Blame - ChangeLog - platform/external/openssh

blob: c5b3a92b5510b2922faa6e2f845e7fa000b8b6a4 [file] [log] [blame]

Damien Miller	9fc7c69	2003-06-04 22:50:54 +1000	[diff] [blame]	1	20030604
Damien Miller	865173e	2003-06-04 19:06:59 +1000	[diff] [blame]	2	- (djm) Bug #573 - Remove unneeded Krb headers and compat goop. Patch from
				3	simon@sxw.org.uk (Also matches a change in OpenBSD a while ago)
Damien Miller	485397c	2003-06-04 19:15:10 +1000	[diff] [blame]	4	- (djm) Bug #577 - wrong flag in scard-opensc.c sc_private_decrypt.
Damien Miller	2527f57	2003-06-04 19:22:06 +1000	[diff] [blame]	5	Patch from larsch@trustcenter.de; ok markus@
				6	- (djm) Bug #584: scard-opensc.c doesn't work without PIN. Patch from
				7	larsch@trustcenter.de; ok markus@
Damien Miller	941ac45	2003-06-04 20:31:53 +1000	[diff] [blame]	8	- (djm) OpenBSD CVS Sync
				9	- djm@cvs.openbsd.org 2003/06/04 08:25:18
				10	[sshconnect.c]
				11	disable challenge/response and keyboard-interactive auth methods
				12	upon hostkey mismatch. based on patch from fcusack AT fcusack.com.
				13	bz #580; ok markus@
Damien Miller	31b3a0a	2003-06-04 20:32:12 +1000	[diff] [blame]	14	- djm@cvs.openbsd.org 2003/06/04 10:23:48
				15	[sshd.c]
				16	remove duplicated group-dropping code; ok markus@
Damien Miller	9fc7c69	2003-06-04 22:50:54 +1000	[diff] [blame]	17	- djm@cvs.openbsd.org 2003/06/04 12:03:59
				18	[serverloop.c]
				19	remove bitrotten commet; ok markus@
Damien Miller	65d1f57	2003-06-04 22:51:08 +1000	[diff] [blame]	20	- djm@cvs.openbsd.org 2003/06/04 12:18:49
				21	[scp.c]
				22	ansify; ok markus@
Damien Miller	b69aaa8	2003-06-04 22:51:24 +1000	[diff] [blame]	23	- djm@cvs.openbsd.org 2003/06/04 12:40:39
				24	[scp.c]
				25	kill ssh process upon receipt of signal, bz #241.
				26	based on patch from esb AT hawaii.edu; ok markus@
Damien Miller	cc685c1	2003-06-04 22:51:38 +1000	[diff] [blame^]	27	- djm@cvs.openbsd.org 2003/06/04 12:41:22
				28	[sftp.c]
				29	kill ssh process on receipt of signal; ok markus@
Damien Miller	4c32248	2003-06-04 22:12:17 +1000	[diff] [blame]	30	- (djm) Update to fix of bug #584: lock card before return.
				31	From larsch@trustcenter.de
Damien Miller	865173e	2003-06-04 19:06:59 +1000	[diff] [blame]	32
				33	20030603
Damien Miller	3527625	2003-06-03 10:14:28 +1000	[diff] [blame]	34	- (djm) Replace setproctitle replacement with code derived from
				35	UCB sendmail
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	36	- (djm) OpenBSD CVS Sync
				37	- markus@cvs.openbsd.org 2003/06/02 09:17:34
				38	[auth2-hostbased.c auth.c auth-options.c auth-rhosts.c auth-rh-rsa.c]
				39	[canohost.c monitor.c servconf.c servconf.h session.c sshd_config]
				40	[sshd_config.5]
				41	deprecate VerifyReverseMapping since it's dangerous if combined
				42	with IP based access control as noted by Mike Harding; replace with
				43	a UseDNS option, UseDNS is on by default and includes the
				44	VerifyReverseMapping check; with itojun@, provos@, jakob@ and deraadt@
				45	ok deraadt@, djm@
Damien Miller	dafb12e	2003-06-03 13:06:18 +1000	[diff] [blame]	46	- millert@cvs.openbsd.org 2003/06/03 02:56:16
				47	[scp.c]
				48	Remove the advertising clause in the UCB license which Berkeley
				49	rescinded 22 July 1999. Proofed by myself and Theo.
Damien Miller	3a961dc	2003-06-03 10:25:48 +1000	[diff] [blame]	50	- (djm) Fix portable-specific uses of verify_reverse_mapping too
Damien Miller	329638e	2003-06-03 12:12:50 +1000	[diff] [blame]	51	- (djm) Sync openbsd-compat with OpenBSD CVS.
Damien Miller	d311c4e	2003-06-03 13:09:16 +1000	[diff] [blame]	52	- No more 4-term BSD licenses in linked code
Darren Tucker	eb28cbc	2003-06-03 12:45:27 +1000	[diff] [blame]	53	- (dtucker) [port-aix.c bsd-cray.c] Fix uses of verify_reverse_mapping.
Damien Miller	3527625	2003-06-03 10:14:28 +1000	[diff] [blame]	54
Damien Miller	f3bff94	2003-06-02 12:13:40 +1000	[diff] [blame]	55	20030602
				56	- (djm) Fix segv from bad reordering in auth-pam.c
Damien Miller	f2e3e9d	2003-06-02 12:15:54 +1000	[diff] [blame]	57	- (djm) Always use saved_argv in sshd.c as compat_init_setproctitle may
				58	clobber
Tim Rice	237ca4a	2003-06-01 19:25:27 -0700	[diff] [blame]	59	- (tim) openbsd-compat/xmmap.[ch] License clarifications. Add missing
				60	CVS ID.
Damien Miller	dba5950	2003-06-02 17:43:19 +1000	[diff] [blame]	61	- (djm) Remove "noip6" option from RedHat spec file. This may now be
				62	set at runtime using AddressFamily option.
Damien Miller	dcc8312	2003-06-02 18:57:59 +1000	[diff] [blame]	63	- (djm) Fix use of macro before #define in cipher-aes.c
Damien Miller	f468442	2003-06-02 18:59:08 +1000	[diff] [blame]	64	- (djm) Sync license on openbsd-compat/bindresvport.c with OpenBSD CVS
Damien Miller	ab2db41	2003-06-02 19:09:13 +1000	[diff] [blame]	65	- (djm) OpenBSD CVS Sync
				66	- djm@cvs.openbsd.org 2003/05/26 12:54:40
				67	[sshconnect.c]
				68	fix format strings; ok markus@
Damien Miller	61d3680	2003-06-02 19:09:48 +1000	[diff] [blame]	69	- deraadt@cvs.openbsd.org 2003/05/29 16:58:45
				70	[sshd.c uidswap.c]
				71	seteuid and setegid; markus ok
Damien Miller	eacbb4f	2003-06-02 19:10:41 +1000	[diff] [blame]	72	- jakob@cvs.openbsd.org 2003/06/02 08:31:10
				73	[ssh_config.5]
				74	VerifyHostKeyDNS is v2 only. ok markus@
Damien Miller	f3bff94	2003-06-02 12:13:40 +1000	[diff] [blame]	75
Darren Tucker	3cb84e5	2003-05-30 16:58:22 +1000	[diff] [blame]	76	20030530
				77	- (dtucker) Add missing semicolon in md5crypt.c, patch from openssh at
				78	roumenpetrov.info
Darren Tucker	2972d6c	2003-05-30 17:43:42 +1000	[diff] [blame]	79	- (dtucker) Define SSHD_ACQUIRES_CTTY for NCR MP-RAS and Reliant Unix.
Darren Tucker	3cb84e5	2003-05-30 16:58:22 +1000	[diff] [blame]	80
Damien Miller	a6a7c19	2003-05-26 21:36:13 +1000	[diff] [blame]	81	20030526
				82	- (djm) Avoid auth2-chall.c warning when compiling without
				83	PAM, BSD_AUTH and SKEY
				84
Damien Miller	c11fe25	2003-05-25 14:38:02 +1000	[diff] [blame]	85	20030525
				86	- (djm) OpenBSD CVS Sync
				87	- djm@cvs.openbsd.org 2003/05/24 09:02:22
				88	[log.c]
				89	pass logged data through strnvis; ok markus
Damien Miller	04bd8b0	2003-05-25 14:38:33 +1000	[diff] [blame]	90	- djm@cvs.openbsd.org 2003/05/24 09:30:40
				91	[authfile.c monitor.c sftp-common.c sshpty.c]
				92	cast some types for printing; ok markus@
Damien Miller	c11fe25	2003-05-25 14:38:02 +1000	[diff] [blame]	93
Darren Tucker	6014578	2003-05-24 11:41:16 +1000	[diff] [blame]	94	20030524
				95	- (dtucker) Correct --osfsia in INSTALL. Patch by skeleten at shillest.net
				96
Damien Miller	d419bda	2003-05-23 18:43:40 +1000	[diff] [blame]	97	20030523
				98	- (djm) Use VIS_SAFE on logged strings rather than default strnvis
				99	encoding (which encodes many more characters)
Damien Miller	5067792	2003-05-23 18:44:04 +1000	[diff] [blame]	100	- OpenBSD CVS Sync
				101	- jmc@cvs.openbsd.org 2003/05/20 12:03:35
				102	[sftp.1]
				103	- new sentence, new line
				104	- added .Xr's
				105	- typos
				106	ok djm@
Damien Miller	fbf486b	2003-05-23 18:44:23 +1000	[diff] [blame]	107	- jmc@cvs.openbsd.org 2003/05/20 12:09:31
				108	[ssh.1 ssh_config.5 sshd.8 sshd_config.5 ssh-keygen.1]
				109	new sentence, new line
Damien Miller	08293fa	2003-05-23 18:44:41 +1000	[diff] [blame]	110	- djm@cvs.openbsd.org 2003/05/23 08:29:30
				111	[sshconnect.c]
				112	fix leak; ok markus@
Damien Miller	d419bda	2003-05-23 18:43:40 +1000	[diff] [blame]	113
Damien Miller	74a3442	2003-05-20 09:24:17 +1000	[diff] [blame]	114	20030520
				115	- (djm) OpenBSD CVS Sync
				116	- deraadt@cvs.openbsd.org 2003/05/18 23:22:01
				117	[log.c]
				118	use syslog_r() in a signal handler called place; markus ok
Damien Miller	1340ec2	2003-05-20 09:24:42 +1000	[diff] [blame]	119	- (djm) Configure logic to detect syslog_r and friends
Damien Miller	74a3442	2003-05-20 09:24:17 +1000	[diff] [blame]	120
Damien Miller	eb0e969	2003-05-19 11:28:44 +1000	[diff] [blame]	121	20030519
				122	- (djm) Sync auth-pam.h with what we actually implement
				123
				124	20030518
Damien Miller	25d9342	2003-05-18 20:45:47 +1000	[diff] [blame]	125	- (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in
				126	recent merge
Damien Miller	20a8f97	2003-05-18 20:50:30 +1000	[diff] [blame]	127	- (djm) OpenBSD CVS Sync
				128	- djm@cvs.openbsd.org 2003/05/16 03:27:12
				129	[readconf.c ssh_config ssh_config.5 ssh-keysign.c]
				130	add AddressFamily option to ssh_config (like -4, -6 on commandline).
				131	Portable bug #534; ok markus@
Damien Miller	a982578	2003-05-18 20:53:10 +1000	[diff] [blame]	132	- itojun@cvs.openbsd.org 2003/05/17 03:25:58
				133	[auth-rhosts.c]
				134	just in case, put numbers to sscanf %s arg.
Damien Miller	f5399c2	2003-05-18 20:53:59 +1000	[diff] [blame]	135	- markus@cvs.openbsd.org 2003/05/17 04:27:52
				136	[cipher.c cipher-ctr.c myproposal.h]
				137	experimental support for aes-ctr modes from
				138	http://www.ietf.org/internet-drafts/draft-ietf-secsh-newmodes-00.txt
				139	ok djm@
Damien Miller	7e1bbc5	2003-05-18 20:52:40 +1000	[diff] [blame]	140	- (djm) Remove IPv4 by default hack now that we can specify AF in config
Damien Miller	0b8e900	2003-05-18 21:44:07 +1000	[diff] [blame]	141	- (djm) Tidy and trim TODO
Damien Miller	e323df6	2003-05-18 22:24:09 +1000	[diff] [blame]	142	- (djm) Sync openbsd-compat/ with OpenBSD CVS head
Damien Miller	3174125	2003-05-19 00:13:38 +1000	[diff] [blame]	143	- (djm) Big KNF on openbsd-compat/
Damien Miller	5b5ca19	2003-05-19 00:50:02 +1000	[diff] [blame]	144	- (djm) KNF on md5crypt.[ch]
				145	- (djm) KNF on auth-sia.[ch]
Damien Miller	25d9342	2003-05-18 20:45:47 +1000	[diff] [blame]	146
				147	20030517
Ben Lindstrom	4c9e9ab	2003-05-18 01:22:43 +0000	[diff] [blame]	148	- (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD)
				149
Damien Miller	6e80c36	2003-05-16 11:38:00 +1000	[diff] [blame]	150	20030516
				151	- (djm) OpenBSD CVS Sync
				152	- djm@cvs.openbsd.org 2003/05/15 13:52:10
				153	[ssh.c]
				154	Make "ssh -V" print the OpenSSL version in a human readable form. Patch
				155	from Craig Leres (mindrot at ee.lbl.gov); ok markus@
Damien Miller	f9b3feb	2003-05-16 11:38:32 +1000	[diff] [blame]	156	- jakob@cvs.openbsd.org 2003/05/15 14:02:47
				157	[readconf.c servconf.c]
				158	warn for unsupported config option. ok markus@
Damien Miller	99b4b88	2003-05-16 11:38:46 +1000	[diff] [blame]	159	- markus@cvs.openbsd.org 2003/05/15 14:09:21
				160	[auth2-krb5.c]
				161	fix 64bit issue; report itojun@
Damien Miller	b78d5eb	2003-05-16 11:39:04 +1000	[diff] [blame]	162	- djm@cvs.openbsd.org 2003/05/15 14:55:25
				163	[readconf.c readconf.h ssh_config ssh_config.5 sshconnect.c]
				164	add a ConnectTimeout option to ssh, based on patch from
				165	Jean-Charles Longuet (jclonguet at free.fr); portable #207 ok markus@
Damien Miller	6ac2c48	2003-05-16 11:42:35 +1000	[diff] [blame]	166	- (djm) Add warning for UsePAM when built without PAM support
Damien Miller	c46b6bc	2003-05-16 15:51:44 +1000	[diff] [blame]	167	- (djm) A few type mismatch fixes from Bug #565
Damien Miller	e27c6cc	2003-05-16 18:21:01 +1000	[diff] [blame]	168	- (djm) Guard free_pam_environment against NULL argument. Works around
				169	HP/UX PAM problems debugged by dtucker
Damien Miller	6e80c36	2003-05-16 11:38:00 +1000	[diff] [blame]	170
Damien Miller	abbae98	2003-05-15 10:16:21 +1000	[diff] [blame]	171	20030515
				172	- (djm) OpenBSD CVS Sync
				173	- jmc@cvs.openbsd.org 2003/05/14 13:11:56
				174	[ssh-agent.1]
				175	setup -> set up;
				176	from wiz@netbsd
Damien Miller	37876e9	2003-05-15 10:19:46 +1000	[diff] [blame]	177	- jakob@cvs.openbsd.org 2003/05/14 18:16:20
				178	[key.c key.h readconf.c readconf.h ssh_config.5 sshconnect.c]
				179	[dns.c dns.h README.dns ssh-keygen.1 ssh-keygen.c]
				180	add experimental support for verifying hos keys using DNS as described
				181	in draft-ietf-secsh-dns-xx.txt. more information in README.dns.
				182	ok markus@ and henning@
Damien Miller	54c4598	2003-05-15 10:20:13 +1000	[diff] [blame]	183	- markus@cvs.openbsd.org 2003/05/14 22:24:42
				184	[clientloop.c session.c ssh.1]
				185	allow to send a BREAK to the remote system; ok various
Damien Miller	f842fcb	2003-05-15 12:01:28 +1000	[diff] [blame]	186	- markus@cvs.openbsd.org 2003/05/15 00:28:28
				187	[sshconnect2.c]
				188	cleanup unregister of per-method packet handlers; ok djm@
Damien Miller	2aa0ab4	2003-05-15 12:05:28 +1000	[diff] [blame]	189	- jakob@cvs.openbsd.org 2003/05/15 01:48:10
				190	[readconf.c readconf.h servconf.c servconf.h]
				191	always parse kerberos options. ok djm@ markus@
Damien Miller	b062265	2003-05-15 13:27:28 +1000	[diff] [blame]	192	- jakob@cvs.openbsd.org 2003/05/15 02:27:15
				193	[dns.c]
				194	add missing freerrset
Damien Miller	3a3261f	2003-05-15 13:37:19 +1000	[diff] [blame]	195	- markus@cvs.openbsd.org 2003/05/15 03:08:29
				196	[cipher.c cipher-bf1.c cipher-aes.c cipher-3des1.c]
				197	split out custom EVP ciphers
Damien Miller	ed12a26	2003-05-15 13:37:43 +1000	[diff] [blame]	198	- djm@cvs.openbsd.org 2003/05/15 03:10:52
				199	[ssh-keygen.c]
				200	avoid warning; ok jakob@
Damien Miller	4962ed6	2003-05-15 13:48:59 +1000	[diff] [blame]	201	- mouring@cvs.openbsd.org 2003/05/15 03:39:07
				202	[sftp-int.c]
				203	Make put/get (globed and nonglobed) code more consistant. OK djm@
Damien Miller	19c8f2b	2003-05-15 13:49:21 +1000	[diff] [blame]	204	- mouring@cvs.openbsd.org 2003/05/15 03:43:59
Damien Miller	34bb567	2003-05-15 13:49:58 +1000	[diff] [blame]	205	[sftp-int.c sftp.c]
Damien Miller	19c8f2b	2003-05-15 13:49:21 +1000	[diff] [blame]	206	Teach ls how to display multiple column display and allow users
				207	to return to single column format via 'ls -1'. OK @djm
Damien Miller	156cbe8	2003-05-15 14:16:41 +1000	[diff] [blame]	208	- jakob@cvs.openbsd.org 2003/05/15 04:08:44
				209	[readconf.c servconf.c]
				210	disable kerberos when not supported. ok markus@
Damien Miller	46a7b40	2003-05-15 14:17:28 +1000	[diff] [blame]	211	- markus@cvs.openbsd.org 2003/05/15 04:08:41
				212	[ssh.1]
				213	~B is ssh2 only
Damien Miller	2aa0ab4	2003-05-15 12:05:28 +1000	[diff] [blame]	214	- (djm) Always parse UsePAM
Damien Miller	7abe09b	2003-05-15 10:53:49 +1000	[diff] [blame]	215	- (djm) Configure glue for DNS support (code doesn't work in portable yet)
Damien Miller	d9ec370	2003-05-15 12:27:08 +1000	[diff] [blame]	216	- (djm) Import getrrsetbyname() function from OpenBSD libc (for DNS support)
Damien Miller	a47f526	2003-05-15 13:23:07 +1000	[diff] [blame]	217	- (djm) Tidy Makefile clean targets
Damien Miller	5975cf1	2003-05-15 13:23:36 +1000	[diff] [blame]	218	- (djm) Adapt README.dns for portable
Damien Miller	ffda4cb	2003-05-15 13:57:51 +1000	[diff] [blame]	219	- (djm) Avoid uuencode.c warnings
Damien Miller	156cbe8	2003-05-15 14:16:41 +1000	[diff] [blame]	220	- (djm) Enable UsePAM when built --with-pam
Damien Miller	b10f1cd	2003-05-15 20:55:27 +1000	[diff] [blame]	221	- (djm) Only build getrrsetbyname replacement when using --with-dns
Damien Miller	04cb536	2003-05-15 21:29:10 +1000	[diff] [blame]	222	- (djm) Bug #529: sshd doesn't work correctly after SIGHUP (copy argv
				223	correctly)
Damien Miller	eff041d	2003-05-15 21:33:46 +1000	[diff] [blame]	224	- (djm) Bug #444: Wrong paths after reconfigure
Darren Tucker	5d0ccf3	2003-05-15 21:42:59 +1000	[diff] [blame]	225	- (dtucker) HP-UX needs to include <sys/strtio.h> for TIOCSBRK
Damien Miller	04cb536	2003-05-15 21:29:10 +1000	[diff] [blame]	226
Damien Miller	1a27a1e	2003-05-14 10:27:09 +1000	[diff] [blame]	227	20030514
				228	- (djm) Bug #117: Don't lie to PAM about username
Damien Miller	d558092	2003-05-14 13:40:06 +1000	[diff] [blame]	229	- (djm) RCSID sync w/ OpenBSD
Damien Miller	c652cac	2003-05-14 13:40:54 +1000	[diff] [blame]	230	- (djm) OpenBSD CVS Sync
				231	- djm@cvs.openbsd.org 2003/04/09 12:00:37
				232	[readconf.c]
				233	strip trailing whitespace from config lines before parsing.
				234	Fixes bz 528; ok markus@
Damien Miller	a201bb3	2003-05-14 13:41:23 +1000	[diff] [blame]	235	- markus@cvs.openbsd.org 2003/04/12 10:13:57
				236	[cipher.c]
				237	hide cipher details; ok djm@
Damien Miller	ef095ce	2003-05-14 13:41:39 +1000	[diff] [blame]	238	- markus@cvs.openbsd.org 2003/04/12 10:15:36
				239	[misc.c]
				240	debug->debug2
Damien Miller	44e72a7	2003-05-14 13:42:08 +1000	[diff] [blame]	241	- naddy@cvs.openbsd.org 2003/04/12 11:40:15
				242	[ssh.1]
				243	document -V switch, fix wording; ok markus@
Damien Miller	2372ace	2003-05-14 13:42:23 +1000	[diff] [blame]	244	- markus@cvs.openbsd.org 2003/04/14 14:17:50
				245	[channels.c sshconnect.c sshd.c ssh-keyscan.c]
				246	avoid hardcoded SOCK_xx; with itojun@; should allow ssh over SCTP
Damien Miller	8ce778a	2003-05-14 13:43:25 +1000	[diff] [blame]	247	- mouring@cvs.openbsd.org 2003/04/14 21:31:27
				248	[sftp-int.c]
				249	Missing globfree(&g) in process_put() spotted by Vince Brimhall
				250	<VBrimhall@novell.com>. ok@ Theo
				251	- markus@cvs.openbsd.org 2003/04/16 14:35:27
				252	[auth.h]
				253	document struct Authctxt; with solar
Damien Miller	ea5ade2	2003-05-14 13:43:53 +1000	[diff] [blame]	254	- deraadt@cvs.openbsd.org 2003/04/26 04:29:49
				255	[ssh-keyscan.c]
				256	-t in usage(); rogier@quaak.org
Damien Miller	049245d	2003-05-14 13:44:42 +1000	[diff] [blame]	257	- mouring@cvs.openbsd.org 2003/04/30 01:16:20
				258	[sshd.8 sshd_config.5]
				259	Escape ?, * and ! in .Ql for nroff compatibility. OpenSSH Portable
				260	Bug #550 and * escaping suggested by jmc@.
Damien Miller	3155432	2003-05-14 13:44:58 +1000	[diff] [blame]	261	- david@cvs.openbsd.org 2003/04/30 20:41:07
				262	[sshd.8]
				263	fix invalid .Pf macro usage introduced in previous commit
				264	ok jmc@ mouring@
Damien Miller	db27472	2003-05-14 13:45:22 +1000	[diff] [blame]	265	- markus@cvs.openbsd.org 2003/05/11 16:56:48
				266	[authfile.c ssh-keygen.c]
				267	change key_load_public to try to read a public from:
				268	rsa1 private or rsa1 public and ssh2 keys.
				269	this makes ssh-keygen -e fail for ssh1 keys more gracefully
				270	for example; report from itojun (netbsd pr 20550).
Damien Miller	b1ca8bb	2003-05-14 13:45:42 +1000	[diff] [blame]	271	- markus@cvs.openbsd.org 2003/05/11 20:30:25
				272	[channels.c clientloop.c serverloop.c session.c ssh.c]
				273	make channel_new() strdup the 'remote_name' (not the caller); ok theo
Damien Miller	280ecfb	2003-05-14 13:46:00 +1000	[diff] [blame]	274	- markus@cvs.openbsd.org 2003/05/12 16:55:37
				275	[sshconnect2.c]
				276	for pubkey authentication try the user keys in the following order:
				277	1. agent keys that are found in the config file
				278	2. other agent keys
				279	3. keys that are only listed in the config file
				280	this helps when an agent has many keys, where the server might
				281	close the connection before the correct key is used. report & ok pb@
Damien Miller	9350635	2003-05-14 13:46:33 +1000	[diff] [blame]	282	- markus@cvs.openbsd.org 2003/05/12 18:35:18
				283	[ssh-keyscan.1]
				284	typo: DSA keys are of type ssh-dss; Brian Poole
Damien Miller	fb7508e	2003-05-14 13:47:07 +1000	[diff] [blame]	285	- markus@cvs.openbsd.org 2003/05/14 00:52:59
				286	[ssh2.h]
				287	ranges for per auth method messages
				288	- djm@cvs.openbsd.org 2003/05/14 01:00:44
				289	[sftp.1]
				290	emphasise the batchmode functionality and make reference to pubkey auth,
				291	both of which are FAQs; ok markus@
Damien Miller	3ab496b	2003-05-14 13:47:37 +1000	[diff] [blame]	292	- markus@cvs.openbsd.org 2003/05/14 02:15:47
				293	[auth2.c monitor.c sshconnect2.c auth2-krb5.c]
				294	implement kerberos over ssh2 ("kerberos-2@ssh.com"); tested with jakob@
				295	server interops with commercial client; ok jakob@ djm@
Damien Miller	d6ead28	2003-05-14 19:30:38 +1000	[diff] [blame]	296	- jmc@cvs.openbsd.org 2003/05/14 08:25:39
				297	[sftp.1]
				298	- better formatting in SYNOPSIS
				299	- whitespace at EOL
				300	ok djm@
Damien Miller	be64d43	2003-05-14 19:31:12 +1000	[diff] [blame]	301	- markus@cvs.openbsd.org 2003/05/14 08:57:49
				302	[monitor.c]
				303	http://bugzilla.mindrot.org/show_bug.cgi?id=560
				304	Privsep child continues to run after monitor killed.
				305	Pass monitor signals through to child; Darren Tucker
Damien Miller	9c61769	2003-05-14 14:31:11 +1000	[diff] [blame]	306	- (djm) Make portable build with MIT krb5 (some issues remain)
Damien Miller	4e448a3	2003-05-14 15:11:48 +1000	[diff] [blame]	307	- (djm) Add new UsePAM configuration directive to allow runtime control
				308	over usage of PAM. This allows non-root use of sshd when built with
				309	--with-pam
Damien Miller	9d507da	2003-05-14 15:31:12 +1000	[diff] [blame]	310	- (djm) Die screaming if start_pam() is called when UsePAM=no
Damien Miller	4d99519	2003-05-14 19:23:56 +1000	[diff] [blame]	311	- (djm) Avoid KrbV leak for MIT Kerberos
Darren Tucker	abef562	2003-05-14 21:48:51 +1000	[diff] [blame]	312	- (dtucker) Set ai_socktype and ai_protocol in fake-getaddrinfo.c. ok djm@
Damien Miller	1ea7166	2003-05-14 22:33:58 +1000	[diff] [blame]	313	- (djm) Bug #258: sscanf("[0-9]") -> sscanf("[0123456789]") for portability
Damien Miller	1a27a1e	2003-05-14 10:27:09 +1000	[diff] [blame]	314
Damien Miller	75d3b05	2003-05-12 18:15:49 +1000	[diff] [blame]	315	20030512
				316	- (djm) Redhat spec: Don't install profile.d scripts when not
				317	building with GNOME/GTK askpass (patch from bet@rahul.net)
				318
Darren Tucker	e883109	2003-05-10 16:48:23 +1000	[diff] [blame]	319	20030510
				320	- (dtucker) Bug #318: Create ssh_prng_cmds.out during "make" rather than
				321	"make install". Patch by roth@feep.net.
Darren Tucker	c437cda	2003-05-10 17:05:46 +1000	[diff] [blame]	322	- (dtucker) Bug #536: Test for and work around openpty/controlling tty
				323	problem on Linux (fixes "could not set controlling tty" errors).
Damien Miller	4f9f42a	2003-05-10 19:28:02 +1000	[diff] [blame]	324	- (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with
				325	proper challenge-response module
Damien Miller	0d8b792	2003-05-10 23:42:12 +1000	[diff] [blame]	326	- (djm) 2-clause license on loginrec.c, with permission from
				327	andre@ae-35.com
Darren Tucker	e883109	2003-05-10 16:48:23 +1000	[diff] [blame]	328
Darren Tucker	70a08cd	2003-05-04 10:41:20 +1000	[diff] [blame]	329	20030504
Darren Tucker	ac27928	2003-05-04 11:36:25 +1000	[diff] [blame]	330	- (dtucker) Bug #497: Move #include of bsd-cygwin_util.h to openbsd-compat.h.
				331	Patch from vinschen@redhat.com.
Darren Tucker	70a08cd	2003-05-04 10:41:20 +1000	[diff] [blame]	332
Darren Tucker	04cc538	2003-05-03 07:32:56 +1000	[diff] [blame]	333	20030503
				334	- (dtucker) Add missing "void" to record_failed_login in bsd-cray.c. Noted
				335	by wendyp@cray.com.
				336
Darren Tucker	3c01654	2003-05-02 20:48:21 +1000	[diff] [blame]	337	20030502
				338	- (dtucker) Bug #544: ignore invalid cmsg_type on Linux 2.0 kernels,
				339	privsep should now work.
Darren Tucker	97363a8	2003-05-02 23:42:25 +1000	[diff] [blame]	340	- (dtucker) Move handling of bad password authentications into a platform
Darren Tucker	bd570d7	2003-05-02 23:50:09 +1000	[diff] [blame]	341	specific record_failed_login() function (affects AIX & Unicos). ok mouring@
Darren Tucker	3c01654	2003-05-02 20:48:21 +1000	[diff] [blame]	342
Damien Miller	eab4bae	2003-04-29 23:22:40 +1000	[diff] [blame]	343	20030429
				344	- (djm) Add back radix.o (used by AFS support), after it went missing from
				345	Makefile many moons ago
				346	- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
				347	- (djm) Fix blibpath specification for AIX/gcc
				348	- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
				349
Ben Lindstrom	0e7f436	2003-04-28 23:30:43 +0000	[diff] [blame]	350	20030428
				351	- (bal) [defines.h progressmeter.c scp.c] Some more culling of non 64bit
				352	hacked code.
				353
Ben Lindstrom	93b6b77	2003-04-27 17:55:33 +0000	[diff] [blame]	354	20030427
				355	- (bal) Bug #541: return; was dropped by mistake. Reported by
				356	furrier@iglou.com
Ben Lindstrom	796b9a5	2003-04-27 18:01:37 +0000	[diff] [blame]	357	- (bal) Since we don't support platforms lacking u_int_64. We may
				358	as well clean out some of those evil #ifdefs
Ben Lindstrom	683036e	2003-04-27 18:41:30 +0000	[diff] [blame]	359	- (bal) auth1.c minor resync while looking at the code.
Ben Lindstrom	f50ad1f	2003-04-27 18:44:31 +0000	[diff] [blame]	360	- (bal) auth2.c same changed as above.
Ben Lindstrom	93b6b77	2003-04-27 17:55:33 +0000	[diff] [blame]	361
Damien Miller	d186d74	2003-04-09 19:40:33 +1000	[diff] [blame]	362	20030409
				363	- (djm) Bug #539: Specify creation mode with O_CREAT for lastlog. Report
				364	from matth@eecs.berkeley.edu
Damien Miller	a92a589	2003-04-09 19:41:25 +1000	[diff] [blame]	365	- (djm) Make the spec work with Redhat 9.0 (which renames sharutils)
Damien Miller	a5539d2	2003-04-09 20:50:06 +1000	[diff] [blame]	366	- (djm) OpenBSD CVS Sync
				367	- markus@cvs.openbsd.org 2003/04/02 09:48:07
				368	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
				369	[readconf.h serverloop.c sshconnect2.c]
				370	reapply rekeying chage, tested by henning@, ok djm@
Damien Miller	703ced5	2003-04-09 20:50:26 +1000	[diff] [blame]	371	- markus@cvs.openbsd.org 2003/04/02 14:36:26
				372	[ssh-keysign.c]
				373	potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526
Damien Miller	3bed191	2003-04-09 20:50:59 +1000	[diff] [blame]	374	- itojun@cvs.openbsd.org 2003/04/03 07:25:27
				375	[progressmeter.c]
				376	$OpenBSD$
				377	- itojun@cvs.openbsd.org 2003/04/03 10:17:35
				378	[progressmeter.c]
				379	remove $OpenBSD$, as other *.c does not have it.
Damien Miller	b1ecd9c	2003-04-09 20:51:24 +1000	[diff] [blame]	380	- markus@cvs.openbsd.org 2003/04/07 08:29:57
				381	[monitor_wrap.c]
				382	typo: get correct counters; introduced during rekeying change.
Damien Miller	a0898b8	2003-04-09 21:05:52 +1000	[diff] [blame]	383	- millert@cvs.openbsd.org 2003/04/07 21:58:05
				384	[progressmeter.c]
				385	The UCB copyright here is incorrect. This code did not originate
				386	at UCB, it was written by Luke Mewburn. Updated the copyright at
				387	the author's request. markus@ OK
				388	- itojun@cvs.openbsd.org 2003/04/08 20:21:29
				389	[.c .h]
				390	rename log() into logit() to avoid name conflict. markus ok, from
				391	netbsd
				392	- (djm) XXX - Performed locally using:
				393	"perl -p -i -e 's/(\s\|^)log\(/$1logit\(/g' .c .h"
Damien Miller	bf2a017	2003-04-09 21:07:14 +1000	[diff] [blame]	394	- hin@cvs.openbsd.org 2003/04/09 08:23:52
				395	[servconf.c]
				396	Don't include <krb.h> when compiling with Kerberos 5 support
Damien Miller	a0898b8	2003-04-09 21:05:52 +1000	[diff] [blame]	397	- (djm) Fix up missing include for packet.c
Damien Miller	2a3f20e	2003-04-09 21:12:00 +1000	[diff] [blame]	398	- (djm) Fix missed log => logit occurance (reference by function pointer)
Damien Miller	d186d74	2003-04-09 19:40:33 +1000	[diff] [blame]	399
Ben Lindstrom	c8a49d7	2003-04-02 15:18:22 +0000	[diff] [blame]	400	20030402
				401	- (bal) if IP_TOS is not found or broken don't try to compile in
				402	packet_set_tos() function call. bug #527
				403
Damien Miller	495dca3	2003-04-01 21:42:14 +1000	[diff] [blame]	404	20030401
				405	- (djm) OpenBSD CVS Sync
				406	- jmc@cvs.openbsd.org 2003/03/28 10:11:43
				407	[scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
				408	[ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
				409	- killed whitespace
				410	- new sentence new line
				411	- .Bk for arguments
				412	ok markus@
Damien Miller	2dc074e	2003-04-01 21:43:39 +1000	[diff] [blame]	413	- markus@cvs.openbsd.org 2003/04/01 10:10:23
				414	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
				415	[readconf.h serverloop.c sshconnect2.c]
				416	rekeying bugfixes and automatic rekeying:
				417	* both client and server rekey _automatically_
				418	(a) after 2^31 packets, because after 2^32 packets
				419	the sequence number for packets wraps
				420	(b) after 2^(blocksize_in_bits/4) blocks
				421	(see: draft-ietf-secsh-newmodes-00.txt)
				422	(a) and (b) are _enabled_ by default, and only disabled for known
				423	openssh versions, that don't support rekeying properly.
				424	* client option 'RekeyLimit'
				425	* do not reply to requests during rekeying
				426	- markus@cvs.openbsd.org 2003/04/01 10:22:21
				427	[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
				428	[readconf.h serverloop.c sshconnect2.c]
				429	backout rekeying changes (for 3.6.1)
Damien Miller	d320904	2003-04-01 21:44:37 +1000	[diff] [blame]	430	- markus@cvs.openbsd.org 2003/04/01 10:31:26
				431	[compat.c compat.h kex.c]
				432	bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
				433	tested by ho@ and myself
Damien Miller	13c1c7a	2003-04-01 21:45:26 +1000	[diff] [blame]	434	- markus@cvs.openbsd.org 2003/04/01 10:56:46
				435	[version.h]
				436	3.6.1
Damien Miller	b80e52a	2003-04-01 21:46:53 +1000	[diff] [blame]	437	- (djm) Crank spec file versions
Damien Miller	a0ab669	2003-04-01 21:47:16 +1000	[diff] [blame]	438	- (djm) Release 3.6.1p1
Damien Miller	495dca3	2003-04-01 21:42:14 +1000	[diff] [blame]	439
Damien Miller	b3207e8	2003-03-26 16:01:11 +1100	[diff] [blame]	440	20030326
				441	- (djm) OpenBSD CVS Sync
				442	- deraadt@cvs.openbsd.org 2003/03/26 04:02:51
				443	[sftp-server.c]
				444	one last fix to the tree: race fix broke stuff; pr 3169;
				445	srp@srparish.net, help from djm
				446
Damien Miller	68d893d	2003-03-25 09:07:52 +1100	[diff] [blame]	447	20030325
				448	- (djm) Fix getpeerid support for 64 bit BE systems. From
				449	Arnd Bergmann <arndb@de.ibm.com>
				450
Damien Miller	b062c29	2003-03-24 09:12:09 +1100	[diff] [blame]	451	20030324
				452	- (djm) OpenBSD CVS Sync
				453	- markus@cvs.openbsd.org 2003/03/23 19:02:00
				454	[monitor.c]
				455	unbreak rekeying for privsep; ok millert@
				456	- Release 3.6p1
Damien Miller	62b6b17	2003-03-24 13:35:58 +1100	[diff] [blame]	457	- Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
				458	Report from murple@murple.net, diagnosis from dtucker@zip.com.au
Damien Miller	b062c29	2003-03-24 09:12:09 +1100	[diff] [blame]	459
Damien Miller	cc685c1	2003-06-04 22:51:38 +1000	[diff] [blame^]	460	$Id: ChangeLog,v 1.2780 2003/06/04 12:51:38 djm Exp $