Damien Miller | 92986dd | 1999-10-28 14:19:25 +1000 | [diff] [blame] | 1 | Fri Nov 17 16:19:20 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi> |
| 2 | |
| 3 | * Released 1.2.12. |
| 4 | |
| 5 | * channels.c: Commented out debugging messages about output draining. |
| 6 | |
| 7 | * Added file OVERVIEW to give some idea about the structure of the |
| 8 | ssh software. |
| 9 | |
| 10 | Thu Nov 16 16:40:17 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi> |
| 11 | |
| 12 | * canohost.c (get_remote_hostname): Don't ever return NULL (causes |
| 13 | segmentation violation). |
| 14 | |
| 15 | * sshconnect.c: Host ip address printed incorrectly with -v. |
| 16 | |
| 17 | * Implemented SSH_TTY environment variable. |
| 18 | |
| 19 | Wed Nov 15 01:47:40 1995 Tatu Ylonen <ylo@trance.olari.clinet.fi> |
| 20 | |
| 21 | * Implemented server and client option KeepAlive to specify |
| 22 | whether to set SO_KEEPALIVE. Both default to "yes"; to disable |
| 23 | keepalives, set the value to "no" in both the server and the |
| 24 | client configuration files. Updated manual pages. |
| 25 | |
| 26 | * sshd.c: Fixed Solaris utmp problem: wrong pid stored in utmp |
| 27 | (patch from Petri Virkkula <argon@bat.cs.hut.fi>). |
| 28 | |
| 29 | * login.c (record_logout): Fixed removing user from utmp on BSD |
| 30 | (with HAVE_LIBUTIL_LOGIN). |
| 31 | |
| 32 | * Added cleanup functions to be called from fatal(). Arranged for |
| 33 | utmp to be cleaned if sshd terminates by calling fatal (e.g., |
| 34 | after dropping connection). Eliminated separate client-side |
| 35 | fatal() functions and moved fatal() to log-client.c. Made all |
| 36 | cleanups, including channel_stop_listening() and packet_close() |
| 37 | be called using this mechanism. |
| 38 | |
| 39 | Thu Nov 9 09:58:05 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 40 | |
| 41 | * sshd.c: Permit immediate login with empty password only if |
| 42 | password authentication is allowed. |
| 43 | |
| 44 | Wed Nov 8 00:43:55 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 45 | |
| 46 | * Eliminated unix-domain X11 forwarding. Inet-domain forwarding is |
| 47 | now the only supported form. Renamed server option |
| 48 | X11InetForwarding to X11Forwarding, and eliminated |
| 49 | X11UnixForwarding. Updated documentation. Updated RFC (marked |
| 50 | the SSH_CMSG_X11_REQUEST_FORWARDING message (code 26) as |
| 51 | obsolete, and removed all references to it). Increased protocol |
| 52 | version number to 1.3. |
| 53 | |
| 54 | * scp.c (main): Added -B (BatchMode). Updated manual page. |
| 55 | |
| 56 | * Cleaned up and updated all manual pages. |
| 57 | |
| 58 | * clientloop.c: Added new escape sequences ~# (lists forwarded |
| 59 | connections), ~& (background ssh when waiting for forwarded |
| 60 | connections to terminate), ~? (list available escapes). |
| 61 | Polished the output of the connection listing. Updated |
| 62 | documentation. |
| 63 | |
| 64 | * uidswap.c: If _POSIX_SAVED_IDS is defined, don't change the real |
| 65 | uid. Assume that _POSIX_SAVED_IDS also applies to seteuid. |
| 66 | This may solve problems with tcp_wrappers (libwrap) showing |
| 67 | connections as coming from root. |
| 68 | |
| 69 | Tue Nov 7 20:28:57 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 70 | |
| 71 | * Added RandomSeed server configuration option. The argument |
| 72 | specifies the location of the random seed file. Updated |
| 73 | documentation. |
| 74 | |
| 75 | * Locate perl5 in configure. Generate make-ssh-known-hosts (with |
| 76 | the correct path for perl5) in Makefile.in, and install it with |
| 77 | the other programs. Updated manual page. |
| 78 | |
| 79 | * sshd.c (main): Added a call to umask to set the umask to a |
| 80 | reasonable value. |
| 81 | |
| 82 | * compress.c (buffer_compress): Fixed to follow the zlib |
| 83 | documentation (which is slightly confusing). |
| 84 | |
| 85 | * INSTALL: Added information about Linux libc.so.4 problem. |
| 86 | |
| 87 | Mon Nov 6 15:42:36 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 88 | |
| 89 | * (Actually autoconf fix) Installed patch to AC_ARG_PROGRAM. |
| 90 | |
| 91 | * sshd.c, sshd.8.in: Renamed $HOME/.environment -> |
| 92 | $HOME/.ssh/environment. |
| 93 | |
| 94 | * configure.in: Disable shadow password checking on convex. |
| 95 | Convex has /etc/shadow, but sets pw_passwd automatically if |
| 96 | running as root. |
| 97 | |
| 98 | * Eliminated HAVE_ETC_MASTER_PASSWD (NetBSD, FreeBSD); the |
| 99 | pw_passwd field is automatically filled if running as root. |
| 100 | Put explicit code in configure.in to prevent shadow password |
| 101 | checking on FreeBSD and NetBSD. |
| 102 | |
| 103 | * serverloop.c (signchld_handler): Don't print error if wait |
| 104 | returns -1. |
| 105 | |
| 106 | * Makefile.in (install): Fixed modes of data files. |
| 107 | |
| 108 | * Makefile.in (install): Make links for slogin.1. |
| 109 | |
| 110 | * make-ssh-known-hosts: Merged a patch from melo@ci.uminho.pt to |
| 111 | fix the ping command. |
| 112 | |
| 113 | Fri Nov 3 16:25:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 114 | |
| 115 | * ssh.1.in: Added more information about X11 forwarding. |
| 116 | |
| 117 | Thu Nov 2 18:42:13 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 118 | |
| 119 | * Changes to use O_NONBLOCK_BROKEN consistently. |
| 120 | |
| 121 | * pty.c (pty_make_controlling_tty): Use setpgid instead of |
| 122 | setsid() on Ultrix. |
| 123 | |
| 124 | * includes.h: Removed redundant #undefs for Ultrix and Sony News; |
| 125 | these are already handled in configure.in. |
| 126 | |
| 127 | Tue Oct 31 13:31:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 128 | |
| 129 | * configure.in: Define SSH_WTMP to /var/adm/wtmp is wtmp not found. |
| 130 | |
| 131 | * configure.in: Disable vhangup on Ultrix. I am told this fixes |
| 132 | the server problems. |
| 133 | |
| 134 | Sat Oct 28 14:22:05 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 135 | |
| 136 | * sshconnect.c: Fixed a bug in connecting to a multi-homed host. |
| 137 | Restructured the connecting code to never try to use the same |
| 138 | socket a second time after a failed connection. |
| 139 | |
| 140 | * Makefile.in: Added explicit -m option to install, and umask 022 |
| 141 | when creating directories and the host key. |
| 142 | |
| 143 | Fri Oct 27 01:05:10 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 144 | |
| 145 | * Makefile.in: Added cleaning of $(ZLIBDIR) to clean and distclean. |
| 146 | |
| 147 | * login.c (get_last_login_time): Fixed a typo (define -> defined). |
| 148 | |
| 149 | Thu Oct 26 01:28:07 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 150 | |
| 151 | * configure.in: Moved testing for ANSI C compiler after the host |
| 152 | specific code (problems on HPUX). |
| 153 | |
| 154 | * Minor fixes to /etc/default/login stuff from Bryan O'Sullivan. |
| 155 | |
| 156 | * Fixed .SH NAME sections in manual pages. |
| 157 | |
| 158 | * compress.c: Trying to fix a mysterious bug in the compression |
| 159 | glue. |
| 160 | |
| 161 | * ssh-1.2.11. |
| 162 | |
| 163 | * scp.c: disable agent forwarding when running ssh from scp. |
| 164 | |
| 165 | * Added compression of plaintext packets using the gzip library |
| 166 | (zlib). Client configuration options Compression and |
| 167 | CompressionLevel (1-9 as in gzip). New ssh and scp option -C |
| 168 | (to enable compression). Updated RFC. |
| 169 | |
| 170 | Wed Oct 25 05:11:55 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 171 | |
| 172 | * Implemented ProxyCommand stuff based on patches from Bryan |
| 173 | O'Sullivan <bos@serpentine.com>. |
| 174 | |
| 175 | * Merged BSD login/logout/lastlog patches from Mark Treacy |
| 176 | <mark@labtam.oz.au>. |
| 177 | |
| 178 | * sshd.c: Added chdir("/"). |
| 179 | |
| 180 | Tue Oct 24 00:29:01 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 181 | |
| 182 | * Merged RSA environment= patches from Felix Leitner |
| 183 | <leitner@prz.tu-berlin.de> with some changes. |
| 184 | |
| 185 | * sshd.c: Made the packet code use two separate descriptors for |
| 186 | the connection (one for input, the other for output). This will |
| 187 | make future extensions easier (e.g., non-socket transports, etc.). |
| 188 | sshd -i now uses both stdin and stdout separately. |
| 189 | |
| 190 | Mon Oct 23 21:29:28 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 191 | |
| 192 | * sshd.c: Merged execle -> execve patches from Mark Martinec |
| 193 | <Mark.Martinec@nsc.ijs.si>. This may help with execle bugs on |
| 194 | Convex (environment not getting passed properly). This might |
| 195 | also solve similar problems on Sonys; please test! |
| 196 | |
| 197 | * Removed all compatibility code for protocol version 1.0. |
| 198 | THIS MEANS THAT WE ARE NO LONGER COMPATIBLE WITH SSH VERSIONS |
| 199 | PRIOR TO 1.1.0. |
| 200 | |
| 201 | * randoms.c (random_acquire_light_environmental_noise): If |
| 202 | /dev/random is available, read up to 32 bytes (256 bits) from |
| 203 | there in non-blocking mode, and mix the new random bytes into |
| 204 | the pool. |
| 205 | |
| 206 | * Added client configuration option StrictHostKeyChecking |
| 207 | (disabled by default). If this is enabled, the client will not |
| 208 | automatically add new host keys to $HOME/.ssh/known_hosts; |
| 209 | instead the connection will be refused if the host key is not |
| 210 | known. Similarly, if the host key has changed, the connection |
| 211 | will be refused instead if just issuing a warning. This |
| 212 | provides additional security against man-in-the-middle/trojan |
| 213 | horse attacks (especially in scripts where there is no-one to |
| 214 | see the warnings), but may be quite inconvenient in everyday |
| 215 | interactive use unless /etc/ssh_known_hosts is very complete, |
| 216 | because new host keys must now be added manually. |
| 217 | |
| 218 | * sshconnect.c (ssh_connect): Use the user's uid when creating the |
| 219 | socket and connecting it. I am hoping that this might help with |
| 220 | tcp_wrappers showing the remote user as root. |
| 221 | |
| 222 | * ssh.c: Try inet-domain X11 forwarding regardless of whether we |
| 223 | can get local authorization information. If we don't, we just |
| 224 | come up with fake information; the forwarding code will anyway |
| 225 | generate its own fake information and validate that the client |
| 226 | knows that information. It will then substitute our fake |
| 227 | information for that, but that info should get ignored by the |
| 228 | server if it doesn't support it. |
| 229 | |
| 230 | * Added option BatchMode to disable password/passphrase querying |
| 231 | in scripts. |
| 232 | |
| 233 | * auth-rh-rsa.c: Changed to use uid-swapping when reading |
| 234 | .ssh/known_hosts. |
| 235 | |
| 236 | * sshd.8.in (command): Improved documentation of file permissions |
| 237 | on the manual pages. |
| 238 | |
| 239 | Thu Oct 19 21:05:51 1995 Tatu Ylonen <ylo@soikko.cs.hut.fi> |
| 240 | |
| 241 | * ssh-add.c (add_file): Fixed a bug causing ssh to sometimes refer |
| 242 | to freed memory (comment -> saved_comment). |
| 243 | |
| 244 | * log-server.c: Added a prefix to debug/warning/error/fatal |
| 245 | messages describing message types. Syslog does not include that |
| 246 | information automatically. |
| 247 | |
| 248 | Sun Oct 8 01:56:01 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 249 | |
| 250 | * Merged /etc/default/login and MAIL environment variable changes |
| 251 | from Bryan O'Sullivan <bos@serpentine.com>. |
| 252 | - mail spool file location |
| 253 | - process /etc/default/login |
| 254 | - add HAVE_ETC_DEFAULT_LOGIN |
| 255 | - new function child_get_env and read_etc_default_login (sshd.c) |
| 256 | |
| 257 | * ssh-add.c (add_file): Fixed asking for passphrase. |
| 258 | |
| 259 | * Makefile.in: Fixed installing configure-generated man pages when |
| 260 | compiling in a separate object directory. |
| 261 | |
| 262 | * sshd.c (main): Moved RSA key generation until after allocating |
| 263 | the port number. (Actually, the code got duplicated because we |
| 264 | never listen when run from inetd.) |
| 265 | |
| 266 | * ssh.c: Fixed a problem that caused scp to hang when called with |
| 267 | stdin closed. |
| 268 | |
| 269 | Sat Oct 7 03:08:06 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 270 | |
| 271 | * Added server config option StrictModes. It specifies whether to |
| 272 | check ownership and modes of home directory and .rhosts files. |
| 273 | |
| 274 | * ssh.c: If ssh is renamed/linked to a host name, connect to that |
| 275 | host. |
| 276 | |
| 277 | * serverloop.c, clientloop.c: Ignore EAGAIN reported on read from |
| 278 | connection. Solaris has a kernel bug which causes select() to |
| 279 | sometimes wake up even though there is no data available. |
| 280 | |
| 281 | * Display all open connections when printing the "Waiting for |
| 282 | forwarded connections to terminate" message. |
| 283 | |
| 284 | * sshd.c, readconf.c: Added X11InetForwarding and |
| 285 | X11UnixForwarding server config options. |
| 286 | |
| 287 | Thu Oct 5 17:41:16 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 288 | |
| 289 | * Some more SCO fixes. |
| 290 | |
| 291 | Tue Oct 3 01:04:34 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 292 | |
| 293 | * Fixes and cleanups in README, INSTALL, COPYING. |
| 294 | |
| 295 | Mon Oct 2 03:36:08 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 296 | |
| 297 | * ssh-add.c (add_file): Fixed a bug in ssh-add (xfree: NULL ...). |
| 298 | |
| 299 | * Removed .BR from ".SH NAME" in man pages. |
| 300 | |
| 301 | Sun Oct 1 04:16:07 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 302 | |
| 303 | * ssh-1.2.10. |
| 304 | |
| 305 | * configure.in: When checking that the compiler works, check that |
| 306 | it understands ANSI C prototypes. |
| 307 | |
| 308 | * Made uidswap error message a debug() to avoid confusing errors |
| 309 | on AIX (AIX geteuid is brain-damaged and fails even for root). |
| 310 | |
| 311 | * Fixed an error in sshd.8 (FacistLogging -> FascistLogging). |
| 312 | |
| 313 | * Fixed distribution in Makefile.in (missing manual page .in files). |
| 314 | |
| 315 | Sat Sep 30 17:38:46 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 316 | |
| 317 | * auth-rhosts.c: Fixed serious security problem in |
| 318 | /etc/hosts.equiv authentication. |
| 319 | |
| 320 | Fri Sep 29 00:41:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 321 | |
| 322 | * Include machine/endian.h on Paragon. |
| 323 | |
| 324 | * ssh-add.c (add_file): Made ssh-add keep asking for the |
| 325 | passphrase until the user just types return or cancels. |
| 326 | Make the dialog display the comment of the key. |
| 327 | |
| 328 | * Read use shosts.equiv in addition to /etc/hosts.equiv. |
| 329 | |
| 330 | * sshd.8 is now sshd.8.in and is processed by configure to |
| 331 | substitute the proper paths for various files. Ditto for ssh.1. |
| 332 | Ditto for make-ssh-known-hosts.1. |
| 333 | |
| 334 | * configure.in: Moved /etc/sshd_pid to PIDDIR/sshd.pid. PIDDIR |
| 335 | will be /var/run if it exists, and ETCDIR otherwise. |
| 336 | |
| 337 | Thu Sep 28 21:52:42 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 338 | |
| 339 | * On Ultrix, check if sys/syslog.h needs to be included in |
| 340 | addition to syslog.h. |
| 341 | |
| 342 | * make-ssh-known-hosts.pl: Merged Kivinen's fixes for HPUX. |
| 343 | |
| 344 | * configure.in: Put -lwrap, -lsocks, etc. at the head of LIBS. |
| 345 | |
| 346 | * Fixed case-insensitivity in auth-rhosts.c. |
| 347 | |
| 348 | * Added missing socketpair.c to EXTRA_SRCS (needed on SCO), plus |
| 349 | other SCO fixes. |
| 350 | |
| 351 | * Makefile.in: Fixed missing install_prefixes. |
| 352 | |
| 353 | Wed Sep 27 03:57:00 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 354 | |
| 355 | * ssh-1.2.9. |
| 356 | |
| 357 | * Added SOCKS support. |
| 358 | |
| 359 | * Fixed default setting of IgnoreRhosts option. |
| 360 | |
| 361 | * Pass the magic cookie to xauth in stdin instead of command line; |
| 362 | the command line is visible in ps. |
| 363 | |
| 364 | * Added processing $HOME/.ssh/rc and /etc/sshrc. |
| 365 | |
| 366 | * Added a section to sshd.8 on what happens at login time. |
| 367 | |
| 368 | Tue Sep 26 01:27:40 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 369 | |
| 370 | * Don't define speed_t on SunOS 4.1.1; it conflicts with system |
| 371 | headers. |
| 372 | |
| 373 | * Added support for .hushlogin. |
| 374 | |
| 375 | * Added --with-etcdir. |
| 376 | |
| 377 | * Read $HOME/.environment after /etc/environment. |
| 378 | |
| 379 | Mon Sep 25 03:26:06 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 380 | |
| 381 | * Merged patches for SCO Unix (from Michael Henits). |
| 382 | |
| 383 | Sun Sep 24 22:28:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 384 | |
| 385 | * Added ssh option ConnectionAttempts. |
| 386 | |
| 387 | Sat Sep 23 12:30:15 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 388 | |
| 389 | * sshd.c: Don't print last login time and /etc/motd if a command |
| 390 | has been specified (with ssh -t host command). |
| 391 | |
| 392 | * Added support for passing the screen number in X11 forwarding. |
| 393 | It is implemented as a compatible protocol extension, signalled |
| 394 | by SSH_PROTOFLAG_SCREEN_NUMBER by the child. |
| 395 | |
| 396 | * clientloop.c: Fixed bugs in the order in which things were |
| 397 | processed. This may solve problems with some data not getting |
| 398 | sent to the server as soon as possible (probably solves the TCP |
| 399 | forwarding delayed close problem). Also, it looked like window |
| 400 | changes might not get transmitted as early as possible in some |
| 401 | cases. |
| 402 | |
| 403 | * clientloop.c: Changed to detect window size change that |
| 404 | happened while ssh was suspended. |
| 405 | |
| 406 | * ssh.c: Moved the do_session function (client main loop) to |
| 407 | clientloop.c. Divided it into smaller functions. General cleanup. |
| 408 | |
| 409 | * ssh-1.2.8 |
| 410 | |
| 411 | Fri Sep 22 22:07:46 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 412 | |
| 413 | * sshconnect.c (ssh_login): Made ssh_login take the options |
| 414 | structure as argument, instead of the individual arguments. |
| 415 | |
| 416 | * auth-rhosts.c (check_rhosts_file): Added support for netgroups. |
| 417 | |
| 418 | * auth-rhosts.c (check_rhosts_file): Added support for negated |
| 419 | entries. |
| 420 | |
| 421 | Thu Sep 21 00:07:56 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 422 | |
| 423 | * auth-rhosts.c: Restructured rhosts authentication code. |
| 424 | Hosts.equiv now has same format as .rhosts: user names are allowed. |
| 425 | |
| 426 | * Added support for the Intel Paragon. |
| 427 | |
| 428 | * sshd.c: Don't use X11 forwarding with spoofing if no xauth |
| 429 | program. Changed configure.in to not define XAUTH_PATH if |
| 430 | there is no xauth program. |
| 431 | |
| 432 | * ssh-1.2.7 |
| 433 | |
| 434 | * sshd.c: Rewrote the code to build the environment. Now also reads |
| 435 | /etc/environment. |
| 436 | |
| 437 | * sshd.c: Fixed problems in libwrap code. --with-libwrap now |
| 438 | takes optional library name/path. |
| 439 | |
| 440 | * ssh-1.2.6 |
| 441 | |
| 442 | * Define USE_PIPES by default. |
| 443 | |
| 444 | * Added support for Univel Unixware and MachTen. |
| 445 | |
| 446 | * Added IgnoreRhosts server option. |
| 447 | |
| 448 | * Added USE_STRLEN_FOR_AF_UNIX; it is needed at least on MachTen. |
| 449 | |
| 450 | Wed Sep 20 02:41:02 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 451 | |
| 452 | * sshd.c (do_child): don't call packet_close when /etc/nologin, |
| 453 | because packet_close does shutdown, and the message does not get |
| 454 | sent. |
| 455 | |
| 456 | * pty.c (pty_allocate): Push ttcompat streams module. |
| 457 | |
| 458 | * randoms.c (random_acquire_light_environmental_noise): Don't use |
| 459 | the second argument to gettimeofday as it is not supported on |
| 460 | all systems. |
| 461 | |
| 462 | * login.c (record_login): Added NULL second argument to gettimeofday. |
| 463 | |
| 464 | Tue Sep 19 13:25:48 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 465 | |
| 466 | * fixed pclose wait() in sshd key regeneration (now only collects |
| 467 | easily available noise). |
| 468 | |
| 469 | * configure.in: test for bsdi before bsd*. |
| 470 | |
| 471 | * ssh.c: Don't print "Connection closed" if -q. |
| 472 | |
| 473 | Wed Sep 13 04:19:52 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 474 | |
| 475 | * Released ssh-1.2.5. |
| 476 | |
| 477 | * Hopefully fixed "Waiting for forwarded connections to terminate" |
| 478 | message. |
| 479 | |
| 480 | * randoms.c, md5.c: Large modifications to make these work on Cray |
| 481 | (which has no 32 bit integer type). |
| 482 | |
| 483 | * Fixed a problem with forwarded connection closes not being |
| 484 | reported immediately. |
| 485 | |
| 486 | * ssh.c: fixed rhosts authentication (broken by uid-swapping). |
| 487 | |
| 488 | * scp.c: Don't use -l if server user not specified (it made |
| 489 | setting User in the configuration file not work). |
| 490 | |
| 491 | * configure.in: don't use -pipe on BSDI. |
| 492 | |
| 493 | * randoms.c: Major modifications to make it work without 32 bit |
| 494 | integers (e.g. Cray). |
| 495 | |
| 496 | * md5.c: Major modifications to make it work without 32 bit |
| 497 | integers (e.g. Cray). |
| 498 | |
| 499 | * Eliminated HPSUX_BROKEN_PTYS. The code is now enabled by |
| 500 | default on all systems. |
| 501 | |
| 502 | Mon Sep 11 00:53:12 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 503 | |
| 504 | * sshd.c: don't include sshd pathname in log messages. |
| 505 | |
| 506 | * Added libwrap stuff (includes support for identd). |
| 507 | |
| 508 | * Added OSF/1 C2 extended security stuff. |
| 509 | |
| 510 | * Fixed interactions between getuid() and uid-swap stuff. |
| 511 | |
| 512 | Sun Sep 10 00:29:27 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 513 | |
| 514 | * serverloop.c: Don't send stdout data to client until after a few |
| 515 | milliseconds if there is very little data. This is because some |
| 516 | systems give data from pty one character at a time, which would |
| 517 | multiply data size by about 16. |
| 518 | |
| 519 | * serverloop.c: Moved server do_session to a separate file and |
| 520 | renamed it server_loop. Split it into several functions and |
| 521 | partially rewrote it. Fixed "cat /etc/termcap | ssh foo cat" hangup. |
| 522 | |
| 523 | * Screwed up something while checking stuff in under cvs. No harm, |
| 524 | but bogus log entries... |
| 525 | |
| 526 | Sat Sep 9 02:24:51 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 527 | |
| 528 | * minfd.c (_get_permanent_fd): Use SHELL environment variable. |
| 529 | |
| 530 | * channels.c (x11_create_display_inet): Created |
| 531 | HPSUX_NONSTANDARD_X11_KLUDGE; it causes DISPLAY to contain the |
| 532 | IP address of the host instead of the name, because HPSUX uses |
| 533 | some magic shared memory communication for local connections. |
| 534 | |
| 535 | * Changed SIGHUP processing in server; it should now work multiple |
| 536 | times. |
| 537 | |
| 538 | * Added length limits in many debug/log/error/fatal calls just in |
| 539 | case. |
| 540 | |
| 541 | * login.c (get_last_login_time): Fixed location of lastlog. |
| 542 | |
| 543 | * Rewrote all uid-swapping code. New files uidswap.h, uidswap.c. |
| 544 | |
| 545 | * Fixed several security problems involving chmod and chgrp (race |
| 546 | conditions). Added warnings about dubious modes for /tmp/.X11-unix. |
| 547 | |
| 548 | Fri Sep 8 20:03:36 1995 Tatu Ylonen <ylo@shadows.cs.hut.fi> |
| 549 | |
| 550 | * Changed readconf.c to never display anything from the config |
| 551 | file. This should now be prevented otherwise, but let's play safe. |
| 552 | |
| 553 | * log-server.c: Use %.500s in syslog() just to be sure (they |
| 554 | should already be shorter than 1024 though). |
| 555 | |
| 556 | * sshd.c: Moved setuid in child a little earlier (just to be |
| 557 | conservative, there was no security problem that I could detect). |
| 558 | |
| 559 | * README, INSTALL: Added info about mailing list and WWW page. |
| 560 | |
| 561 | * sshd.c: Added code to use SIGCHLD and wait zombies immediately. |
| 562 | |
| 563 | * Merged patch to set ut_addr in utmp. |
| 564 | |
| 565 | * Created ChangeLog and added it to Makefile.in. |
| 566 | |
| 567 | * Use read_passphrase instead of getpass(). |
| 568 | |
| 569 | * Added SSH_FALLBACK_CIPHER. Fixed a bug in default cipher |
| 570 | selection (IDEA used to be selected even if not supported by the |
| 571 | server). |
| 572 | |
| 573 | * Use no encryption for key files if empty passphrase. |
| 574 | |
| 575 | * Added section about --without-idea in INSTALL. |
| 576 | |
| 577 | * Version 1.2.0 was released a couple of days ago. |
| 578 | |