summaryrefslogtreecommitdiff
path: root/ChangeLog
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2005-09-14 12:45:47 +0000
committerColin Watson <cjwatson@debian.org>2005-09-14 12:45:47 +0000
commit9b71add4cecf753c45f5fbd6ff0913bc95b3e95d (patch)
treed4ea8fdb30c7949c6433f5277c39548ea579d4dc /ChangeLog
parented07bcbea56007ab5b218ddf3aa6a7d4e21966e0 (diff)
parent16704d57999d987fb8d9ba53379841a79f016d67 (diff)
Merge 4.2p1 to the trunk.
Diffstat (limited to 'ChangeLog')
-rw-r--r--ChangeLog531
1 files changed, 512 insertions, 19 deletions
diff --git a/ChangeLog b/ChangeLog
index e73b36e6d..5d7e7f182 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,514 @@
120050901
2 - (djm) Update RPM spec file versions
3
420050831
5 - (djm) OpenBSD CVS Sync
6 - djm@cvs.openbsd.org 2005/08/30 22:08:05
7 [gss-serv.c sshconnect2.c]
8 destroy credentials if krb5_kuserok() call fails. Stops credentials being
9 delegated to users who are not authorised for GSSAPIAuthentication when
10 GSSAPIDeletegateCredentials=yes and another authentication mechanism
11 succeeds; bz#1073 reported by paul.moore AT centrify.com, fix by
12 simon AT sxw.org.uk, tested todd@ biorn@ jakob@; ok deraadt@
13 - markus@cvs.openbsd.org 2005/08/31 09:28:42
14 [version.h]
15 4.2
16 - (dtucker) [README] Update release note URL to 4.2
17 - (tim) [configure.ac auth.c defines.h session.c openbsd-compat/port-uw.c
18 openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] libiaf cleanup. Disable
19 libiaf bits for OpenServer6. Free memory allocated by ia_get_logpwd().
20 Feedback and OK dtucker@
21
2220050830
23 - (tim) [configure.ac] Back out last change. It needs to be done differently.
24
2520050829
26 - (tim) [configure.ac] ia_openinfo() seems broken on OSR6. Limit UW long
27 password support to 7.x for now.
28
2920050826
30 - (tim) [CREDITS LICENCE auth.c configure.ac defines.h includes.h session.c
31 openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
32 openbsd-compat/xcrypt.c] New files [openssh/openbsd-compat/port-uw.c
33 openssh/openbsd-compat/port-uw.h] Support long passwords (> 8-char)
34 on UnixWare 7 from Dhiraj Gulati and Ahsan Rashid. Cleanup and testing
35 by tim@. Feedback and OK dtucker@
36
3720050823
38 - (dtucker) [regress/test-exec.sh] Do not prepend an extra "/" to a fully-
39 qualified sshd pathname since some systems (eg Cygwin) may consider "/foo"
40 and "//foo" to be different. Spotted by vinschen at redhat.com.
41 - (tim) [configure.ac] Not all gcc's support -Wsign-compare. Enhancements
42 and OK dtucker@
43 - (tim) [defines.h] PATH_MAX bits for OpenServer OK dtucker@
44
4520050821
46 - (dtucker) [configure.ac defines.h includes.h sftp.c] Add support for
47 LynxOS, patch from Olli Savia (ops at iki.fi). ok djm@
48
4920050816
50 - (djm) [ttymodes.c] bugzilla #1025: Fix encoding of _POSIX_VDISABLE,
51 from Jacob Nevins; ok dtucker@
52
5320050815
54 - (tim) [sftp.c] wrap el_end() in #ifdef USE_LIBEDIT
55 - (tim) [configure.ac] corrections to libedit tests. Report and patches
56 by skeleten AT shillest.net
57
5820050812
59 - (djm) OpenBSD CVS Sync
60 - markus@cvs.openbsd.org 2005/07/28 17:36:22
61 [packet.c]
62 missing packet_init_compression(); from solar
63 - djm@cvs.openbsd.org 2005/07/30 01:26:16
64 [ssh.c]
65 fix -D listen_host initialisation, so it picks up gateway_ports setting
66 correctly
67 - djm@cvs.openbsd.org 2005/07/30 02:03:47
68 [readconf.c]
69 listen_hosts initialisation here too; spotted greg AT y2005.nest.cx
70 - dtucker@cvs.openbsd.org 2005/08/06 10:03:12
71 [servconf.c]
72 Unbreak sshd ListenAddress for bare IPv6 addresses.
73 Report from Janusz Mucka; ok djm@
74 - jaredy@cvs.openbsd.org 2005/08/08 13:22:48
75 [sftp.c]
76 sftp prompt enhancements:
77 - in non-interactive mode, do not print an empty prompt at the end
78 before finishing
79 - print newline after EOF in editline mode
80 - call el_end() in editline mode
81 ok dtucker djm
82
8320050810
84 - (dtucker) [configure.ac] Test libedit library and headers for compatibility.
85 Report from skeleten AT shillest.net, ok djm@
86 - (dtucker) [LICENCE configure.ac defines.h openbsd-compat/realpath.c]
87 Sync current (thread-safe) version of realpath.c from OpenBSD (which is
88 in turn based on FreeBSD's). ok djm@
89
9020050809
91 - (tim) [configure.ac] Allow --with-audit=no. OK dtucker@
92 Report by skeleten AT shillest.net
93
9420050803
95 - (dtucker) [openbsd-compat/fake-rfc2553.h] Check for EAI_* defines
96 individually and use a value less likely to collide with real values from
97 netdb.h. Fixes compile warnings on FreeBSD 5.3. ok djm@
98 - (dtucker) [openbsd-compat/fake-rfc2553.h] MAX_INT -> INT_MAX since the
99 latter is specified in the standard.
100
10120050802
102 - (dtucker) OpenBSD CVS Sync
103 - dtucker@cvs.openbsd.org 2005/07/27 10:39:03
104 [scp.c hostfile.c sftp-client.c]
105 Silence bogus -Wuninitialized warnings; ok djm@
106 - (dtucker) [configure.ac] Enable -Wuninitialized by default when compiling
107 with gcc. ok djm@
108 - (dtucker) [configure.ac] Add a --with-Werror option to configure for
109 adding -Werror to CFLAGS when all of the configure tests are done. ok djm@
110
11120050726
112 - (dtucker) [configure.ac] Update zlib warning message too, pointed out by
113 tim@.
114 - (djm) OpenBSD CVS Sync
115 - otto@cvs.openbsd.org 2005/07/19 15:32:26
116 [auth-passwd.c]
117 auth_usercheck(3) can return NULL, so check for that. Report from
118 mpech@. ok markus@
119 - markus@cvs.openbsd.org 2005/07/25 11:59:40
120 [kex.c kex.h myproposal.h packet.c packet.h servconf.c session.c]
121 [sshconnect2.c sshd.c sshd_config sshd_config.5]
122 add a new compression method that delays compression until the user
123 has been authenticated successfully and set compression to 'delayed'
124 for sshd.
125 this breaks older openssh clients (< 3.5) if they insist on
126 compression, so you have to re-enable compression in sshd_config.
127 ok djm@
128
12920050725
130 - (dtucker) [configure.ac] Update zlib version check for CAN-2005-2096.
131
13220050717
133- OpenBSD CVS Sync
134 - djm@cvs.openbsd.org 2005/07/16 01:35:24
135 [auth1.c channels.c cipher.c clientloop.c kex.c session.c ssh.c]
136 [sshconnect.c]
137 spacing
138 - (djm) [acss.c auth-pam.c auth-shadow.c auth-skey.c auth1.c canohost.c]
139 [cipher-acss.c loginrec.c ssh-rand-helper.c sshd.c] Fix whitespace at EOL
140 in portable too ("perl -p -i -e 's/\s+$/\n/' *.[ch]")
141 - (djm) [auth-pam.c sftp.c] spaces vs. tabs at start of line
142 - djm@cvs.openbsd.org 2005/07/17 06:49:04
143 [channels.c channels.h session.c session.h]
144 Fix a number of X11 forwarding channel leaks:
145 1. Refuse multiple X11 forwarding requests on the same session
146 2. Clean up all listeners after a single_connection X11 forward, not just
147 the one that made the single connection
148 3. Destroy X11 listeners when the session owning them goes away
149 testing and ok dtucker@
150 - djm@cvs.openbsd.org 2005/07/17 07:17:55
151 [auth-rh-rsa.c auth-rhosts.c auth2-chall.c auth2-gss.c channels.c]
152 [cipher-ctr.c gss-genr.c gss-serv.c kex.c moduli.c readconf.c]
153 [serverloop.c session.c sftp-client.c sftp.c ssh-add.c ssh-keygen.c]
154 [sshconnect.c sshconnect2.c]
155 knf says that a 2nd level indent is four (not three or five) spaces
156 -(djm) [audit.c auth1.c auth2.c entropy.c loginrec.c serverloop.c]
157 [ssh-rand-helper.c] fix portable 2nd level indents at 4 spaces too
158 - (djm) [monitor.c monitor_wrap.c] -Wsign-compare for PAM monitor calls
159
16020050716
161 - (dtucker) [auth-pam.c] Ensure that only one side of the authentication
162 socketpair stays open on in both the monitor and PAM process. Patch from
163 Joerg Sonnenberger.
164
16520050714
166 - (dtucker) OpenBSD CVS Sync
167 - dtucker@cvs.openbsd.org 2005/07/06 09:33:05
168 [ssh.1]
169 clarify meaning of ssh -b ; with & ok jmc@
170 - dtucker@cvs.openbsd.org 2005/07/08 09:26:18
171 [misc.c]
172 Make comment match code; ok djm@
173 - markus@cvs.openbsd.org 2005/07/08 09:41:33
174 [channels.h]
175 race when efd gets closed while there is still buffered data:
176 change CHANNEL_EFD_OUTPUT_ACTIVE()
177 1) c->efd must always be valid AND
178 2a) no EOF has been seen OR
179 2b) there is buffered data
180 report, initial fix and testing Chuck Cranor
181 - dtucker@cvs.openbsd.org 2005/07/08 10:20:41
182 [ssh_config.5]
183 change BindAddress to match recent ssh -b change; prompted by markus@
184 - jmc@cvs.openbsd.org 2005/07/08 12:53:10
185 [ssh_config.5]
186 new sentence, new line;
187 - dtucker@cvs.openbsd.org 2005/07/14 04:00:43
188 [misc.h]
189 use __sentinel__ attribute; ok deraadt@ djm@ markus@
190 - (dtucker) [configure.ac defines.h] Define __sentinel__ to nothing if the
191 compiler doesn't understand it to prevent warnings. If any mainstream
192 compiler versions acquire it we can test for those versions. Based on
193 discussion with djm@.
194
19520050707
196 - dtucker [auth-krb5.c auth.h gss-serv-krb5.c] Move KRB5CCNAME generation for
197 the MIT Kerberos code path into a common function and expand mkstemp
198 template to be consistent with the rest of OpenSSH. From sxw at
199 inf.ed.ac.uk, ok djm@
200 - (dtucker) [auth-krb5.c] There's no guarantee that snprintf will set errno
201 in the case where the buffer is insufficient, so always return ENOMEM.
202 Also pointed out by sxw at inf.ed.ac.uk.
203 - (dtucker) [acconfig.h auth-krb5.c configure.ac gss-serv-krb5.c] Remove
204 calls to krb5_init_ets, which has not been required since krb-1.1.x and
205 most Kerberos versions no longer export in their public API. From sxw
206 at inf.ed.ac.uk, ok djm@
207
20820050706
209 - (djm) OpenBSD CVS Sync
210 - markus@cvs.openbsd.org 2005/07/01 13:19:47
211 [channels.c]
212 don't free() if getaddrinfo() fails; report mpech@
213 - djm@cvs.openbsd.org 2005/07/04 00:58:43
214 [channels.c clientloop.c clientloop.h misc.c misc.h ssh.c ssh_config.5]
215 implement support for X11 and agent forwarding over multiplex slave
216 connections. Because of protocol limitations, the slave connections inherit
217 the master's DISPLAY and SSH_AUTH_SOCK rather than distinctly forwarding
218 their own.
219 ok dtucker@ "put it in" deraadt@
220 - jmc@cvs.openbsd.org 2005/07/04 11:29:51
221 [ssh_config.5]
222 fix Xr and a little grammar;
223 - markus@cvs.openbsd.org 2005/07/04 14:04:11
224 [channels.c]
225 don't forget to set x11_saved_display
226
22720050626
228 - (djm) OpenBSD CVS Sync
229 - djm@cvs.openbsd.org 2005/06/17 22:53:47
230 [ssh.c sshconnect.c]
231 Fix ControlPath's %p expanding to "0" for a default port,
232 spotted dwmw2 AT infradead.org; ok markus@
233 - djm@cvs.openbsd.org 2005/06/18 04:30:36
234 [ssh.c ssh_config.5]
235 allow ControlPath=none, patch from dwmw2 AT infradead.org; ok dtucker@
236 - djm@cvs.openbsd.org 2005/06/25 22:47:49
237 [ssh.c]
238 do the default port filling code a few lines earlier, so it really
239 does fix %p
240
24120050618
242 - (djm) OpenBSD CVS Sync
243 - djm@cvs.openbsd.org 2005/05/20 12:57:01;
244 [auth1.c] split protocol 1 auth methods into separate functions, makes
245 authloop much more readable; fixes and ok markus@ (portable ok &
246 polish dtucker@)
247 - djm@cvs.openbsd.org 2005/06/17 02:44:33
248 [auth1.c] make this -Wsign-compare clean; ok avsm@ markus@
249 - (djm) [loginrec.c ssh-rand-helper.c] Fix -Wsign-compare for portable,
250 tested and fixes tim@
251
25220050617
253 - (djm) OpenBSD CVS Sync
254 - djm@cvs.openbsd.org 2005/06/16 03:38:36
255 [channels.c channels.h clientloop.c clientloop.h ssh.c]
256 move x11_get_proto from ssh.c to clientloop.c, to make muliplexed xfwd
257 easier later; ok deraadt@
258 - markus@cvs.openbsd.org 2005/06/16 08:00:00
259 [canohost.c channels.c sshd.c]
260 don't exit if getpeername fails for forwarded ports; bugzilla #1054;
261 ok djm
262 - djm@cvs.openbsd.org 2005/06/17 02:44:33
263 [auth-rsa.c auth.c auth1.c auth2-chall.c auth2-gss.c authfd.c authfile.c]
264 [bufaux.c canohost.c channels.c cipher.c clientloop.c dns.c gss-serv.c]
265 [kex.c kex.h key.c mac.c match.c misc.c packet.c packet.h scp.c]
266 [servconf.c session.c session.h sftp-client.c sftp-server.c sftp.c]
267 [ssh-keyscan.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c sshd.c]
268 make this -Wsign-compare clean; ok avsm@ markus@
269 NB. auth1.c changes not committed yet (conflicts with uncommitted sync)
270 NB2. more work may be needed to make portable Wsign-compare clean
271 - (dtucker) [cipher.c openbsd-compat/openbsd-compat.h
272 openbsd-compat/openssl-compat.c] only include openssl compat stuff where
273 it's needed as it can cause conflicts elsewhere (eg xcrypt.c). Found by
274 and ok tim@
275
27620050616
277 - (djm) OpenBSD CVS Sync
278 - jaredy@cvs.openbsd.org 2005/06/07 13:25:23
279 [progressmeter.c]
280 catch SIGWINCH and resize progress meter accordingly; ok markus dtucker
281 - djm@cvs.openbsd.org 2005/06/06 11:20:36
282 [auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
283 introduce a generic %foo expansion function. replace existing % expansion
284 and add expansion to ControlPath; ok markus@
285 - djm@cvs.openbsd.org 2005/06/08 03:50:00
286 [ssh-keygen.1 ssh-keygen.c sshd.8]
287 increase default rsa/dsa key length from 1024 to 2048 bits;
288 ok markus@ deraadt@
289 - djm@cvs.openbsd.org 2005/06/08 11:25:09
290 [clientloop.c readconf.c readconf.h ssh.c ssh_config.5]
291 add ControlMaster=auto/autoask options to support opportunistic
292 multiplexing; tested avsm@ and jakob@, ok markus@
293 - dtucker@cvs.openbsd.org 2005/06/09 13:43:49
294 [cipher.c]
295 Correctly initialize end of array sentinel; ok djm@
296 (Id sync only, change already in portable)
297
29820050609
299 - (dtucker) [cipher.c openbsd-compat/Makefile.in
300 openbsd-compat/openbsd-compat.h openbsd-compat/openssl-compat.{c,h}]
301 Move compatibility code for supporting older OpenSSL versions to the
302 compat layer. Suggested by and "no objection" djm@
303
30420050607
305 - (dtucker) [configure.ac] Continue the hunt for LLONG_MIN and LLONG_MAX:
306 in today's episode we attempt to coax it from limits.h where it may be
307 hiding, failing that we take the DIY approach. Tested by tim@
308
30920050603
310 - (dtucker) [configure.ac] Only try gcc -std=gnu99 if LLONG_MAX isn't
311 defined, and check that it helps before keeping it in CFLAGS. Some old
312 gcc's don't set an error code when encountering an unknown value in -std.
313 Found and tested by tim@.
314 - (dtucker) [configure.ac] Point configure's reporting address at the
315 openssh-unix-dev list. ok tim@ djm@
316
31720050602
318 - (tim) [configure.ac] Some platforms need sys/types.h for arpa/nameser.h.
319 Take AC_CHECK_HEADERS test out of ultrix section. It caused other platforms
320 to skip builtin standard includes tests. (first AC_CHECK_HEADERS test
321 must be run on all platforms) Add missing ;; to case statement. OK dtucker@
322
32320050601
324 - (dtucker) [configure.ac] Look for _getshort and _getlong in
325 arpa/nameser.h.
326 - (dtucker) [configure.ac openbsd-compat/Makefile.in openbsd-compat/strtoll.c]
327 Add strtoll to the compat library, from OpenBSD.
328 - (dtucker) OpenBSD CVS Sync
329 - avsm@cvs.openbsd.org 2005/05/26 02:08:05
330 [scp.c]
331 If copying multiple files to a target file (which normally fails, as it
332 must be a target directory), kill the spawned ssh child before exiting.
333 This stops it trying to authenticate and spewing lots of output.
334 deraadt@ ok
335 - dtucker@cvs.openbsd.org 2005/05/26 09:08:12
336 [ssh-keygen.c]
337 uint32_t -> u_int32_t for consistency; ok djm@
338 - djm@cvs.openbsd.org 2005/05/27 08:30:37
339 [ssh.c]
340 fix -O for cases where no ControlPath has been specified or socket at
341 ControlPath is not contactable; spotted by and ok avsm@
342 - (tim) [config.guess config.sub] Update to '2005-05-27' version.
343 - (tim) [configure.ac] set TEST_SHELL for OpenServer 6
344
34520050531
346 - (dtucker) [contrib/aix/pam.conf] Correct comments. From davidl at
347 vintela.com.
348 - (dtucker) [mdoc2man.awk] Teach it to understand .Ox.
349
35020050530
351 - (dtucker) [README] Link to new release notes. Beter late than never...
352
35320050529
354 - (dtucker) [openbsd-compat/port-aix.c] Bug #1046: AIX 5.3 expects the
355 argument to passwdexpired to be initialized to NULL. Suggested by tim@
356 While at it, initialize the other arguments to auth functions in case they
357 ever acquire this behaviour.
358 - (dtucker) [openbsd-compat/port-aix.c] Whitespace cleanups while there.
359 - (dtucker) [openbsd-compat/port-aix.c] Minor correction to debug message,
360 spotted by tim@.
361
36220050528
363 - (dtucker) [configure.ac] For AC_CHECK_HEADERS() and AC_CHECK_FUNCS() have
364 one entry per line to make it easier to merge changes. ok djm@
365 - (dtucker) [configure.ac] strsep() may be defined in string.h, so check
366 for its presence and include it in the strsep check.
367 - (dtucker) [configure.ac] getpgrp may be defined in unistd.h, so check for
368 its presence before doing AC_FUNC_GETPGRP.
369 - (dtucker) [configure.ac] Merge HP-UX blocks into a common block with minor
370 version-specific variations as required.
371 - (dtucker) [openbsd-compat/port-aix.h] Use the HAVE_DECL_* definitions as
372 per the autoconf man page. Configure should always define them but it
373 doesn't hurt to check.
374
37520050527
376 - (djm) [defines.h] Use our realpath if we have to define PATH_MAX, spotted by
377 David Leach; ok dtucker@
378 - (dtucker) [acconfig.h configure.ac defines.h includes.h sshpty.c
379 openbsd-compat/bsd-misc.c] Add support for Ultrix. No, that's not a typo.
380 Required changes from Bernhard Simon, integrated by me. ok djm@
381
38220050525
383 - (djm) [mpaux.c mpaux.h Makefile.in] Remove old mpaux.[ch] code, it has not
384 been used for a while
385 - (djm) OpenBSD CVS Sync
386 - otto@cvs.openbsd.org 2005/04/05 13:45:31
387 [ssh-keygen.c]
388 - djm@cvs.openbsd.org 2005/04/06 09:43:59
389 [sshd.c]
390 avoid harmless logspam by not performing setsockopt() on non-socket;
391 ok markus@
392 - dtucker@cvs.openbsd.org 2005/04/06 12:26:06
393 [ssh.c]
394 Fix debug call for port forwards; patch from pete at seebeyond.com,
395 ok djm@ (ID sync only - change already in portable)
396 - djm@cvs.openbsd.org 2005/04/09 04:32:54
397 [misc.c misc.h tildexpand.c Makefile.in]
398 replace tilde_expand_filename with a simpler implementation, ahead of
399 more whacking; ok deraadt@
400 - jmc@cvs.openbsd.org 2005/04/14 12:30:30
401 [ssh.1]
402 arg to -b is an address, not if_name;
403 ok markus@
404 - jakob@cvs.openbsd.org 2005/04/20 10:05:45
405 [dns.c]
406 do not try to look up SSHFP for numerical hostname. ok djm@
407 - djm@cvs.openbsd.org 2005/04/21 06:17:50
408 [ssh-add.1 ssh-agent.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8]
409 [sshd_config.5] OpenSSH doesn't ever look at the $HOME environment
410 variable, so don't say that we do (bz #623); ok deraadt@
411 - djm@cvs.openbsd.org 2005/04/21 11:47:19
412 [ssh.c]
413 don't allocate a pty when -n flag (/dev/null stdin) is set, patch from
414 ignasi.roca AT fujitsu-siemens.com (bz #829); ok dtucker@
415 - dtucker@cvs.openbsd.org 2005/04/23 23:43:47
416 [readpass.c]
417 Add debug message if read_passphrase can't open /dev/tty; bz #471;
418 ok djm@
419 - jmc@cvs.openbsd.org 2005/04/26 12:59:02
420 [sftp-client.h]
421 spelling correction in comment from wiz@netbsd;
422 - jakob@cvs.openbsd.org 2005/04/26 13:08:37
423 [ssh.c ssh_config.5]
424 fallback gracefully if client cannot connect to ControlPath. ok djm@
425 - moritz@cvs.openbsd.org 2005/04/28 10:17:56
426 [progressmeter.c ssh-keyscan.c]
427 add snprintf checks. ok djm@ markus@
428 - markus@cvs.openbsd.org 2005/05/02 21:13:22
429 [readpass.c]
430 missing {}
431 - djm@cvs.openbsd.org 2005/05/10 10:28:11
432 [ssh.c]
433 print nice error message for EADDRINUSE as well (ID sync only)
434 - djm@cvs.openbsd.org 2005/05/10 10:30:43
435 [ssh.c]
436 report real errors on fallback from ControlMaster=no to normal connect
437 - markus@cvs.openbsd.org 2005/05/16 15:30:51
438 [readconf.c servconf.c]
439 check return value from strdelim() for NULL (AddressFamily); mpech
440 - djm@cvs.openbsd.org 2005/05/19 02:39:55
441 [sshd_config.5]
442 sort config options, from grunk AT pestilenz.org; ok jmc@
443 - djm@cvs.openbsd.org 2005/05/19 02:40:52
444 [sshd_config]
445 whitespace nit, from grunk AT pestilenz.org
446 - djm@cvs.openbsd.org 2005/05/19 02:42:26
447 [includes.h]
448 fix cast, from grunk AT pestilenz.org
449 - djm@cvs.openbsd.org 2005/05/20 10:50:55
450 [ssh_config.5]
451 give a ProxyCommand example using nc(1), with and ok jmc@
452 - jmc@cvs.openbsd.org 2005/05/20 11:23:32
453 [ssh_config.5]
454 oops - article and spacing;
455 - avsm@cvs.openbsd.org 2005/05/23 22:44:01
456 [moduli.c ssh-keygen.c]
457 - removes signed/unsigned comparisons in moduli generation
458 - use strtonum instead of atoi where its easier
459 - check some strlcpy overflow and fatal instead of truncate
460 - djm@cvs.openbsd.org 2005/05/23 23:32:46
461 [cipher.c myproposal.h ssh.1 ssh_config.5 sshd_config.5]
462 add support for draft-harris-ssh-arcfour-fixes-02 improved arcfour modes;
463 ok markus@
464 - avsm@cvs.openbsd.org 2005/05/24 02:05:09
465 [ssh-keygen.c]
466 some style nits from dmiller@, and use a fatal() instead of a printf()/exit
467 - avsm@cvs.openbsd.org 2005/05/24 17:32:44
468 [atomicio.c atomicio.h authfd.c monitor_wrap.c msg.c scp.c sftp-client.c]
469 [ssh-keyscan.c sshconnect.c]
470 Switch atomicio to use a simpler interface; it now returns a size_t
471 (containing number of bytes read/written), and indicates error by
472 returning 0. EOF is signalled by errno==EPIPE.
473 Typical use now becomes:
474
475 if (atomicio(read, ..., len) != len)
476 err(1,"read");
477
478 ok deraadt@, cloder@, djm@
479 - (dtucker) [regress/reexec.sh] Add ${EXEEXT} so this test also works on
480 Cygwin.
481 - (dtucker) [auth-pam.c] Bug #1033: Fix warnings building with PAM on Linux:
482 warning: dereferencing type-punned pointer will break strict-aliasing rules
483 warning: passing arg 3 of `pam_get_item' from incompatible pointer type
484 The type-punned pointer fix is based on a patch from SuSE's rpm. ok djm@
485 - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1033: Provide
486 templates for _getshort and _getlong if missing to prevent compiler warnings
487 on Linux.
488 - (djm) [configure.ac openbsd-compat/Makefile.in]
489 [openbsd-compat/openbsd-compat.h openbsd-compat/strtonum.c]
490 Add strtonum(3) from OpenBSD libc, new code needs it.
491 Unfortunately Linux forces us to do a bizarre dance with compiler
492 options to get LLONG_MIN/MAX; Spotted by and ok dtucker@
493
49420050524
495 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
496 [contrib/suse/openssh.spec] Update spec file versions to 4.1p1
497 - (dtucker) [auth-pam.c] Since people don't seem to be getting the message
498 that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
499 idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
500 USE_POSIX_THREADS will now generate an error so we don't silently change
501 behaviour. ok djm@
502 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory
503 allocation when retrieving core Windows environment. Add CYGWIN variable
504 to propagated variables. Patch from vinschen at redhat.com, ok djm@
505 - Release 4.1p1
506
50720050524
508 - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure
509 terminal modes are reset correctly. Fix from peak AT argo.troja.mff.cuni.cz;
510 "looks ok" dtucker@
511
120050510 51220050510
2 - (srivasta) [selinux.c] if selinux is enabled, then provide funtions to 513 - (srivasta) [selinux.c] if selinux is enabled, then provide funtions to
3 initialize the pty and execution context for ssh. 514 initialize the pty and execution context for ssh.
@@ -22,24 +533,6 @@
22 - (srivasta) [auth.h] Added a role member in struct Authctxt 533 - (srivasta) [auth.h] Added a role member in struct Authctxt
23 - (srivasta) [Makefile.in (SSHDOBJS)] Add selinux.o 534 - (srivasta) [Makefile.in (SSHDOBJS)] Add selinux.o
24 535
2520050524
26 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
27 [contrib/suse/openssh.spec] Update spec file versions to 4.1p1
28 - (dtucker) [auth-pam.c] Since people don't seem to be getting the message
29 that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
30 idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
31 USE_POSIX_THREADS will now generate an error so we don't silently change
32 behaviour. ok djm@
33 - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Ensure sufficient memory
34 allocation when retrieving core Windows environment. Add CYGWIN variable
35 to propagated variables. Patch from vinschen at redhat.com, ok djm@
36 - (djm) Release 4.1p1
37
3820050524
39 - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure
40 terminal modes are reset correctly. Fix from peak AT argo.troja.mff.cuni.cz;
41 "looks ok" dtucker@
42
4320050512 53620050512
44 - (tim) [buildpkg.sh.in] missing ${PKG_INSTALL_ROOT} in init script 537 - (tim) [buildpkg.sh.in] missing ${PKG_INSTALL_ROOT} in init script
45 hard link section. Bug 1038. 538 hard link section. Bug 1038.
@@ -2520,4 +3013,4 @@
2520 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 3013 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
2521 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 3014 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2522 3015
2523$Id: ChangeLog,v 1.3758.2.2 2005/05/25 12:24:56 djm Exp $ 3016$Id: ChangeLog,v 1.3887 2005/09/01 09:10:48 djm Exp $