20030510
- (dtucker) Bug #318: Create ssh_prng_cmds.out during "make" rather than
"make install". Patch by roth@feep.net.
- (dtucker) Bug #536: Test for and work around openpty/controlling tty
problem on Linux (fixes "could not set controlling tty" errors).
- (djm) Merge FreeBSD PAM code: replaces PAM password auth kludge with
proper challenge-response module
20030504
- (dtucker) Bug #497: Move #include of bsd-cygwin_util.h to openbsd-compat.h.
Patch from vinschen@redhat.com.
20030503
- (dtucker) Add missing "void" to record_failed_login in bsd-cray.c. Noted
by wendyp@cray.com.
20030502
- (dtucker) Bug #544: ignore invalid cmsg_type on Linux 2.0 kernels,
privsep should now work.
- (dtucker) Move handling of bad password authentications into a platform
specific record_failed_login() function (affects AIX & Unicos). ok mouring@
20030429
- (djm) Add back radix.o (used by AFS support), after it went missing from
Makefile many moons ago
- (djm) Apply "owl-always-auth" patch from Openwall/Solar Designer
- (djm) Fix blibpath specification for AIX/gcc
- (djm) Some systems have basename in -lgen. Fix from ayamura@ayamura.org
20030428
- (bal) [defines.h progressmeter.c scp.c] Some more culling of non 64bit
hacked code.
20030427
- (bal) Bug #541: return; was dropped by mistake. Reported by
furrier@iglou.com
- (bal) Since we don't support platforms lacking u_int_64. We may
as well clean out some of those evil #ifdefs
- (bal) auth1.c minor resync while looking at the code.
- (bal) auth2.c same changed as above.
20030409
- (djm) Bug #539: Specify creation mode with O_CREAT for lastlog. Report
from matth@eecs.berkeley.edu
- (djm) Make the spec work with Redhat 9.0 (which renames sharutils)
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/04/02 09:48:07
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
reapply rekeying chage, tested by henning@, ok djm@
- markus@cvs.openbsd.org 2003/04/02 14:36:26
[ssh-keysign.c]
potential segfault if KEY_UNSPEC; cjwatson@debian.org; bug #526
- itojun@cvs.openbsd.org 2003/04/03 07:25:27
[progressmeter.c]
$OpenBSD$
- itojun@cvs.openbsd.org 2003/04/03 10:17:35
[progressmeter.c]
remove $OpenBSD$, as other *.c does not have it.
- markus@cvs.openbsd.org 2003/04/07 08:29:57
[monitor_wrap.c]
typo: get correct counters; introduced during rekeying change.
- millert@cvs.openbsd.org 2003/04/07 21:58:05
[progressmeter.c]
The UCB copyright here is incorrect. This code did not originate
at UCB, it was written by Luke Mewburn. Updated the copyright at
the author's request. markus@ OK
- itojun@cvs.openbsd.org 2003/04/08 20:21:29
[*.c *.h]
rename log() into logit() to avoid name conflict. markus ok, from
netbsd
- (djm) XXX - Performed locally using:
"perl -p -i -e 's/(\s|^)log\(/$1logit\(/g' *.c *.h"
- hin@cvs.openbsd.org 2003/04/09 08:23:52
[servconf.c]
Don't include <krb.h> when compiling with Kerberos 5 support
- (djm) Fix up missing include for packet.c
- (djm) Fix missed log => logit occurance (reference by function pointer)
20030402
- (bal) if IP_TOS is not found or broken don't try to compile in
packet_set_tos() function call. bug #527
20030401
- (djm) OpenBSD CVS Sync
- jmc@cvs.openbsd.org 2003/03/28 10:11:43
[scp.1 sftp.1 ssh.1 ssh-add.1 ssh-agent.1 ssh_config.5 sshd_config.5]
[ssh-keygen.1 ssh-keyscan.1 ssh-keysign.8]
- killed whitespace
- new sentence new line
- .Bk for arguments
ok markus@
- markus@cvs.openbsd.org 2003/04/01 10:10:23
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
rekeying bugfixes and automatic rekeying:
* both client and server rekey _automatically_
(a) after 2^31 packets, because after 2^32 packets
the sequence number for packets wraps
(b) after 2^(blocksize_in_bits/4) blocks
(see: draft-ietf-secsh-newmodes-00.txt)
(a) and (b) are _enabled_ by default, and only disabled for known
openssh versions, that don't support rekeying properly.
* client option 'RekeyLimit'
* do not reply to requests during rekeying
- markus@cvs.openbsd.org 2003/04/01 10:22:21
[clientloop.c monitor.c monitor_wrap.c packet.c packet.h readconf.c]
[readconf.h serverloop.c sshconnect2.c]
backout rekeying changes (for 3.6.1)
- markus@cvs.openbsd.org 2003/04/01 10:31:26
[compat.c compat.h kex.c]
bugfix causes stalled connections for ssh.com < 3.0; noticed by ho@;
tested by ho@ and myself
- markus@cvs.openbsd.org 2003/04/01 10:56:46
[version.h]
3.6.1
- (djm) Crank spec file versions
- (djm) Release 3.6.1p1
20030326
- (djm) OpenBSD CVS Sync
- deraadt@cvs.openbsd.org 2003/03/26 04:02:51
[sftp-server.c]
one last fix to the tree: race fix broke stuff; pr 3169;
srp@srparish.net, help from djm
20030325
- (djm) Fix getpeerid support for 64 bit BE systems. From
Arnd Bergmann <arndb@de.ibm.com>
20030324
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/03/23 19:02:00
[monitor.c]
unbreak rekeying for privsep; ok millert@
- Release 3.6p1
- Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
Report from murple@murple.net, diagnosis from dtucker@zip.com.au
20030320
- (djm) OpenBSD CVS Sync
- markus@cvs.openbsd.org 2003/03/17 10:38:38
[progressmeter.c]
don't print \n if backgrounded; from ho@
- markus@cvs.openbsd.org 2003/03/17 11:43:47
[version.h]
enter 3.6
- (bal) The days of lack of int64_t support are over. Sorry kids.
- (bal) scp.c 'limit' conflicts with Cray. Rename to 'limitbw'
- (bal) Collection of Cray patches (bsd-cray.h fix for CRAYT3E and improved
guessing rules)
- (bal) Disable Privsep for Tru64 after pre-authentication due to issues
with SIA. Also, clean up of tru64 support patch by Chris Adams
<cmadams@hiwaay.net>
- (tim) [contrib/caldera/openssh.spec] workaround RPM quirk. Fix %files
20030318
- (tim) [configure.ac openbsd-compat/bsd-misc.c openbsd-compat/bsd-misc.h]
add nanosleep(). testing/corrections by Darren Tucker <dtucker@zip.com.au>
20030317
- (djm) Fix return value checks