merge 5.7p1

1 files changed, 685 insertions, 2743 deletions

diff --git a/ChangeLog b/ChangeLog
index e3ac6a925..0356a33c5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,688 @@
+20110122
+ - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add
+   RSA_get_default_method() for the benefit of openssl versions that don't
+   have it (at least openssl-engine-0.9.6b).  Found and tested by Kevin Brott,
+   ok djm@.
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2011/01/22 09:18:53
+     [version.h]
+     crank to OpenSSH-5.7
+ - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
+   [contrib/suse/openssh.spec] update versions in docs and spec files.
+ - (djm) Release 5.7p1
+
+20110119
+ - (tim) [contrib/caldera/openssh.spec] Use CFLAGS from Makefile instead
+   of RPM so build completes. Signatures were changed to .asc since 4.1p1.
+ - (djm) [configure.ac] Disable ECC on OpenSSL <0.9.8g. Releases prior to
+   0.9.8 lacked it, and 0.9.8a through 0.9.8d have proven buggy in pre-
+   release testing (random crashes and failure to load ECC keys).
+   ok dtucker@
+
+20110117
+ - (djm) [regress/Makefile] use $TEST_SSH_KEYGEN instead of the one in
+   $PATH, fix cleanup of droppings; reported by openssh AT
+   roumenpetrov.info; ok dtucker@
+ - (djm) [regress/agent-ptrace.sh] Fix false failure on OS X by adding
+   its unique snowflake of a gdb error to the ones we look for.
+ - (djm) [regress/agent-getpeereid.sh] leave stdout attached when running
+   ssh-add to avoid $SUDO failures on Linux
+ - (dtucker) [openbsd-compat/port-linux.c] Bug #1838: Add support for the new
+   Linux OOM-killer magic values that changed in 2.6.36 kernels, with fallback
+   to the old values.  Feedback from vapier at gentoo org and djm, ok djm.
+ - (djm) [configure.ac regress/agent-getpeereid.sh regress/multiplex.sh]
+   [regress/sftp-glob.sh regress/test-exec.sh] Rework how feature tests are
+   disabled on platforms that do not support them; add a "config_defined()"
+   shell function that greps for defines in config.h and use them to decide
+   on feature tests.
+   Convert a couple of existing grep's over config.h to use the new function
+   Add a define "FILESYSTEM_NO_BACKSLASH" for filesystem that can't represent
+   backslash characters in filenames, enable it for Cygwin and use it to turn
+   of tests for quotes backslashes in sftp-glob.sh.
+   based on discussion with vinschen AT redhat.com and dtucker@; ok dtucker@
+ - (tim) [regress/agent-getpeereid.sh] shell portability fix.
+ - (dtucker) [openbsd-compat/port-linux.c] Fix minor bug caught by -Werror on
+   the tinderbox.
+ - (dtucker) [LICENCE Makefile.in audit-bsm.c audit-linux.c audit.c audit.h
+   configure.ac defines.h loginrec.c]  Bug #1402: add linux audit subsystem
+   support, based on patches from Tomas Mraz and jchadima at redhat.
+
+20110116
+ - (dtucker) [Makefile.in configure.ac regress/kextype.sh] Skip sha256-based
+   on configurations that don't have it.
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2011/01/16 11:50:05
+     [clientloop.c]
+     Use atomicio when flushing protocol 1 std{out,err} buffers at
+     session close. This was a latent bug exposed by setting a SIGCHLD
+     handler and spotted by kevin.brott AT gmail.com; ok dtucker@
+   - djm@cvs.openbsd.org 2011/01/16 11:50:36
+     [sshconnect.c]
+     reset the SIGPIPE handler when forking to execute child processes;
+     ok dtucker@
+   - djm@cvs.openbsd.org 2011/01/16 12:05:59
+     [clientloop.c]
+     a couple more tweaks to the post-close protocol 1 stderr/stdout flush:
+     now that we use atomicio(), convert them from while loops to if statements
+     add test and cast to compile cleanly with -Wsigned
+
+20110114
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2011/01/13 21:54:53
+     [mux.c]
+     correct error messages; patch from bert.wesarg AT googlemail.com
+   - djm@cvs.openbsd.org 2011/01/13 21:55:25
+     [PROTOCOL.mux]
+     correct protocol names and add a couple of missing protocol number
+     defines; patch from bert.wesarg AT googlemail.com
+ - (djm) [Makefile.in] Use shell test to disable ecdsa key generating in
+   host-key-force target rather than a substitution that is replaced with a
+   comment so that the Makefile.in is still a syntactically valid Makefile
+   (useful to run the distprep target)
+ - (tim) [regress/cert-hostkey.sh] Typo. Missing $ on variable name.
+ - (tim) [regress/cert-hostkey.sh] Add missing TEST_SSH_ECC guard around some
+   ecdsa bits.
+
+20110113
+ - (djm) [misc.c] include time.h for nanosleep() prototype
+ - (tim) [Makefile.in] test the ECC bits if we have the capability. ok djm
+ - (tim) [Makefile.in configure.ac opensshd.init.in] Add support for generating
+   ecdsa keys. ok djm.
+ - (djm) [entropy.c] cast OPENSSL_VERSION_NUMBER to u_long to avoid
+   gcc warning on platforms where it defaults to int
+ - (djm) [regress/Makefile] add a few more generated files to the clean
+   target
+ - (djm) [myproposal.h] Fix reversed OPENSSL_VERSION_NUMBER test and bad
+   #define that was causing diffie-hellman-group-exchange-sha256 to be
+   incorrectly disabled
+ - (djm) [regress/kextype.sh] Testing diffie-hellman-group-exchange-sha256
+   should not depend on ECC support
+
+20110112
+ - OpenBSD CVS Sync
+   - nicm@cvs.openbsd.org 2010/10/08 21:48:42
+     [openbsd-compat/glob.c]
+     Extend GLOB_LIMIT to cover readdir and stat and bump the malloc limit
+     from ARG_MAX to 64K.
+     Fixes glob-using programs (notably ftp) able to be triggered to hit
+     resource limits.
+     Idea from a similar NetBSD change, original problem reported by jasper@.
+     ok millert tedu jasper
+   - djm@cvs.openbsd.org 2011/01/12 01:53:14
+     avoid some integer overflows mostly with GLOB_APPEND and GLOB_DOOFFS
+     and sanity check arguments (these will be unnecessary when we switch
+     struct glob members from being type into to size_t in the future);
+     "looks ok" tedu@ feedback guenther@
+ - (djm) [configure.ac] Turn on -Wno-unused-result for gcc >= 4.4 to avoid
+   silly warnings on write() calls we don't care succeed or not.
+ - (djm) [configure.ac] Fix broken test for gcc >= 4.4 with per-compiler
+   flag tests that don't depend on gcc version at all; suggested by and
+   ok dtucker@
+
+20110111
+ - (tim) [regress/host-expand.sh] Fix for building outside of read only
+   source tree.
+ - (djm) [platform.c] Some missing includes that show up under -Werror
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2011/01/08 10:51:51
+     [clientloop.c]
+     use host and not options.hostname, as the latter may have unescaped
+     substitution characters
+   - djm@cvs.openbsd.org 2011/01/11 06:06:09
+     [sshlogin.c]
+     fd leak on error paths; from zinovik@
+     NB. Id sync only; we use loginrec.c that was also audited and fixed
+     recently
+   - djm@cvs.openbsd.org 2011/01/11 06:13:10
+     [clientloop.c ssh-keygen.c sshd.c]
+     some unsigned long long casts that make things a bit easier for
+     portable without resorting to dropping PRIu64 formats everywhere
+
+20110109
+ - (djm) [Makefile.in] list ssh_host_ecdsa key in PATHSUBS; spotted by
+   openssh AT roumenpetrov.info
+
+20110108
+ - (djm) [regress/keytype.sh] s/echo -n/echon/ to repair failing regress
+   test on OSX and others. Reported by imorgan AT nas.nasa.gov
+
+20110107
+ - (djm) [regress/cert-hostkey.sh regress/cert-userkey.sh] fix shell test
+   for no-ECC case. Patch from cristian.ionescu-idbohrn AT axis.com
+   - djm@cvs.openbsd.org 2011/01/06 22:23:53
+     [ssh.c]
+     unbreak %n expansion in LocalCommand; patch from bert.wesarg AT
+     googlemail.com; ok markus@
+   - djm@cvs.openbsd.org 2011/01/06 22:23:02
+     [clientloop.c]
+     when exiting due to ServerAliveTimeout, mention the hostname that caused
+     it (useful with backgrounded controlmaster)
+   - djm@cvs.openbsd.org 2011/01/06 22:46:21
+     [regress/Makefile regress/host-expand.sh]
+     regress test for LocalCommand %n expansion from bert.wesarg AT
+     googlemail.com; ok markus@
+   - djm@cvs.openbsd.org 2011/01/06 23:01:35
+     [sshconnect.c]
+     reset SIGCHLD handler to SIG_DFL when execuring LocalCommand;
+     ok markus@
+
+20110106
+ - (djm) OpenBSD CVS Sync
+   - markus@cvs.openbsd.org 2010/12/08 22:46:03
+     [scp.1 scp.c]
+     add a new -3 option to scp: Copies between two remote hosts are
+     transferred through the local host.  Without this option the data
+     is copied directly between the two remote hosts. ok djm@ (bugzilla #1837)
+   - jmc@cvs.openbsd.org 2010/12/09 14:13:33
+     [scp.1 scp.c]
+     scp.1: grammer fix
+     scp.c: add -3 to usage()
+   - markus@cvs.openbsd.org 2010/12/14 11:59:06
+     [sshconnect.c]
+     don't mention key type in key-changed-warning, since we also print
+     this warning if a new key type appears. ok djm@
+   - djm@cvs.openbsd.org 2010/12/15 00:49:27
+     [readpass.c]
+     fix ControlMaster=ask regression
+     reset SIGCHLD handler before fork (and restore it after) so we don't miss
+     the the askpass child's exit status. Correct test for exit status/signal to
+     account for waitpid() failure; with claudio@ ok claudio@ markus@
+   - djm@cvs.openbsd.org 2010/12/24 21:41:48
+     [auth-options.c]
+     don't send the actual forced command in a debug message; ok markus deraadt
+   - otto@cvs.openbsd.org 2011/01/04 20:44:13
+     [ssh-keyscan.c]
+     handle ecdsa-sha2 with various key lengths; hint and ok djm@
+
+20110104
+ - (djm) [configure.ac Makefile.in] Use mandoc as preferred manpage
+   formatter if it is present, followed by nroff and groff respectively.
+   Fixes distprep target on OpenBSD (which has bumped groff/nroff to ports
+   in favour of mandoc). feedback and ok tim
+
+20110103
+ - (djm) [Makefile.in] revert local hack I didn't intend to commit
+
+20110102
+ - (djm) [loginrec.c] Fix some fd leaks on error paths. ok dtucker
+ - (djm) [configure.ac] Check whether libdes is needed when building
+   with Heimdal krb5 support. On OpenBSD this library no longer exists,
+   so linking it unconditionally causes a build failure; ok dtucker
+
+20101226
+ - (dtucker) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2010/12/08 04:02:47
+     [ssh_config.5 sshd_config.5]
+     explain that IPQoS arguments are separated by whitespace; iirc requested
+     by jmc@ a while back
+
+20101205
+ - (dtucker) openbsd-compat/openssl-compat.c] remove sleep leftover from
+   debugging.  Spotted by djm.
+ - (dtucker) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2010/12/03 23:49:26
+     [schnorr.c]
+     check that g^x^q === 1 mod p; recommended by JPAKE author Feng Hao
+     (this code is still disabled, but apprently people are treating it as
+     a reference implementation)
+   - djm@cvs.openbsd.org 2010/12/03 23:55:27
+     [auth-rsa.c]
+     move check for revoked keys to run earlier (in auth_rsa_key_allowed)
+     bz#1829; patch from ldv AT altlinux.org; ok markus@
+   - djm@cvs.openbsd.org 2010/12/04 00:18:01
+     [sftp-server.c sftp.1 sftp-client.h sftp.c PROTOCOL sftp-client.c]
+     add a protocol extension to support a hard link operation. It is
+     available through the "ln" command in the client. The old "ln"
+     behaviour of creating a symlink is available using its "-s" option
+     or through the preexisting "symlink" command; based on a patch from
+     miklos AT szeredi.hu in bz#1555; ok markus@
+   - djm@cvs.openbsd.org 2010/12/04 13:31:37
+     [hostfile.c]
+     fix fd leak; spotted and ok dtucker
+   - djm@cvs.openbsd.org 2010/12/04 00:21:19
+     [regress/sftp-cmds.sh]
+     adjust for hard-link support
+ - (dtucker) [regress/Makefile] Id sync.
+
+20101204
+ - (djm) [openbsd-compat/bindresvport.c] Use arc4random_uniform(range)
+   instead of (arc4random() % range)
+ - (dtucker) [configure.ac moduli.c openbsd-compat/openssl-compat.{c,h}]  Add
+   shims for the new, non-deprecated OpenSSL key generation functions for
+   platforms that don't have the new interfaces.
+
+20101201
+ - OpenBSD CVS Sync
+   - deraadt@cvs.openbsd.org 2010/11/20 05:12:38
+     [auth2-pubkey.c]
+     clean up cases of ;;
+   - djm@cvs.openbsd.org 2010/11/21 01:01:13
+     [clientloop.c misc.c misc.h ssh-agent.1 ssh-agent.c]
+     honour $TMPDIR for client xauth and ssh-agent temporary directories;
+     feedback and ok markus@
+   - djm@cvs.openbsd.org 2010/11/21 10:57:07
+     [authfile.c]
+     Refactor internals of private key loading and saving to work on memory
+     buffers rather than directly on files. This will make a few things
+     easier to do in the future; ok markus@
+   - djm@cvs.openbsd.org 2010/11/23 02:35:50
+     [auth.c]
+     use strict_modes already passed as function argument over referencing
+     global options.strict_modes
+   - djm@cvs.openbsd.org 2010/11/23 23:57:24
+     [clientloop.c]
+     avoid NULL deref on receiving a channel request on an unknown or invalid
+     channel; report bz#1842 from jchadima AT redhat.com; ok dtucker@
+   - djm@cvs.openbsd.org 2010/11/24 01:24:14
+     [channels.c]
+     remove a debug() that pollutes stderr on client connecting to a server
+     in debug mode (channel_close_fds is called transitively from the session
+     code post-fork); bz#1719, ok dtucker
+   - djm@cvs.openbsd.org 2010/11/25 04:10:09
+     [session.c]
+     replace close() loop for fds 3->64 with closefrom();
+     ok markus deraadt dtucker
+   - djm@cvs.openbsd.org 2010/11/26 05:52:49
+     [scp.c]
+     Pass through ssh command-line flags and options when doing remote-remote
+     transfers, e.g. to enable agent forwarding which is particularly useful
+     in this case; bz#1837 ok dtucker@
+   - markus@cvs.openbsd.org 2010/11/29 18:57:04
+     [authfile.c]
+     correctly load comment for encrypted rsa1 keys;
+     report/fix Joachim Schipper; ok djm@
+   - djm@cvs.openbsd.org 2010/11/29 23:45:51
+     [auth.c hostfile.c hostfile.h ssh.c ssh_config.5 sshconnect.c]
+     [sshconnect.h sshconnect2.c]
+     automatically order the hostkeys requested by the client based on
+     which hostkeys are already recorded in known_hosts. This avoids
+     hostkey warnings when connecting to servers with new ECDSA keys
+     that are preferred by default; with markus@
+
+20101124
+ - (dtucker) [platform.c session.c] Move the getluid call out of session.c and
+   into the platform-specific code  Only affects SCO, tested by and ok tim@.
+ - (djm) [loginrec.c] Relax permission requirement on btmp logs to allow
+   group read/write. ok dtucker@
+ - (dtucker) [packet.c] Remove redundant local declaration of "int tos".
+ - (djm) [defines.h] Add IP DSCP defines
+
+20101122
+ - (dtucker) Bug #1840: fix warning when configuring --with-ssl-engine, patch
+   from vapier at gentoo org.
+
+20101120
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2010/11/05 02:46:47
+     [packet.c]
+     whitespace KNF
+   - djm@cvs.openbsd.org 2010/11/10 01:33:07
+     [kexdhc.c kexdhs.c kexgexc.c kexgexs.c key.c moduli.c]
+     use only libcrypto APIs that are retained with OPENSSL_NO_DEPRECATED.
+     these have been around for years by this time. ok markus
+   - djm@cvs.openbsd.org 2010/11/13 23:27:51
+     [clientloop.c misc.c misc.h packet.c packet.h readconf.c readconf.h]
+     [servconf.c servconf.h session.c ssh.c ssh_config.5 sshd_config.5]
+     allow ssh and sshd to set arbitrary TOS/DSCP/QoS values instead of
+     hardcoding lowdelay/throughput.
+     
+     bz#1733 patch from philipp AT redfish-solutions.com; ok markus@ deraadt@
+   - jmc@cvs.openbsd.org 2010/11/15 07:40:14
+     [ssh_config.5]
+     libary -> library;
+   - jmc@cvs.openbsd.org 2010/11/18 15:01:00
+     [scp.1 sftp.1 ssh.1 sshd_config.5]
+     add IPQoS to the various -o lists, and zap some trailing whitespace;
+
+20101111
+ - (djm) [servconf.c ssh-add.c ssh-keygen.c] don't look for ECDSA keys on
+   platforms that don't support ECC. Fixes some spurious warnings reported
+   by tim@
+
+20101109
+ - (tim) [regress/kextype.sh] Not all platforms have time in /usr/bin.
+   Feedback from dtucker@
+ - (tim) [configure.ac openbsd-compat/bsd-misc.h openbsd-compat/bsd-misc.c] Add
+   support for platforms missing isblank(). ok djm@
+
+20101108
+ - (tim) [regress/Makefile] Fixes to allow building/testing outside source
+   tree.
+ - (tim) [regress/kextype.sh] Shell portability fix.
+
+20101107
+ - (dtucker) [platform.c] includes.h instead of defines.h so that we get
+   the correct typedefs.
+
+20101105
+ - (djm) [loginrec.c loginrec.h] Use correct uid_t/pid_t types instead of
+   int. Should fix bz#1817 cleanly; ok dtucker@
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2010/09/22 12:26:05
+     [regress/Makefile regress/kextype.sh]
+     regress test for each of the key exchange algorithms that we support
+   - djm@cvs.openbsd.org 2010/10/28 11:22:09
+     [authfile.c key.c key.h ssh-keygen.c]
+     fix a possible NULL deref on loading a corrupt ECDH key
+     
+     store ECDH group information in private keys files as "named groups"
+     rather than as a set of explicit group parameters (by setting
+     the OPENSSL_EC_NAMED_CURVE flag). This makes for shorter key files and
+     retrieves the group's OpenSSL NID that we need for various things.
+   - jmc@cvs.openbsd.org 2010/10/28 18:33:28
+     [scp.1 ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5 sshd.8 sshd_config.5]
+     knock out some "-*- nroff -*-" lines;
+   - djm@cvs.openbsd.org 2010/11/04 02:45:34
+     [sftp-server.c]
+     umask should be parsed as octal. reported by candland AT xmission.com;
+     ok markus@
+ - (dtucker) [configure.ac platform.{c,h} session.c
+   openbsd-compat/port-solaris.{c,h}] Bug #1824: Add Solaris Project support.
+   Patch from cory.erickson at csu mnscu edu with a bit of rework from me.
+   ok djm@
+ - (dtucker) [platform.c platform.h session.c] Add a platform hook to run
+   after the user's groups are established and move the selinux calls into it.
+ - (dtucker) [platform.c session.c] Move the AIX setpcred+chroot hack into
+   platform.c
+ - (dtucker) [platform.c session.c] Move the BSDI setpgrp into platform.c.
+ - (dtucker) [platform.c] Only call setpgrp on BSDI if running as root to
+   retain previous behavior.
+ - (dtucker) [platform.c session.c] Move the PAM credential establishment for
+   the LOGIN_CAP case into platform.c.
+ - (dtucker) platform.c session.c] Move the USE_LIBIAF fragment into
+   platform.c
+ - (dtucker) [platform.c session.c] Move aix_usrinfo frament into platform.c.
+ - (dtucker) [platform.c session.c] Move irix setusercontext fragment into
+   platform.c.
+ - (dtucker) [platform.c session.c] Move PAM credential establishment for the
+   non-LOGIN_CAP case into platform.c.
+ - (dtucker) [platform.c platform.h session.c] Move the Cygwin special-case
+   check into platform.c
+ - (dtucker) [regress/keytype.sh] Import new test.
+ - (dtucker) [Makefile configure.ac regress/Makefile regress/keytype.sh]
+   Import recent changes to regress/Makefile, pass a flag to enable ECC tests
+   from configure through to regress/Makefile and use it in the tests.
+ - (dtucker) [regress/kextype.sh] Add missing "test".
+ - (dtucker) [regress/kextype.sh] Make sha256 test depend on ECC.  This is not
+   strictly correct since while ECC requires sha256 the reverse is not true
+   however it does prevent spurious test failures.
+ - (dtucker) [platform.c] Need servconf.h and extern options.
+
+20101025
+ - (tim) [openbsd-compat/glob.h] Remove sys/cdefs.h include that came with
+   1.12 to unbreak Solaris build.
+   ok djm@
+ - (dtucker) [defines.h] Use SIZE_T_MAX for SIZE_MAX for platforms that have a
+   native one.
+
+20101024
+ - (dtucker) [includes.h] Add missing ifdef GLOB_HAS_GL_STATV to fix build.
+ - (dtucker) [regress/cert-hostkey.sh] Disable ECC-based tests on platforms
+   which don't have ECC support in libcrypto.
+ - (dtucker) [regress/cert-userkey.sh] Disable ECC-based tests on platforms
+   which don't have ECC support in libcrypto.
+ - (dtucker) [defines.h] Add SIZE_MAX for the benefit of platforms that don't
+   have it.
+ - (dtucker) OpenBSD CVS Sync
+   - sthen@cvs.openbsd.org 2010/10/23 22:06:12
+     [sftp.c]
+     escape '[' in filename tab-completion; fix a type while there.
+     ok djm@
+
+20101021
+ - OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2010/10/12 02:22:24
+     [mux.c]
+     Typo in confirmation message.  bz#1827, patch from imorgan at
+     nas nasa gov
+   - djm@cvs.openbsd.org 2010/08/31 12:24:09
+     [regress/cert-hostkey.sh regress/cert-userkey.sh]
+     tests for ECDSA certificates
+
+20101011
+ - (djm) [canohost.c] Zero a4 instead of addr to better match type.
+   bz#1825, reported by foo AT mailinator.com
+ - (djm) [sshconnect.c] Need signal.h for prototype for kill(2)
+
+20101011
+ - (djm) [configure.ac] Use = instead of == in shell tests. Patch from
+   dr AT vasco.com
+
+20101007
+ - (djm) [ssh-agent.c] Fix type for curve name.
+ - (djm) OpenBSD CVS Sync
+   - matthew@cvs.openbsd.org 2010/09/24 13:33:00
+     [misc.c misc.h configure.ac openbsd-compat/openbsd-compat.h]
+     [openbsd-compat/timingsafe_bcmp.c]
+     Add timingsafe_bcmp(3) to libc, mention that it's already in the
+     kernel in kern(9), and remove it from OpenSSH.
+     ok deraadt@, djm@
+     NB. re-added under openbsd-compat/ for portable OpenSSH
+   - djm@cvs.openbsd.org 2010/09/25 09:30:16
+     [sftp.c configure.ac openbsd-compat/glob.c openbsd-compat/glob.h]
+     make use of new glob(3) GLOB_KEEPSTAT extension to save extra server
+     rountrips to fetch per-file stat(2) information.
+     NB. update openbsd-compat/ glob(3) implementation from OpenBSD libc to
+     match.
+   - djm@cvs.openbsd.org 2010/09/26 22:26:33
+     [sftp.c]
+     when performing an "ls" in columnated (short) mode, only call
+     ioctl(TIOCGWINSZ) once to get the window width instead of per-
+     filename
+   - djm@cvs.openbsd.org 2010/09/30 11:04:51
+     [servconf.c]
+     prevent free() of string in .rodata when overriding AuthorizedKeys in
+     a Match block; patch from rein AT basefarm.no
+   - djm@cvs.openbsd.org 2010/10/01 23:05:32
+     [cipher-3des1.c cipher-bf1.c cipher-ctr.c openbsd-compat/openssl-compat.h]
+     adapt to API changes in openssl-1.0.0a
+     NB. contains compat code to select correct API for older OpenSSL
+   - djm@cvs.openbsd.org 2010/10/05 05:13:18
+     [sftp.c sshconnect.c]
+     use default shell /bin/sh if $SHELL is ""; ok markus@
+   - djm@cvs.openbsd.org 2010/10/06 06:39:28
+     [clientloop.c ssh.c sshconnect.c sshconnect.h]
+     kill proxy command on fatal() (we already kill it on clean exit);
+     ok markus@
+   - djm@cvs.openbsd.org 2010/10/06 21:10:21
+     [sshconnect.c]
+     swapped args to kill(2)
+ - (djm) [openbsd-compat/glob.c] restore ARG_MAX compat code.
+ - (djm) [cipher-acss.c] Add missing header.
+ - (djm) [openbsd-compat/Makefile.in] Actually link timingsafe_bcmp
+
+20100924
+ - (djm) OpenBSD CVS Sync
+   - naddy@cvs.openbsd.org 2010/09/10 15:19:29
+     [ssh-keygen.1]
+     * mention ECDSA in more places
+     * less repetition in FILES section
+     * SSHv1 keys are still encrypted with 3DES
+     help and ok jmc@
+   - djm@cvs.openbsd.org 2010/09/11 21:44:20
+     [ssh.1]
+     mention RFC 5656 for ECC stuff
+   - jmc@cvs.openbsd.org 2010/09/19 21:30:05
+     [sftp.1]
+     more wacky macro fixing;
+   - djm@cvs.openbsd.org 2010/09/20 04:41:47
+     [ssh.c]
+     install a SIGCHLD handler to reap expiried child process; ok markus@
+   - djm@cvs.openbsd.org 2010/09/20 04:50:53
+     [jpake.c schnorr.c]
+     check that received values are smaller than the group size in the
+     disabled and unfinished J-PAKE code.
+     avoids catastrophic security failure found by Sebastien Martini
+   - djm@cvs.openbsd.org 2010/09/20 04:54:07
+     [jpake.c]
+     missing #include
+   - djm@cvs.openbsd.org 2010/09/20 07:19:27
+     [mux.c]
+     "atomically" create the listening mux socket by binding it on a temorary
+     name and then linking it into position after listen() has succeeded.
+     this allows the mux clients to determine that the server socket is
+     either ready or stale without races. stale server sockets are now
+     automatically removed
+     ok deraadt
+   - djm@cvs.openbsd.org 2010/09/22 05:01:30
+     [kex.c kex.h kexecdh.c kexecdhc.c kexecdhs.c readconf.c readconf.h]
+     [servconf.c servconf.h ssh_config.5 sshconnect2.c sshd.c sshd_config.5]
+     add a KexAlgorithms knob to the client and server configuration to allow
+     selection of which key exchange methods are used by ssh(1) and sshd(8)
+     and their order of preference.
+     ok markus@
+   - jmc@cvs.openbsd.org 2010/09/22 08:30:08
+     [ssh.1 ssh_config.5]
+     ssh.1: add kexalgorithms to the -o list
+     ssh_config.5: format the kexalgorithms in a more consistent
+     (prettier!) way
+     ok djm
+   - djm@cvs.openbsd.org 2010/09/22 22:58:51
+     [atomicio.c atomicio.h misc.c misc.h scp.c sftp-client.c]
+     [sftp-client.h sftp.1 sftp.c]
+     add an option per-read/write callback to atomicio
+
+     factor out bandwidth limiting code from scp(1) into a generic bandwidth
+     limiter that can be attached using the atomicio callback mechanism
+
+     add a bandwidth limit option to sftp(1) using the above
+     "very nice" markus@
+   - jmc@cvs.openbsd.org 2010/09/23 13:34:43
+     [sftp.c]
+     add [-l limit] to usage();
+   - jmc@cvs.openbsd.org 2010/09/23 13:36:46
+     [scp.1 sftp.1]
+     add KexAlgorithms to the -o list;
+
+20100910
+ - (dtucker) [openbsd-compat/port-linux.c] Check is_selinux_enabled for exact
+   return code since it can apparently return -1 under some conditions.  From
+   openssh bugs werbittewas de, ok djm@
+ - OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2010/08/31 12:33:38
+     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
+     reintroduce commit from tedu@, which I pulled out for release
+     engineering:
+       OpenSSL_add_all_algorithms is the name of the function we have a
+       man page for, so use that.  ok djm
+   - jmc@cvs.openbsd.org 2010/08/31 17:40:54
+     [ssh-agent.1]
+     fix some macro abuse;
+   - jmc@cvs.openbsd.org 2010/08/31 21:14:58
+     [ssh.1]
+     small text tweak to accommodate previous;
+   - naddy@cvs.openbsd.org 2010/09/01 15:21:35
+     [servconf.c]
+     pick up ECDSA host key by default; ok djm@
+   - markus@cvs.openbsd.org 2010/09/02 16:07:25
+     [ssh-keygen.c]
+     permit -b 256, 384 or 521 as key size for ECDSA; ok djm@
+   - markus@cvs.openbsd.org 2010/09/02 16:08:39
+     [ssh.c]
+     unbreak ControlPersist=yes for ControlMaster=yes; ok djm@
+   - naddy@cvs.openbsd.org 2010/09/02 17:21:50
+     [ssh-keygen.c]
+     Switch ECDSA default key size to 256 bits, which according to RFC5656
+     should still be better than our current RSA-2048 default.
+     ok djm@, markus@
+   - jmc@cvs.openbsd.org 2010/09/03 11:09:29
+     [scp.1]
+     add an EXIT STATUS section for /usr/bin;
+   - jmc@cvs.openbsd.org 2010/09/04 09:38:34
+     [ssh-add.1 ssh.1]
+     two more EXIT STATUS sections;
+   - naddy@cvs.openbsd.org 2010/09/06 17:10:19
+     [sshd_config]
+     add ssh_host_ecdsa_key to /etc; from Mattieu Baptiste
+     <mattieu.b@gmail.com>
+     ok deraadt@
+   - djm@cvs.openbsd.org 2010/09/08 03:54:36
+     [authfile.c]
+     typo
+   - deraadt@cvs.openbsd.org 2010/09/08 04:13:31
+     [compress.c]
+     work around name-space collisions some buggy compilers (looking at you
+     gcc, at least in earlier versions, but this does not forgive your current
+     transgressions) seen between zlib and openssl
+     ok djm
+   - djm@cvs.openbsd.org 2010/09/09 10:45:45
+     [kex.c kex.h kexecdh.c key.c key.h monitor.c ssh-ecdsa.c]
+     ECDH/ECDSA compliance fix: these methods vary the hash function they use
+     (SHA256/384/512) depending on the length of the curve in use. The previous
+     code incorrectly used SHA256 in all cases.
+     
+     This fix will cause authentication failure when using 384 or 521-bit curve
+     keys if one peer hasn't been upgraded and the other has. (256-bit curve
+     keys work ok). In particular you may need to specify HostkeyAlgorithms
+     when connecting to a server that has not been upgraded from an upgraded
+     client.
+     
+     ok naddy@
+ - (djm) [authfd.c authfile.c bufec.c buffer.h configure.ac kex.h kexecdh.c]
+   [kexecdhc.c kexecdhs.c key.c key.h myproposal.h packet.c readconf.c]
+   [ssh-agent.c ssh-ecdsa.c ssh-keygen.c ssh.c] Disable ECDH and ECDSA on
+   platforms that don't have the requisite OpenSSL support. ok dtucker@
+ - (dtucker) [kex.h key.c packet.h ssh-agent.c ssh.c] A few more ECC ifdefs
+   for missing headers and compiler warnings.
+
+20100831
+ - OpenBSD CVS Sync
+   - jmc@cvs.openbsd.org 2010/08/08 19:36:30
+     [ssh-keysign.8 ssh.1 sshd.8]
+     use the same template for all FILES sections; i.e. -compact/.Pp where we
+     have multiple items, and .Pa for path names;
+   - tedu@cvs.openbsd.org 2010/08/12 23:34:39
+     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
+     OpenSSL_add_all_algorithms is the name of the function we have a man page
+     for, so use that.  ok djm
+   - djm@cvs.openbsd.org 2010/08/16 04:06:06
+     [ssh-add.c ssh-agent.c ssh-keygen.c ssh-keysign.c ssh.c sshd.c]
+     backout previous temporarily; discussed with deraadt@
+   - djm@cvs.openbsd.org 2010/08/31 09:58:37
+     [auth-options.c auth1.c auth2.c bufaux.c buffer.h kex.c key.c packet.c]
+     [packet.h ssh-dss.c ssh-rsa.c]
+     Add buffer_get_cstring() and related functions that verify that the
+     string extracted from the buffer contains no embedded \0 characters*
+     This prevents random (possibly malicious) crap from being appended to
+     strings where it would not be noticed if the string is used with
+     a string(3) function.
+     
+     Use the new API in a few sensitive places.
+     
+     * actually, we allow a single one at the end of the string for now because
+     we don't know how many deployed implementations get this wrong, but don't
+     count on this to remain indefinitely.
+   - djm@cvs.openbsd.org 2010/08/31 11:54:45
+     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys auth2-jpake.c authfd.c]
+     [authfile.c buffer.h dns.c kex.c kex.h key.c key.h monitor.c]
+     [monitor_wrap.c myproposal.h packet.c packet.h pathnames.h readconf.c]
+     [ssh-add.1 ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.1 ssh-keygen.c]
+     [ssh-keyscan.1 ssh-keyscan.c ssh-keysign.8 ssh.1 ssh.c ssh2.h]
+     [ssh_config.5 sshconnect.c sshconnect2.c sshd.8 sshd.c sshd_config.5]
+     [uuencode.c uuencode.h bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c]
+     Implement Elliptic Curve Cryptography modes for key exchange (ECDH) and
+     host/user keys (ECDSA) as specified by RFC5656. ECDH and ECDSA offer
+     better performance than plain DH and DSA at the same equivalent symmetric
+     key length, as well as much shorter keys.
+     
+     Only the mandatory sections of RFC5656 are implemented, specifically the
+     three REQUIRED curves nistp256, nistp384 and nistp521 and only ECDH and
+     ECDSA. Point compression (optional in RFC5656 is NOT implemented).
+     
+     Certificate host and user keys using the new ECDSA key types are supported.
+     
+     Note that this code has not been tested for interoperability and may be
+     subject to change.
+     
+     feedback and ok markus@
+ - (djm) [Makefile.in] Add new ECC files
+ - (djm) [bufec.c kexecdh.c kexecdhc.c kexecdhs.c ssh-ecdsa.c] include
+   includes.h
+
+20100827
+ - (dtucker) [contrib/redhat/sshd.init] Bug #1810: initlog is deprecated,
+   remove.  Patch from martynas at venck us 
+
 20100823
  - (djm) Release OpenSSH-5.6p1
 
@@ -517,2746 +1202,3 @@
      
      ok markus@
 
-20100410
- - (dtucker) [configure.ac] Put the check for the existence of getaddrinfo
-   back so we disable the IPv6 tests if we don't have it.
-
-20100409
- - (dtucker) [contrib/cygwin/Makefile] Don't overwrite files with the wrong
-   ones.  Based on a patch from Roumen Petrov.
- - (dtucker) [configure.ac] Bug #1744: use pkg-config for libedit flags if we
-   have it and the path is not provided to --with-libedit.  Based on a patch
-   from Iain Morgan.
- - (dtucker) [configure.ac defines.h loginrec.c logintest.c] Bug #1732: enable
-   utmpx support on FreeBSD where possible.  Patch from Ed Schouten, ok djm@
-
-20100326
- - (djm) [openbsd-compat/bsd-arc4random.c] Fix preprocessor detection
-   for arc4random_buf() and arc4random_uniform(); from Josh Gilkerson
- - (dtucker) [configure.ac] Bug #1741: Add section for Haiku, patch originally
-   by Ingo Weinhold via Scott McCreary, ok djm@
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/03/25 23:38:28
-     [servconf.c]
-     from portable: getcwd(NULL, 0) doesn't work on all platforms, so
-     use a stack buffer; ok dtucker@
-   - djm@cvs.openbsd.org 2010/03/26 00:26:58
-     [ssh.1]
-     mention that -S none disables connection sharing; from Colin Watson
- - (djm) [session.c] Allow ChrootDirectory to work on SELinux platforms -
-   set up SELinux execution context before chroot() call. From Russell
-   Coker via Colin watson; bz#1726 ok dtucker@
- - (djm) [channels.c] Check for EPFNOSUPPORT as a socket() errno; bz#1721
-   ok dtucker@
- - (dtucker) Bug #1725: explicitly link libX11 into gnome-ssh-askpass2 using
-   pkg-config, patch from Colin Watson.  Needed for newer linkers (ie gold).
- - (djm) [contrib/ssh-copy-id] Don't blow up when the agent has no keys;
-   bz#1723 patch from Adeodato Simóvia Colin Watson; ok dtucker@
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2010/03/26 01:06:13
-     [ssh_config.5]
-     Reformat default value of PreferredAuthentications entry (current
-     formatting implies ", " is acceptable as a separator, which it's not.
-     ok djm@
-
-20100324
- - (dtucker) [contrib/cygwin/ssh-host-config] Mount the Windows directory
-   containing the services file explicitely case-insensitive.  This allows to
-   tweak the Windows services file reliably.  Patch from vinschen at redhat.
-
-20100321
- - (djm) OpenBSD CVS Sync
-   - jmc@cvs.openbsd.org 2010/03/08 09:41:27
-     [ssh-keygen.1]
-     sort the list of constraints (to -O); ok djm
-   - jmc@cvs.openbsd.org 2010/03/10 07:40:35
-     [ssh-keygen.1]
-     typos; from Ross Richardson
-     closes prs 6334 and 6335
-   - djm@cvs.openbsd.org 2010/03/10 23:27:17
-     [auth2-pubkey.c]
-     correct certificate logging and make it more consistent between
-     authorized_keys and TrustedCAKeys; ok markus@
-   - djm@cvs.openbsd.org 2010/03/12 01:06:25
-     [servconf.c]
-     unbreak AuthorizedKeys option with a $HOME-relative path; reported by
-     vinschen AT redhat.com, ok dtucker@
-   - markus@cvs.openbsd.org 2010/03/12 11:37:40
-     [servconf.c]
-     do not prepend AuthorizedKeysFile with getcwd(), unbreaks relative paths
-     free() (not xfree()) the buffer returned by getcwd()
-   - djm@cvs.openbsd.org 2010/03/13 21:10:38
-     [clientloop.c]
-     protocol conformance fix: send language tag when disconnecting normally;
-     spotted by 1.41421 AT gmail.com, ok markus@ deraadt@
-   - djm@cvs.openbsd.org 2010/03/13 21:45:46
-     [ssh-keygen.1]
-     Certificates are named *-cert.pub, not *_cert.pub; committing a diff
-     from stevesk@ ok me
-   - jmc@cvs.openbsd.org 2010/03/13 23:38:13
-     [ssh-keygen.1]
-     fix a formatting error (args need quoted); noted by stevesk
-   - stevesk@cvs.openbsd.org 2010/03/15 19:40:02
-     [key.c key.h ssh-keygen.c]
-     also print certificate type (user or host) for ssh-keygen -L
-     ok djm kettenis
-   - stevesk@cvs.openbsd.org 2010/03/16 15:46:52
-     [auth-options.c]
-     spelling in error message. ok djm kettenis
-   - djm@cvs.openbsd.org 2010/03/16 16:36:49
-     [version.h]
-     crank version to openssh-5.5 since we have a few fixes since 5.4;
-     requested deraadt@ kettenis@
- - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   [contrib/suse/openssh.spec] Crank version numbers
-
-20100314
- - (djm) [ssh-pkcs11-helper.c] Move #ifdef to after #defines to fix
-   compilation failure when !HAVE_DLOPEN. Reported by felix-mindrot
-   AT fefe.de
- - (djm) [Makefile.in] Respecify -lssh after -lopenbsd-compat for
-   ssh-pkcs11-helper to repair static builds (we do the same for
-   ssh-keyscan). Reported by felix-mindrot AT fefe.de
-
-20100312
- - (tim) [Makefile.in] Now that scard is gone, no need to make $(datadir)
- - (tim) [Makefile.in] Add missing $(EXEEXT) to install targets.
-   Patch from Corinna Vinschen.
- - (tim) [contrib/cygwin/Makefile] Fix list of documentation files to install
-   on a Cygwin installation. Patch from Corinna Vinschen.
-
-20100311
- - (tim) [contrib/suse/openssh.spec] crank version number here too.
-   report by imorgan AT nas.nasa.gov
-
-20100309
- - (dtucker) [configure.ac] Use a proper AC_CHECK_DECL for BROKEN_GETADDRINFO
-   so setting it in CFLAGS correctly skips IPv6 tests.
-
-20100308
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/03/07 22:16:01
-     [ssh-keygen.c]
-     make internal strptime string match strftime format;
-     suggested by vinschen AT redhat.com and markus@
-   - djm@cvs.openbsd.org 2010/03/08 00:28:55
-     [ssh-keygen.1]
-     document permit-agent-forwarding certificate constraint; patch from
-     stevesk@
-   - djm@cvs.openbsd.org 2010/03/07 22:01:32
-     [version.h]
-     openssh-5.4
- - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   crank version numbers
- - (djm) Release OpenSSH-5.4p1
-
-20100307
- - (dtucker) [auth.c] Bug #1710: call setauthdb on AIX before getpwuid so that
-   it gets the passwd struct from the LAM that knows about the user which is
-   not necessarily the default.  Patch from Alexandre Letourneau.
- - (dtucker) [session.c] Bug #1567: move setpcred call to before chroot and
-   do not set real uid, since that's needed for the chroot, and will be set
-   by permanently_set_uid.
- - (dtucker) [session.c] Also initialize creds to NULL for handing to
-    setpcred.
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2010/03/07 11:57:13
-     [auth-rhosts.c monitor.c monitor_wrap.c session.c auth-options.c sshd.c]
-     Hold authentication debug messages until after successful authentication.
-     Fixes an info leak of environment variables specified in authorized_keys,
-     reported by Jacob Appelbaum.  ok djm@
-
-20100305
- - OpenBSD CVS Sync
-   - jmc@cvs.openbsd.org 2010/03/04 12:51:25
-     [ssh.1 sshd_config.5]
-     tweak previous;
-   - djm@cvs.openbsd.org 2010/03/04 20:35:08
-     [ssh-keygen.1 ssh-keygen.c]
-     Add a -L flag to print the contents of a certificate; ok markus@
-   - jmc@cvs.openbsd.org 2010/03/04 22:52:40
-     [ssh-keygen.1]
-     fix Bk/Ek;
-   - djm@cvs.openbsd.org 2010/03/04 23:17:25
-     [sshd_config.5]
-     missing word; spotted by jmc@
-   - djm@cvs.openbsd.org 2010/03/04 23:19:29
-     [ssh.1 sshd.8]
-     move section on CA and revoked keys from ssh.1 to sshd.8's known hosts
-     format section and rework it a bit; requested by jmc@
-   - djm@cvs.openbsd.org 2010/03/04 23:27:25
-     [auth-options.c ssh-keygen.c]
-     "force-command" is not spelled "forced-command"; spotted by
-     imorgan AT nas.nasa.gov
-   - djm@cvs.openbsd.org 2010/03/05 02:58:11
-     [auth.c]
-     make the warning for a revoked key louder and more noticable
-   - jmc@cvs.openbsd.org 2010/03/05 06:50:35
-     [ssh.1 sshd.8]
-     tweak previous;
-   - jmc@cvs.openbsd.org 2010/03/05 08:31:20
-     [ssh.1]
-     document certificate authentication; help/ok djm
-   - djm@cvs.openbsd.org 2010/03/05 10:28:21
-     [ssh-add.1 ssh.1 ssh_config.5]
-     mention loading of certificate files from [private]-cert.pub when
-     they are present; feedback and ok jmc@
- - (tim) [ssh-pkcs11.c] Fix "non-constant initializer" errors in older
-   compilers. OK djm@
- - (djm) [ssh-rand-helper.c] declare optind, avoiding compilation failure
-   on some platforms
- - (djm) [configure.ac] set -fno-strict-aliasing for gcc4; ok dtucker@
-
-20100304
- - (djm) [ssh-keygen.c] Use correct local variable, instead of
-   maybe-undefined global "optarg"
- - (djm) [contrib/redhat/openssh.spec] Replace obsolete BuildPreReq
-   on XFree86-devel with neutral /usr/include/X11/Xlib.h;
-   imorgan AT nas.nasa.gov in bz#1731
- - (djm) [.cvsignore] Ignore ssh-pkcs11-helper
- - (djm) [regress/Makefile] Cleanup sshd_proxy_orig
- - OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/03/03 01:44:36
-     [auth-options.c key.c]
-     reject strings with embedded ASCII nul chars in certificate key IDs,
-     principal names and constraints
-   - djm@cvs.openbsd.org 2010/03/03 22:49:50
-     [sshd.8]
-     the authorized_keys option for CA keys is "cert-authority", not
-     "from=cert-authority". spotted by imorgan AT nas.nasa.gov
-   - djm@cvs.openbsd.org 2010/03/03 22:50:40
-     [PROTOCOL.certkeys]
-     s/similar same/similar/; from imorgan AT nas.nasa.gov
-   - djm@cvs.openbsd.org 2010/03/04 01:44:57
-     [key.c]
-     use buffer_get_string_ptr_ret() where we are checking the return
-     value explicitly instead of the fatal()-causing buffer_get_string_ptr()
-   - djm@cvs.openbsd.org 2010/03/04 10:36:03
-     [auth-rh-rsa.c auth-rsa.c auth.c auth.h auth2-hostbased.c auth2-pubkey.c]
-     [authfile.c authfile.h hostfile.c hostfile.h servconf.c servconf.h]
-     [ssh-keygen.c ssh.1 sshconnect.c sshd_config.5]
-     Add a TrustedUserCAKeys option to sshd_config to specify CA keys that
-     are trusted to authenticate users (in addition than doing it per-user
-     in authorized_keys).
-     
-     Add a RevokedKeys option to sshd_config and a @revoked marker to
-     known_hosts to allow keys to me revoked and banned for user or host
-     authentication.
-     
-     feedback and ok markus@
-   - djm@cvs.openbsd.org 2010/03/03 00:47:23
-     [regress/cert-hostkey.sh regress/cert-userkey.sh]
-     add an extra test to ensure that authentication with the wrong
-     certificate fails as it should (and it does)
-   - djm@cvs.openbsd.org 2010/03/04 10:38:23
-     [regress/cert-hostkey.sh regress/cert-userkey.sh]
-     additional regression tests for revoked keys and TrustedUserCAKeys
-
-20100303
- - (djm) [PROTOCOL.certkeys] Add RCS Ident
- - OpenBSD CVS Sync
-   - jmc@cvs.openbsd.org 2010/02/26 22:09:28
-     [ssh-keygen.1 ssh.1 sshd.8]
-     tweak previous;
-   - otto@cvs.openbsd.org 2010/03/01 11:07:06
-     [ssh-add.c]
-     zap what seems to be a left-over debug message; ok markus@
-   - djm@cvs.openbsd.org 2010/03/02 23:20:57
-     [ssh-keygen.c]
-     POSIX strptime is stricter than OpenBSD's so do a little dance to
-     appease it.
- - (djm) [regress/cert-userkey.sh] s/echo -n/echon/ here too
-
-20100302
- - (tim) [config.guess config.sub] Bug 1722: Update to latest versions from
-   http://git.savannah.gnu.org/gitweb/ (2009-12-30 and 2010-01-22
-   respectively).
-
-20100301
- - (dtucker) [regress/{cert-hostkey,cfgmatch,cipher-speed}.sh} Replace
-   "echo -n" with "echon" for portability.
- - (dtucker) [openbsd-compat/port-linux.c] Make failure to write to the OOM
-   adjust log at verbose only, since according to cjwatson in bug #1470
-   some virtualization platforms don't allow writes.
-
-20100228
- - (djm) [auth.c] On Cygwin, refuse usernames that have differences in
-   case from that matched in the system password database. On this
-   platform, passwords are stored case-insensitively, but sshd requires
-   exact case matching for Match blocks in sshd_config(5). Based on
-   a patch from vinschen AT redhat.com.
- - (tim) [ssh-pkcs11-helper.c] Move declarations before calling functions
-   to make older compilers (gcc 2.95) happy.
-
-20100227
- - (djm) [ssh-pkcs11-helper.c ] Ensure RNG is initialised and seeded
- - (djm) [openbsd-compat/bsd-cygwin_util.c] Reduce the set of environment
-   variables copied into sshd child processes. From vinschen AT redhat.com
-
-20100226
- - OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/02/26 20:29:54
-     [PROTOCOL PROTOCOL.agent PROTOCOL.certkeys addrmatch.c auth-options.c]
-     [auth-options.h auth.h auth2-pubkey.c authfd.c dns.c dns.h hostfile.c]
-     [hostfile.h kex.h kexdhs.c kexgexs.c key.c key.h match.h monitor.c]
-     [myproposal.h servconf.c servconf.h ssh-add.c ssh-agent.c ssh-dss.c]
-     [ssh-keygen.1 ssh-keygen.c ssh-rsa.c ssh.1 ssh.c ssh2.h sshconnect.c]
-     [sshconnect2.c sshd.8 sshd.c sshd_config.5]
-     Add support for certificate key types for users and hosts.
-     
-     OpenSSH certificate key types are not X.509 certificates, but a much
-     simpler format that encodes a public key, identity information and
-     some validity constraints and signs it with a CA key. CA keys are
-     regular SSH keys. This certificate style avoids the attack surface
-     of X.509 certificates and is very easy to deploy.
-     
-     Certified host keys allow automatic acceptance of new host keys
-     when a CA certificate is marked as trusted in ~/.ssh/known_hosts.
-     see VERIFYING HOST KEYS in ssh(1) for details.
-     
-     Certified user keys allow authentication of users when the signing
-     CA key is marked as trusted in authorized_keys. See "AUTHORIZED_KEYS
-     FILE FORMAT" in sshd(8) for details.
-     
-     Certificates are minted using ssh-keygen(1), documentation is in
-     the "CERTIFICATES" section of that manpage.
-     
-     Documentation on the format of certificates is in the file
-     PROTOCOL.certkeys
-     
-     feedback and ok markus@
-   - djm@cvs.openbsd.org 2010/02/26 20:33:21
-     [Makefile regress/cert-hostkey.sh regress/cert-userkey.sh]
-     regression tests for certified keys
-
-20100224
- - (djm) [pkcs11.h ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
-   [ssh-pkcs11.h] Add $OpenBSD$ RCS idents so we can sync portable
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/02/11 20:37:47
-     [pathnames.h]
-     correct comment
-   - dtucker@cvs.openbsd.org 2009/11/09 04:20:04
-     [regress/Makefile]
-     add regression test for ssh-keygen pubkey conversions
-   - dtucker@cvs.openbsd.org 2010/01/11 02:53:44
-     [regress/forwarding.sh]
-     regress test for stdio forwarding
-   - djm@cvs.openbsd.org 2010/02/09 04:57:36
-     [regress/addrmatch.sh]
-     clean up droppings
-   - djm@cvs.openbsd.org 2010/02/09 06:29:02
-     [regress/Makefile]
-     turn on all the malloc(3) checking options when running regression
-     tests. this has caught a few bugs for me in the past; ok dtucker@
-   - djm@cvs.openbsd.org 2010/02/24 06:21:56
-     [regress/test-exec.sh]
-     wait for sshd to fully stop in cleanup() function; avoids races in tests
-     that do multiple start_sshd/cleanup cycles; "I hate pidfiles" deraadt@
-   - markus@cvs.openbsd.org 2010/02/08 10:52:47
-     [regress/agent-pkcs11.sh]
-     test for PKCS#11 support (currently disabled)
- - (djm) [Makefile.in ssh-pkcs11-helper.8] Add manpage for PKCS#11 helper
- - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   [contrib/suse/openssh.spec] Add PKCS#11 helper binary and manpage
-
-20100212
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/02/02 22:49:34
-     [bufaux.c]
-     make buffer_get_string_ret() really non-fatal in all cases (it was
-     using buffer_get_int(), which could fatal() on buffer empty);
-     ok markus dtucker
-   - markus@cvs.openbsd.org 2010/02/08 10:50:20
-     [pathnames.h readconf.c readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c]
-     [ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1 ssh.c ssh_config.5]
-     replace our obsolete smartcard code with PKCS#11.
-        ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
-     ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
-     provider (shared library) while ssh-agent(1) delegates PKCS#11 to
-     a forked a ssh-pkcs11-helper process.
-     PKCS#11 is currently a compile time option.
-     feedback and ok djm@; inspired by patches from Alon Bar-Lev
-   - jmc@cvs.openbsd.org 2010/02/08 22:03:05
-     [ssh-add.1 ssh-keygen.1 ssh.1 ssh.c]
-     tweak previous; ok markus
-   - djm@cvs.openbsd.org 2010/02/09 00:50:36
-     [ssh-agent.c]
-     fallout from PKCS#11: unbreak -D
-   - djm@cvs.openbsd.org 2010/02/09 00:50:59
-     [ssh-keygen.c]
-     fix -Wall
-   - djm@cvs.openbsd.org 2010/02/09 03:56:28
-     [buffer.c buffer.h]
-     constify the arguments to buffer_len, buffer_ptr and buffer_dump
-   - djm@cvs.openbsd.org 2010/02/09 06:18:46
-     [auth.c]
-     unbreak ChrootDirectory+internal-sftp by skipping check for executable
-     shell when chrooting; reported by danh AT wzrd.com; ok dtucker@
-   - markus@cvs.openbsd.org 2010/02/10 23:20:38
-     [ssh-add.1 ssh-keygen.1 ssh.1 ssh_config.5]
-     pkcs#11 is no longer optional; improve wording; ok jmc@
-   - jmc@cvs.openbsd.org 2010/02/11 13:23:29
-     [ssh.1]
-     libarary -> library;
- - (djm) [INSTALL Makefile.in README.smartcard configure.ac scard-opensc.c]
-   [scard.c scard.h pkcs11.h scard/Makefile.in scard/Ssh.bin.uu scard/Ssh.java]
-   Remove obsolete smartcard support
- - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
-   Make it compile on OSX
- - (djm) [ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c]
-   Use ssh_get_progname to fill __progname
- - (djm) [configure.ac] Enable PKCS#11 support only when we find a working
-   dlopen()
-
-20100210
- - (djm) add -lselinux to LIBS before calling AC_CHECK_FUNCS for
-   getseuserbyname; patch from calebcase AT gmail.com via
-   cjwatson AT debian.org
-
-20100202
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/01/30 21:08:33
-     [sshd.8]
-     debug output goes to stderr, not "the system log"; ok markus dtucker
-   - djm@cvs.openbsd.org 2010/01/30 21:12:08
-     [channels.c]
-     fake local addr:port when stdio fowarding as some servers (Tectia at
-     least) validate that they are well-formed;
-     reported by imorgan AT nas.nasa.gov
-     ok dtucker
-
-20100130
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/01/28 00:21:18
-     [clientloop.c]
-     downgrade an error() to a debug() - this particular case can be hit in
-     normal operation for certain sequences of mux slave vs session closure
-     and is harmless
-   - djm@cvs.openbsd.org 2010/01/29 00:20:41
-     [sshd.c]
-     set FD_CLOEXEC on sock_in/sock_out; bz#1706 from jchadima AT redhat.com
-     ok dtucker@
-   - djm@cvs.openbsd.org 2010/01/29 20:16:17
-     [mux.c]
-     kill correct channel (was killing already-dead mux channel, not
-     its session channel)
-   - djm@cvs.openbsd.org 2010/01/30 02:54:53
-     [mux.c]
-     don't mark channel as read failed if it is already closing; suppresses
-     harmless error messages when connecting to SSH.COM Tectia server
-     report by imorgan AT nas.nasa.gov
-
-20100129
- - (dtucker) [openbsd-compat/openssl-compat.c] Bug #1707: Call OPENSSL_config()
-   after registering the hardware engines, which causes the openssl.cnf file to
-   be processed.  See OpenSSL's man page for OPENSSL_config(3) for details.
-   Patch from Solomon Peachy, ok djm@.
-
-20100128
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/01/26 02:15:20
-     [mux.c]
-     -Wuninitialized and remove a // comment; from portable
-     (Id sync only)
-   - djm@cvs.openbsd.org 2010/01/27 13:26:17
-     [mux.c]
-     fix bug introduced in mux rewrite:
-     
-     In a mux master, when a socket to a mux slave closes before its server
-     session (as may occur when the slave has been signalled), gracefully
-     close the server session rather than deleting its channel immediately.
-     A server may have more messages on that channel to send (e.g. an exit
-     message) that will fatal() the client if they are sent to a channel that
-     has been prematurely deleted.
-     
-     spotted by imorgan AT nas.nasa.gov
-   - djm@cvs.openbsd.org 2010/01/27 19:21:39
-     [sftp.c]
-     add missing "p" flag to getopt optstring;
-     bz#1704 from imorgan AT nas.nasa.gov
-
-20100126
- - (djm) OpenBSD CVS Sync
-   - tedu@cvs.openbsd.org 2010/01/17 21:49:09
-     [ssh-agent.1]
-     Correct and clarify ssh-add's password asking behavior.
-     Improved text dtucker and ok jmc
-   - dtucker@cvs.openbsd.org 2010/01/18 01:50:27
-     [roaming_client.c]
-     s/long long unsigned/unsigned long long/, from tim via portable
-     (Id sync only, change already in portable)
-   - djm@cvs.openbsd.org 2010/01/26 01:28:35
-     [channels.c channels.h clientloop.c clientloop.h mux.c nchan.c ssh.c]
-     rewrite ssh(1) multiplexing code to a more sensible protocol.
-     
-     The new multiplexing code uses channels for the listener and
-     accepted control sockets to make the mux master non-blocking, so
-     no stalls when processing messages from a slave.
-     
-     avoid use of fatal() in mux master protocol parsing so an errant slave
-     process cannot take down a running master.
-     
-     implement requesting of port-forwards over multiplexed sessions. Any
-     port forwards requested by the slave are added to those the master has
-     established.
-     
-     add support for stdio forwarding ("ssh -W host:port ...") in mux slaves.
-     
-     document master/slave mux protocol so that other tools can use it to
-     control a running ssh(1). Note: there are no guarantees that this
-     protocol won't be incompatibly changed (though it is versioned).
-     
-     feedback Salvador Fandino, dtucker@
-     channel changes ok markus@
-
-20100122
- - (tim) [configure.ac] Due to constraints in Windows Sockets in terms of
-   socket inheritance, reduce the default SO_RCVBUF/SO_SNDBUF buffer size
-   in Cygwin to 65535. Patch from Corinna Vinschen.
-
-20100117
- - (tim) [configure.ac] OpenServer 5 needs BROKEN_GETADDRINFO too.
- - (tim) [configure.ac] On SVR5 systems, use the C99-conforming functions
-   snprintf() and vsnprintf() named _xsnprintf() and _xvsnprintf().
-
-20100116
- - (dtucker) [openbsd-compat/pwcache.c] Pull in includes.h and thus defines.h
-   so we correctly detect whether or not we have a native user_from_uid.
- - (dtucker) [openbsd-compat/openbsd-compat.h] Prototypes for user_from_uid
-   and group_from_gid.
- - (dtucker) [openbsd-compat/openbsd-compat.h] Fix prototypes, spotted by
-   Tim.
- - (dtucker) OpenBSD CVS Sync
-   - markus@cvs.openbsd.org 2010/01/15 09:24:23
-     [sftp-common.c]
-     unused
- - (dtucker) [openbsd-compat/pwcache.c] Shrink ifdef area to prevent unused
-   variable warnings.
- - (dtucker) [openbsd-compat/openbsd-compat.h] Typo.
- - (tim) [regress/portnum.sh] Shell portability fix.
- - (tim) [configure.ac] Define BROKEN_GETADDRINFO on SVR5 systems. The native
-   getaddrinfo() is too old and limited for addr_pton() in addrmatch.c.
- - (tim) [roaming_client.c] Use of <sys/queue.h> is not really portable so we
-   use "openbsd-compat/sys-queue.h". s/long long unsigned/unsigned long long/
-   to keep USL compilers happy.
-
-20100115
- - (dtucker) OpenBSD CVS Sync
-   - jmc@cvs.openbsd.org 2010/01/13 12:48:34
-     [sftp.1 sftp.c]
-     sftp.1: put ls -h in the right place
-     sftp.c: as above, plus add -p to get/put, and shorten their arg names
-     to keep the help usage nicely aligned
-     ok djm
-   - djm@cvs.openbsd.org 2010/01/13 23:47:26
-     [auth.c]
-     when using ChrootDirectory, make sure we test for the existence of the
-     user's shell inside the chroot; bz #1679, patch from alex AT rtfs.hu;
-     ok dtucker
-   - dtucker@cvs.openbsd.org 2010/01/14 23:41:49
-     [sftp-common.c]
-     use user_from{uid,gid} to lookup up ids since it keeps a small cache.
-     ok djm
-   - guenther@cvs.openbsd.org 2010/01/15 00:05:22
-     [sftp.c]
-     Reset SIGTERM to SIG_DFL before executing ssh, so that even if sftp
-     inherited SIGTERM as ignored it will still be able to kill the ssh it
-     starts.
-     ok dtucker@
- - (dtucker) [openbsd-compat/pwcache.c] Pull in pwcache.c from OpenBSD (no
-   changes yet but there will be some to come).
- - (dtucker) [configure.ac openbsd-compat/{Makefile.in,pwcache.c} Portability
-   for pwcache.  Also, added caching of negative hits.
-
-20100114
- - (djm) [platform.h] Add missing prototype for
-   platform_krb5_get_principal_name
-
-20100113
- - (dtucker) [monitor_fdpass.c] Wrap poll.h include in ifdefs.
- - (dtucker) [openbsd-compat/readpassphrase.c] Resync against OpenBSD's r1.18:
-   missing restore of SIGTTOU and some whitespace.
- - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.21.
- - (dtucker) [openbsd-compat/readpassphrase.c] Update to OpenBSD's r1.22.
-   Fixes bz #1590, where sometimes you could not interrupt a connection while
-   ssh was prompting for a passphrase or password.
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2010/01/13 00:19:04
-     [sshconnect.c auth.c]
-     Fix a couple of typos/mispellings in comments
-   - dtucker@cvs.openbsd.org 2010/01/13 01:10:56
-     [key.c]
-     Ignore and log any Protocol 1 keys where the claimed size is not equal to
-     the actual size.  Noted by Derek Martin, ok djm@
-   - dtucker@cvs.openbsd.org 2010/01/13 01:20:20
-     [canohost.c ssh-keysign.c sshconnect2.c]
-     Make HostBased authentication work with a ProxyCommand.  bz #1569, patch
-     from imorgan at nas nasa gov, ok djm@
-   - djm@cvs.openbsd.org 2010/01/13 01:40:16
-     [sftp.c sftp-server.c sftp.1 sftp-common.c sftp-common.h]
-     support '-h' (human-readable units) for sftp's ls command, just like
-     ls(1); ok dtucker@
-   - djm@cvs.openbsd.org 2010/01/13 03:48:13
-     [servconf.c servconf.h sshd.c]
-     avoid run-time failures when specifying hostkeys via a relative
-     path by prepending the cwd in these cases; bz#1290; ok dtucker@
-   - djm@cvs.openbsd.org 2010/01/13 04:10:50
-     [sftp.c]
-     don't append a space after inserting a completion of a directory (i.e.
-     a path ending in '/') for a slightly better user experience; ok dtucker@
- - (dtucker) [sftp-common.c] Wrap include of util.h in an ifdef.
- - (tim) [defines.h] openbsd-compat/readpassphrase.c now needs _NSIG. 
-   feedback and ok dtucker@
-
-20100112
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2010/01/11 01:39:46
-     [ssh_config channels.c ssh.1 channels.h ssh.c]
-     Add a 'netcat mode' (ssh -W).  This connects stdio on the client to a
-     single port forward on the server.  This allows, for example, using ssh as
-     a ProxyCommand to route connections via intermediate servers.
-     bz #1618, man page help from jmc@, ok markus@
-   - dtucker@cvs.openbsd.org 2010/01/11 04:46:45
-     [authfile.c sshconnect2.c]
-     Do not prompt for a passphrase if we fail to open a keyfile, and log the
-     reason the open failed to debug.
-     bz #1693, found by tj AT castaglia org, ok djm@
-   - djm@cvs.openbsd.org 2010/01/11 10:51:07
-     [ssh-keygen.c]
-     when converting keys, truncate key comments at 72 chars as per RFC4716;
-     bz#1630 reported by tj AT castaglia.org; ok markus@
-   - dtucker@cvs.openbsd.org 2010/01/12 00:16:47
-     [authfile.c]
-     Fix bug introduced in r1.78 (incorrect brace location) that broke key auth.
-     Patch from joachim joachimschipper nl.
-   - djm@cvs.openbsd.org 2010/01/12 00:58:25
-     [monitor_fdpass.c]
-     avoid spinning when fd passing on nonblocking sockets by calling poll()
-     in the EINTR/EAGAIN path, much like we do in atomicio; ok dtucker@
-   - djm@cvs.openbsd.org 2010/01/12 00:59:29
-     [roaming_common.c]
-     delete with extreme prejudice a debug() that fired with every keypress;
-     ok dtucker deraadt
-   - dtucker@cvs.openbsd.org 2010/01/12 01:31:05
-     [session.c]
-     Do not allow logins if /etc/nologin exists but is not readable by the user
-     logging in.  Noted by Jan.Pechanec at Sun, ok djm@ deraadt@
-   - djm@cvs.openbsd.org 2010/01/12 01:36:08
-     [buffer.h bufaux.c]
-     add a buffer_get_string_ptr_ret() that does the same as
-     buffer_get_string_ptr() but does not fatal() on error; ok dtucker@
-   - dtucker@cvs.openbsd.org 2010/01/12 08:33:17
-     [session.c]
-     Add explicit stat so we reliably detect nologin with bad perms.
-     ok djm markus
-
-20100110
- - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c]
-   Remove hacks add for RoutingDomain in preparation for its removal.
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2010/01/09 23:04:13
-     [channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
-     ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
-     readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
-     Remove RoutingDomain from ssh since it's now not needed.  It can be
-     replaced with "route exec" or "nc -V" as a proxycommand.  "route exec"
-     also ensures that trafic such as DNS lookups stays withing the specified
-     routingdomain.  For example (from reyk):
-     # route -T 2 exec /usr/sbin/sshd
-     or inherited from the parent process
-     $ route -T 2 exec sh
-     $ ssh 10.1.2.3
-     ok deraadt@ markus@ stevesk@ reyk@
-   - dtucker@cvs.openbsd.org 2010/01/10 03:51:17
-     [servconf.c]
-     Add ChrootDirectory to sshd.c test-mode output
-   - dtucker@cvs.openbsd.org 2010/01/10 07:15:56
-     [auth.c]
-     Output a debug if we can't open an existing keyfile.  bz#1694, ok djm@
-
-20100109
- - (dtucker) Wrap use of IPPROTO_IPV6 in an ifdef for platforms that don't
-   have it.
- - (dtucker) [defines.h] define PRIu64 for platforms that don't have it.
- - (dtucker) [roaming_client.c] Wrap inttypes.h in an ifdef.
- - (dtucker) [loginrec.c] Use the SUSv3 specified name for the user name
-   when using utmpx.  Patch from Ed Schouten.
- - (dtucker) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2010/01/09 00:20:26
-     [sftp-server.c sftp-server.8]
-     add a 'read-only' mode to sftp-server(8) that disables open in write mode
-     and all other fs-modifying protocol methods. bz#430 ok dtucker@
-   - djm@cvs.openbsd.org 2010/01/09 00:57:10
-     [PROTOCOL]
-     tweak language
-   - jmc@cvs.openbsd.org 2010/01/09 03:36:00
-     [sftp-server.8]
-     bad place to forget a comma...
-   - djm@cvs.openbsd.org 2010/01/09 05:04:24
-     [mux.c sshpty.h clientloop.c sshtty.c]
-     quell tc[gs]etattr warnings when forcing a tty (ssh -tt), since we
-     usually don't actually have a tty to read/set; bz#1686 ok dtucker@
-   - dtucker@cvs.openbsd.org 2010/01/09 05:17:00
-     [roaming_client.c]
-     Remove a PRIu64 format string that snuck in with roaming.  ok djm@
-   - dtucker@cvs.openbsd.org 2010/01/09 11:13:02
-     [sftp.c]
-     Prevent sftp from derefing a null pointer when given a "-" without a
-     command.  Also, allow whitespace to follow a "-".  bz#1691, path from
-     Colin Watson via Debian.  ok djm@ deraadt@
-   - dtucker@cvs.openbsd.org 2010/01/09 11:17:56
-     [sshd.c]
-     Afer sshd receives a SIGHUP, ignore subsequent HUPs while sshd re-execs
-     itself.  Prevents two HUPs in quick succession from resulting in sshd
-     dying.  bz#1692, patch from Colin Watson via Ubuntu.
- - (dtucker) [defines.h] Remove now-undeeded PRIu64 define.
-
-20100108
- - (dtucker) OpenBSD CVS Sync
-   - andreas@cvs.openbsd.org 2009/10/24 11:11:58
-     [roaming.h]
-     Declarations needed for upcoming changes.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/10/24 11:13:54
-     [sshconnect2.c kex.h kex.c]
-     Let the client detect if the server supports roaming by looking
-     for the resume@appgate.com kex algorithm.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/10/24 11:15:29
-     [clientloop.c]
-     client_loop() must detect if the session has been suspended and resumed,
-     and take appropriate action in that case.
-     From Martin Forssen, maf at appgate dot com
-   - andreas@cvs.openbsd.org 2009/10/24 11:19:17
-     [ssh2.h]
-     Define the KEX messages used when resuming a suspended connection.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/10/24 11:22:37
-     [roaming_common.c]
-     Do the actual suspend/resume in the client. This won't be useful until
-     the server side supports roaming.
-     Most code from Martin Forssen, maf at appgate dot com. Some changes by
-     me and markus@
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/10/24 11:23:42
-     [ssh.c]
-     Request roaming to be enabled if UseRoaming is true and the server
-     supports it.
-     ok markus@
-   - reyk@cvs.openbsd.org 2009/10/28 16:38:18
-     [ssh_config.5 sshd.c misc.h ssh-keyscan.1 readconf.h sshconnect.c
-     channels.c channels.h servconf.h servconf.c ssh.1 ssh-keyscan.c scp.1
-     sftp.1 sshd_config.5 readconf.c ssh.c misc.c]
-     Allow to set the rdomain in ssh/sftp/scp/sshd and ssh-keyscan.
-     ok markus@
-   - jmc@cvs.openbsd.org 2009/10/28 21:45:08
-     [sshd_config.5 sftp.1]
-     tweak previous;
-   - djm@cvs.openbsd.org 2009/11/10 02:56:22
-     [ssh_config.5]
-     explain the constraints on LocalCommand some more so people don't
-     try to abuse it.
-   - djm@cvs.openbsd.org 2009/11/10 02:58:56
-     [sshd_config.5]
-     clarify that StrictModes does not apply to ChrootDirectory. Permissions
-     and ownership are always checked when chrooting. bz#1532
-   - dtucker@cvs.openbsd.org 2009/11/10 04:30:45
-     [sshconnect2.c channels.c sshconnect.c]
-     Set close-on-exec on various descriptors so they don't get leaked to
-     child processes.  bz #1643, patch from jchadima at redhat, ok deraadt.
-   - markus@cvs.openbsd.org 2009/11/11 21:37:03
-     [channels.c channels.h]
-     fix race condition in x11/agent channel allocation: don't read after
-     the end of the select read/write fdset and make sure a reused FD
-     is not touched before the pre-handlers are called.
-     with and ok djm@
-   - djm@cvs.openbsd.org 2009/11/17 05:31:44
-     [clientloop.c]
-     fix incorrect exit status when multiplexing and channel ID 0 is recycled
-     bz#1570 reported by peter.oliver AT eon-is.co.uk; ok dtucker
-   - djm@cvs.openbsd.org 2009/11/19 23:39:50
-     [session.c]
-     bz#1606: error when an attempt is made to connect to a server
-     with ForceCommand=internal-sftp with a shell session (i.e. not a
-     subsystem session). Avoids stuck client when attempting to ssh to such a
-     service. ok dtucker@
-   - dtucker@cvs.openbsd.org 2009/11/20 00:15:41
-     [session.c]
-     Warn but do not fail if stat()ing the subsystem binary fails.  This helps
-     with chrootdirectory+forcecommand=sftp-server and restricted shells.
-     bz #1599, ok djm.
-   - djm@cvs.openbsd.org 2009/11/20 00:54:01
-     [sftp.c]
-     bz#1588 change "Connecting to host..." message to "Connected to host."
-     and delay it until after the sftp protocol connection has been established.
-     Avoids confusing sequence of messages when the underlying ssh connection
-     experiences problems. ok dtucker@
-   - dtucker@cvs.openbsd.org 2009/11/20 00:59:36
-     [sshconnect2.c]
-     Use the HostKeyAlias when prompting for passwords.  bz#1039, ok djm@
-   - djm@cvs.openbsd.org 2009/11/20 03:24:07
-     [misc.c]
-     correct off-by-one in percent_expand(): we would fatal() when trying
-     to expand EXPAND_MAX_KEYS, allowing only EXPAND_MAX_KEYS-1 to actually
-     work.  Note that nothing in OpenSSH actually uses close to this limit at
-     present.  bz#1607 from Jan.Pechanec AT Sun.COM
-   - halex@cvs.openbsd.org 2009/11/22 13:18:00
-     [sftp.c]
-     make passing of zero-length arguments to ssh safe by
-     passing "-<switch>" "<value>" rather than "-<switch><value>"
-     ok dtucker@, guenther@, djm@
-   - dtucker@cvs.openbsd.org 2009/12/06 23:41:15
-     [sshconnect2.c]
-     zap unused variable and strlen; from Steve McClellan, ok djm
-   - djm@cvs.openbsd.org 2009/12/06 23:53:45
-     [roaming_common.c]
-     use socklen_t for getsockopt optlen parameter; reported by
-     Steve.McClellan AT radisys.com, ok dtucker@
-   - dtucker@cvs.openbsd.org 2009/12/06 23:53:54
-     [sftp.c]
-     fix potential divide-by-zero in sftp's "df" output when talking to a server
-     that reports zero files on the filesystem (Unix filesystems always have at
-     least the root inode).  From Steve McClellan at radisys, ok djm@
-   - markus@cvs.openbsd.org 2009/12/11 18:16:33
-     [key.c]
-     switch from 35 to the more common value of RSA_F4 == (2**16)+1 == 65537
-     for the RSA public exponent; discussed with provos; ok djm@
-   - guenther@cvs.openbsd.org 2009/12/20 07:28:36
-     [ssh.c sftp.c scp.c]
-     When passing user-controlled options with arguments to other programs,
-     pass the option and option argument as separate argv entries and
-     not smashed into one (e.g., as -l foo and not -lfoo).  Also, always
-     pass a "--" argument to stop option parsing, so that a positional
-     argument that starts with a '-' isn't treated as an option.  This
-     fixes some error cases as well as the handling of hostnames and
-     filenames that start with a '-'.
-     Based on a diff by halex@
-     ok halex@ djm@ deraadt@
-   - djm@cvs.openbsd.org 2009/12/20 23:20:40
-     [PROTOCOL]
-     fix an incorrect magic number and typo in PROTOCOL; bz#1688
-     report and fix from ueno AT unixuser.org
-   - stevesk@cvs.openbsd.org 2009/12/25 19:40:21
-     [readconf.c servconf.c misc.h ssh-keyscan.c misc.c]
-     validate routing domain is in range 0-RT_TABLEID_MAX.
-     'Looks right' deraadt@
-   - stevesk@cvs.openbsd.org 2009/12/29 16:38:41
-     [sshd_config.5 readconf.c ssh_config.5 scp.1 servconf.c sftp.1 ssh.1]
-     Rename RDomain config option to RoutingDomain to be more clear and
-     consistent with other options.
-     NOTE: if you currently use RDomain in the ssh client or server config,
-     or ssh/sshd -o, you must update to use RoutingDomain.
-     ok markus@ djm@
-   - jmc@cvs.openbsd.org 2009/12/29 18:03:32
-     [sshd_config.5 ssh_config.5]
-     sort previous;
-   - dtucker@cvs.openbsd.org 2010/01/04 01:45:30
-     [sshconnect2.c]
-     Don't escape backslashes in the SSH2 banner.  bz#1533, patch from
-     Michal Gorny via Gentoo.
-   - djm@cvs.openbsd.org 2010/01/04 02:03:57
-     [sftp.c]
-     Implement tab-completion of commands, local and remote filenames for sftp.
-     Hacked on and off for some time by myself, mouring, Carlos Silva (via 2009
-     Google Summer of Code) and polished to a fine sheen by myself again.
-     It should deal more-or-less correctly with the ikky corner-cases presented
-     by quoted filenames, but the UI could still be slightly improved.
-     In particular, it is quite slow for remote completion on large directories.
-     bz#200; ok markus@
-   - djm@cvs.openbsd.org 2010/01/04 02:25:15
-     [sftp-server.c]
-     bz#1566 don't unnecessarily dup() in and out fds for sftp-server;
-     ok markus@
-   - dtucker@cvs.openbsd.org 2010/01/08 21:50:49
-     [sftp.c]
-     Fix two warnings: possibly used unitialized and use a nul byte instead of
-     NULL pointer.  ok djm@
- - (dtucker) [Makefile.in added roaming_client.c roaming_serv.c] Import new
-   files for roaming and add to Makefile.
- - (dtucker) [Makefile.in] .c files do not belong in the OBJ lines.
- - (dtucker) [sftp.c] ifdef out the sftp completion bits for platforms that
-   don't have libedit.
- - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] Make
-   RoutingDomain an unsupported option on platforms that don't have it.
- - (dtucker) [sftp.c] Expand ifdef for libedit to cover complete_is_remote
-   too.
- - (dtucker) [misc.c] Move the routingdomain ifdef to allow the socket to
-   be created.
- - (dtucker] [misc.c] Shrink the area covered by USE_ROUTINGDOMAIN more
-   to eliminate an unused variable warning.
- - (dtucker) [roaming_serv.c] Include includes.h for u_intXX_t types.
-
-20091226
- - (tim) [contrib/cygwin/Makefile] Install ssh-copy-id and ssh-copy-id.1
-   Gzip all man pages. Patch from Corinna Vinschen.
-
-20091221
- - (dtucker) [auth-krb5.c platform.{c,h} openbsd-compat/port-aix.{c,h}]
-   Bug #1583: Use system's kerberos principal name on AIX if it's available.
-   Based on a patch from and tested by Miguel Sanders 
-
-20091208
- - (dtucker) Bug #1470: Disable OOM-killing of the listening sshd on Linux,
-   based on a patch from Vaclav Ovsik and Colin Watson.  ok djm.
-
-20091207
- - (dtucker) Bug #1160: use pkg-config for opensc config if it's available.
-   Tested by Martin Paljak.
- - (dtucker) Bug #1677: add conditionals around the source for ssh-askpass.
-
-20091121
- - (tim) [opensshd.init.in] If PidFile is set in sshd_config, use it.
-   Bug 1628. OK dtucker@
-
-20091120
- - (djm) [ssh-rand-helper.c] Print error and usage() when passed command-
-   line arguments as none are supported. Exit when passed unrecognised
-   commandline flags. bz#1568 from gson AT araneus.fi
-
-20091118
- - (djm) [channels.c misc.c misc.h sshd.c] add missing setsockopt() to
-   set IPV6_V6ONLY for local forwarding with GatwayPorts=yes. Unify
-   setting IPV6_V6ONLY behind a new function misc.c:sock_set_v6only()
-   bz#1648, report and fix from jan.kratochvil AT redhat.com
- - (djm) [contrib/gnome-ssh-askpass2.c] Make askpass dialog desktop-modal.
-   bz#1645, patch from jchadima AT redhat.com
-
-20091107
- - (dtucker) [authfile.c] Fall back to 3DES for the encryption of private
-    keys when built with OpenSSL versions that don't do AES.
-
-20091105
- - (dtucker) [authfile.c] Add OpenSSL compat header so this still builds with
-   older versions of OpenSSL.
-
-20091024
- - (dtucker) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2009/10/11 23:03:15
-     [hostfile.c]
-     mention the host name that we are looking for in check_host_in_hostfile()
-   - sobrado@cvs.openbsd.org 2009/10/17 12:10:39
-     [sftp-server.c]
-     sort flags.
-   - sobrado@cvs.openbsd.org 2009/10/22 12:35:53
-     [ssh.1 ssh-agent.1 ssh-add.1]
-     use the UNIX-related macros (.At and .Ux) where appropriate.
-     ok jmc@
-   - sobrado@cvs.openbsd.org 2009/10/22 15:02:12
-     [ssh-agent.1 ssh-add.1 ssh.1]
-     write UNIX-domain in a more consistent way; while here, replace a
-     few remaining ".Tn UNIX" macros with ".Ux" ones.
-     pointed out by ratchov@, thanks!
-     ok jmc@
-   - djm@cvs.openbsd.org 2009/10/22 22:26:13
-     [authfile.c]
-     switch from 3DES to AES-128 for encryption of passphrase-protected
-     SSH protocol 2 private keys; ok several
-   - djm@cvs.openbsd.org 2009/10/23 01:57:11
-     [sshconnect2.c]
-     disallow a hostile server from checking jpake auth by sending an
-     out-of-sequence success message. (doesn't affect code enabled by default)
-   - dtucker@cvs.openbsd.org 2009/10/24 00:48:34
-     [ssh-keygen.1]
-     ssh-keygen now uses AES-128 for private keys
- - (dtucker) [mdoc2man.awk] Teach it to understand the .Ux macro.
- - (dtucker) [session.c openbsd-compat/port-linux.{c,h}] Bug #1637: if selinux
-   is enabled set the security context to "sftpd_t" before running the
-   internal sftp server   Based on a patch from jchadima at redhat.
-
-20091011
- - (dtucker) [configure.ac sftp-client.c] Remove the gyrations required for
-   dirent d_type and DTTOIF as we've switched OpenBSD to the more portable
-   lstat.
- - (dtucker) OpenBSD CVS Sync
-   - markus@cvs.openbsd.org 2009/10/08 14:03:41
-     [sshd_config readconf.c ssh_config.5 servconf.c sshd_config.5]
-     disable protocol 1 by default (after a transition period of about 10 years)
-     ok deraadt
-   - jmc@cvs.openbsd.org 2009/10/08 20:42:12
-     [sshd_config.5 ssh_config.5 sshd.8 ssh.1]
-     some tweaks now that protocol 1 is not offered by default; ok markus
-   - dtucker@cvs.openbsd.org 2009/10/11 10:41:26
-     [sftp-client.c]
-     d_type isn't portable so use lstat to get dirent modes.  Suggested by and
-     "looks sane" deraadt@
-   - markus@cvs.openbsd.org 2009/10/08 18:04:27
-     [regress/test-exec.sh]
-     re-enable protocol v1 for the tests.
-
-20091007
- - (dtucker) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2009/08/12 00:13:00
-     [sftp.c sftp.1]
-     support most of scp(1)'s commandline arguments in sftp(1), as a first
-     step towards making sftp(1) a drop-in replacement for scp(1).
-     One conflicting option (-P) has not been changed, pending further
-     discussion.
-     Patch from carlosvsilvapt@gmail.com as part of his work in the
-     Google Summer of Code
-  - jmc@cvs.openbsd.org 2009/08/12 06:31:42
-     [sftp.1]
-     sort options;
-   - djm@cvs.openbsd.org 2009/08/13 01:11:19
-     [sftp.1 sftp.c]
-     Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
-     add "-P port" to match scp(1). Fortunately, the -P option is only really
-     used by our regression scripts.
-     part of larger patch from carlosvsilvapt@gmail.com for his Google Summer
-     of Code work; ok deraadt markus
-   - jmc@cvs.openbsd.org 2009/08/13 13:39:54
-     [sftp.1 sftp.c]
-     sync synopsis and usage();
-   - djm@cvs.openbsd.org 2009/08/14 18:17:49
-     [sftp-client.c]
-     make the "get_handle: ..." error messages vaguely useful by allowing
-     callers to specify their own error message strings.
-   - fgsch@cvs.openbsd.org 2009/08/15 18:56:34
-     [auth.h]
-     remove unused define. markus@ ok.
-     (Id sync only, Portable still uses this.)
-   - dtucker@cvs.openbsd.org 2009/08/16 23:29:26
-     [sshd_config.5]
-     Add PubkeyAuthentication to the list allowed in a Match block (bz #1577)
-   - djm@cvs.openbsd.org 2009/08/18 18:36:21
-     [sftp-client.h sftp.1 sftp-client.c sftp.c]
-     recursive transfer support for get/put and on the commandline
-     work mostly by carlosvsilvapt@gmail.com for the Google Summer of Code
-     with some tweaks by me; "go for it" deraadt@
-  - djm@cvs.openbsd.org 2009/08/18 21:15:59
-     [sftp.1]
-     fix "get" command usage, spotted by jmc@
-   - jmc@cvs.openbsd.org 2009/08/19 04:56:03
-     [sftp.1]
-     ether -> either;
-   - dtucker@cvs.openbsd.org 2009/08/20 23:54:28
-     [mux.c]
-     subsystem_flag is defined in ssh.c so it's extern; ok djm
-   - djm@cvs.openbsd.org 2009/08/27 17:28:52
-     [sftp-server.c]
-     allow setting an explicit umask on the commandline to override whatever
-     default the user has. bz#1229; ok dtucker@ deraadt@ markus@
-   - djm@cvs.openbsd.org 2009/08/27 17:33:49
-     [ssh-keygen.c]
-     force use of correct hash function for random-art signature display
-     as it was inheriting the wrong one when bubblebabble signatures were
-     activated; bz#1611 report and patch from fwojcik+openssh AT besh.com;
-     ok markus@
-   - djm@cvs.openbsd.org 2009/08/27 17:43:00
-     [sftp-server.8]
-     allow setting an explicit umask on the commandline to override whatever
-     default the user has. bz#1229; ok dtucker@ deraadt@ markus@
-   - djm@cvs.openbsd.org 2009/08/27 17:44:52
-     [authfd.c ssh-add.c authfd.h]
-     Do not fall back to adding keys without contraints (ssh-add -c / -t ...)
-     when the agent refuses the constrained add request. This was a useful
-     migration measure back in 2002 when constraints were new, but just
-     adds risk now.
-     bz #1612, report and patch from dkg AT fifthhorseman.net; ok markus@
-   - djm@cvs.openbsd.org 2009/08/31 20:56:02
-     [sftp-server.c]
-     check correct variable for error message, spotted by martynas@
-   - djm@cvs.openbsd.org 2009/08/31 21:01:29
-     [sftp-server.8]
-     document -e and -h; prodded by jmc@
-   - djm@cvs.openbsd.org 2009/09/01 14:43:17
-     [ssh-agent.c]
-     fix a race condition in ssh-agent that could result in a wedged or
-     spinning agent: don't read off the end of the allocated fd_sets, and
-     don't issue blocking read/write on agent sockets - just fall back to
-     select() on retriable read/write errors. bz#1633 reported and tested
-     by "noodle10000 AT googlemail.com"; ok dtucker@ markus@
-   - grunk@cvs.openbsd.org 2009/10/01 11:37:33
-     [dh.c]
-     fix a cast
-     ok djm@ markus@
-   - djm@cvs.openbsd.org 2009/10/06 04:46:40
-     [session.c]
-     bz#1596: fflush(NULL) before exec() to ensure that everying (motd
-     in particular) has made it out before the streams go away.
-   - djm@cvs.openbsd.org 2008/12/07 22:17:48
-     [regress/addrmatch.sh]
-     match string "passwordauthentication" only at start of line, not anywhere
-     in sshd -T output
-   - dtucker@cvs.openbsd.org 2009/05/05 07:51:36
-     [regress/multiplex.sh]
-     Always specify ssh_config for multiplex tests: prevents breakage caused
-     by options in ~/.ssh/config.  From Dan Peterson.
-   - djm@cvs.openbsd.org 2009/08/13 00:57:17
-     [regress/Makefile]
-     regression test for port number parsing. written as part of the a2port
-     change that went into 5.2 but I forgot to commit it at the time...
-   - djm@cvs.openbsd.org 2009/08/13 01:11:55
-     [regress/sftp-batch.sh regress/sftp-badcmds.sh regress/sftp.sh
-     regress/sftp-cmds.sh regres/sftp-glob.sh]
-     date: 2009/08/13 01:11:19;  author: djm;  state: Exp;  lines: +10 -7
-     Swizzle options: "-P sftp_server_path" moves to "-D sftp_server_path",
-     add "-P port" to match scp(1). Fortunately, the -P option is only really
-     used by our regression scripts.
-     part of larger patch from carlosvsilvapt@gmail.com for his Google Summer
-     of Code work; ok deraadt markus
-   - djm@cvs.openbsd.org 2009/08/20 18:43:07
-     [regress/ssh-com-sftp.sh]
-     fix one sftp -D ... => sftp -P ... conversion that I missed; from Carlos
-     Silva for Google Summer of Code
-   - dtucker@cvs.openbsd.org 2009/10/06 23:51:49
-     [regress/ssh2putty.sh]
-     Add OpenBSD tag to make syncs easier
- - (dtucker) [regress/portnum.sh] Import new test.
- - (dtucker) [configure.ac sftp-client.c] DTOTIF is in fs/ffs/dir.h on at
-   least dragonflybsd.
- - (dtucker) d_type is not mandated by POSIX, so add fallback code using
-    stat(), needed on at least cygwin.
-
-20091002
- - (djm) [Makefile.in] Mention readconf.o in ssh-keysign's make deps.
-   spotted by des AT des.no
-
-20090926
- - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-         [contrib/suse/openssh.spec] Update for release
- - (djm) [README] update relnotes URL
- - (djm) [packet.c] Restore EWOULDBLOCK handling that got lost somewhere
- - (djm) Release 5.3p1
-
-20090911
- - (dtucker) [configure.ac] Change the -lresolv check so it works on Mac OS X
-   10.6 (which doesn't have BIND8_COMPAT and thus uses res_9_query).  Patch
-   from jbasney at ncsa uiuc edu.
-
-20090908
- - (djm) [serverloop.c] Fix test for server-assigned remote forwarding port
-   (-R 0:...); bz#1578, spotted and fix by gavin AT emf.net; ok dtucker@
-
-20090901
- - (dtucker) [configure.ac] Bug #1639: use AC_PATH_PROG to search the path for
-   krb5-config if it's not in the location specified by --with-kerberos5.
-   Patch from jchadima at redhat.
-
-20090829
- - (dtucker) [README.platform] Add text about development packages, based on
-   text from Chris Pepper in bug #1631.
-
-20090828
- - dtucker [auth-sia.c] Roll back the change for bug #1241 as it apparently
-   causes problems in some Tru64 configurations.
- - (djm) [sshd_config.5] downgrade mention of login.conf to be an example
-   and mention PAM as another provider for ChallengeResponseAuthentication;
-   bz#1408; ok dtucker@
- - (djm) [sftp-server.c] bz#1535: accept ENOSYS as a fallback error when
-   attempting atomic rename(); ok dtucker@
- - (djm) [Makefile.in] bz#1505: Solaris make(1) doesn't accept make variables
-   in argv, so pass them in the environment; ok dtucker@
- - (dtucker) [channels.c configure.ac] Bug #1528: skip the tcgetattr call on
-    the pty master on Solaris, since it never succeeds and can hang if large
-    amounts of data is sent to the slave (eg a copy-paste).  Based on a patch
-    originally from Doke Scott, ok djm@
- - (dtucker) [clientloop.c configure.ac defines.h] Make the client's IO buffer
-   size a compile-time option and set it to 64k on Cygwin, since Corinna
-   reports that it makes a significant difference to performance.  ok djm@
- - (dtucker) [configure.ac] Fix the syntax of the Solaris tcgetattr entry.
-
-20090820
- - (dtucker) [includes.h] Bug #1634: do not include system glob.h if we're not
-   using it since the type conflicts can cause problems on FreeBSD.  Patch
-   from Jonathan Chen.
- - (dtucker) [session.c openbsd-compat/port-aix.h] Bugs #1249 and #1567: move
-   the setpcred call on AIX to immediately before the permanently_set_uid().
-   Ensures that we still have privileges when we call chroot and
-   pam_open_sesson.  Based on a patch from David Leonard.
-
-20090817
- - (dtucker) [configure.ac] Check for headers before libraries for openssl an
-   zlib, which should make the errors slightly more meaningful on platforms
-   where there's separate "-devel" packages for those.
- - (dtucker) [sshlogin.c openbsd-compat/port-aix.{c,h}] Bug #1595: make
-   PrintLastLog work on AIX.  Based in part on a patch from Miguel Sanders.
-
-20090729
- - (tim) [contrib/cygwin/ssh-user-config] Change script to call correct error
-   function. Patch from Corinna Vinschen.
-
-20090713
- - (dtucker) [openbsd-compat/getrrsetbyname.c] Reduce answer buffer size so it
-   fits into 16 bits to work around a bug in glibc's resolver where it masks
-   off the buffer size at 16 bits.  Patch from Hauke Lampe, ok djm jakob.
-
-20090712
- - (dtucker) [configure.ac] Include sys/param.h for the sys/mount.h test,
-   prevents configure complaining on older BSDs.
- - (dtucker [contrib/cygwin/ssh-{host,user}-config] Add license text. Patch
-   from Corinna Vinschen.
- - (dtucker) [auth-pam.c] Bug #1534: move the deletion of PAM credentials on
-   logout to after the session close.  Patch from Anicka Bernathova,
-   originally from Andreas Schwab via Novelll ok djm.
-
-20090707
- - (dtucker) [contrib/cygwin/ssh-host-config] better support for automated
-   scripts and fix usage of eval.  Patch from Corinna Vinschen.
-
-20090705
- - (dtucker) OpenBSD CVS Sync
-   - andreas@cvs.openbsd.org 2009/06/27 09:29:06
-     [packet.h packet.c]
-     packet_bacup_state() and packet_restore_state() will be used to
-     temporarily save the current state ren resuming a suspended connection.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/06/27 09:32:43
-     [roaming_common.c roaming.h]
-     It may be necessary to retransmit some data when resuming, so add it
-     to a buffer when roaming is enabled.
-     Most of this code was written by Martin Forssen, maf at appgate dot com.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/06/27 09:35:06
-     [readconf.h readconf.c]
-     Add client option UseRoaming. It doesn't do anything yet but will
-     control whether the client tries to use roaming if enabled on the
-     server. From Martin Forssen.
-     ok markus@
-   - markus@cvs.openbsd.org 2009/06/30 14:54:40
-     [version.h]
-     crank version; ok deraadt
-   - dtucker@cvs.openbsd.org 2009/07/02 02:11:47
-     [ssh.c]
-     allow for long home dir paths (bz #1615).  ok deraadt
-     (based in part on a patch from jchadima at redhat)
-   - stevesk@cvs.openbsd.org 2009/07/05 19:28:33
-     [clientloop.c]
-     only send SSH2_MSG_DISCONNECT if we're in compat20; from dtucker@
-     ok deraadt@ markus@
-
-20090622
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2009/06/22 05:39:28
-     [monitor_wrap.c monitor_mm.c ssh-keygen.c auth2.c gss-genr.c sftp-client.c]
-     alphabetize includes; reduces diff vs portable and style(9).
-     ok stevesk djm
-     (Id sync only; these were already in order in -portable)
-
-20090621
- - (dtucker) OpenBSD CVS Sync
-   - markus@cvs.openbsd.org 2009/03/17 21:37:00
-     [ssh.c]
-     pass correct argv[0] to openlog(); ok djm@
-  - jmc@cvs.openbsd.org 2009/03/19 15:15:09
-     [ssh.1]
-     for "Ciphers", just point the reader to the keyword in ssh_config(5), just
-     as we do for "MACs": this stops us getting out of sync when the lists
-     change;
-     fixes documentation/6102, submitted by Peter J. Philipp
-     alternative fix proposed by djm
-     ok markus
-   - tobias@cvs.openbsd.org 2009/03/23 08:31:19
-     [ssh-agent.c]
-     Fixed a possible out-of-bounds memory access if the environment variable
-     SHELL is shorter than 3 characters.
-     with input by and ok dtucker
-   - tobias@cvs.openbsd.org 2009/03/23 19:38:04
-     [ssh-agent.c]
-     My previous commit didn't fix the problem at all, so stick at my first
-     version of the fix presented to dtucker.
-     Issue notified by Matthias Barkhoff (matthias dot barkhoff at gmx dot de).
-     ok dtucker
-   - sobrado@cvs.openbsd.org 2009/03/26 08:38:39
-     [sftp-server.8 sshd.8 ssh-agent.1]
-     fix a few typographical errors found by spell(1).
-     ok dtucker@, jmc@
-   - stevesk@cvs.openbsd.org 2009/04/13 19:07:44
-     [sshd_config.5]
-     fix possessive; ok djm@
-   - stevesk@cvs.openbsd.org 2009/04/14 16:33:42
-     [sftp-server.c]
-     remove unused option character from getopt() optstring; ok markus@
-   - jj@cvs.openbsd.org 2009/04/14 21:10:54
-     [servconf.c]
-     Fixed a few the-the misspellings in comments. Skipped a bunch in
-     binutils,gcc and so on. ok jmc@
-   - stevesk@cvs.openbsd.org 2009/04/17 19:23:06
-     [session.c]
-     use INTERNAL_SFTP_NAME for setproctitle() of in-process sftp-server;
-     ok djm@ markus@
-   - stevesk@cvs.openbsd.org 2009/04/17 19:40:17
-     [sshd_config.5]
-     clarify that even internal-sftp needs /dev/log for logging to work; ok
-     markus@
-   - jmc@cvs.openbsd.org 2009/04/18 18:39:10
-     [sshd_config.5]
-     tweak previous; ok stevesk
-   - stevesk@cvs.openbsd.org 2009/04/21 15:13:17
-     [sshd_config.5]
-     clarify we cd to user's home after chroot; ok markus@ on
-     earlier version; tweaks and ok jmc@
-   - andreas@cvs.openbsd.org 2009/05/25 06:48:01
-     [channels.c packet.c clientloop.c packet.h serverloop.c monitor_wrap.c
-     monitor.c]
-     Put the globals in packet.c into a struct and don't access it directly
-     from other files. No functional changes.
-     ok markus@ djm@
-   - andreas@cvs.openbsd.org 2009/05/27 06:31:25
-     [canohost.h canohost.c]
-     Add clear_cached_addr(), needed for upcoming changes allowing the peer
-     address to change.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/05/27 06:33:39
-     [clientloop.c]
-     Send SSH2_MSG_DISCONNECT when the client disconnects. From a larger
-     change from Martin Forssen, maf at appgate dot com.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/05/27 06:34:36
-     [kex.c kex.h]
-     Move the KEX_COOKIE_LEN define to kex.h
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/05/27 06:36:07
-     [packet.h packet.c]
-     Add packet_put_int64() and packet_get_int64(), part of a larger change
-     from Martin Forssen.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/05/27 06:38:16
-     [sshconnect.h sshconnect.c]
-     Un-static ssh_exchange_identification(), part of a larger change from
-     Martin Forssen and needed for upcoming changes.
-     ok markus@
-   - andreas@cvs.openbsd.org 2009/05/28 16:50:16
-     [sshd.c packet.c serverloop.c monitor_wrap.c clientloop.c sshconnect.c
-     monitor.c Added roaming.h roaming_common.c roaming_dummy.c]
-     Keep track of number of bytes read and written. Needed for upcoming
-     changes. Most code from Martin Forssen, maf at appgate dot com.
-     ok markus@
-     Also, applied appropriate changes to Makefile.in
-   - andreas@cvs.openbsd.org 2009/06/12 20:43:22
-     [monitor.c packet.c]
-     Fix warnings found by chl@ and djm@ and change roaming_atomicio's
-     return type to match atomicio's
-     Diff from djm@, ok markus@
-   - andreas@cvs.openbsd.org 2009/06/12 20:58:32
-     [packet.c]
-     Move some more statics into session_state
-     ok markus@ djm@
-   - dtucker@cvs.openbsd.org 2009/06/21 07:37:15
-     [kexdhs.c kexgexs.c]
-     abort if key_sign fails, preventing possible null deref.  Based on report
-     from Paolo Ganci, ok markus@ djm@
-   - dtucker@cvs.openbsd.org 2009/06/21 09:04:03
-     [roaming.h roaming_common.c roaming_dummy.c]
-     Add  tags for the benefit of the sync scripts
-     Also: pull in the changes for 1.1->1.2 missed in the previous sync.
- - (dtucker) [auth2-jpake.c auth2.c canohost.h session.c] Whitespace and
-   header-order changes to reduce diff vs OpenBSD.
- - (dtucker) [servconf.c sshd.c] More whitespace sync.
- - (dtucker) [roaming_common.c roaming_dummy.c] Wrap #include <inttypes.h> in
-   ifdef.
-
-20090616
- - (dtucker) [configure.ac defines.h] Bug #1607: handle the case where fsid_t
-   is a struct with a __val member.  Fixes build on, eg, Redhat 6.2.
-
-20090504
- - (dtucker) [sshlogin.c] Move the NO_SSH_LASTLOG #ifndef line to include
-   variable declarations.  Should prevent unused warnings anywhere it's set
-   (only Crays as far as I can tell) and be a no-op everywhere else.
-
-20090318
- - (tim) [configure.ac] Remove setting IP_TOS_IS_BROKEN for Cygwin. The problem
-   that setsockopt(IP_TOS) doesn't work on Cygwin has been fixed since 2005.
-   Based on patch from vinschen at redhat com.
-
-20090308
- - (dtucker) [auth-passwd.c auth1.c auth2-kbdint.c auth2-none.c auth2-passwd.c
-   auth2-pubkey.c session.c openbsd-compat/bsd-cygwin_util.{c,h}
-   openbsd-compat/daemon.c] Remove support for Windows 95/98/ME and very old
-   version of Cygwin.  Patch from vinschen at redhat com.
-
-20090307
- - (dtucker) [contrib/aix/buildbff.sh] Only try to rename ssh_prng_cmds if it
-   exists (it's not created if OpenSSL's PRNG is self-seeded, eg if the OS
-   has a /dev/random).
- - (dtucker) [schnorr.c openbsd-compat/openssl-compat.{c,h}] Add
-   EVP_DigestUpdate to the OLD_EVP compatibility functions and tell schnorr.c
-   to use them.  Allows building with older OpenSSL versions.
- - (dtucker) [configure.ac defines.h] Check for in_port_t and typedef if needed.
- - (dtucker) [configure.ac] Missing comma in type list.
- - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}]
-   EVP_DigestUpdate does not exactly match the other OLD_EVP functions (eg
-   in openssl 0.9.6) so add an explicit test for it.
-
-20090306
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2009/03/05 07:18:19
-     [auth2-jpake.c jpake.c jpake.h monitor_wrap.c monitor_wrap.h schnorr.c]
-     [sshconnect2.c]
-     refactor the (disabled) Schnorr proof code to make it a little more
-     generally useful
-   - djm@cvs.openbsd.org 2009/03/05 11:30:50
-     [uuencode.c]
-     document what these functions do so I don't ever have to recuse into
-     b64_pton/ntop to remember their return values
-
-20090223
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2009/02/22 23:50:57
-     [ssh_config.5 sshd_config.5]
-     don't advertise experimental options
-   - djm@cvs.openbsd.org 2009/02/22 23:59:25
-     [sshd_config.5]
-     missing period
-   - djm@cvs.openbsd.org 2009/02/23 00:06:15
-     [version.h]
-     openssh-5.2
- - (djm) [README] update for 5.2
- - (djm) Release openssh-5.2p1
-
-20090222
- - (djm) OpenBSD CVS Sync
-   - tobias@cvs.openbsd.org 2009/02/21 19:32:04
-     [misc.c sftp-server-main.c ssh-keygen.c]
-     Added missing newlines in error messages.
-     ok dtucker
-
-20090221
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2009/02/17 01:28:32
-     [ssh_config]
-     sync with revised default ciphers; pointed out by dkrause@
-   - djm@cvs.openbsd.org 2009/02/18 04:31:21
-     [schnorr.c]
-     signature should hash over the entire group, not just the generator
-     (this is still disabled code)
- - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   [contrib/suse/openssh.spec] Prepare for 5.2p1
-
-20090216
- - (djm) [regress/conch-ciphers.sh regress/putty-ciphers.sh]
-   [regress/putty-kex.sh regress/putty-transfer.sh] Downgrade disabled
-   interop tests from FATAL error to a warning. Allows some interop
-   tests to proceed if others are missing necessary prerequisites.
- - (djm) [configure.ac] support GNU/kFreeBSD and GNU/kOpensolaris
-   systems; patch from Aurelien Jarno via rmh AT aybabtu.com
-
-20090214
- - (djm) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2009/02/02 11:15:14
-     [sftp.c]
-     Initialize a few variables to prevent spurious "may be used
-     uninitialized" warnings from newer gcc's.  ok djm@
-   - djm@cvs.openbsd.org 2009/02/12 03:00:56
-     [canohost.c canohost.h channels.c channels.h clientloop.c readconf.c]
-     [readconf.h serverloop.c ssh.c]
-     support remote port forwarding with a zero listen port (-R0:...) to
-     dyamically allocate a listen port at runtime (this is actually
-     specified in rfc4254); bz#1003 ok markus@
-   - djm@cvs.openbsd.org 2009/02/12 03:16:01
-     [serverloop.c]
-     tighten check for -R0:... forwarding: only allow dynamic allocation
-     if want_reply is set in the packet
-   - djm@cvs.openbsd.org 2009/02/12 03:26:22
-     [monitor.c]
-     some paranoia: check that the serialised key is really KEY_RSA before
-     diddling its internals
-   - djm@cvs.openbsd.org 2009/02/12 03:42:09
-     [ssh.1]
-     document -R0:... usage
-   - djm@cvs.openbsd.org 2009/02/12 03:44:25
-     [ssh.1]
-     consistency: Dq => Ql
-   - djm@cvs.openbsd.org 2009/02/12 03:46:17
-     [ssh_config.5]
-     document RemoteForward usage with 0 listen port
-   - jmc@cvs.openbsd.org 2009/02/12 07:34:20
-     [ssh_config.5]
-     kill trailing whitespace;
-   - markus@cvs.openbsd.org 2009/02/13 11:50:21
-     [packet.c]
-     check for enc !=NULL in packet_start_discard
-   - djm@cvs.openbsd.org 2009/02/14 06:35:49
-     [PROTOCOL]
-     mention that eow and no-more-sessions extensions are sent only to
-     OpenSSH peers
-
-20090212
- - (djm) [sshpty.c] bz#1419: OSX uses cloning ptys that automagically
-   set ownership and modes, so avoid explicitly setting them
- - (djm) [configure.ac loginrec.c] bz#1421: fix lastlog support for OSX.
-   OSX provides a getlastlogxbyname function that automates the reading of
-   a lastlog file. Also, the pututxline function will update lastlog so
-   there is no need for loginrec.c to do it explicitly. Collapse some
-   overly verbose code while I'm in there.
-
-20090201
- - (dtucker) [defines.h sshconnect.c] INET6_ADDRSTRLEN is now needed in
-   channels.c too, so move the definition for non-IP6 platforms to defines.h
-   where it can be shared.
-
-20090129
- - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
-   If the CYGWIN environment variable is empty, the installer script
-   should not install the service with an empty CYGWIN variable, but
-   rather without setting CYGWNI entirely.
- - (tim) [contrib/cygwin/ssh-host-config] Whitespace cleanup. No code changes.
-
-20090128
- - (tim) [contrib/cygwin/ssh-host-config] Patch from Corinna Vinschen.
-   Changes to work on Cygwin 1.5.x as well as on the new Cygwin 1.7.x.
-   The information given for the setting of the CYGWIN environment variable
-   is wrong for both releases so I just removed it, together with the
-   unnecessary (Cygwin 1.5.x) or wrong (Cygwin 1.7.x) default setting.
-
-20081228
- - (djm) OpenBSD CVS Sync
-   - stevesk@cvs.openbsd.org 2008/12/09 03:20:42
-     [channels.c servconf.c]
-     channel_print_adm_permitted_opens() should deal with all the printing
-     for that config option.  suggested by markus@; ok markus@ djm@
-     dtucker@
-   - djm@cvs.openbsd.org 2008/12/09 04:32:22
-     [auth2-chall.c]
-     replace by-hand string building with xasprinf(); ok deraadt@
-   - sobrado@cvs.openbsd.org 2008/12/09 15:35:00
-     [sftp.1 sftp.c]
-     update for the synopses displayed by the 'help' command, there are a
-     few missing flags; add 'bye' to the output of 'help'; sorting and spacing.
-     jmc@ suggested replacing .Oo/.Oc with a single .Op macro.
-     ok jmc@
-   - stevesk@cvs.openbsd.org 2008/12/09 22:37:33
-     [clientloop.c]
-     fix typo in error message
-   - stevesk@cvs.openbsd.org 2008/12/10 03:55:20
-     [addrmatch.c]
-     o cannot be NULL here but use xfree() to be consistent; ok djm@
-   - stevesk@cvs.openbsd.org 2008/12/29 01:12:36
-     [ssh-keyscan.1]
-     fix example, default key type is rsa for 3+ years; from
-     frederic.perrin@resel.fr
-   - stevesk@cvs.openbsd.org 2008/12/29 02:23:26
-     [pathnames.h]
-     no need to escape single quotes in comments
-   - okan@cvs.openbsd.org 2008/12/30 00:46:56
-     [sshd_config.5]
-     add AllowAgentForwarding to available Match keywords list
-     ok djm
-   - djm@cvs.openbsd.org 2009/01/01 21:14:35
-     [channels.c]
-     call channel destroy callbacks on receipt of open failure messages.
-     fixes client hangs when connecting to a server that has MaxSessions=0
-     set spotted by imorgan AT nas.nasa.gov; ok markus@
-   - djm@cvs.openbsd.org 2009/01/01 21:17:36
-     [kexgexs.c]
-     fix hash calculation for KEXGEX: hash over the original client-supplied
-     values and not the sanity checked versions that we acutally use;
-     bz#1540 reported by john.smith AT arrows.demon.co.uk
-     ok markus@
-   - djm@cvs.openbsd.org 2009/01/14 01:38:06
-     [channels.c]
-     support SOCKS4A protocol, from dwmw2 AT infradead.org via bz#1482;
-     "looks ok" markus@
-   - stevesk@cvs.openbsd.org 2009/01/15 17:38:43
-     [readconf.c]
-     1) use obsolete instead of alias for consistency
-     2) oUserKnownHostsFile not obsolete but oGlobalKnownHostsFile2 is
-        so move the comment.
-     3) reorder so like options are together
-     ok djm@
-   - djm@cvs.openbsd.org 2009/01/22 09:46:01
-     [channels.c channels.h session.c]
-     make Channel->path an allocated string, saving a few bytes here and
-     there and fixing bz#1380 in the process; ok markus@
-   - djm@cvs.openbsd.org 2009/01/22 09:49:57
-     [channels.c]
-     oops! I committed the wrong version of the Channel->path diff,
-     it was missing some tweaks suggested by stevesk@
-   - djm@cvs.openbsd.org 2009/01/22 10:02:34
-     [clientloop.c misc.c readconf.c readconf.h servconf.c servconf.h]
-     [serverloop.c ssh-keyscan.c ssh.c sshd.c]
-     make a2port() return -1 when it encounters an invalid port number
-     rather than 0, which it will now treat as valid (needed for future work)
-     adjust current consumers of a2port() to check its return value is <= 0,
-     which in turn required some things to be converted from u_short => int
-     make use of int vs. u_short consistent in some other places too
-     feedback & ok markus@
-   - djm@cvs.openbsd.org 2009/01/22 10:09:16
-     [auth-options.c]
-     another chunk of a2port() diff that got away. wtfdjm??
-   - djm@cvs.openbsd.org 2009/01/23 07:58:11
-     [myproposal.h]
-     prefer CTR modes and revised arcfour (i.e w/ discard) modes to CBC
-     modes; ok markus@
-   - naddy@cvs.openbsd.org 2009/01/24 17:10:22
-     [ssh_config.5 sshd_config.5]
-     sync list of preferred ciphers; ok djm@
-   - markus@cvs.openbsd.org 2009/01/26 09:58:15
-     [cipher.c cipher.h packet.c]
-     Work around the CPNI-957037 Plaintext Recovery Attack by always
-     reading 256K of data on packet size or HMAC errors (in CBC mode only).
-     Help, feedback and ok djm@
-     Feedback from Martin Albrecht and Paterson Kenny
-
-20090107
- - (djm) [uidswap.c] bz#1412: Support >16 supplemental groups in OS X.
-   Patch based on one from vgiffin AT apple.com; ok dtucker@
- - (djm) [channels.c] bz#1419: support "on demand" X11 forwarding via
-   launchd on OS X; patch from vgiffin AT apple.com, slightly tweaked;
-   ok dtucker@
- - (djm) [contrib/ssh-copy-id.1 contrib/ssh-copy-id] bz#1492: Make
-   ssh-copy-id copy id_rsa.pub by default (instead of the legacy "identity"
-   key). Patch from cjwatson AT debian.org
-
-20090107
- - (tim) [configure.ac defines.h openbsd-compat/port-uw.c
-   openbsd-compat/xcrypt.c] Add SECUREWARE support to OpenServer 6 SVR5 ABI.
-   OK djm@ dtucker@
- - (tim) [configure.ac] Move check_for_libcrypt_later=1 in *-*-sysv5*) section.
-   OpenServer 6 doesn't need libcrypt.
-
-20081209
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/12/09 02:38:18
-     [clientloop.c]
-     The ~C escape handler does not work correctly for multiplexed sessions -
-     it opens a commandline on the master session, instead of on the slave
-     that requested it. Disable it on slave sessions until such time as it
-     is fixed; bz#1543 report from Adrian Bridgett via Colin Watson
-     ok markus@
-   - djm@cvs.openbsd.org 2008/12/09 02:39:59
-     [sftp.c]
-     Deal correctly with failures in remote stat() operation in sftp,
-     correcting fail-on-error behaviour in batchmode. bz#1541 report and
-     fix from anedvedicky AT gmail.com; ok markus@
-   - djm@cvs.openbsd.org 2008/12/09 02:58:16
-     [readconf.c]
-     don't leave junk (free'd) pointers around in Forward *fwd argument on
-     failure; avoids double-free in ~C -L handler when given an invalid
-     forwarding specification; bz#1539 report from adejong AT debian.org
-     via Colin Watson; ok markus@ dtucker@
-   - djm@cvs.openbsd.org 2008/12/09 03:02:37
-     [sftp.1 sftp.c]
-     correct sftp(1) and corresponding usage syntax;
-     bz#1518 patch from imorgan AT nas.nasa.gov; ok deraadt@ improved diff jmc@
-
-20081208
- - (djm) [configure.ac] bz#1538: better test for ProPolice/SSP: actually
-   use some stack in main().
-   Report and suggested fix from vapier AT gentoo.org
- - (djm) OpenBSD CVS Sync
-   - markus@cvs.openbsd.org 2008/12/02 19:01:07
-     [clientloop.c]
-     we have to use the recipient's channel number (RFC 4254) for
-     SSH2_MSG_CHANNEL_SUCCESS/SSH2_MSG_CHANNEL_FAILURE messages,
-     otherwise we trigger 'Non-public channel' error messages on sshd
-     systems with clientkeepalive enabled; noticed by sturm; ok djm;
-   - markus@cvs.openbsd.org 2008/12/02 19:08:59
-     [serverloop.c]
-     backout 1.149, since it's not necessary and openssh clients send
-     broken CHANNEL_FAILURE/SUCCESS messages since about 2004; ok djm@
-   - markus@cvs.openbsd.org 2008/12/02 19:09:38
-     [channels.c]
-     s/remote_id/id/ to be more consistent with other code; ok djm@
-
-20081201
- - (dtucker) [contrib/cygwin/{Makefile,ssh-host-config}]  Add new doc files
-   and tweak the is-sshd-running check in ssh-host-config.  Patch from
-   vinschen at redhat com.
- - (dtucker) OpenBSD CVS Sync
-   - markus@cvs.openbsd.org 2008/11/21 15:47:38
-     [packet.c]
-     packet_disconnect() on padding error, too.  should reduce the success
-     probability for the CPNI-957037 Plaintext Recovery Attack to 2^-18
-     ok djm@
-   - dtucker@cvs.openbsd.org 2008/11/30 11:59:26
-     [monitor_fdpass.c]
-     Retry sendmsg/recvmsg on EAGAIN and EINTR; ok djm@
-
-20081123
- - (dtucker) [monitor_fdpass.c] Reduce diff vs OpenBSD by moving some
-    declarations, removing an unnecessary union member and adding whitespace.
-    cmsgbuf.tmp thing spotted by des at des no, ok djm some time ago.
-
-20081118
- - (tim) [addrmatch.c configure.ac] Some platforms do not have sin6_scope_id
-   member of sockaddr_in6. Also reported in Bug 1491 by David Leonard. OK and
-   feedback by djm@
-
-20081111
- - (dtucker) OpenBSD CVS Sync
-   - jmc@cvs.openbsd.org 2008/11/05 11:22:54
-     [servconf.c]
-     passord -> password;
-     fixes user/5975 from Rene Maroufi
-   - stevesk@cvs.openbsd.org 2008/11/07 00:42:12
-     [ssh-keygen.c]
-     spelling/typo in comment
-   - stevesk@cvs.openbsd.org 2008/11/07 18:50:18
-     [nchan.c]
-     add space to some log/debug messages for readability; ok djm@ markus@
-   - dtucker@cvs.openbsd.org 2008/11/07 23:34:48
-     [auth2-jpake.c]
-     Move JPAKE define to make life easier for portable.  ok djm@
-   - tobias@cvs.openbsd.org 2008/11/09 12:34:47
-     [session.c ssh.1]
-     typo fixed (overriden -> overridden)
-     ok espie, jmc
-   - stevesk@cvs.openbsd.org 2008/11/11 02:58:09
-     [servconf.c]
-     USE_AFS not referenced so remove #ifdef.  fixes sshd -T not printing
-     kerberosgetafstoken. ok dtucker@
-     (Id sync only, we still want the ifdef in portable)
-   - stevesk@cvs.openbsd.org 2008/11/11 03:55:11
-     [channels.c]
-     for sshd -T print 'permitopen any' vs. 'permitopen' for case of no
-     permitopen's; ok and input dtucker@
-   - djm@cvs.openbsd.org 2008/11/10 02:06:35
-     [regress/putty-ciphers.sh]
-     PuTTY supports AES CTR modes, so interop test against them too
-
-20081105
- - OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/11/03 08:59:41
-     [servconf.c]
-     include MaxSessions in sshd -T output; patch from imorgan AT nas.nasa.gov
-   - djm@cvs.openbsd.org 2008/11/04 07:58:09
-     [auth.c]
-     need unistd.h for close() prototype
-     (ID sync only)
-   - djm@cvs.openbsd.org 2008/11/04 08:22:13
-     [auth.h auth2.c monitor.c monitor.h monitor_wrap.c monitor_wrap.h]
-     [readconf.c readconf.h servconf.c servconf.h ssh2.h ssh_config.5]
-     [sshconnect2.c sshd_config.5 jpake.c jpake.h schnorr.c auth2-jpake.c]
-     [Makefile.in]
-     Add support for an experimental zero-knowledge password authentication
-     method using the J-PAKE protocol described in F. Hao, P. Ryan,
-     "Password Authenticated Key Exchange by Juggling", 16th Workshop on
-     Security Protocols, Cambridge, April 2008.
-     
-     This method allows password-based authentication without exposing
-     the password to the server. Instead, the client and server exchange
-     cryptographic proofs to demonstrate of knowledge of the password while
-     revealing nothing useful to an attacker or compromised endpoint.
-     
-     This is experimental, work-in-progress code and is presently
-     compiled-time disabled (turn on -DJPAKE in Makefile.inc).
-     
-     "just commit it.  It isn't too intrusive." deraadt@
-   - stevesk@cvs.openbsd.org 2008/11/04 19:18:00
-     [readconf.c]
-     because parse_forward() is now used to parse all forward types (DLR),
-     and it malloc's space for host variables, we don't need to malloc
-     here.  fixes small memory leaks.
-     
-     previously dynamic forwards were not parsed in parse_forward() and
-     space was not malloc'd in that case.
-     
-     ok djm@
-   - stevesk@cvs.openbsd.org 2008/11/05 03:23:09
-     [clientloop.c ssh.1]
-     add dynamic forward escape command line; ok djm@
-
-20081103
- - OpenBSD CVS Sync
-   - sthen@cvs.openbsd.org 2008/07/24 23:55:30
-     [ssh-keygen.1]
-     Add "ssh-keygen -F -l" to synopsis (displays fingerprint from
-     known_hosts).  ok djm@
-   - grunk@cvs.openbsd.org 2008/07/25 06:56:35
-     [ssh_config]
-     Add VisualHostKey to example file, ok djm@
-   - grunk@cvs.openbsd.org 2008/07/25 07:05:16
-     [key.c]
-     In random art visualization, make sure to use the end marker only at the
-     end.  Initial diff by Dirk Loss, tweaks and ok djm@
-  - markus@cvs.openbsd.org 2008/07/31 14:48:28
-     [sshconnect2.c]
-     don't allocate space for empty banners; report t8m at centrum.cz;
-     ok deraadt
-   - krw@cvs.openbsd.org 2008/08/02 04:29:51
-     [ssh_config.5]
-     whitepsace -> whitespace. From Matthew Clarke via bugs@.
-   - djm@cvs.openbsd.org 2008/08/21 04:09:57
-     [session.c]
-     allow ForceCommand internal-sftp with arguments. based on patch from
-     michael.barabanov AT gmail.com; ok markus@
-   - djm@cvs.openbsd.org 2008/09/06 12:24:13
-     [kex.c]
-     OpenSSL 0.9.8h supplies a real EVP_sha256 so we do not need our
-     replacement anymore
-     (ID sync only for portable - we still need this)
-   - markus@cvs.openbsd.org 2008/09/11 14:22:37
-     [compat.c compat.h nchan.c ssh.c]
-     only send eow and no-more-sessions requests to openssh 5 and newer;
-     fixes interop problems with broken ssh v2 implementations; ok djm@
-   - millert@cvs.openbsd.org 2008/10/02 14:39:35
-     [session.c]
-     Convert an unchecked strdup to xstrdup.  OK deraadt@
-  - jmc@cvs.openbsd.org 2008/10/03 13:08:12
-     [sshd.8]
-     do not give an example of how to chmod files: we can presume the user
-     knows that. removes an ambiguity in the permission of authorized_keys;
-     ok deraadt
-   - deraadt@cvs.openbsd.org 2008/10/03 23:56:28
-     [sshconnect2.c]
-     Repair strnvis() buffersize of 4*n+1, with termination gauranteed by the
-     function.
-     spotted by des@freebsd, who commited an incorrect fix to the freebsd tree
-     and (as is fairly typical) did not report the problem to us.  But this fix
-     is correct.
-     ok djm
-   - djm@cvs.openbsd.org 2008/10/08 23:34:03
-     [ssh.1 ssh.c]
-     Add -y option to force logging via syslog rather than stderr.
-     Useful for daemonised ssh connection (ssh -f). Patch originally from
-     and ok'd by markus@
-   - djm@cvs.openbsd.org 2008/10/09 03:50:54
-     [servconf.c sshd_config.5]
-     support setting PermitEmptyPasswords in a Match block
-     requested in PR3891; ok dtucker@
-   - jmc@cvs.openbsd.org 2008/10/09 06:54:22
-     [ssh.c]
-     add -y to usage();
-   - stevesk@cvs.openbsd.org 2008/10/10 04:55:16
-     [scp.c]
-     spelling in comment; ok djm@
-   - stevesk@cvs.openbsd.org 2008/10/10 05:00:12
-     [key.c]
-     typo in error message; ok djm@
-   - stevesk@cvs.openbsd.org 2008/10/10 16:43:27
-     [ssh_config.5]
-     use 'Privileged ports can be forwarded only when logging in as root on
-     the remote machine.' for RemoteForward just like ssh.1 -R.
-     ok djm@ jmc@
-   - stevesk@cvs.openbsd.org 2008/10/14 18:11:33
-     [sshconnect.c]
-     use #define ROQUIET here; no binary change. ok dtucker@
-   - stevesk@cvs.openbsd.org 2008/10/17 18:36:24
-     [ssh_config.5]
-     correct and clarify VisualHostKey; ok jmc@
-   - stevesk@cvs.openbsd.org 2008/10/30 19:31:16
-     [clientloop.c sshd.c]
-     don't need to #include "monitor_fdpass.h"
-   - stevesk@cvs.openbsd.org 2008/10/31 15:05:34
-     [dispatch.c]
-     remove unused #define DISPATCH_MIN; ok markus@
-   - djm@cvs.openbsd.org 2008/11/01 04:50:08
-     [sshconnect2.c]
-     sprinkle ARGSUSED on dispatch handlers
-     nuke stale unusued prototype
-   - stevesk@cvs.openbsd.org 2008/11/01 06:43:33
-     [channels.c]
-     fix some typos in log messages; ok djm@
-   - sobrado@cvs.openbsd.org 2008/11/01 11:14:36
-     [ssh-keyscan.1 ssh-keyscan.c]
-     the ellipsis is not an optional argument; while here, improve spacing.
-   - stevesk@cvs.openbsd.org 2008/11/01 17:40:33
-     [clientloop.c readconf.c readconf.h ssh.c]
-     merge dynamic forward parsing into parse_forward();
-     'i think this is OK' djm@
-   - stevesk@cvs.openbsd.org 2008/11/02 00:16:16
-     [ttymodes.c]
-     protocol 2 tty modes support is now 7.5 years old so remove these
-     debug3()s; ok deraadt@
-   - stevesk@cvs.openbsd.org 2008/11/03 01:07:02
-     [readconf.c]
-     remove valueless comment
-   - stevesk@cvs.openbsd.org 2008/11/03 02:44:41
-     [readconf.c]
-     fix comment
- - (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd]
-   Make example scripts generate keys with default sizes rather than fixed,
-   non-default 1024 bits; patch from imorgan AT nas.nasa.gov
- - (djm) [contrib/sshd.pam.generic contrib/caldera/sshd.pam]
-   [contrib/redhat/sshd.pam] Move pam_nologin to account group from
-   incorrect auth group in example files;
-   patch from imorgan AT nas.nasa.gov
-
-20080906
- - (dtucker) [config.guess config.sub] Update to latest versions from
-   http://git.savannah.gnu.org/gitweb/ (2008-04-14 and 2008-06-16
-   respectively).
-
-20080830
- - (dtucker) [openbsd-compat/bsd-poll.c] correctly check for number of FDs
-   larger than FD_SETSIZE (OpenSSH only ever uses poll with one fd).  Patch
-   from Nicholas Marriott.
-
-20080721
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/07/23 07:36:55
-     [servconf.c]
-     do not try to print options that have been compile-time disabled
-     in config test mode (sshd -T); report from nix-corp AT esperi.org.uk
-     ok dtucker@
- - (djm) [servconf.c] Print UsePAM option in config test mode (when it
-   has been compiled in); report from nix-corp AT esperi.org.uk
-   ok dtucker@
-
-20080721
- - (djm) OpenBSD CVS Sync
-   - jmc@cvs.openbsd.org 2008/07/18 22:51:01
-     [sftp-server.8]
-     no need for .Pp before or after .Sh;
-   - djm@cvs.openbsd.org 2008/07/21 08:19:07
-     [version.h]
-     openssh-5.1
- - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   [contrib/suse/openssh.spec] Update version number in README and RPM specs
- - (djm) Release OpenSSH-5.1
-
-20080717
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/07/17 08:48:00
-     [sshconnect2.c]
-     strnvis preauth banner; pointed out by mpf@ ok markus@
-   - djm@cvs.openbsd.org 2008/07/17 08:51:07
-     [auth2-hostbased.c]
-     strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes
-     report and patch from res AT qoxp.net (bz#1200); ok markus@
- - (dtucker) [openbsd-compat/bsd-cygwin_util.c]  Remove long-unneeded compat
-   code, replace with equivalent cygwin library call.  Patch from vinschen
-   at redhat.com, ok djm@.
- - (djm) [sshconnect2.c] vis.h isn't available everywhere
-
-20080716
- - OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/07/15 02:23:14
-     [sftp.1]
-     number of pipelined requests is now 64;
-     prodded by Iain.Morgan AT nasa.gov
-   - djm@cvs.openbsd.org 2008/07/16 11:51:14
-     [clientloop.c]
-     rename variable first_gc -> last_gc (since it is actually the last
-     in the list).
-   - djm@cvs.openbsd.org 2008/07/16 11:52:19
-     [channels.c]
-     this loop index should be automatic, not static
-
-20080714
- - (djm) OpenBSD CVS Sync
-   - sthen@cvs.openbsd.org 2008/07/13 21:22:52
-     [ssh-keygen.c]
-     Change "ssh-keygen -F [host] -l" to not display random art unless
-     -v is also specified, making it consistent with the manual and other
-     uses of -l.
-     ok grunk@
-   - djm@cvs.openbsd.org 2008/07/13 22:13:07
-     [channels.c]
-     use struct sockaddr_storage instead of struct sockaddr for accept(2)
-     address argument. from visibilis AT yahoo.com in bz#1485; ok markus@
-   - djm@cvs.openbsd.org 2008/07/13 22:16:03
-     [sftp.c]
-     increase number of piplelined requests so they properly fill the
-     (recently increased) channel window. prompted by rapier AT psc.edu;
-     ok markus@
-   - djm@cvs.openbsd.org 2008/07/14 01:55:56
-     [sftp-server.8]
-     mention requirement for /dev/log inside chroot when using sftp-server
-     with ChrootDirectory
- - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to
-   avoid clash with sin(3) function; reported by
-   cristian.ionescu-idbohrn AT axis.com
- - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close()
-   prototype; reported by cristian.ionescu-idbohrn AT axis.com
- - (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash;
-   reported by cristian.ionescu-idbohrn AT axis.com
- - (djm) [contrib/cygwin/Makefile contrib/cygwin/ssh-host-config]
-   [contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd]
-   Revamped and simplified Cygwin ssh-host-config script that uses
-   unified csih configuration tool. Requires recent Cygwin.
-   Patch from vinschen AT redhat.com
-
-20080712
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/07/12 04:52:50
-     [channels.c]
-     unbreak; move clearing of cctx struct to before first use
-     reported by dkrause@
-   - djm@cvs.openbsd.org 2008/07/12 05:33:41
-     [scp.1]
-     better description for -i flag:
-     s/RSA authentication/public key authentication/
- - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h]
-   return EAI_FAMILY when trying to lookup unsupported address family;
-   from vinschen AT redhat.com
-
-20080711
- - (djm) OpenBSD CVS Sync
-   - stevesk@cvs.openbsd.org 2008/07/07 00:31:41
-     [ttymodes.c]
-     we don't need arg after the debug3() was removed.  from lint.
-     ok djm@
-   - stevesk@cvs.openbsd.org 2008/07/07 23:32:51
-     [key.c]
-     /*NOTREACHED*/ for lint warning:
-       warning: function key_equal falls off bottom without returning value
-     ok djm@
-   - markus@cvs.openbsd.org 2008/07/10 18:05:58
-     [channels.c]
-     missing bzero; from mickey; ok djm@
-   - markus@cvs.openbsd.org 2008/07/10 18:08:11
-     [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c]
-     sync v1 and v2 traffic accounting; add it to sshd, too;
-     ok djm@, dtucker@
-
-20080709
- - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass
- - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM
-   account check failure path. The vulnerable format buffer is supplied
-   from PAM and should not contain attacker-supplied data.
- - (djm) [auth.c] Missing unistd.h for close()
- - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x
-
-20080705
- - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed
-   passwords disabled. bz#1083 report & patch from senthilkumar_sen AT
-   hotpop.com, w/ dtucker@
- - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for
-   Tru64. readv doesn't seem to be a comparable object there.
-   bz#1386, patch from dtucker@ ok me
- - (djm) [Makefile.in] Pass though pass to conch for interop tests
- - (djm) [configure.ac] unbreak: remove extra closing brace
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/07/04 23:08:25
-     [packet.c]
-     handle EINTR in packet_write_poll()l ok dtucker@
-   - djm@cvs.openbsd.org 2008/07/04 23:30:16
-     [auth1.c auth2.c]
-     Make protocol 1 MaxAuthTries logic match protocol 2's.
-     Do not treat the first protocol 2 authentication attempt as
-     a failure IFF it is for method "none".
-     Makes MaxAuthTries' user-visible behaviour identical for
-     protocol 1 vs 2.
-     ok dtucker@
-   - djm@cvs.openbsd.org 2008/07/05 05:16:01
-     [PROTOCOL]
-     grammar
-
-20080704
- - (dtucker) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/07/02 13:30:34
-     [auth2.c]
-     really really remove the freebie "none" auth try for protocol 2
-   - djm@cvs.openbsd.org 2008/07/02 13:47:39
-     [ssh.1 ssh.c]
-     When forking after authentication ("ssh -f") with ExitOnForwardFailure
-     enabled, delay the fork until after replies for any -R forwards have
-     been seen. Allows for robust detection of -R forward failure when
-     using -f (similar to bz#92); ok dtucker@
-   - otto@cvs.openbsd.org 2008/07/03 21:46:58
-     [auth2-pubkey.c]
-     avoid nasty double free; ok dtucker@ djm@
-   - djm@cvs.openbsd.org 2008/07/04 03:44:59
-     [servconf.c groupaccess.h groupaccess.c]
-     support negation of groups in "Match group" block (bz#1315); ok dtucker@
-   - dtucker@cvs.openbsd.org 2008/07/04 03:47:02
-     [monitor.c]
-     Make debug a little clearer.  ok djm@
-   - djm@cvs.openbsd.org 2008/06/30 08:07:34
-     [regress/key-options.sh]
-     shell portability: use "=" instead of "==" in test(1) expressions,
-     double-quote string with backslash escaped /
-   - djm@cvs.openbsd.org 2008/06/30 10:31:11
-     [regress/{putty-transfer,putty-kex,putty-ciphers}.sh]
-     remove "set -e" left over from debugging
-   - djm@cvs.openbsd.org 2008/06/30 10:43:03
-     [regress/conch-ciphers.sh]
-     explicitly disable conch options that could interfere with the test
- - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link
-   returns EXDEV.  Patch from Mike Garrison, ok djm@
- - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h]
-   [packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c]
-   [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on
-   some platforms (HP nonstop) it is a distinct errno;
-   bz#1467 reported by sconeu AT yahoo.com; ok dtucker@
-
-20080702
- - (dtucker) OpenBSD CVS Sync
-    - djm@cvs.openbsd.org 2008/06/30 08:05:59
-      [PROTOCOL.agent]
-      typo: s/constraint_date/constraint_data/
-   - djm@cvs.openbsd.org 2008/06/30 12:15:39
-     [serverloop.c]
-     only pass channel requests on session channels through to the session
-     channel handler, avoiding spurious log messages; ok! markus@
-   - djm@cvs.openbsd.org 2008/06/30 12:16:02
-     [nchan.c]
-     only send eow@openssh.com notifications for session channels; ok! markus@
-   - djm@cvs.openbsd.org 2008/06/30 12:18:34
-     [PROTOCOL]
-     clarify that eow@openssh.com is only sent on session channels
-   - dtucker@cvs.openbsd.org 2008/07/01 07:20:52
-     [sshconnect.c]
-     Check ExitOnForwardFailure if forwardings are disabled due to a failed
-     host key check.  ok djm@
-   - dtucker@cvs.openbsd.org 2008/07/01 07:24:22
-     [sshconnect.c sshd.c]
-     Send CR LF during protocol banner exchanges, but only for Protocol 2 only,
-     in order to comply with RFC 4253.  bz #1443, ok djm@
-   - stevesk@cvs.openbsd.org 2008/07/01 23:12:47
-     [PROTOCOL.agent]
-     fix some typos; ok djm@
-   - djm@cvs.openbsd.org 2008/07/02 02:24:18
-     [sshd_config sshd_config.5 sshd.8 servconf.c]
-     increase default size of ssh protocol 1 ephemeral key from 768 to 1024
-     bits; prodded by & ok dtucker@ ok deraadt@
-   - dtucker@cvs.openbsd.org 2008/07/02 12:03:51
-     [auth-rsa.c auth.c auth2-pubkey.c auth.h]
-     Merge duplicate host key file checks, based in part on a patch from Rob
-     Holland via bz #1348 .  Also checks for non-regular files during protocol
-     1 RSA auth.  ok djm@
-   - djm@cvs.openbsd.org 2008/07/02 12:36:39
-     [auth2-none.c auth2.c]
-     Make protocol 2 MaxAuthTries behaviour a little more sensible:
-     Check whether client has exceeded MaxAuthTries before running
-     an authentication method and skip it if they have, previously it
-     would always allow one try (for "none" auth).
-     Preincrement failure count before post-auth test - previously this
-     checked and postincremented, also to allow one "none" try.
-     Together, these two changes always count the "none" auth method
-     which could be skipped by a malicious client (e.g. an SSH worm)
-     to get an extra attempt at a real auth method. They also make
-     MaxAuthTries=0 a useful way to block users entirely (esp. in a
-     sshd_config Match block).
-     Also, move sending of any preauth banner from "none" auth method
-     to the first call to input_userauth_request(), so worms that skip
-     the "none" method get to see it too.
-
-20080630
- - (djm) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2008/06/10 23:13:43
-     [regress/Makefile regress/key-options.sh]
-     Add regress test for key options.  ok djm@
-   - dtucker@cvs.openbsd.org 2008/06/11 23:11:40
-     [regress/Makefile]
-     Don't run cipher-speed test by default; mistakenly enabled by me
-   - djm@cvs.openbsd.org 2008/06/28 13:57:25
-     [regress/Makefile regress/test-exec.sh regress/conch-ciphers.sh]
-     very basic regress test against Twisted Conch in "make interop"
-     target (conch is available in ports/devel/py-twisted/conch);
-     ok markus@
- - (djm) [regress/Makefile] search for conch by path, like we do putty
-
-20080629
- - (djm) OpenBSD CVS Sync
-   - martynas@cvs.openbsd.org 2008/06/21 07:46:46
-     [sftp.c]
-     use optopt to get invalid flag, instead of return value of getopt,
-     which is always '?';  ok djm@
-   - otto@cvs.openbsd.org 2008/06/25 11:13:43
-     [key.c]
-     add key length to visual fingerprint; zap magical constants;
-     ok grunk@ djm@
-   - djm@cvs.openbsd.org 2008/06/26 06:10:09
-     [sftp-client.c sftp-server.c]
-     allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky
-     bits. Note that this only affects explicit setting of modes (e.g. via
-     sftp(1)'s chmod command) and not file transfers. (bz#1310)
-     ok deraadt@ at c2k8
-   - djm@cvs.openbsd.org 2008/06/26 09:19:40
-     [dh.c dh.h moduli.c]
-     when loading moduli from /etc/moduli in sshd(8), check that they
-     are of the expected "safe prime" structure and have had
-     appropriate primality tests performed;
-     feedback and ok dtucker@
-   - grunk@cvs.openbsd.org 2008/06/26 11:46:31
-     [readconf.c readconf.h ssh.1 ssh_config.5 sshconnect.c]
-     Move SSH Fingerprint Visualization away from sharing the config option
-     CheckHostIP to an own config option named VisualHostKey.
-     While there, fix the behaviour that ssh would draw a random art picture
-     on every newly seen host even when the option was not enabled.
-     prodded by deraadt@, discussions,
-     help and ok markus@ djm@ dtucker@
-   - jmc@cvs.openbsd.org 2008/06/26 21:11:46
-     [ssh.1]
-     add VisualHostKey to the list of options listed in -o;
-   - djm@cvs.openbsd.org 2008/06/28 07:25:07
-     [PROTOCOL]
-     spelling fixes
-   - djm@cvs.openbsd.org 2008/06/28 13:58:23
-     [ssh-agent.c]
-     refuse to add a key that has unknown constraints specified;
-     ok markus
-   - djm@cvs.openbsd.org 2008/06/28 14:05:15
-     [ssh-agent.c]
-     reset global compat flag after processing a protocol 2 signature
-     request with the legacy DSA encoding flag set; ok markus
-   - djm@cvs.openbsd.org 2008/06/28 14:08:30
-     [PROTOCOL PROTOCOL.agent]
-     document the protocol used by ssh-agent; "looks ok" markus@
-
-20080628
- - (djm) [RFC.nroff contrib/cygwin/Makefile contrib/suse/openssh.spec]
-   RFC.nroff lacks a license, remove it (it is long gone in OpenBSD).
-
-20080626
- - (djm) [Makefile.in moduli.5] Include moduli(5) manpage from OpenBSD.
-   (bz#1372)
- - (djm) [ contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   [contrib/suse/openssh.spec] Include moduli.5 in RPM spec files.
-
-20080616
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2008/06/16 13:22:53
-     [session.c channels.c]
-     Rename the isatty argument to is_tty so we don't shadow
-     isatty(3).  ok markus@
- - (dtucker) [channels.c] isatty -> is_tty here too.
-
-20080615
- - (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc.
- - OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2008/06/14 15:49:48
-     [sshd.c]
-     wrap long line at 80 chars
-   - dtucker@cvs.openbsd.org 2008/06/14 17:07:11
-     [sshd.c]
-     ensure default umask disallows at least group and world write; ok djm@
-   - djm@cvs.openbsd.org 2008/06/14 18:33:43
-     [session.c]
-     suppress the warning message from chdir(homedir) failures
-     when chrooted (bz#1461); ok dtucker
-   - dtucker@cvs.openbsd.org 2008/06/14 19:42:10
-     [scp.1]
-     Mention that scp follows symlinks during -r.  bz #1466,
-     from nectar at apple
-   - dtucker@cvs.openbsd.org 2008/06/15 16:55:38
-     [sshd_config.5]
-     MaxSessions is allowed in a Match block too
-   - dtucker@cvs.openbsd.org 2008/06/15 16:58:40
-     [servconf.c sshd_config.5]
-     Allow MaxAuthTries within a Match block.  ok djm@
-   - djm@cvs.openbsd.org 2008/06/15 20:06:26
-     [channels.c channels.h session.c]
-     don't call isatty() on a pty master, instead pass a flag down to
-     channel_set_fds() indicating that te fds refer to a tty. Fixes a
-     hang on exit on Solaris (bz#1463) in portable but is actually
-     a generic bug; ok dtucker deraadt markus
-
-20080614
- - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction
-   replacement code; patch from ighighi AT gmail.com in bz#1240;
-   ok dtucker
-
-20080613
- - (dtucker) OpenBSD CVS Sync
-   - deraadt@cvs.openbsd.org 2008/06/13 09:44:36
-     [packet.c]
-     compile on older gcc; no decl after code
-   - dtucker@cvs.openbsd.org 2008/06/13 13:56:59
-     [monitor.c]
-     Clear key options in the monitor on failed authentication, prevents
-     applying additional restrictions to non-pubkey authentications in
-     the case where pubkey fails but another method subsequently succeeds.
-     bz #1472, found by Colin Watson, ok markus@ djm@
-   - dtucker@cvs.openbsd.org 2008/06/13 14:18:51
-     [auth2-pubkey.c auth-rhosts.c]
-     Include unistd.h for close(), prevents warnings in -portable
-   - dtucker@cvs.openbsd.org 2008/06/13 17:21:20
-     [mux.c]
-     Friendlier error messages for mux fallback.  ok djm@
-   - dtucker@cvs.openbsd.org 2008/06/13 18:55:22
-     [scp.c]
-     Prevent -Wsign-compare warnings on LP64 systems.  bz #1192, ok deraadt@
-   - grunk@cvs.openbsd.org 2008/06/13 20:13:26
-     [ssh.1]
-     Explain the use of SSH fpr visualization using random art, and cite the
-     original scientific paper inspiring that technique.
-     Much help with English and nroff by jmc@, thanks.
- - (dtucker) [configure.ac] Bug #1276: avoid linking against libgssapi, which
-   despite its name doesn't seem to implement all of GSSAPI.  Patch from
-   Jan Engelhardt, sanity checked by Simon Wilkinson.
-
-20080612
- - (dtucker) OpenBSD CVS Sync
-   - jmc@cvs.openbsd.org 2008/06/11 07:30:37
-     [sshd.8]
-     kill trailing whitespace;
-   - grunk@cvs.openbsd.org 2008/06/11 21:01:35
-     [ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c
-      sshconnect.c]
-     Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the
-     graphical hash visualization schemes known as "random art", and by
-     Dan Kaminsky's musings on the subject during a BlackOp talk at the
-     23C3 in Berlin.
-     Scientific publication (original paper):
-     "Hash Visualization: a New Technique to improve Real-World Security",
-     Perrig A. and Song D., 1999, International Workshop on Cryptographic
-     Techniques and E-Commerce (CrypTEC '99)
-     http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf
-     The algorithm used here is a worm crawling over a discrete plane,
-     leaving a trace (augmenting the field) everywhere it goes.
-     Movement is taken from dgst_raw 2bit-wise.  Bumping into walls
-     makes the respective movement vector be ignored for this turn,
-     thus switching to the other color of the chessboard.
-     Graphs are not unambiguous for now, because circles in graphs can be
-     walked in either direction.
-     discussions with several people,
-     help, corrections and ok markus@ djm@
-   - grunk@cvs.openbsd.org 2008/06/11 21:38:25
-     [ssh-keygen.c]
-     ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub
-     would not display you the random art as intended, spotted by canacar@
-   - grunk@cvs.openbsd.org 2008/06/11 22:20:46
-     [ssh-keygen.c ssh-keygen.1]
-     ssh-keygen would write fingerprints to STDOUT, and random art to STDERR,
-     that is not how it was envisioned.
-     Also correct manpage saying that -v is needed along with -l for it to work.
-     spotted by naddy@
-   - otto@cvs.openbsd.org 2008/06/11 23:02:22
-     [key.c]
-     simpler way of computing the augmentations; ok grunk@
-   - grunk@cvs.openbsd.org 2008/06/11 23:03:56
-     [ssh_config.5]
-     CheckHostIP set to ``fingerprint'' will display both hex and random art
-     spotted by naddy@
-   - grunk@cvs.openbsd.org 2008/06/11 23:51:57
-     [key.c]
-     #define statements that are not atoms need braces around them, else they
-     will cause trouble in some cases.
-     Also do a computation of -1 once, and not in a loop several times.
-     spotted by otto@
-   - dtucker@cvs.openbsd.org 2008/06/12 00:03:49
-     [dns.c canohost.c sshconnect.c]
-     Do not pass "0" strings as ports to getaddrinfo because the lookups
-     can slow things down and we never use the service info anyway. bz
-     #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi.  ok
-     deraadt@ djm@
-     djm belives that the reason for the "0" strings is to ensure that
-     it's not possible to call getaddrinfo with both host and port being
-     NULL.  In the case of canohost.c host is a local array.  In the
-     case of sshconnect.c, it's checked for null immediately before use.
-     In dns.c it ultimately comes from ssh.c:main() and is guaranteed to
-     be non-null but it's not obvious, so I added a warning message in
-     case it is ever passed a null.
-   - grunk@cvs.openbsd.org 2008/06/12 00:13:55
-     [sshconnect.c]
-     Make ssh print the random art also when ssh'ing to a host using IP only.
-     spotted by naddy@, ok and help djm@ dtucker@
-   - otto@cvs.openbsd.org 2008/06/12 00:13:13
-     [key.c]
-     use an odd number of rows and columns and a separate start marker, looks
-     better; ok grunk@
-   - djm@cvs.openbsd.org 2008/06/12 03:40:52
-     [clientloop.h mux.c channels.c clientloop.c channels.h]
-     Enable ~ escapes for multiplex slave sessions; give each channel
-     its own escape state and hook the escape filters up to muxed
-     channels. bz #1331
-     Mux slaves do not currently support the ~^Z and ~& escapes.
-     NB. this change cranks the mux protocol version, so a new ssh
-     mux client will not be able to connect to a running old ssh
-     mux master.
-     ok dtucker@
-   - djm@cvs.openbsd.org 2008/06/12 04:06:00
-     [clientloop.h ssh.c clientloop.c]
-     maintain an ordered queue of outstanding global requests that we
-     expect replies to, similar to the per-channel confirmation queue.
-     Use this queue to verify success or failure for remote forward
-     establishment in a race free way.
-     ok dtucker@
-   - djm@cvs.openbsd.org 2008/06/12 04:17:47
-     [clientloop.c]
-     thall shalt not code past the eightieth column
-   - djm@cvs.openbsd.org 2008/06/12 04:24:06
-     [ssh.c]
-     thal shalt not code past the eightieth column
-   - djm@cvs.openbsd.org 2008/06/12 05:15:41
-     [PROTOCOL]
-     document tun@openssh.com forwarding method
-   - djm@cvs.openbsd.org 2008/06/12 05:32:30
-     [mux.c]
-     some more TODO for me
-   - grunk@cvs.openbsd.org 2008/06/12 05:42:46
-     [key.c]
-     supply the key type (rsa1, rsa, dsa) as a caption in the frame of the
-     random art.  while there, stress the fact that the field base should at
-     least be 8 characters for the pictures to make sense.
-     comment and ok djm@
-   - grunk@cvs.openbsd.org 2008/06/12 06:32:59
-     [key.c]
-     We already mark the start of the worm, now also mark the end of the worm
-     in our random art drawings.
-     ok djm@
-   - djm@cvs.openbsd.org 2008/06/12 15:19:17
-     [clientloop.h channels.h clientloop.c channels.c mux.c]
-     The multiplexing escape char handler commit last night introduced a
-     small memory leak per session; plug it.
-   - dtucker@cvs.openbsd.org 2008/06/12 16:35:31
-     [ssh_config.5 ssh.c]
-     keyword expansion for localcommand.  ok djm@
-   - jmc@cvs.openbsd.org 2008/06/12 19:10:09
-     [ssh_config.5 ssh-keygen.1]
-     tweak the ascii art text; ok grunk
-   - dtucker@cvs.openbsd.org 2008/06/12 20:38:28
-     [sshd.c sshconnect.c packet.h misc.c misc.h packet.c]
-     Make keepalive timeouts apply while waiting for a packet, particularly
-     during key renegotiation (bz #1363).  With djm and Matt Day, ok djm@
-   - djm@cvs.openbsd.org 2008/06/12 20:47:04
-     [sftp-client.c]
-     print extension revisions for extensions that we understand
-   - djm@cvs.openbsd.org 2008/06/12 21:06:25
-     [clientloop.c]
-     I was coalescing expected global request confirmation replies at
-     the wrong end of the queue - fix; prompted by markus@
-   - grunk@cvs.openbsd.org 2008/06/12 21:14:46
-     [ssh-keygen.c]
-     make ssh-keygen -lf show the key type just as ssh-add -l would do it
-     ok djm@ markus@
-   - grunk@cvs.openbsd.org 2008/06/12 22:03:36
-     [key.c]
-     add my copyright, ok djm@
-   - ian@cvs.openbsd.org 2008/06/12 23:24:58
-     [sshconnect.c]
-     tweak wording in message, ok deraadt@ jmc@
-   - dtucker@cvs.openbsd.org 2008/06/13 00:12:02
-     [sftp.h log.h]
-     replace __dead with __attribute__((noreturn)), makes things
-     a little easier to port.  Also, add it to sigdie().  ok djm@
-   - djm@cvs.openbsd.org 2008/06/13 00:16:49
-     [mux.c]
-     fall back to creating a new TCP connection on most multiplexing errors
-     (socket connect fail, invalid version, refused permittion, corrupted
-     messages, etc.); bz #1329 ok dtucker@
-   - dtucker@cvs.openbsd.org 2008/06/13 00:47:53
-     [mux.c]
-     upcast size_t to u_long to match format arg; ok djm@
-   - dtucker@cvs.openbsd.org 2008/06/13 00:51:47
-     [mac.c]
-     upcast another size_t to u_long to match format
-   - dtucker@cvs.openbsd.org 2008/06/13 01:38:23
-     [misc.c]
-     upcast uid to long with matching %ld, prevents warnings in portable
-   - djm@cvs.openbsd.org 2008/06/13 04:40:22
-     [auth2-pubkey.c auth-rhosts.c]
-     refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not
-     regular files; report from Solar Designer via Colin Watson in bz#1471
-     ok dtucker@ deraadt
-  - (dtucker) [clientloop.c serverloop.c]  channel_register_filter now
-    takes 2 more args.  with djm@
-  - (dtucker) [defines.h] Bug #1112: __dead is, well dead. Based on a patch
-    from Todd Vierling.
-  - (dtucker) [auth-sia.c] Bug #1241: support password expiry on Tru64 SIA
-    systems.  Patch from R. Scott Bailey.
-  - (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used
-    on big endian machines, so ifdef them for little-endian only to prevent
-    unused function warnings on big-endians.
-  - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent
-    compiler warnings on some platforms.  Based on a discussion with otto@
-
-20080611
- - (djm) [channels.c configure.ac]
-   Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no)
-   bz#1464; ok dtucker 
-
-20080610
- - (dtucker) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/06/10 03:57:27
-     [servconf.c match.h sshd_config.5]
-     support CIDR address matching in sshd_config "Match address" blocks, with
-     full support for negation and fall-back to classic wildcard matching.
-     For example:
-     Match address 192.0.2.0/24,3ffe:ffff::/32,!10.*
-         PasswordAuthentication yes
-     addrmatch.c code mostly lifted from flowd's addr.c
-     feedback and ok dtucker@
-   - djm@cvs.openbsd.org 2008/06/10 04:17:46
-     [sshd_config.5]
-     better reference for pattern-list
-   - dtucker@cvs.openbsd.org 2008/06/10 04:50:25
-     [sshd.c channels.h channels.c log.c servconf.c log.h servconf.h sshd.8]
-     Add extended test mode (-T) and connection parameters for test mode (-C).
-     -T causes sshd to write its effective configuration to stdout and exit.
-     -C causes any relevant Match rules to be applied before output.  The
-     combination allows tesing of the parser and config files.  ok deraadt djm
-   - jmc@cvs.openbsd.org 2008/06/10 07:12:00
-     [sshd_config.5]
-     tweak previous;
-   - jmc@cvs.openbsd.org 2008/06/10 08:17:40
-     [sshd.8 sshd.c]
-     - update usage()
-     - fix SYNOPSIS, and sort options
-     - some minor additional fixes
-   - dtucker@cvs.openbsd.org 2008/06/09 18:06:32
-     [regress/test-exec.sh]
-     Don't generate putty keys if we're not going to use them.  ok djm
-   - dtucker@cvs.openbsd.org 2008/06/10 05:23:32
-     [regress/addrmatch.sh regress/Makefile]
-     Regress test for Match CIDR rules.  ok djm@
-   - dtucker@cvs.openbsd.org 2008/06/10 15:21:41
-     [test-exec.sh]
-     Use a more portable construct for checking if we're running a putty test
-   - dtucker@cvs.openbsd.org 2008/06/10 15:28:49
-     [test-exec.sh]
-     Add quotes
-   - dtucker@cvs.openbsd.org 2008/06/10 18:21:24
-     [ssh_config.5]
-     clarify that Host patterns are space-separated.  ok deraadt
-   - djm@cvs.openbsd.org 2008/06/10 22:15:23
-     [PROTOCOL ssh.c serverloop.c]
-     Add a no-more-sessions@openssh.com global request extension that the
-     client sends when it knows that it will never request another session
-     (i.e. when session multiplexing is disabled). This allows a server to
-     disallow further session requests and terminate the session.
-     Why would a non-multiplexing client ever issue additional session
-     requests? It could have been attacked with something like SSH'jack:
-     http://www.storm.net.nz/projects/7
-     feedback & ok markus
-   - djm@cvs.openbsd.org 2008/06/10 23:06:19
-     [auth-options.c match.c servconf.c addrmatch.c sshd.8]
-     support CIDR address matching in .ssh/authorized_keys from="..." stanzas
-     ok and extensive testing dtucker@
-   - dtucker@cvs.openbsd.org 2008/06/10 23:21:34
-     [bufaux.c]
-     Use '\0' for a nul byte rather than unadorned 0.  ok djm@
-   - dtucker@cvs.openbsd.org 2008/06/10 23:13:43
-     [Makefile regress/key-options.sh]
-     Add regress test for key options.  ok djm@
- - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6
-   since the new CIDR code in addmatch.c references it.
- - (dtucker) [Makefile.in configure.ac regress/addrmatch.sh] Skip IPv6
-   specific tests on platforms that don't do IPv6.
- - (dtucker) [Makefile.in] Define TEST_SSH_IPV6 in make's arguments as well
-   as environment.
- - (dtucker) [Makefile.in] Move addrmatch.o to libssh.a where it's needed now.
-
-20080609
- - (dtucker) OpenBSD CVS Sync
-   - dtucker@cvs.openbsd.org 2008/06/08 17:04:41
-     [sftp-server.c]
-     Add case for ENOSYS in errno_to_portable; ok deraadt
-   - dtucker@cvs.openbsd.org 2008/06/08 20:15:29
-     [sftp.c sftp-client.c sftp-client.h]
-     Have the sftp client store the statvfs replies in wire format,
-     which prevents problems when the server's native sizes exceed the
-     client's.
-     Also extends the sizes of the remaining 32bit wire format to 64bit,
-     they're specified as unsigned long in the standard.
-   - dtucker@cvs.openbsd.org 2008/06/09 13:02:39
-     [sftp-server.c]
-     Extend 32bit -> 64bit values for statvfs extension missed in previous
-     commit.
-   - dtucker@cvs.openbsd.org 2008/06/09 13:38:46
-     [PROTOCOL]
-     Use a $OpenBSD tag so our scripts will sync changes.
-
-20080608
- - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c
-   openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h
-   openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and
-   fstatvfs and remove #defines around statvfs code.  ok djm@
- - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a
-   macro to convert fsid to unsigned long for platforms where fsid is a
-   2-member array.
-
-20080607
- - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H.
- - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c]
-   Do not enable statvfs extensions on platforms that do not have statvfs.
- - (dtucker) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/05/19 06:14:02
-     [packet.c] unbreak protocol keepalive timeouts bz#1465; ok dtucker@
-   - djm@cvs.openbsd.org 2008/05/19 15:45:07
-     [sshtty.c ttymodes.c sshpty.h]
-     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
-     we would send the modes corresponding to a zeroed struct termios,
-     whereas we should have been sending an empty list of modes.
-     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@
-   - djm@cvs.openbsd.org 2008/05/19 15:46:31
-     [ssh-keygen.c]
-     support -l (print fingerprint) in combination with -F (find host) to
-     search for a host in ~/.ssh/known_hosts and display its fingerprint;
-     ok markus@
-   - djm@cvs.openbsd.org 2008/05/19 20:53:52
-     [clientloop.c]
-     unbreak tree by committing this bit that I missed from:
-     Fix sending tty modes when stdin is not a tty (bz#1199). Previously
-     we would send the modes corresponding to a zeroed struct termios,
-     whereas we should have been sending an empty list of modes.
-     Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@ 
-
-20080604
- - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias
-   in arc4random_uniform with upper_bound in (2^30,2*31). Note that 
-   OpenSSH did not make requests with upper bounds in this range.
-
-20080519
- - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in]
-   [openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h]
-   Fix compilation on Linux, including pulling in fmt_scaled(3)
-   implementation from OpenBSD's libutil.
-
-20080518
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/04/04 05:14:38
-     [sshd_config.5]
-     ChrootDirectory is supported in Match blocks (in fact, it is most useful
-     there). Spotted by Minstrel AT minstrel.org.uk
-   - djm@cvs.openbsd.org 2008/04/04 06:44:26
-     [sshd_config.5]
-     oops, some unrelated stuff crept into that commit - backout.
-     spotted by jmc@
-   - djm@cvs.openbsd.org 2008/04/05 02:46:02
-     [sshd_config.5]
-     HostbasedAuthentication is supported under Match too
- - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c]
-     [configure.ac] Implement arc4random_buf(), import implementation of
-     arc4random_uniform() from OpenBSD
- - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes
- - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h
- - (djm) OpenBSD CVS Sync
-   - djm@cvs.openbsd.org 2008/04/13 00:22:17
-     [dh.c sshd.c]
-     Use arc4random_buf() when requesting more than a single word of output
-     Use arc4random_uniform() when the desired random number upper bound
-     is not a power of two
-     ok deraadt@ millert@
-   - djm@cvs.openbsd.org 2008/04/18 12:32:11
-     [sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h]
-     introduce sftp extension methods statvfs@openssh.com and
-     fstatvfs@openssh.com that implement statvfs(2)-like operations,
-     based on a patch from miklos AT szeredi.hu (bz#1399)
-     also add a "df" command to the sftp client that uses the
-     statvfs@openssh.com to produce a df(1)-like display of filesystem
-     space and inode utilisation
-     ok markus@
-   - jmc@cvs.openbsd.org 2008/04/18 17:15:47
-     [sftp.1]
-     macro fixage;
-   - djm@cvs.openbsd.org 2008/04/18 22:01:33
-     [session.c]
-     remove unneccessary parentheses
-   - otto@cvs.openbsd.org 2008/04/29 11:20:31
-     [monitor_mm.h]
-     garbage collect two unused fields in struct mm_master; ok markus@
-   - djm@cvs.openbsd.org 2008/04/30 10:14:03
-     [ssh-keyscan.1 ssh-keyscan.c]
-     default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by
-     larsnooden AT openoffice.org
-   - pyr@cvs.openbsd.org 2008/05/07 05:49:37
-     [servconf.c servconf.h session.c sshd_config.5]
-     Enable the AllowAgentForwarding option in sshd_config (global and match
-     context), to specify if agents should be permitted on the server.
-     As the man page states:
-     ``Note that disabling Agent forwarding does not improve security
-     unless users are also denied shell access, as they can always install
-     their own forwarders.''
-     ok djm@, ok and a mild frown markus@
-   - pyr@cvs.openbsd.org 2008/05/07 06:43:35
-     [sshd_config]
-     push the sshd_config bits in, spotted by ajacoutot@
-   - jmc@cvs.openbsd.org 2008/05/07 08:00:14
-     [sshd_config.5]
-     sort;
-   - markus@cvs.openbsd.org 2008/05/08 06:59:01
-     [bufaux.c buffer.h channels.c packet.c packet.h]
-     avoid extra malloc/copy/free when receiving data over the net;
-     ~10% speedup for localhost-scp; ok djm@
-   - djm@cvs.openbsd.org 2008/05/08 12:02:23
-     [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c]
-     [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c]
-     [ssh.c sshd.c]
-     Implement a channel success/failure status confirmation callback
-     mechanism. Each channel maintains a queue of callbacks, which will
-     be drained in order (RFC4253 guarantees confirm messages are not
-     reordered within an channel).
-     Also includes a abandonment callback to clean up if a channel is
-     closed without sending confirmation messages. This probably
-     shouldn't happen in compliant implementations, but it could be
-     abused to leak memory.
-     ok markus@ (as part of a larger diff)
-   - djm@cvs.openbsd.org 2008/05/08 12:21:16
-     [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
-     [sshd_config sshd_config.5]
-     Make the maximum number of sessions run-time controllable via
-     a sshd_config MaxSessions knob. This is useful for disabling
-     login/shell/subsystem access while leaving port-forwarding working
-     (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
-     simply increasing the number of allows multiplexed sessions.
-     Because some bozos are sure to configure MaxSessions in excess of the
-     number of available file descriptors in sshd (which, at peak, might be
-     as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
-     on error paths, and make it fail gracefully on out-of-fd conditions -
-     sending channel errors instead of than exiting with fatal().
-     bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
-     ok markus@
-   - djm@cvs.openbsd.org 2008/05/08 13:06:11
-     [clientloop.c clientloop.h ssh.c]
-     Use new channel status confirmation callback system to properly deal
-     with "important" channel requests that fail, in particular command exec,
-     shell and subsystem requests. Previously we would optimistically assume
-     that the requests would always succeed, which could cause hangs if they
-     did not (e.g. when the server runs out of fds) or were unimplemented by
-     the server (bz #1384)
-     Also, properly report failing multiplex channel requests via the mux
-     client stderr (subject to LogLevel in the mux master) - better than
-     silently failing.
-     most bits ok markus@ (as part of a larger diff)
-   - djm@cvs.openbsd.org 2008/05/09 04:55:56
-     [channels.c channels.h clientloop.c serverloop.c]
-     Try additional addresses when connecting to a port forward destination
-     whose DNS name resolves to more than one address. The previous behaviour
-     was to try the first address and give up.
-     Reported by stig AT venaas.com in bz#343
-     great feedback and ok markus@
-   - djm@cvs.openbsd.org 2008/05/09 14:18:44
-     [clientloop.c clientloop.h ssh.c mux.c]
-     tidy up session multiplexing code, moving it into its own file and
-     making the function names more consistent - making ssh.c and
-     clientloop.c a fair bit more readable.
-     ok markus@
-   - djm@cvs.openbsd.org 2008/05/09 14:26:08
-     [ssh.c]
-     dingo stole my diff hunk
-   - markus@cvs.openbsd.org 2008/05/09 16:16:06
-     [session.c]
-     re-add the USE_PIPES code and enable it.
-     without pipes shutdown-read from the sshd does not trigger
-     a SIGPIPE when the forked program does a write.
-     ok djm@
-     (Id sync only, USE_PIPES never left portable OpenSSH)
-   - markus@cvs.openbsd.org 2008/05/09 16:17:51
-     [channels.c]
-     error-fd race: don't enable the error fd in the select bitmask
-     for channels with both in- and output closed, since the channel
-     will go away before we call select();
-     report, lots of debugging help and ok djm@
-   - markus@cvs.openbsd.org 2008/05/09 16:21:13
-     [channels.h clientloop.c nchan.c serverloop.c]
-     unbreak
-        ssh -2 localhost od /bin/ls | true
-     ignoring SIGPIPE by adding a new channel message (EOW) that signals
-     the peer that we're not interested in any data it might send.
-     fixes bz #85; discussion, debugging and ok djm@
-   - pvalchev@cvs.openbsd.org 2008/05/12 20:52:20
-     [umac.c]
-     Ensure nh_result lies on a 64-bit boundary (fixes warnings observed
-     on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@
-   - djm@cvs.openbsd.org 2008/05/15 23:52:24
-     [nchan2.ms]
-     document eow message in ssh protocol 2 channel state machine;
-     feedback and ok markus@
-   - djm@cvs.openbsd.org 2008/05/18 21:29:05
-     [sftp-server.c]
-     comment extension announcement
-   - djm@cvs.openbsd.org 2008/05/16 08:30:42
-     [PROTOCOL]
-     document our protocol extensions and deviations; ok markus@
-   - djm@cvs.openbsd.org 2008/05/17 01:31:56
-     [PROTOCOL]
-     grammar and correctness fixes from stevesk@
-
-20080403
- - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile-
-   time warnings on LynxOS. Patch from ops AT iki.fi
- - (djm) Force string arguments to replacement setproctitle() though
-   strnvis first. Ok dtucker@
-
-20080403
- - (djm) OpenBSD CVS sync:
-   - markus@cvs.openbsd.org 2008/04/02 15:36:51
-     [channels.c]
-     avoid possible hijacking of x11-forwarded connections (back out 1.183)
-     CVE-2008-1483; ok djm@
-   - jmc@cvs.openbsd.org 2008/03/27 22:37:57
-     [sshd.8]
-     remove trailing whitespace;
-   - djm@cvs.openbsd.org 2008/04/03 09:50:14
-     [version.h]
-     openssh-5.0
- - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
-   [contrib/suse/openssh.spec] Crank version numbers in RPM spec files
- - (djm) [README] Update link to release notes
- - (djm) Release 5.0p1