diff options
author | Colin Watson <cjwatson@debian.org> | 2005-09-14 12:45:47 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2005-09-14 12:45:47 +0000 |
commit | 9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch) | |
tree | d4ea8fdb30c7949c6433f5277c39548ea579d4dc /ChangeLog | |
parent | ed07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff) | |
parent | 16704d57999d987fb8d9ba53379841a79f016d67 (diff) |
Merge 4.2p1 to the trunk.
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 531 |
1 files changed, 512 insertions, 19 deletions
@@ -1,3 +1,514 @@ | |||
1 | 20050901 | ||
2 | - (djm) Update RPM spec file versions | ||
3 | |||
4 | 20050831 | ||
5 | - (djm) OpenBSD CVS Sync | ||
6 | - djm@cvs.openbsd.org 2005/08/30 22:08:05 | ||
7 | [gss-serv.c sshconnect2.c] | ||
8 | destroy credentials if krb5_kuserok() call fails. Stops credentials being | ||
9 | delegated to users who are not authorised for GSSAPIAuthentication when | ||
10 | GSSAPIDeletegateCredentials=yes and another authentication mechanism | ||
11 | succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by | ||
12 | simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@ | ||
13 | - markus@cvs.openbsd.org 2005/08/31 09:28:42 | ||
14 | [version.h] | ||
15 | 4.2 | ||
16 | - (dtucker) [README] Update release note URL to 4.2 | ||
17 | - (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c | ||
18 | openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable | ||
19 | libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd(). | ||
20 | Feedback and OK dtucker@ | ||
21 | |||
22 | 20050830 | ||
23 | - (tim) [configure.ac] Back out last change. It needs to be done differently. | ||
24 | |||
25 | 20050829 | ||
26 | - (tim) [configure.ac] ia_openinfo() seems broken on OSR6. Limit UW long | ||
27 | password support to 7.x for now. | ||
28 | |||
29 | 20050826 | ||
30 | - (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c | ||
31 | openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h | ||
32 | openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c | ||
33 | openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char) | ||
34 | on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing | ||
35 | by tim@. Feedback and OK dtucker@ | ||
36 | |||
37 | 20050823 | ||
38 | - (dtucker) [regress/test-exec.sh] Do not prepend an extra "/" to a fully- | ||
39 | qualified sshd pathname since some systems (eg Cygwin) may consider "/foo" | ||
40 | and "//foo" to be different. Spotted by vinschen at redhat.com. | ||
41 | - (tim) [configure.ac] Not all gcc's support -Wsign-compare. Enhancements | ||
42 | and OK dtucker@ | ||
43 | - (tim) [defines.h] PATH_MAX bits for OpenServer OK dtucker@ | ||
44 | |||
45 | 20050821 | ||
46 | - (dtucker) [configure.ac defines.h includes.h sftp.c] Add support for | ||
47 | LynxOS, patch from Olli Savia (ops at iki.fi). ok djm@ | ||
48 | |||
49 | 20050816 | ||
50 | - (djm) [ttymodes.c] bugzilla #1025: Fix encoding of _POSIX_VDISABLE, | ||
51 | from Jacob Nevins; ok dtucker@ | ||
52 | |||
53 | 20050815 | ||
54 | - (tim) [sftp.c] wrap el_end() in #ifdef USE_LIBEDIT | ||
55 | - (tim) [configure.ac] corrections to libedit tests. Report and patches | ||
56 | by skeleten AT shillest.net | ||
57 | |||
58 | 20050812 | ||
59 | - (djm) OpenBSD CVS Sync | ||
60 | - markus@cvs.openbsd.org 2005/07/28 17:36:22 | ||
61 | [packet.c] | ||
62 | missing packet_init_compression(); from solar | ||
63 | - djm@cvs.openbsd.org 2005/07/30 01:26:16 | ||
64 | [ssh.c] | ||
65 | fix -D listen_host initialisation, so it picks up gateway_ports setting | ||
66 | correctly | ||
67 | - djm@cvs.openbsd.org 2005/07/30 02:03:47 | ||
68 | [readconf.c] | ||
69 | listen_hosts initialisation here too; spotted greg AT y2005.nest.cx | ||
70 | - dtucker@cvs.openbsd.org 2005/08/06 10:03:12 | ||
71 | [servconf.c] | ||
72 | Unbreak sshd ListenAddress for bare IPv6 addresses. | ||
73 | Report from Janusz Mucka; ok djm@ | ||
74 | - jaredy@cvs.openbsd.org 2005/08/08 13:22:48 | ||
75 | [sftp.c] | ||
76 | sftp prompt enhancements: | ||
77 | - in non-interactive mode, do not print an empty prompt at the end | ||
78 | before finishing | ||
79 | - print newline after EOF in editline mode | ||
80 | - call el_end() in editline mode | ||
81 | ok dtucker djm | ||
82 | |||
83 | 20050810 | ||
84 | - (dtucker) [configure.ac] Test libedit library and headers for compatibility. | ||
85 | Report from skeleten AT shillest.net, ok djm@ | ||
86 | - (dtucker) [LICENCE configure.ac defines.h openbsd-compat/realpath.c] | ||
87 | Sync current (thread-safe) version of realpath.c from OpenBSD (which is | ||
88 | in turn based on FreeBSD's). ok djm@ | ||
89 | |||
90 | 20050809 | ||
91 | - (tim) [configure.ac] Allow --with-audit=no. OK dtucker@ | ||
92 | Report by skeleten AT shillest.net | ||
93 | |||
94 | 20050803 | ||
95 | - (dtucker) [openbsd-compat/fake-rfc2553.h] Check for EAI_* defines | ||
96 | individually and use a value less likely to collide with real values from | ||
97 | netdb.h. Fixes compile warnings on FreeBSD 5.3. ok djm@ | ||
98 | - (dtucker) [openbsd-compat/fake-rfc2553.h] MAX_INT -> INT_MAX since the | ||
99 | latter is specified in the standard. | ||
100 | |||
101 | 20050802 | ||
102 | - (dtucker) OpenBSD CVS Sync | ||
103 | - dtucker@cvs.openbsd.org 2005/07/27 10:39:03 | ||
104 | [scp.c hostfile.c sftp-client.c] | ||
105 | Silence bogus -Wuninitialized warnings; ok djm@ | ||
106 | - (dtucker) [configure.ac] Enable -Wuninitialized by default when compiling | ||
107 | with gcc. ok djm@ | ||
108 | - (dtucker) [configure.ac] Add a --with-Werror option to configure for | ||
109 | adding -Werror to CFLAGS when all of the configure tests are done. ok djm@ | ||
110 | |||
111 | 20050726 | ||
112 | - (dtucker) [configure.ac] Update zlib warning message too, pointed out by | ||
113 | tim@. | ||
114 | - (djm) OpenBSD CVS Sync | ||
115 | - otto@cvs.openbsd.org 2005/07/19 15:32:26 | ||
116 | [auth-passwd.c] | ||
117 | auth_usercheck(3) can return NULL, so check for that. Report from | ||
118 | mpech@. ok markus@ | ||
119 | - markus@cvs.openbsd.org 2005/07/25 11:59:40 | ||
120 | [kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c] | ||
121 | [sshconnect2.c sshd.c sshd_config sshd_config.5] | ||
122 | add a new compression method that delays compression until the user | ||
123 | has been authenticated successfully and set compression to 'delayed' | ||
124 | for sshd. | ||
125 | this breaks older openssh clients (< 3.5) if they insist on | ||
126 | compression, so you have to re-enable compression in sshd_config. | ||
127 | ok djm@ | ||
128 | |||
129 | 20050725 | ||
130 | - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096. | ||
131 | |||
132 | 20050717 | ||
133 | - OpenBSD CVS Sync | ||
134 | - djm@cvs.openbsd.org 2005/07/16 01:35:24 | ||
135 | [auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c] | ||
136 | [sshconnect.c] | ||
137 | spacing | ||
138 | - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c] | ||
139 | [cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL | ||
140 | in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]") | ||
141 | - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line | ||
142 | - djm@cvs.openbsd.org 2005/07/17 06:49:04 | ||
143 | [channels.c channels.h session.c session.h] | ||
144 | Fix a number of X11 forwarding channel leaks: | ||
145 | 1. Refuse multiple X11 forwarding requests on the same session | ||
146 | 2. Clean up all listeners after a single_connection X11 forward, not just | ||
147 | the one that made the single connection | ||
148 | 3. Destroy X11 listeners when the session owning them goes away | ||
149 | testing and ok dtucker@ | ||
150 | - djm@cvs.openbsd.org 2005/07/17 07:17:55 | ||
151 | [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c] | ||
152 | [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c] | ||
153 | [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c] | ||
154 | [sshconnect.c sshconnect2.c] | ||
155 | knf says that a 2nd level indent is four (not three or five) spaces | ||
156 | -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c] | ||
157 | [ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too | ||
158 | - (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls | ||
159 | |||
160 | 20050716 | ||
161 | - (dtucker) [auth-pam.c] Ensure that only one side of the authentication | ||
162 | socketpair stays open on in both the monitor and PAM process. Patch from | ||
163 | Joerg Sonnenberger. | ||
164 | |||
165 | 20050714 | ||
166 | - (dtucker) OpenBSD CVS Sync | ||
167 | - dtucker@cvs.openbsd.org 2005/07/06 09:33:05 | ||
168 | [ssh.1] | ||
169 | clarify meaning of ssh -b ; with & ok jmc@ | ||
170 | - dtucker@cvs.openbsd.org 2005/07/08 09:26:18 | ||
171 | [misc.c] | ||
172 | Make comment match code; ok djm@ | ||
173 | - markus@cvs.openbsd.org 2005/07/08 09:41:33 | ||
174 | [channels.h] | ||
175 | race when efd gets closed while there is still buffered data: | ||
176 | change CHANNEL_EFD_OUTPUT_ACTIVE() | ||
177 | 1) c->efd must always be valid AND | ||
178 | 2a) no EOF has been seen OR | ||
179 | 2b) there is buffered data | ||
180 | report, initial fix and testing Chuck Cranor | ||
181 | - dtucker@cvs.openbsd.org 2005/07/08 10:20:41 | ||
182 | [ssh_config.5] | ||
183 | change BindAddress to match recent ssh -b change; prompted by markus@ | ||
184 | - jmc@cvs.openbsd.org 2005/07/08 12:53:10 | ||
185 | [ssh_config.5] | ||
186 | new sentence, new line; | ||
187 | - dtucker@cvs.openbsd.org 2005/07/14 04:00:43 | ||
188 | [misc.h] | ||
189 | use __sentinel__ attribute; ok deraadt@ djm@ markus@ | ||
190 | - (dtucker) [configure.ac defines.h] Define __sentinel__ to nothing if the | ||
191 | compiler doesn't understand it to prevent warnings. If any mainstream | ||
192 | compiler versions acquire it we can test for those versions. Based on | ||
193 | discussion with djm@. | ||
194 | |||
195 | 20050707 | ||
196 | - dtucker [auth-krb5.c auth.h gss-serv-krb5.c] Move KRB5CCNAME generation for | ||
197 | the MIT Kerberos code path into a common function and expand mkstemp | ||
198 | template to be consistent with the rest of OpenSSH. From sxw at | ||
199 | inf.ed.ac.uk, ok djm@ | ||
200 | - (dtucker) [auth-krb5.c] There's no guarantee that snprintf will set errno | ||
201 | in the case where the buffer is insufficient, so always return ENOMEM. | ||
202 | Also pointed out by sxw at inf.ed.ac.uk. | ||
203 | - (dtucker) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Remove | ||
204 | calls to krb5_init_ets, which has not been required since krb-1.1.x and | ||
205 | most Kerberos versions no longer export in their public API. From sxw | ||
206 | at inf.ed.ac.uk, ok djm@ | ||
207 | |||
208 | 20050706 | ||
209 | - (djm) OpenBSD CVS Sync | ||
210 | - markus@cvs.openbsd.org 2005/07/01 13:19:47 | ||
211 | [channels.c] | ||
212 | don't free() if getaddrinfo() fails; report mpech@ | ||
213 | - djm@cvs.openbsd.org 2005/07/04 00:58:43 | ||
214 | [channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5] | ||
215 | implement support for X11 and agent forwarding over multiplex slave | ||
216 | connections. Because of protocol limitations, the slave connections inherit | ||
217 | the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding | ||
218 | their own. | ||
219 | ok dtucker@ "put it in" deraadt@ | ||
220 | - jmc@cvs.openbsd.org 2005/07/04 11:29:51 | ||
221 | [ssh_config.5] | ||
222 | fix Xr and a little grammar; | ||
223 | - markus@cvs.openbsd.org 2005/07/04 14:04:11 | ||
224 | [channels.c] | ||
225 | don't forget to set x11_saved_display | ||
226 | |||
227 | 20050626 | ||
228 | - (djm) OpenBSD CVS Sync | ||
229 | - djm@cvs.openbsd.org 2005/06/17 22:53:47 | ||
230 | [ssh.c sshconnect.c] | ||
231 | Fix ControlPath's %p expanding to "0" for a default port, | ||
232 | spotted dwmw2 AT infradead.org; ok markus@ | ||
233 | - djm@cvs.openbsd.org 2005/06/18 04:30:36 | ||
234 | [ssh.c ssh_config.5] | ||
235 | allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@ | ||
236 | - djm@cvs.openbsd.org 2005/06/25 22:47:49 | ||
237 | [ssh.c] | ||
238 | do the default port filling code a few lines earlier, so it really | ||
239 | does fix %p | ||
240 | |||
241 | 20050618 | ||
242 | - (djm) OpenBSD CVS Sync | ||
243 | - djm@cvs.openbsd.org 2005/05/20 12:57:01; | ||
244 | [auth1.c] split protocol 1 auth methods into separate functions, makes | ||
245 | authloop much more readable; fixes and ok markus@ (portable ok & | ||
246 | polish dtucker@) | ||
247 | - djm@cvs.openbsd.org 2005/06/17 02:44:33 | ||
248 | [auth1.c] make this -Wsign-compare clean; ok avsm@ markus@ | ||
249 | - (djm) [loginrec.c ssh-rand-helper.c] Fix -Wsign-compare for portable, | ||
250 | tested and fixes tim@ | ||
251 | |||
252 | 20050617 | ||
253 | - (djm) OpenBSD CVS Sync | ||
254 | - djm@cvs.openbsd.org 2005/06/16 03:38:36 | ||
255 | [channels.c channels.h clientloop.c clientloop.h ssh.c] | ||
256 | move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd | ||
257 | easier later; ok deraadt@ | ||
258 | - markus@cvs.openbsd.org 2005/06/16 08:00:00 | ||
259 | [canohost.c channels.c sshd.c] | ||
260 | don't exit if getpeername fails for forwarded ports; bugzilla #1054; | ||
261 | ok djm | ||
262 | - djm@cvs.openbsd.org 2005/06/17 02:44:33 | ||
263 | [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c] | ||
264 | [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c] | ||
265 | [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c] | ||
266 | [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c] | ||
267 | [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c] | ||
268 | make this -Wsign-compare clean; ok avsm@ markus@ | ||
269 | NB. auth1.c changes not committed yet (conflicts with uncommitted sync) | ||
270 | NB2. more work may be needed to make portable Wsign-compare clean | ||
271 | - (dtucker) [cipher.c openbsd-compat/openbsd-compat.h | ||
272 | openbsd-compat/openssl-compat.c] only include openssl compat stuff where | ||
273 | it's needed as it can cause conflicts elsewhere (eg xcrypt.c). Found by | ||
274 | and ok tim@ | ||
275 | |||
276 | 20050616 | ||
277 | - (djm) OpenBSD CVS Sync | ||
278 | - jaredy@cvs.openbsd.org 2005/06/07 13:25:23 | ||
279 | [progressmeter.c] | ||
280 | catch SIGWINCH and resize progress meter accordingly; ok markus dtucker | ||
281 | - djm@cvs.openbsd.org 2005/06/06 11:20:36 | ||
282 | [auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c] | ||
283 | introduce a generic %foo expansion function. replace existing % expansion | ||
284 | and add expansion to ControlPath; ok markus@ | ||
285 | - djm@cvs.openbsd.org 2005/06/08 03:50:00 | ||
286 | [ssh-keygen.1 ssh-keygen.c sshd.8] | ||
287 | increase default rsa/dsa key length from 1024 to 2048 bits; | ||
288 | ok markus@ deraadt@ | ||
289 | - djm@cvs.openbsd.org 2005/06/08 11:25:09 | ||
290 | [clientloop.c readconf.c readconf.h ssh.c ssh_config.5] | ||
291 | add ControlMaster=auto/autoask options to support opportunistic | ||
292 | multiplexing; tested avsm@ and jakob@, ok markus@ | ||
293 | - dtucker@cvs.openbsd.org 2005/06/09 13:43:49 | ||
294 | [cipher.c] | ||
295 | Correctly initialize end of array sentinel; ok djm@ | ||
296 | (Id sync only, change already in portable) | ||
297 | |||
298 | 20050609 | ||
299 | - (dtucker) [cipher.c openbsd-compat/Makefile.in | ||
300 | openbsd-compat/openbsd-compat.h openbsd-compat/openssl-compat.{c,h}] | ||
301 | Move compatibility code for supporting older OpenSSL versions to the | ||
302 | compat layer. Suggested by and "no objection" djm@ | ||
303 | |||
304 | 20050607 | ||
305 | - (dtucker) [configure.ac] Continue the hunt for LLONG_MIN and LLONG_MAX: | ||
306 | in today's episode we attempt to coax it from limits.h where it may be | ||
307 | hiding, failing that we take the DIY approach. Tested by tim@ | ||
308 | |||
309 | 20050603 | ||
310 | - (dtucker) [configure.ac] Only try gcc -std=gnu99 if LLONG_MAX isn't | ||
311 | defined, and check that it helps before keeping it in CFLAGS. Some old | ||
312 | gcc's don't set an error code when encountering an unknown value in -std. | ||
313 | Found and tested by tim@. | ||
314 | - (dtucker) [configure.ac] Point configure's reporting address at the | ||
315 | openssh-unix-dev list. ok tim@ djm@ | ||
316 | |||
317 | 20050602 | ||
318 | - (tim) [configure.ac] Some platforms need sys/types.h for arpa/nameser.h. | ||
319 | Take AC_CHECK_HEADERS test out of ultrix section. It caused other platforms | ||
320 | to skip builtin standard includes tests. (first AC_CHECK_HEADERS test | ||
321 | must be run on all platforms) Add missing ;; to case statement. OK dtucker@ | ||
322 | |||
323 | 20050601 | ||
324 | - (dtucker) [configure.ac] Look for _getshort and _getlong in | ||
325 | arpa/nameser.h. | ||
326 | - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoll.c] | ||
327 | Add strtoll to the compat library, from OpenBSD. | ||
328 | - (dtucker) OpenBSD CVS Sync | ||
329 | - avsm@cvs.openbsd.org 2005/05/26 02:08:05 | ||
330 | [scp.c] | ||
331 | If copying multiple files to a target file (which normally fails, as it | ||
332 | must be a target directory), kill the spawned ssh child before exiting. | ||
333 | This stops it trying to authenticate and spewing lots of output. | ||
334 | deraadt@ ok | ||
335 | - dtucker@cvs.openbsd.org 2005/05/26 09:08:12 | ||
336 | [ssh-keygen.c] | ||
337 | uint32_t -> u_int32_t for consistency; ok djm@ | ||
338 | - djm@cvs.openbsd.org 2005/05/27 08:30:37 | ||
339 | [ssh.c] | ||
340 | fix -O for cases where no ControlPath has been specified or socket at | ||
341 | ControlPath is not contactable; spotted by and ok avsm@ | ||
342 | - (tim) [config.guess config.sub] Update to '2005-05-27' version. | ||
343 | - (tim) [configure.ac] set TEST_SHELL for OpenServer 6 | ||
344 | |||
345 | 20050531 | ||
346 | - (dtucker) [contrib/aix/pam.conf] Correct comments. From davidl at | ||
347 | vintela.com. | ||
348 | - (dtucker) [mdoc2man.awk] Teach it to understand .Ox. | ||
349 | |||
350 | 20050530 | ||
351 | - (dtucker) [README] Link to new release notes. Beter late than never... | ||
352 | |||
353 | 20050529 | ||
354 | - (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the | ||
355 | argument to passwdexpired to be initialized to NULL. Suggested by tim@ | ||
356 | While at it, initialize the other arguments to auth functions in case they | ||
357 | ever acquire this behaviour. | ||
358 | - (dtucker) [openbsd-compat/port-aix.c] Whitespace cleanups while there. | ||
359 | - (dtucker) [openbsd-compat/port-aix.c] Minor correction to debug message, | ||
360 | spotted by tim@. | ||
361 | |||
362 | 20050528 | ||
363 | - (dtucker) [configure.ac] For AC_CHECK_HEADERS() and AC_CHECK_FUNCS() have | ||
364 | one entry per line to make it easier to merge changes. ok djm@ | ||
365 | - (dtucker) [configure.ac] strsep() may be defined in string.h, so check | ||
366 | for its presence and include it in the strsep check. | ||
367 | - (dtucker) [configure.ac] getpgrp may be defined in unistd.h, so check for | ||
368 | its presence before doing AC_FUNC_GETPGRP. | ||
369 | - (dtucker) [configure.ac] Merge HP-UX blocks into a common block with minor | ||
370 | version-specific variations as required. | ||
371 | - (dtucker) [openbsd-compat/port-aix.h] Use the HAVE_DECL_* definitions as | ||
372 | per the autoconf man page. Configure should always define them but it | ||
373 | doesn't hurt to check. | ||
374 | |||
375 | 20050527 | ||
376 | - (djm) [defines.h] Use our realpath if we have to define PATH_MAX, spotted by | ||
377 | David Leach; ok dtucker@ | ||
378 | - (dtucker) [acconfig.h configure.ac defines.h includes.h sshpty.c | ||
379 | openbsd-compat/bsd-misc.c] Add support for Ultrix. No, that's not a typo. | ||
380 | Required changes from Bernhard Simon, integrated by me. ok djm@ | ||
381 | |||
382 | 20050525 | ||
383 | - (djm) [mpaux.c mpaux.h Makefile.in] Remove old mpaux.[ch] code, it has not | ||
384 | been used for a while | ||
385 | - (djm) OpenBSD CVS Sync | ||
386 | - otto@cvs.openbsd.org 2005/04/05 13:45:31 | ||
387 | [ssh-keygen.c] | ||
388 | - djm@cvs.openbsd.org 2005/04/06 09:43:59 | ||
389 | [sshd.c] | ||
390 | avoid harmless logspam by not performing setsockopt() on non-socket; | ||
391 | ok markus@ | ||
392 | - dtucker@cvs.openbsd.org 2005/04/06 12:26:06 | ||
393 | [ssh.c] | ||
394 | Fix debug call for port forwards; patch from pete at seebeyond.com, | ||
395 | ok djm@ (ID sync only - change already in portable) | ||
396 | - djm@cvs.openbsd.org 2005/04/09 04:32:54 | ||
397 | [misc.c misc.h tildexpand.c Makefile.in] | ||
398 | replace tilde_expand_filename with a simpler implementation, ahead of | ||
399 | more whacking; ok deraadt@ | ||
400 | - jmc@cvs.openbsd.org 2005/04/14 12:30:30 | ||
401 | [ssh.1] | ||
402 | arg to -b is an address, not if_name; | ||
403 | ok markus@ | ||
404 | - jakob@cvs.openbsd.org 2005/04/20 10:05:45 | ||
405 | [dns.c] | ||
406 | do not try to look up SSHFP for numerical hostname. ok djm@ | ||
407 | - djm@cvs.openbsd.org 2005/04/21 06:17:50 | ||
408 | [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8] | ||
409 | [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment | ||
410 | variable, so don't say that we do (bz #623); ok deraadt@ | ||
411 | - djm@cvs.openbsd.org 2005/04/21 11:47:19 | ||
412 | [ssh.c] | ||
413 | don't allocate a pty when -n flag (/dev/null stdin) is set, patch from | ||
414 | ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@ | ||
415 | - dtucker@cvs.openbsd.org 2005/04/23 23:43:47 | ||
416 | [readpass.c] | ||
417 | Add debug message if read_passphrase can't open /dev/tty; bz #471; | ||
418 | ok djm@ | ||
419 | - jmc@cvs.openbsd.org 2005/04/26 12:59:02 | ||
420 | [sftp-client.h] | ||
421 | spelling correction in comment from wiz@netbsd; | ||
422 | - jakob@cvs.openbsd.org 2005/04/26 13:08:37 | ||
423 | [ssh.c ssh_config.5] | ||
424 | fallback gracefully if client cannot connect to ControlPath. ok djm@ | ||
425 | - moritz@cvs.openbsd.org 2005/04/28 10:17:56 | ||
426 | [progressmeter.c ssh-keyscan.c] | ||
427 | add snprintf checks. ok djm@ markus@ | ||
428 | - markus@cvs.openbsd.org 2005/05/02 21:13:22 | ||
429 | [readpass.c] | ||
430 | missing {} | ||
431 | - djm@cvs.openbsd.org 2005/05/10 10:28:11 | ||
432 | [ssh.c] | ||
433 | print nice error message for EADDRINUSE as well (ID sync only) | ||
434 | - djm@cvs.openbsd.org 2005/05/10 10:30:43 | ||
435 | [ssh.c] | ||
436 | report real errors on fallback from ControlMaster=no to normal connect | ||
437 | - markus@cvs.openbsd.org 2005/05/16 15:30:51 | ||
438 | [readconf.c servconf.c] | ||
439 | check return value from strdelim() for NULL (AddressFamily); mpech | ||
440 | - djm@cvs.openbsd.org 2005/05/19 02:39:55 | ||
441 | [sshd_config.5] | ||
442 | sort config options, from grunk AT pestilenz.org; ok jmc@ | ||
443 | - djm@cvs.openbsd.org 2005/05/19 02:40:52 | ||
444 | [sshd_config] | ||
445 | whitespace nit, from grunk AT pestilenz.org | ||
446 | - djm@cvs.openbsd.org 2005/05/19 02:42:26 | ||
447 | [includes.h] | ||
448 | fix cast, from grunk AT pestilenz.org | ||
449 | - djm@cvs.openbsd.org 2005/05/20 10:50:55 | ||
450 | [ssh_config.5] | ||
451 | give a ProxyCommand example using nc(1), with and ok jmc@ | ||
452 | - jmc@cvs.openbsd.org 2005/05/20 11:23:32 | ||
453 | [ssh_config.5] | ||
454 | oops - article and spacing; | ||
455 | - avsm@cvs.openbsd.org 2005/05/23 22:44:01 | ||
456 | [moduli.c ssh-keygen.c] | ||
457 | - removes signed/unsigned comparisons in moduli generation | ||
458 | - use strtonum instead of atoi where its easier | ||
459 | - check some strlcpy overflow and fatal instead of truncate | ||
460 | - djm@cvs.openbsd.org 2005/05/23 23:32:46 | ||
461 | [cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5] | ||
462 | add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes; | ||
463 | ok markus@ | ||
464 | - avsm@cvs.openbsd.org 2005/05/24 02:05:09 | ||
465 | [ssh-keygen.c] | ||
466 | some style nits from dmiller@, and use a fatal() instead of a printf()/exit | ||
467 | - avsm@cvs.openbsd.org 2005/05/24 17:32:44 | ||
468 | [atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c] | ||
469 | [ssh-keyscan.c sshconnect.c] | ||
470 | Switch atomicio to use a simpler interface; it now returns a size_t | ||
471 | (containing number of bytes read/written), and indicates error by | ||
472 | returning 0. EOF is signalled by errno==EPIPE. | ||
473 | Typical use now becomes: | ||
474 | |||
475 | if (atomicio(read, ..., len) != len) | ||
476 | err(1,"read"); | ||
477 | |||
478 | ok deraadt@, cloder@, djm@ | ||
479 | - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on | ||
480 | Cygwin. | ||
481 | - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux: | ||
482 | warning: dereferencing type-punned pointer will break strict-aliasing rules | ||
483 | warning: passing arg 3 of `pam_get_item' from incompatible pointer type | ||
484 | The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@ | ||
485 | - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1033: Provide | ||
486 | templates for _getshort and _getlong if missing to prevent compiler warnings | ||
487 | on Linux. | ||
488 | - (djm) [configure.ac openbsd-compat/Makefile.in] | ||
489 | [openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c] | ||
490 | Add strtonum(3) from OpenBSD libc, new code needs it. | ||
491 | Unfortunately Linux forces us to do a bizarre dance with compiler | ||
492 | options to get LLONG_MIN/MAX; Spotted by and ok dtucker@ | ||
493 | |||
494 | 20050524 | ||
495 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
496 | [contrib/suse/openssh.spec] Update spec file versions to 4.1p1 | ||
497 | - (dtucker) [auth-pam.c] Since people don't seem to be getting the message | ||
498 | that USE_POSIX_THREADS is unsupported, not recommended and generally a bad | ||
499 | idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use | ||
500 | USE_POSIX_THREADS will now generate an error so we don't silently change | ||
501 | behaviour. ok djm@ | ||
502 | - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory | ||
503 | allocation when retrieving core Windows environment. Add CYGWIN variable | ||
504 | to propagated variables. Patch from vinschen at redhat.com, ok djm@ | ||
505 | - Release 4.1p1 | ||
506 | |||
507 | 20050524 | ||
508 | - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure | ||
509 | terminal modes are reset correctly. Fix from peak AT argo.troja.mff.cuni.cz; | ||
510 | "looks ok" dtucker@ | ||
511 | |||
1 | 20050510 | 512 | 20050510 |
2 | - (srivasta) [selinux.c] if selinux is enabled, then provide funtions to | 513 | - (srivasta) [selinux.c] if selinux is enabled, then provide funtions to |
3 | initialize the pty and execution context for ssh. | 514 | initialize the pty and execution context for ssh. |
@@ -22,24 +533,6 @@ | |||
22 | - (srivasta) [auth.h] Added a role member in struct Authctxt | 533 | - (srivasta) [auth.h] Added a role member in struct Authctxt |
23 | - (srivasta) [Makefile.in (SSHDOBJS)] Add selinux.o | 534 | - (srivasta) [Makefile.in (SSHDOBJS)] Add selinux.o |
24 | 535 | ||
25 | 20050524 | ||
26 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | ||
27 | [contrib/suse/openssh.spec] Update spec file versions to 4.1p1 | ||
28 | - (dtucker) [auth-pam.c] Since people don't seem to be getting the message | ||
29 | that USE_POSIX_THREADS is unsupported, not recommended and generally a bad | ||
30 | idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use | ||
31 | USE_POSIX_THREADS will now generate an error so we don't silently change | ||
32 | behaviour. ok djm@ | ||
33 | - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory | ||
34 | allocation when retrieving core Windows environment. Add CYGWIN variable | ||
35 | to propagated variables. Patch from vinschen at redhat.com, ok djm@ | ||
36 | - (djm) Release 4.1p1 | ||
37 | |||
38 | 20050524 | ||
39 | - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure | ||
40 | terminal modes are reset correctly. Fix from peak AT argo.troja.mff.cuni.cz; | ||
41 | "looks ok" dtucker@ | ||
42 | |||
43 | 20050512 | 536 | 20050512 |
44 | - (tim) [buildpkg.sh.in] missing ${PKG_INSTALL_ROOT} in init script | 537 | - (tim) [buildpkg.sh.in] missing ${PKG_INSTALL_ROOT} in init script |
45 | hard link section. Bug 1038. | 538 | hard link section. Bug 1038. |
@@ -2520,4 +3013,4 @@ | |||
2520 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 3013 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
2521 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 3014 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
2522 | 3015 | ||
2523 | $Id: ChangeLog,v 1.3758.2.2 2005/05/25 12:24:56 djm Exp $ | 3016 | $Id: ChangeLog,v 1.3887 2005/09/01 09:10:48 djm Exp $ |