat.com>
4014 - (bal) Reorder where 'strftime' is detected to resolve linking
4015 issues on SCO. Patch by Tim Rice <tim@multitalents.net>
4016
401720010224
Ben Lindstrom65981152001-02-24 00:05:29 +00004018 - (bal) pam_stack fix to correctly detect between RH7 and older RHs.
4019 Patch by Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom803f16c2001-02-24 00:24:19 +00004020 - (bal) Renamed sigaction.[ch] to sigact.[ch]. Causes problems with
4021 some platforms.
Ben Lindstrom38e60932001-02-24 00:55:04 +00004022 - (bal) Generalize lack of UNIX sockets since this also effects Cray
4023 not just Cygwin. Based on patch by Wendy Palm <wendyp@cray.com>
Ben Lindstrom65981152001-02-24 00:05:29 +00004024
Ben Lindstrom008e2912001-02-23 04:45:15 +0000402520010223
4026 - (bal) Fix --define rh7 in openssh.spec file. Patch by Steve Tell
4027 <tell@telltronics.org>
Ben Lindstrom379f2052001-02-23 04:55:46 +00004028 - (bal) Patch to force OpenSSH rpm to require the same version of OpenSSL
4029 that it was compiled against. Patch by Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004030 - (bal) Double -I for OpenSSL on SCO. Patch by Tim Rice
Ben Lindstrom4ef92b52001-02-23 05:05:53 +00004031 <tim@multitalents.net>
Ben Lindstrom008e2912001-02-23 04:45:15 +00004032
Ben Lindstrom0dd676a2001-07-18 16:05:50 +0000403320010222
Ben Lindstrome1bd29b2001-02-21 20:00:28 +00004034 - (bal) Corrected SCO luid patch by svaughan <svaughan@asterion.com>
Ben Lindstrome68c5672001-02-22 06:20:10 +00004035 - (bal) Added mdoc2man.pl from Mark Roth <roth@feep.net>
4036 - (bal) Removed reference to liblogin from contrib/README. It was
4037 integrated into OpenSSH a long while ago.
Kevin Steves77aeaaf2001-02-22 21:23:21 +00004038 - (stevesk) remove erroneous #ifdef sgi code.
4039 Michael Stone <mstone@cs.loyola.edu>
Ben Lindstrome1bd29b2001-02-21 20:00:28 +00004040
Ben Lindstrom866488b2001-02-20 18:22:38 +0000404120010221
4042 - (bal) Removed -L/usr/ucblib -R/usr/ucblib for Solaris platform.
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004043 - (bal) Fixed OpenSSL rework to use $saved_*. Patch by Tim Rice
Ben Lindstrom5eff0312001-02-21 02:35:37 +00004044 <tim@multitalents.net>
Ben Lindstrom94bce402001-02-21 05:53:33 +00004045 - (bal) Reverted out of 2001/02/15 patch by djm below because it
4046 breaks Solaris.
4047 - (djm) Move PAM session setup back to before setuid to user.
4048 fixes problems on Solaris-drived PAMs.
Kevin Stevesff793a22001-02-21 16:36:51 +00004049 - (stevesk) session.c: back out to where we were before:
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004050 - (djm) Move PAM session initialisation until after fork in sshd. Patch
Kevin Stevesff793a22001-02-21 16:36:51 +00004051 from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom5eff0312001-02-21 02:35:37 +00004052
Ben Lindstrom4ffaad82001-02-19 19:54:43 +0000405320010220
4054 - (bal) Fix mixed up params to memmove() from Jan 5th in setenv.c and
4055 getcwd.c.
Ben Lindstroma9a29e12001-02-20 01:20:47 +00004056 - (bal) OpenBSD CVS Sync:
4057 - deraadt@cvs.openbsd.org 2001/02/19 23:09:05
4058 [sshd.c]
4059 clarify message to make it not mention "ident"
Ben Lindstrom4ffaad82001-02-19 19:54:43 +00004060
Ben Lindstromd95c09c2001-02-18 19:13:33 +0000406120010219
4062 - (bal) Markus' blessing to rename login.[ch] -> sshlogin.[ch] and
4063 pty.[ch] -> sshpty.[ch]
Damien Millerccdefb62001-02-19 12:56:39 +11004064 - (djm) Rework search for OpenSSL location. Skip directories which don't
4065 exist, don't add -L$ssldir/lib if it doesn't exist. Should help SCO
4066 with its limit of 6 -L options.
Damien Miller7387fdb2001-02-19 21:51:49 +11004067 - OpenBSD CVS Sync:
4068 - reinhard@cvs.openbsd.org 2001/02/17 08:24:40
4069 [sftp.1]
4070 typo
4071 - deraadt@cvs.openbsd.org 2001/02/17 16:28:58
4072 [ssh.c]
4073 cleanup -V output; noted by millert
4074 - deraadt@cvs.openbsd.org 2001/02/17 16:48:48
4075 [sshd.8]
4076 it's the OpenSSH one
4077 - markus@cvs.openbsd.org 2001/02/18 11:33:54
4078 [dispatch.c]
4079 typo, SSH2_MSG_KEXINIT, from aspa@kronodoc.fi
4080 - markus@cvs.openbsd.org 2001/02/19 02:53:32
4081 [compat.c compat.h serverloop.c]
4082 ssh-1.2.{18-22} has broken handling of ignore messages; report from
4083 itojun@
4084 - markus@cvs.openbsd.org 2001/02/19 03:35:23
4085 [version.h]
4086 OpenSSH_2.5.1 adds bug compat with 1.2.{18-22}
4087 - deraadt@cvs.openbsd.org 2001/02/19 03:36:25
4088 [scp.c]
4089 np is changed by recursion; vinschen@redhat.com
4090 - Update versions in RPM spec files
4091 - Release 2.5.1p1
Ben Lindstromd95c09c2001-02-18 19:13:33 +00004092
Ben Lindstrom6dc75f52001-02-17 16:47:47 +0000409320010218
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004094 - (bal) Patch for fix FCHMOD reference in ftp-client.c by Tim Rice
4095 <tim@multitalents.net>
Ben Lindstrom970c0092001-02-17 16:51:07 +00004096 - (Bal) Patch for lack of RA_RESTART in misc.c for mysignal by
4097 stevesk
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004098 - (djm) Fix my breaking of cygwin builds, Patch from Corinna Vinschen
Damien Miller2deb3f62001-02-18 12:30:55 +11004099 <vinschen@redhat.com> and myself.
Damien Miller0a4e27d2001-02-18 12:36:39 +11004100 - (djm) Close listen_sock on bind() failures. Patch from Arkadiusz
4101 Miskiewicz <misiek@pld.ORG.PL>
Damien Millerb3ffc5f2001-02-18 12:44:29 +11004102 - (djm) Robustify EGD/PRNGd code in face of socket closures. Patch from
4103 Todd C. Miller <Todd.Miller@courtesan.com>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004104 - (djm) Use ttyname() to determine name of tty returned by openpty()
4105 rather then risking overflow. Patch from Marek Michalkiewicz
Damien Miller99e92432001-02-18 12:49:35 +11004106 <marekm@amelek.gda.pl>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004107 - (djm) Swapped tests for no_libsocket and no_libnsl in configure.in.
Damien Miller22d5aa72001-02-18 12:49:57 +11004108 Patch from Marek Michalkiewicz <marekm@amelek.gda.pl>
Damien Miller86093322001-02-18 12:58:24 +11004109 - (djm) Doc fixes from Pekka Savola <pekkas@netcore.fi>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004110 - (djm) Use SA_INTERRUPT along SA_RESTART if present (equivalent for
Damien Miller0318e2e2001-02-18 13:04:23 +11004111 SunOS)
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004112 - (djm) SCO needs librpc for libwrap. Patch from Tim Rice
Damien Millerdf288022001-02-18 13:07:07 +11004113 <tim@multitalents.net>
Kevin Steveseff26f22001-02-18 03:42:02 +00004114 - (stevesk) misc.c: cpp rework of SA_(INTERRUPT|RESTART) handling.
Kevin Steves93c17d92001-02-18 03:55:16 +00004115 - (stevesk) scp.c: use mysignal() for updateprogressmeter() handler.
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004116 - (djm) SA_INTERRUPT is the converse of SA_RESTART, apply it only for
Damien Miller722ccb12001-02-18 15:18:43 +11004117 SIGALRM.
Damien Millera1072a82001-02-18 15:28:11 +11004118 - (djm) Move entropy.c over to mysignal()
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004119 - (djm) SunOS 4.x also needs to define HAVE_BOGUS_SYS_QUEUE_H as it has
4120 a <sys/queue.h> that lacks the TAILQ_* macros. Patch from Todd C.
Damien Miller877d8ea2001-02-18 15:29:28 +11004121 Miller <Todd.Miller@courtesan.com>
Damien Miller75da9a92001-02-18 15:43:07 +11004122 - (djm) Update RPM spec files for 2.5.0p1
Damien Millerc32a5b12001-02-18 23:50:38 +11004123 - (djm) Merge BSD_AUTH support from Markus Friedl and David J. MacKenzie
4124 enable with --with-bsd-auth.
Kevin Steves4679f5b2001-02-18 11:34:32 +00004125 - (stevesk) entropy.c: typo; should be SIGPIPE
Ben Lindstrom6dc75f52001-02-17 16:47:47 +00004126
Ben Lindstrom813f9402001-02-16 15:56:31 +0000412720010217
4128 - (bal) OpenBSD Sync:
4129 - markus@cvs.openbsd.org 2001/02/16 13:38:18
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004130 [channel.c]
4131 remove debug
Ben Lindstrom8dcdeb82001-02-16 16:02:14 +00004132 - markus@cvs.openbsd.org 2001/02/16 14:03:43
4133 [session.c]
4134 proper payload-length check for x11 w/o screen-number
Ben Lindstrom813f9402001-02-16 15:56:31 +00004135
Ben Lindstrom4e5a0aa2001-02-15 18:16:22 +0000413620010216
4137 - (bal) added '--with-prce' to allow overriding of system regex when
4138 required (tested by David Dulek <ddulek@fastenal.com>)
Ben Lindstrom58055132001-02-15 18:34:29 +00004139 - (bal) Added DG/UX case and set that they have a broken IPTOS.
Damien Millerc547bf12001-02-16 10:18:12 +11004140 - (djm) Mini-configure reorder patch from Tim Rice <tim@multitalents.net>
4141 Fixes linking on SCO.
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004142 - (djm) Make gnome-ssh-askpass handle multi-line prompts. Patch from
Damien Millerb5e85a52001-02-16 11:18:58 +11004143 Nalin Dahyabhai <nalin@redhat.com>
4144 - (djm) BSD license for gnome-ssh-askpass (was X11)
4145 - (djm) KNF on gnome-ssh-askpass
Damien Miller5dfe9762001-02-16 12:05:39 +11004146 - (djm) USE_PIPES for a few more sysv platforms
4147 - (djm) Cleanup configure.in a little
4148 - (djm) Ask users to check config.log when we can't find necessary libs
Damien Miller217f5672001-02-16 12:12:41 +11004149 - (djm) Set "login ID" on systems with setluid. Only enabled for SCO
4150 OpenServer for now. Based on patch from svaughan <svaughan@asterion.com>
Damien Miller79438cc2001-02-16 12:34:57 +11004151 - (djm) OpenBSD CVS:
4152 - markus@cvs.openbsd.org 2001/02/15 16:19:59
4153 [channels.c channels.h serverloop.c sshconnect.c sshconnect.h]
4154 [sshconnect1.c sshconnect2.c]
4155 genericize password padding function for SSH1 and SSH2.
4156 add stylized echo to 2, too.
4157 - (djm) Add roundup() macro to defines.h
Kevin Steves799bed82001-02-16 14:58:12 +00004158 - (stevesk) set SA_RESTART flag in mysignal() for SIGCHLD;
4159 needed on Unixware 2.x.
Ben Lindstrom4e5a0aa2001-02-15 18:16:22 +00004160
Damien Millere8b5b042001-02-15 11:32:15 +1100416120010215
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004162 - (djm) Move PAM session setup back to before setuid to user. Fixes
Damien Millere8b5b042001-02-15 11:32:15 +11004163 problems on Solaris-derived PAMs.
Damien Miller646aa602001-02-15 11:51:32 +11004164 - (djm) Clean up PAM namespace. Suggested by Darren Moffat
4165 <Darren.Moffat@eng.sun.com>
Ben Lindstrom4272ed82001-02-15 02:36:46 +00004166 - (bal) Sync w/ OpenSSH for new release
4167 - markus@cvs.openbsd.org 2001/02/12 12:45:06
4168 [sshconnect1.c]
4169 fix xmalloc(0), ok dugsong@
Ben Lindstrom06b33aa2001-02-15 03:01:59 +00004170 - markus@cvs.openbsd.org 2001/02/11 12:59:25
4171 [Makefile.in sshd.8 sshconnect2.c readconf.h readconf.c packet.c
4172 sshd.c ssh.c ssh.1 servconf.h servconf.c myproposal.h kex.h kex.c]
4173 1) clean up the MAC support for SSH-2
4174 2) allow you to specify the MAC with 'ssh -m'
4175 3) or the 'MACs' keyword in ssh(d)_config
4176 4) add hmac-{md5,sha1}-96
4177 ok stevesk@, provos@
Ben Lindstromd8a90212001-02-15 03:08:27 +00004178 - markus@cvs.openbsd.org 2001/02/12 16:16:23
4179 [auth-passwd.c auth.c auth.h auth1.c auth2.c servconf.c servconf.h
4180 ssh-keygen.c sshd.8]
4181 PermitRootLogin={yes,without-password,forced-commands-only,no}
4182 (before this change, root could login even if PermitRootLogin==no)
Ben Lindstrom0a7e3542001-02-15 03:50:49 +00004183 - deraadt@cvs.openbsd.org 2001/02/12 22:56:09
Ben Lindstromf9452512001-02-15 03:12:08 +00004184 [clientloop.c packet.c ssh-keyscan.c]
4185 deal with EAGAIN/EINTR selects which were skipped
Ben Lindstrom0a7e3542001-02-15 03:50:49 +00004186 - markus@cvs.openssh.org 2001/02/13 22:49:40
4187 [auth1.c auth2.c]
4188 setproctitle(user) only if getpwnam succeeds
4189 - markus@cvs.openbsd.org 2001/02/12 23:26:20
4190 [sshd.c]
4191 missing memset; from solar@openwall.com
4192 - stevesk@cvs.openbsd.org 2001/02/12 20:53:33
4193 [sftp-int.c]
4194 lumask now works with 1 numeric arg; ok markus@, djm@
4195 - djm@cvs.openbsd.org 2001/02/14 9:46:03
4196 [sftp-client.c sftp-int.c sftp.1]
4197 Fix and document 'preserve modes & times' option ('-p' flag in sftp);
4198 ok markus@
Damien Miller09214542001-02-15 15:33:17 +11004199 - (bal) replaced PATH_MAX in sftp-int.c w/ MAXPATHLEN.
4200 - (djm) Move to Jim's 1.2.0 X11 askpass program
Kevin Stevesb7f036f2001-02-15 17:27:15 +00004201 - (stevesk) OpenBSD sync:
4202 - deraadt@cvs.openbsd.org 2001/02/15 01:38:04
4203 [serverloop.c]
4204 indent
Damien Miller09214542001-02-15 15:33:17 +11004205
Damien Miller3dfeee42001-02-14 00:43:55 +1100420620010214
4207 - (djm) Don't try to close PAM session or delete credentials if the
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004208 session has not been open or credentials not set. Based on patch from
Damien Miller3dfeee42001-02-14 00:43:55 +11004209 Andrew Bartlett <abartlet@pcug.org.au>
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004210 - (djm) Move PAM session initialisation until after fork in sshd. Patch
Damien Miller6b4146a2001-02-14 00:45:51 +11004211 from Nalin Dahyabhai <nalin@redhat.com>
Ben Lindstrom116b6bd2001-02-13 14:05:59 +00004212 - (bal) Missing function prototype in bsd-snprintf.c patch by
4213 Mark Miller <markm@swoon.net>
Damien Miller92ddb7d2001-02-14 01:25:23 +11004214 - (djm) Split out and improve OSF SIA auth code. Patch from Chris Adams
4215 <cmadams@hiwaay.net> with a little modification and KNF.
Kevin Steves7fafa5c2001-02-13 18:45:00 +00004216 - (stevesk) fix for SIA patch, misplaced session_setup_sia()
Damien Miller3dfeee42001-02-14 00:43:55 +11004217
Ben Lindstrom5d8520a2001-02-12 15:57:18 +0000421820010213
Damien Millerd8ab0d42001-02-13 12:11:17 +11004219 - (djm) Only test -S potential EGD sockets if they exist and are readable.
Ben Lindstrom6c92dab2001-02-13 02:18:50 +00004220 - (bal) Cleaned out bsd-snprintf.c. VARARGS have been banished and
4221 I did a base KNF over the whe whole file to make it more acceptable.
4222 (backed out of original patch and removed it from ChangeLog)
Ben Lindstrom34bb0c72001-02-13 02:40:56 +00004223 - (bal) Use chown() if fchown() does not exist in ftp-server.c patch by
4224 Tim Rice <tim@multitalents.net>
Kevin Stevesbca8c8f2001-02-13 11:26:21 +00004225 - (stevesk) auth1.c: fix PAM passwordless check.
Ben Lindstrom5d8520a2001-02-12 15:57:18 +00004226
Damien Miller070ca312001-02-12 09:34:17 +1100422720010212
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004228 - (djm) Update Redhat specfile to allow --define "skip_x11_askpass 1",
4229 --define "skip_gnome_askpass 1", --define "rh7 1" and make the
4230 implicit rpm-3.0.5 dependancy explicit. Patch and suggestions from
Damien Miller070ca312001-02-12 09:34:17 +11004231 Pekka Savola <pekkas@netcore.fi>
Damien Millerf1720202001-02-12 11:15:41 +11004232 - (djm) Clean up PCRE text in INSTALL
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004233 - (djm) Fix OSF SIA auth NULL pointer deref. Report from Mike Battersby
Damien Miller61ce0362001-02-12 18:02:23 +11004234 <mib@unimelb.edu.au>
Ben Lindstrom603bdfd2001-02-12 07:29:45 +00004235 - (bal) NCR SVR4 compatiblity provide by Don Bragg <thewizarddon@yahoo.com>
Kevin Steves7f982bf2001-02-12 15:07:52 +00004236 - (stevesk) session.c: remove debugging code.
Damien Miller070ca312001-02-12 09:34:17 +11004237
Ben Lindstromf79aeff2001-02-10 21:27:11 +0000423820010211
4239 - (bal) OpenBSD Sync
4240 - markus@cvs.openbsd.org 2001/02/07 22:35:46
4241 [auth1.c auth2.c sshd.c]
4242 move k_setpag() to a central place; ok dugsong@
Ben Lindstromd1f20ec2001-02-10 21:31:53 +00004243 - markus@cvs.openbsd.org 2001/02/10 12:52:02
4244 [auth2.c]
4245 offer passwd before s/key
Ben Lindstrom075390a2001-02-10 21:34:46 +00004246 - markus@cvs.openbsd.org 2001/02/8 22:37:10
4247 [canohost.c]
4248 remove last call to sprintf; ok deraadt@
Ben Lindstrom874a0b32001-02-10 21:39:49 +00004249 - markus@cvs.openbsd.org 2001/02/10 1:33:32
4250 [canohost.c]
4251 add debug message, since sshd blocks here if DNS is not available
Ben Lindstromfdc9ab02001-02-10 21:45:02 +00004252 - markus@cvs.openbsd.org 2001/02/10 12:44:02
4253 [cli.c]
4254 don't call vis() for \r
Ben Lindstrom550bc542001-02-10 21:50:00 +00004255 - danh@cvs.openbsd.org 2001/02/10 0:12:43
4256 [scp.c]
4257 revert a small change to allow -r option to work again; ok deraadt@
4258 - danh@cvs.openbsd.org 2001/02/10 15:14:11
4259 [scp.c]
4260 fix memory leak; ok markus@
Ben Lindstrom27cb1d02001-02-10 21:59:35 +00004261 - djm@cvs.openbsd.org 2001/02/10 0:45:52
4262 [scp.1]
4263 Mention that you can quote pathnames with spaces in them
Ben Lindstrom8fd10b02001-02-10 22:11:13 +00004264 - markus@cvs.openbsd.org 2001/02/10 1:46:28
4265 [ssh.c]
4266 remove mapping of argv[0] -> hostname
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00004267 - markus@cvs.openbsd.org 2001/02/06 22:26:17
4268 [sshconnect2.c]
4269 do not ask for passphrase in batch mode; report from ejb@ql.org
4270 - itojun@cvs.opebsd.org 2001/02/08 10:47:05
Kevin Steves43276862001-02-11 13:56:43 +00004271 [sshconnect.c sshconnect1.c sshconnect2.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004272 %.30s is too short for IPv6 numeric address. use %.128s for now.
Ben Lindstrom03df5bd2001-02-10 22:16:41 +00004273 markus ok
4274 - markus@cvs.openbsd.org 2001/02/09 12:28:35
4275 [sshconnect2.c]
4276 do not free twice, thanks to /etc/malloc.conf
4277 - markus@cvs.openbsd.org 2001/02/09 17:10:53
4278 [sshconnect2.c]
4279 partial success: debug->log; "Permission denied" if no more auth methods
4280 - markus@cvs.openbsd.org 2001/02/10 12:09:21
4281 [sshconnect2.c]
4282 remove some lines
Ben Lindstrom36d7bd02001-02-10 22:27:19 +00004283 - markus@cvs.openbsd.org 2001/02/09 13:38:07
4284 [auth-options.c]
4285 reset options if no option is given; from han.holl@prismant.nl
Ben Lindstromb3211a82001-02-10 22:33:19 +00004286 - markus@cvs.openbsd.org 2001/02/08 21:58:28
4287 [channels.c]
4288 nuke sprintf, ok deraadt@
4289 - markus@cvs.openbsd.org 2001/02/08 21:58:28
4290 [channels.c]
4291 nuke sprintf, ok deraadt@
Ben Lindstrom9d3a8592001-02-10 22:44:12 +00004292 - markus@cvs.openbsd.org 2001/02/06 22:43:02
4293 [clientloop.h]
4294 remove confusing callback code
Ben Lindstrom4f7a64a2001-02-10 22:50:09 +00004295 - deraadt@cvs.openbsd.org 2001/02/08 14:39:36
4296 [readconf.c]
4297 snprintf
Ben Lindstrom28072eb2001-02-10 23:13:41 +00004298 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
4299 sync with netbsd tree changes.
4300 - more strict prototypes, include necessary headers
4301 - use paths.h/pathnames.h decls
4302 - size_t typecase to int -> u_long
Ben Lindstromc791beb2001-02-10 23:18:11 +00004303 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
4304 [ssh-keyscan.c]
4305 fix size_t -> int cast (use u_long). markus ok
4306 - markus@cvs.openbsd.org 2001/02/07 22:43:16
4307 [ssh-keyscan.c]
4308 s/getline/Linebuf_getline/; from roumen.petrov@skalasoft.com
4309 - itojun@cvs.openbsd.org 2001/02/09 9:04:59
4310 [ssh-keyscan.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004311 do not assume malloc() returns zero-filled region. found by
Ben Lindstromc791beb2001-02-10 23:18:11 +00004312 malloc.conf=AJ.
Ben Lindstromb6c06d92001-02-10 23:21:09 +00004313 - markus@cvs.openbsd.org 2001/02/08 22:35:30
4314 [sshconnect.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004315 don't connect if batch_mode is true and stricthostkeychecking set to
Ben Lindstromb6c06d92001-02-10 23:21:09 +00004316 'ask'
Ben Lindstrome9d04442001-02-10 23:26:35 +00004317 - djm@cvs.openbsd.org 2001/02/04 21:26:07
4318 [sshd_config]
4319 type: ok markus@
4320 - deraadt@cvs.openbsd.org 2001/02/06 22:07:50
4321 [sshd_config]
4322 enable sftp-server by default
Ben Lindstroma905ecd2001-02-10 23:34:54 +00004323 - deraadt 2001/02/07 8:57:26
4324 [xmalloc.c]
4325 deal with new ANSI malloc stuff
4326 - markus@cvs.openbsd.org 2001/02/07 16:46:08
4327 [xmalloc.c]
4328 typo in fatal()
4329 - itojun@cvs.openbsd.org 2001/02/07 18:04:50
4330 [xmalloc.c]
4331 fix size_t -> int cast (use u_long). markus ok
Ben Lindstromaa630de2001-02-10 23:44:47 +00004332 - 1.47 Thu Feb 8 23:11:42 GMT 2001 by dugsong
4333 [serverloop.c sshconnect1.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004334 mitigate SSH1 traffic analysis - from Solar Designer
Ben Lindstromaa630de2001-02-10 23:44:47 +00004335 <solar@openwall.com>, ok provos@
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004336 - (bal) fixed sftp-client.c. Return 'status' instead of '0'
Ben Lindstromb3211a82001-02-10 22:33:19 +00004337 (from the OpenBSD tree)
Ben Lindstrombe80af72001-02-10 23:06:02 +00004338 - (bal) Synced ssh.1, ssh-add.1 and sshd.8 w/ OpenBSD
Ben Lindstrom7e9aff52001-02-10 23:00:22 +00004339 - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync)
Ben Lindstrom70ea46a2001-02-10 23:30:16 +00004340 - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace.
Ben Lindstrome5b3fb32001-02-10 23:56:35 +00004341 - (bal) A bit more whitespace cleanup
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004342 - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett
Damien Millerbd5817d2001-02-11 22:35:11 +11004343 <abartlet@pcug.org.au>
Kevin Stevesfad3c512001-02-11 14:34:10 +00004344 - (stevesk) misc.c: ssh.h not needed.
Kevin Stevesbcc86272001-02-11 18:49:23 +00004345 - (stevesk) compat.c: more friendly cpp error
Kevin Stevesd85bf4b2001-02-11 16:43:05 +00004346 - (stevesk) OpenBSD sync:
4347 - stevesk@cvs.openbsd.org 2001/02/11 06:15:57
4348 [LICENSE]
4349 typos and small cleanup; ok deraadt@
Ben Lindstromf79aeff2001-02-10 21:27:11 +00004350
Damien Millerd7686fd2001-02-10 00:40:03 +1100435120010210
4352 - (djm) Sync sftp and scp stuff from OpenBSD:
4353 - djm@cvs.openbsd.org 2001/02/07 03:55:13
4354 [sftp-client.c]
4355 Don't free handles before we are done with them. Based on work from
4356 Corinna Vinschen <vinschen@redhat.com>. ok markus@
4357 - djm@cvs.openbsd.org 2001/02/06 22:32:53
4358 [sftp.1]
4359 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
4360 - deraadt@cvs.openbsd.org 2001/02/07 04:07:29
4361 [sftp.1]
4362 pretty up significantly
4363 - itojun@cvs.openbsd.org 2001/02/07 06:49:42
4364 [sftp.1]
4365 .Bl-.El mismatch. markus ok
4366 - djm@cvs.openbsd.org 2001/02/07 06:12:30
4367 [sftp-int.c]
4368 Check that target is a directory before doing ls; ok markus@
4369 - itojun@cvs.openbsd.org 2001/02/07 11:01:18
4370 [scp.c sftp-client.c sftp-server.c]
4371 unsigned long long -> %llu, not %qu. markus ok
4372 - stevesk@cvs.openbsd.org 2001/02/07 11:10:39
4373 [sftp.1 sftp-int.c]
4374 more man page cleanup and sync of help text with man page; ok markus@
4375 - markus@cvs.openbsd.org 2001/02/07 14:58:34
4376 [sftp-client.c]
4377 older servers reply with SSH2_FXP_NAME + count==0 instead of EOF
4378 - djm@cvs.openbsd.org 2001/02/07 15:27:19
4379 [sftp.c]
4380 Don't forward agent and X11 in sftp. Suggestion from Roumen Petrov
4381 <roumen.petrov@skalasoft.com>
4382 - stevesk@cvs.openbsd.org 2001/02/07 15:36:04
4383 [sftp-int.c]
4384 portable; ok markus@
4385 - stevesk@cvs.openbsd.org 2001/02/07 15:55:47
4386 [sftp-int.c]
4387 lowercase cmds[].c also; ok markus@
4388 - markus@cvs.openbsd.org 2001/02/07 17:04:52
4389 [pathnames.h sftp.c]
4390 allow sftp over ssh protocol 1; ok djm@
4391 - deraadt@cvs.openbsd.org 2001/02/08 07:38:55
4392 [scp.c]
4393 memory leak fix, and snprintf throughout
4394 - deraadt@cvs.openbsd.org 2001/02/08 08:02:02
4395 [sftp-int.c]
4396 plug a memory leak
4397 - stevesk@cvs.openbsd.org 2001/02/08 10:11:23
4398 [session.c sftp-client.c]
4399 %i -> %d
4400 - stevesk@cvs.openbsd.org 2001/02/08 10:57:59
4401 [sftp-int.c]
4402 typo
4403 - stevesk@cvs.openbsd.org 2001/02/08 15:28:07
4404 [sftp-int.c pathnames.h]
4405 _PATH_LS; ok markus@
4406 - djm@cvs.openbsd.org 2001/02/09 04:46:25
4407 [sftp-int.c]
4408 Check for NULL attribs for chown, chmod & chgrp operations, only send
4409 relevant attribs back to server; ok markus@
Damien Miller137465b2001-02-10 00:47:59 +11004410 - djm@cvs.openbsd.org 2001/02/06 15:05:25
4411 [sftp.c]
4412 Use getopt to process commandline arguments
4413 - djm@cvs.openbsd.org 2001/02/06 15:06:21
4414 [sftp.c ]
4415 Wait for ssh subprocess at exit
4416 - djm@cvs.openbsd.org 2001/02/06 15:18:16
4417 [sftp-int.c]
4418 stat target for remote chdir before doing chdir
4419 - djm@cvs.openbsd.org 2001/02/06 15:32:54
4420 [sftp.1]
4421 Punctuation fix from Pekka Savola <pekkas@netcore.fi>
4422 - provos@cvs.openbsd.org 2001/02/05 22:22:02
4423 [sftp-int.c]
4424 cleanup get_pathname, fix pwd after failed cd. okay djm@
Damien Millerd7686fd2001-02-10 00:40:03 +11004425 - (djm) Update makefile.in for _PATH_SFTP_SERVER
Ben Lindstromc5dbf7f2001-02-10 00:37:17 +00004426 - (bal) sftp-client.c replace NULL w/ 0 in do_ls() (pending in OpenBSD tree)
Damien Millerd7686fd2001-02-10 00:40:03 +11004427
Ben Lindstromefe35aa2001-02-08 16:34:56 +0000442820010209
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004429 - (bal) patch to vis.c to deal with HAVE_VIS right by Robert Mooney
Ben Lindstromefe35aa2001-02-08 16:34:56 +00004430 <rjmooney@mediaone.net>
Ben Lindstrom40f41512001-02-08 18:05:17 +00004431 - (bal) .c.o rule in openbsd-compat/Makefile.in did not make it to the
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004432 main tree while porting forward. Pointed out by Lutz Jaenicke
Ben Lindstrom40f41512001-02-08 18:05:17 +00004433 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromfc032bb2001-02-08 18:40:09 +00004434 - (bal) double entry in configure.in. Pointed out by Lutz Jaenicke
4435 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Kevin Steves4abe4de2001-02-08 19:16:32 +00004436 - (stevesk) OpenBSD sync:
4437 - markus@cvs.openbsd.org 2001/02/08 11:20:01
4438 [auth2.c]
4439 strict checking
4440 - markus@cvs.openbsd.org 2001/02/08 11:15:22
4441 [version.h]
4442 update to 2.3.2
4443 - markus@cvs.openbsd.org 2001/02/08 11:12:30
4444 [auth2.c]
4445 fix typo
Damien Milleraf13cca2001-02-09 12:01:51 +11004446 - (djm) Update spec files
Ben Lindstromf6b7b092001-02-09 01:23:39 +00004447 - (bal) OpenBSD sync:
4448 - deraadt@cvs.openbsd.org 2001/02/08 14:38:54
4449 [scp.c]
4450 memory leak fix, and snprintf throughout
Ben Lindstrom5b828322001-02-09 01:34:36 +00004451 - markus@cvs.openbsd.org 2001/02/06 22:43:02
4452 [clientloop.c]
4453 remove confusing callback code
Damien Millere9cf3572001-02-09 12:55:35 +11004454 - (djm) Add CVS Id's to files that we have missed
Ben Lindstrom31ca54a2001-02-09 02:11:24 +00004455 - (bal) OpenBSD Sync (more):
4456 - itojun@cvs.openbsd.org 2001/02/08 19:30:52
4457 sync with netbsd tree changes.
4458 - more strict prototypes, include necessary headers
4459 - use paths.h/pathnames.h decls
4460 - size_t typecase to int -> u_long
Ben Lindstrom1e7d3062001-02-09 02:36:43 +00004461 - markus@cvs.openbsd.org 2001/02/06 22:07:42
4462 [ssh.c]
4463 fatal() if subsystem fails
4464 - markus@cvs.openbsd.org 2001/02/06 22:43:02
4465 [ssh.c]
4466 remove confusing callback code
4467 - jakob@cvs.openbsd.org 2001/02/06 23:03:24
4468 [ssh.c]
4469 add -1 option (force protocol version 1). ok markus@
4470 - jakob@cvs.openbsd.org 2001/02/06 23:06:21
4471 [ssh.c]
4472 reorder -{1,2,4,6} options. ok markus@
Ben Lindstromb0407fc2001-02-09 02:23:10 +00004473 - (bal) Missing 'const' in readpass.h
Ben Lindstrom288cc392001-02-09 02:58:04 +00004474 - (bal) OpenBSD Sync (so at least the thing compiles for 2.3.2 =)
4475 - djm@cvs.openbsd.org 2001/02/06 23:30:28
4476 [sftp-client.c]
4477 replace arc4random with counter for request ids; ok markus@
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004478 - (djm) Define _PATH_TTY for systems that don't. Report from Lutz
Damien Miller4192c462001-02-09 22:55:16 +11004479 Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromefe35aa2001-02-08 16:34:56 +00004480
Damien Miller3d0a7d52001-02-08 08:22:47 +1100448120010208
4482 - (djm) Don't delete external askpass program in make uninstall target.
4483 Report and fix from Roumen Petrov <roumen.petrov@skalasoft.com>
Damien Miller4864e8f2001-02-08 10:07:08 +11004484 - (djm) Fix linking of sftp, don't need arc4random any more.
4485 - (djm) Try to use shell that supports "test -S" for EGD socket search.
4486 Based on patch from Tim Rice <tim@multitalents.net>
Damien Miller3d0a7d52001-02-08 08:22:47 +11004487
Damien Miller4855ae92001-02-07 23:21:31 +1100448820010207
Ben Lindstrom582d3982001-02-06 22:54:30 +00004489 - (bal) Save the whole path to AR in configure. Some Solaris 2.7 installs
4490 seem lose track of it while in openbsd-compat/ (two confirmed reports)
Damien Miller63dc3e92001-02-07 12:58:33 +11004491 - (djm) Much KNF on PAM code
Damien Miller4855ae92001-02-07 23:21:31 +11004492 - (djm) Revise auth-pam.c conversation function to be a little more
4493 readable.
Damien Miller63dc3e92001-02-07 12:58:33 +11004494 - (djm) Revise kbd-int PAM conversation function to fold all text messages
4495 to before first prompt. Fixes hangs if last pam_message did not require
4496 a reply.
4497 - (djm) Fix password changing when using PAM kbd-int authentication
Ben Lindstrom582d3982001-02-06 22:54:30 +00004498
Damien Miller4855ae92001-02-07 23:21:31 +1100449920010205
Kevin Stevesef4eea92001-02-05 12:42:17 +00004500 - (bal) Disable groupaccess by setting NGROUPS_MAX to 0 for platforms
Ben Lindstrom03f07b42001-02-04 20:44:01 +00004501 that don't have NGROUPS_MAX.
Ben Lindstromd2ddda42001-02-04 21:57:11 +00004502 - (bal) AIX patch for auth1.c by William L. Jones <jones@hpc.utexas.edu>
Kevin Stevesef4eea92001-02-05 12:42:17 +00004503 - (stevesk) OpenBSD sync:
4504 - stevesk@cvs.openbsd.org 2001/02/04 08:32:27
4505 [many files; did this manually to our top-level source dir]
4506 unexpand and remove end-of-line whitespace; ok markus@
Kevin Steves8e743932001-02-05 13:24:35 +00004507 - stevesk@cvs.openbsd.org 2001/02/04 15:21:19
4508 [sftp-server.c]
4509 SSH2_FILEXFER_ATTR_UIDGID support; ok markus@
Kevin Steves62c45db2001-02-05 13:42:43 +00004510 - deraadt@cvs.openbsd.org 2001/02/04 17:02:32
4511 [sftp-int.c]
4512 ? == help
4513 - deraadt@cvs.openbsd.org 2001/02/04 16:47:46
4514 [sftp-int.c]
4515 sort commands, so that abbreviations work as expected
4516 - stevesk@cvs.openbsd.org 2001/02/04 15:17:52
4517 [sftp-int.c]
4518 debugging sftp: precedence and missing break. chmod, chown, chgrp
4519 seem to be working now.
4520 - markus@cvs.openbsd.org 2001/02/04 14:41:21
4521 [sftp-int.c]
4522 use base 8 for umask/chmod
4523 - markus@cvs.openbsd.org 2001/02/04 11:11:54
4524 [sftp-int.c]
4525 fix LCD
Kevin Steves3c034ae2001-02-05 13:47:11 +00004526 - markus@cvs.openbsd.org 2001/02/04 08:10:44
4527 [ssh.1]
4528 typo; dpo@club-internet.fr
Kevin Steves0afcc9f2001-02-05 13:57:36 +00004529 - stevesk@cvs.openbsd.org 2001/02/04 06:30:12
4530 [auth2.c authfd.c packet.c]
4531 remove duplicate #include's; ok markus@
Kevin Stevesadf74cd2001-02-05 14:22:50 +00004532 - deraadt@cvs.openbsd.org 2001/02/04 16:56:23
4533 [scp.c sshd.c]
4534 alpha happiness
4535 - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
4536 [sshd.c]
4537 precedence; ok markus@
Kevin Steves12057502001-02-05 14:54:34 +00004538 - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
Kevin Stevesadf74cd2001-02-05 14:22:50 +00004539 [ssh.c sshd.c]
4540 make the alpha happy
Kevin Steves12057502001-02-05 14:54:34 +00004541 - markus@cvs.openbsd.org 2001/01/31 13:37:24
4542 [channels.c channels.h serverloop.c ssh.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004543 do not disconnect if local port forwarding fails, e.g. if port is
Damien Miller4855ae92001-02-07 23:21:31 +11004544 already in use
Kevin Steves12057502001-02-05 14:54:34 +00004545 - markus@cvs.openbsd.org 2001/02/01 14:58:09
4546 [channels.c]
4547 use ipaddr in channel messages, ietf-secsh wants this
4548 - markus@cvs.openbsd.org 2001/01/31 12:26:20
4549 [channels.c]
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004550 ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE
Damien Miller4855ae92001-02-07 23:21:31 +11004551 messages; bug report from edmundo@rano.org
Kevin Stevese27a5e02001-02-05 15:15:27 +00004552 - markus@cvs.openbsd.org 2001/01/31 13:48:09
4553 [sshconnect2.c]
4554 unused
Kevin Stevesec1c1402001-02-05 15:39:22 +00004555 - deraadt@cvs.openbsd.org 2001/02/04 08:23:08
4556 [sftp-client.c sftp-server.c]
4557 make gcc on the alpha even happier
Ben Lindstrom75713c92001-02-04 20:27:44 +00004558
Damien Miller4855ae92001-02-07 23:21:31 +1100455920010204
Ben Lindstrom70442532001-02-03 21:31:22 +00004560 - (bal) I think this is the last of the bsd-*.h that don't belong.
Ben Lindstrom684ba4c2001-02-03 21:53:47 +00004561 - (bal) Minor Makefile fix
Ben Lindstrom1c56a012001-02-03 21:58:12 +00004562 - (bal) openbsd-compat/Makefile minor fix. Ensure dependancies are done
Damien Miller33804262001-02-04 23:20:18 +11004563 right.
Ben Lindstromb0c2eeb2001-02-03 22:15:00 +00004564 - (bal) Changed order of LIB="" in -with-skey due to library resolving.
Ben Lindstrom45cb2932001-02-04 09:41:33 +00004565 - (bal) next-posix.h changed to bsd-nextstep.h
Damien Miller33804262001-02-04 23:20:18 +11004566 - (djm) OpenBSD CVS sync:
4567 - markus@cvs.openbsd.org 2001/02/03 03:08:38
4568 [auth-options.c auth-rh-rsa.c auth-rhosts.c auth.c canohost.c]
4569 [canohost.h servconf.c servconf.h session.c sshconnect1.c sshd.8]
4570 [sshd_config]
4571 make ReverseMappingCheck optional in sshd_config; ok djm@,dugsong@
4572 - markus@cvs.openbsd.org 2001/02/03 03:19:51
4573 [ssh.1 sshd.8 sshd_config]
4574 Skey is now called ChallengeResponse
4575 - markus@cvs.openbsd.org 2001/02/03 03:43:09
4576 [sshd.8]
4577 use no-pty option in .ssh/authorized_keys* if you need a 8-bit clean
4578 channel. note from Erik.Anggard@cygate.se (pr/1659)
4579 - stevesk@cvs.openbsd.org 2001/02/03 10:03:06
4580 [ssh.1]
4581 typos; ok markus@
4582 - djm@cvs.openbsd.org 2001/02/04 04:11:56
4583 [scp.1 sftp-server.c ssh.1 sshd.8 sftp-client.c sftp-client.h]
4584 [sftp-common.c sftp-common.h sftp-int.c sftp-int.h sftp.1 sftp.c]
4585 Basic interactive sftp client; ok theo@
4586 - (djm) Update RPM specs for new sftp binary
Ben Lindstrom0dd676a2001-07-18 16:05:50 +00004587 - (djm) Update several bits for new optional reverse lookup stuff. I
Damien Miller33804262001-02-04 23:20:18 +11004588 think I got them all.
Damien Millerb797b922001-02-04 23:27:00 +11004589 - (djm) Makefile.in fixes
Kevin Stevesb6e773a2001-02-04 13:20:36 +00004590 - (stevesk) add mysignal() wrapper and use it for the protocol 2
4591 SIGCHLD handler.
Kevin Steves8e743932001-02-05 13:24:35 +00004592 - (djm) Use setvbuf() instead of setlinebuf(). Suggest from stevesk@
Ben Lindstrom70442532001-02-03 21:31:22 +00004593
Damien Miller4855ae92001-02-07 23:21:31 +1100459420010203
Ben Lindstromdd5c5a32001-02-02 18:58:33 +00004595 - (bal) Cygwin clean up by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom64136352001-02-02 19:03:13 +00004596 - (bal) renamed queue.h to fake-queue.h (even if it's an OpenBSD
4597 based file) to ensure #include space does not get confused.
Ben Lindstrome6b3b7b2001-02-03 00:33:04 +00004598 - (bal) Minor Makefile.in tweak. dirname may not exist on some
4599 platforms so builds fail. (NeXT being a well known one)
Ben Lindstromdd5c5a32001-02-02 18:58:33 +00004600
Damien Miller4855ae92001-02-07 23:21:31 +1100460120010202
Damien Miller33804262001-02-04 23:20:18 +11004602 - (bal) Makefile fix where sourcedir != builddir by Corinna Vinschen
Ben Lindstrom2ffbbe62001-02-02 00:00:54 +00004603 <vinschen@redhat.com>
Ben Lindstrom25a77852001-02-02 10:17:46 +00004604 - (bal) Makefile fix to use $(MAKE) instead of 'make' for platforms
4605 that use 'gmake'. Patch by Tim Rice <tim@multitalents.net>
Ben Lindstrom2ffbbe62001-02-02 00:00:54 +00004606
Damien Miller4855ae92001-02-07 23:21:31 +1100460720010201
Ben Lindstrome03c85d2001-02-01 14:06:11 +00004608 - (bal) Minor fix to Makefile to stop rebuilding executables if no
4609 changes have occured to any of the supporting code. Patch by
4610 Roumen Petrov <roumen.petrov@skalasoft.com>
4611
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000461220010131
Damien Miller3c4659c2001-01-31 09:52:43 +11004613 - (djm) OpenBSD CVS Sync:
4614 - djm@cvs.openbsd.org 2001/01/30 15:48:53
4615 [sshconnect.c]
4616 Make warning message a little more consistent. ok markus@
Damien Miller709528a2001-01-31 09:57:55 +11004617 - (djm) Fix autoconf logic for --with-lastlog=no Report and diagnosis from
4618 Philipp Buehler <lists@fips.de> and Kevin Steves <stevesk@sweden.hp.com>
4619 respectively.
Damien Millerbf757762001-01-31 10:50:49 +11004620 - (djm) Don't log SSH2 PAM KbdInt responses to debug, they may contain
4621 passwords.
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +00004622 - (bal) Reorder. Move all bsd-*, fake-*, next-*, and cygwin* stuff to
4623 openbsd-compat/. And resolve all ./configure and Makefile.in issues
4624 assocated.
Damien Miller3c4659c2001-01-31 09:52:43 +11004625
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000462620010130
Damien Miller5e953212001-01-30 09:14:00 +11004627 - (djm) OpenBSD CVS Sync:
4628 - markus@cvs.openbsd.org 2001/01/29 09:55:37
4629 [channels.c channels.h clientloop.c serverloop.c]
4630 fix select overflow; ok deraadt@ and stevesk@
Damien Millerd83ff352001-01-30 09:19:34 +11004631 - markus@cvs.openbsd.org 2001/01/29 12:42:35
4632 [canohost.c canohost.h channels.c clientloop.c]
4633 add get_peer_ipaddr(socket), x11-fwd in ssh2 requires ipaddr, not DNS
Damien Miller7650bc62001-01-30 09:27:26 +11004634 - markus@cvs.openbsd.org 2001/01/29 12:47:32
4635 [rsa.c rsa.h ssh-agent.c sshconnect1.c sshd.c]
4636 handle rsa_private_decrypt failures; helps against the Bleichenbacher
4637 pkcs#1 attack
Damien Miller832562e2001-01-30 09:30:01 +11004638 - djm@cvs.openbsd.org 2001/01/29 05:36:11
4639 [ssh.1 ssh.c]
4640 Allow invocation of sybsystem by commandline (-s); ok markus@
Kevin Stevesb6b4a7a2001-01-30 18:31:43 +00004641 - (stevesk) configure.in: remove duplicate PROG_LS
Damien Miller5e953212001-01-30 09:14:00 +11004642
Ben Lindstrom3c06f6a2001-01-31 21:52:01 +0000464320010129
Kevin Stevesb71eb582001-01-29 16:57:27 +00004644 - (stevesk) sftp-server.c: use %lld vs. %qd
4645
Ben Lindstrom49af82b2001-01-27 20:43:57 +0000464620010128
4647 - (bal) Put USE_PIPES back into sco3.2v5
Ben Lindstrom36579d32001-01-29 07:39:26 +00004648 - (bal) OpenBSD Sync
Ben Lindstromd5390202001-01-29 08:07:43 +00004649 - markus@cvs.openbsd.org 2001/01/28 10:15:34
4650 [dispatch.c]
4651 re-keying is not supported; ok deraadt@
Ben Lindstrom035782e2001-01-29 08:34:16 +00004652 - markus@cvs.openbsd.org 2001/01/28 10:24:04
Ben Lindstrom8eec2c82001-01-29 08:39:16 +00004653 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
Ben Lindstrom035782e2001-01-29 08:34:16 +00004654 cleanup AUTHORS sections
Ben Lindstromd5390202001-01-29 08:07:43 +00004655 - markus@cvs.openbsd.org 2001/01/28 10:37:26
Ben Lindstromc12a6b72001-01-29 08:41:05 +00004656 [sshd.c sshd.8]
Ben Lindstromd5390202001-01-29 08:07:43 +00004657 remove -Q, no longer needed
4658 - stevesk@cvs.openbsd.org 2001/01/28 20:36:16
Ben Lindstromeb930d42001-01-29 08:37:08 +00004659 [readconf.c ssh.1]
Ben Lindstromd5390202001-01-29 08:07:43 +00004660 ``StrictHostKeyChecking ask'' documentation and small cleanup.
4661 ok markus@
Ben Lindstroma7333502001-01-29 08:44:03 +00004662 - stevesk@cvs.openbsd.org 2001/01/28 20:43:25
Damien Miller33804262001-02-04 23:20:18 +11004663 [sshd.8]
Ben Lindstroma7333502001-01-29 08:44:03 +00004664 spelling. ok markus@
Ben Lindstrom91fd62a2001-01-29 08:10:11 +00004665 - stevesk@cvs.openbsd.org 2001/01/28 20:53:21
4666 [xmalloc.c]
4667 use size_t for strlen() return. ok markus@
Ben Lindstroma7333502001-01-29 08:44:03 +00004668 - stevesk@cvs.openbsd.org 2001/01/28 22:27:05
4669 [authfile.c]
4670 spelling. use sizeof vs. strlen(). ok markus@
Ben Lindstromd5390202001-01-29 08:07:43 +00004671 - niklas@cvs.openbsd.org 2001/01/29 1:59:14
Ben Lindstrom36579d32001-01-29 07:39:26 +00004672 [atomicio.h canohost.h clientloop.h deattack.h dh.h dispatch.h
4673 groupaccess.c groupaccess.h hmac.h hostfile.h includes.h kex.h
4674 key.h log.h login.h match.h misc.h myproposal.h nchan.ms pathnames.h
4675 radix.h readpass.h rijndael.h serverloop.h session.h sftp.h ssh-add.1
4676 ssh-dss.h ssh-keygen.1 ssh-keyscan.1 ssh-rsa.h ssh1.h ssh_config
4677 sshconnect.h sshd_config tildexpand.h uidswap.h uuencode.h]
4678 $OpenBSD$
Ben Lindstrom6d40c0f2001-01-29 09:02:24 +00004679 - (bal) Minor auth2.c resync. Whitespace and moving of an #include.
Ben Lindstrom49af82b2001-01-27 20:43:57 +00004680
Ben Lindstrom27eebe62001-01-25 23:04:22 +0000468120010126
Damien Miller33804262001-02-04 23:20:18 +11004682 - (bal) SSH_PROGRAM vs _PATH_SSH_PROGRAM fix pointed out by Roumen
Ben Lindstrom27eebe62001-01-25 23:04:22 +00004683 Petrov <roumen.petrov@skalasoft.com>
Ben Lindstrom77808ab2001-01-26 05:10:34 +00004684 - (bal) OpenBSD Sync
4685 - deraadt@cvs.openbsd.org 2001/01/25 8:06:33
4686 [ssh-agent.c]
4687 call _exit() in signal handler
Ben Lindstrom27eebe62001-01-25 23:04:22 +00004688
Damien Miller2a5c1ce2001-01-25 10:32:00 +1100468920010125
4690 - (djm) Sync bsd-* support files:
4691 - deraadt@cvs.openbsd.org 2000/01/26 03:43:20
4692 [rresvport.c bindresvport.c]
Damien Miller33804262001-02-04 23:20:18 +11004693 new bindresvport() semantics that itojun, shin, jean-luc and i have
Damien Miller2a5c1ce2001-01-25 10:32:00 +11004694 agreed on, which will be happy for the future. bindresvport_sa() for
4695 sockaddr *, too. docs later..
4696 - deraadt@cvs.openbsd.org 2000/01/24 02:24:21
4697 [bindresvport.c]
Damien Miller33804262001-02-04 23:20:18 +11004698 in bindresvport(), if sin is non-NULL, example sin->sin_family for
Damien Miller2a5c1ce2001-01-25 10:32:00 +11004699 the actual family being processed
Damien Miller0736c4d2001-01-25 10:51:46 +11004700 - (djm) Mention PRNGd in documentation, it is nicer than EGD
4701 - (djm) Automatically search for "well-known" EGD/PRNGd sockets in autoconf
Ben Lindstromec3830a2001-01-25 00:07:33 +00004702 - (bal) AC_FUNC_STRFTIME added to autoconf
Ben Lindstrom87b147f2001-01-25 00:41:12 +00004703 - (bal) OpenBSD Resync
4704 - stevesk@cvs.openbsd.org 2001/01/24 21:03:50
4705 [channels.c]
4706 missing freeaddrinfo(); ok markus@
Damien Miller2a5c1ce2001-01-25 10:32:00 +11004707
Ben Lindstrombda5bdc2001-01-23 16:09:51 +0000470820010124
4709 - (bal) OpenBSD Resync
4710 - markus@cvs.openbsd.org 2001/01/23 10:45:10
4711 [ssh.h]
Damien Miller33804262001-02-04 23:20:18 +11004712 nuke comment
Ben Lindstrom2396b302001-01-23 16:54:29 +00004713 - (bal) no 64bit support patch from Tim Rice <tim@multitalents.net>
4714 - (bal) #ifdef around S_IFSOCK if platform does not support it.
4715 patch by Tim Rice <tim@multitalents.net>
4716 - (bal) fake-regex.h cleanup based on Tim Rice's patch.
Kevin Stevesb6b37ba2001-01-24 20:01:44 +00004717 - (stevesk) sftp-server.c: fix chmod() mode mask
Ben Lindstrombda5bdc2001-01-23 16:09:51 +00004718
Ben Lindstromcb577332001-01-22 21:06:19 +0000471920010123
4720 - (bal) regexp.h typo in configure.in. Should have been regex.h
4721 - (bal) SSH_USER_DIR to _PATH_SSH_USER_DIR patch by stevesk@
Damien Miller33804262001-02-04 23:20:18 +11004722 - (bal) SSH_ASKPASS_DEFAULT to _PATH_SSH_ASKPASS_DEFAULT
Ben Lindstromb1985f72001-01-23 00:19:15 +00004723 - (bal) OpenBSD Resync
4724 - markus@cvs.openbsd.org 2001/01/22 8:15:00
4725 [auth-krb4.c sshconnect1.c]
4726 only AFS needs radix.[ch]
4727 - markus@cvs.openbsd.org 2001/01/22 8:32:53
4728 [auth2.c]
4729 no need to include; from mouring@etoh.eviladmin.org
4730 - stevesk@cvs.openbsd.org 2001/01/22 16:55:21
4731 [key.c]
4732 free() -> xfree(); ok markus@
4733 - stevesk@cvs.openbsd.org 2001/01/22 17:22:28
4734 [sshconnect2.c sshd.c]
4735 fix memory leaks in SSH2 key exchange; ok markus@
Ben Lindstrom95fb2dd2001-01-23 03:12:10 +00004736 - markus@cvs.openbsd.org 2001/01/22 23:06:39
4737 [auth1.c auth2.c readconf.c readconf.h servconf.c servconf.h
4738 sshconnect1.c sshconnect2.c sshd.c]
4739 rename skey -> challenge response.
4740 auto-enable kbd-interactive for ssh2 if challenge-reponse is enabled.
Ben Lindstromb1985f72001-01-23 00:19:15 +00004741
Ben Lindstromcb577332001-01-22 21:06:19 +00004742
Ben Lindstrom226cfa02001-01-22 05:34:40 +0000474320010122
4744 - (bal) OpenBSD Resync
4745 - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
4746 [servconf.c ssh.h sshd.c]
4747 only auth-chall.c needs #ifdef SKEY
4748 - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
4749 [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
4750 auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
4751 packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
4752 session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
4753 ssh1.h sshconnect1.c sshd.c ttymodes.c]
4754 move ssh1 definitions to ssh1.h, pathnames to pathnames.h
4755 - markus@cvs.openbsd.org 2001/01/19 16:48:14
4756 [sshd.8]
4757 fix typo; from stevesk@
4758 - markus@cvs.openbsd.org 2001/01/19 16:50:58
4759 [ssh-dss.c]
Damien Miller33804262001-02-04 23:20:18 +11004760 clear and free digest, make consistent with other code (use dlen); from
Ben Lindstrom226cfa02001-01-22 05:34:40 +00004761 stevesk@
4762 - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
4763 [auth-options.c auth-options.h auth-rsa.c auth2.c]
4764 pass the filename to auth_parse_options()
Damien Miller33804262001-02-04 23:20:18 +11004765 - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
Ben Lindstrom226cfa02001-01-22 05:34:40 +00004766 [readconf.c]
4767 fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
4768 - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
4769 [sshconnect2.c]
4770 dh_new_group() does not return NULL. ok markus@
4771 - markus@cvs.openbsd.org 2001/01/20 21:33:42
4772 [ssh-add.c]
Damien Miller33804262001-02-04 23:20:18 +11004773 do not loop forever if askpass does not exist; from
Ben Lindstrom226cfa02001-01-22 05:34:40 +00004774 andrew@pimlott.ne.mediaone.net
4775 - djm@cvs.openbsd.org 2001/01/20 23:00:56
4776 [servconf.c]
4777 Check for NULL return from strdelim; ok markus
4778 - djm@cvs.openbsd.org 2001/01/20 23:02:07
4779 [readconf.c]
4780 KNF; ok markus
4781 - jakob@cvs.openbsd.org 2001/01/21 9:00:33
4782 [ssh-keygen.1]
4783 remove -R flag; ok markus@
4784 - markus@cvs.openbsd.org 2001/01/21 19:05:40
4785 [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
4786 auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
4787 auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
4788 bufaux.c bufaux.h buffer.c canahost.c canahost.h channels.c
4789 cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
4790 deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
4791 key.c key.h log-client.c log-server.c log.c log.h login.c login.h
4792 match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
4793 readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
4794 session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
Damien Miller33804262001-02-04 23:20:18 +11004795 ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
Ben Lindstrom226cfa02001-01-22 05:34:40 +00004796 sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
4797 ttysmodes.c uidswap.c xmalloc.c]
Damien Miller33804262001-02-04 23:20:18 +11004798 split ssh.h and try to cleanup the #include mess. remove unnecessary
Ben Lindstrom226cfa02001-01-22 05:34:40 +00004799 #includes. rename util.[ch] -> misc.[ch]
4800 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
Damien Miller33804262001-02-04 23:20:18 +11004801 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
Ben Lindstrom226cfa02001-01-22 05:34:40 +00004802 conflict when compiling for non-kerb install
4803 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
4804 on 1/19.
4805
Ben Lindstromcf0809d2001-01-19 15:44:10 +0000480620010120
4807 - (bal) OpenBSD Resync
4808 - markus@cvs.openbsd.org 2001/01/19 12:45:26
4809 [ssh-chall.c servconf.c servconf.h ssh.h sshd.c]
4810 only auth-chall.c needs #ifdef SKEY
Ben Lindstrom401d58f2001-01-19 17:11:43 +00004811 - (bal) Slight auth2-pam.c clean up.
4812 - (bal) Includes a fake-regexp.h to be only used if regcomp() is found,
4813 but no 'regexp.h' found (SCO OpenServer 3 lacks the header).
Ben Lindstromcf0809d2001-01-19 15:44:10 +00004814
Damien Miller5aa80592001-01-19 14:03:40 +1100481520010119
4816 - (djm) Update versions in RPM specfiles
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00004817 - (bal) OpenBSD Resync
4818 - markus@cvs.openbsd.org 2001/01/18 16:20:21
4819 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1 ssh.h
4820 sshd.8 sshd.c]
Damien Miller33804262001-02-04 23:20:18 +11004821 log() is at pri=LOG_INFO, since LOG_NOTICE goes to /dev/console on many
Ben Lindstromdb65e8f2001-01-19 04:26:52 +00004822 systems
4823 - markus@cvs.openbsd.org 2001/01/18 16:59:59
4824 [auth-passwd.c auth.c auth.h auth1.c auth2.c serverloop.c session.c
4825 session.h sshconnect1.c]
4826 1) removes fake skey from sshd, since this will be much
4827 harder with /usr/libexec/auth/login_XXX
4828 2) share/unify code used in ssh-1 and ssh-2 authentication (server side)
4829 3) make addition of BSD_AUTH and other challenge reponse methods
4830 easier.
4831 - markus@cvs.openbsd.org 2001/01/18 17:12:43
4832 [auth-chall.c auth2-chall.c]
4833 rename *-skey.c *-chall.c since the files are not skey specific
Damien Miller22e22bf2001-01-19 15:46:38 +11004834 - (djm) Merge patch from Tim Waugh (via Nalin Dahyabhai <nalin@redhat.com>)
4835 to fix NULL pointer deref and fake authloop breakage in PAM code.
Ben Lindstromb100ec92001-01-19 05:37:32 +00004836 - (bal) Updated contrib/cygwin/ by Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom5dc81502001-01-19 06:10:29 +00004837 - (bal) Minor cygwin patch to auth1.c. Suggested by djm.
Damien Miller33804262001-02-04 23:20:18 +11004838
Ben Lindstrombf555ba2001-01-18 02:04:35 +0000483920010118
4840 - (bal) Super Sized OpenBSD Resync
4841 - markus@cvs.openbsd.org 2001/01/11 22:14:20 GMT 2001 by markus
4842 [sshd.c]
4843 maxfd+1
4844 - markus@cvs.openbsd.org 2001/01/13 17:59:18
4845 [ssh-keygen.1]
4846 small ssh-keygen manpage cleanup; stevesk@pobox.com
4847 - markus@cvs.openbsd.org 2001/01/13 18:03:07
4848 [scp.c ssh-keygen.c sshd.c]
4849 getopt() returns -1 not EOF; stevesk@pobox.com
4850 - markus@cvs.openbsd.org 2001/01/13 18:06:54
4851 [ssh-keyscan.c]
4852 use SSH_DEFAULT_PORT; from stevesk@pobox.com
4853 - markus@cvs.openbsd.org 2001/01/13 18:12:47
4854 [ssh-keyscan.c]
4855 free() -> xfree(); fix memory leak; from stevesk@pobox.com
4856 - markus@cvs.openbsd.org 2001/01/13 18:14:13
4857 [ssh-add.c]
4858 typo, from stevesk@sweden.hp.com
4859 - markus@cvs.openbsd.org 2001/01/13 18:32:50
Damien Miller33804262001-02-04 23:20:18 +11004860 [packet.c session.c ssh.c sshconnect.c sshd.c]
Ben Lindstrombf555ba2001-01-18 02:04:35 +00004861 split out keepalive from packet_interactive (from dale@accentre.com)
4862 set IPTOS_LOWDELAY TCP_NODELAY IPTOS_THROUGHPUT for ssh2, too.
4863 - markus@cvs.openbsd.org 2001/01/13 18:36:45
4864 [packet.c packet.h]
4865 reorder, typo
4866 - markus@cvs.openbsd.org 2001/01/13 18:38:00
4867 [auth-options.c]
4868 fix comment
4869 - markus@cvs.openbsd.org 2001/01/13 18:43:31
4870 [session.c]
4871 Wall
Damien Miller33804262001-02-04 23:20:18 +11004872 - markus@cvs.openbsd.org 2001/01/13 19:14:08
Ben Lindstrombf555ba2001-01-18 02:04:35 +00004873 [clientloop.h clientloop.c ssh.c]
4874 move callback to headerfile
4875 - markus@cvs.openbsd.org 2001/01/15 21:40:10
4876 [ssh.c]
4877 use log() instead of stderr
4878 - markus@cvs.openbsd.org 2001/01/15 21:43:51
4879 [dh.c]
4880 use error() not stderr!
4881 - markus@cvs.openbsd.org 2001/01/15 21:45:29
4882 [sftp-server.c]
4883 rename must fail if newpath exists, debug off by default
4884 - markus@cvs.openbsd.org 2001/01/15 21:46:38
4885 [sftp-server.c]
4886 readable long listing for sftp-server, ok deraadt@
4887 - markus@cvs.openbsd.org 2001/01/16 19:20:06
4888 [key.c ssh-rsa.c]
Damien Miller33804262001-02-04 23:20:18 +11004889 make "ssh-rsa" key format for ssh2 confirm to the ietf-drafts; from
4890 galb@vandyke.com. note that you have to delete older ssh2-rsa keys,
4891 since they are in the wrong format, too. they must be removed from
Ben Lindstrombf555ba2001-01-18 02:04:35 +00004892 .ssh/authorized_keys2 and .ssh/known_hosts2, etc.
Damien Miller33804262001-02-04 23:20:18 +11004893 (cd; grep -v ssh-rsa .ssh/authorized_keys2 > TMP && mv TMP
4894 .ssh/authorized_keys2) additionally, we now check that
Ben Lindstrombf555ba2001-01-18 02:04:35 +00004895 BN_num_bits(rsa->n) >= 768.
4896 - markus@cvs.openbsd.org 2001/01/16 20:54:27
4897 [sftp-server.c]
4898 remove some statics. simpler handles; idea from nisse@lysator.liu.se
4899 - deraadt@cvs.openbsd.org 2001/01/16 23:58:08
4900 [bufaux.c radix.c sshconnect.h sshconnect1.c]
4901 indent
4902 - (bal) Added bsd-strmode.[ch] since some non-OpenBSD platforms may
4903 be missing such feature.
4904
Damien Miller33804262001-02-04 23:20:18 +11004905
Damien Miller21de4502001-01-17 09:37:15 +1100490620010117
4907 - (djm) Only write random seed file at exit
Damien Millera64b57a2001-01-17 10:44:13 +11004908 - (djm) Make PAM support optional, enable with --with-pam
Damien Miller33804262001-02-04 23:20:18 +11004909 - (djm) Try to use libcrypt on Linux, but link it after OpenSSL (which
Damien Millera64b57a2001-01-17 10:44:13 +11004910 provides a crypt() of its own)
4911 - (djm) Avoid a warning in bsd-bindresvport.c
4912 - (djm) Try to avoid adding -I/usr/include to CPPFLAGS during SSL tests. This
Damien Miller33804262001-02-04 23:20:18 +11004913 can cause weird segfaults errors on Solaris
Damien Miller92e78f82001-01-17 11:10:48 +11004914 - (djm) Avoid warning in PAM code by making read_passphrase arguments const
Damien Miller01fa6382001-01-17 11:23:39 +11004915 - (djm) Add --with-pam to RPM spec files
Damien Miller21de4502001-01-17 09:37:15 +11004916
Ben Lindstrom200e3c92001-01-15 01:56:46 +0000491720010115
4918 - (bal) sftp-server.c change to use chmod() if fchmod() does not exist.
Ben Lindstrom42202bc2001-01-15 02:34:37 +00004919 - (bal) utimes() support via utime() interface on machine that lack utimes().
Ben Lindstrom200e3c92001-01-15 01:56:46 +00004920
Kevin Steves886b06c2001-01-14 00:35:19 +0000492120010114
4922 - (stevesk) initial work for OpenBSD "support supplementary group in
4923 {Allow,Deny}Groups" patch:
4924 - import getgrouplist.c from OpenBSD (bsd-getgrouplist.c)
4925 - add bsd-getgrouplist.h
4926 - new files groupaccess.[ch]
4927 - build but don't use yet (need to merge auth.c changes)
Kevin Steves7b61cfa2001-01-14 19:11:00 +00004928 - (stevesk) complete:
4929 - markus@cvs.openbsd.org 2001/01/13 11:56:48
4930 [auth.c sshd.8]
4931 support supplementary group in {Allow,Deny}Groups
4932 from stevesk@pobox.com
Damien Miller33804262001-02-04 23:20:18 +11004933
Ben Lindstrom2f959b42001-01-11 06:20:23 +0000493420010112
4935 - (bal) OpenBSD Sync
4936 - markus@cvs.openbsd.org 2001/01/10 22:56:22
4937 [bufaux.h bufaux.c sftp-server.c sftp.h getput.h]
4938 cleanup sftp-server implementation:
Damien Miller4855ae92001-02-07 23:21:31 +11004939 add buffer_get_int64, buffer_put_int64, GET_64BIT, PUT_64BIT
4940 parse SSH2_FILEXFER_ATTR_EXTENDED
4941 send SSH2_FX_EOF if readdir returns no more entries
4942 reply to SSH2_FXP_EXTENDED message
4943 use #defines from the draft
4944 move #definations to sftp.h
Ben Lindstrom2f959b42001-01-11 06:20:23 +00004945 more info:
Damien Miller33804262001-02-04 23:20:18 +11004946 http://www.ietf.org/internet-drafts/draft-ietf-secsh-filexfer-00.txt
Ben Lindstrom2f959b42001-01-11 06:20:23 +00004947 - markus@cvs.openbsd.org 2001/01/10 19:43:20
4948 [sshd.c]
4949 XXX - generate_empheral_server_key() is not safe against races,
Damien Miller33804262001-02-04 23:20:18 +11004950 because it calls log()
Ben Lindstrom2f959b42001-01-11 06:20:23 +00004951 - markus@cvs.openbsd.org 2001/01/09 21:19:50
4952 [packet.c]
4953 allow TCP_NDELAY for ipv6; from netbsd via itojun@
4954
Damien Millerfd9885e2001-01-10 08:16:53 +1100495520010110
4956 - (djm) SNI/Reliant Unix needs USE_PIPES and $DISPLAY hack. Report from
4957 Bladt Norbert <Norbert.Bladt@adi.ch>
4958
Ben Lindstrom4b27a532001-01-08 13:55:14 +0000495920010109
4960 - (bal) Resync CVS ID of cli.c
Kevin Steves99a05632001-01-08 20:54:36 +00004961 - (stevesk) auth1.c: free should be after WITH_AIXAUTHENTICATE
4962 code.
Ben Lindstrom48bd7c12001-01-09 00:35:42 +00004963 - (bal) OpenBSD Sync
4964 - markus@cvs.openbsd.org 2001/01/08 22:29:05
4965 [auth2.c compat.c compat.h servconf.c servconf.h sshd.8
4966 sshd_config version.h]
4967 implement option 'Banner /etc/issue.net' for ssh2, move version to
4968 2.3.1 (needed for bugcompat detection, 2.3.0 would fail if Banner
4969 is enabled).
4970 - markus@cvs.openbsd.org 2001/01/08 22:03:23
4971 [channels.c ssh-keyscan.c]
4972 O_NDELAY -> O_NONBLOCK; thanks stevesk@pobox.com
4973 - markus@cvs.openbsd.org 2001/01/08 21:55:41
4974 [sshconnect1.c]
4975 more cleanups and fixes from stevesk@pobox.com:
4976 1) try_agent_authentication() for loop will overwrite key just
4977 allocated with key_new(); don't alloc
4978 2) call ssh_close_authentication_connection() before exit
4979 try_agent_authentication()
4980 3) free mem on bad passphrase in try_rsa_authentication()
4981 - markus@cvs.openbsd.org 2001/01/08 21:48:17
4982 [kex.c]
4983 missing free; thanks stevesk@pobox.com
Ben Lindstrom0d5af602001-01-09 00:50:29 +00004984 - (bal) Detect if clock_t structure exists, if not define it.
4985 - (bal) Detect if O_NONBLOCK exists, if not define it.
4986 - (bal) removed news4-posix.h (now empty)
4987 - (bal) changed bsd-bindresvport.c and bsd-rresvport.c to use 'socklen_t'
4988 instead of 'int'
Kevin Steves8ee4f692001-01-09 15:28:46 +00004989 - (stevesk) sshd_config: sync
Kevin Steves69f8fb32001-01-09 18:09:13 +00004990 - (stevesk) defines.h: remove spurious ``;''
Ben Lindstrom4b27a532001-01-08 13:55:14 +00004991
Ben Lindstroma383baa2001-01-08 06:13:41 +0000499220010108
4993 - (bal) Fixed another typo in cli.c
4994 - (bal) OpenBSD Sync
4995 - markus@cvs.openbsd.org 2001/01/07 21:26:55
4996 [cli.c]
4997 typo
4998 - markus@cvs.openbsd.org 2001/01/07 21:26:55
4999 [cli.c]
5000 missing free, stevesk@pobox.com
5001 - markus@cvs.openbsd.org 2001/01/07 19:06:25
5002 [auth1.c]
5003 missing free, stevesk@pobox.com
5004 - markus@cvs.openbsd.org 2001/01/07 11:28:04
5005 [log-client.c log-server.c log.c readconf.c servconf.c ssh.1
5006 ssh.h sshd.8 sshd.c]
5007 rename SYSLOG_LEVEL_INFO->SYSLOG_LEVEL_NOTICE
5008 syslog priority changes:
5009 fatal() LOG_ERR -> LOG_CRIT
5010 log() LOG_INFO -> LOG_NOTICE
Ben Lindstrom48b2f732001-01-08 06:20:38 +00005011 - Updated TODO
Ben Lindstroma383baa2001-01-08 06:13:41 +00005012
Ben Lindstromd26dcf32001-01-06 15:18:16 +0000501320010107
5014 - (bal) OpenBSD Sync
5015 - markus@cvs.openbsd.org 2001/01/06 11:23:27
5016 [ssh-rsa.c]
5017 remove unused
5018 - itojun@cvs.openbsd.org 2001/01/05 08:23:29
5019 [ssh-keyscan.1]
5020 missing .El
5021 - markus@cvs.openbsd.org 2001/01/04 22:41:03
5022 [session.c sshconnect.c]
5023 consistent use of _PATH_BSHELL; from stevesk@pobox.com
5024 - djm@cvs.openbsd.org 2001/01/04 22:35:32
5025 [ssh.1 sshd.8]
5026 Mention AES as available SSH2 Cipher; ok markus
5027 - markus@cvs.openbsd.org 2001/01/04 22:25:58
5028 [sshd.c]
5029 sync usage()/man with defaults; from stevesk@pobox.com
5030 - markus@cvs.openbsd.org 2001/01/04 22:21:26
5031 [sshconnect2.c]
5032 handle SSH2_MSG_USERAUTH_BANNER; fixes bug when connecting to a server
5033 that prints a banner (e.g. /etc/issue.net)
Damien Miller33804262001-02-04 23:20:18 +11005034
Ben Lindstrom91c2a982001-01-04 22:54:50 +0000503520010105
5036 - (bal) contrib/caldera/ provided by Tim Rice <tim@multitalents.net>
Ben Lindstrom8835a892001-01-05 06:09:52 +00005037 - (bal) bsd-getcwd.c and bsd-setenv.c changed from bcopy() to memmove()
Ben Lindstrom91c2a982001-01-04 22:54:50 +00005038
Damien Millerd54e55c2001-01-04 09:07:12 +1100503920010104
5040 - (djm) Fix memory leak on systems with BROKEN_GETADDRINFO. Based on
5041 work by Chris Vaughan <vaughan99@yahoo.com>
5042
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +0000504320010103
5044 - (bal) fixed up sshconnect.c so it was closer inline with the OpenBSD
5045 tree (mainly positioning)
5046 - (bal) OpenSSH CVS Update
5047 - markus@cvs.openbsd.org 2001/01/02 20:41:02
5048 [packet.c]
5049 log remote ip on disconnect; PR 1600 from jcs@rt.fm
5050 - markus@cvs.openbsd.org 2001/01/02 20:50:56
5051 [sshconnect.c]
Damien Miller33804262001-02-04 23:20:18 +11005052 strict_host_key_checking for host_status != HOST_CHANGED &&
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00005053 ip_status == HOST_CHANGED
Damien Miller33804262001-02-04 23:20:18 +11005054 - (bal) authfile.c: Synced CVS ID tag
Ben Lindstrom3ad650a2001-01-03 06:02:51 +00005055 - (bal) UnixWare 2.0 fixes by Tim Rice <tim@multitalents.net>
5056 - (bal) Disable sftp-server if no 64bit int support exists. Based on
5057 patch by Tim Rice <tim@multitalents.net>
5058 - (bal) Makefile.in changes to uninstall: target to remove sftp-server
5059 and sftp-server.8 manpage.
Ben Lindstrom5c1fbab2001-01-03 03:51:15 +00005060
Ben Lindstrom88c33972001-01-02 04:55:52 +0000506120010102
5062 - (bal) OpenBSD CVS Update
5063 - markus@cvs.openbsd.org 2001/01/01 14:52:49
5064 [scp.c]
5065 use shared fatal(); from stevesk@pobox.com
5066
Ben Lindstromfa2d2232000-12-31 07:11:04 +0000506720001231
5068 - (bal) Reverted out of MAXHOSTNAMELEN. This should be set per OS.
5069 for multiple reasons.
Ben Lindstrom321ae732000-12-31 15:00:23 +00005070 - (bal) Reverted out of a partial NeXT patch.
Ben Lindstromfa2d2232000-12-31 07:11:04 +00005071
Ben Lindstrom2941f112000-12-29 16:50:13 +0000507220001230
5073 - (bal) OpenBSD CVS Update
5074 - markus@cvs.openbsd.org 2000/12/28 18:58:30
5075 [ssh-keygen.c]
5076 enable 'ssh-keygen -l -f ~/.ssh/{authorized_keys,known_hosts}{,2}
Ben Lindstrom6c3ae2b2000-12-30 03:25:14 +00005077 - markus@cvs.openbsd.org 2000/12/29 22:19:13
5078 [channels.c]
5079 missing xfree; from vaughan99@yahoo.com
Ben Lindstrom2941f112000-12-29 16:50:13 +00005080 - (bal) Resynced CVS ID with OpenBSD for channel.c and uidswap.c
Ben Lindstrombeac3b42000-12-29 21:21:26 +00005081 - (bal) if no MAXHOSTNAMELEN is defined. Default to 64 character defination.
Damien Millere142d412001-01-30 20:03:08 +11005082 Suggested by Christian Kurz <shorty@debian.org>
Ben Lindstromf5410352000-12-29 21:37:22 +00005083 - (bal) Add in '.c.o' section to Makefile.in to address make programs that
Damien Miller33804262001-02-04 23:20:18 +11005084 don't honor CPPFLAGS by default. Suggested by Lutz Jaenicke
Ben Lindstromf5410352000-12-29 21:37:22 +00005085 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstrom42717bf2000-12-28 15:46:20 +00005086
508720001229
Damien Miller33804262001-02-04 23:20:18 +11005088 - (bal) Fixed spelling of 'authorized_keys' in ssh-copy-id.1 by Christian
Damien Millere142d412001-01-30 20:03:08 +11005089 Kurz <shorty@debian.org>
Ben Lindstrom4dccfa52000-12-28 16:40:05 +00005090 - (bal) OpenBSD CVS Update
5091 - markus@cvs.openbsd.org 2000/12/28 14:25:51
5092 [auth.h auth2.c]
5093 count authentication failures only
5094 - markus@cvs.openbsd.org 2000/12/28 14:25:03
5095 [sshconnect.c]
5096 fingerprint for MITM attacks, too.
5097 - markus@cvs.openbsd.org 2000/12/28 12:03:57
5098 [sshd.8 sshd.c]
5099 document -D
5100 - markus@cvs.openbsd.org 2000/12/27 14:19:21
5101 [serverloop.c]
5102 less chatty
5103 - markus@cvs.openbsd.org 2000/12/27 12:34
5104 [auth1.c sshconnect2.c sshd.c]
5105 typo
5106 - markus@cvs.openbsd.org 2000/12/27 12:30:19
5107 [readconf.c readconf.h ssh.1 sshconnect.c]
5108 new option: HostKeyAlias: allow the user to record the host key
5109 under a different name. This is useful for ssh tunneling over
5110 forwarded connections or if you run multiple sshd's on different
5111 ports on the same machine.
5112 - markus@cvs.openbsd.org 2000/12/27 11:51:53
5113 [ssh.1 ssh.c]
5114 multiple -t force pty allocation, document ORIGINAL_COMMAND
5115 - markus@cvs.openbsd.org 2000/12/27 11:41:31
5116 [sshd.8]
5117 update for ssh-2
Kevin Stevese7652402000-12-28 22:16:00 +00005118 - (stevesk) compress.[ch] sync with openbsd; missed in prototype
5119 fix merge.
Ben Lindstrom42717bf2000-12-28 15:46:20 +00005120
Ben Lindstrome2fb8d32000-12-28 00:07:07 +0000512120001228
5122 - (bal) Patch to add libutil.h to loginrec.c only if the platform has
5123 libutil.h. Suggested by Pekka Savola <pekka@netcore.fi>
Damien Miller9fa07d62000-12-28 14:57:27 +11005124 - (djm) Update to new x11-askpass in RPM spec
Ben Lindstrom42717bf2000-12-28 15:46:20 +00005125 - (bal) SCO patch to not include <sys/queue.h> since it's unrelated
5126 header. Patch by Tim Rice <tim@multitalents.net>
5127 - Updated TODO w/ known HP/UX issue
5128 - (bal) removed extra <netdb.h> noticed by Kevin Steves and removed the
5129 bad reference to 'NeXT including it else were' on the #ifdef version.
Ben Lindstrome2fb8d32000-12-28 00:07:07 +00005130
Ben Lindstrom2c467a22000-12-27 04:57:41 +0000513120001227
Damien Miller33804262001-02-04 23:20:18 +11005132 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
Ben Lindstrom2c467a22000-12-27 04:57:41 +00005133 Takumi Yamane <yamtak@b-session.com>
5134 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
5135 by Corinna Vinschen <vinschen@redhat.com>
Damien Millerfa610a12000-12-27 16:44:51 +11005136 - (djm) Fix catman-do target for non-bash
Damien Miller33804262001-02-04 23:20:18 +11005137 - (bal) Typo in configure.in: entut?ent should be endut?ent. Suggested by
Ben Lindstrome2fb8d32000-12-28 00:07:07 +00005138 Takumi Yamane <yamtak@b-session.com>
5139 - (bal) Checks for getrlimit(), sysconf(), and setdtablesize(). Patch
5140 by Corinna Vinschen <vinschen@redhat.com>
5141 - (djm) Fix catman-do target for non-bash
Damien Miller33804262001-02-04 23:20:18 +11005142 - (bal) Fixed NeXT's lack of CPPFLAGS honoring.
5143 - (bal) ssh-keyscan.c: NeXT (and older BSDs) don't support getrlimit() w/
Ben Lindstrom5adbad22000-12-27 07:06:21 +00005144 'RLIMIT_NOFILE'
Damien Miller33804262001-02-04 23:20:18 +11005145 - (djm) Remove *.Ylonen files. They are no longer in the OpenBSD tree,
5146 the info in COPYING.Ylonen has been moved to the start of each
Damien Miller981eeed2000-12-27 19:06:05 +11005147 SSH1-derived file and README.Ylonen is well out of date.
Ben Lindstrom2c467a22000-12-27 04:57:41 +00005148
Ben Lindstrom3deda8b2000-12-22 20:27:43 +0000514920001223
5150 - (bal) Fixed Makefile.in to support recompile of all ssh and sshd objects
5151 if a change to config.h has occurred. Suggested by Gert Doering
5152 <gert@greenie.muc.de>
5153 - (bal) OpenBSD CVS Update:
5154 - markus@cvs.openbsd.org 2000/12/22 16:49:40
5155 [ssh-keygen.c]
5156 fix ssh-keygen -x -t type > file; from Roumen.Petrov@skalasoft.com
5157
Ben Lindstrom46c16222000-12-22 01:43:59 +0000515820001222
5159 - Updated RCSID for pty.c
5160 - (bal) OpenBSD CVS Updates:
5161 - markus@cvs.openbsd.org 2000/12/21 15:10:16
5162 [auth-rh-rsa.c hostfile.c hostfile.h sshconnect.c]
5163 print keyfile:line for changed hostkeys, for deraadt@, ok deraadt@
5164 - markus@cvs.openbsd.org 2000/12/20 19:26:56
5165 [authfile.c]
5166 allow ssh -i userkey for root
5167 - markus@cvs.openbsd.org 2000/12/20 19:37:21
5168 [authfd.c authfd.h kex.c sshconnect2.c sshd.c uidswap.c uidswap.h]
5169 fix prototypes; from stevesk@pobox.com
5170 - markus@cvs.openbsd.org 2000/12/20 19:32:08
5171 [sshd.c]
5172 init pointer to NULL; report from Jan.Ivan@cern.ch
5173 - markus@cvs.openbsd.org 2000/12/19 23:17:54
5174 [auth-krb4.c auth-options.c auth-options.h auth-rhosts.c auth-rsa.c
5175 auth1.c auth2-skey.c auth2.c authfd.c authfd.h authfile.c bufaux.c
5176 bufaux.h buffer.c canohost.c channels.c clientloop.c compress.c
5177 crc32.c deattack.c getput.h hmac.c hmac.h hostfile.c kex.c kex.h
5178 key.c key.h log.c login.c match.c match.h mpaux.c mpaux.h packet.c
5179 packet.h radix.c readconf.c rsa.c scp.c servconf.c servconf.h
5180 serverloop.c session.c sftp-server.c ssh-agent.c ssh-dss.c ssh-dss.h
5181 ssh-keygen.c ssh-keyscan.c ssh-rsa.c ssh-rsa.h ssh.c ssh.h uuencode.c
5182 uuencode.h sshconnect1.c sshconnect2.c sshd.c tildexpand.c]
5183 replace 'unsigned bla' with 'u_bla' everywhere. also replace 'char
5184 unsigned' with u_char.
5185
Kevin Stevesa074feb2000-12-21 22:33:45 +0000518620001221
5187 - (stevesk) OpenBSD CVS updates:
5188 - markus@cvs.openbsd.org 2000/12/19 15:43:45
5189 [authfile.c channels.c sftp-server.c ssh-agent.c]
5190 remove() -> unlink() for consistency
5191 - markus@cvs.openbsd.org 2000/12/19 15:48:09
5192 [ssh-keyscan.c]
5193 replace <ssl/x.h> with <openssl/x.h>
5194 - markus@cvs.openbsd.org 2000/12/17 02:33:40
5195 [uidswap.c]
5196 typo; from wsanchez@apple.com
Damien Miller33804262001-02-04 23:20:18 +11005197
Damien Miller82cf0ce2000-12-20 13:34:48 +1100519820001220
Damien Miller33804262001-02-04 23:20:18 +11005199 - (djm) Workaround PAM inconsistencies between Solaris derived PAM code
Damien Miller82cf0ce2000-12-20 13:34:48 +11005200 and Linux-PAM. Based on report and fix from Andrew Morgan
5201 <morgan@transmeta.com>
5202
Kevin Steves1004c7e2000-12-18 18:55:28 +0000520320001218
5204 - (stevesk) rsa.c: entropy.h not needed.
Ben Lindstrom28bfc0d2000-12-18 19:58:57 +00005205 - (bal) split CFLAGS into CFLAGS and CPPFLAGS in configure.in and Makefile.
5206 Suggested by Wilfredo Sanchez <wsanchez@apple.com>
Kevin Steves1004c7e2000-12-18 18:55:28 +00005207
Kevin Steves8daed182000-12-16 19:21:03 +0000520820001216
5209 - (stevesk) OpenBSD CVS updates:
5210 - markus@cvs.openbsd.org 2000/12/16 02:53:57
5211 [scp.c]
5212 allow + in usernames; request from Florian.Weimer@RUS.Uni-Stuttgart.DE
5213 - markus@cvs.openbsd.org 2000/12/16 02:39:57
5214 [scp.c]
5215 unused; from stevesk@pobox.com
5216
Kevin Stevesfa72dda2000-12-15 18:39:12 +0000521720001215
Kevin Stevese2737522000-12-15 23:47:30 +00005218 - (stevesk) Old OpenBSD patch wasn't completely applied:
5219 - markus@cvs.openbsd.org 2000/01/24 22:11:20
5220 [scp.c]
5221 allow '.' in usernames; from jedgar@fxp.org
Kevin Stevesfa72dda2000-12-15 18:39:12 +00005222 - (stevesk) OpenBSD CVS updates:
5223 - markus@cvs.openbsd.org 2000/12/13 16:26:53
5224 [ssh-keyscan.c]
5225 fatal already adds \n; from stevesk@pobox.com
5226 - markus@cvs.openbsd.org 2000/12/13 16:25:44
5227 [ssh-agent.c]
5228 remove redundant spaces; from stevesk@pobox.com
5229 - ho@cvs.openbsd.org 2000/12/12 15:50:21
5230 [pty.c]
5231 When failing to set tty owner and mode on a read-only filesystem, don't
5232 abort if the tty already has correct owner and reasonably sane modes.
5233 Example; permit 'root' to login to a firewall with read-only root fs.
5234 (markus@ ok)
5235 - deraadt@cvs.openbsd.org 2000/12/13 06:36:05
5236 [pty.c]
5237 KNF
Kevin Stevesfcec7f82000-12-15 19:55:48 +00005238 - markus@cvs.openbsd.org 2000/12/12 14:45:21
5239 [sshd.c]
5240 source port < 1024 is no longer required for rhosts-rsa since it
5241 adds no additional security.
5242 - markus@cvs.openbsd.org 2000/12/12 16:11:49
5243 [ssh.1 ssh.c]
5244 rhosts-rsa is no longer automagically disabled if ssh is not privileged.
5245 UsePrivilegedPort=no disables rhosts-rsa _only_ for old servers.
5246 these changes should not change the visible default behaviour of the ssh client.
Kevin Steves7d00ba42000-12-15 23:03:10 +00005247 - deraadt@cvs.openbsd.org 2000/12/11 10:27:33
5248 [scp.c]
5249 when copying 0-sized files, do not re-print ETA time at completion
Kevin Steves6b875862000-12-15 23:31:01 +00005250 - provos@cvs.openbsd.org 2000/12/15 10:30:15
5251 [kex.c kex.h sshconnect2.c sshd.c]
5252 compute diffie-hellman in parallel between server and client. okay markus@
Kevin Stevesfa72dda2000-12-15 18:39:12 +00005253
Damien Miller152cea22000-12-13 19:21:51 +1100525420001213
5255 - (djm) Make sure we reset the SIGPIPE disposition after we fork. Report
5256 from Andreas M. Kirchwitz <amk@krell.zikzak.de>
Kevin Stevesfa72dda2000-12-15 18:39:12 +00005257 - (stevesk) OpenBSD CVS update:
Kevin Stevesec84dc12000-12-13 17:45:15 +00005258 - markus@cvs.openbsd.org 2000/12/12 15:30:02
5259 [ssh-keyscan.c ssh.c sshd.c]
Damien Miller33804262001-02-04 23:20:18 +11005260 consistently use __progname; from stevesk@pobox.com
Damien Miller152cea22000-12-13 19:21:51 +11005261
Ben Lindstrom4cc90a42000-12-10 22:12:54 +0000526220001211
5263 - (bal) Applied patch to include ssh-keyscan into Redhat's package, and
5264 patch to install ssh-keyscan manpage. Patch by Pekka Savola
5265 <pekka@netcore.fi>
Ben Lindstroma65c78a2000-12-10 22:57:30 +00005266 - (bal) OpenbSD CVS update
5267 - markus@cvs.openbsd.org 2000/12/10 17:01:53
5268 [sshconnect1.c]
5269 always request new challenge for skey/tis-auth, fixes interop with
5270 other implementations; report from roth@feep.net
Ben Lindstrom4cc90a42000-12-10 22:12:54 +00005271
Ben Lindstromfa1b3d02000-12-10 01:55:37 +0000527220001210
5273 - (bal) OpenBSD CVS updates
Damien Miller33804262001-02-04 23:20:18 +11005274 - markus@cvs.openbsd.org 2000/12/09 13:41:51
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005275 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
5276 undo rijndael changes
Damien Miller33804262001-02-04 23:20:18 +11005277 - markus@cvs.openbsd.org 2000/12/09 13:48:31
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005278 [rijndael.c]
5279 fix byte order bug w/o introducing new implementation
Damien Miller33804262001-02-04 23:20:18 +11005280 - markus@cvs.openbsd.org 2000/12/09 14:08:27
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005281 [sftp-server.c]
5282 "" -> "." for realpath; from vinschen@redhat.com
Damien Miller33804262001-02-04 23:20:18 +11005283 - markus@cvs.openbsd.org 2000/12/09 14:06:54
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005284 [ssh-agent.c]
5285 extern int optind; from stevesk@sweden.hp.com
Ben Lindstrom971c9732000-12-10 02:01:50 +00005286 - provos@cvs.openbsd.org 2000/12/09 23:51:11
5287 [compat.c]
5288 remove unnecessary '\n'
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005289
Ben Lindstroma6885612000-12-09 03:45:32 +0000529020001209
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005291 - (bal) OpenBSD CVS updates:
Damien Miller33804262001-02-04 23:20:18 +11005292 - djm@cvs.openbsd.org 2000/12/07 4:24:59
Ben Lindstroma6885612000-12-09 03:45:32 +00005293 [ssh.1]
5294 Typo fix from Wilfredo Sanchez <wsanchez@apple.com>; ok theo
5295
Ben Lindstroma14ee472000-12-07 01:24:58 +0000529620001207
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005297 - (bal) OpenBSD CVS updates:
Damien Miller33804262001-02-04 23:20:18 +11005298 - markus@cvs.openbsd.org 2000/12/06 22:58:14
Ben Lindstroma14ee472000-12-07 01:24:58 +00005299 [compat.c compat.h packet.c]
5300 disable debug messages for ssh.com/f-secure 2.0.1x, 2.1.0
Ben Lindstrom01f84632000-12-07 05:57:27 +00005301 - markus@cvs.openbsd.org 2000/12/06 23:10:39
5302 [rijndael.c]
5303 unexpand(1)
Damien Miller33804262001-02-04 23:20:18 +11005304 - markus@cvs.openbsd.org 2000/12/06 23:05:43
Ben Lindstrom01f84632000-12-07 05:57:27 +00005305 [cipher.c cipher.h rijndael.c rijndael.h rijndael_boxes.h]
5306 new rijndael implementation. fixes endian bugs
Ben Lindstroma14ee472000-12-07 01:24:58 +00005307
Ben Lindstrom7ad97102000-12-06 01:42:49 +0000530820001206
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005309 - (bal) OpenBSD CVS updates:
Ben Lindstrom7ad97102000-12-06 01:42:49 +00005310 - markus@cvs.openbsd.org 2000/12/05 20:34:09
5311 [channels.c channels.h clientloop.c serverloop.c]
5312 async connects for -R/-L; ok deraadt@
5313 - todd@cvs.openssh.org 2000/12/05 16:47:28
5314 [sshd.c]
5315 tweak comment to reflect real location of pid file; ok provos@
Kevin Steves2c65ada2000-12-06 22:25:40 +00005316 - (stevesk) Import <sys/queue.h> from OpenBSD for systems that don't
5317 have it (used in ssh-keyscan).
Kevin Stevesfa72dda2000-12-15 18:39:12 +00005318 - (stevesk) OpenBSD CVS update:
Kevin Stevesfc74af42000-12-06 22:47:55 +00005319 - markus@cvs.openbsd.org 2000/12/06 19:57:48
5320 [ssh-keyscan.c]
5321 err(3) -> internal error(), from stevesk@sweden.hp.com
Ben Lindstrom7ad97102000-12-06 01:42:49 +00005322
Ben Lindstromb6434ae2000-12-05 01:15:09 +0000532320001205
Ben Lindstromfa1b3d02000-12-10 01:55:37 +00005324 - (bal) OpenBSD CVS updates:
Ben Lindstromb6434ae2000-12-05 01:15:09 +00005325 - markus@cvs.openbsd.org 2000/12/04 19:24:02
5326 [ssh-keyscan.c ssh-keyscan.1]
5327 David Maziere's ssh-keyscan, ok niels@
5328 - (bal) Updated Makefile.in to include ssh-keyscan that was just added
5329 to the recent OpenBSD source tree.
Kevin Steves3c516762000-12-06 00:48:05 +00005330 - (stevesk) fix typos in contrib/hpux/README
Ben Lindstromb6434ae2000-12-05 01:15:09 +00005331
Ben Lindstromd121f612000-12-03 17:00:47 +0000533220001204
5333 - (bal) More C functions defined in NeXT that are unaccessable without
Damien Miller33804262001-02-04 23:20:18 +11005334 defining -POSIX.
5335 - (bal) OpenBSD CVS updates:
5336 - markus@cvs.openbsd.org 2000/12/03 11:29:04
Ben Lindstromd121f612000-12-03 17:00:47 +00005337 [compat.c]
5338 remove fallback to SSH_BUG_HMAC now that the drafts are updated
5339 - markus@cvs.openbsd.org 2000/12/03 11:27:55
5340 [compat.c]
Damien Miller33804262001-02-04 23:20:18 +11005341 correctly match "2.1.0.pl2 SSH" etc; from
Ben Lindstrom7ad97102000-12-06 01:42:49 +00005342 pekkas@netcore.fi/bugzilla.redhat
Ben Lindstromd121f612000-12-03 17:00:47 +00005343 - markus@cvs.openbsd.org 2000/12/03 11:15:03
5344 [auth2.c compat.c compat.h sshconnect2.c]
5345 support f-secure/ssh.com 2.0.12; ok niels@
5346
Ben Lindstromc72745a2000-12-02 19:03:54 +0000534720001203
Ben Lindstromd121f612000-12-03 17:00:47 +00005348 - (bal) OpenBSD CVS updates:
Ben Lindstromc72745a2000-12-02 19:03:54 +00005349 - markus@cvs.openbsd.org 2000/11/30 22:54:31
5350 [channels.c]
Damien Miller33804262001-02-04 23:20:18 +11005351 debug->warn if tried to do -R style fwd w/o client requesting this;
Ben Lindstromc72745a2000-12-02 19:03:54 +00005352 ok neils@
5353 - markus@cvs.openbsd.org 2000/11/29 20:39:17
5354 [cipher.c]
5355 des_cbc_encrypt -> des_ncbc_encrypt since it already updates the IV
5356 - markus@cvs.openbsd.org 2000/11/30 18:33:05
5357 [ssh-agent.c]
5358 agents must not dump core, ok niels@
Damien Miller33804262001-02-04 23:20:18 +11005359 - markus@cvs.openbsd.org 2000/11/30 07:04:02
Ben Lindstromc72745a2000-12-02 19:03:54 +00005360 [ssh.1]
5361 T is for both protocols
5362 - markus@cvs.openbsd.org 2000/12/01 00:00:51
5363 [ssh.1]
5364 typo; from green@FreeBSD.org
5365 - markus@cvs.openbsd.org 2000/11/30 07:02:35
5366 [ssh.c]
5367 check -T before isatty()
5368 - provos@cvs.openbsd.org 2000/11/29 13:51:27
5369 [sshconnect.c]
Damien Miller33804262001-02-04 23:20:18 +11005370 show IP address and hostname when new key is encountered. okay markus@
Ben Lindstromc72745a2000-12-02 19:03:54 +00005371 - markus@cvs.openbsd.org 2000/11/30 22:53:35
5372 [sshconnect.c]
5373 disable agent/x11/port fwding if hostkey has changed; ok niels@
5374 - marksu@cvs.openbsd.org 2000/11/29 21:11:59
5375 [sshd.c]
5376 sshd -D, startup w/o deamon(), for monitoring scripts or inittab;
5377 from handler@sub-rosa.com and eric@urbanrange.com; ok niels@
Damien Millerb8481582000-12-03 11:51:51 +11005378 - (djm) Added patch from Nalin Dahyabhai <nalin@redhat.com> to enable
5379 PAM authentication using KbdInteractive.
5380 - (djm) Added another TODO
Ben Lindstromc72745a2000-12-02 19:03:54 +00005381
Ben Lindstrom75214f92000-12-01 21:19:51 +0000538220001202
5383 - (bal) Backed out of part of Alain St-Denis' loginrec.c patch.
Damien Miller33804262001-02-04 23:20:18 +11005384 - (bal) Irix need some sort of mansubdir, patch by Michael Stone
Ben Lindstrom75214f92000-12-01 21:19:51 +00005385 <mstone@cs.loyola.edu>
5386
Damien Millera2e53cc2000-11-29 11:26:45 +1100538720001129
Damien Miller43dc8da2000-11-29 15:55:17 +11005388 - (djm) Back out all the serverloop.c hacks. sshd will now hang again
5389 if there are background children with open fds.
Damien Miller3f62aba2000-11-29 11:56:35 +11005390 - (djm) bsd-rresvport.c bzero -> memset
Damien Miller33804262001-02-04 23:20:18 +11005391 - (djm) Don't fail in defines.h on absence of 64 bit types (we will
Damien Miller3f62aba2000-11-29 11:56:35 +11005392 still fail during compilation of sftp-server).
5393 - (djm) Fail if ar is not found during configure
Damien Millere39cacc2000-11-29 12:18:44 +11005394 - (djm) OpenBSD CVS updates:
5395 - provos@cvs.openbsd.org 2000/11/22 08:38:31
5396 [sshd.8]
5397 talk about /etc/primes, okay markus@
5398 - markus@cvs.openbsd.org 2000/11/23 14:03:48
5399 [ssh.c sshconnect1.c sshconnect2.c]
5400 complain about invalid ciphers for ssh1/ssh2, fall back to reasonable
5401 defaults
5402 - markus@cvs.openbsd.org 2000/11/25 09:42:53
5403 [sshconnect1.c]
5404 reorder check for illegal ciphers, bugreport from espie@
5405 - markus@cvs.openbsd.org 2000/11/25 10:19:34
5406 [ssh-keygen.c ssh.h]
5407 print keytype when generating a key.
5408 reasonable defaults for RSA1/RSA/DSA keys.
Damien Millera19cf472000-11-29 13:28:50 +11005409 - (djm) Patch from Pekka Savola <Pekka.Savola@netcore.fi> to include a few
5410 more manpage paths in fixpaths calls
5411 - (djm) Also add xauth path at Pekka's suggestion.
Damien Miller6dbfef62000-11-29 13:51:06 +11005412 - (djm) Add Redhat RPM patch for AUTHPRIV SyslogFacility
Damien Millera2e53cc2000-11-29 11:26:45 +11005413
Damien Millerd592b632000-11-25 10:09:32 +1100541420001125
5415 - (djm) Give up privs when reading seed file
5416
Ben Lindstrom14920292000-11-21 21:24:55 +0000541720001123
5418 - (bal) Merge OpenBSD changes:
5419 - markus@cvs.openbsd.org 2000/11/15 22:31:36
5420 [auth-options.c]
Damien Miller33804262001-02-04 23:20:18 +11005421 case insensitive key options; from stevesk@sweeden.hp.com
Ben Lindstrom14920292000-11-21 21:24:55 +00005422 - markus@cvs.openbsd.org 2000/11/16 17:55:43
5423 [dh.c]
5424 do not use perror() in sshd, after child is forked()
5425 - markus@cvs.openbsd.org 2000/11/14 23:42:40
5426 [auth-rsa.c]
5427 parse option only if key matches; fix some confusing seen by the client
5428 - markus@cvs.openbsd.org 2000/11/14 23:44:19
5429 [session.c]
5430 check no_agent_forward_flag for ssh-2, too
5431 - markus@cvs.openbsd.org 2000/11/15
5432 [ssh-agent.1]
5433 reorder SYNOPSIS; typo, use .It
5434 - markus@cvs.openbsd.org 2000/11/14 23:48:55
5435 [ssh-agent.c]
5436 do not reorder keys if a key is removed
5437 - markus@cvs.openbsd.org 2000/11/15 19:58:08
5438 [ssh.c]
Damien Miller33804262001-02-04 23:20:18 +11005439 just ignore non existing user keys
Ben Lindstrom14920292000-11-21 21:24:55 +00005440 - millert@cvs.openbsd.org 200/11/15 20:24:43
5441 [ssh-keygen.c]
5442 Add missing \n at end of error message.
5443
Ben Lindstrom4a1d9162000-11-21 10:45:31 +0000544420001122
5445 - (bal) Minor patch to ensure platforms lacking IRIX job limit supports
5446 are compilable.
5447 - (bal) Updated TODO as of 11/18/2000 with known things to resolve.
5448
Ben Lindstrombaaa2c02000-11-17 00:22:17 +0000544920001117
5450 - (bal) Changed from 'primes' to 'primes.out' for consistancy sake. It
5451 has no affect the output. Patch by Corinna Vinschen <vinschen@redhat.com>
Damien Miller33804262001-02-04 23:20:18 +11005452 - (stevesk) Reworked progname support.
Ben Lindstrom49a79c02000-11-17 03:47:20 +00005453 - (bal) Misplaced #include "includes.h" in bsd-setproctitle.c. Patch by
5454 Shinichi Maruyama <marya@st.jip.co.jp>
Ben Lindstrombaaa2c02000-11-17 00:22:17 +00005455
Ben Lindstrom65571522000-11-16 02:46:20 +0000545620001116
5457 - (bal) Added in MAXSYMLINK test in bsd-realpath.c. Required for some SCO
5458 releases.
5459 - (bal) Make builds work outside of source tree. Patch by Mark D. Roth
5460 <roth@feep.net>
5461
Damien Miller559d3832000-11-13 20:59:05 +1100546220001113
Damien Miller33804262001-02-04 23:20:18 +11005463 - (djm) Add pointer to http://www.imasy.or.jp/~gotoh/connect.c to
Damien Miller559d3832000-11-13 20:59:05 +11005464 contrib/README
Damien Miller0bc1bd82000-11-13 22:57:25 +11005465 - (djm) Merge OpenBSD changes:
5466 - markus@cvs.openbsd.org 2000/11/06 16:04:56
5467 [channels.c channels.h clientloop.c nchan.c serverloop.c]
5468 [session.c ssh.c]
5469 agent forwarding and -R for ssh2, based on work from
5470 jhuuskon@messi.uku.fi
5471 - markus@cvs.openbsd.org 2000/11/06 16:13:27
5472 [ssh.c sshconnect.c sshd.c]
5473 do not disabled rhosts(rsa) if server port > 1024; from
5474 pekkas@netcore.fi
5475 - markus@cvs.openbsd.org 2000/11/06 16:16:35
5476 [sshconnect.c]
5477 downgrade client to 1.3 if server is 1.4; help from mdb@juniper.net
5478 - markus@cvs.openbsd.org 2000/11/09 18:04:40
5479 [auth1.c]
5480 typo; from mouring@pconline.com
5481 - markus@cvs.openbsd.org 2000/11/12 12:03:28
5482 [ssh-agent.c]
5483 off-by-one when removing a key from the agent
5484 - markus@cvs.openbsd.org 2000/11/12 12:50:39
5485 [auth-rh-rsa.c auth2.c authfd.c authfd.h]
5486 [authfile.c hostfile.c kex.c kex.h key.c key.h myproposal.h]
5487 [readconf.c readconf.h rsa.c rsa.h servconf.c servconf.h ssh-add.c]
5488 [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config]
5489 [sshconnect1.c sshconnect2.c sshd.8 sshd.c sshd_config ssh-dss.c]
Damien Miller33804262001-02-04 23:20:18 +11005490 [ssh-dss.h ssh-rsa.c ssh-rsa.h dsa.c dsa.h]
Damien Miller0bc1bd82000-11-13 22:57:25 +11005491 add support for RSA to SSH2. please test.
5492 there are now 3 types of keys: RSA1 is used by ssh-1 only,
5493 RSA and DSA are used by SSH2.
5494 you can use 'ssh-keygen -t rsa -f ssh2_rsa_file' to generate RSA
5495 keys for SSH2 and use the RSA keys for hostkeys or for user keys.
5496 SSH2 RSA or DSA keys are added to .ssh/authorised_keys2 as before.
5497 - (djm) Fix up Makefile and Redhat init script to create RSA host keys
Damien Millerd1446d82000-11-13 22:58:22 +11005498 - (djm) Change to interim version
Damien Milleree188d32000-11-13 23:13:55 +11005499 - (djm) Fix RPM spec file stupidity
Damien Miller457b5a22000-11-13 23:17:53 +11005500 - (djm) fixpaths to DSA and RSA keys too
Damien Miller559d3832000-11-13 20:59:05 +11005501
Ben Lindstrom980754c2000-11-12 00:04:24 +0000550220001112
5503 - (bal) SCO Patch to add needed libraries for configure.in. Patch by
5504 Phillips Porch <root@theporch.com>
Damien Miller559d3832000-11-13 20:59:05 +11005505 - (bal) IRIX patch to adding Job Limits. Patch by Denis Parker
5506 <dcp@sgi.com>
Kevin Steves6c0d6272000-11-12 09:22:29 +00005507 - (stevesk) pty.c: HP-UX 10 and 11 don't define TIOCSCTTY. Add error() to
5508 failed ioctl(TIOCSCTTY) call.
Ben Lindstrom980754c2000-11-12 00:04:24 +00005509
Damien Miller0986b552000-11-11 08:36:38 +1100551020001111
5511 - (djm) Added /etc/primes for kex DH group neg, fixup Makefile.in and
5512 packaging files
Damien Miller895f2382000-11-11 08:47:18 +11005513 - (djm) Fix new Makefile.in warnings
Damien Miller33804262001-02-04 23:20:18 +11005514 - (djm) Fix vsprintf("%h") in bsd-snprintf.c, short int va_args are
5515 promoted to type int. Report and fix from Dan Astoorian
Damien Miller9f4f7552000-11-11 09:03:32 +11005516 <djast@cs.toronto.edu>
Damien Miller33804262001-02-04 23:20:18 +11005517 - (djm) Hardwire sysconfdir in RPM spec files as some RPM versions get
Damien Millerafeaca92000-11-11 09:09:57 +11005518 it wrong. Report from Bennett Todd <bet@rahul.net>
Damien Miller0986b552000-11-11 08:36:38 +11005519
Ben Lindstrom305fb002000-11-10 02:41:30 +0000552020001110
5521 - (bal) Fixed dropped answer from skey_keyinfo() in auth1.c
5522 - (bal) Changed from --with-skey to --with-skey=PATH in configure.in
5523 - (bal) Added in check to verify S/Key library is being detected in
5524 configure.in
Damien Miller33804262001-02-04 23:20:18 +11005525 - (bal) next-posix.h - added another prototype wrapped in POSIX ifdef/endif.
Ben Lindstrom305fb002000-11-10 02:41:30 +00005526 Patch by Mark Miller <markm@swoon.net>
5527 - (bal) Added 'util.h' header to loginrec.c only if HAVE_UTIL_H is defined
Damien Miller33804262001-02-04 23:20:18 +11005528 to remove warnings under MacOS X. Patch by Mark Miller <markm@swoon.net>
Ben Lindstrom305fb002000-11-10 02:41:30 +00005529 - (bal) Fixed LDFLAG mispelling in configure.in for --with-afs
5530
Ben Lindstrom89ef41a2000-11-07 16:41:41 +0000553120001107
Ben Lindstromdbcea872000-11-08 01:07:51 +00005532 - (bal) acconfig.in - removed the double "USE_PIPES" entry. Patch by
5533 Mark Miller <markm@swoon.net>
Ben Lindstrom89ef41a2000-11-07 16:41:41 +00005534 - (bal) sshd.init files corrected to assign $? to RETVAL. Patch by
5535 Jarno Huuskonen <jhuuskon@messi.uku.fi>
Ben Lindstromdbcea872000-11-08 01:07:51 +00005536 - (bal) fixpaths fixed to stop it from quitely failing. Patch by
5537 Mark D. Roth <roth@feep.net>
Ben Lindstrom89ef41a2000-11-07 16:41:41 +00005538
Damien Millerc78abaa2000-11-06 12:07:21 +1100553920001106
5540 - (djm) Use Jim's new 1.0.3 askpass in Redhat RPMs
Damien Miller389edc42000-11-06 12:39:34 +11005541 - (djm) Manually fix up missed diff hunks (mainly RCS idents)
Damien Miller33804262001-02-04 23:20:18 +11005542 - (djm) Remove UPGRADING document in favour of a link to the better
Damien Miller6604fad2000-11-06 12:48:54 +11005543 maintained FAQ on www.openssh.com
Damien Miller969c07e2000-11-06 13:06:43 +11005544 - (djm) Fix multiple dependancy on gnome-libs from Pekka Savola
5545 <pekkas@netcore.fi>
5546 - (djm) Don't need X11-askpass in RPM spec file if building without it
5547 from Pekka Savola <pekkas@netcore.fi>
Damien Miller6bad1772000-11-06 14:17:38 +11005548 - (djm) Release 2.3.0p1
Ben Lindstrom2ed98182000-11-06 07:15:43 +00005549 - (bal) typo in configure.in in regards to --with-ldflags from Marko
5550 Asplund <aspa@kronodoc.fi>
5551 - (bal) fixed next-posix.h. Forgot prototype of getppid().
Damien Miller2b023d82000-11-06 13:07:45 +11005552
Ben Lindstromf2de06b2000-11-05 05:42:36 +0000555320001105
5554 - (bal) Sync with OpenBSD:
5555 - markus@cvs.openbsd.org 2000/10/31 9:31:58
5556 [compat.c]
5557 handle all old openssh versions
5558 - markus@cvs.openbsd.org 2000/10/31 13:1853
5559 [deattack.c]
5560 so that large packets do not wrap "n"; from netbsd
5561 - (bal) rijndel.c - fix up RCSID to match OpenBSD tree
Ben Lindstrom67e21e12000-11-05 09:08:45 +00005562 - (bal) auth2-skey.c - Checked in. Missing from portable tree.
5563 - (bal) Reworked NEWS-OS and NeXT ports to extract waitpid() and
5564 setsid() into more common files
Kevin Steves85b3db62000-11-05 15:31:36 +00005565 - (stevesk) pty.c: use __hpux to identify HP-UX.
Ben Lindstrome4c82b52000-11-05 21:13:45 +00005566 - (bal) Missed auth-skey.o in Makefile.in and minor correction to
5567 bsd-waitpid.c
Ben Lindstromf2de06b2000-11-05 05:42:36 +00005568
Kevin Stevesa58e0af2000-10-29 14:38:55 +0000556920001029
5570 - (stevesk) Fix typo in auth.c: USE_PAM not PAM
Kevin Steves9be6e262000-10-29 19:18:49 +00005571 - (stevesk) Create contrib/cygwin/ directory; patch from
5572 Corinna Vinschen <vinschen@redhat.com>
Ben Lindstrom23e13712000-10-29 22:49:19 +00005573 - (bal) Resolved more $xno and $xyes issues in configure.in
Ben Lindstrom2791cd52000-10-30 05:33:55 +00005574 - (bal) next-posix.h - spelling and forgot a prototype
Kevin Stevesa58e0af2000-10-29 14:38:55 +00005575
Damien Miller6bd90df2000-10-28 13:30:55 +1100557620001028
Damien Miller33804262001-02-04 23:20:18 +11005577 - (djm) fix select hack in serverloop.c from Philippe WILLEM
Damien Miller6bd90df2000-10-28 13:30:55 +11005578 <Philippe.WILLEM@urssaf.fr>
Damien Millerc05e0182000-10-28 13:38:34 +11005579 - (djm) Fix mangled AIXAUTHENTICATE code
Damien Miller33804262001-02-04 23:20:18 +11005580 - (djm) authctxt->pw may be NULL. Fix from Markus Friedl
Damien Millerd425d4d2000-10-28 21:05:57 +11005581 <markus.friedl@informatik.uni-erlangen.de>
Damien Miller69b69aa2000-10-28 14:19:58 +11005582 - (djm) Sync with OpenBSD:
5583 - markus@cvs.openbsd.org 2000/10/16 15:46:32
5584 [ssh.1]
5585 fixes from pekkas@netcore.fi
5586 - markus@cvs.openbsd.org 2000/10/17 14:28:11
5587 [atomicio.c]
5588 return number of characters processed; ok deraadt@
5589 - markus@cvs.openbsd.org 2000/10/18 12:04:02
5590 [atomicio.c]
5591 undo
5592 - markus@cvs.openbsd.org 2000/10/18 12:23:02
5593 [scp.c]
5594 replace atomicio(read,...) with read(); ok deraadt@
5595 - markus@cvs.openbsd.org 2000/10/18 12:42:00
5596 [session.c]
5597 restore old record login behaviour
5598 - deraadt@cvs.openbsd.org 2000/10/19 10:41:13
5599 [auth-skey.c]
5600 fmt string problem in unused code
5601 - provos@cvs.openbsd.org 2000/10/19 10:45:16
5602 [sshconnect2.c]
5603 don't reference freed memory. okay deraadt@
5604 - markus@cvs.openbsd.org 2000/10/21 11:04:23
5605 [canohost.c]
5606 typo, eramore@era-t.ericsson.se; ok niels@
5607 - markus@cvs.openbsd.org 2000/10/23 13:31:55
5608 [cipher.c]
5609 non-alignment dependent swap_bytes(); from
5610 simonb@wasabisystems.com/netbsd
5611 - markus@cvs.openbsd.org 2000/10/26 12:38:28
5612 [compat.c]
5613 add older vandyke products
5614 - markus@cvs.openbsd.org 2000/10/27 01:32:19
5615 [channels.c channels.h clientloop.c serverloop.c session.c]
5616 [ssh.c util.c]
Damien Miller33804262001-02-04 23:20:18 +11005617 enable non-blocking IO on channels, and tty's (except for the
Damien Miller69b69aa2000-10-28 14:19:58 +11005618 client ttys).
Damien Miller6bd90df2000-10-28 13:30:55 +11005619
Damien Miller656d7172000-10-27 09:27:32 +1100562020001027
5621 - (djm) Increase REKEY_BYTES to 2^24 for arc4random
5622
Damien Miller6f9c3372000-10-25 10:06:04 +1100562320001025
5624 - (djm) Added WARNING.RNG file and modified configure to ask users of the
5625 builtin entropy code to read it.
5626 - (djm) Prefer builtin regex to PCRE.
Ben Lindstrom76020ba2000-10-25 16:55:00 +00005627 - (bal) Added USE_PIPS defined to NeXT configure.in since scp hangs randomly.
5628 - (bal) Apply fixes to configure.in pointed out by Pavel Roskin
5629 <proski@gnu.org>
Damien Miller6f9c3372000-10-25 10:06:04 +11005630
Damien Miller81fa28a2000-10-20 09:14:04 +1100563120001020
5632 - (djm) Don't define _REENTRANT for SNI/Reliant Unix
Ben Lindstrome5a85252000-10-19 23:43:24 +00005633 - (bal) Imported NEWS-OS waitpid() macros into NeXT. Since implementation
5634 is more correct then current version.
Damien Miller81fa28a2000-10-20 09:14:04 +11005635
Kevin Steves8848b242000-10-18 13:11:44 +0000563620001018
5637 - (stevesk) Add initial support for setproctitle(). Current
5638 support is for the HP-UX pstat(PSTAT_SETCMD, ...) method.
Kevin Stevesee184da2000-10-18 13:45:40 +00005639 - (stevesk) Add egd startup scripts to contrib/hpux/
Kevin Steves8848b242000-10-18 13:11:44 +00005640
Damien Milleref767ac2000-10-17 23:14:08 +1100564120001017
5642 - (djm) Add -lregex to cywin libs from Corinna Vinschen
5643 <vinschen@cygnus.com>
Damien Miller2594de82000-10-17 23:22:28 +11005644 - (djm) Don't rely on atomicio's retval to determine length of askpass
5645 supplied passphrase. Problem report from Lutz Jaenicke
5646 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Ben Lindstromb5628642000-10-18 00:02:25 +00005647 - (bal) Changed from GNU rx to PCRE on suggestion from djm.
Damien Miller33804262001-02-04 23:20:18 +11005648 - (bal) Integrated Sony NEWS-OS patches from NAKAJI Hirouyuki
Ben Lindstromb5628642000-10-18 00:02:25 +00005649 <nakaji@tutrp.tut.ac.jp>
Damien Milleref767ac2000-10-17 23:14:08 +11005650
Damien Miller50a41ed2000-10-16 12:14:42 +1100565120001016
5652 - (djm) Sync with OpenBSD:
5653 - markus@cvs.openbsd.org 2000/10/14 04:01:15
5654 [cipher.c]
5655 debug3
5656 - markus@cvs.openbsd.org 2000/10/14 04:07:23
5657 [scp.c]
5658 remove spaces from arguments; from djm@mindrot.org
5659 - markus@cvs.openbsd.org 2000/10/14 06:09:46
5660 [ssh.1]
5661 Cipher is for SSH-1 only
5662 - markus@cvs.openbsd.org 2000/10/14 06:12:09
5663 [servconf.c servconf.h serverloop.c session.c sshd.8]
5664 AllowTcpForwarding; from naddy@
5665 - markus@cvs.openbsd.org 2000/10/14 06:16:56
5666 [auth2.c compat.c compat.h sshconnect2.c version.h]
Damien Miller33804262001-02-04 23:20:18 +11005667 OpenSSH_2.3; note that is is not complete, but the version number
Damien Miller50a41ed2000-10-16 12:14:42 +11005668 needs to be changed for interoperability reasons
5669 - markus@cvs.openbsd.org 2000/10/14 06:19:45
5670 [auth-rsa.c]
5671 do not send RSA challenge if key is not allowed by key-options; from
5672 eivind@ThinkSec.com
5673 - markus@cvs.openbsd.org 2000/10/15 08:14:01
5674 [rijndael.c session.c]
5675 typos; from stevesk@sweden.hp.com
5676 - markus@cvs.openbsd.org 2000/10/15 08:18:31
5677 [rijndael.c]
5678 typo
Damien Miller33804262001-02-04 23:20:18 +11005679 - (djm) Copy manpages back over from OpenBSD - too tedious to wade
Damien Miller2b2cf522000-10-16 12:25:17 +11005680 through diffs
Damien Miller33804262001-02-04 23:20:18 +11005681 - (djm) Added condrestart to Redhat init script. Patch from Pekka Savola
Damien Miller2b2cf522000-10-16 12:25:17 +11005682 <pekkas@netcore.fi>
Damien Millerff649d82000-10-16 13:35:19 +11005683 - (djm) Update version in Redhat spec file
Damien Miller33804262001-02-04 23:20:18 +11005684 - (djm) Merge some of Nalin Dahyabhai <nalin@redhat.com> changes from the
Damien Millerff649d82000-10-16 13:35:19 +11005685 Redhat 7.0 spec file
Damien Miller52dc96b2000-10-16 20:13:43 +11005686 - (djm) Make inability to read/write PRNG seedfile non-fatal
5687
Damien Miller50a41ed2000-10-16 12:14:42 +11005688
Damien Miller59939352000-10-15 12:21:32 +1100568920001015
5690 - (djm) Fix ssh2 hang on background processes at logout.
5691
Damien Miller60819b42000-10-14 11:16:12 +1100569220001014
Ben Lindstromb4df15d2000-10-15 00:17:36 +00005693 - (bal) Add support for realpath and getcwd for platforms with broken
5694 or missing realpath implementations for sftp-server.
5695 - (bal) Corrected mistake in INSTALL in regards to GNU rx library
Damien Miller33804262001-02-04 23:20:18 +11005696 - (bal) Add support for GNU rx library for those lacking regexp support
Damien Miller60819b42000-10-14 11:16:12 +11005697 - (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
Damien Miller15b29522000-10-14 12:33:48 +11005698 - (djm) Revert SSH2 serverloop hack, will find a better way.
Damien Miller89d97962000-10-14 12:37:19 +11005699 - (djm) Add workaround for Linux 2.4's gratuitious errno change. Patch
5700 from Martin Johansson <fatbob@acc.umu.se>
Damien Miller874d77b2000-10-14 16:23:11 +11005701 - (djm) Big OpenBSD sync:
5702 - markus@cvs.openbsd.org 2000/09/30 10:27:44
5703 [log.c]
5704 allow loglevel debug
5705 - markus@cvs.openbsd.org 2000/10/03 11:59:57
5706 [packet.c]
5707 hmac->mac
5708 - markus@cvs.openbsd.org 2000/10/03 12:03:03
5709 [auth-krb4.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c auth1.c]
5710 move fake-auth from auth1.c to individual auth methods, disables s/key in
5711 debug-msg
5712 - markus@cvs.openbsd.org 2000/10/03 12:16:48
5713 ssh.c
5714 do not resolve canonname, i have no idea why this was added oin ossh
5715 - markus@cvs.openbsd.org 2000/10/09 15:30:44
5716 ssh-keygen.1 ssh-keygen.c
5717 -X now reads private ssh.com DSA keys, too.
5718 - markus@cvs.openbsd.org 2000/10/09 15:32:34
5719 auth-options.c
5720 clear options on every call.
5721 - markus@cvs.openbsd.org 2000/10/09 15:51:00
5722 authfd.c authfd.h
5723 interop with ssh-agent2, from <res@shore.net>
5724 - markus@cvs.openbsd.org 2000/10/10 14:20:45
5725 compat.c
5726 use rexexp for version string matching
5727 - provos@cvs.openbsd.org 2000/10/10 22:02:18
5728 [kex.c kex.h myproposal.h ssh.h ssh2.h sshconnect2.c sshd.c dh.c dh.h]
5729 First rough implementation of the diffie-hellman group exchange. The
5730 client can ask the server for bigger groups to perform the diffie-hellman
5731 in, thus increasing the attack complexity when using ciphers with longer
5732 keys. University of Windsor provided network, T the company.
5733 - markus@cvs.openbsd.org 2000/10/11 13:59:52
5734 [auth-rsa.c auth2.c]
5735 clear auth options unless auth sucessfull
5736 - markus@cvs.openbsd.org 2000/10/11 14:00:27
5737 [auth-options.h]
5738 clear auth options unless auth sucessfull
5739 - markus@cvs.openbsd.org 2000/10/11 14:03:27
5740 [scp.1 scp.c]
5741 support 'scp -o' with help from mouring@pconline.com
5742 - markus@cvs.openbsd.org 2000/10/11 14:11:35
5743 [dh.c]
5744 Wall
5745 - markus@cvs.openbsd.org 2000/10/11 14:14:40
5746 [auth.h auth2.c readconf.c readconf.h readpass.c servconf.c servconf.h]
5747 [ssh.h sshconnect2.c sshd_config auth2-skey.c cli.c cli.h]
5748 add support for s/key (kbd-interactive) to ssh2, based on work by
5749 mkiernan@avantgo.com and me
5750 - markus@cvs.openbsd.org 2000/10/11 14:27:24
5751 [auth.c auth1.c auth2.c authfile.c cipher.c cipher.h kex.c kex.h]
5752 [myproposal.h packet.c readconf.c session.c ssh.c ssh.h sshconnect1.c]
5753 [sshconnect2.c sshd.c]
5754 new cipher framework
5755 - markus@cvs.openbsd.org 2000/10/11 14:45:21
5756 [cipher.c]
5757 remove DES
5758 - markus@cvs.openbsd.org 2000/10/12 03:59:20
5759 [cipher.c cipher.h sshconnect1.c sshconnect2.c sshd.c]
5760 enable DES in SSH-1 clients only
5761 - markus@cvs.openbsd.org 2000/10/12 08:21:13
5762 [kex.h packet.c]
5763 remove unused
5764 - markus@cvs.openbsd.org 2000/10/13 12:34:46
5765 [sshd.c]
5766 Kludge for F-Secure Macintosh < 1.0.2; appro@fy.chalmers.se
5767 - markus@cvs.openbsd.org 2000/10/13 12:59:15
5768 [cipher.c cipher.h myproposal.h rijndael.c rijndael.h]
5769 rijndael/aes support
5770 - markus@cvs.openbsd.org 2000/10/13 13:10:54
5771 [sshd.8]
5772 more info about -V
5773 - markus@cvs.openbsd.org 2000/10/13 13:12:02
5774 [myproposal.h]
5775 prefer no compression
Damien Millere4041c92000-10-14 17:45:58 +11005776 - (djm) Fix scp user@host handling
5777 - (djm) Don't clobber ssh_prng_cmds on install
Kevin Stevescee23de2000-10-14 10:51:18 +00005778 - (stevesk) Include config.h in rijndael.c so we define intXX_t and
5779 u_intXX_t types on all platforms.
Kevin Stevesf16b9d22000-10-14 10:57:04 +00005780 - (stevesk) rijndael.c: cleanup missing declaration warnings.
Kevin Steves092f2ef2000-10-14 13:36:13 +00005781 - (stevesk) ~/.hushlogin shouldn't cause required password change to
5782 be bypassed.
Kevin Stevese0f49142000-10-14 17:51:48 +00005783 - (stevesk) Display correct path to ssh-askpass in configure output.
5784 Report from Lutz Jaenicke.
Damien Miller60819b42000-10-14 11:16:12 +11005785
Kevin Stevescccca272000-10-07 11:16:55 +0000578620001007
5787 - (stevesk) Print PAM return value in PAM log messages to aid
5788 with debugging.
Kevin Steves48b7cc02000-10-07 13:24:00 +00005789 - (stevesk) Fix detection of pw_class struct member in configure;
5790 patch from KAMAHARA Junzo <kamahara@cc.kshosen.ac.jp>
5791
Damien Millere68f92b2000-10-02 21:42:15 +1100579220001002
5793 - (djm) Fix USER_PATH, report from Kevin Steves <stevesk@sweden.hp.com>
5794 - (djm) Add host system and CC to end-of-configure report. Suggested by
5795 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
5796
Damien Miller05dd7952000-10-01 00:42:48 +1100579720000931
5798 - (djm) Cygwin fixes from Corinna Vinschen <vinschen@cygnus.com>
5799
Damien Miller190d5a82000-09-30 09:43:19 +1100580020000930
Damien Millerbea034a2000-09-30 09:43:32 +11005801 - (djm) Irix ssh_prng_cmds path fix from Pekka Savola <pekkas@netcore.fi>
Damien Miller33804262001-02-04 23:20:18 +11005802 - (djm) Support in bsd-snprintf.c for long long conversions from
Damien Millerb88532e2000-09-30 09:53:59 +11005803 Ben Lindstrom <mouring@pconline.com>
5804 - (djm) Cleanup NeXT support from Ben Lindstrom <mouring@pconline.com>
Damien Millercf3888d2000-09-30 14:17:52 +11005805 - (djm) Ignore SIGPIPEs from serverloop to child. Fixes crashes with
Damien Miller33804262001-02-04 23:20:18 +11005806 very short lived X connections. Bug report from Tobias Oetiker
Damien Millercf3888d2000-09-30 14:17:52 +11005807 <oetiker@ee.ethz.ch>. Fix from Markus Friedl <markus@cvs.openbsd.org>
Damien Millerb27ef9e2000-09-30 14:29:44 +11005808 - (djm) Add recent InitScripts as a RPM dependancy for openssh-server
5809 patch from Pekka Savola <pekkas@netcore.fi>
Damien Miller7294baa2000-09-30 14:40:39 +11005810 - (djm) Forgot to cvs add LICENSE file
Damien Miller51155a72000-09-30 14:41:38 +11005811 - (djm) Add LICENSE to RPM spec files
Damien Millerd3444942000-09-30 14:20:03 +11005812 - (djm) CVS OpenBSD sync:
5813 - markus@cvs.openbsd.org 2000/09/26 13:59:59
5814 [clientloop.c]
5815 use debug2
5816 - markus@cvs.openbsd.org 2000/09/27 15:41:34
5817 [auth2.c sshconnect2.c]
5818 use key_type()
5819 - markus@cvs.openbsd.org 2000/09/28 12:03:18
5820 [channels.c]
5821 debug -> debug2 cleanup
Damien Miller33804262001-02-04 23:20:18 +11005822 - (djm) Irix strips "/dev/tty" from [uw]tmp entries (other systems only
Damien Miller87f43ff2000-09-30 21:36:54 +11005823 strip "/dev/"). Fix loginrec.c based on patch from Alain St-Denis
5824 <Alain.St-Denis@ec.gc.ca>
Damien Miller33804262001-02-04 23:20:18 +11005825 - (djm) Fix 9 character passphrase failure with gnome-ssh-askpass.
5826 Problem was caused by interrupted read in ssh-add. Report from Donald
Damien Miller87f43ff2000-09-30 21:36:54 +11005827 J. Barry <don@astro.cornell.edu>
Damien Miller190d5a82000-09-30 09:43:19 +11005828
Damien Miller15e7d4b2000-09-29 10:57:35 +1100582920000929
5830 - (djm) Fix SSH2 not terminating until all background tasks done problem.
Damien Miller33804262001-02-04 23:20:18 +11005831 - (djm) Another off-by-one fix from Pavel Kankovsky
5832 <peak@argo.troja.mff.cuni.cz>
Damien Millercb5e44a2000-09-29 12:12:36 +11005833 - (djm) Clean up. Strip some unnecessary differences with OpenBSD's code,
5834 tidy necessary differences. Use Markus' new debugN() in entropy.c
Damien Miller33804262001-02-04 23:20:18 +11005835 - (djm) Merged big SCO portability patch from Tim Rice
Damien Miller78315eb2000-09-29 23:01:36 +11005836 <tim@multitalents.net>
Damien Miller15e7d4b2000-09-29 10:57:35 +11005837
Damien Miller96f0c722000-09-26 12:09:48 +1100583820000926
5839 - (djm) Update X11-askpass to 1.0.2 in RPM spec file
Damien Millere772b682000-09-26 13:10:37 +11005840 - (djm) Define _REENTRANT to pickup strtok_r() on HP/UX
Damien Miller33804262001-02-04 23:20:18 +11005841 - (djm) Security: fix off-by-one buffer overrun in fake-getnameinfo.c.
5842 Report and fix from Pavel Kankovsky <peak@argo.troja.mff.cuni.cz>
Damien Miller96f0c722000-09-26 12:09:48 +11005843
Damien Miller72c9a7e2000-09-24 11:10:13 +1100584420000924
5845 - (djm) Merged cleanup patch from Mark Miller <markm@swoon.net>
5846 - (djm) A bit more cleanup - created cygwin_util.h
Damien Miller80ecfe82000-09-24 11:21:31 +11005847 - (djm) Include strtok_r() from OpenBSD libc. Fixes report from Mark Miller
5848 <markm@swoon.net>
Damien Miller72c9a7e2000-09-24 11:10:13 +11005849
Damien Millerd6f204d2000-09-23 13:57:27 +1100585020000923
Damien Miller33804262001-02-04 23:20:18 +11005851 - (djm) Fix address logging in utmp from Kevin Steves
Damien Millerd6f204d2000-09-23 13:57:27 +11005852 <stevesk@sweden.hp.com>
Damien Miller96002332000-09-23 14:00:09 +11005853 - (djm) Redhat spec and manpage fixes from Pekka Savola <pekkas@netcore.fi>
Damien Miller578783e2000-09-23 14:12:24 +11005854 - (djm) Seperate tests for int64_t and u_int64_t types
Damien Miller33804262001-02-04 23:20:18 +11005855 - (djm) Tweak password expiry checking at suggestion of Kevin Steves
Damien Miller62dd94b2000-09-23 14:26:32 +11005856 <stevesk@sweden.hp.com>
Damien Millerb9c2ce82000-09-23 14:52:50 +11005857 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
Damien Miller33804262001-02-04 23:20:18 +11005858 - (djm) Use printf %lld instead of %qd in sftp-server.c. Fix from
Damien Millerf056e232000-09-23 14:58:32 +11005859 Michael Stone <mstone@cs.loyola.edu>
Damien Miller62cee002000-09-23 17:15:56 +11005860 - (djm) OpenBSD CVS sync:
5861 - markus@cvs.openbsd.org 2000/09/17 09:38:59
5862 [sshconnect2.c sshd.c]
5863 fix DEBUG_KEXDH
5864 - markus@cvs.openbsd.org 2000/09/17 09:52:51
5865 [sshconnect.c]
5866 yes no; ok niels@
5867 - markus@cvs.openbsd.org 2000/09/21 04:55:11
5868 [sshd.8]
5869 typo
5870 - markus@cvs.openbsd.org 2000/09/21 05:03:54
5871 [serverloop.c]
5872 typo
5873 - markus@cvs.openbsd.org 2000/09/21 05:11:42
5874 scp.c
5875 utime() to utimes(); mouring@pconline.com
5876 - markus@cvs.openbsd.org 2000/09/21 05:25:08
5877 sshconnect2.c
5878 change login logic in ssh2, allows plugin of other auth methods
5879 - markus@cvs.openbsd.org 2000/09/21 05:25:35
5880 [auth2.c channels.c channels.h clientloop.c dispatch.c dispatch.h]
5881 [serverloop.c]
5882 add context to dispatch_run
5883 - markus@cvs.openbsd.org 2000/09/21 05:07:52
5884 authfd.c authfd.h ssh-agent.c
5885 bug compat for old ssh.com software
Damien Millerd6f204d2000-09-23 13:57:27 +11005886
Damien Millerf13f75d2000-09-21 21:51:07 +1100588720000920
5888 - (djm) Fix bad path substitution. Report from Andrew Miner
5889 <asminer@cs.iastate.edu>
5890
Damien Millere4340be2000-09-16 13:29:08 +1100589120000916
Damien Miller33804262001-02-04 23:20:18 +11005892 - (djm) Fix SSL search order from Lutz Jaenicke
Damien Millera1b61e12000-09-16 17:02:16 +11005893 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller2efcd3c2000-09-16 16:30:55 +11005894 - (djm) New SuSE spec from Corinna Vinschen <corinna@vinschen.de>
Damien Millerb70b61f2000-09-16 16:25:12 +11005895 - (djm) Update CygWin support from Corinna Vinschen <vinschen@cygnus.com>
Damien Miller52cbcbf2000-09-16 16:21:28 +11005896 - (djm) Use a real struct sockaddr inside the fake struct sockaddr_storage.
5897 Patch from Larry Jones <larry.jones@sdrc.com>
Damien Miller33804262001-02-04 23:20:18 +11005898 - (djm) Add Steve VanDevender's <stevev@darkwing.uoregon.edu> PAM
Damien Miller9d5705a2000-09-16 16:09:27 +11005899 password change patch.
5900 - (djm) Bring licenses on my stuff in line with OpenBSD's
Damien Miller8a1e6a62000-09-16 15:55:52 +11005901 - (djm) Cleanup auth-passwd.c and unify HP/UX authentication. Patch from
5902 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller606f8802000-09-16 15:39:56 +11005903 - (djm) Shadow expiry check fix from Pavel Troller <patrol@omni.sinus.cz>
5904 - (djm) Re-enable int64_t types - we need them for sftp
5905 - (djm) Use libexecdir from configure , rather than libexecdir/ssh
5906 - (djm) Update Redhat SPEC file accordingly
5907 - (djm) Add Kevin Steves <stevesk@sweden.hp.com> HP/UX contrib files
5908 - (djm) Add Charles Levert <charles@comm.polymtl.ca> getpgrp patch
Damien Miller33804262001-02-04 23:20:18 +11005909 - (djm) Fix password auth on HP/UX 10.20. Patch from Dirk De Wachter
Damien Miller606f8802000-09-16 15:39:56 +11005910 <Dirk.DeWachter@rug.ac.be>
Damien Miller33804262001-02-04 23:20:18 +11005911 - (djm) Fixprogs and entropy list fixes from Larry Jones
Damien Miller606f8802000-09-16 15:39:56 +11005912 <larry.jones@sdrc.com>
5913 - (djm) Fix for SuSE spec file from Takashi YOSHIDA
5914 <tyoshida@gemini.rc.kyushu-u.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11005915 - (djm) Merge OpenBSD changes:
5916 - markus@cvs.openbsd.org 2000/09/05 02:59:57
5917 [session.c]
5918 print hostname (not hushlogin)
5919 - markus@cvs.openbsd.org 2000/09/05 13:18:48
5920 [authfile.c ssh-add.c]
5921 enable ssh-add -d for DSA keys
5922 - markus@cvs.openbsd.org 2000/09/05 13:20:49
5923 [sftp-server.c]
5924 cleanup
5925 - markus@cvs.openbsd.org 2000/09/06 03:46:41
5926 [authfile.h]
5927 prototype
5928 - deraadt@cvs.openbsd.org 2000/09/07 14:27:56
5929 [ALL]
Damien Miller33804262001-02-04 23:20:18 +11005930 cleanup copyright notices on all files. I have attempted to be
5931 accurate with the details. everything is now under Tatu's licence
5932 (which I copied from his readme), and/or the core-sdi bsd-ish thing
5933 for deattack, or various openbsd developers under a 2-term bsd
Damien Millere4340be2000-09-16 13:29:08 +11005934 licence. We're not changing any rules, just being accurate.
5935 - markus@cvs.openbsd.org 2000/09/07 14:40:30
5936 [channels.c channels.h clientloop.c serverloop.c ssh.c]
5937 cleanup window and packet sizes for ssh2 flow control; ok niels
5938 - markus@cvs.openbsd.org 2000/09/07 14:53:00
5939 [scp.c]
5940 typo
5941 - markus@cvs.openbsd.org 2000/09/07 15:13:37
5942 [auth-options.c auth-options.h auth-rh-rsa.c auth-rsa.c auth.c]
5943 [authfile.h canohost.c channels.h compat.c hostfile.h log.c match.h]
5944 [pty.c readconf.c]
5945 some more Copyright fixes
5946 - markus@cvs.openbsd.org 2000/09/08 03:02:51
5947 [README.openssh2]
5948 bye bye
5949 - deraadt@cvs.openbsd.org 2000/09/11 18:38:33
5950 [LICENCE cipher.c]
5951 a few more comments about it being ARC4 not RC4
5952 - markus@cvs.openbsd.org 2000/09/12 14:53:11
5953 [log-client.c log-server.c log.c ssh.1 ssh.c ssh.h sshd.8 sshd.c]
5954 multiple debug levels
5955 - markus@cvs.openbsd.org 2000/09/14 14:25:15
5956 [clientloop.c]
5957 typo
5958 - deraadt@cvs.openbsd.org 2000/09/15 01:13:51
5959 [ssh-agent.c]
5960 check return value for setenv(3) for failure, and deal appropriately
5961
Damien Millerf384c362000-09-13 10:43:26 +1100596220000913
5963 - (djm) Fix server not exiting with jobs in background.
5964
Damien Miller7b28dc52000-09-05 13:34:53 +1100596520000905
5966 - (djm) Import OpenBSD CVS changes
5967 - markus@cvs.openbsd.org 2000/08/31 15:52:24
5968 [Makefile sshd.8 sshd_config sftp-server.8 sftp-server.c]
5969 implement a SFTP server. interops with sftp2, scp2 and the windows
5970 client from ssh.com
5971 - markus@cvs.openbsd.org 2000/08/31 15:56:03
5972 [README.openssh2]
5973 sync
5974 - markus@cvs.openbsd.org 2000/08/31 16:05:42
5975 [session.c]
5976 Wall
5977 - markus@cvs.openbsd.org 2000/08/31 16:09:34
5978 [authfd.c ssh-agent.c]
5979 add a flag to SSH2_AGENTC_SIGN_REQUEST for future extensions
5980 - deraadt@cvs.openbsd.org 2000/09/01 09:25:13
5981 [scp.1 scp.c]
5982 cleanup and fix -S support; stevesk@sweden.hp.com
5983 - markus@cvs.openbsd.org 2000/09/01 16:29:32
5984 [sftp-server.c]
5985 portability fixes
5986 - markus@cvs.openbsd.org 2000/09/01 16:32:41
5987 [sftp-server.c]
5988 fix cast; mouring@pconline.com
5989 - itojun@cvs.openbsd.org 2000/09/03 09:23:28
5990 [ssh-add.1 ssh.1]
5991 add missing .El against .Bl.
5992 - markus@cvs.openbsd.org 2000/09/04 13:03:41
5993 [session.c]
5994 missing close; ok theo
5995 - markus@cvs.openbsd.org 2000/09/04 13:07:21
5996 [session.c]
5997 fix get_last_login_time order; from andre@van-veen.de
5998 - markus@cvs.openbsd.org 2000/09/04 13:10:09
5999 [sftp-server.c]
6000 more cast fixes; from mouring@pconline.com
6001 - markus@cvs.openbsd.org 2000/09/04 13:06:04
6002 [session.c]
6003 set SSH_ORIGINAL_COMMAND; from Leakin@dfw.nostrum.com, bet@rahul.net
6004 - (djm) Cleanup after import. Fix sftp-server compilation, Makefile
Damien Millerbac2d8a2000-09-05 16:13:06 +11006005 - (djm) Merge cygwin support from Corinna Vinschen <vinschen@cygnus.com>
6006
Damien Miller123cbe82000-09-03 19:14:58 +1100600720000903
6008 - (djm) Fix Redhat init script
6009
Damien Miller50f14f82000-09-01 14:14:37 +1100601020000901
6011 - (djm) Pick up Jim's new X11-askpass
6012 - (djm) Release 2.2.0p1
6013
Damien Miller238a9fa2000-08-31 09:20:05 +1100601420000831
Damien Millere4340be2000-09-16 13:29:08 +11006015 - (djm) Workaround SIGPIPE problems on SCO. Fix from Aran Cox
Damien Miller238a9fa2000-08-31 09:20:05 +11006016 <acox@cv.telegroup.com>
Damien Millerb5c42d92000-08-31 11:13:10 +11006017 - (djm) Pick up new version (2.2.0) from OpenBSD CVS
Damien Miller238a9fa2000-08-31 09:20:05 +11006018
Damien Miller87d29ed2000-08-30 09:21:22 +1100601920000830
6020 - (djm) Compile warning fixes from Mark Miller <markm@swoon.net>
Damien Millerc30d35c2000-08-30 09:40:09 +11006021 - (djm) Periodically rekey arc4random
6022 - (djm) Clean up diff against OpenBSD.
Damien Millere4340be2000-09-16 13:29:08 +11006023 - (djm) HPUX 11 needs USE_PIPES as well: Kevin Steves
Damien Miller5552d7a2000-08-30 09:53:24 +11006024 <stevesk@sweden.hp.com>
Damien Miller7cfaaf22000-08-30 09:57:49 +11006025 - (djm) Quieten the pam delete credentials error message
Damien Miller9a947342000-08-30 10:03:33 +11006026 - (djm) Fix printing of $DISPLAY hack if set by system type. Report from
6027 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller77aba9d2000-08-30 10:11:30 +11006028 - (djm) NeXT patch from Ben Lindstrom <mouring@pconline.com>
Damien Miller250ee8b2000-08-30 14:06:35 +11006029 - (djm) Fix doh in bsd-arc4random.c
Damien Miller87d29ed2000-08-30 09:21:22 +11006030
Damien Miller4e0f5e12000-08-29 11:05:50 +1100603120000829
Damien Millere4340be2000-09-16 13:29:08 +11006032 - (djm) Fix ^C ignored issue on Solaris. Diagnosis from Gert
6033 Doering <gert@greenie.muc.de>, John Horne <J.Horne@plymouth.ac.uk> and
Damien Miller4e0f5e12000-08-29 11:05:50 +11006034 Garrick James <garrick@james.net>
Damien Miller6d8c11f2000-08-29 11:52:38 +11006035 - (djm) Check for SCO pty naming style (ptyp%d/ttyp%d). Based on fix from
6036 Bastian Trompetter <btrompetter@firemail.de>
Damien Millere5192fa2000-08-29 14:30:37 +11006037 - (djm) NeXT tweaks from Ben Lindstrom <mouring@pconline.com>
Damien Millercaf6dd62000-08-29 11:33:50 +11006038 - More OpenBSD updates:
6039 - deraadt@cvs.openbsd.org 2000/08/24 15:46:59
6040 [scp.c]
6041 off_t in sink, to fix files > 2GB, i think, test is still running ;-)
6042 - deraadt@cvs.openbsd.org 2000/08/25 10:10:06
6043 [session.c]
6044 Wall
6045 - markus@cvs.openbsd.org 2000/08/26 04:33:43
6046 [compat.c]
6047 ssh.com-2.3.0
6048 - markus@cvs.openbsd.org 2000/08/27 12:18:05
6049 [compat.c]
6050 compatibility with future ssh.com versions
6051 - deraadt@cvs.openbsd.org 2000/08/27 21:50:55
6052 [auth-krb4.c session.c ssh-add.c sshconnect.c uidswap.c]
6053 print uid/gid as unsigned
6054 - markus@cvs.openbsd.org 2000/08/28 13:51:00
6055 [ssh.c]
6056 enable -n and -f for ssh2
6057 - markus@cvs.openbsd.org 2000/08/28 14:19:53
6058 [ssh.c]
6059 allow combination of -N and -f
6060 - markus@cvs.openbsd.org 2000/08/28 14:20:56
6061 [util.c]
6062 util.c
6063 - markus@cvs.openbsd.org 2000/08/28 14:22:02
6064 [util.c]
6065 undo
6066 - markus@cvs.openbsd.org 2000/08/28 14:23:38
6067 [util.c]
6068 don't complain if setting NONBLOCK fails with ENODEV
Damien Miller4e0f5e12000-08-29 11:05:50 +11006069
Damien Millerb0785672000-08-23 09:10:39 +1000607020000823
6071 - (djm) Define USE_PIPES to avoid socketpair problems on HPUX 10 and SunOS 4
Damien Millere4340be2000-09-16 13:29:08 +11006072 Avoids "scp never exits" problem. Reports from Lutz Jaenicke
6073 <Lutz.Jaenicke@aet.TU-Cottbus.DE> and Tamito KAJIYAMA
Damien Millerb0785672000-08-23 09:10:39 +10006074 <kajiyama@grad.sccs.chukyo-u.ac.jp>
Damien Millerad833b32000-08-23 10:46:23 +10006075 - (djm) Pick up LOGIN_PROGRAM from environment or PATH if not set by headers
Damien Miller37e7f182000-08-23 10:52:50 +10006076 - (djm) Add local version to version.h
Damien Millerf3df0522000-08-23 15:31:41 +10006077 - (djm) Don't reseed arc4random everytime it is used
Damien Millerad833b32000-08-23 10:46:23 +10006078 - (djm) OpenBSD CVS updates:
6079 - deraadt@cvs.openbsd.org 2000/08/18 20:07:23
6080 [ssh.c]
6081 accept remsh as a valid name as well; roman@buildpoint.com
6082 - deraadt@cvs.openbsd.org 2000/08/18 20:17:13
6083 [deattack.c crc32.c packet.c]
6084 rename crc32() to ssh_crc32() to avoid zlib name clash. do not move to
6085 libz crc32 function yet, because it has ugly "long"'s in it;
6086 oneill@cs.sfu.ca
6087 - deraadt@cvs.openbsd.org 2000/08/18 20:26:08
6088 [scp.1 scp.c]
6089 -S prog support; tv@debian.org
6090 - deraadt@cvs.openbsd.org 2000/08/18 20:50:07
6091 [scp.c]
6092 knf
6093 - deraadt@cvs.openbsd.org 2000/08/18 20:57:33
6094 [log-client.c]
6095 shorten
6096 - markus@cvs.openbsd.org 2000/08/19 12:48:11
6097 [channels.c channels.h clientloop.c ssh.c ssh.h]
6098 support for ~. in ssh2
6099 - deraadt@cvs.openbsd.org 2000/08/19 15:29:40
6100 [crc32.h]
6101 proper prototype
6102 - markus@cvs.openbsd.org 2000/08/19 15:34:44
Damien Millere4340be2000-09-16 13:29:08 +11006103 [authfd.c authfd.h key.c key.h ssh-add.1 ssh-add.c ssh-agent.1]
6104 [ssh-agent.c ssh-keygen.c sshconnect1.c sshconnect2.c Makefile]
Damien Millerad833b32000-08-23 10:46:23 +10006105 [fingerprint.c fingerprint.h]
6106 add SSH2/DSA support to the agent and some other DSA related cleanups.
6107 (note that we cannot talk to ssh.com's ssh2 agents)
6108 - markus@cvs.openbsd.org 2000/08/19 15:55:52
6109 [channels.c channels.h clientloop.c]
6110 more ~ support for ssh2
6111 - markus@cvs.openbsd.org 2000/08/19 16:21:19
6112 [clientloop.c]
6113 oops
6114 - millert@cvs.openbsd.org 2000/08/20 12:25:53
6115 [session.c]
6116 We have to stash the result of get_remote_name_or_ip() before we
6117 close our socket or getpeername() will get EBADF and the process
6118 will exit. Only a problem for "UseLogin yes".
6119 - millert@cvs.openbsd.org 2000/08/20 12:30:59
6120 [session.c]
6121 Only check /etc/nologin if "UseLogin no" since login(1) may have its
6122 own policy on determining who is allowed to login when /etc/nologin
6123 is present. Also use the _PATH_NOLOGIN define.
6124 - millert@cvs.openbsd.org 2000/08/20 12:42:43
6125 [auth1.c auth2.c session.c ssh.c]
6126 Add calls to setusercontext() and login_get*(). We basically call
6127 setusercontext() in most places where previously we did a setlogin().
6128 Add default login.conf file and put root in the "daemon" login class.
6129 - millert@cvs.openbsd.org 2000/08/21 10:23:31
6130 [session.c]
6131 Fix incorrect PATH setting; noted by Markus.
Damien Millerb0785672000-08-23 09:10:39 +10006132
Damien Miller942da032000-08-18 13:59:06 +1000613320000818
6134 - (djm) OpenBSD CVS changes:
6135 - markus@cvs.openbsd.org 2000/07/22 03:14:37
6136 [servconf.c servconf.h sshd.8 sshd.c sshd_config]
6137 random early drop; ok theo, niels
6138 - deraadt@cvs.openbsd.org 2000/07/26 11:46:51
6139 [ssh.1]
6140 typo
6141 - deraadt@cvs.openbsd.org 2000/08/01 11:46:11
6142 [sshd.8]
6143 many fixes from pepper@mail.reppep.com
6144 - provos@cvs.openbsd.org 2000/08/01 13:01:42
6145 [Makefile.in util.c aux.c]
6146 rename aux.c to util.c to help with cygwin port
6147 - deraadt@cvs.openbsd.org 2000/08/02 00:23:31
6148 [authfd.c]
6149 correct sun_len; Alexander@Leidinger.net
6150 - provos@cvs.openbsd.org 2000/08/02 10:27:17
6151 [readconf.c sshd.8]
6152 disable kerberos authentication by default
6153 - provos@cvs.openbsd.org 2000/08/02 11:27:05
6154 [sshd.8 readconf.c auth-krb4.c]
6155 disallow kerberos authentication if we can't verify the TGT; from
6156 dugsong@
6157 kerberos authentication is on by default only if you have a srvtab.
6158 - markus@cvs.openbsd.org 2000/08/04 14:30:07
6159 [auth.c]
6160 unused
6161 - markus@cvs.openbsd.org 2000/08/04 14:30:35
6162 [sshd_config]
6163 MaxStartups
6164 - markus@cvs.openbsd.org 2000/08/15 13:20:46
6165 [authfd.c]
6166 cleanup; ok niels@
6167 - markus@cvs.openbsd.org 2000/08/17 14:05:10
6168 [session.c]
6169 cleanup login(1)-like jobs, no duplicate utmp entries
6170 - markus@cvs.openbsd.org 2000/08/17 14:06:34
6171 [session.c sshd.8 sshd.c]
6172 sshd -u len, similar to telnetd
Damien Millerc1132e72000-08-18 14:08:38 +10006173 - (djm) Lastlog was not getting closed after writing login entry
Damien Millera7f58292000-08-18 14:43:41 +10006174 - (djm) Add Solaris package support from Rip Loomis <loomisg@cist.saic.com>
Damien Miller942da032000-08-18 13:59:06 +10006175
Damien Miller11fa2cc2000-08-16 10:35:58 +1000617620000816
6177 - (djm) Replacement for inet_ntoa for Irix (which breaks on gcc)
Damien Millere4340be2000-09-16 13:29:08 +11006178 - (djm) Fix strerror replacement for old SunOS. Based on patch from
Damien Miller11fa2cc2000-08-16 10:35:58 +10006179 Charles Levert <charles@comm.polymtl.ca>
Damien Millere4340be2000-09-16 13:29:08 +11006180 - (djm) Seperate arc4random into seperate file and use OpenSSL's RC4
Damien Miller11fa2cc2000-08-16 10:35:58 +10006181 implementation.
Damien Miller3241fa12000-08-18 14:59:59 +10006182 - (djm) SUN_LEN macro for systems which lack it
Damien Miller11fa2cc2000-08-16 10:35:58 +10006183
Damien Miller348c9b72000-08-15 10:01:22 +1000618420000815
6185 - (djm) More SunOS 4.1.x fixes from Nate Itkin <nitkin@europa.com>
Damien Millerc83aa832000-08-15 10:08:00 +10006186 - (djm) Avoid failures on Irix when ssh is not setuid. Fix from
6187 Michael Stone <mstone@cs.loyola.edu>
Damien Millere477ef62000-08-15 10:21:17 +10006188 - (djm) Don't seek in directory based lastlogs
Damien Millere4340be2000-09-16 13:29:08 +11006189 - (djm) Fix --with-ipaddr-display configure option test. Patch from
Damien Millere477ef62000-08-15 10:21:17 +10006190 Jarno Huuskonen <jhuuskon@messi.uku.fi>
Damien Miller0da2eaa2000-08-15 11:32:59 +10006191 - (djm) Fix AIX limits from Alexandre Oliva <oliva@lsd.ic.unicamp.br>
Damien Miller348c9b72000-08-15 10:01:22 +10006192
Damien Milleref7ed5e2000-08-13 10:31:12 +1000619320000813
6194 - (djm) Add $(srcdir) to includes when compiling (for VPATH). Report from
6195 Fabrice bacchella <fabrice.bacchella@marchfirst.fr>
6196
Damien Millerd17b8d52000-08-09 14:42:28 +1000619720000809
Damien Millere4340be2000-09-16 13:29:08 +11006198 - (djm) Define AIX hard limits if headers don't. Report from
Damien Millerd17b8d52000-08-09 14:42:28 +10006199 Bill Painter <william.t.painter@lmco.com>
Damien Millere4340be2000-09-16 13:29:08 +11006200 - (djm) utmp direct write & SunOS 4 patch from Charles Levert
Damien Miller36ccb5c2000-08-09 16:34:27 +10006201 <charles@comm.polymtl.ca>
Damien Millerd17b8d52000-08-09 14:42:28 +10006202
Damien Millerab8d1922000-08-08 16:53:28 +1000620320000808
6204 - (djm) Cleanup Redhat RPMs. Generate keys at runtime rather than install
6205 time, spec file cleanup.
6206
Damien Miller729e1f12000-08-07 15:39:13 +1000620720000807
Damien Miller52652f52000-08-07 15:54:39 +10006208 - (djm) Set 0755 on binaries during install. Report from Lutz Jaenicke
Damien Miller0f091bd2000-08-07 15:47:48 +10006209 - (djm) Suppress error messages on channel close shutdown() failurs
6210 works around Linux bug. Patch from Zack Weinberg <zack@wolery.cumb.org>
Damien Miller52652f52000-08-07 15:54:39 +10006211 - (djm) Add some more entropy collection commands from Lutz Jaenicke
Damien Miller729e1f12000-08-07 15:39:13 +10006212
Damien Miller7b60a172000-07-25 09:04:37 +1000621320000725
6214 - (djm) Fix autoconf typo: HAVE_BINRESVPORT_AF -> HAVE_BINDRESVPORT_AF
6215
Damien Miller994cf142000-07-21 10:19:44 +1000621620000721
6217 - (djm) OpenBSD CVS updates:
6218 - markus@cvs.openbsd.org 2000/07/16 02:27:22
6219 [authfd.c authfd.h channels.c clientloop.c ssh-add.c ssh-agent.c ssh.c]
6220 [sshconnect1.c sshconnect2.c]
6221 make ssh-add accept dsa keys (the agent does not)
6222 - djm@cvs.openbsd.org 2000/07/17 19:25:02
6223 [sshd.c]
6224 Another closing of stdin; ok deraadt
6225 - markus@cvs.openbsd.org 2000/07/19 18:33:12
6226 [dsa.c]
6227 missing free, reorder
6228 - markus@cvs.openbsd.org 2000/07/20 16:23:14
6229 [ssh-keygen.1]
6230 document input and output files
6231
Damien Miller9dec7762000-07-20 10:00:59 +1000623220000720
Damien Miller994cf142000-07-21 10:19:44 +10006233 - (djm) Spec file fix from Petr Novotny <Petr.Novotny@antek.cz>
Damien Miller9dec7762000-07-20 10:00:59 +10006234
Damien Millera8dbd9d2000-07-16 13:25:00 +1000623520000716
Damien Miller994cf142000-07-21 10:19:44 +10006236 - (djm) Release 2.1.1p4
Damien Millera8dbd9d2000-07-16 13:25:00 +10006237
Damien Millerecbb26d2000-07-15 14:59:14 +1000623820000715
Damien Millerbe484b52000-07-15 14:14:16 +10006239 - (djm) OpenBSD CVS updates
6240 - provos@cvs.openbsd.org 2000/07/13 16:53:22
6241 [aux.c readconf.c servconf.c ssh.h]
6242 allow multiple whitespace but only one '=' between tokens, bug report from
6243 Ralf S. Engelschall <rse@engelschall.com> but different fix. okay deraadt@
6244 - provos@cvs.openbsd.org 2000/07/13 17:14:09
6245 [clientloop.c]
6246 typo; todd@fries.net
6247 - provos@cvs.openbsd.org 2000/07/13 17:19:31
6248 [scp.c]
6249 close can fail on AFS, report error; from Greg Hudson <ghudson@mit.edu>
6250 - markus@cvs.openbsd.org 2000/07/14 16:59:46
6251 [readconf.c servconf.c]
6252 allow leading whitespace. ok niels
6253 - djm@cvs.openbsd.org 2000/07/14 22:01:38
6254 [ssh-keygen.c ssh.c]
6255 Always create ~/.ssh with mode 700; ok Markus
Damien Millerecbb26d2000-07-15 14:59:14 +10006256 - Fixes for SunOS 4.1.4 from Gordon Atwood <gordon@cs.ualberta.ca>
6257 - Include floatingpoint.h for entropy.c
6258 - strerror replacement
Damien Millerbe484b52000-07-15 14:14:16 +10006259
Damien Miller182ee6e2000-07-12 09:45:27 +1000626020000712
Damien Miller5de43db2000-07-12 11:12:55 +10006261 - (djm) Remove -lresolve for Reliant Unix
Damien Miller182ee6e2000-07-12 09:45:27 +10006262 - (djm) OpenBSD CVS Updates:
6263 - deraadt@cvs.openbsd.org 2000/07/11 02:11:34
6264 [session.c sshd.c ]
6265 make MaxStartups code still work with -d; djm
6266 - deraadt@cvs.openbsd.org 2000/07/11 13:17:45
6267 [readconf.c ssh_config]
6268 disable FallBackToRsh by default
Damien Miller5de43db2000-07-12 11:12:55 +10006269 - (djm) Replace in_addr_t with u_int32_t in bsd-inet_aton.c. Report from
6270 Ben Lindstrom <mouring@pconline.com>
Damien Miller5a119bc2000-07-12 14:34:11 +10006271 - (djm) Make building of X11-Askpass and GNOME-Askpass optional in RPM
6272 spec file.
Damien Miller2e7ba692000-07-12 21:10:23 +10006273 - (djm) Released 2.1.1p3
Damien Miller182ee6e2000-07-12 09:45:27 +10006274
Damien Miller65964d62000-07-11 09:16:22 +1000627520000711
6276 - (djm) Fixup for AIX getuserattr() support from Tom Bertelson
6277 <tbert@abac.com>
Damien Miller2ae714f2000-07-11 09:29:50 +10006278 - (djm) ReliantUNIX support from Udo Schweigert <ust@cert.siemens.de>
Damien Millere4340be2000-09-16 13:29:08 +11006279 - (djm) NeXT: dirent structures to get scp working from Ben Lindstrom
Damien Miller99bca602000-07-11 12:02:36 +10006280 <mouring@pconline.com>
Damien Millere4340be2000-09-16 13:29:08 +11006281 - (djm) Fix broken inet_ntoa check and ut_user/ut_name confusion, report
Damien Miller7a0e5dc2000-07-11 12:15:54 +10006282 from Jim Watt <jimw@peisj.pebio.com>
Damien Miller168e6ac2000-07-11 12:23:01 +10006283 - (djm) Replaced bsd-snprintf.c with one from Mutt source tree, it is known
6284 to compile on more platforms (incl NeXT).
Damien Miller3b9734c2000-07-11 14:54:22 +10006285 - (djm) Added bsd-inet_aton and configure support for NeXT
Damien Millerbc33bd42000-07-11 14:59:08 +10006286 - (djm) Misc NeXT fixes from Ben Lindstrom <mouring@pconline.com>
Damien Miller37023962000-07-11 17:31:38 +10006287 - (djm) OpenBSD CVS updates:
6288 - markus@cvs.openbsd.org 2000/06/26 03:22:29
6289 [authfd.c]
6290 cleanup, less cut&paste
6291 - markus@cvs.openbsd.org 2000/06/26 15:59:19
6292 [servconf.c servconf.h session.c sshd.8 sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11006293 MaxStartups: limit number of unauthenticated connections, work by
Damien Miller37023962000-07-11 17:31:38 +10006294 theo and me
6295 - deraadt@cvs.openbsd.org 2000/07/05 14:18:07
6296 [session.c]
6297 use no_x11_forwarding_flag correctly; provos ok
6298 - provos@cvs.openbsd.org 2000/07/05 15:35:57
6299 [sshd.c]
6300 typo
6301 - aaron@cvs.openbsd.org 2000/07/05 22:06:58
6302 [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8]
Damien Millere4340be2000-09-16 13:29:08 +11006303 Insert more missing .El directives. Our troff really should identify
Damien Miller37023962000-07-11 17:31:38 +10006304 these and spit out a warning.
6305 - todd@cvs.openbsd.org 2000/07/06 21:55:04
6306 [auth-rsa.c auth2.c ssh-keygen.c]
6307 clean code is good code
6308 - deraadt@cvs.openbsd.org 2000/07/07 02:14:29
6309 [serverloop.c]
6310 sense of port forwarding flag test was backwards
6311 - provos@cvs.openbsd.org 2000/07/08 17:17:31
6312 [compat.c readconf.c]
6313 replace strtok with strsep; from David Young <dyoung@onthejob.net>
6314 - deraadt@cvs.openbsd.org 2000/07/08 19:21:15
6315 [auth.h]
6316 KNF
6317 - ho@cvs.openbsd.org 2000/07/08 19:27:33
6318 [compat.c readconf.c]
6319 Better conditions for strsep() ending.
6320 - ho@cvs.openbsd.org 2000/07/10 10:27:05
6321 [readconf.c]
6322 Get the correct message on errors. (niels@ ok)
6323 - ho@cvs.openbsd.org 2000/07/10 10:30:25
6324 [cipher.c kex.c servconf.c]
6325 strtok() --> strsep(). (niels@ ok)
Damien Miller4d97ba22000-07-11 18:15:50 +10006326 - (djm) Fix problem with debug mode and MaxStartups
Damien Miller54ba4692000-07-11 18:39:20 +10006327 - (djm) Don't generate host keys when $(DESTDIR) is set (e.g. during RPM
6328 builds)
Damien Miller3077fb92000-07-11 21:34:34 +10006329 - (djm) Add strsep function from OpenBSD libc for systems that lack it
Damien Miller65964d62000-07-11 09:16:22 +10006330
Damien Miller4e997202000-07-09 21:21:52 +1000633120000709
6332 - (djm) Only enable PAM_TTY kludge for Linux. Problem report from
6333 Kevin Steves <stevesk@sweden.hp.com>
Damien Miller8148fa32000-07-09 21:23:52 +10006334 - (djm) Match prototype and function declaration for rresvport_af.
6335 Problem report from Niklas Edmundsson <nikke@ing.umu.se>
Damien Millere4340be2000-09-16 13:29:08 +11006336 - (djm) Missing $(DESTDIR) on host-key target causing problems with RPM
Damien Miller01006272000-07-09 21:29:37 +10006337 builds. Problem report from Gregory Leblanc <GLeblanc@cu-portland.edu>
Damien Millerb38ea862000-07-09 21:37:49 +10006338 - (djm) Replace ut_name with ut_user. Patch from Jim Watt
6339 <jimw@peisj.pebio.com>
Damien Millerf9b625c2000-07-09 22:42:32 +10006340 - (djm) Fix pam sprintf fix
6341 - (djm) Cleanup entropy collection code a little more. Split initialisation
6342 from seeding, perform intialisation immediatly at start, be careful with
6343 uids. Based on problem report from Jim Watt <jimw@peisj.pebio.com>
Damien Miller31abc9a2000-07-09 23:26:27 +10006344 - (djm) More NeXT compatibility from Ben Lindstrom <mouring@pconline.com>
6345 Including sigaction() et al. replacements
Damien Millere4340be2000-09-16 13:29:08 +11006346 - (djm) AIX getuserattr() session initialisation from Tom Bertelson
Damien Miller39c0a1c2000-07-09 23:55:08 +10006347 <tbert@abac.com>
Damien Miller4e997202000-07-09 21:21:52 +10006348
Damien Millerce40c702000-07-08 10:14:08 +1000634920000708
Damien Millere4340be2000-09-16 13:29:08 +11006350 - (djm) Fix bad fprintf format handling in auth-pam.c. Patch from
Damien Millerce40c702000-07-08 10:14:08 +10006351 Aaron Hopkins <aaron@die.net>
Damien Miller90dcc052000-07-08 10:17:40 +10006352 - (djm) Fix incorrect configure handling of --with-rsh-path option. Fix from
6353 Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Millere4340be2000-09-16 13:29:08 +11006354 - (djm) Fixed undefined variables for OSF SIA. Report from
Damien Millerfe668e42000-07-08 10:44:13 +10006355 Baars, Henk <Hendrik.Baars@nl.origin-it.com>
Damien Millere4340be2000-09-16 13:29:08 +11006356 - (djm) Handle EWOULDBLOCK returns from read() and write() in atomicio.c
Damien Millerf2fdbe52000-07-08 10:57:08 +10006357 Fix from Marquess, Steve Mr JMLFDC <Steve.Marquess@DET.AMEDD.ARMY.MIL>
Damien Millere4340be2000-09-16 13:29:08 +11006358 - (djm) Don't use inet_addr.
Damien Millerce40c702000-07-08 10:14:08 +10006359
Damien Miller9b6d4ab2000-07-02 08:43:18 +1000636020000702
6361 - (djm) Fix brace mismatch from Corinna Vinschen <vinschen@cygnus.com>
Damien Millerc7088432000-07-02 18:44:54 +10006362 - (djm) Stop shadow expiry checking from preventing logins with NIS. Based
6363 on fix from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Miller484118e2000-07-02 19:13:56 +10006364 - (djm) Use standard OpenSSL functions in auth-skey.c. Patch from
6365 Chris, the Young One <cky@pobox.com>
Damien Millere4340be2000-09-16 13:29:08 +11006366 - (djm) Fix scp progress meter on really wide terminals. Based on patch
Damien Miller0809a0a2000-07-02 19:33:54 +10006367 from James H. Cloos Jr. <cloos@jhcloos.com>
Damien Miller9b6d4ab2000-07-02 08:43:18 +10006368
Damien Millerd8cfda62000-07-01 12:56:09 +1000636920000701
6370 - (djm) Fix Tru64 SIA problems reported by John P Speno <speno@isc.upenn.edu>
Damien Miller8e81ed32000-07-01 13:17:42 +10006371 - (djm) Login fixes from Tom Bertelson <tbert@abac.com>
Damien Miller28adeef2000-07-01 13:29:26 +10006372 - (djm) Replace "/bin/sh" with _PATH_BSHELL. Report from Corinna Vinschen
6373 <vinschen@cygnus.com>
Damien Miller7b413d22000-07-01 13:24:21 +10006374 - (djm) Replace "/usr/bin/login" with LOGIN_PROGRAM
Damien Millercb170cb2000-07-01 16:52:55 +10006375 - (djm) Added check for broken snprintf() functions which do not correctly
6376 terminate output string and attempt to use replacement.
Damien Millerc9270992000-07-01 19:42:32 +10006377 - (djm) Released 2.1.1p2
Damien Millerd8cfda62000-07-01 12:56:09 +10006378
Damien Miller53c5d462000-06-28 00:50:50 +1000637920000628
6380 - (djm) Fixes to lastlog code for Irix
6381 - (djm) Use atomicio in loginrec
Damien Miller91606b12000-06-28 08:22:29 +10006382 - (djm) Patch from Michael Stone <mstone@cs.loyola.edu> to add support for
6383 Irix 6.x array sessions, project id's, and system audit trail id.
Damien Miller262ff172000-06-28 08:24:49 +10006384 - (djm) Added 'distprep' make target to simplify packaging
Damien Millere4340be2000-09-16 13:29:08 +11006385 - (djm) Added patch from Chris Adams <cmadams@hiwaay.net> to add OSF SIA
Damien Millerb8c656e2000-06-28 15:22:41 +10006386 support. Enable using "USE_SIA=1 ./configure [options]"
Damien Miller33804262001-02-04 23:20:18 +11006387
Damien Millerf8af08d2000-06-27 09:40:06 +1000638820000627
6389 - (djm) Fixes to login code - not setting li->uid, cleanups
Damien Millerdd47aa22000-06-27 11:18:27 +10006390 - (djm) Formatting
Damien Millerf8af08d2000-06-27 09:40:06 +10006391
Damien Miller8dd33fd2000-06-26 10:20:19 +1000639220000626
Damien Millerc0fd17f2000-06-26 10:22:53 +10006393 - (djm) Better fix to aclocal tests from Garrick James <garrick@james.net>
Damien Miller1f335fb2000-06-26 11:31:33 +10006394 - (djm) Account expiry support from Andreas Steinmetz <ast@domdv.de>
6395 - (djm) Added password expiry checking (no password change support)
Damien Miller64681252000-06-26 13:01:33 +10006396 - (djm) Make EGD failures non-fatal if OpenSSL's entropy pool is still OK
6397 based on patch from Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller08006472000-06-26 13:55:31 +10006398 - (djm) Fix fixed EGD code.
Damien Millerc0fd17f2000-06-26 10:22:53 +10006399 - OpenBSD CVS update
6400 - provos@cvs.openbsd.org 2000/06/25 14:17:58
6401 [channels.c]
6402 correct check for bad channel ids; from Wei Dai <weidai@eskimo.com>
6403
Damien Millerb54b40e2000-06-23 08:23:34 +1000640420000623
Damien Millere4340be2000-09-16 13:29:08 +11006405 - (djm) Use sa_family_t in prototype for rresvport_af. Patch from
Damien Millerb54b40e2000-06-23 08:23:34 +10006406 Svante Signell <svante.signell@telia.com>
6407 - (djm) Autoconf logic to define sa_family_t if it is missing
Damien Millerbf7f4662000-06-23 10:16:38 +10006408 - OpenBSD CVS Updates:
6409 - markus@cvs.openbsd.org 2000/06/22 10:32:27
6410 [sshd.c]
6411 missing atomicio; report from Steve.Marquess@DET.AMEDD.ARMY.MIL
6412 - djm@cvs.openbsd.org 2000/06/22 17:55:00
6413 [auth-krb4.c key.c radix.c uuencode.c]
6414 Missing CVS idents; ok markus
Damien Millerb54b40e2000-06-23 08:23:34 +10006415
Damien Miller099f5052000-06-22 20:57:11 +1000641620000622
6417 - (djm) Automatically generate host key during "make install". Suggested
6418 by Gary E. Miller <gem@rellim.com>
6419 - (djm) Paranoia before kill() system call
Damien Miller6536c7d2000-06-22 21:32:31 +10006420 - OpenBSD CVS Updates:
6421 - markus@cvs.openbsd.org 2000/06/18 18:50:11
6422 [auth2.c compat.c compat.h sshconnect2.c]
6423 make userauth+pubkey interop with ssh.com-2.2.0
6424 - markus@cvs.openbsd.org 2000/06/18 20:56:17
6425 [dsa.c]
6426 mem leak + be more paranoid in dsa_verify.
6427 - markus@cvs.openbsd.org 2000/06/18 21:29:50
6428 [key.c]
6429 cleanup fingerprinting, less hardcoded sizes
6430 - markus@cvs.openbsd.org 2000/06/19 19:39:45
6431 [atomicio.c auth-options.c auth-passwd.c auth-rh-rsa.c auth-rhosts.c]
6432 [auth-rsa.c auth-skey.c authfd.c authfd.h authfile.c bufaux.c bufaux.h]
Damien Millere4340be2000-09-16 13:29:08 +11006433 [buffer.c buffer.h canohost.c channels.c channels.h cipher.c cipher.h]
Damien Miller6536c7d2000-06-22 21:32:31 +10006434 [clientloop.c compat.c compat.h compress.c compress.h crc32.c crc32.h]
6435 [deattack.c dispatch.c dsa.c fingerprint.c fingerprint.h getput.h hmac.c]
Damien Millere4340be2000-09-16 13:29:08 +11006436 [kex.c log-client.c log-server.c login.c match.c mpaux.c mpaux.h nchan.c]
6437 [nchan.h packet.c packet.h pty.c pty.h readconf.c readconf.h readpass.c]
Damien Miller6536c7d2000-06-22 21:32:31 +10006438 [rsa.c rsa.h scp.c servconf.c servconf.h ssh-add.c ssh-keygen.c ssh.c]
6439 [ssh.h tildexpand.c ttymodes.c ttymodes.h uidswap.c xmalloc.c xmalloc.h]
6440 OpenBSD tag
6441 - markus@cvs.openbsd.org 2000/06/21 10:46:10
6442 sshconnect2.c missing free; nuke old comment
Damien Miller099f5052000-06-22 20:57:11 +10006443
Damien Milleredb82922000-06-20 13:25:52 +1000644420000620
6445 - (djm) Replace use of '-o' and '-a' logical operators in configure tests
Damien Millerf1aa21f2001-01-05 09:30:32 +11006446 with '||' and '&&'. As suggested by Jim Knoble <jmknoble@jmknoble.cx>
Damien Milleredb82922000-06-20 13:25:52 +10006447 to fix SCO Unixware problem reported by Gary E. Miller <gem@rellim.com>
Damien Miller2f022952000-06-20 13:50:01 +10006448 - (djm) Typo in loginrec.c
Damien Milleredb82922000-06-20 13:25:52 +10006449
Damien Miller7b22d652000-06-18 14:07:04 +1000645020000618
6451 - (djm) Add summary of configure options to end of ./configure run
Damien Millere4340be2000-09-16 13:29:08 +11006452 - (djm) Not all systems define RUSAGE_SELF & RUSAGE_CHILDREN. Report from
Damien Miller7b22d652000-06-18 14:07:04 +10006453 Michael Stone <mstone@cs.loyola.edu>
Damien Millere4340be2000-09-16 13:29:08 +11006454 - (djm) rusage is a privileged operation on some Unices (incl.
Damien Miller7b22d652000-06-18 14:07:04 +10006455 Solaris 2.5.1). Report from Paul D. Smith <pausmith@nortelnetworks.com>
Damien Millere4340be2000-09-16 13:29:08 +11006456 - (djm) Avoid PAM failures when running without a TTY. Report from
Damien Miller7b22d652000-06-18 14:07:04 +10006457 Martin Petrak <petrak@spsknm.schools.sk>
6458 - (djm) Include sys/types.h when including netinet/in.h in configure tests.
6459 Patch from Jun-ichiro itojun Hagino <itojun@iijlab.net>
Damien Miller0f91b4e2000-06-18 15:43:25 +10006460 - (djm) Started merge of Ben Lindstrom's <mouring@pconline.com> NeXT support
Damien Millerf6d9e222000-06-18 14:50:44 +10006461 - OpenBSD CVS updates:
6462 - deraadt@cvs.openbsd.org 2000/06/17 09:58:46
6463 [channels.c]
6464 everyone says "nix it" (remove protocol 2 debugging message)
6465 - markus@cvs.openbsd.org 2000/06/17 13:24:34
6466 [sshconnect.c]
6467 allow extended server banners
6468 - markus@cvs.openbsd.org 2000/06/17 14:30:10
6469 [sshconnect.c]
6470 missing atomicio, typo
6471 - jakob@cvs.openbsd.org 2000/06/17 16:52:34
6472 [servconf.c servconf.h session.c sshd.8 sshd_config]
6473 add support for ssh v2 subsystems. ok markus@.
6474 - deraadt@cvs.openbsd.org 2000/06/17 18:57:48
6475 [readconf.c servconf.c]
6476 include = in WHITESPACE; markus ok
6477 - markus@cvs.openbsd.org 2000/06/17 19:09:10
6478 [auth2.c]
6479 implement bug compatibility with ssh-2.0.13 pubkey, server side
6480 - markus@cvs.openbsd.org 2000/06/17 21:00:28
6481 [compat.c]
6482 initial support for ssh.com's 2.2.0
6483 - markus@cvs.openbsd.org 2000/06/17 21:16:09
6484 [scp.c]
6485 typo
6486 - markus@cvs.openbsd.org 2000/06/17 22:05:02
6487 [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h]
6488 split auth-rsa option parsing into auth-options
6489 add options support to authorized_keys2
6490 - markus@cvs.openbsd.org 2000/06/17 22:42:54
6491 [session.c]
6492 typo
Damien Miller7b22d652000-06-18 14:07:04 +10006493
Damien Millera66626b2000-06-13 18:57:53 +1000649420000613
6495 - (djm) Fixes from Andrew McGill <andrewm@datrix.co.za>:
6496 - Platform define for SCO 3.x which breaks on /dev/ptmx
6497 - Detect and try to fix missing MAXPATHLEN
Damien Miller1a132252000-06-13 21:23:17 +10006498 - (djm) Fix short copy in loginrec.c (based on patch from Phill Camp
6499 <P.S.S.Camp@ukc.ac.uk>
Damien Millera66626b2000-06-13 18:57:53 +10006500
Damien Millere69f18c2000-06-12 16:38:54 +1000650120000612
6502 - (djm) Glob manpages in RPM spec files to catch compressed files
6503 - (djm) Full license in auth-pam.c
Damien Millerc29de952000-06-12 23:04:18 +10006504 - (djm) Configure fixes from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
andre35ad6be2000-06-12 22:41:27 +00006505 - (andre) AIX, lastlog, configure fixes from Tom Bertelson <tbert@abac.com>:
6506 - Don't try to retrieve lastlog from wtmp/wtmpx if DISABLE_LASTLOG is
6507 def'd
6508 - Set AIX to use preformatted manpages
Damien Miller33804262001-02-04 23:20:18 +11006509
Damien Millerc601a752000-06-10 08:33:38 +1000651020000610
6511 - (djm) Minor doc tweaks
Damien Millerd900e452000-06-10 16:51:33 +10006512 - (djm) Fix for configure on bash2 from Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc601a752000-06-10 08:33:38 +10006513
Damien Millera1cb6442000-06-09 11:58:35 +1000651420000609
6515 - (djm) Patch from Kenji Miyake <kenji@miyake.org> to disable utmp usage
6516 (in favour of utmpx) on Solaris 8
6517
Damien Millere37bfc12000-06-05 09:37:43 +1000651820000606
Damien Miller14c12cb2000-06-07 22:20:23 +10006519 - (djm) Cleanup of entropy.c. Reorganised code, removed second pass through
6520 list of commands (by default). Removed verbose debugging (by default).
Damien Millere4340be2000-09-16 13:29:08 +11006521 - (djm) Increased command entropy estimates and default entropy collection
Damien Miller14c12cb2000-06-07 22:20:23 +10006522 timeout
Damien Millerd5bf3072000-06-07 21:32:13 +10006523 - (djm) Remove duplicate headers from loginrec.c
Damien Miller9e110892000-06-07 21:05:46 +10006524 - (djm) Don't add /usr/local/lib to library search path on Irix
Damien Millere4340be2000-09-16 13:29:08 +11006525 - (djm) Fix rsh path in RPMs. Report from Jason L Tibbitts III
Damien Millerd3a18572000-06-07 19:55:44 +10006526 <tibbs@math.uh.edu>
Damien Miller5314ae72000-06-07 20:08:19 +10006527 - (djm) Warn user if grabs fail in GNOME askpass. Patch from Zack Weinberg
6528 <zack@wolery.cumb.org>
Damien Millerd3a18572000-06-07 19:55:44 +10006529 - (djm) OpenBSD CVS updates:
6530 - todd@cvs.openbsd.org
6531 [sshconnect2.c]
6532 teach protocol v2 to count login failures properly and also enable an
6533 explanation of why the password prompt comes up again like v1; this is NOT
6534 crypto
Damien Miller33804262001-02-04 23:20:18 +11006535 - markus@cvs.openbsd.org
Damien Millerd3a18572000-06-07 19:55:44 +10006536 [readconf.c readconf.h servconf.c servconf.h session.c ssh.1 ssh.c sshd.8]
6537 xauth_location support; pr 1234
6538 [readconf.c sshconnect2.c]
6539 typo, unused
6540 [session.c]
6541 allow use_login only for login sessions, otherwise remote commands are
6542 execed with uid==0
6543 [sshd.8]
6544 document UseLogin better
6545 [version.h]
6546 OpenSSH 2.1.1
6547 [auth-rsa.c]
Damien Millere4340be2000-09-16 13:29:08 +11006548 fix match_hostname() logic for auth-rsa: deny access if we have a
Damien Millerd3a18572000-06-07 19:55:44 +10006549 negative match or no match at all
6550 [channels.c hostfile.c match.c]
Damien Millere4340be2000-09-16 13:29:08 +11006551 don't panic if mkdtemp fails for authfwd; jkb@yahoo-inc.com via
Damien Millerd3a18572000-06-07 19:55:44 +10006552 kris@FreeBSD.org
6553
655420000606
Damien Millere4340be2000-09-16 13:29:08 +11006555 - (djm) Added --with-cflags, --with-ldflags and --with-libs options to
Damien Millere37bfc12000-06-05 09:37:43 +10006556 configure.
6557
Damien Miller2994e082000-06-04 15:51:47 +1000655820000604
6559 - Configure tweaking for new login code on Irix 5.3
andrea86c7ec2000-06-04 17:00:15 +00006560 - (andre) login code changes based on djm feedback
Damien Miller2994e082000-06-04 15:51:47 +10006561
andrea86c7ec2000-06-04 17:00:15 +0000656220000603
6563 - (andre) New login code
6564 - Remove bsd-login.[ch] and all the OpenBSD-derived code in login.c
6565 - Add loginrec.[ch], logintest.c and autoconf code
Damien Miller33804262001-02-04 23:20:18 +11006566
Damien Miller2f6a0ad2000-05-31 11:20:11 +1000656720000531
6568 - Cleanup of auth.c, login.c and fake-*
6569 - Cleanup of auth-pam.c, save and print "account expired" error messages
Damien Miller1ea8ac72000-05-31 11:24:34 +10006570 - Fix EGD read bug by IWAMURO Motonori <iwa@mmp.fujitsu.co.jp>
Damien Miller1c773922000-05-31 13:57:18 +10006571 - Rewrote bsd-login to use proper utmp API if available. Major cleanup
6572 of fallback DIY code.
Damien Miller2f6a0ad2000-05-31 11:20:11 +10006573
Damien Millerbe260a02000-05-30 12:57:46 +1000657420000530
6575 - Define atexit for old Solaris
Damien Millerc252e2e2000-05-30 13:12:46 +10006576 - Fix buffer overrun in login.c for systems which use syslen in utmpx.
6577 patch from YOSHIFUJI Hideaki <yoshfuji@cerberus.nemoto.ecei.tohoku.ac.jp>
Damien Millerb1715dc2000-05-30 13:44:51 +10006578 - OpenBSD CVS updates:
6579 - markus@cvs.openbsd.org
6580 [session.c]
6581 make x11-fwd work w/ localhost (xauth add host/unix:11)
6582 [cipher.c compat.c readconf.c servconf.c]
6583 check strtok() != NULL; ok niels@
6584 [key.c]
6585 fix key_read() for uuencoded keys w/o '='
6586 [serverloop.c]
6587 group ssh1 vs. ssh2 in serverloop
6588 [kex.c kex.h myproposal.h sshconnect2.c sshd.c]
6589 split kexinit/kexdh, factor out common code
6590 [readconf.c ssh.1 ssh.c]
6591 forwardagent defaults to no, add ssh -A
6592 - theo@cvs.openbsd.org
6593 [session.c]
6594 just some line shortening
Damien Miller03934f22000-05-30 14:01:10 +10006595 - Released 2.1.0p3
Damien Millerbe260a02000-05-30 12:57:46 +10006596
Damien Millerd999ae22000-05-20 12:49:31 +1000659720000520
6598 - Xauth fix from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
Damien Millerad1bc5f2000-05-20 14:53:09 +10006599 - Don't touch utmp if USE_UTMPX defined
Damien Millerdfc83f42000-05-20 15:02:59 +10006600 - SunOS 4.x support from Todd C. Miller <Todd.Miller@courtesan.com>
Damien Millerfda78d92000-05-20 15:33:44 +10006601 - SIGCHLD fix for AIX and HPUX from Tom Bertelson <tbert@abac.com>
Damien Millere4340be2000-09-16 13:29:08 +11006602 - HPUX and Configure fixes from Lutz Jaenicke
Damien Millerfda78d92000-05-20 15:33:44 +10006603 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Millere4340be2000-09-16 13:29:08 +11006604 - Use mkinstalldirs script to make directories instead of non-portable
Damien Millerfda78d92000-05-20 15:33:44 +10006605 "install -d". Suggested by Lutz Jaenicke <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller7b63b0f2000-05-20 15:41:26 +10006606 - Doc cleanup
Damien Millerd999ae22000-05-20 12:49:31 +10006607
Damien Milleref7df542000-05-19 00:03:23 +1000660820000518
6609 - Include Andre Lucas' fixprogs script. Forgot to "cvs add" it yesterday
6610 - OpenBSD CVS updates:
6611 - markus@cvs.openbsd.org
6612 [sshconnect.c]
6613 copy only ai_addrlen bytes; misiek@pld.org.pl
6614 [auth.c]
Damien Millere4340be2000-09-16 13:29:08 +11006615 accept an empty shell in authentication; bug reported by
Damien Milleref7df542000-05-19 00:03:23 +10006616 chris@tinker.ucr.edu
6617 [serverloop.c]
6618 we don't have stderr for interactive terminal sessions (fcntl errors)
6619
Damien Miller8d1fd572000-05-17 21:34:07 +1000662020000517
6621 - Fix from Andre Lucas <andre.lucas@dial.pipex.com>
6622 - Fixes command line printing segfaults (spotter: Bladt Norbert)
6623 - Fixes erroneous printing of debug messages to syslog
6624 - Fixes utmp for MacOS X (spotter: Aristedes Maniatis)
6625 - Gives useful error message if PRNG initialisation fails
6626 - Reduced ssh startup delay
6627 - Measures cumulative command time rather than the time between reads
Damien Millerbe484b52000-07-15 14:14:16 +10006628 after select()
Damien Miller8d1fd572000-05-17 21:34:07 +10006629 - 'fixprogs' perl script to eliminate non-working entropy commands, and
Damien Millerbe484b52000-07-15 14:14:16 +10006630 optionally run 'ent' to measure command entropy
Damien Millerd2c208a2000-05-17 22:00:02 +10006631 - Applied Tom Bertelson's <tbert@abac.com> AIX authentication fix
Damien Millerf3c6cf12000-05-17 22:08:29 +10006632 - Avoid WCOREDUMP complation errors for systems that lack it
Damien Millere4340be2000-09-16 13:29:08 +11006633 - Avoid SIGCHLD warnings from entropy commands
Damien Miller0e65eed2000-05-17 22:16:05 +10006634 - Fix HAVE_PAM_GETENVLIST setting from Simon Wilkinson <sxw@dcs.ed.ac.uk>
Damien Millerdcb6ecd2000-05-17 22:34:22 +10006635 - OpenBSD CVS update:
Damien Millere4340be2000-09-16 13:29:08 +11006636 - markus@cvs.openbsd.org
Damien Millerdcb6ecd2000-05-17 22:34:22 +10006637 [ssh.c]
6638 fix usage()
6639 [ssh2.h]
6640 draft-ietf-secsh-architecture-05.txt
6641 [ssh.1]
6642 document ssh -T -N (ssh2 only)
6643 [channels.c serverloop.c ssh.h sshconnect.c sshd.c aux.c]
6644 enable nonblocking IO for sshd w/ proto 1, too; split out common code
6645 [aux.c]
6646 missing include
Damien Miller615f9392000-05-17 22:53:33 +10006647 - Several patches from SAKAI Kiyotaka <ksakai@kso.netwk.ntt-at.co.jp>
6648 - INSTALL typo and URL fix
6649 - Makefile fix
6650 - Solaris fixes
Damien Millere4340be2000-09-16 13:29:08 +11006651 - Checking for ssize_t and memmove. Based on patch from SAKAI Kiyotaka
Damien Miller615f9392000-05-17 22:53:33 +10006652 <ksakai@kso.netwk.ntt-at.co.jp>
Damien Millerc4be7ce2000-05-17 23:02:03 +10006653 - RSAless operation patch from kevin_oconnor@standardandpoors.com
Damien Miller3b512e12000-05-17 23:29:18 +10006654 - Detect OpenSSL seperatly from RSA
Damien Millere4340be2000-09-16 13:29:08 +11006655 - Better test for RSA (more compatible with RSAref). Based on work by
Damien Miller3b512e12000-05-17 23:29:18 +10006656 Ed Eden <ede370@stl.rural.usda.gov>
Damien Miller8d1fd572000-05-17 21:34:07 +10006657
Damien Miller95fe91b2000-05-13 12:31:22 +1000665820000513
Damien Millere4340be2000-09-16 13:29:08 +11006659 - Fix for non-recognised DSA keys from Arkadiusz Miskiewicz
Damien Miller95fe91b2000-05-13 12:31:22 +10006660 <misiek@pld.org.pl>
6661
Damien Milleraccfeb32000-05-11 19:10:58 +1000666220000511
Damien Millere4340be2000-09-16 13:29:08 +11006663 - Fix for prng_seed permissions checking from Lutz Jaenicke
Damien Milleraccfeb32000-05-11 19:10:58 +10006664 <Lutz.Jaenicke@aet.TU-Cottbus.DE>
Damien Miller95fe91b2000-05-13 12:31:22 +10006665 - "make host-key" fix for Irix
Damien Milleraccfeb32000-05-11 19:10:58 +10006666
Damien Miller30c3d422000-05-09 11:02:59 +1000666720000509
6668 - OpenBSD CVS update
6669 - markus@cvs.openbsd.org
6670 [cipher.h myproposal.h readconf.c readconf.h servconf.c ssh.1 ssh.c]
6671 [ssh.h sshconnect1.c sshconnect2.c sshd.8]
6672 - complain about invalid ciphers in SSH1 (e.g. arcfour is SSH2 only)
6673 - hugh@cvs.openbsd.org
6674 [ssh.1]
6675 - zap typo
6676 [ssh-keygen.1]
6677 - One last nit fix. (markus approved)
6678 [sshd.8]
6679 - some markus certified spelling adjustments
6680 - markus@cvs.openbsd.org
6681 [auth2.c channels.c clientloop.c compat compat.h dsa.c kex.c]
6682 [sshconnect2.c ]
6683 - bug compat w/ ssh-2.0.13 x11, split out bugs
6684 [nchan.c]
6685 - no drain if ibuf_empty, fixes x11fwd problems; tests by fries@
6686 [ssh-keygen.c]
6687 - handle escapes in real and original key format, ok millert@
6688 [version.h]
6689 - OpenSSH-2.1
Damien Miller16e519c2000-05-09 14:28:55 +10006690 - Moved all the bsd-* and fake-* stuff into new libopenbsd-compat.a
Damien Miller54057c22000-05-09 15:03:37 +10006691 - Doc updates
Damien Millere4340be2000-09-16 13:29:08 +11006692 - Cleanup of bsd-base64 headers, bugfix definitions of __b64_*. Reported
Damien Miller95e89632000-05-09 15:28:50 +10006693 by Andre Lucas <andre.lucas@dial.pipex.com>
Damien Miller30c3d422000-05-09 11:02:59 +10006694
Damien Miller58e579b2000-05-08 00:05:31 +1000669520000508
6696 - Makefile and RPM spec fixes
6697 - Generate DSA host keys during "make key" or RPM installs
Damien Miller6d488712000-05-08 13:44:52 +10006698 - OpenBSD CVS update
6699 - markus@cvs.openbsd.org
6700 [clientloop.c sshconnect2.c]
6701 - make x11-fwd interop w/ ssh-2.0.13
6702 [README.openssh2]
6703 - interop w/ SecureFX
6704 - Release 2.0.0beta2
Damien Miller58e579b2000-05-08 00:05:31 +10006705
Damien Millere4340be2000-09-16 13:29:08 +11006706 - Configure caching and cleanup patch from Andre Lucas'
Damien Miller61e50f12000-05-08 20:49:37 +10006707 <andre.lucas@dial.pipex.com>
6708
Damien Millere247cc42000-05-07 12:03:14 +1000670920000507
6710 - Remove references to SSLeay.
6711 - Big OpenBSD CVS update
6712 - markus@cvs.openbsd.org
6713 [clientloop.c]
6714 - typo
6715 [session.c]
6716 - update proctitle on pty alloc/dealloc, e.g. w/ windows client
6717 [session.c]
6718 - update proctitle for proto 1, too
6719 [channels.h nchan.c serverloop.c session.c sshd.c]
6720 - use c-style comments
6721 - deraadt@cvs.openbsd.org
6722 [scp.c]
6723 - more atomicio
Damien Millere4340be2000-09-16 13:29:08 +11006724 - markus@cvs.openbsd.org
Damien Millere247cc42000-05-07 12:03:14 +10006725 [channels.c]
6726 - set O_NONBLOCK
6727 [ssh.1]
6728 - update AUTHOR
6729 [readconf.c ssh-keygen.c ssh.h]
6730 - default DSA key file ~/.ssh/id_dsa
6731 [clientloop.c]
6732 - typo, rm verbose debug
6733 - deraadt@cvs.openbsd.org
6734 [ssh-keygen.1]
6735 - document DSA use of ssh-keygen
6736 [sshd.8]
6737 - a start at describing what i understand of the DSA side
6738 [ssh-keygen.1]
6739 - document -X and -x
6740 [ssh-keygen.c]
6741 - simplify usage
Damien Millere4340be2000-09-16 13:29:08 +11006742 - markus@cvs.openbsd.org
Damien Millere247cc42000-05-07 12:03:14 +10006743 [sshd.8]
6744 - there is no rhosts_dsa
6745 [ssh-keygen.1]
6746 - document -y, update -X,-x
6747 [nchan.c]
6748 - fix close for non-open ssh1 channels
6749 [servconf.c servconf.h ssh.h sshd.8 sshd.c ]
6750 - s/DsaKey/HostDSAKey/, document option
6751 [sshconnect2.c]
6752 - respect number_of_password_prompts
6753 [channels.c channels.h servconf.c servconf.h session.c sshd.8]
6754 - GatewayPorts for sshd, ok deraadt@
6755 [ssh-add.1 ssh-agent.1 ssh.1]
6756 - more doc on: DSA, id_dsa, known_hosts2, authorized_keys2
6757 [ssh.1]
6758 - more info on proto 2
6759 [sshd.8]
6760 - sync AUTHOR w/ ssh.1
6761 [key.c key.h sshconnect.c]
6762 - print key type when talking about host keys
6763 [packet.c]
6764 - clear padding in ssh2
6765 [dsa.c key.c radix.c ssh.h sshconnect1.c uuencode.c uuencode.h]
6766 - replace broken uuencode w/ libc b64_ntop
6767 [auth2.c]
6768 - log failure before sending the reply
6769 [key.c radix.c uuencode.c]
6770 - remote trailing comments before calling __b64_pton
6771 [auth2.c readconf.c readconf.h servconf.c servconf.h ssh.1]
6772 [sshconnect2.c sshd.8]
6773 - add DSAAuthetication option to ssh/sshd, document SSH2 in sshd.8
6774 - Bring in b64_ntop and b64_pton from OpenBSD libc (bsd-base64.[ch])
6775
Damien Miller63560f92000-05-02 09:06:04 +1000677620000502
Damien Miller6f83b8e2000-05-02 09:23:45 +10006777 - OpenBSD CVS update
6778 [channels.c]
6779 - init all fds, close all fds.
6780 [sshconnect2.c]
6781 - check whether file exists before asking for passphrase
6782 [servconf.c servconf.h sshd.8 sshd.c]
6783 - PidFile, pr 1210
6784 [channels.c]
6785 - EINTR
6786 [channels.c]
6787 - unbreak, ok niels@
6788 [sshd.c]
6789 - unlink pid file, ok niels@
6790 [auth2.c]
6791 - Add missing #ifdefs; ok - markus
Damien Millere4340be2000-09-16 13:29:08 +11006792 - Add Andre Lucas' <andre.lucas@dial.pipex.com> patch to read entropy
Damien Miller0437b332000-05-02 09:56:41 +10006793 gathering commands from a text file
Damien Miller63560f92000-05-02 09:06:04 +10006794 - Release 2.0.0beta1
6795
Damien Miller7c8af4f2000-05-01 08:24:07 +1000679620000501
6797 - OpenBSD CVS update
6798 [packet.c]
6799 - send debug messages in SSH2 format
Damien Miller35dabd02000-05-01 21:10:33 +10006800 [scp.c]
6801 - fix very rare EAGAIN/EINTR issues; based on work by djm
6802 [packet.c]
6803 - less debug, rm unused
6804 [auth2.c]
6805 - disable kerb,s/key in ssh2
6806 [sshd.8]
6807 - Minor tweaks and typo fixes.
6808 [ssh-keygen.c]
6809 - Put -d into usage and reorder. markus ok.
Damien Millere4340be2000-09-16 13:29:08 +11006810 - Include missing headers for OpenSSL tests. Fix from Phil Karn
Damien Millere59ce622000-05-01 20:54:17 +10006811 <karn@ka9q.ampr.org>
Damien Millere4340be2000-09-16 13:29:08 +11006812 - Fixed __progname symbol collisions reported by Andre Lucas
Damien Miller70fb6712000-05-01 20:59:50 +10006813 <andre.lucas@dial.pipex.com>
Damien Miller0e489dc2000-05-01 22:53:53 +10006814 - Merged bsd-login ttyslot and AIX utmp patch from Gert Doering
6815 <gd@hilb1.medat.de>
Damien Miller1cead2c2000-05-01 22:55:23 +10006816 - Add some missing ifdefs to auth2.c
Damien Miller7c004262000-05-01 22:57:46 +10006817 - Deprecate perl-tk askpass.
Damien Millerfc0b11b2000-05-02 00:03:55 +10006818 - Irix portability fixes - don't include netinet headers more than once
6819 - Make sure we don't save PRNG seed more than once
Damien Miller7c8af4f2000-05-01 08:24:07 +10006820
Damien Miller1bead332000-04-30 00:47:29 +1000682120000430
6822 - Merge HP-UX fixes and TCB support from Ged Lodder <lodder@yacc.com.au>
Damien Miller4018c192000-04-30 09:30:44 +10006823 - Integrate Andre Lucas' <andre.lucas@dial.pipex.com> entropy collection
6824 patch.
6825 - Adds timeout to entropy collection
6826 - Disables slow entropy sources
6827 - Load and save seed file
Damien Millere4340be2000-09-16 13:29:08 +11006828 - Changed entropy seed code to user per-user seeds only (server seed is
Damien Miller4018c192000-04-30 09:30:44 +10006829 saved in root's .ssh directory)
6830 - Use atexit() and fatal cleanups to save seed on exit
Damien Millerbd483e72000-04-30 10:00:53 +10006831 - More OpenBSD updates:
6832 [session.c]
6833 - don't call chan_write_failed() if we are not writing
6834 [auth-rsa.c auth1.c authfd.c hostfile.c ssh-agent.c]
6835 - keysize warnings error() -> log()
Damien Miller1bead332000-04-30 00:47:29 +10006836
Damien Millereba71ba2000-04-29 23:57:08 +1000683720000429
6838 - Merge big update to OpenSSH-2.0 from OpenBSD CVS
6839 [README.openssh2]
6840 - interop w/ F-secure windows client
6841 - sync documentation
6842 - ssh_host_dsa_key not ssh_dsa_key
6843 [auth-rsa.c]
6844 - missing fclose
6845 [auth.c authfile.c compat.c dsa.c dsa.h hostfile.c key.c key.h radix.c]
6846 [readconf.c readconf.h ssh-add.c ssh-keygen.c ssh.c ssh.h sshconnect.c]
6847 [sshd.c uuencode.c uuencode.h authfile.h]
6848 - add DSA pubkey auth and other SSH2 fixes. use ssh-keygen -[xX]
6849 for trading keys with the real and the original SSH, directly from the
6850 people who invented the SSH protocol.
6851 [auth.c auth.h authfile.c sshconnect.c auth1.c auth2.c sshconnect.h]
6852 [sshconnect1.c sshconnect2.c]
6853 - split auth/sshconnect in one file per protocol version
6854 [sshconnect2.c]
6855 - remove debug
6856 [uuencode.c]
6857 - add trailing =
6858 [version.h]
6859 - OpenSSH-2.0
6860 [ssh-keygen.1 ssh-keygen.c]
6861 - add -R flag: exit code indicates if RSA is alive
6862 [sshd.c]
6863 - remove unused
6864 silent if -Q is specified
6865 [ssh.h]
6866 - host key becomes /etc/ssh_host_dsa_key
6867 [readconf.c servconf.c ]
6868 - ssh/sshd default to proto 1 and 2
6869 [uuencode.c]
6870 - remove debug
6871 [auth2.c ssh-keygen.c sshconnect2.c sshd.c]
6872 - xfree DSA blobs
6873 [auth2.c serverloop.c session.c]
6874 - cleanup logging for sshd/2, respect PasswordAuth no
6875 [sshconnect2.c]
6876 - less debug, respect .ssh/config
6877 [README.openssh2 channels.c channels.h]
Damien Millere4340be2000-09-16 13:29:08 +11006878 - clientloop.c session.c ssh.c
Damien Millereba71ba2000-04-29 23:57:08 +10006879 - support for x11-fwding, client+server
6880
Damien Millera552faf2000-04-21 15:55:20 +1000688120000421
6882 - Merge fix from OpenBSD CVS
6883 [ssh-agent.c]
6884 - Fix memory leak per connection. Report from Andy Spiegl <Andy@Spiegl.de>
6885 via Debian bug #59926
Damien Miller81171112000-04-23 11:14:01 +10006886 - Define __progname in session.c if libc doesn't
6887 - Remove indentation on autoconf #include statements to avoid bug in
Damien Millere4340be2000-09-16 13:29:08 +11006888 DEC Tru64 compiler. Report and fix from David Del Piero
Damien Miller81171112000-04-23 11:14:01 +10006889 <David.DelPiero@qed.qld.gov.au>
Damien Millera552faf2000-04-21 15:55:20 +10006890
Damien Miller3ef692a2000-04-20 07:33:24 +1000689120000420
Damien Millere4340be2000-09-16 13:29:08 +11006892 - Make fixpaths work with perl4, patch from Andre Lucas
Damien Miller3ef692a2000-04-20 07:33:24 +10006893 <andre.lucas@dial.pipex.com>
Damien Miller166fca82000-04-20 07:42:21 +10006894 - Sync with OpenBSD CVS:
6895 [clientloop.c login.c serverloop.c ssh-agent.c ssh.h sshconnect.c sshd.c]
6896 - pid_t
6897 [session.c]
6898 - remove bogus chan_read_failed. this could cause data
6899 corruption (missing data) at end of a SSH2 session.
Damien Millerd0cff3e2000-04-20 23:12:58 +10006900 - Merge fixes from Debian patch from Phil Hands <phil@hands.com>
6901 - Allow setting of PAM service name through CFLAGS (SSHD_PAM_SERVICE)
6902 - Use vhangup to clean up Linux ttys
6903 - Force posix getopt processing on GNU libc systems
Damien Millercfabe862000-04-20 23:27:27 +10006904 - Debian bug #55910 - remove references to ssl(8) manpages
Damien Millerf3a3fee2000-04-20 23:32:48 +10006905 - Debian bug #58031 - ssh_config lies about default cipher
Damien Miller3ef692a2000-04-20 07:33:24 +10006906
Damien Miller8bb73be2000-04-19 16:26:12 +1000690720000419
6908 - OpenBSD CVS updates
6909 [channels.c]
6910 - fix pr 1196, listen_port and port_to_connect interchanged
6911 [scp.c]
Damien Millere4340be2000-09-16 13:29:08 +11006912 - after completion, replace the progress bar ETA counter with a final
Damien Miller8bb73be2000-04-19 16:26:12 +10006913 elapsed time; my idea, aaron wrote the patch
6914 [ssh_config sshd_config]
6915 - show 'Protocol' as an example, ok markus@
6916 [sshd.c]
6917 - missing xfree()
6918 - Add missing header to bsd-misc.c
6919
Damien Miller5f056372000-04-16 12:31:48 +1000692020000416
6921 - Reduce diff against OpenBSD source
Damien Millere4340be2000-09-16 13:29:08 +11006922 - All OpenSSL includes are now unconditionally referenced as
Damien Miller5f056372000-04-16 12:31:48 +10006923 openssl/foo.h
6924 - Pick up formatting changes
6925 - Other minor changed (typecasts, etc) that I missed
6926
Damien Miller4af51302000-04-16 11:18:38 +1000692720000415
6928 - OpenBSD CVS updates.
6929 [ssh.1 ssh.c]
6930 - ssh -2
6931 [auth.c channels.c clientloop.c packet.c packet.h serverloop.c]
6932 [session.c sshconnect.c]
6933 - check payload for (illegal) extra data
6934 [ALL]
6935 whitespace cleanup
6936
Damien Millere71eb912000-04-13 12:19:32 +1000693720000413
6938 - INSTALL doc updates
Damien Miller22c77262000-04-13 12:26:34 +10006939 - Merged OpenBSD updates to include paths.
Damien Millere4340be2000-09-16 13:29:08 +11006940
Damien Miller78928792000-04-12 20:17:38 +1000694120000412
6942 - OpenBSD CVS updates:
6943 - [channels.c]
6944 repair x11-fwd
6945 - [sshconnect.c]
6946 fix passwd prompt for ssh2, less debugging output.
6947 - [clientloop.c compat.c dsa.c kex.c sshd.c]
6948 less debugging output
6949 - [kex.c kex.h sshconnect.c sshd.c]
6950 check for reasonable public DH values
6951 - [README.openssh2 cipher.c cipher.h compat.c compat.h readconf.c]
6952 [readconf.h servconf.c servconf.h ssh.c ssh.h sshconnect.c sshd.c]
6953 add Cipher and Protocol options to ssh/sshd, e.g.:
6954 ssh -o 'Protocol 1,2' if you prefer proto 1, ssh -o 'Ciphers
6955 arcfour,3des-cbc'
6956 - [sshd.c]
6957 print 1.99 only if server supports both
6958
Damien Millerbc7c7cc2000-04-08 17:48:56 +1000695920000408
6960 - Avoid some compiler warnings in fake-get*.c
6961 - Add IPTOS macros for systems which lack them
Damien Miller11e37f62000-04-08 18:23:30 +10006962 - Only set define entropy collection macros if they are found
Damien Millerefb4afe2000-04-12 18:45:05 +10006963 - More large OpenBSD CVS updates:
6964 - [auth.c auth.h servconf.c servconf.h serverloop.c session.c]
6965 [session.h ssh.h sshd.c README.openssh2]
6966 ssh2 server side, see README.openssh2; enable with 'sshd -2'
6967 - [channels.c]
6968 no adjust after close
6969 - [sshd.c compat.c ]
6970 interop w/ latest ssh.com windows client.
Damien Miller33804262001-02-04 23:20:18 +11006971
Damien Miller1383bd82000-04-06 12:32:37 +1000697220000406
6973 - OpenBSD CVS update:
6974 - [channels.c]
6975 close efd on eof
6976 - [clientloop.c compat.c ssh.c sshconnect.c myproposal.h]
6977 ssh2 client implementation, interops w/ ssh.com and lsh servers.
6978 - [sshconnect.c]
6979 missing free.
6980 - [authfile.c cipher.c cipher.h packet.c sshconnect.c sshd.c]
6981 remove unused argument, split cipher_mask()
6982 - [clientloop.c]
6983 re-order: group ssh1 vs. ssh2
6984 - Make Redhat spec require openssl >= 0.9.5a
6985
Damien Miller193ba882000-04-04 10:21:09 +1000698620000404
6987 - Add tests for RAND_add function when searching for OpenSSL
Damien Miller33b13562000-04-04 14:38:59 +10006988 - OpenBSD CVS update:
6989 - [packet.h packet.c]
6990 ssh2 packet format
6991 - [packet.h packet.c nchan2.ms nchan.h compat.h compat.c]
6992 [channels.h channels.c]
6993 channel layer support for ssh2
6994 - [kex.h kex.c hmac.h hmac.c dsa.c dsa.h]
6995 DSA, keyexchange, algorithm agreement for ssh2
Damien Miller74a333b2000-04-04 15:04:09 +10006996 - Generate manpages before make install not at the end of make all
6997 - Don't seed the rng quite so often
6998 - Always reseed rng when requested
Damien Miller193ba882000-04-04 10:21:09 +10006999
Damien Miller040f3832000-04-03 14:50:43 +1000700020000403
7001 - Wrote entropy collection routines for systems that lack /dev/random
7002 and EGD
Damien Miller70494d12000-04-03 15:57:06 +10007003 - Disable tests and typedefs for 64 bit types. They are currently unused.
Damien Miller040f3832000-04-03 14:50:43 +10007004
Damien Millerb38eff82000-04-01 11:09:21 +1000700520000401
7006 - Big OpenBSD CVS update (mainly beginnings of SSH2 infrastructure)
7007 - [auth.c session.c sshd.c auth.h]
7008 split sshd.c -> auth.c session.c sshd.c plus cleanup and goto-removal
7009 - [bufaux.c bufaux.h]
7010 support ssh2 bignums
7011 - [channels.c channels.h clientloop.c sshd.c nchan.c nchan.h packet.c]
7012 [readconf.c ssh.c ssh.h serverloop.c]
7013 replace big switch() with function tables (prepare for ssh2)
7014 - [ssh2.h]
7015 ssh2 message type codes
7016 - [sshd.8]
7017 reorder Xr to avoid cutting
7018 - [serverloop.c]
7019 close(fdin) if fdin != fdout, shutdown otherwise, ok theo@
7020 - [channels.c]
7021 missing close
7022 allow bigger packets
7023 - [cipher.c cipher.h]
7024 support ssh2 ciphers
7025 - [compress.c]
7026 cleanup, less code
7027 - [dispatch.c dispatch.h]
7028 function tables for different message types
7029 - [log-server.c]
7030 do not log() if debuggin to stderr
7031 rename a cpp symbol, to avoid param.h collision
7032 - [mpaux.c]
7033 KNF
7034 - [nchan.c]
7035 sync w/ channels.c
7036
Damien Miller2c9279f2000-03-26 12:12:34 +1000703720000326
7038 - Better tests for OpenSSL w/ RSAref
Damien Millere4340be2000-09-16 13:29:08 +11007039 - Added replacement setenv() function from OpenBSD libc. Suggested by
Damien Miller2c9279f2000-03-26 12:12:34 +10007040 Ben Lindstrom <mouring@pconline.com>
Damien Miller450a7a12000-03-26 13:04:51 +10007041 - OpenBSD CVS update
7042 - [auth-krb4.c]
7043 -Wall
7044 - [auth-rh-rsa.c auth-rsa.c hostfile.c hostfile.h key.c key.h match.c]
7045 [match.h ssh.c ssh.h sshconnect.c sshd.c]
7046 initial support for DSA keys. ok deraadt@, niels@
7047 - [cipher.c cipher.h]
7048 remove unused cipher_attack_detected code
7049 - [scp.1 ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
7050 Fix some formatting problems I missed before.
7051 - [ssh.1 sshd.8]
7052 fix spelling errors, From: FreeBSD
7053 - [ssh.c]
7054 switch to raw mode only if he _get_ a pty (not if we _want_ a pty).
Damien Miller2c9279f2000-03-26 12:12:34 +10007055
Damien Miller63a46cc2000-03-24 09:24:33 +1100705620000324
7057 - Released 1.2.3
7058
Damien Miller29ea30d2000-03-17 10:54:15 +1100705920000317
7060 - Clarified --with-default-path option.
7061 - Added -blibpath handling for AIX to work around stupid runtime linking.
7062 Problem elucidated by gshapiro@SENDMAIL.ORG by way of Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11007063 <jmknoble@jmknoble.cx>
Damien Millerd6121d22000-03-17 23:26:46 +11007064 - Checks for 64 bit int types. Problem report from Mats Fredholm
7065 <matsf@init.se>
Damien Miller7684ee12000-03-17 23:40:15 +11007066 - OpenBSD CVS updates:
Damien Millere4340be2000-09-16 13:29:08 +11007067 - [atomicio.c auth-krb4.c bufaux.c channels.c compress.c fingerprint.c]
Damien Miller7684ee12000-03-17 23:40:15 +11007068 [packet.h radix.c rsa.c scp.c ssh-agent.c ssh-keygen.c sshconnect.c]
7069 [sshd.c]
7070 pedantic: signed vs. unsigned, void*-arithm, etc
7071 - [ssh.1 sshd.8]
7072 Various cleanups and standardizations.
Damien Millere4340be2000-09-16 13:29:08 +11007073 - Runtime error fix for HPUX from Otmar Stahl
Damien Millere37ac5a2000-03-17 23:58:59 +11007074 <O.Stahl@lsw.uni-heidelberg.de>
Damien Miller29ea30d2000-03-17 10:54:15 +11007075
Damien Miller08c788a2000-03-16 07:52:29 +1100707620000316
Damien Millere4340be2000-09-16 13:29:08 +11007077 - Fixed configure not passing LDFLAGS to Solaris. Report from David G.
Damien Miller08c788a2000-03-16 07:52:29 +11007078 Hesprich <dghespri@sprintparanet.com>
Damien Miller166bd442000-03-16 10:48:25 +11007079 - Propogate LD through to Makefile
Damien Millerfd263682000-03-16 11:51:09 +11007080 - Doc cleanups
Damien Millerca9a49c2000-03-16 12:23:13 +11007081 - Added blurb about "scp: command not found" errors to UPGRADING
Damien Miller08c788a2000-03-16 07:52:29 +11007082
Damien Millera1ad4802000-03-15 10:04:54 +1100708320000315
7084 - Fix broken CFLAGS handling during search for OpenSSL. Fixes va_list
7085 problems with gcc/Solaris.
Damien Millere4340be2000-09-16 13:29:08 +11007086 - Don't free argument to putenv() after use (in setenv() replacement).
Damien Millerf09b07a2000-03-15 11:23:48 +11007087 Report from Seigo Tanimura <tanimura@r.dl.itc.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11007088 - Created contrib/ subdirectory. Included helpers from Phil Hands'
Damien Miller8b1c22b2000-03-15 12:13:01 +11007089 Debian package, README file and chroot patch from Ricardo Cerqueira
7090 <rmcc@clix.pt>
Damien Millere4340be2000-09-16 13:29:08 +11007091 - Moved gnome-ssh-askpass.c to contrib directory and removed config
Damien Miller8b1c22b2000-03-15 12:13:01 +11007092 option.
7093 - Slight cleanup to doc files
Damien Miller856799b2000-03-15 21:18:10 +11007094 - Configure fix from Bratislav ILICH <bilic@zepter.ru>
Damien Millera1ad4802000-03-15 10:04:54 +11007095
Damien Miller1c67c992000-03-14 10:16:34 +1100709620000314
Damien Millere4340be2000-09-16 13:29:08 +11007097 - Include macro for IN6_IS_ADDR_V4MAPPED. Report from
Damien Miller1c67c992000-03-14 10:16:34 +11007098 peter@frontierflying.com
Damien Millerdb819592000-03-14 13:44:01 +11007099 - Include /usr/local/include and /usr/local/lib for systems that don't
7100 do it themselves
7101 - -R/usr/local/lib for Solaris
7102 - Fix RSAref detection
7103 - Fix IN6_IS_ADDR_V4MAPPED macro
Damien Miller1c67c992000-03-14 10:16:34 +11007104
Damien Millerb85dcad2000-03-11 11:37:00 +1100710520000311
7106 - Detect RSAref
Damien Miller02491e92000-03-11 11:58:28 +11007107 - OpenBSD CVS change
7108 [sshd.c]
7109 - disallow guessing of root password
Damien Millerd58b3ab2000-03-11 20:05:11 +11007110 - More configure fixes
Damien Miller7bcb0892000-03-11 20:45:40 +11007111 - IPv6 workarounds from Hideaki YOSHIFUJI <yoshfuji@ecei.tohoku.ac.jp>
Damien Millerb85dcad2000-03-11 11:37:00 +11007112
Damien Miller98c7ad62000-03-09 21:27:49 +1100711320000309
7114 - OpenBSD CVS updates to v1.2.3
Damien Millerbe484b52000-07-15 14:14:16 +10007115 [ssh.h atomicio.c]
7116 - int atomicio -> ssize_t (for alpha). ok deraadt@
7117 [auth-rsa.c]
7118 - delay MD5 computation until client sends response, free() early, cleanup.
7119 [cipher.c]
7120 - void* -> unsigned char*, ok niels@
7121 [hostfile.c]
7122 - remove unused variable 'len'. fix comments.
7123 - remove unused variable
7124 [log-client.c log-server.c]
7125 - rename a cpp symbol, to avoid param.h collision
7126 [packet.c]
7127 - missing xfree()
7128 - getsockname() requires initialized tolen; andy@guildsoftware.com
7129 - use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
7130 from Holger.Trapp@Informatik.TU-Chemnitz.DE
7131 [pty.c pty.h]
Damien Millere4340be2000-09-16 13:29:08 +11007132 - register cleanup for pty earlier. move code for pty-owner handling to
Damien Miller98c7ad62000-03-09 21:27:49 +11007133 pty.c ok provos@, dugsong@
Damien Millerbe484b52000-07-15 14:14:16 +10007134 [readconf.c]
7135 - turn off x11-fwd for the client, too.
7136 [rsa.c]
7137 - PKCS#1 padding
7138 [scp.c]
7139 - allow '.' in usernames; from jedgar@fxp.org
7140 [servconf.c]
7141 - typo: ignore_user_known_hosts int->flag; naddy@mips.rhein-neckar.de
7142 - sync with sshd_config
7143 [ssh-keygen.c]
7144 - enable ssh-keygen -l -f ~/.ssh/known_hosts, ok deraadt@
7145 [ssh.1]
7146 - Change invalid 'CHAT' loglevel to 'VERBOSE'
7147 [ssh.c]
7148 - suppress AAAA query host when '-4' is used; from shin@nd.net.fujitsu.co.jp
7149 - turn off x11-fwd for the client, too.
7150 [sshconnect.c]
7151 - missing xfree()
7152 - retry rresvport_af(), too. from sumikawa@ebina.hitachi.co.jp.
7153 - read error vs. "Connection closed by remote host"
7154 [sshd.8]
7155 - ie. -> i.e.,
7156 - do not link to a commercial page..
7157 - sync with sshd_config
7158 [sshd.c]
7159 - no need for poll.h; from bright@wintelcom.net
7160 - log with level log() not fatal() if peer behaves badly.
7161 - don't panic if client behaves strange. ok deraadt@
7162 - make no-port-forwarding for RSA keys deny both -L and -R style fwding
7163 - delay close() of pty until the pty has been chowned back to root
7164 - oops, fix comment, too.
7165 - missing xfree()
7166 - move XAUTHORITY to subdir. ok dugsong@. fixes debian bug #57907, too.
7167 (http://cgi.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=57907)
Damien Millere4340be2000-09-16 13:29:08 +11007168 - register cleanup for pty earlier. move code for pty-owner handling to
Damien Millerbe484b52000-07-15 14:14:16 +10007169 pty.c ok provos@, dugsong@
7170 - create x11 cookie file
7171 - fix pr 1113, fclose() -> pclose(), todo: remote popen()
7172 - version 1.2.3
Damien Miller98c7ad62000-03-09 21:27:49 +11007173 - Cleaned up
Damien Millere4340be2000-09-16 13:29:08 +11007174 - Removed warning workaround for Linux and devpts filesystems (no longer
Damien Miller8f975b62000-03-09 22:31:13 +11007175 required after OpenBSD updates)
Damien Miller98c7ad62000-03-09 21:27:49 +11007176
Damien Miller1a07ebd2000-03-08 09:03:44 +1100717720000308
7178 - Configure fix from Hiroshi Takekawa <takekawa@sr3.t.u-tokyo.ac.jp>
7179
718020000307
7181 - Released 1.2.2p1
7182
Damien Miller01bedb82000-03-05 16:10:03 +1100718320000305
7184 - Fix DEC compile fix
Damien Millerfac99cd2000-03-05 16:10:45 +11007185 - Explicitly seed OpenSSL's PRNG before checking rsa_alive()
Damien Miller9fb07e42000-03-05 16:22:59 +11007186 - Check for getpagesize in libucb.a if not found in libc. Fix for old
7187 Solaris from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millere4340be2000-09-16 13:29:08 +11007188 - Check for libwrap if --with-tcp-wrappers option specified. Suggestion
Damien Miller65165f82000-03-05 17:02:45 +11007189 Mate Wierdl <mw@moni.msci.memphis.edu>
Damien Miller01bedb82000-03-05 16:10:03 +11007190
Damien Miller4095f892000-03-03 22:13:52 +1100719120000303
7192 - Added "make host-key" target, Suggestion from Dominik Brettnacher
7193 <domi@saargate.de>
Damien Millere4340be2000-09-16 13:29:08 +11007194 - Don't permanently fail on bind() if getaddrinfo has more choices left for
Damien Miller3c7eeb22000-03-03 22:35:33 +11007195 us. Needed to work around messy IPv6 on Linux. Patch from Arkadiusz
7196 Miskiewicz <misiek@pld.org.pl>
Damien Miller00d4bb12000-03-03 22:48:49 +11007197 - DEC Unix compile fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
7198 - Manpage fix from David Del Piero <David.DelPiero@qed.qld.gov.au>
Damien Miller4095f892000-03-03 22:13:52 +11007199
Damien Millera22ba012000-03-02 23:09:20 +1100720020000302
7201 - Big cleanup of autoconf code
7202 - Rearranged to be a little more logical
7203 - Added -R option for Solaris
7204 - Rewrote OpenSSL detection code. Now uses AC_TRY_RUN with a test program
7205 to detect library and header location _and_ ensure library has proper
7206 RSA support built in (this is a problem with OpenSSL 0.9.5).
Damien Millerc7d8dbb2000-03-02 23:30:53 +11007207 - Applied pty cleanup patch from markus.friedl@informatik.uni-erlangen.de
Damien Millerc4cea3e2000-03-02 23:31:50 +11007208 - Avoid warning message with Unix98 ptys
Damien Millere4340be2000-09-16 13:29:08 +11007209 - Warning was valid - possible race condition on PTYs. Avoided using
Damien Miller204ad072000-03-02 23:56:12 +11007210 platform-specific code.
7211 - Document some common problems
Damien Millere4340be2000-09-16 13:29:08 +11007212 - Allow root access to any key. Patch from
Damien Miller2453d012000-03-02 23:57:18 +11007213 markus.friedl@informatik.uni-erlangen.de
Damien Millera22ba012000-03-02 23:09:20 +11007214
Damien Miller36143d72000-02-07 13:20:26 +1100721520000207
7216 - Removed SOCKS code. Will support through a ProxyCommand.
7217
Damien Miller18522462000-02-03 01:07:07 +1100721820000203
7219 - Fixed SEGVs in authloop, fix from vbzoli@hbrt.hu
Damien Miller0c0e4bf2000-02-03 13:58:51 +11007220 - Add --with-ssl-dir option
Damien Miller18522462000-02-03 01:07:07 +11007221
Damien Miller65527582000-02-02 19:17:40 +1100722220000202
Damien Millere4340be2000-09-16 13:29:08 +11007223 - Fix lastlog code for directory based lastlogs. Fix from Josh Durham
Damien Miller65527582000-02-02 19:17:40 +11007224 <jmd@aoe.vt.edu>
Damien Miller17872522000-02-02 20:56:20 +11007225 - Documentation fixes from HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11007226 - Added URLs to Japanese translations of documents by HARUYAMA Seigo
Damien Miller17872522000-02-02 20:56:20 +11007227 <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Miller65527582000-02-02 19:17:40 +11007228
Damien Miller9e53f352000-02-01 23:05:30 +1100722920000201
7230 - Use socket pairs by default (instead of pipes). Prevents race condition
7231 on several (buggy) OSs. Report and fix from tridge@linuxcare.com
7232
Damien Millerf07390e2000-01-29 20:40:22 +1100723320000127
7234 - Seed OpenSSL's random number generator before generating RSA keypairs
7235 - Split random collector into seperate file
Damien Miller6034fdf2000-01-29 20:55:09 +11007236 - Compile fix from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millerf07390e2000-01-29 20:40:22 +11007237
Damien Miller27f4c782000-01-27 18:22:13 +1100723820000126
7239 - Released 1.2.2 stable
7240
Damien Millere4340be2000-09-16 13:29:08 +11007241 - NeXT keeps it lastlog in /usr/adm. Report from
Damien Miller27f4c782000-01-27 18:22:13 +11007242 mouring@newton.pconline.com
Damien Millere4340be2000-09-16 13:29:08 +11007243 - Added note in UPGRADING re interop with commercial SSH using idea.
Damien Millerf1aa21f2001-01-05 09:30:32 +11007244 Report from Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc85f9b42000-01-29 10:20:21 +11007245 - Fix linking order for Kerberos/AFS. Fix from Holget Trapp
7246 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Miller27f4c782000-01-27 18:22:13 +11007247
Damien Millerd89c24b2000-01-26 11:04:48 +1100724820000125
Damien Millere4340be2000-09-16 13:29:08 +11007249 - Fix NULL pointer dereference in login.c. Fix from Andre Lucas
Damien Millerd89c24b2000-01-26 11:04:48 +11007250 <andre.lucas@dial.pipex.com>
Damien Millerfa51a832000-01-26 11:07:22 +11007251 - Reorder PAM initialisation so it does not mess up lastlog. Reported
7252 by Andre Lucas <andre.lucas@dial.pipex.com>
Damien Millere4340be2000-09-16 13:29:08 +11007253 - Use preformatted manpages on SCO, report from Gary E. Miller
Damien Miller0e1cf7c2000-01-26 12:15:30 +11007254 <gem@rellim.com>
7255 - New URL for x11-ssh-askpass.
Damien Millere4340be2000-09-16 13:29:08 +11007256 - Fixpaths was missing /etc/ssh_known_hosts. Report from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11007257 <jmknoble@jmknoble.cx>
Damien Millere4340be2000-09-16 13:29:08 +11007258 - Added 'DESTDIR' option to Makefile to ease package building. Patch from
Damien Millerf1aa21f2001-01-05 09:30:32 +11007259 Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller7d7c60d2000-01-26 14:37:48 +11007260 - Updated RPM spec files to use DESTDIR
Damien Millerd89c24b2000-01-26 11:04:48 +11007261
Damien Miller68cee102000-01-24 17:02:27 +1100726220000124
7263 - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
7264 increment)
7265
Damien Miller6fe375d2000-01-23 09:38:00 +1100726620000123
7267 - OpenBSD CVS:
7268 - [packet.c]
7269 getsockname() requires initialized tolen; andy@guildsoftware.com
Damien Millere4340be2000-09-16 13:29:08 +11007270 - AIX patch from Matt Richards <v2matt@btv.ibm.com> and David Rankin
Damien Miller1fa154b2000-01-23 10:32:03 +11007271 <drankin@bohemians.lexington.ky.us>
Damien Millerdef0dc92000-01-23 20:18:35 +11007272 - Fix lastlog support, patch from Andre Lucas <andre.lucas@dial.pipex.com>
Damien Miller6fe375d2000-01-23 09:38:00 +11007273
Damien Miller91427002000-01-22 13:25:13 +1100727420000122
7275 - Fix compilation of bsd-snprintf.c on Solaris, fix from Ben Taylor
7276 <bent@clark.net>
Damien Miller670a4b82000-01-22 13:53:11 +11007277 - Merge preformatted manpage patch from Andre Lucas
7278 <andre.lucas@dial.pipex.com>
Damien Miller07278932000-01-22 14:05:37 +11007279 - Make IPv4 use the default in RPM packages
7280 - Irix uses preformatted manpages
Damien Miller8dbbe6e2000-01-22 18:17:42 +11007281 - Missing htons() in bsd-bindresvport.c, fix from Holger Trapp
7282 <Holger.Trapp@Informatik.TU-Chemnitz.DE>
Damien Millerf052aaf2000-01-22 19:47:21 +11007283 - OpenBSD CVS updates:
7284 - [packet.c]
7285 use getpeername() in packet_connection_is_on_socket(), fixes sshd -i;
7286 from Holger.Trapp@Informatik.TU-Chemnitz.DE
7287 - [sshd.c]
7288 log with level log() not fatal() if peer behaves badly.
7289 - [readpass.c]
Damien Millere4340be2000-09-16 13:29:08 +11007290 instead of blocking SIGINT, catch it ourselves, so that we can clean
7291 the tty modes up and kill ourselves -- instead of our process group
Damien Miller33804262001-02-04 23:20:18 +11007292 leader (scp, cvs, ...) going away and leaving us in noecho mode.
Damien Millerf052aaf2000-01-22 19:47:21 +11007293 people with cbreak shells never even noticed..
Damien Miller14537852000-01-22 19:57:40 +11007294 - [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 sshd.8]
7295 ie. -> i.e.,
Damien Miller91427002000-01-22 13:25:13 +11007296
Damien Millereca71f82000-01-20 22:38:27 +1100729720000120
7298 - Don't use getaddrinfo on AIX
Damien Miller396691a2000-01-20 22:44:08 +11007299 - Update to latest OpenBSD CVS:
7300 - [auth-rsa.c]
7301 - fix user/1056, sshd keeps restrictions; dbt@meat.net
7302 - [sshconnect.c]
7303 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
7304 - destroy keys earlier
Damien Millere4340be2000-09-16 13:29:08 +11007305 - split key exchange (kex) and user authentication (user-auth),
Damien Milleree1c0b32000-01-21 00:18:15 +11007306 ok: provos@
Damien Miller396691a2000-01-20 22:44:08 +11007307 - [sshd.c]
7308 - no need for poll.h; from bright@wintelcom.net
7309 - disable agent fwding for proto 1.3, remove abuse of auth-rsa flags.
Damien Millere4340be2000-09-16 13:29:08 +11007310 - split key exchange (kex) and user authentication (user-auth),
Damien Milleree1c0b32000-01-21 00:18:15 +11007311 ok: provos@
Damien Miller88b86e42000-01-20 23:13:35 +11007312 - Big manpage and config file cleanup from Andre Lucas
7313 <andre.lucas@dial.pipex.com>
Damien Miller886c63a2000-01-20 23:13:36 +11007314 - Re-added latest (unmodified) OpenBSD manpages
Damien Millereab2ce02000-01-20 23:58:22 +11007315 - Doc updates
Damien Milleree1c0b32000-01-21 00:18:15 +11007316 - NetBSD patch from David Rankin <drankin@bohemians.lexington.ky.us> and
7317 Christos Zoulas <christos@netbsd.org>
Damien Millereca71f82000-01-20 22:38:27 +11007318
Damien Miller9550a242000-01-19 10:41:23 +1100731920000119
Damien Millereaf99942000-01-19 13:45:07 +11007320 - SCO compile fixes from Gary E. Miller <gem@rellim.com>
Damien Miller9550a242000-01-19 10:41:23 +11007321 - Compile fix from Darren_Hall@progressive.com
Damien Miller7d80e342000-01-19 14:36:49 +11007322 - Linux/glibc-2.1.2 takes a *long* time to look up names for AF_UNSPEC
7323 addresses using getaddrinfo(). Added a configure switch to make the
7324 default lookup mode AF_INET
Damien Miller9550a242000-01-19 10:41:23 +11007325
Damien Millerdbd250f2000-01-18 08:57:14 +1100732620000118
7327 - Fixed --with-pid-dir option
Damien Millerca673b32000-01-18 09:01:27 +11007328 - Makefile fix from Gary E. Miller <gem@rellim.com>
Damien Miller33804262001-02-04 23:20:18 +11007329 - Compile fix for HPUX and Solaris from Andre Lucas
Damien Millere0f45742000-01-18 09:12:06 +11007330 <andre.lucas@dial.pipex.com>
Damien Millerdbd250f2000-01-18 08:57:14 +11007331
Damien Millerb9b94a72000-01-17 09:52:46 +1100733220000117
7333 - Clean up bsd-bindresvport.c. Use arc4random() for picking initial
7334 port, ignore EINVAL errors (Linux) when searching for free port.
Damien Millere4340be2000-09-16 13:29:08 +11007335 - Revert __snprintf -> snprintf aliasing. Apparently Solaris
Damien Miller834171e2000-01-17 09:59:41 +11007336 __snprintf isn't. Report from Theo de Raadt <theo@cvs.openbsd.org>
Damien Millerf693d3b2000-01-17 11:56:27 +11007337 - Document location of Redhat PAM file in INSTALL.
Damien Millere4340be2000-09-16 13:29:08 +11007338 - Fixed X11 forwarding bug on Linux. libc advertises AF_INET6
7339 INADDR_ANY_INIT addresses via getaddrinfo, but may not be able to
Damien Miller19fe9c72000-01-17 15:23:01 +11007340 deliver (no IPv6 kernel support)
Damien Millere2192732000-01-17 13:22:55 +11007341 - Released 1.2.1pre27
Damien Millerb9b94a72000-01-17 09:52:46 +11007342
Damien Miller19fe9c72000-01-17 15:23:01 +11007343 - Fix rresvport_af failure errors (logic error in bsd-bindresvport.c)
Damien Millere4340be2000-09-16 13:29:08 +11007344 - Fix --with-ipaddr-display option test. Fix from Jarno Huuskonen
Damien Millerd426ed62000-01-17 19:22:36 +11007345 <jhuuskon@hytti.uku.fi>
Damien Millere4340be2000-09-16 13:29:08 +11007346 - Fix hang on logout if processes are still using the pty. Needs
Damien Millerb284b542000-01-17 20:55:18 +11007347 further testing.
Damien Miller66409952000-01-17 21:40:06 +11007348 - Patch from Christos Zoulas <christos@zoulas.com>
7349 - Try $prefix first when looking for OpenSSL.
7350 - Include sys/types.h when including sys/socket.h in test programs
Damien Millere4340be2000-09-16 13:29:08 +11007351 - Substitute PID directory in sshd.8. Suggestion from Andrew
Damien Millerb13c73e2000-01-17 22:02:17 +11007352 Stribblehill <a.d.stribblehill@durham.ac.uk>
Damien Miller19fe9c72000-01-17 15:23:01 +11007353
Damien Miller5eed6a22000-01-16 12:05:18 +1100735420000116
7355 - Renamed --with-xauth-path to --with-xauth
7356 - Added --with-pid-dir option
7357 - Released 1.2.1pre26
7358
Damien Miller8f926492000-01-16 18:19:25 +11007359 - Compilation fix from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
Damien Millere4340be2000-09-16 13:29:08 +11007360 - Fixed broken bugfix for /dev/ptmx on Linux systems which lack
Damien Miller62a52ef2000-01-16 23:03:56 +11007361 openpty(). Report from Kiyokazu SUTO <suto@ks-and-ks.ne.jp>
Damien Miller8f926492000-01-16 18:19:25 +11007362
Damien Millerb29ea912000-01-15 14:12:03 +1100736320000115
7364 - Add --with-xauth-path configure directive and explicit test for
Damien Millere4340be2000-09-16 13:29:08 +11007365 /usr/openwin/bin/xauth for Solaris systems. Report from Anders
Damien Millerb29ea912000-01-15 14:12:03 +11007366 Nordby <anders@fix.no>
Damien Millere4340be2000-09-16 13:29:08 +11007367 - Fix incorrect detection of /dev/ptmx on Linux systems that lack
Damien Millerb29ea912000-01-15 14:12:03 +11007368 openpty. Report from John Seifarth <john@waw.be>
7369 - Look for intXX_t and u_intXX_t in sys/bitypes.h if they are not in
Damien Millere4340be2000-09-16 13:29:08 +11007370 sys/types.h. Fixes problems on SCO, report from Gary E. Miller
Damien Millerb29ea912000-01-15 14:12:03 +11007371 <gem@rellim.com>
7372 - Use __snprintf and __vnsprintf if they are found where snprintf and
7373 vnsprintf are lacking. Suggested by Ben Taylor <bent@shell.clark.net>
7374 and others.
7375
Damien Miller34132e52000-01-14 15:45:46 +1100737620000114
7377 - Merged OpenBSD IPv6 patch:
7378 - [sshd.c sshd.8 sshconnect.c ssh.h ssh.c servconf.h servconf.c scp.1]
7379 [scp.c packet.h packet.c login.c log.c canohost.c channels.c]
7380 [hostfile.c sshd_config]
7381 ipv6 support: mostly gethostbyname->getaddrinfo/getnameinfo, new
Damien Millere4340be2000-09-16 13:29:08 +11007382 features: sshd allows multiple ListenAddress and Port options. note
7383 that libwrap is not IPv6-ready. (based on patches from
Damien Miller34132e52000-01-14 15:45:46 +11007384 fujiwara@rcac.tdi.co.jp)
7385 - [ssh.c canohost.c]
Damien Millere4340be2000-09-16 13:29:08 +11007386 more hints (hints.ai_socktype=SOCK_STREAM) for getaddrinfo,
Damien Miller34132e52000-01-14 15:45:46 +11007387 from itojun@
7388 - [channels.c]
7389 listen on _all_ interfaces for X11-Fwd (hints.ai_flags = AI_PASSIVE)
7390 - [packet.h]
7391 allow auth-kerberos for IPv4 only
7392 - [scp.1 sshd.8 servconf.h scp.c]
7393 document -4, -6, and 'ssh -L 2022/::1/22'
7394 - [ssh.c]
Damien Millere4340be2000-09-16 13:29:08 +11007395 'ssh @host' is illegal (null user name), from
Damien Miller34132e52000-01-14 15:45:46 +11007396 karsten@gedankenpolizei.de
7397 - [sshconnect.c]
7398 better error message
7399 - [sshd.c]
7400 allow auth-kerberos for IPv4 only
7401 - Big IPv6 merge:
7402 - Cleanup overrun in sockaddr copying on RHL 6.1
7403 - Replacements for getaddrinfo, getnameinfo, etc based on versions
7404 from patch from KIKUCHI Takahiro <kick@kyoto.wide.ad.jp>
7405 - Replacement for missing structures on systems that lack IPv6
7406 - record_login needed to know about AF_INET6 addresses
7407 - Borrowed more code from OpenBSD: rresvport_af and requisites
7408
Damien Miller25e42562000-01-11 10:59:47 +1100740920000110
7410 - Fixes to auth-skey to enable it to use the standard OpenSSL libraries
7411
Damien Miller2edcda52000-01-07 08:56:05 +1100741220000107
7413 - New config.sub and config.guess to fix problems on SCO. Supplied
7414 by Gary E. Miller <gem@rellim.com>
Damien Millerfa824cb2000-01-07 18:51:27 +11007415 - SCO build fix from Gary E. Miller <gem@rellim.com>
Damien Miller25e42562000-01-11 10:59:47 +11007416 - Released 1.2.1pre25
Damien Miller2edcda52000-01-07 08:56:05 +11007417
Damien Miller105b7f02000-01-07 08:45:55 +1100741820000106
7419 - Documentation update & cleanup
7420 - Better KrbIV / AFS detection, based on patch from:
7421 Holger Trapp <Holger.Trapp@Informatik.TU-Chemnitz.DE>
7422
Damien Miller1808f382000-01-06 12:03:12 +1100742320000105
Damien Millere4340be2000-09-16 13:29:08 +11007424 - Fixed annoying DES corruption problem. libcrypt has been
Damien Miller1808f382000-01-06 12:03:12 +11007425 overriding symbols in libcrypto. Removed libcrypt and crypt.h
7426 altogether (libcrypto includes its own crypt(1) replacement)
7427 - Added platform-specific rules for Irix 6.x. Included warning that
7428 they are untested.
7429
Damien Miller645c5982000-01-03 14:42:09 +1100743020000103
7431 - Add explicit make rules for files proccessed by fixpaths.
Damien Miller33804262001-02-04 23:20:18 +11007432 - Fix "make install" in RPM spec files. Report from Tenkou N. Hattori
Damien Miller645c5982000-01-03 14:42:09 +11007433 <tnh@kondara.org>
Damien Millere4340be2000-09-16 13:29:08 +11007434 - Removed "nullok" directive from default PAM configuration files.
7435 Added information on enabling EmptyPasswords on openssh+PAM in
Damien Millere9c8f4d2000-01-03 20:00:52 +11007436 UPGRADING file.
Damien Miller62ab38a2000-01-03 23:41:05 +11007437 - OpenBSD CVS updates
7438 - [ssh-agent.c]
Damien Millere4340be2000-09-16 13:29:08 +11007439 cleanup_exit() for SIGTERM/SIGHUP, too. from fgsch@ and
Damien Miller62ab38a2000-01-03 23:41:05 +11007440 dgaudet@arctic.org
7441 - [sshconnect.c]
7442 compare correct version for 1.3 compat mode
Damien Miller645c5982000-01-03 14:42:09 +11007443
Damien Miller5121e3a2000-01-02 11:49:28 +1100744420000102
7445 - Prevent multiple inclusion of config.h and defines.h. Suggested
7446 by Andre Lucas <andre.lucas@dial.pipex.com>
7447 - Properly clean up on exit of ssh-agent. Patch from Dean Gaudet
7448 <dgaudet@arctic.org>
7449
Damien Miller8eb0fd61999-12-31 08:49:13 +1100745019991231
Damien Millere4340be2000-09-16 13:29:08 +11007451 - Fix password support on systems with a mixture of shadowed and
7452 non-shadowed passwords (e.g. NIS). Report and fix from
Damien Miller8eb0fd61999-12-31 08:49:13 +11007453 HARUYAMA Seigo <haruyama@nt.phys.s.u-tokyo.ac.jp>
Damien Millere4340be2000-09-16 13:29:08 +11007454 - Fix broken autoconf typedef detection. Report from Marc G.
Damien Millerf3e8be81999-12-31 08:59:04 +11007455 Fournier <marc.fournier@acadiau.ca>
Damien Miller03783f01999-12-31 09:16:40 +11007456 - Fix occasional crash on LinuxPPC. Patch from Franz Sirl
7457 <Franz.Sirl-kernel@lauterbach.com>
Damien Millere4340be2000-09-16 13:29:08 +11007458 - Prevent typedefs from being compiled more than once. Report from
Damien Millerb2532b31999-12-31 09:18:12 +11007459 Marc G. Fournier <marc.fournier@acadiau.ca>
Damien Miller3131d8b1999-12-31 09:42:24 +11007460 - Fill in ut_utaddr utmp field. Report from Benjamin Charron
7461 <iretd@bigfoot.com>
Damien Millere4340be2000-09-16 13:29:08 +11007462 - Really fix broken default path. Fix from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11007463 <jmknoble@jmknoble.cx>
Damien Milleraa7b64d1999-12-31 09:55:34 +11007464 - Remove test for quad_t. No longer needed.
Damien Miller6b85a7f2000-01-02 11:45:33 +11007465 - Released 1.2.1pre24
7466
7467 - Added support for directory-based lastlogs
7468 - Really fix typedefs, patch from Ben Taylor <bent@clark.net>
Damien Miller8eb0fd61999-12-31 08:49:13 +11007469
Damien Millerece22a81999-12-30 09:48:15 +1100747019991230
7471 - OpenBSD CVS updates:
7472 - [auth-passwd.c]
7473 check for NULL 1st
Damien Millere4340be2000-09-16 13:29:08 +11007474 - Removed most of the pam code into its own file auth-pam.[ch]. This
Damien Millere72b7af1999-12-30 15:08:44 +11007475 cleaned up sshd.c up significantly.
Damien Millere4340be2000-09-16 13:29:08 +11007476 - PAM authentication was incorrectly interpreting
Damien Miller8eb0fd61999-12-31 08:49:13 +11007477 "PermitRootLogin without-password". Report from Matthias Andree
7478 <ma@dt.e-technik.uni-dortmund.de
Damien Millere72b7af1999-12-30 15:08:44 +11007479 - Several other cleanups
Damien Miller8bdeee21999-12-30 15:50:54 +11007480 - Merged Dante SOCKS support patch from David Rankin
7481 <drankin@bohemians.lexington.ky.us>
7482 - Updated documentation with ./configure options
Damien Miller8eb0fd61999-12-31 08:49:13 +11007483 - Released 1.2.1pre23
Damien Millerece22a81999-12-30 09:48:15 +11007484
Damien Miller9550a761999-12-29 02:32:22 +1100748519991229
Damien Millere4340be2000-09-16 13:29:08 +11007486 - Applied another NetBSD portability patch from David Rankin
Damien Miller9550a761999-12-29 02:32:22 +11007487 <drankin@bohemians.lexington.ky.us>
7488 - Fix --with-default-path option.
Damien Millere4340be2000-09-16 13:29:08 +11007489 - Autodetect perl, patch from David Rankin
Damien Millere79334a1999-12-29 10:03:37 +11007490 <drankin@bohemians.lexington.ky.us>
Damien Millere4340be2000-09-16 13:29:08 +11007491 - Print whether OpenSSH was compiled with RSARef, patch from
Damien Millerd00d1611999-12-29 10:17:09 +11007492 Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
Damien Millere4340be2000-09-16 13:29:08 +11007493 - Calls to pam_setcred, patch from Nalin Dahyabhai
Damien Millerac3a4b41999-12-29 10:25:40 +11007494 <nalin@thermo.stat.ncsu.edu>
Damien Miller95058511999-12-29 10:36:45 +11007495 - Detect missing size_t and typedef it.
Damien Miller58ca7d81999-12-29 19:56:30 +11007496 - Rename helper.[ch] to (more appropriate) bsd-misc.[ch]
7497 - Minor Makefile cleaning
Damien Miller9550a761999-12-29 02:32:22 +11007498
Damien Miller13bc0be1999-12-28 10:19:16 +1100749919991228
7500 - Replacement for getpagesize() for systems which lack it
Damien Millere4340be2000-09-16 13:29:08 +11007501 - NetBSD login.c compile fix from David Rankin
Damien Miller4ff2b9b1999-12-28 10:41:12 +11007502 <drankin@bohemians.lexington.ky.us>
7503 - Fully set ut_tv if present in utmp or utmpx
Damien Millerbeb4ba51999-12-28 15:09:35 +11007504 - Portability fixes for Irix 5.3 (now compiles OK!)
7505 - autoconf and other misc cleanups
Damien Miller74d0d4a1999-12-29 02:24:35 +11007506 - Merged AIX patch from Darren Hall <dhall@virage.org>
7507 - Cleaned up defines.h
Damien Miller06b472b1999-12-29 19:47:06 +11007508 - Released 1.2.1pre22
Damien Miller13bc0be1999-12-28 10:19:16 +11007509
Damien Millerc0d73901999-12-27 09:23:58 +1100751019991227
7511 - Automatically correct paths in manpages and configuration files. Patch
7512 and script from Andre Lucas <andre.lucas@dial.pipex.com>
7513 - Removed credits from README to CREDITS file, updated.
Damien Miller5a3e6831999-12-27 09:48:56 +11007514 - Added --with-default-path to specify custom path for server
7515 - Removed #ifdef trickery from acconfig.h into defines.h
Damien Miller373d2911999-12-27 10:45:54 +11007516 - PAM bugfix. PermitEmptyPassword was being ignored.
7517 - Fixed PAM config files to allow empty passwords if server does.
7518 - Explained spurious PAM auth warning workaround in UPGRADING
Damien Millere1276241999-12-27 11:33:56 +11007519 - Use last few chars of tty line as ut_id
Damien Miller6a5d4d61999-12-27 16:46:17 +11007520 - New SuSE RPM spec file from Chris Saia <csaia@wtower.com>
Damien Miller68e45de1999-12-27 23:54:55 +11007521 - OpenBSD CVS updates:
7522 - [packet.h auth-rhosts.c]
7523 check format string for packet_disconnect and packet_send_debug, too
7524 - [channels.c]
7525 use packet_get_maxsize for channels. consistence.
Damien Millerc0d73901999-12-27 09:23:58 +11007526
Damien Miller32b3cf21999-12-26 10:21:48 +1100752719991226
7528 - Enabled utmpx support by default for Solaris
7529 - Cleanup sshd.c PAM a little more
Damien Millerf1aa21f2001-01-05 09:30:32 +11007530 - Revised RPM package to include Jim Knoble's <jmknoble@jmknoble.cx>
Damien Miller36884401999-12-26 12:26:21 +11007531 X11 ssh-askpass program.
Damien Millerd49621e1999-12-26 14:04:33 +11007532 - Disable logging of PAM success and failures, PAM is verbose enough.
Damien Millere4340be2000-09-16 13:29:08 +11007533 Unfortunatly there is currently no way to disable auth failure
7534 messages. Mention this in UPGRADING file and sent message to PAM
Damien Millerd49621e1999-12-26 14:04:33 +11007535 developers
Damien Miller4f0fa561999-12-26 14:24:41 +11007536 - OpenBSD CVS update:
7537 - [ssh-keygen.1 ssh.1]
Damien Millere4340be2000-09-16 13:29:08 +11007538 remove ref to .ssh/random_seed, mention .ssh/environment in
Damien Miller4f0fa561999-12-26 14:24:41 +11007539 .Sh FILES, too
Damien Miller9673b2b1999-12-26 19:10:30 +11007540 - Released 1.2.1pre21
Damien Millere4340be2000-09-16 13:29:08 +11007541 - Fixed implicit '.' in default path, report from Jim Knoble
Damien Millerf1aa21f2001-01-05 09:30:32 +11007542 <jmknoble@jmknoble.cx>
7543 - Redhat RPM spec fixes from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller32b3cf21999-12-26 10:21:48 +11007544
Damien Miller2e1b0821999-12-25 10:11:29 +1100754519991225
7546 - More fixes from Andre Lucas <andre.lucas@dial.pipex.com>
7547 - Cleanup of auth-passwd.c for shadow and MD5 passwords
7548 - Cleanup and bugfix of PAM authentication code
Damien Miller32b3cf21999-12-26 10:21:48 +11007549 - Released 1.2.1pre20
7550
7551 - Merged fixes from Ben Taylor <bent@clark.net>
7552 - Fixed configure support for PAM. Reported by Naz <96na@eng.cam.ac.uk>
7553 - Disabled logging of PAM password authentication failures when password
7554 is empty. (e.g start of authentication loop). Reported by Naz
7555 <96na@eng.cam.ac.uk>)
Damien Miller2e1b0821999-12-25 10:11:29 +11007556
755719991223
Damien Millere4340be2000-09-16 13:29:08 +11007558 - Merged later HPUX patch from Andre Lucas
Damien Miller2e1b0821999-12-25 10:11:29 +11007559 <andre.lucas@dial.pipex.com>
7560 - Above patch included better utmpx support from Ben Taylor
Damien Miller32b3cf21999-12-26 10:21:48 +11007561 <bent@clark.net>
Damien Miller2e1b0821999-12-25 10:11:29 +11007562
Damien Miller365199d1999-12-22 00:12:38 +1100756319991222
Damien Millere4340be2000-09-16 13:29:08 +11007564 - Fix undefined fd_set type in ssh.h from Povl H. Pedersen
Damien Miller365199d1999-12-22 00:12:38 +11007565 <pope@netguide.dk>
Damien Miller1b0c2281999-12-22 16:09:48 +11007566 - Fix login.c breakage on systems which lack ut_host in struct
7567 utmp. Reported by Willard Dawson <willard.dawson@sbs.siemens.com>
Damien Miller365199d1999-12-22 00:12:38 +11007568
Damien Miller76112de1999-12-21 11:18:08 +1100756919991221
Damien Millere4340be2000-09-16 13:29:08 +11007570 - Integration of large HPUX patch from Andre Lucas
7571 <andre.lucas@dial.pipex.com>. Integrating it had a few other
Damien Miller76112de1999-12-21 11:18:08 +11007572 benefits:
7573 - Ability to disable shadow passwords at configure time
7574 - Ability to disable lastlog support at configure time
7575 - Support for IP address in $DISPLAY
Damien Millerf039bad1999-12-21 20:57:20 +11007576 - OpenBSD CVS update:
7577 - [sshconnect.c]
7578 say "REMOTE HOST IDENTIFICATION HAS CHANGED"
Damien Millercb7e5f91999-12-21 21:03:09 +11007579 - Fix DISABLE_SHADOW support
7580 - Allow MD5 passwords even if shadow passwords are disabled
Damien Millere8852911999-12-21 22:50:50 +11007581 - Release 1.2.1pre19
Damien Miller76112de1999-12-21 11:18:08 +11007582
Damien Millerc4c647f1999-12-18 20:54:52 +1100758319991218
Damien Millere4340be2000-09-16 13:29:08 +11007584 - Redhat init script patch from Chun-Chung Chen
Damien Millerc4c647f1999-12-18 20:54:52 +11007585 <cjj@u.washington.edu>
Damien Millerfdb7caf1999-12-18 20:57:40 +11007586 - Avoid breakage on systems without IPv6 headers
Damien Millerc4c647f1999-12-18 20:54:52 +11007587
Damien Millerab8a4da1999-12-16 13:05:30 +1100758819991216
Damien Millere4340be2000-09-16 13:29:08 +11007589 - Makefile changes for Solaris from Peter Kocks
Damien Millerab8a4da1999-12-16 13:05:30 +11007590 <peter.kocks@baygate.com>
Damien Miller5e7c10e1999-12-16 13:18:04 +11007591 - Minor updates to docs
7592 - Merged OpenBSD CVS changes:
7593 - [authfd.c ssh-agent.c]
7594 keysize warnings talk about identity files
7595 - [packet.c]
7596 "Connection closed by x.x.x.x": fatal() -> log()
Damien Millere4340be2000-09-16 13:29:08 +11007597 - Correctly handle empty passwords in shadow file. Patch from:
Damien Miller8f9d5071999-12-16 15:10:45 +11007598 "Chris, the Young One" <cky@pobox.com>
7599 - Released 1.2.1pre18
Damien Millerab8a4da1999-12-16 13:05:30 +11007600
Damien Miller84093e91999-12-15 09:06:28 +1100760119991215
7602 - Integrated patchs from Juergen Keil <jk@tools.de>
7603 - Avoid void* pointer arithmatic
7604 - Use LDFLAGS correctly
Damien Miller864ea591999-12-15 11:04:25 +11007605 - Fix SIGIO error in scp
7606 - Simplify status line printing in scp
Damien Miller33804262001-02-04 23:20:18 +11007607 - Added better test for inline functions compiler support from
Damien Miller3b9d5e91999-12-15 09:34:31 +11007608 Darren_Hall@progressive.com
Damien Miller84093e91999-12-15 09:06:28 +11007609
Damien Millera34a28b1999-12-14 10:47:15 +1100761019991214
7611 - OpenBSD CVS Changes
7612 - [canohost.c]
Damien Millere4340be2000-09-16 13:29:08 +11007613 fix get_remote_port() and friends for sshd -i;
Damien Millera34a28b1999-12-14 10:47:15 +11007614 Holger.Trapp@Informatik.TU-Chemnitz.DE
7615 - [mpaux.c]
7616 make code simpler. no need for memcpy. niels@ ok
7617 - [pty.c]
7618 namebuflen not sizeof namebuflen; bnd@ep-ag.com via djm@mindrot.org
7619 fix proto; markus
7620 - [ssh.1]
7621 typo; mark.baushke@solipsa.com
7622 - [channels.c ssh.c ssh.h sshd.c]
7623 type conflict for 'extern Type *options' in channels.c; dot@dotat.at
7624 - [sshconnect.c]
7625 move checking of hostkey into own function.
7626 - [version.h]
7627 OpenSSH-1.2.1
Damien Miller36b339a1999-12-14 10:54:47 +11007628 - Clean up broken includes in pty.c
Damien Miller6ae00d61999-12-14 15:43:03 +11007629 - Some older systems don't have poll.h, they use sys/poll.h instead
7630 - Doc updates
Damien Millera34a28b1999-12-14 10:47:15 +11007631
Damien Millerc6b3bbe1999-12-13 08:27:33 +1100763219991211
Damien Millere4340be2000-09-16 13:29:08 +11007633 - Fix compilation on systems with AFS. Reported by
Damien Millerc6b3bbe1999-12-13 08:27:33 +11007634 aloomis@glue.umd.edu
Damien Millere4340be2000-09-16 13:29:08 +11007635 - Fix installation on Solaris. Reported by
Damien Millerc6b3bbe1999-12-13 08:27:33 +11007636 Gordon Rowell <gordonr@gormand.com.au>
7637 - Fix gccisms (__attribute__ and inline). Report by edgy@us.ibm.com,
7638 patch from Markus Friedl <markus.friedl@informatik.uni-erlangen.de>
7639 - Auto-locate xauth. Patch from David Agraz <dagraz@jahoopa.com>
7640 - Compile fix from David Agraz <dagraz@jahoopa.com>
7641 - Avoid compiler warning in bsd-snprintf.c
Damien Millere4340be2000-09-16 13:29:08 +11007642 - Added pam_limits.so to default PAM config. Suggested by
Damien Millerf1aa21f2001-01-05 09:30:32 +11007643 Jim Knoble <jmknoble@jmknoble.cx>
Damien Millerc6b3bbe1999-12-13 08:27:33 +11007644
Damien Millerbf1c9b21999-12-09 10:16:54 +1100764519991209
7646 - Import of patch from Ben Taylor <bent@clark.net>:
7647 - Improved PAM support
7648 - "uninstall" rule for Makefile
7649 - utmpx support
7650 - Should fix PAM problems on Solaris
Damien Miller50945fa1999-12-09 10:31:37 +11007651 - OpenBSD CVS updates:
7652 - [readpass.c]
7653 avoid stdio; based on work by markus, millert, and I
7654 - [sshd.c]
7655 make sure the client selects a supported cipher
7656 - [sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11007657 fix sighup handling. accept would just restart and daemon handled
7658 sighup only after the next connection was accepted. use poll on
Damien Miller50945fa1999-12-09 10:31:37 +11007659 listen sock now.
7660 - [sshd.c]
7661 make that a fatal
Damien Millerd7f66151999-12-09 10:48:58 +11007662 - Applied patch from David Rankin <drankin@bohemians.lexington.ky.us>
7663 to fix libwrap support on NetBSD
Damien Miller6646bad1999-12-09 10:42:10 +11007664 - Released 1.2pre17
Damien Millerbf1c9b21999-12-09 10:16:54 +11007665
Damien Millerfce16481999-12-08 08:53:52 +1100766619991208
Damien Millere4340be2000-09-16 13:29:08 +11007667 - Compile fix for Solaris with /dev/ptmx from
Damien Millerfce16481999-12-08 08:53:52 +11007668 David Agraz <dagraz@jahoopa.com>
7669
Damien Miller0c078c61999-12-07 14:53:57 +1100767019991207
Damien Millerf1aa21f2001-01-05 09:30:32 +11007671 - sshd Redhat init script patch from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller0c078c61999-12-07 14:53:57 +11007672 fixes compatability with 4.x and 5.x
Damien Miller3bc14dd1999-12-07 14:54:53 +11007673 - Fixed default SSH_ASKPASS
Damien Millere4340be2000-09-16 13:29:08 +11007674 - Fix PAM account and session being called multiple times. Problem
Damien Millereabf3411999-12-07 14:56:27 +11007675 reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk>
Damien Miller037a0dc1999-12-07 15:38:31 +11007676 - Merged more OpenBSD changes:
7677 - [atomicio.c authfd.c scp.c serverloop.c ssh.h sshconnect.c sshd.c]
Damien Millere4340be2000-09-16 13:29:08 +11007678 move atomicio into it's own file. wrap all socket write()s which
Damien Miller037a0dc1999-12-07 15:38:31 +11007679 were doing write(sock, buf, len) != len, with atomicio() calls.
7680 - [auth-skey.c]
7681 fd leak
7682 - [authfile.c]
7683 properly name fd variable
7684 - [channels.c]
7685 display great hatred towards strcpy
7686 - [pty.c pty.h sshd.c]
7687 use openpty() if it exists (it does on BSD4_4)
7688 - [tildexpand.c]
7689 check for ~ expansion past MAXPATHLEN
7690 - Modified helper.c to use new atomicio function.
7691 - Reformat Makefile a little
7692 - Moved RC4 routines from rc4.[ch] into helper.c
7693 - Added autoconf code to detect /dev/ptmx (Solaris) and /dev/ptc (AIX)
Damien Milleraf2604a1999-12-07 16:21:40 +11007694 - Updated SuSE spec from Chris Saia <csaia@wtower.com>
7695 - Tweaked Redhat spec
Damien Millerf5d69a51999-12-07 16:55:04 +11007696 - Clean up bad imports of a few files (forgot -kb)
7697 - Released 1.2pre16
Damien Miller0c078c61999-12-07 14:53:57 +11007698
Damien Millerdc33fc31999-12-04 20:24:48 +1100769919991204
7700 - Small cleanup of PAM code in sshd.c
Damien Milleraae6c611999-12-06 11:47:28 +11007701 - Merged OpenBSD CVS changes:
7702 - [auth-krb4.c auth-passwd.c auth-skey.c ssh.h]
7703 move skey-auth from auth-passwd.c to auth-skey.c, same for krb4
7704 - [auth-rsa.c]
7705 warn only about mismatch if key is _used_
7706 warn about keysize-mismatch with log() not error()
7707 channels.c readconf.c readconf.h ssh.c ssh.h sshconnect.c
7708 ports are u_short
7709 - [hostfile.c]
7710 indent, shorter warning
7711 - [nchan.c]
7712 use error() for internal errors
7713 - [packet.c]
7714 set loglevel for SSH_MSG_DISCONNECT to log(), not fatal()
7715 serverloop.c
7716 indent
7717 - [ssh-add.1 ssh-add.c ssh.h]
7718 document $SSH_ASKPASS, reasonable default
7719 - [ssh.1]
7720 CheckHostIP is not available for connects via proxy command
7721 - [sshconnect.c]
7722 typo
7723 easier to read client code for passwd and skey auth
7724 turn of checkhostip for proxy connects, since we don't know the remote ip
Damien Millerdc33fc31999-12-04 20:24:48 +11007725
Damien Miller42b81ff1999-11-26 12:21:24 +1100772619991126
7727 - Add definition for __P()
7728 - Added [v]snprintf() replacement for systems that lack it
7729
Damien Miller78224a01999-11-25 11:55:45 +1100773019991125
7731 - More reformatting merged from OpenBSD CVS
7732 - Merged OpenBSD CVS changes:
7733 - [channels.c]
7734 fix packet_integrity_check() for !have_hostname_in_open.
7735 report from mrwizard@psu.edu via djm@ibs.com.au
7736 - [channels.c]
7737 set SO_REUSEADDR and SO_LINGER for forwarded ports.
7738 chip@valinux.com via damien@ibs.com.au
7739 - [nchan.c]
7740 it's not an error() if shutdown_write failes in nchan.
7741 - [readconf.c]
7742 remove dead #ifdef-0-code
7743 - [readconf.c servconf.c]
7744 strcasecmp instead of tolower
7745 - [scp.c]
7746 progress meter overflow fix from damien@ibs.com.au
7747 - [ssh-add.1 ssh-add.c]
7748 SSH_ASKPASS support
7749 - [ssh.1 ssh.c]
7750 postpone fork_after_authentication until command execution,
7751 request/patch from jahakala@cc.jyu.fi via damien@ibs.com.au
7752 plus: use daemon() for backgrounding
Damien Millerd8087f61999-11-25 12:31:26 +11007753 - Added BSD compatible install program and autoconf test, thanks to
7754 Niels Kristian Bech Jensen <nkbj@image.dk>
7755 - Solaris fixing, thanks to Ben Taylor <bent@clark.net>
Damien Miller063fdf81999-11-25 13:08:31 +11007756 - Merged beginnings of AIX support from Tor-Ake Fransson <torake@hotmail.com>
Damien Millerbf3f6ef1999-11-25 13:50:10 +11007757 - Release 1.2pre15
Damien Miller78224a01999-11-25 11:55:45 +11007758
Damien Miller95def091999-11-25 00:26:21 +1100775919991124
7760 - Merged very large OpenBSD source code reformat
7761 - OpenBSD CVS updates
7762 - [channels.c cipher.c compat.c log-client.c scp.c serverloop.c]
7763 [ssh.h sshd.8 sshd.c]
7764 syslog changes:
7765 * Unified Logmessage for all auth-types, for success and for failed
7766 * Standard connections get only ONE line in the LOG when level==LOG:
7767 Auth-attempts are logged only, if authentication is:
7768 a) successfull or
7769 b) with passwd or
7770 c) we had more than AUTH_FAIL_LOG failues
7771 * many log() became verbose()
7772 * old behaviour with level=VERBOSE
7773 - [readconf.c readconf.h ssh.1 ssh.h sshconnect.c sshd.c]
7774 tranfer s/key challenge/response data in SSH_SMSG_AUTH_TIS_CHALLENGE
7775 messages. allows use of s/key in windows (ttssh, securecrt) and
7776 ssh-1.2.27 clients without 'ssh -v', ok: niels@
7777 - [sshd.8]
7778 -V, for fallback to openssh in SSH2 compatibility mode
7779 - [sshd.c]
7780 fix sigchld race; cjc5@po.cwru.edu
7781
Damien Miller294df781999-11-23 10:11:29 +1100778219991123
7783 - Added SuSE package files from Chris Saia <csaia@wtower.com>
Damien Miller3744b511999-11-23 11:24:32 +11007784 - Restructured package-related files under packages/*
Damien Miller294df781999-11-23 10:11:29 +11007785 - Added generic PAM config
Damien Miller3744b511999-11-23 11:24:32 +11007786 - Numerous little Solaris fixes
Damien Miller4d2f15f1999-11-23 12:36:29 +11007787 - Add recommendation to use GNU make to INSTALL document
Damien Miller294df781999-11-23 10:11:29 +11007788
Damien Miller22218721999-11-22 12:51:42 +1100778919991122
7790 - Make <enter> close gnome-ssh-askpass (Debian bug #50299)
Damien Miller83df0691999-11-22 13:22:29 +11007791 - OpenBSD CVS Changes
Damien Millere4340be2000-09-16 13:29:08 +11007792 - [ssh-keygen.c]
7793 don't create ~/.ssh only if the user wants to store the private
7794 key there. show fingerprint instead of public-key after
Damien Miller83df0691999-11-22 13:22:29 +11007795 keygeneration. ok niels@
Damien Millerb3ca3aa1999-11-22 13:57:07 +11007796 - Added OpenBSD bsd-strlcat.c, created bsd-strlcat.h
Damien Miller859cec01999-11-22 14:27:24 +11007797 - Added timersub() macro
Damien Millerb3ca3aa1999-11-22 13:57:07 +11007798 - Tidy RCSIDs of bsd-*.c
Damien Millere4340be2000-09-16 13:29:08 +11007799 - Added autoconf test and macro to deal with old PAM libraries
Damien Miller859cec01999-11-22 14:27:24 +11007800 pam_strerror definition (one arg vs two).
Damien Millerd71b12e1999-11-22 15:24:34 +11007801 - Fix EGD problems (Thanks to Ben Taylor <bent@clark.net>)
Damien Millere4340be2000-09-16 13:29:08 +11007802 - Retry /dev/urandom reads interrupted by signal (report from
Damien Millerd71b12e1999-11-22 15:24:34 +11007803 Robert Hardy <rhardy@webcon.net>)
Damien Millerd7702521999-11-22 16:11:05 +11007804 - Added a setenv replacement for systems which lack it
Damien Millerd733c911999-11-22 18:11:23 +11007805 - Only display public key comment when presenting ssh-askpass dialog
7806 - Released 1.2pre14
Damien Miller22218721999-11-22 12:51:42 +11007807
Damien Millere4340be2000-09-16 13:29:08 +11007808 - Configure, Make and changelog corrections from Tudor Bosman
Damien Millerf7c0f821999-11-22 22:31:49 +11007809 <tudorb@jm.nu> and Niels Kristian Bech Jensen <nkbj@image.dk>
7810
Damien Miller6162d121999-11-21 13:23:52 +1100781119991121
Damien Miller83df0691999-11-22 13:22:29 +11007812 - OpenBSD CVS Changes:
Damien Miller22218721999-11-22 12:51:42 +11007813 - [channels.c]
7814 make this compile, bad markus
7815 - [log.c readconf.c servconf.c ssh.h]
7816 bugfix: loglevels are per host in clientconfig,
7817 factor out common log-level parsing code.
7818 - [servconf.c]
7819 remove unused index (-Wall)
7820 - [ssh-agent.c]
7821 only one 'extern char *__progname'
7822 - [sshd.8]
7823 document SIGHUP, -Q to synopsis
7824 - [sshconnect.c serverloop.c sshd.c packet.c packet.h]
7825 [channels.c clientloop.c]
7826 SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
7827 [hope this time my ISP stays alive during commit]
7828 - [OVERVIEW README] typos; green@freebsd
7829 - [ssh-keygen.c]
7830 replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me)
7831 exit if writing the key fails (no infinit loop)
7832 print usage() everytime we get bad options
7833 - [ssh-keygen.c] overflow, djm@mindrot.org
7834 - [sshd.c] fix sigchld race; cjc5@po.cwru.edu
Damien Miller33804262001-02-04 23:20:18 +11007835
Damien Millerc6398ef1999-11-20 12:18:40 +1100783619991120
Damien Millere4340be2000-09-16 13:29:08 +11007837 - Merged more Solaris support from Marc G. Fournier
Damien Millerc6398ef1999-11-20 12:18:40 +11007838 <marc.fournier@acadiau.ca>
7839 - Wrote autoconf tests for integer bit-types
7840 - Fixed enabling kerberos support
Damien Millere4340be2000-09-16 13:29:08 +11007841 - Fix segfault in ssh-keygen caused by buffer overrun in filename
Damien Millerf58db381999-11-20 17:02:56 +11007842 handling.
Damien Millerc6398ef1999-11-20 12:18:40 +11007843
Damien Miller5bbbd361999-11-19 07:56:21 +1100784419991119
7845 - Merged PAM buffer overrun patch from Chip Salzenberg <chip@valinux.com>
Damien Miller23b78391999-11-19 08:25:48 +11007846 - Merged OpenBSD CVS changes
7847 - [auth-rhosts.c auth-rsa.c ssh-agent.c sshconnect.c sshd.c]
7848 more %d vs. %s in fmt-strings
7849 - [authfd.c]
7850 Integers should not be printed with %s
Damien Miller58fc4731999-11-19 12:05:01 +11007851 - EGD uses a socket, not a named pipe. Duh.
7852 - Fix includes in fingerprint.c
Damien Millerdc9365b1999-11-19 12:34:14 +11007853 - Fix scp progress bar bug again.
Damien Millere4340be2000-09-16 13:29:08 +11007854 - Move ssh-askpass from ${libdir}/ssh to ${libexecdir}/ssh at request of
Damien Miller18ac1711999-11-19 12:43:19 +11007855 David Rankin <drankin@bohemians.lexington.ky.us>
Damien Miller80297751999-11-19 13:03:25 +11007856 - Added autoconf option to enable Kerberos 4 support (untested)
7857 - Added autoconf option to enable AFS support (untested)
7858 - Added autoconf option to enable S/Key support (untested)
7859 - Added autoconf option to enable TCP wrappers support (compiles OK)
Damien Miller04f80141999-11-19 15:32:34 +11007860 - Renamed BSD helper function files to bsd-*
Damien Millere4340be2000-09-16 13:29:08 +11007861 - Added tests for login and daemon and enable OpenBSD replacements for
Damien Millerdd1c7ba1999-11-19 15:53:20 +11007862 when they are absent.
7863 - Added non-PAM MD5 password support patch from Tudor Bosman <tudorb@jm.nu>
Damien Miller5bbbd361999-11-19 07:56:21 +11007864
Damien Miller81428f91999-11-18 09:28:11 +1100786519991118
7866 - Merged OpenBSD CVS changes
7867 - [scp.c] foregroundproc() in scp
7868 - [sshconnect.h] include fingerprint.h
Damien Millere4340be2000-09-16 13:29:08 +11007869 - [sshd.c] bugfix: the log() for passwd-auth escaped during logging
Damien Miller81428f91999-11-18 09:28:11 +11007870 changes.
Damien Miller6ee95641999-11-18 11:35:13 +11007871 - [ssh.1] Spell my name right.
Damien Miller81428f91999-11-18 09:28:11 +11007872 - Added openssh.com info to README
7873
Damien Miller10f6f6b1999-11-17 17:29:08 +1100787419991117
7875 - Merged OpenBSD CVS changes
7876 - [ChangeLog.Ylonen] noone needs this anymore
7877 - [authfd.c] close-on-exec for auth-socket, ok deraadt
Damien Millere4340be2000-09-16 13:29:08 +11007878 - [hostfile.c]
7879 in known_hosts key lookup the entry for the bits does not need
7880 to match, all the information is contained in n and e. This
7881 solves the problem with buggy servers announcing the wrong
Damien Miller10f6f6b1999-11-17 17:29:08 +11007882 modulus length. markus and me.
Damien Millere4340be2000-09-16 13:29:08 +11007883 - [serverloop.c]
7884 bugfix: check for space if child has terminated, from:
Damien Miller10f6f6b1999-11-17 17:29:08 +11007885 iedowse@maths.tcd.ie
7886 - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c]
7887 [fingerprint.c fingerprint.h]
7888 rsa key fingerprints, idea from Bjoern Groenvall <bg@sics.se>
7889 - [ssh-agent.1] typo
7890 - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@
Damien Millere4340be2000-09-16 13:29:08 +11007891 - [sshd.c]
Damien Miller10f6f6b1999-11-17 17:29:08 +11007892 force logging to stderr while loading private key file
7893 (lost while converting to new log-levels)
7894
Damien Miller7e8e8201999-11-16 13:37:16 +1100789519991116
7896 - Fix some Linux libc5 problems reported by Miles Wilson <mw@mctitle.com>
7897 - Merged OpenBSD CVS changes:
7898 - [auth-rh-rsa.c auth-rsa.c authfd.c authfd.h hostfile.c mpaux.c]
7899 [mpaux.h ssh-add.c ssh-agent.c ssh.h ssh.c sshd.c]
7900 the keysize of rsa-parameter 'n' is passed implizit,
7901 a few more checks and warnings about 'pretended' keysizes.
7902 - [cipher.c cipher.h packet.c packet.h sshd.c]
7903 remove support for cipher RC4
7904 - [ssh.c]
7905 a note for legay systems about secuity issues with permanently_set_uid(),
7906 the private hostkey and ptrace()
7907 - [sshconnect.c]
7908 more detailed messages about adding and checking hostkeys
7909
Damien Millerd05a2471999-11-15 14:25:30 +1100791019991115
7911 - Merged OpenBSD CVS changes:
Damien Millere4340be2000-09-16 13:29:08 +11007912 - [ssh-add.c] change passphrase loop logic and remove ref to
Damien Millerd05a2471999-11-15 14:25:30 +11007913 $DISPLAY, ok niels
7914 - Changed to ssh-add.c broke askpass support. Revised it to be a little more
Damien Millere4340be2000-09-16 13:29:08 +11007915 modular.
Damien Millerd05a2471999-11-15 14:25:30 +11007916 - Revised autoconf support for enabling/disabling askpass support.
Damien Miller2ccf6611999-11-15 15:25:10 +11007917 - Merged more OpenBSD CVS changes:
Damien Millerbe484b52000-07-15 14:14:16 +10007918 [auth-krb4.c]
7919 - disconnect if getpeername() fails
7920 - missing xfree(*client)
7921 [canohost.c]
7922 - disconnect if getpeername() fails
7923 - fix comment: we _do_ disconnect if ip-options are set
7924 [sshd.c]
7925 - disconnect if getpeername() fails
7926 - move checking of remote port to central place
7927 [auth-rhosts.c] move checking of remote port to central place
7928 [log-server.c] avoid extra fd per sshd, from millert@
7929 [readconf.c] print _all_ bad config-options in ssh(1), too
7930 [readconf.h] print _all_ bad config-options in ssh(1), too
7931 [ssh.c] print _all_ bad config-options in ssh(1), too
7932 [sshconnect.c] disconnect if getpeername() fails
Damien Miller2ccf6611999-11-15 15:25:10 +11007933 - OpenBSD's changes to sshd.c broke the PAM stuff, re-merged it.
Damien Miller3bd49ec1999-11-15 15:40:55 +11007934 - Various small cleanups to bring diff (against OpenBSD) size down.
Damien Miller3f905871999-11-15 17:10:57 +11007935 - Merged more Solaris compability from Marc G. Fournier
7936 <marc.fournier@acadiau.ca>
7937 - Wrote autoconf tests for __progname symbol
Damien Millerf1aa21f2001-01-05 09:30:32 +11007938 - RPM spec file fixes from Jim Knoble <jmknoble@jmknoble.cx>
Damien Miller2e8b1c81999-11-15 23:33:56 +11007939 - Released 1.2pre12
7940
7941 - Another OpenBSD CVS update:
7942 - [ssh-keygen.1] fix .Xr
Damien Millerd05a2471999-11-15 14:25:30 +11007943
Damien Miller0a6e6681999-11-15 09:56:06 +1100794419991114
7945 - Solaris compilation fixes (still imcomplete)
7946
Damien Millerb0284381999-11-13 13:30:28 +1100794719991113
Damien Miller192bd011999-11-13 23:56:35 +11007948 - Build patch from Niels Kristian Bech Jensen <nkbj@image.dk>
7949 - Don't install config files if they already exist
7950 - Fix inclusion of additional preprocessor directives from acconfig.h
Damien Millerb0284381999-11-13 13:30:28 +11007951 - Removed redundant inclusions of config.h
Damien Millerc6d5ce81999-11-15 16:01:07 +11007952 - Added 'Obsoletes' lines to RPM spec file
Damien Millerb0284381999-11-13 13:30:28 +11007953 - Merged OpenBSD CVS changes:
7954 - [bufaux.c] save a view malloc/memcpy/memset/free's, ok niels
Damien Millere4340be2000-09-16 13:29:08 +11007955 - [scp.c] fix overflow reported by damien@ibs.com.au: off_t
Damien Millerb0284381999-11-13 13:30:28 +11007956 totalsize, ok niels,aaron
Damien Millere4340be2000-09-16 13:29:08 +11007957 - Delay fork (-f option) in ssh until after port forwarded connections
Damien Millerb0284381999-11-13 13:30:28 +11007958 have been initialised. Patch from Jani Hakala <jahakala@cc.jyu.fi>
Damien Miller2cb210f1999-11-13 15:40:10 +11007959 - Added shadow password patch from Thomas Neumann <tom@smart.ruhr.de>
7960 - Added ifdefs to auth-passwd.c to exclude it when PAM is enabled
Damien Miller192bd011999-11-13 23:56:35 +11007961 - Tidied default config file some more
7962 - Revised Redhat initscript to fix bug: sshd (re)start would fail
7963 if executed from inside a ssh login.
Damien Millerb0284381999-11-13 13:30:28 +11007964
Damien Miller776af5d1999-11-12 08:49:09 +1100796519991112
7966 - Merged changes from OpenBSD CVS
7967 - [sshd.c] session_key_int may be zero
Damien Miller32265091999-11-12 11:33:04 +11007968 - [auth-rh-rsa.c servconf.c servconf.h ssh.h sshd.8 sshd.c sshd_config]
Damien Millere4340be2000-09-16 13:29:08 +11007969 IgnoreUserKnownHosts(default=no), used for RhostRSAAuth, ok
Damien Miller32265091999-11-12 11:33:04 +11007970 deraadt,millert
7971 - Brought default sshd_config more in line with OpenBSD's
Damien Millerb9a692d1999-11-12 12:09:36 +11007972 - Grab server in gnome-ssh-askpass (Debian bug #49872)
7973 - Released 1.2pre10
Damien Miller776af5d1999-11-12 08:49:09 +11007974
Damien Millerb5f89271999-11-12 14:35:58 +11007975 - Added INSTALL documentation
Damien Miller6d7b2cd1999-11-12 15:19:27 +11007976 - Merged yet more changes from OpenBSD CVS
7977 - [auth-rh-rsa.c auth-rhosts.c auth-rsa.c channels.c clientloop.c]
7978 [ssh.c ssh.h sshconnect.c sshd.c]
7979 make all access to options via 'extern Options options'
7980 and 'extern ServerOptions options' respectively;
7981 options are no longer passed as arguments:
7982 * make options handling more consistent
7983 * remove #include "readconf.h" from ssh.h
7984 * readconf.h is only included if necessary
7985 - [mpaux.c] clear temp buffer
7986 - [servconf.c] print _all_ bad options found in configfile
Damien Miller3d1b22c1999-11-12 15:46:08 +11007987 - Make ssh-askpass support optional through autoconf
Damien Miller9c8da3c1999-11-12 16:28:02 +11007988 - Fix nasty division-by-zero error in scp.c
7989 - Released 1.2pre11
Damien Millerb5f89271999-11-12 14:35:58 +11007990
Damien Millerab18c411999-11-11 10:40:23 +1100799119991111
7992 - Added (untested) Entropy Gathering Daemon (EGD) support
Damien Miller4236f6e1999-11-12 12:22:31 +11007993 - Fixed /dev/urandom fd leak (Debian bug #49722)
Damien Miller33e511e1999-11-11 11:43:13 +11007994 - Merged OpenBSD CVS changes:
7995 - [auth-rh-rsa.c] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
7996 - [ssh.1] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
7997 - [sshd.8] user/958: check ~/.ssh/known_hosts for rhosts-rsa, too
Damien Millere4340be2000-09-16 13:29:08 +11007998 - Fix integer overflow which was messing up scp's progress bar for large
Damien Millerc4c647f1999-12-18 20:54:52 +11007999 file transfers. Fix submitted to OpenBSD developers. Report and fix
8000 from Kees Cook <cook@cpoint.net>
Damien Miller5ce662a1999-11-11 17:57:39 +11008001 - Merged more OpenBSD CVS changes:
Damien Millere4340be2000-09-16 13:29:08 +11008002 - [auth-krb4.c auth-passwd.c] remove x11- and krb-cleanup from fatal()
Damien Miller5ce662a1999-11-11 17:57:39 +11008003 + krb-cleanup cleanup
8004 - [clientloop.c log-client.c log-server.c ]
8005 [readconf.c readconf.h servconf.c servconf.h ]
8006 [ssh.1 ssh.c ssh.h sshd.8]
8007 add LogLevel {QUIET, FATAL, ERROR, INFO, CHAT, DEBUG} to ssh/sshd,
8008 obsoletes QuietMode and FascistLogging in sshd.
Damien Miller776af5d1999-11-12 08:49:09 +11008009 - [sshd.c] fix fatal/assert() bug reported by damien@ibs.com.au:
8010 allow session_key_int != sizeof(session_key)
8011 [this should fix the pre-assert-removal-core-files]
8012 - Updated default config file to use new LogLevel option and to improve
8013 readability
8014
Damien Millerb77870f1999-11-10 12:48:08 +1100801519991110
Damien Miller4236f6e1999-11-12 12:22:31 +11008016 - Merged several minor fixes:
Damien Millerb77870f1999-11-10 12:48:08 +11008017 - ssh-agent commandline parsing
8018 - RPM spec file now installs ssh setuid root
8019 - Makefile creates libdir
Damien Millerab18c411999-11-11 10:40:23 +11008020 - Merged beginnings of Solaris compability from Marc G. Fournier
8021 <marc.fournier@acadiau.ca>
Damien Millerb77870f1999-11-10 12:48:08 +11008022
Damien Millerc7b38ce1999-11-09 10:28:04 +1100802319991109
8024 - Autodetection of SSL/Crypto library location via autoconf
8025 - Fixed location of ssh-askpass to follow autoconf
8026 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
8027 - Autodetection of RSAref library for US users
8028 - Minor doc updates
Damien Millerda217a01999-11-09 10:35:52 +11008029 - Merged OpenBSD CVS changes:
8030 - [rsa.c] bugfix: use correct size for memset()
8031 - [sshconnect.c] warn if announced size of modulus 'n' != real size
Damien Miller742d2cb1999-11-09 14:28:26 +11008032 - Added GNOME passphrase requestor (use --with-gnome-askpass)
Damien Miller3f51bf51999-11-09 14:46:02 +11008033 - RPM build now creates subpackages
Damien Miller74389c91999-11-09 15:03:01 +11008034 - Released 1.2pre9
Damien Millerc7b38ce1999-11-09 10:28:04 +11008035
Damien Miller356a0b01999-11-08 15:30:59 +1100803619991108
8037 - Removed debian/ directory. This is now being maintained separately.
8038 - Added symlinks for slogin in RPM spec file
8039 - Fixed permissions on manpages in RPM spec file
8040 - Added references to required libraries in README file
8041 - Removed config.h.in from CVS
8042 - Removed pwdb support (better pluggable auth is provided by glibc)
8043 - Made PAM and requisite libdl optional
8044 - Removed lots of unnecessary checks from autoconf
8045 - Added support and autoconf test for openpty() function (Unix98 pty support)
8046 - Fix for scp not finding ssh if not installed as /usr/bin/ssh
8047 - Added TODO file
8048 - Merged parts of Debian patch From Phil Hands <phil@hands.com>:
8049 - Added ssh-askpass program
8050 - Added ssh-askpass support to ssh-add.c
8051 - Create symlinks for slogin on install
8052 - Fix "distclean" target in makefile
8053 - Added example for ssh-agent to manpage
8054 - Added support for PAM_TEXT_INFO messages
8055 - Disable internal /etc/nologin support if PAM enabled
8056 - Merged latest OpenBSD CVS changes:
Damien Millerfd7c9111999-11-08 16:15:55 +11008057 - [all] replace assert() with error, fatal or packet_disconnect
Damien Miller356a0b01999-11-08 15:30:59 +11008058 - [sshd.c] don't send fail-msg but disconnect if too many authentication
8059 failures
Damien Miller356a0b01999-11-08 15:30:59 +11008060 - [sshd.c] remove unused argument. ok dugsong
8061 - [sshd.c] typo
8062 - [rsa.c] clear buffers used for encryption. ok: niels
8063 - [rsa.c] replace assert() with error, fatal or packet_disconnect
Damien Miller5ac5f1c1999-11-08 15:50:14 +11008064 - [auth-krb4.c] remove unused argument. ok dugsong
Damien Miller356a0b01999-11-08 15:30:59 +11008065 - Fixed coredump after merge of OpenBSD rsa.c patch
Damien Millere8d90681999-11-08 18:09:57 +11008066 - Released 1.2pre8
Damien Miller356a0b01999-11-08 15:30:59 +11008067
Damien Miller0aa8e531999-11-02 19:05:02 +1100806819991102
8069 - Merged change from OpenBSD CVS
8070 - One-line cleanup in sshd.c
8071
Damien Miller744da801999-10-30 09:12:25 +1000807219991030
8073 - Integrated debian package support from Dan Brosemer <odin@linuxfreak.com>
Damien Miller1e4772c1999-10-30 11:39:56 +10008074 - Merged latest updates for OpenBSD CVS:
8075 - channels.[ch] - remove broken x11 fix and document istate/ostate
8076 - ssh-agent.c - call setsid() regardless of argv[]
8077 - ssh.c - save a few lines when disabling rhosts-{rsa-}auth
8078 - Documentation cleanups
8079 - Renamed README -> README.Ylonen
8080 - Renamed README.openssh ->README
Damien Miller744da801999-10-30 09:12:25 +10008081
Damien Miller070f7a11999-10-29 10:29:29 +1000808219991029
8083 - Renamed openssh* back to ssh* at request of Theo de Raadt
8084 - Incorporated latest changes from OpenBSD's CVS
8085 - Integrated Makefile patch from Niels Kristian Bech Jensen <nkbj@image.dk>
8086 - Integrated PAM env patch from Nalin Dahyabhai <nalin.dahyabhai@pobox.com>
Damien Miller07a826d1999-10-29 11:49:20 +10008087 - Make distclean now removed configure script
8088 - Improved PAM logging
8089 - Added some debug() calls for PAM
Damien Miller65b3c131999-10-29 12:37:01 +10008090 - Removed redundant subdirectories
Damien Millere4340be2000-09-16 13:29:08 +11008091 - Integrated part of a patch from Dan Brosemer <odin@linuxfreak.com> for
Damien Miller65b3c131999-10-29 12:37:01 +10008092 building on Debian.
Damien Millerd0562b31999-10-29 13:09:40 +10008093 - Fixed off-by-one error in PAM env patch
8094 - Released 1.2pre6
Damien Miller070f7a11999-10-29 10:29:29 +10008095
Damien Miller7f6ea021999-10-28 13:25:17 +1000809619991028
8097 - Further PAM enhancements.
8098 - Much cleaner
8099 - Now uses account and session modules for all logins.
8100 - Integrated patch from Dan Brosemer <odin@linuxfreak.com>
8101 - Build fixes
8102 - Autoconf
8103 - Change binary names to open*
8104 - Fixed autoconf script to detect PAM on RH6.1
8105 - Added tests for libpwdb, and OpenBSD functions to autoconf
Damien Millereff18d61999-10-28 14:14:38 +10008106 - Released 1.2pre4
Damien Miller29b5a591999-10-28 15:46:27 +10008107
8108 - Imported latest OpenBSD CVS code
8109 - Updated README.openssh
Damien Miller34d0b611999-10-28 17:51:40 +10008110 - Released 1.2pre5
Damien Miller29b5a591999-10-28 15:46:27 +10008111
Damien Miller7f6ea021999-10-28 13:25:17 +1000811219991027
8113 - Adapted PAM patch.
8114 - Released 1.0pre2
Damien Millerd4a8b7e1999-10-27 13:42:43 +10008115
Damien Miller7f6ea021999-10-28 13:25:17 +10008116 - Excised my buggy replacements for strlcpy and mkdtemp
8117 - Imported correct OpenBSD strlcpy and mkdtemp routines.
8118 - Reduced arc4random_stir entropy read to 32 bytes (256 bits)
8119 - Picked up correct version number from OpenBSD
8120 - Added sshd.pam PAM configuration file
8121 - Added sshd.init Redhat init script
8122 - Added openssh.spec RPM spec file
8123 - Released 1.2pre3
Damien Millerd4a8b7e1999-10-27 13:42:43 +10008124
Damien Miller7f6ea021999-10-28 13:25:17 +1000812519991026
8126 - Fixed include paths of OpenSSL functions
8127 - Use OpenSSL MD5 routines
8128 - Imported RC4 code from nanocrypt
8129 - Wrote replacements for OpenBSD arc4random* functions
8130 - Wrote replacements for strlcpy and mkdtemp
8131 - Released 1.0pre1
Damien Millere9cf3572001-02-09 12:55:35 +11008132
Ben Lindstrom1e259bb2002-04-02 20:53:39 +00008133$Id: ChangeLog,v 1.2014 2002/04/02 20:53:39 mouring Exp $