diff options
Diffstat (limited to 'crypto/openssh/ChangeLog')
-rw-r--r-- | crypto/openssh/ChangeLog | 2108 |
1 files changed, 2106 insertions, 2 deletions
diff --git a/crypto/openssh/ChangeLog b/crypto/openssh/ChangeLog index 2755591..3d08a80 100644 --- a/crypto/openssh/ChangeLog +++ b/crypto/openssh/ChangeLog @@ -1,3 +1,2108 @@ +20080721 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2008/07/18 22:51:01 + [sftp-server.8] + no need for .Pp before or after .Sh; + - djm@cvs.openbsd.org 2008/07/21 08:19:07 + [version.h] + openssh-5.1 + - (djm) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Update version number in README and RPM specs + - (djm) Release OpenSSH-5.1 + +20080717 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/07/17 08:48:00 + [sshconnect2.c] + strnvis preauth banner; pointed out by mpf@ ok markus@ + - djm@cvs.openbsd.org 2008/07/17 08:51:07 + [auth2-hostbased.c] + strip trailing '.' from hostname when HostbasedUsesNameFromPacketOnly=yes + report and patch from res AT qoxp.net (bz#1200); ok markus@ + - (dtucker) [openbsd-compat/bsd-cygwin_util.c] Remove long-unneeded compat + code, replace with equivalent cygwin library call. Patch from vinschen + at redhat.com, ok djm@. + - (djm) [sshconnect2.c] vis.h isn't available everywhere + +20080716 + - OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/07/15 02:23:14 + [sftp.1] + number of pipelined requests is now 64; + prodded by Iain.Morgan AT nasa.gov + - djm@cvs.openbsd.org 2008/07/16 11:51:14 + [clientloop.c] + rename variable first_gc -> last_gc (since it is actually the last + in the list). + - djm@cvs.openbsd.org 2008/07/16 11:52:19 + [channels.c] + this loop index should be automatic, not static + +20080714 + - (djm) OpenBSD CVS Sync + - sthen@cvs.openbsd.org 2008/07/13 21:22:52 + [ssh-keygen.c] + Change "ssh-keygen -F [host] -l" to not display random art unless + -v is also specified, making it consistent with the manual and other + uses of -l. + ok grunk@ + - djm@cvs.openbsd.org 2008/07/13 22:13:07 + [channels.c] + use struct sockaddr_storage instead of struct sockaddr for accept(2) + address argument. from visibilis AT yahoo.com in bz#1485; ok markus@ + - djm@cvs.openbsd.org 2008/07/13 22:16:03 + [sftp.c] + increase number of piplelined requests so they properly fill the + (recently increased) channel window. prompted by rapier AT psc.edu; + ok markus@ + - djm@cvs.openbsd.org 2008/07/14 01:55:56 + [sftp-server.8] + mention requirement for /dev/log inside chroot when using sftp-server + with ChrootDirectory + - (djm) [openbsd-compat/bindresvport.c] Rename variables s/sin/in/ to + avoid clash with sin(3) function; reported by + cristian.ionescu-idbohrn AT axis.com + - (djm) [openbsd-compat/rresvport.c] Add unistd.h for missing close() + prototype; reported by cristian.ionescu-idbohrn AT axis.com + - (djm) [umac.c] Rename variable s/buffer_ptr/bufp/ to avoid clash; + reported by cristian.ionescu-idbohrn AT axis.com + - (djm) [contrib/cygwin/Makefile contrib/cygwin/ssh-host-config] + [contrib/cygwin/ssh-user-config contrib/cygwin/sshd-inetd] + Revamped and simplified Cygwin ssh-host-config script that uses + unified csih configuration tool. Requires recent Cygwin. + Patch from vinschen AT redhat.com + +20080712 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/07/12 04:52:50 + [channels.c] + unbreak; move clearing of cctx struct to before first use + reported by dkrause@ + - djm@cvs.openbsd.org 2008/07/12 05:33:41 + [scp.1] + better description for -i flag: + s/RSA authentication/public key authentication/ + - (djm) [openbsd-compat/fake-rfc2553.c openbsd-compat/fake-rfc2553.h] + return EAI_FAMILY when trying to lookup unsupported address family; + from vinschen AT redhat.com + +20080711 + - (djm) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2008/07/07 00:31:41 + [ttymodes.c] + we don't need arg after the debug3() was removed. from lint. + ok djm@ + - stevesk@cvs.openbsd.org 2008/07/07 23:32:51 + [key.c] + /*NOTREACHED*/ for lint warning: + warning: function key_equal falls off bottom without returning value + ok djm@ + - markus@cvs.openbsd.org 2008/07/10 18:05:58 + [channels.c] + missing bzero; from mickey; ok djm@ + - markus@cvs.openbsd.org 2008/07/10 18:08:11 + [clientloop.c monitor.c monitor_wrap.c packet.c packet.h sshd.c] + sync v1 and v2 traffic accounting; add it to sshd, too; + ok djm@, dtucker@ + +20080709 + - (djm) [Makefile.in] Print "all tests passed" when all regress tests pass + - (djm) [auth1.c] Fix format string vulnerability in protocol 1 PAM + account check failure path. The vulnerable format buffer is supplied + from PAM and should not contain attacker-supplied data. + - (djm) [auth.c] Missing unistd.h for close() + - (djm) [configure.ac] Add -Wformat-security to CFLAGS for gcc 3.x and 4.x + +20080705 + - (djm) [auth.c] Fixed test for locked account on HP/UX with shadowed + passwords disabled. bz#1083 report & patch from senthilkumar_sen AT + hotpop.com, w/ dtucker@ + - (djm) [atomicio.c configure.ac] Disable poll() fallback in atomiciov for + Tru64. readv doesn't seem to be a comparable object there. + bz#1386, patch from dtucker@ ok me + - (djm) [Makefile.in] Pass though pass to conch for interop tests + - (djm) [configure.ac] unbreak: remove extra closing brace + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/07/04 23:08:25 + [packet.c] + handle EINTR in packet_write_poll()l ok dtucker@ + - djm@cvs.openbsd.org 2008/07/04 23:30:16 + [auth1.c auth2.c] + Make protocol 1 MaxAuthTries logic match protocol 2's. + Do not treat the first protocol 2 authentication attempt as + a failure IFF it is for method "none". + Makes MaxAuthTries' user-visible behaviour identical for + protocol 1 vs 2. + ok dtucker@ + - djm@cvs.openbsd.org 2008/07/05 05:16:01 + [PROTOCOL] + grammar + +20080704 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/07/02 13:30:34 + [auth2.c] + really really remove the freebie "none" auth try for protocol 2 + - djm@cvs.openbsd.org 2008/07/02 13:47:39 + [ssh.1 ssh.c] + When forking after authentication ("ssh -f") with ExitOnForwardFailure + enabled, delay the fork until after replies for any -R forwards have + been seen. Allows for robust detection of -R forward failure when + using -f (similar to bz#92); ok dtucker@ + - otto@cvs.openbsd.org 2008/07/03 21:46:58 + [auth2-pubkey.c] + avoid nasty double free; ok dtucker@ djm@ + - djm@cvs.openbsd.org 2008/07/04 03:44:59 + [servconf.c groupaccess.h groupaccess.c] + support negation of groups in "Match group" block (bz#1315); ok dtucker@ + - dtucker@cvs.openbsd.org 2008/07/04 03:47:02 + [monitor.c] + Make debug a little clearer. ok djm@ + - djm@cvs.openbsd.org 2008/06/30 08:07:34 + [regress/key-options.sh] + shell portability: use "=" instead of "==" in test(1) expressions, + double-quote string with backslash escaped / + - djm@cvs.openbsd.org 2008/06/30 10:31:11 + [regress/{putty-transfer,putty-kex,putty-ciphers}.sh] + remove "set -e" left over from debugging + - djm@cvs.openbsd.org 2008/06/30 10:43:03 + [regress/conch-ciphers.sh] + explicitly disable conch options that could interfere with the test + - (dtucker) [sftp-server.c] Bug #1447: fall back to racy rename if link + returns EXDEV. Patch from Mike Garrison, ok djm@ + - (djm) [atomicio.c channels.c clientloop.c defines.h includes.h] + [packet.c scp.c serverloop.c sftp-client.c ssh-agent.c ssh-keyscan.c] + [sshd.c] Explicitly handle EWOULDBLOCK wherever we handle EAGAIN, on + some platforms (HP nonstop) it is a distinct errno; + bz#1467 reported by sconeu AT yahoo.com; ok dtucker@ + +20080702 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/06/30 08:05:59 + [PROTOCOL.agent] + typo: s/constraint_date/constraint_data/ + - djm@cvs.openbsd.org 2008/06/30 12:15:39 + [serverloop.c] + only pass channel requests on session channels through to the session + channel handler, avoiding spurious log messages; ok! markus@ + - djm@cvs.openbsd.org 2008/06/30 12:16:02 + [nchan.c] + only send eow@openssh.com notifications for session channels; ok! markus@ + - djm@cvs.openbsd.org 2008/06/30 12:18:34 + [PROTOCOL] + clarify that eow@openssh.com is only sent on session channels + - dtucker@cvs.openbsd.org 2008/07/01 07:20:52 + [sshconnect.c] + Check ExitOnForwardFailure if forwardings are disabled due to a failed + host key check. ok djm@ + - dtucker@cvs.openbsd.org 2008/07/01 07:24:22 + [sshconnect.c sshd.c] + Send CR LF during protocol banner exchanges, but only for Protocol 2 only, + in order to comply with RFC 4253. bz #1443, ok djm@ + - stevesk@cvs.openbsd.org 2008/07/01 23:12:47 + [PROTOCOL.agent] + fix some typos; ok djm@ + - djm@cvs.openbsd.org 2008/07/02 02:24:18 + [sshd_config sshd_config.5 sshd.8 servconf.c] + increase default size of ssh protocol 1 ephemeral key from 768 to 1024 + bits; prodded by & ok dtucker@ ok deraadt@ + - dtucker@cvs.openbsd.org 2008/07/02 12:03:51 + [auth-rsa.c auth.c auth2-pubkey.c auth.h] + Merge duplicate host key file checks, based in part on a patch from Rob + Holland via bz #1348 . Also checks for non-regular files during protocol + 1 RSA auth. ok djm@ + - djm@cvs.openbsd.org 2008/07/02 12:36:39 + [auth2-none.c auth2.c] + Make protocol 2 MaxAuthTries behaviour a little more sensible: + Check whether client has exceeded MaxAuthTries before running + an authentication method and skip it if they have, previously it + would always allow one try (for "none" auth). + Preincrement failure count before post-auth test - previously this + checked and postincremented, also to allow one "none" try. + Together, these two changes always count the "none" auth method + which could be skipped by a malicious client (e.g. an SSH worm) + to get an extra attempt at a real auth method. They also make + MaxAuthTries=0 a useful way to block users entirely (esp. in a + sshd_config Match block). + Also, move sending of any preauth banner from "none" auth method + to the first call to input_userauth_request(), so worms that skip + the "none" method get to see it too. + +20080630 + - (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2008/06/10 23:13:43 + [regress/Makefile regress/key-options.sh] + Add regress test for key options. ok djm@ + - dtucker@cvs.openbsd.org 2008/06/11 23:11:40 + [regress/Makefile] + Don't run cipher-speed test by default; mistakenly enabled by me + - djm@cvs.openbsd.org 2008/06/28 13:57:25 + [regress/Makefile regress/test-exec.sh regress/conch-ciphers.sh] + very basic regress test against Twisted Conch in "make interop" + target (conch is available in ports/devel/py-twisted/conch); + ok markus@ + - (djm) [regress/Makefile] search for conch by path, like we do putty + +20080629 + - (djm) OpenBSD CVS Sync + - martynas@cvs.openbsd.org 2008/06/21 07:46:46 + [sftp.c] + use optopt to get invalid flag, instead of return value of getopt, + which is always '?'; ok djm@ + - otto@cvs.openbsd.org 2008/06/25 11:13:43 + [key.c] + add key length to visual fingerprint; zap magical constants; + ok grunk@ djm@ + - djm@cvs.openbsd.org 2008/06/26 06:10:09 + [sftp-client.c sftp-server.c] + allow the sftp chmod(2)-equivalent operation to set set[ug]id/sticky + bits. Note that this only affects explicit setting of modes (e.g. via + sftp(1)'s chmod command) and not file transfers. (bz#1310) + ok deraadt@ at c2k8 + - djm@cvs.openbsd.org 2008/06/26 09:19:40 + [dh.c dh.h moduli.c] + when loading moduli from /etc/moduli in sshd(8), check that they + are of the expected "safe prime" structure and have had + appropriate primality tests performed; + feedback and ok dtucker@ + - grunk@cvs.openbsd.org 2008/06/26 11:46:31 + [readconf.c readconf.h ssh.1 ssh_config.5 sshconnect.c] + Move SSH Fingerprint Visualization away from sharing the config option + CheckHostIP to an own config option named VisualHostKey. + While there, fix the behaviour that ssh would draw a random art picture + on every newly seen host even when the option was not enabled. + prodded by deraadt@, discussions, + help and ok markus@ djm@ dtucker@ + - jmc@cvs.openbsd.org 2008/06/26 21:11:46 + [ssh.1] + add VisualHostKey to the list of options listed in -o; + - djm@cvs.openbsd.org 2008/06/28 07:25:07 + [PROTOCOL] + spelling fixes + - djm@cvs.openbsd.org 2008/06/28 13:58:23 + [ssh-agent.c] + refuse to add a key that has unknown constraints specified; + ok markus + - djm@cvs.openbsd.org 2008/06/28 14:05:15 + [ssh-agent.c] + reset global compat flag after processing a protocol 2 signature + request with the legacy DSA encoding flag set; ok markus + - djm@cvs.openbsd.org 2008/06/28 14:08:30 + [PROTOCOL PROTOCOL.agent] + document the protocol used by ssh-agent; "looks ok" markus@ + +20080628 + - (djm) [RFC.nroff contrib/cygwin/Makefile contrib/suse/openssh.spec] + RFC.nroff lacks a license, remove it (it is long gone in OpenBSD). + +20080626 + - (djm) [Makefile.in moduli.5] Include moduli(5) manpage from OpenBSD. + (bz#1372) + - (djm) [ contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Include moduli.5 in RPM spec files. + +20080616 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2008/06/16 13:22:53 + [session.c channels.c] + Rename the isatty argument to is_tty so we don't shadow + isatty(3). ok markus@ + - (dtucker) [channels.c] isatty -> is_tty here too. + +20080615 + - (dtucker) [configure.ac] Enable -fno-builtin-memset when using gcc. + - OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2008/06/14 15:49:48 + [sshd.c] + wrap long line at 80 chars + - dtucker@cvs.openbsd.org 2008/06/14 17:07:11 + [sshd.c] + ensure default umask disallows at least group and world write; ok djm@ + - djm@cvs.openbsd.org 2008/06/14 18:33:43 + [session.c] + suppress the warning message from chdir(homedir) failures + when chrooted (bz#1461); ok dtucker + - dtucker@cvs.openbsd.org 2008/06/14 19:42:10 + [scp.1] + Mention that scp follows symlinks during -r. bz #1466, + from nectar at apple + - dtucker@cvs.openbsd.org 2008/06/15 16:55:38 + [sshd_config.5] + MaxSessions is allowed in a Match block too + - dtucker@cvs.openbsd.org 2008/06/15 16:58:40 + [servconf.c sshd_config.5] + Allow MaxAuthTries within a Match block. ok djm@ + - djm@cvs.openbsd.org 2008/06/15 20:06:26 + [channels.c channels.h session.c] + don't call isatty() on a pty master, instead pass a flag down to + channel_set_fds() indicating that te fds refer to a tty. Fixes a + hang on exit on Solaris (bz#1463) in portable but is actually + a generic bug; ok dtucker deraadt markus + +20080614 + - (djm) [openbsd-compat/sigact.c] Avoid NULL derefs in ancient sigaction + replacement code; patch from ighighi AT gmail.com in bz#1240; + ok dtucker + +20080613 + - (dtucker) OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2008/06/13 09:44:36 + [packet.c] + compile on older gcc; no decl after code + - dtucker@cvs.openbsd.org 2008/06/13 13:56:59 + [monitor.c] + Clear key options in the monitor on failed authentication, prevents + applying additional restrictions to non-pubkey authentications in + the case where pubkey fails but another method subsequently succeeds. + bz #1472, found by Colin Watson, ok markus@ djm@ + - dtucker@cvs.openbsd.org 2008/06/13 14:18:51 + [auth2-pubkey.c auth-rhosts.c] + Include unistd.h for close(), prevents warnings in -portable + - dtucker@cvs.openbsd.org 2008/06/13 17:21:20 + [mux.c] + Friendlier error messages for mux fallback. ok djm@ + - dtucker@cvs.openbsd.org 2008/06/13 18:55:22 + [scp.c] + Prevent -Wsign-compare warnings on LP64 systems. bz #1192, ok deraadt@ + - grunk@cvs.openbsd.org 2008/06/13 20:13:26 + [ssh.1] + Explain the use of SSH fpr visualization using random art, and cite the + original scientific paper inspiring that technique. + Much help with English and nroff by jmc@, thanks. + - (dtucker) [configure.ac] Bug #1276: avoid linking against libgssapi, which + despite its name doesn't seem to implement all of GSSAPI. Patch from + Jan Engelhardt, sanity checked by Simon Wilkinson. + +20080612 + - (dtucker) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2008/06/11 07:30:37 + [sshd.8] + kill trailing whitespace; + - grunk@cvs.openbsd.org 2008/06/11 21:01:35 + [ssh_config.5 key.h readconf.c readconf.h ssh-keygen.1 ssh-keygen.c key.c + sshconnect.c] + Introduce SSH Fingerprint ASCII Visualization, a technique inspired by the + graphical hash visualization schemes known as "random art", and by + Dan Kaminsky's musings on the subject during a BlackOp talk at the + 23C3 in Berlin. + Scientific publication (original paper): + "Hash Visualization: a New Technique to improve Real-World Security", + Perrig A. and Song D., 1999, International Workshop on Cryptographic + Techniques and E-Commerce (CrypTEC '99) + http://sparrow.ece.cmu.edu/~adrian/projects/validation/validation.pdf + The algorithm used here is a worm crawling over a discrete plane, + leaving a trace (augmenting the field) everywhere it goes. + Movement is taken from dgst_raw 2bit-wise. Bumping into walls + makes the respective movement vector be ignored for this turn, + thus switching to the other color of the chessboard. + Graphs are not unambiguous for now, because circles in graphs can be + walked in either direction. + discussions with several people, + help, corrections and ok markus@ djm@ + - grunk@cvs.openbsd.org 2008/06/11 21:38:25 + [ssh-keygen.c] + ssh-keygen -lv -f /etc/ssh/ssh_host_rsa_key.pub + would not display you the random art as intended, spotted by canacar@ + - grunk@cvs.openbsd.org 2008/06/11 22:20:46 + [ssh-keygen.c ssh-keygen.1] + ssh-keygen would write fingerprints to STDOUT, and random art to STDERR, + that is not how it was envisioned. + Also correct manpage saying that -v is needed along with -l for it to work. + spotted by naddy@ + - otto@cvs.openbsd.org 2008/06/11 23:02:22 + [key.c] + simpler way of computing the augmentations; ok grunk@ + - grunk@cvs.openbsd.org 2008/06/11 23:03:56 + [ssh_config.5] + CheckHostIP set to ``fingerprint'' will display both hex and random art + spotted by naddy@ + - grunk@cvs.openbsd.org 2008/06/11 23:51:57 + [key.c] + #define statements that are not atoms need braces around them, else they + will cause trouble in some cases. + Also do a computation of -1 once, and not in a loop several times. + spotted by otto@ + - dtucker@cvs.openbsd.org 2008/06/12 00:03:49 + [dns.c canohost.c sshconnect.c] + Do not pass "0" strings as ports to getaddrinfo because the lookups + can slow things down and we never use the service info anyway. bz + #859, patch from YOSHIFUJI Hideaki and John Devitofranceschi. ok + deraadt@ djm@ + djm belives that the reason for the "0" strings is to ensure that + it's not possible to call getaddrinfo with both host and port being + NULL. In the case of canohost.c host is a local array. In the + case of sshconnect.c, it's checked for null immediately before use. + In dns.c it ultimately comes from ssh.c:main() and is guaranteed to + be non-null but it's not obvious, so I added a warning message in + case it is ever passed a null. + - grunk@cvs.openbsd.org 2008/06/12 00:13:55 + [sshconnect.c] + Make ssh print the random art also when ssh'ing to a host using IP only. + spotted by naddy@, ok and help djm@ dtucker@ + - otto@cvs.openbsd.org 2008/06/12 00:13:13 + [key.c] + use an odd number of rows and columns and a separate start marker, looks + better; ok grunk@ + - djm@cvs.openbsd.org 2008/06/12 03:40:52 + [clientloop.h mux.c channels.c clientloop.c channels.h] + Enable ~ escapes for multiplex slave sessions; give each channel + its own escape state and hook the escape filters up to muxed + channels. bz #1331 + Mux slaves do not currently support the ~^Z and ~& escapes. + NB. this change cranks the mux protocol version, so a new ssh + mux client will not be able to connect to a running old ssh + mux master. + ok dtucker@ + - djm@cvs.openbsd.org 2008/06/12 04:06:00 + [clientloop.h ssh.c clientloop.c] + maintain an ordered queue of outstanding global requests that we + expect replies to, similar to the per-channel confirmation queue. + Use this queue to verify success or failure for remote forward + establishment in a race free way. + ok dtucker@ + - djm@cvs.openbsd.org 2008/06/12 04:17:47 + [clientloop.c] + thall shalt not code past the eightieth column + - djm@cvs.openbsd.org 2008/06/12 04:24:06 + [ssh.c] + thal shalt not code past the eightieth column + - djm@cvs.openbsd.org 2008/06/12 05:15:41 + [PROTOCOL] + document tun@openssh.com forwarding method + - djm@cvs.openbsd.org 2008/06/12 05:32:30 + [mux.c] + some more TODO for me + - grunk@cvs.openbsd.org 2008/06/12 05:42:46 + [key.c] + supply the key type (rsa1, rsa, dsa) as a caption in the frame of the + random art. while there, stress the fact that the field base should at + least be 8 characters for the pictures to make sense. + comment and ok djm@ + - grunk@cvs.openbsd.org 2008/06/12 06:32:59 + [key.c] + We already mark the start of the worm, now also mark the end of the worm + in our random art drawings. + ok djm@ + - djm@cvs.openbsd.org 2008/06/12 15:19:17 + [clientloop.h channels.h clientloop.c channels.c mux.c] + The multiplexing escape char handler commit last night introduced a + small memory leak per session; plug it. + - dtucker@cvs.openbsd.org 2008/06/12 16:35:31 + [ssh_config.5 ssh.c] + keyword expansion for localcommand. ok djm@ + - jmc@cvs.openbsd.org 2008/06/12 19:10:09 + [ssh_config.5 ssh-keygen.1] + tweak the ascii art text; ok grunk + - dtucker@cvs.openbsd.org 2008/06/12 20:38:28 + [sshd.c sshconnect.c packet.h misc.c misc.h packet.c] + Make keepalive timeouts apply while waiting for a packet, particularly + during key renegotiation (bz #1363). With djm and Matt Day, ok djm@ + - djm@cvs.openbsd.org 2008/06/12 20:47:04 + [sftp-client.c] + print extension revisions for extensions that we understand + - djm@cvs.openbsd.org 2008/06/12 21:06:25 + [clientloop.c] + I was coalescing expected global request confirmation replies at + the wrong end of the queue - fix; prompted by markus@ + - grunk@cvs.openbsd.org 2008/06/12 21:14:46 + [ssh-keygen.c] + make ssh-keygen -lf show the key type just as ssh-add -l would do it + ok djm@ markus@ + - grunk@cvs.openbsd.org 2008/06/12 22:03:36 + [key.c] + add my copyright, ok djm@ + - ian@cvs.openbsd.org 2008/06/12 23:24:58 + [sshconnect.c] + tweak wording in message, ok deraadt@ jmc@ + - dtucker@cvs.openbsd.org 2008/06/13 00:12:02 + [sftp.h log.h] + replace __dead with __attribute__((noreturn)), makes things + a little easier to port. Also, add it to sigdie(). ok djm@ + - djm@cvs.openbsd.org 2008/06/13 00:16:49 + [mux.c] + fall back to creating a new TCP connection on most multiplexing errors + (socket connect fail, invalid version, refused permittion, corrupted + messages, etc.); bz #1329 ok dtucker@ + - dtucker@cvs.openbsd.org 2008/06/13 00:47:53 + [mux.c] + upcast size_t to u_long to match format arg; ok djm@ + - dtucker@cvs.openbsd.org 2008/06/13 00:51:47 + [mac.c] + upcast another size_t to u_long to match format + - dtucker@cvs.openbsd.org 2008/06/13 01:38:23 + [misc.c] + upcast uid to long with matching %ld, prevents warnings in portable + - djm@cvs.openbsd.org 2008/06/13 04:40:22 + [auth2-pubkey.c auth-rhosts.c] + refuse to read ~/.shosts or ~/.ssh/authorized_keys that are not + regular files; report from Solar Designer via Colin Watson in bz#1471 + ok dtucker@ deraadt + - (dtucker) [clientloop.c serverloop.c] channel_register_filter now + takes 2 more args. with djm@ + - (dtucker) [defines.h] Bug #1112: __dead is, well dead. Based on a patch + from Todd Vierling. + - (dtucker) [auth-sia.c] Bug #1241: support password expiry on Tru64 SIA + systems. Patch from R. Scott Bailey. + - (dtucker) [umac.c] STORE_UINT32_REVERSED and endian_convert are never used + on big endian machines, so ifdef them for little-endian only to prevent + unused function warnings on big-endians. + - (dtucker) [openbsd-compat/setenv.c] Make offsets size_t to prevent + compiler warnings on some platforms. Based on a discussion with otto@ + +20080611 + - (djm) [channels.c configure.ac] + Do not set SO_REUSEADDR on wildcard X11 listeners (X11UseLocalhost=no) + bz#1464; ok dtucker + +20080610 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/06/10 03:57:27 + [servconf.c match.h sshd_config.5] + support CIDR address matching in sshd_config "Match address" blocks, with + full support for negation and fall-back to classic wildcard matching. + For example: + Match address 192.0.2.0/24,3ffe:ffff::/32,!10.* + PasswordAuthentication yes + addrmatch.c code mostly lifted from flowd's addr.c + feedback and ok dtucker@ + - djm@cvs.openbsd.org 2008/06/10 04:17:46 + [sshd_config.5] + better reference for pattern-list + - dtucker@cvs.openbsd.org 2008/06/10 04:50:25 + [sshd.c channels.h channels.c log.c servconf.c log.h servconf.h sshd.8] + Add extended test mode (-T) and connection parameters for test mode (-C). + -T causes sshd to write its effective configuration to stdout and exit. + -C causes any relevant Match rules to be applied before output. The + combination allows tesing of the parser and config files. ok deraadt djm + - jmc@cvs.openbsd.org 2008/06/10 07:12:00 + [sshd_config.5] + tweak previous; + - jmc@cvs.openbsd.org 2008/06/10 08:17:40 + [sshd.8 sshd.c] + - update usage() + - fix SYNOPSIS, and sort options + - some minor additional fixes + - dtucker@cvs.openbsd.org 2008/06/09 18:06:32 + [regress/test-exec.sh] + Don't generate putty keys if we're not going to use them. ok djm + - dtucker@cvs.openbsd.org 2008/06/10 05:23:32 + [regress/addrmatch.sh regress/Makefile] + Regress test for Match CIDR rules. ok djm@ + - dtucker@cvs.openbsd.org 2008/06/10 15:21:41 + [test-exec.sh] + Use a more portable construct for checking if we're running a putty test + - dtucker@cvs.openbsd.org 2008/06/10 15:28:49 + [test-exec.sh] + Add quotes + - dtucker@cvs.openbsd.org 2008/06/10 18:21:24 + [ssh_config.5] + clarify that Host patterns are space-separated. ok deraadt + - djm@cvs.openbsd.org 2008/06/10 22:15:23 + [PROTOCOL ssh.c serverloop.c] + Add a no-more-sessions@openssh.com global request extension that the + client sends when it knows that it will never request another session + (i.e. when session multiplexing is disabled). This allows a server to + disallow further session requests and terminate the session. + Why would a non-multiplexing client ever issue additional session + requests? It could have been attacked with something like SSH'jack: + http://www.storm.net.nz/projects/7 + feedback & ok markus + - djm@cvs.openbsd.org 2008/06/10 23:06:19 + [auth-options.c match.c servconf.c addrmatch.c sshd.8] + support CIDR address matching in .ssh/authorized_keys from="..." stanzas + ok and extensive testing dtucker@ + - dtucker@cvs.openbsd.org 2008/06/10 23:21:34 + [bufaux.c] + Use '\0' for a nul byte rather than unadorned 0. ok djm@ + - dtucker@cvs.openbsd.org 2008/06/10 23:13:43 + [Makefile regress/key-options.sh] + Add regress test for key options. ok djm@ + - (dtucker) [openbsd-compat/fake-rfc2553.h] Add sin6_scope_id to sockaddr_in6 + since the new CIDR code in addmatch.c references it. + - (dtucker) [Makefile.in configure.ac regress/addrmatch.sh] Skip IPv6 + specific tests on platforms that don't do IPv6. + - (dtucker) [Makefile.in] Define TEST_SSH_IPV6 in make's arguments as well + as environment. + - (dtucker) [Makefile.in] Move addrmatch.o to libssh.a where it's needed now. + +20080609 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2008/06/08 17:04:41 + [sftp-server.c] + Add case for ENOSYS in errno_to_portable; ok deraadt + - dtucker@cvs.openbsd.org 2008/06/08 20:15:29 + [sftp.c sftp-client.c sftp-client.h] + Have the sftp client store the statvfs replies in wire format, + which prevents problems when the server's native sizes exceed the + client's. + Also extends the sizes of the remaining 32bit wire format to 64bit, + they're specified as unsigned long in the standard. + - dtucker@cvs.openbsd.org 2008/06/09 13:02:39 + [sftp-server.c] + Extend 32bit -> 64bit values for statvfs extension missed in previous + commit. + - dtucker@cvs.openbsd.org 2008/06/09 13:38:46 + [PROTOCOL] + Use a $OpenBSD tag so our scripts will sync changes. + +20080608 + - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c + openbsd-compat/Makefile.in openbsd-compat/openbsd-compat.h + openbsd-compat/bsd-statvfs.{c,h}] Add a null implementation of statvfs and + fstatvfs and remove #defines around statvfs code. ok djm@ + - (dtucker) [configure.ac defines.h sftp-client.c M sftp-server.c] Add a + macro to convert fsid to unsigned long for platforms where fsid is a + 2-member array. + +20080607 + - (dtucker) [mux.c] Include paths.h inside ifdef HAVE_PATHS_H. + - (dtucker) [configure.ac defines.h sftp-client.c sftp-server.c sftp.c] + Do not enable statvfs extensions on platforms that do not have statvfs. + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/05/19 06:14:02 + [packet.c] unbreak protocol keepalive timeouts bz#1465; ok dtucker@ + - djm@cvs.openbsd.org 2008/05/19 15:45:07 + [sshtty.c ttymodes.c sshpty.h] + Fix sending tty modes when stdin is not a tty (bz#1199). Previously + we would send the modes corresponding to a zeroed struct termios, + whereas we should have been sending an empty list of modes. + Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@ + - djm@cvs.openbsd.org 2008/05/19 15:46:31 + [ssh-keygen.c] + support -l (print fingerprint) in combination with -F (find host) to + search for a host in ~/.ssh/known_hosts and display its fingerprint; + ok markus@ + - djm@cvs.openbsd.org 2008/05/19 20:53:52 + [clientloop.c] + unbreak tree by committing this bit that I missed from: + Fix sending tty modes when stdin is not a tty (bz#1199). Previously + we would send the modes corresponding to a zeroed struct termios, + whereas we should have been sending an empty list of modes. + Based on patch from daniel.ritz AT alcatel.ch; ok dtucker@ markus@ + +20080604 + - (djm) [openbsd-compat/bsd-arc4random.c] Fix math bug that caused bias + in arc4random_uniform with upper_bound in (2^30,2*31). Note that + OpenSSH did not make requests with upper bounds in this range. + +20080519 + - (djm) [configure.ac mux.c sftp.c openbsd-compat/Makefile.in] + [openbsd-compat/fmt_scaled.c openbsd-compat/openbsd-compat.h] + Fix compilation on Linux, including pulling in fmt_scaled(3) + implementation from OpenBSD's libutil. + +20080518 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/04/04 05:14:38 + [sshd_config.5] + ChrootDirectory is supported in Match blocks (in fact, it is most useful + there). Spotted by Minstrel AT minstrel.org.uk + - djm@cvs.openbsd.org 2008/04/04 06:44:26 + [sshd_config.5] + oops, some unrelated stuff crept into that commit - backout. + spotted by jmc@ + - djm@cvs.openbsd.org 2008/04/05 02:46:02 + [sshd_config.5] + HostbasedAuthentication is supported under Match too + - (djm) [openbsd-compat/bsd-arc4random.c openbsd-compat/openbsd-compat.c] + [configure.ac] Implement arc4random_buf(), import implementation of + arc4random_uniform() from OpenBSD + - (djm) [openbsd-compat/bsd-arc4random.c] Warning fixes + - (djm) [openbsd-compat/port-tun.c] needs sys/queue.h + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2008/04/13 00:22:17 + [dh.c sshd.c] + Use arc4random_buf() when requesting more than a single word of output + Use arc4random_uniform() when the desired random number upper bound + is not a power of two + ok deraadt@ millert@ + - djm@cvs.openbsd.org 2008/04/18 12:32:11 + [sftp-client.c sftp-client.h sftp-server.c sftp.1 sftp.c sftp.h] + introduce sftp extension methods statvfs@openssh.com and + fstatvfs@openssh.com that implement statvfs(2)-like operations, + based on a patch from miklos AT szeredi.hu (bz#1399) + also add a "df" command to the sftp client that uses the + statvfs@openssh.com to produce a df(1)-like display of filesystem + space and inode utilisation + ok markus@ + - jmc@cvs.openbsd.org 2008/04/18 17:15:47 + [sftp.1] + macro fixage; + - djm@cvs.openbsd.org 2008/04/18 22:01:33 + [session.c] + remove unneccessary parentheses + - otto@cvs.openbsd.org 2008/04/29 11:20:31 + [monitor_mm.h] + garbage collect two unused fields in struct mm_master; ok markus@ + - djm@cvs.openbsd.org 2008/04/30 10:14:03 + [ssh-keyscan.1 ssh-keyscan.c] + default to rsa (protocol 2) keys, instead of rsa1 keys; spotted by + larsnooden AT openoffice.org + - pyr@cvs.openbsd.org 2008/05/07 05:49:37 + [servconf.c servconf.h session.c sshd_config.5] + Enable the AllowAgentForwarding option in sshd_config (global and match + context), to specify if agents should be permitted on the server. + As the man page states: + ``Note that disabling Agent forwarding does not improve security + unless users are also denied shell access, as they can always install + their own forwarders.'' + ok djm@, ok and a mild frown markus@ + - pyr@cvs.openbsd.org 2008/05/07 06:43:35 + [sshd_config] + push the sshd_config bits in, spotted by ajacoutot@ + - jmc@cvs.openbsd.org 2008/05/07 08:00:14 + [sshd_config.5] + sort; + - markus@cvs.openbsd.org 2008/05/08 06:59:01 + [bufaux.c buffer.h channels.c packet.c packet.h] + avoid extra malloc/copy/free when receiving data over the net; + ~10% speedup for localhost-scp; ok djm@ + - djm@cvs.openbsd.org 2008/05/08 12:02:23 + [auth-options.c auth1.c channels.c channels.h clientloop.c gss-serv.c] + [monitor.c monitor_wrap.c nchan.c servconf.c serverloop.c session.c] + [ssh.c sshd.c] + Implement a channel success/failure status confirmation callback + mechanism. Each channel maintains a queue of callbacks, which will + be drained in order (RFC4253 guarantees confirm messages are not + reordered within an channel). + Also includes a abandonment callback to clean up if a channel is + closed without sending confirmation messages. This probably + shouldn't happen in compliant implementations, but it could be + abused to leak memory. + ok markus@ (as part of a larger diff) + - djm@cvs.openbsd.org 2008/05/08 12:21:16 + [monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c] + [sshd_config sshd_config.5] + Make the maximum number of sessions run-time controllable via + a sshd_config MaxSessions knob. This is useful for disabling + login/shell/subsystem access while leaving port-forwarding working + (MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or + simply increasing the number of allows multiplexed sessions. + Because some bozos are sure to configure MaxSessions in excess of the + number of available file descriptors in sshd (which, at peak, might be + as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds + on error paths, and make it fail gracefully on out-of-fd conditions - + sending channel errors instead of than exiting with fatal(). + bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com + ok markus@ + - djm@cvs.openbsd.org 2008/05/08 13:06:11 + [clientloop.c clientloop.h ssh.c] + Use new channel status confirmation callback system to properly deal + with "important" channel requests that fail, in particular command exec, + shell and subsystem requests. Previously we would optimistically assume + that the requests would always succeed, which could cause hangs if they + did not (e.g. when the server runs out of fds) or were unimplemented by + the server (bz #1384) + Also, properly report failing multiplex channel requests via the mux + client stderr (subject to LogLevel in the mux master) - better than + silently failing. + most bits ok markus@ (as part of a larger diff) + - djm@cvs.openbsd.org 2008/05/09 04:55:56 + [channels.c channels.h clientloop.c serverloop.c] + Try additional addresses when connecting to a port forward destination + whose DNS name resolves to more than one address. The previous behaviour + was to try the first address and give up. + Reported by stig AT venaas.com in bz#343 + great feedback and ok markus@ + - djm@cvs.openbsd.org 2008/05/09 14:18:44 + [clientloop.c clientloop.h ssh.c mux.c] + tidy up session multiplexing code, moving it into its own file and + making the function names more consistent - making ssh.c and + clientloop.c a fair bit more readable. + ok markus@ + - djm@cvs.openbsd.org 2008/05/09 14:26:08 + [ssh.c] + dingo stole my diff hunk + - markus@cvs.openbsd.org 2008/05/09 16:16:06 + [session.c] + re-add the USE_PIPES code and enable it. + without pipes shutdown-read from the sshd does not trigger + a SIGPIPE when the forked program does a write. + ok djm@ + (Id sync only, USE_PIPES never left portable OpenSSH) + - markus@cvs.openbsd.org 2008/05/09 16:17:51 + [channels.c] + error-fd race: don't enable the error fd in the select bitmask + for channels with both in- and output closed, since the channel + will go away before we call select(); + report, lots of debugging help and ok djm@ + - markus@cvs.openbsd.org 2008/05/09 16:21:13 + [channels.h clientloop.c nchan.c serverloop.c] + unbreak + ssh -2 localhost od /bin/ls | true + ignoring SIGPIPE by adding a new channel message (EOW) that signals + the peer that we're not interested in any data it might send. + fixes bz #85; discussion, debugging and ok djm@ + - pvalchev@cvs.openbsd.org 2008/05/12 20:52:20 + [umac.c] + Ensure nh_result lies on a 64-bit boundary (fixes warnings observed + on Itanium on Linux); from Dale Talcott (bug #1462); ok djm@ + - djm@cvs.openbsd.org 2008/05/15 23:52:24 + [nchan2.ms] + document eow message in ssh protocol 2 channel state machine; + feedback and ok markus@ + - djm@cvs.openbsd.org 2008/05/18 21:29:05 + [sftp-server.c] + comment extension announcement + - djm@cvs.openbsd.org 2008/05/16 08:30:42 + [PROTOCOL] + document our protocol extensions and deviations; ok markus@ + - djm@cvs.openbsd.org 2008/05/17 01:31:56 + [PROTOCOL] + grammar and correctness fixes from stevesk@ + +20080403 + - (djm) [openbsd-compat/bsd-poll.c] Include stdlib.h to avoid compile- + time warnings on LynxOS. Patch from ops AT iki.fi + - (djm) Force string arguments to replacement setproctitle() though + strnvis first. Ok dtucker@ + +20080403 + - (djm) OpenBSD CVS sync: + - markus@cvs.openbsd.org 2008/04/02 15:36:51 + [channels.c] + avoid possible hijacking of x11-forwarded connections (back out 1.183) + CVE-2008-1483; ok djm@ + - jmc@cvs.openbsd.org 2008/03/27 22:37:57 + [sshd.8] + remove trailing whitespace; + - djm@cvs.openbsd.org 2008/04/03 09:50:14 + [version.h] + openssh-5.0 + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers in RPM spec files + - (djm) [README] Update link to release notes + - (djm) Release 5.0p1 + +20080315 + - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are + empty; report and patch from Peter Stuge + - (djm) [regress/test-exec.sh] Silence noise from detection of putty + commands; report from Peter Stuge + - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing + crashes when used with ChrootDirectory + + +20080327 + - (dtucker) Cache selinux status earlier so we know if it's enabled after a + chroot. Allows ChrootDirectory to work with selinux support compiled in + but not enabled. Using it with selinux enabled will require some selinux + support inside the chroot. "looks sane" djm@ + - (djm) Fix RCS ident in sftp-server-main.c + - (djm) OpenBSD CVS sync: + - jmc@cvs.openbsd.org 2008/02/11 07:58:28 + [ssh.1 sshd.8 sshd_config.5] + bump Mdocdate for pages committed in "febuary", necessary because + of a typo in rcs.c; + - deraadt@cvs.openbsd.org 2008/03/13 01:49:53 + [monitor_fdpass.c] + Correct CMSG_SPACE and CMSG_LEN usage everywhere in the tree. Due to + an extensive discussion with otto, kettenis, millert, and hshoexer + - deraadt@cvs.openbsd.org 2008/03/15 16:19:02 + [monitor_fdpass.c] + Repair the simple cases for msg_controllen where it should just be + CMSG_SIZE(sizeof(int)), not sizeof(buffer) which may be larger because + of alignment; ok kettenis hshoexer + - djm@cvs.openbsd.org 2008/03/23 12:54:01 + [sftp-client.c] + prefer POSIX-style file renaming over filexfer rename behaviour if the + server supports the posix-rename@openssh.com extension. + Note that the old (filexfer) behaviour would refuse to clobber an + existing file. Users who depended on this should adjust their sftp(1) + usage. + ok deraadt@ markus@ + - deraadt@cvs.openbsd.org 2008/03/24 16:11:07 + [monitor_fdpass.c] + msg_controllen has to be CMSG_SPACE so that the kernel can account for + each cmsg_len (ie. msg_controllen = sum of CMSG_ALIGN(cmsg_len). This + works now that kernel fd passing has been fixed to accept a bit of + sloppiness because of this ABI repair. + lots of discussion with kettenis + - djm@cvs.openbsd.org 2008/03/25 11:58:02 + [session.c sshd_config.5] + ignore ~/.ssh/rc if a sshd_config ForceCommand is specified; + from dtucker@ ok deraadt@ djm@ + - djm@cvs.openbsd.org 2008/03/25 23:01:41 + [session.c] + last patch had backwards test; spotted by termim AT gmail.com + - djm@cvs.openbsd.org 2008/03/26 21:28:14 + [auth-options.c auth-options.h session.c sshd.8] + add no-user-rc authorized_keys option to disable execution of ~/.ssh/rc + - djm@cvs.openbsd.org 2008/03/27 00:16:49 + [version.h] + openssh-4.9 + - djm@cvs.openbsd.org 2008/03/24 21:46:54 + [regress/sftp-badcmds.sh] + disable no-replace rename test now that we prefer a POSIX rename; spotted + by dkrause@ + - (djm) [configure.ac] fix alignment of --without-stackprotect description + - (djm) [configure.ac] --with-selinux too + - (djm) [regress/Makefile] cleanup PuTTY interop test droppings + - (djm) [README] Update link to release notes + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] Crank version numbers in RPM spec files + - (djm) Release 4.9p1 + +20080315 + - (djm) [regress/test-exec.sh] Quote putty-related variables in case they are + empty; report and patch from Peter Stuge + - (djm) [regress/test-exec.sh] Silence noise from detection of putty + commands; report from Peter Stuge + - (djm) [session.c] Relocate incorrectly-placed closefrom() that was causing + crashes when used with ChrootDirectory + +20080314 + - (tim) [regress/sftp-cmds.sh] s/cd/lcd/ in lls test. Reported by + vinschen at redhat.com. Add () to put echo commands in subshell for lls test + I mistakenly left out of last commit. + - (tim) [regress/localcommand.sh] Shell portability fix. Reported by imorgan at + nas.nasa.gov + +20080313 + - (djm) [Makefile.in regress/Makefile] Fix interop-tests target (note to + self: make changes to Makefile.in next time, not the generated Makefile). + - (djm) [Makefile.in regress/test-exec.sh] Find installed plink(1) and + puttygen(1) by $PATH + - (tim) [scp.c] Use poll.h if available, fall back to sys/poll.h if not. Patch + by vinschen at redhat.com. + - (tim) [regress/sftp-cmds.sh regress/ssh2putty.sh] Shell portability fixes + from vinschen at redhat.com and imorgan at nas.nasa.gov + +20080312 + - (djm) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2007/10/29 06:57:13 + [regress/Makefile regress/localcommand.sh] + Add simple regress test for LocalCommand; ok djm@ + - jmc@cvs.openbsd.org 2007/11/25 15:35:09 + [regress/agent-getpeereid.sh regress/agent.sh] + more existant -> existent, from Martynas Venckus; + pfctl changes: ok henning + ssh changes: ok deraadt + - djm@cvs.openbsd.org 2007/12/12 05:04:03 + [regress/sftp-cmds.sh] + unbreak lls command and add a regress test that would have caught the + breakage; spotted by mouring@ + NB. sftp code change already committed. + - djm@cvs.openbsd.org 2007/12/21 04:13:53 + [regress/Makefile regress/test-exec.sh regress/putty-ciphers.sh] + [regress/putty-kex.sh regress/putty-transfer.sh regress/ssh2putty.sh] + basic (crypto, kex and transfer) interop regression tests against putty + To run these, install putty and run "make interop-tests" from the build + directory - the tests aren't run by default yet. + +20080311 + - (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move + pam_open_session and pam_close_session into the privsep monitor, which + will ensure that pam_session_close is called as root. Patch from Tomas + Mraz. + +20080309 + - (dtucker) [configure.ac] It turns out gcc's -fstack-protector-all doesn't + always work for all platforms and versions, so test what we can and + add a configure flag to turn it of if needed. ok djm@ + - (dtucker) [openbsd-compat/port-aix.{c,h}] Remove AIX specific initgroups + implementation. It's not needed to fix bug #1081 and breaks the build + on some AIX configurations. + - (dtucker) [openbsd-compat/regress/strtonumtest.c] Bug #1347: Use platform's + equivalent of LLONG_MAX for the compat regression tests, which makes them + run on AIX and HP-UX. Patch from David Leonard. + - (dtucker) [configure.ac] Run stack-protector tests with -Werror to catch + platforms where gcc understands the option but it's not supported (and + thus generates a warning). + +20080307 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2008/02/11 07:58:28 + [ssh.1 sshd.8 sshd_config.5] + bump Mdocdate for pages committed in "febuary", necessary because + of a typo in rcs.c; + - djm@cvs.openbsd.org 2008/02/13 22:38:17 + [servconf.h session.c sshd.c] + rekey arc4random and OpenSSL RNG in postauth child + closefrom fds > 2 before shell/command execution + ok markus@ + - mbalmer@cvs.openbsd.org 2008/02/14 13:10:31 + [sshd.c] + When started in configuration test mode (-t) do not check that sshd is + being started with an absolute path. + ok djm + - markus@cvs.openbsd.org 2008/02/20 15:25:26 + [session.c] + correct boolean encoding for coredump; der Mouse via dugsong + - djm@cvs.openbsd.org 2008/02/22 05:58:56 + [session.c] + closefrom() call was too early, delay it until just before we execute + the user's rc files (if any). + - dtucker@cvs.openbsd.org 2008/02/22 20:44:02 + [clientloop.c packet.c packet.h serverloop.c] + Allow all SSH2 packet types, including UNIMPLEMENTED to reset the + keepalive timer (bz #1307). ok markus@ + - djm@cvs.openbsd.org 2008/02/27 20:21:15 + [sftp-server.c] + add an extension method "posix-rename@openssh.com" to perform POSIX atomic + rename() operations. based on patch from miklos AT szeredi.hu in bz#1400; + ok dtucker@ markus@ + - deraadt@cvs.openbsd.org 2008/03/02 18:19:35 + [monitor_fdpass.c] + use a union to ensure alignment of the cmsg (pay attention: various other + parts of the tree need this treatment too); ok djm + - deraadt@cvs.openbsd.org 2008/03/04 21:15:42 + [version.h] + crank version; from djm + - (tim) [regress/sftp-glob.sh] Shell portability fix. + +20080302 + - (dtucker) [configure.ac] FreeBSD's glob() doesn't behave the way we expect + either, so use our own. + +20080229 + - (dtucker) [openbsd-compat/bsd-poll.c] We don't check for select(2) in + configure (and there's not much point, as openssh won't work without it) + so HAVE_SELECT is not defined and the poll(2) compat code doesn't get + built in. Remove HAVE_SELECT so we can build on platforms without poll. + - (dtucker) [scp.c] Include sys/poll.h inside HAVE_SYS_POLL_H. + - (djm) [contrib/gnome-ssh-askpass2.h] Keep askpass windown on top. From + Debian patch via bernd AT openbsd.org + +20080228 + - (dtucker) [configure.ac] Add -fstack-protector to LDFLAGS too, fixes + linking problems on AIX with gcc 4.1.x. + - (dtucker) [includes.h ssh-add.c ssh-agent.c ssh-keygen.c ssh.c sshd.c + openbsd-compat/openssl-compat.{c,h}] Bug #1437 Move the OpenSSL compat + header to after OpenSSL headers, since some versions of OpenSSL have + SSLeay_add_all_algorithms as a macro already. + - (dtucker) [key.c defines.h openbsd-compat/openssl-compat.h] Move old OpenSSL + compat glue into openssl-compat.h. + - (dtucker) [configure.ac openbsd-compat/port-aix.{c,h}] Bug #1081: Implement + getgrouplist via getgrset on AIX, rather than iterating over getgrent. + This allows, eg, Match and AllowGroups directives to work with NIS and + LDAP groups. + - (dtucker) [sshd.c] Bug #1042: make log messages for tcpwrappers use the + same SyslogFacility as the rest of sshd. Patch from William Knox, + ok djm@. + +20080225 + - (dtucker) [openbsd-compat/fake-rfc2553.h] rename ssh_gai_strerror hack + since it now conflicts with the helper function in misc.c. From + vinschen AT redhat.com. + - (dtucker) [configure.ac audit-bsm.c] Bug #1420: Add a local implementation + of aug_get_machine for systems that don't have their own (eg OS X, FreeBSD). + Help and testing from csjp at FreeBSD org, vgiffin at apple com. ok djm@ + - (dtucker) [includes.h openbsd-compat/openssl-compat.c] Bug #1437: reshuffle + headers so ./configure --with-ssl-engine actually works. Patch from + Ian Lister. + +20080224 + - (tim) [contrib/cygwin/ssh-host-config] + Grammar changes on SYSCONFDIR LOCALSTATEDIR messages. + Check more thoroughly that it's possible to create the /var/empty directory. + Patch by vinschen AT redhat.com + +20080210 + - OpenBSD CVS Sync + - chl@cvs.openbsd.org 2008/01/11 07:22:28 + [sftp-client.c sftp-client.h] + disable unused functions + initially from tobias@, but disabled them by placing them in + "#ifdef notyet" which was asked by djm@ + ok djm@ tobias@ + - djm@cvs.openbsd.org 2008/01/19 19:13:28 + [ssh.1] + satisfy the pedants: -q does not suppress all diagnostic messages (e.g. + some commandline parsing warnings go unconditionally to stdout). + - djm@cvs.openbsd.org 2008/01/19 20:48:53 + [clientloop.c] + fd leak on session multiplexing error path. Report and patch from + gregory_shively AT fanniemae.com + - djm@cvs.openbsd.org 2008/01/19 20:51:26 + [ssh.c] + ignore SIGPIPE in multiplex client mode - we can receive this if the + server runs out of fds on us midway. Report and patch from + gregory_shively AT fanniemae.com + - djm@cvs.openbsd.org 2008/01/19 22:04:57 + [sftp-client.c] + fix remote handle leak in do_download() local file open error path; + report and fix from sworley AT chkno.net + - djm@cvs.openbsd.org 2008/01/19 22:22:58 + [ssh-keygen.c] + when hashing individual hosts (ssh-keygen -Hf hostname), make sure we + hash just the specified hostname and not the entire hostspec from the + keyfile. It may be of the form "hostname,ipaddr", which would lead to + a hash that never matches. report and fix from jp AT devnull.cz + - djm@cvs.openbsd.org 2008/01/19 22:37:19 + [ssh-keygen.c] + unbreak line numbering (broken in revision 1.164), fix error message + - djm@cvs.openbsd.org 2008/01/19 23:02:40 + [channels.c] + When we added support for specified bind addresses for port forwards, we + added a quirk SSH_OLD_FORWARD_ADDR. There is a bug in our handling of + this for -L port forwards that causes the client to listen on both v4 + and v6 addresses when connected to a server with this quirk, despite + having set 0.0.0.0 as a bind_address. + report and patch from Jan.Pechanec AT Sun.COM; ok dtucker@ + - djm@cvs.openbsd.org 2008/01/19 23:09:49 + [readconf.c readconf.h sshconnect2.c] + promote rekeylimit to a int64 so it can hold the maximum useful limit + of 2^32; report and patch from Jan.Pechanec AT Sun.COM, ok dtucker@ + - djm@cvs.openbsd.org 2008/01/20 00:38:30 + [sftp.c] + When uploading, correctly handle the case of an unquoted filename with + glob metacharacters that match a file exactly but not as a glob, e.g. a + file called "[abcd]". report and test cases from duncan2nd AT gmx.de + - djm@cvs.openbsd.org 2008/01/21 17:24:30 + [sftp-server.c] + Remove the fixed 100 handle limit in sftp-server and allocate as many + as we have available file descriptors. Patch from miklos AT szeredi.hu; + ok dtucker@ markus@ + - djm@cvs.openbsd.org 2008/01/21 19:20:17 + [sftp-client.c] + when a remote write error occurs during an upload, ensure that ACKs for + all issued requests are properly drained. patch from t8m AT centrum.cz + - dtucker@cvs.openbsd.org 2008/01/23 01:56:54 + [clientloop.c packet.c serverloop.c] + Revert the change for bz #1307 as it causes connection aborts if an IGNORE + packet arrives while we're waiting in packet_read_expect (and possibly + elsewhere). + - jmc@cvs.openbsd.org 2008/01/31 20:06:50 + [scp.1] + explain how to handle local file names containing colons; + requested by Tamas TEVESZ + ok dtucker + - markus@cvs.openbsd.org 2008/02/04 21:53:00 + [session.c sftp-server.c sftp.h] + link sftp-server into sshd; feedback and ok djm@ + - mcbride@cvs.openbsd.org 2008/02/09 12:15:43 + [ssh.1 sshd.8] + Document the correct permissions for the ~/.ssh/ directory. + ok jmc + - djm@cvs.openbsd.org 2008/02/10 09:55:37 + [sshd_config.5] + mantion that "internal-sftp" is useful with ForceCommand too + - djm@cvs.openbsd.org 2008/02/10 10:54:29 + [servconf.c session.c] + delay ~ expansion for ChrootDirectory so it expands to the logged-in user's + home, rather than the user who starts sshd (probably root) + +20080119 + - (djm) Silence noice from expr in ssh-copy-id; patch from + mikel AT mikelward.com + - (djm) Only listen for IPv6 connections on AF_INET6 sockets; patch from + tsr2600 AT gmail.com + +20080102 + - (dtucker) [configure.ac] Fix message for -fstack-protector-all test. + +20080101 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2007/12/31 10:41:31 + [readconf.c servconf.c] + Prevent strict-aliasing warnings on newer gcc versions. bz #1355, patch + from Dmitry V. Levin, ok djm@ + - dtucker@cvs.openbsd.org 2007/12/31 15:27:04 + [sshd.c] + When in inetd mode, have sshd generate a Protocol 1 ephemeral server + key only for connections where the client chooses Protocol 1 as opposed + to when it's enabled in the server's config. Speeds up Protocol 2 + connections to inetd-mode servers that also allow Protocol 1. bz #440, + based on a patch from bruno at wolff.to, ok markus@ + - dtucker@cvs.openbsd.org 2008/01/01 08:47:04 + [misc.c] + spaces -> tabs from my previous commit + - dtucker@cvs.openbsd.org 2008/01/01 09:06:39 + [scp.c] + If scp -p encounters a pre-epoch timestamp, use the epoch which is + as close as we can get given that it's used unsigned. Add a little + debugging while there. bz #828, ok djm@ + - dtucker@cvs.openbsd.org 2008/01/01 09:27:33 + [sshd_config.5 servconf.c] + Allow PermitRootLogin in a Match block. Allows for, eg, permitting root + only from the local network. ok markus@, man page bit ok jmc@ + - dtucker@cvs.openbsd.org 2008/01/01 08:51:20 + [moduli] + Updated moduli file; ok djm@ + +20071231 + - (dtucker) [configure.ac openbsd-compat/glob.{c,h}] Bug #1407: force use of + builtin glob implementation on Mac OS X. Based on a patch from + vgiffin at apple. + +20071229 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2007/12/12 05:04:03 + [sftp.c] + unbreak lls command and add a regress test that would have caught the + breakage; spotted by mouring@ + - dtucker@cvs.openbsd.org 2007/12/27 14:22:08 + [servconf.c canohost.c misc.c channels.c sshconnect.c misc.h ssh-keyscan.c + sshd.c] + Add a small helper function to consistently handle the EAI_SYSTEM error + code of getaddrinfo. Prompted by vgiffin at apple com via bz #1417. + ok markus@ stevesk@ + - dtucker@cvs.openbsd.org 2007/12/28 15:32:24 + [clientloop.c serverloop.c packet.c] + Make SSH2_MSG_UNIMPLEMENTED and SSH2_MSG_IGNORE messages reset the + ServerAlive and ClientAlive timers. Prevents dropping a connection + when these are enabled but the peer does not support our keepalives. + bz #1307, ok djm@. + - dtucker@cvs.openbsd.org 2007/12/28 22:34:47 + [clientloop.c] + Use the correct packet maximum sizes for remote port and agent forwarding. + Prevents the server from killing the connection if too much data is queued + and an excessively large packet gets sent. bz #1360, ok djm@. + +20071202 + - (dtucker) [configure.ac] Enable -fstack-protector-all on systems where + gcc supports it. ok djm@ + - (dtucker) [scp.c] Update $OpenBSD tag missing from rev 1.175 and remove + leftover debug code. + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2007/10/29 00:52:45 + [auth2-gss.c] + Allow build without -DGSSAPI; ok deraadt@ + (Id sync only, Portable already has the ifdefs) + - dtucker@cvs.openbsd.org 2007/10/29 01:55:04 + [ssh.c] + Plug tiny mem leaks in ControlPath and ProxyCommand option processing; + ok djm@ + - dtucker@cvs.openbsd.org 2007/10/29 04:08:08 + [monitor_wrap.c monitor.c] + Send config block back to slave for invalid users too so options + set by a Match block (eg Banner) behave the same for non-existent + users. Found by and ok djm@ + - dtucker@cvs.openbsd.org 2007/10/29 06:51:59 + [ssh_config.5] + ProxyCommand and LocalCommand use the user's shell, not /bin/sh; ok djm@ + - dtucker@cvs.openbsd.org 2007/10/29 06:54:50 + [ssh.c] + Make LocalCommand work for Protocol 1 too; ok djm@ + - jmc@cvs.openbsd.org 2007/10/29 07:48:19 + [ssh_config.5] + clean up after previous macro removal; + - djm@cvs.openbsd.org 2007/11/03 00:36:14 + [clientloop.c] + fix memory leak in process_cmdline(), patch from Jan.Pechanec AT Sun.COM; + ok dtucker@ + - deraadt@cvs.openbsd.org 2007/11/03 01:24:06 + [ssh.c] + bz #1377: getpwuid results were being clobbered by another getpw* call + inside tilde_expand_filename(); save the data we need carefully + ok djm + - dtucker@cvs.openbsd.org 2007/11/03 02:00:32 + [ssh.c] + Use xstrdup/xfree when saving pwname and pwdir; ok deraadt@ + - deraadt@cvs.openbsd.org 2007/11/03 02:03:49 + [ssh.c] + avoid errno trashing in signal handler; ok dtucker + +20071030 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2007/10/29 23:49:41 + [openbsd-compat/sys-tree.h] + remove extra backslash at the end of RB_PROTOTYPE, report from + Jan.Pechanec AT Sun.COM; ok deraadt@ + +20071026 + - (djm) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2007/09/11 23:49:09 + [sshpty.c] + remove #if defined block not needed; ok markus@ dtucker@ + (NB. RCD ID sync only for portable) + - djm@cvs.openbsd.org 2007/09/21 03:05:23 + [ssh_config.5] + document KbdInteractiveAuthentication in ssh_config.5; + patch from dkg AT fifthhorseman.net + - djm@cvs.openbsd.org 2007/09/21 08:15:29 + [auth-bsdauth.c auth-passwd.c auth.c auth.h auth1.c auth2-chall.c] + [monitor.c monitor_wrap.c] + unifdef -DBSD_AUTH + unifdef -USKEY + These options have been in use for some years; + ok markus@ "no objection" millert@ + (NB. RCD ID sync only for portable) + - canacar@cvs.openbsd.org 2007/09/25 23:48:57 + [ssh-agent.c] + When adding a key that already exists, update the properties + (time, confirm, comment) instead of discarding them. ok djm@ markus@ + - ray@cvs.openbsd.org 2007/09/27 00:15:57 + [dh.c] + Don't return -1 on error in dh_pub_is_valid(), since it evaluates + to true. + Also fix a typo. + Initial diff from Matthew Dempsky, input from djm. + OK djm, markus. + - dtucker@cvs.openbsd.org 2007/09/29 00:25:51 + [auth2.c] + Remove unused prototype. ok djm@ + - chl@cvs.openbsd.org 2007/10/02 17:49:58 + [ssh-keygen.c] + handles zero-sized strings that fgets can return + properly removes trailing newline + removes an unused variable + correctly counts line number + "looks ok" ray@ markus@ + - markus@cvs.openbsd.org 2007/10/22 19:10:24 + [readconf.c] + make sure that both the local and remote port are correct when + parsing -L; Jan Pechanec (bz #1378) + - djm@cvs.openbsd.org 2007/10/24 03:30:02 + [sftp.c] + rework argument splitting and parsing to cope correctly with common + shell escapes and make handling of escaped characters consistent + with sh(1) and between sftp commands (especially between ones that + glob their arguments and ones that don't). + parse command flags using getopt(3) rather than hand-rolled parsers. + ok dtucker@ + - djm@cvs.openbsd.org 2007/10/24 03:44:02 + [scp.c] + factor out network read/write into an atomicio()-like function, and + use it to handle short reads, apply bandwidth limits and update + counters. make network IO non-blocking, so a small trickle of + reads/writes has a chance of updating the progress meter; bz #799 + ok dtucker@ + - djm@cvs.openbsd.org 2006/08/29 09:44:00 + [regress/sftp-cmds.sh] + clean up our mess + - markus@cvs.openbsd.org 2006/11/06 09:27:43 + [regress/cfgmatch.sh] + fix quoting for non-(c)sh login shells. + - dtucker@cvs.openbsd.org 2006/12/13 08:36:36 + [regress/cfgmatch.sh] + Additional test for multiple PermitOpen entries. ok djm@ + - pvalchev@cvs.openbsd.org 2007/06/07 19:41:46 + [regress/cipher-speed.sh regress/try-ciphers.sh] + test umac-64@openssh.com + ok djm@ + - djm@cvs.openbsd.org 2007/10/24 03:32:35 + [regress/sftp-cmds.sh regress/sftp-glob.sh regress/test-exec.sh] + comprehensive tests for sftp escaping its interaction with globbing; + ok dtucker@ + - djm@cvs.openbsd.org 2007/10/26 05:30:01 + [regress/sftp-glob.sh regress/test-exec.sh] + remove "echo -E" crap that I added in last commit and use printf(1) for + cases where we strictly require echo not to reprocess escape characters. + - deraadt@cvs.openbsd.org 2005/11/28 17:50:12 + [openbsd-compat/glob.c] + unused arg in internal static API + - jakob@cvs.openbsd.org 2007/10/11 18:36:41 + [openbsd-compat/getrrsetbyname.c openbsd-compat/getrrsetbyname.h] + use RRSIG instead of SIG for DNSSEC. ok djm@ + - otto@cvs.openbsd.org 2006/10/21 09:55:03 + [openbsd-compat/base64.c] + remove calls to abort(3) that can't happen anyway; from + <bret dot lambert at gmail.com>; ok millert@ deraadt@ + - frantzen@cvs.openbsd.org 2004/04/24 18:11:46 + [openbsd-compat/sys-tree.h] + sync to Niels Provos' version. avoid unused variable warning in + RB_NEXT() + - tdeval@cvs.openbsd.org 2004/11/24 18:10:42 + [openbsd-compat/sys-tree.h] + typo + - grange@cvs.openbsd.org 2004/05/04 16:59:32 + [openbsd-compat/sys-queue.h] + Remove useless ``elm'' argument from the SIMPLEQ_REMOVE_HEAD macro. + This matches our SLIST behaviour and NetBSD's SIMPLEQ as well. + ok millert krw deraadt + - deraadt@cvs.openbsd.org 2005/02/25 13:29:30 + [openbsd-compat/sys-queue.h] + minor white spacing + - otto@cvs.openbsd.org 2005/10/17 20:19:42 + [openbsd-compat/sys-queue.h] + Performing certain operations on queue.h data structurs produced + funny results. An example is calling LIST_REMOVE on the same + element twice. This will not fail, but result in a data structure + referencing who knows what. Prevent these accidents by NULLing some + fields on remove and replace. This way, either a panic or segfault + will be produced on the faulty operation. + - otto@cvs.openbsd.org 2005/10/24 20:25:14 + [openbsd-compat/sys-queue.h] + Partly backout. NOLIST, used in LISTs is probably interfering. + requested by deraadt@ + - otto@cvs.openbsd.org 2005/10/25 06:37:47 + [openbsd-compat/sys-queue.h] + Some uvm problem is being exposed with the more strict macros. + Revert until we've found out what's causing the panics. + - otto@cvs.openbsd.org 2005/11/25 08:06:25 + [openbsd-compat/sys-queue.h] + Introduce debugging aid for queue macros. Disabled by default; but + developers are encouraged to run with this enabled. + ok krw@ fgsch@ deraadt@ + - otto@cvs.openbsd.org 2007/04/30 18:42:34 + [openbsd-compat/sys-queue.h] + Enable QUEUE_MACRO_DEBUG on DIAGNOSTIC kernels. + Input and okays from krw@, millert@, otto@, deraadt@, miod@. + - millert@cvs.openbsd.org 2004/10/07 16:56:11 + GLOB_NOESCAPE is POSIX so move it out of the #ifndef _POSIX_SOURCE + block. + (NB. mostly an RCS ID sync, as portable strips out the conditionals) + - (djm) [regress/sftp-cmds.sh] + Use more restrictive glob to pick up test files from /bin - some platforms + ship broken symlinks there which could spoil the test. + - (djm) [openbsd-compat/bindresvport.c] + Sync RCS ID after irrelevant (for portable OpenSSH) header shuffling + +20070927 + - (dtucker) [configure.ac atomicio.c] Fall back to including <sys/poll.h> if + we don't have <poll.h> (eq QNX). From bacon at cs nyu edu. + - (dtucker) [configure.ac defines.h] Shadow expiry does not work on QNX6 + so disable it for that platform. From bacon at cs nyu edu. + +20070921 + - (djm) [atomicio.c] Fix spin avoidance for platforms that define + EWOULDBLOCK; patch from ben AT psc.edu + +20070917 + - (djm) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2007/08/23 02:49:43 + [auth-passwd.c auth.c session.c] + unifdef HAVE_LOGIN_CAP; ok deraadt@ millert@ + NB. RCS ID sync only for portable + - djm@cvs.openbsd.org 2007/08/23 02:55:51 + [auth-passwd.c auth.c session.c] + missed include bits from last commit + NB. RCS ID sync only for portable + - djm@cvs.openbsd.org 2007/08/23 03:06:10 + [auth.h] + login_cap.h doesn't belong here + NB. RCS ID sync only for portable + - djm@cvs.openbsd.org 2007/08/23 03:22:16 + [auth2-none.c sshd_config sshd_config.5] + Support "Banner=none" to disable displaying of the pre-login banner; + ok dtucker@ deraadt@ + - djm@cvs.openbsd.org 2007/08/23 03:23:26 + [sshconnect.c] + Execute ProxyCommands with $SHELL rather than /bin/sh unconditionally + - djm@cvs.openbsd.org 2007/09/04 03:21:03 + [clientloop.c monitor.c monitor_fdpass.c monitor_fdpass.h] + [monitor_wrap.c ssh.c] + make file descriptor passing code return an error rather than call fatal() + when it encounters problems, and use this to make session multiplexing + masters survive slaves failing to pass all stdio FDs; ok markus@ + - djm@cvs.openbsd.org 2007/09/04 11:15:56 + [ssh.c sshconnect.c sshconnect.h] + make ssh(1)'s ConnectTimeout option apply to both the TCP connection and + SSH banner exchange (previously it just covered the TCP connection). + This allows callers of ssh(1) to better detect and deal with stuck servers + that accept a TCP connection but don't progress the protocol, and also + makes ConnectTimeout useful for connections via a ProxyCommand; + feedback and "looks ok" markus@ + - sobrado@cvs.openbsd.org 2007/09/09 11:38:01 + [ssh-add.c ssh-agent.1 ssh-agent.c ssh-keygen.c] + sort synopsis and options in ssh-agent(1); usage is lowercase + ok jmc@ + - stevesk@cvs.openbsd.org 2007/09/11 04:36:29 + [sshpty.c] + sort #include + NB. RCS ID sync only + - gilles@cvs.openbsd.org 2007/09/11 15:47:17 + [session.c ssh-keygen.c sshlogin.c] + use strcspn to properly overwrite '\n' in fgets returned buffer + ok pyr@, ray@, millert@, moritz@, chl@ + - stevesk@cvs.openbsd.org 2007/09/11 23:49:09 + [sshpty.c] + remove #if defined block not needed; ok markus@ dtucker@ + NB. RCS ID sync only + - stevesk@cvs.openbsd.org 2007/09/12 19:39:19 + [umac.c] + use xmalloc() and xfree(); ok markus@ pvalchev@ + - djm@cvs.openbsd.org 2007/09/13 04:39:04 + [sftp-server.c] + fix incorrect test when setting syslog facility; from Jan Pechanec + - djm@cvs.openbsd.org 2007/09/16 00:55:52 + [sftp-client.c] + use off_t instead of u_int64_t for file offsets, matching what the + progressmeter code expects; bz #842 + - (tim) [defines.h] Fix regression in long password support on OpenServer 6. + Problem report and additional testing rac AT tenzing.org. + +20070914 + - (dtucker) [openbsd-compat/bsd-asprintf.c] Plug mem leak in error path. + Patch from Jan.Pechanec at sun com. + +20070910 + - (dtucker) [openbsd-compat/regress/closefromtest.c] Bug #1358: Always + return 0 on successful test. From David.Leonard at quest com. + - (tim) [configure.ac] Autoconf didn't define HAVE_LIBIAF because we + did a AC_CHECK_FUNCS within the AC_CHECK_LIB test. + +20070817 + - (dtucker) [sshd.8] Many Linux variants use a single "!" to denote locked + accounts and that's what the code looks for, so make man page and code + agree. Pointed out by Roumen Petrov. + - (dtucker) [INSTALL] Group the parts describing random options and PAM + implementations together which is hopefully more coherent. + - (dtucker) [INSTALL] the pid file is sshd.pid not ssh.pid. + - (dtucker) [INSTALL] Give PAM its own heading. + - (dtucker) [INSTALL] Link to tcpwrappers. + +20070816 + - (dtucker) [session.c] Call PAM cleanup functions for unauthenticated + connections too. Based on a patch from Sandro Wefel, with & ok djm@ + +20070815 + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2007/08/15 08:14:46 + [clientloop.c] + do NOT fall back to the trused x11 cookie if generation of an untrusted + cookie fails; from Jan Pechanec, via security-alert at sun.com; + ok dtucker + - markus@cvs.openbsd.org 2007/08/15 08:16:49 + [version.h] + openssh 4.7 + - stevesk@cvs.openbsd.org 2007/08/15 12:13:41 + [ssh_config.5] + tun device forwarding now honours ExitOnForwardFailure; ok markus@ + - (dtucker) [openbsd-compat/bsd-cray.c] Remove debug from signal handler. + ok djm@ + - (dtucker) [README contrib/caldera/openssh.spec contrib/redhat/openssh.spec + contrib/suse/openssh.spec] Crank version. + +20070813 + - (dtucker) [session.c] Bug #1339: ensure that pam_setcred() is always + called with PAM_ESTABLISH_CRED at least once, which resolves a problem + with pam_dhkeys. Patch from David Leonard, ok djm@ + +20070810 + - (dtucker) [auth-pam.c] Use sigdie here too. ok djm@ + - (dtucker) [configure.ac] Bug #1343: Set DISABLE_FD_PASSING for QNX6. From + Matt Kraai, ok djm@ + +20070809 + - (dtucker) [openbsd-compat/port-aix.c] Comment typo. + - (dtucker) [README.platform] Document the interaction between PermitRootLogin + and the AIX native login restrictions. + - (dtucker) [defines.h] Remove _PATH_{CSHELL,SHELLS} which aren't + used anywhere and are a potential source of warnings. + +20070808 + - (djm) OpenBSD CVS Sync + - ray@cvs.openbsd.org 2007/07/12 05:48:05 + [key.c] + Delint: remove some unreachable statements, from Bret Lambert. + OK markus@ and dtucker@. + - sobrado@cvs.openbsd.org 2007/08/06 19:16:06 + [scp.1 scp.c] + the ellipsis is not an optional argument; while here, sync the usage + and synopsis of commands + lots of good ideas by jmc@ + ok jmc@ + - djm@cvs.openbsd.org 2007/08/07 07:32:53 + [clientloop.c clientloop.h ssh.c] + bz#1232: ensure that any specified LocalCommand is executed after the + tunnel device is opened. Also, make failures to open a tunnel device + fatal when ExitOnForwardFailure is active. + Reported by h.goebel AT goebel-consult.de; ok dtucker markus reyk deraadt + +20070724 + - (tim) [openssh.xml.in] make FMRI match what package scripts use. + - (tim) [openbsd-compat/regress/closefromtest.c] Bug 1345: fix open() call. + Report/patch by David.Leonard AT quest.com (and Bernhard Simon) + - (tim) [buildpkg.sh.in openssh.xml.in] Allow more flexibility where smf(5) + - (tim) [buildpkg.sh.in] s|$FAKE_ROOT/${sysconfdir}|$FAKE_ROOT${sysconfdir}| + +20070628 + - (djm) bz#1325: Fix SELinux in permissive mode where it would + incorrectly fatal() on errors. patch from cjwatson AT debian.org; + ok dtucker + +20070625 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2007/06/13 00:21:27 + [scp.c] + don't ftruncate() non-regular files; bz#1236 reported by wood AT + xmission.com; ok dtucker@ + - djm@cvs.openbsd.org 2007/06/14 21:43:25 + [ssh.c] + handle EINTR when waiting for mux exit status properly + - djm@cvs.openbsd.org 2007/06/14 22:48:05 + [ssh.c] + when waiting for the multiplex exit status, read until the master end + writes an entire int of data *and* closes the client_fd; fixes mux + regression spotted by dtucker, ok dtucker@ + - djm@cvs.openbsd.org 2007/06/19 02:04:43 + [atomicio.c] + if the fd passed to atomicio/atomiciov() is non blocking, then poll() to + avoid a spin if it is not yet ready for reading/writing; ok dtucker@ + - dtucker@cvs.openbsd.org 2007/06/25 08:20:03 + [channels.c] + Correct test for window updates every three packets; prevents sending + window updates for every single packet. ok markus@ + - dtucker@cvs.openbsd.org 2007/06/25 12:02:27 + [atomicio.c] + Include <poll.h> like the man page says rather than <sys/poll.h>. ok djm@ + - (dtucker) [atomicio.c] Test for EWOULDBLOCK in atomiciov to match + atomicio. + - (dtucker) [atomicio.c configure.ac openbsd-compat/Makefile.in + openbsd-compat/bsd-poll.{c,h} openbsd-compat/openbsd-compat.h] + Add an implementation of poll() built on top of select(2). Code from + OpenNTPD with changes suggested by djm. ok djm@ + +20070614 + - (dtucker) [cipher-ctr.c umac.c openbsd-compat/openssl-compat.h] Move the + USE_BUILTIN_RIJNDAEL compat goop to openssl-compat.h so it can be + shared with umac.c. Allows building with OpenSSL 0.9.5 again including + umac support. With tim@ djm@, ok djm. + - (dtucker) [openbsd-compat/openssl-compat.h] Merge USE_BUILTIN_RIJNDAEL + sections. Fixes builds with early OpenSSL 0.9.6 versions. + - (dtucker) [openbsd-compat/openssl-compat.h] Remove redundant definition + of USE_BUILTIN_RIJNDAEL since the <0.9.6 test is covered by the + subsequent <0.9.7 test. + +20070612 + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2007/06/11 09:14:00 + [channels.h] + increase default channel windows; ok djm + - djm@cvs.openbsd.org 2007/06/12 07:41:00 + [ssh-add.1] + better document ssh-add's -d option (delete identies from agent), bz#1224 + new text based on some provided by andrewmc-debian AT celt.dias.ie; + ok dtucker@ + - djm@cvs.openbsd.org 2007/06/12 08:20:00 + [ssh-gss.h gss-serv.c gss-genr.c] + relocate server-only GSSAPI code from libssh to server; bz #1225 + patch from simon AT sxw.org.uk; ok markus@ dtucker@ + - djm@cvs.openbsd.org 2007/06/12 08:24:20 + [scp.c] + make scp try to skip FIFOs rather than blocking when nothing is listening. + depends on the platform supporting sane O_NONBLOCK semantics for open + on FIFOs (apparently POSIX does not mandate this), which OpenBSD does. + bz #856; report by cjwatson AT debian.org; ok markus@ + - djm@cvs.openbsd.org 2007/06/12 11:11:08 + [ssh.c] + fix slave exit value when a control master goes away without passing the + full exit status by ensuring that the slave reads a full int. bz#1261 + reported by frekko AT gmail.com; ok markus@ dtucker@ + - djm@cvs.openbsd.org 2007/06/12 11:15:17 + [ssh.c ssh.1] + Add "-K" flag for ssh to set GSSAPIAuthentication=yes and + GSSAPIDelegateCredentials=yes. This is symmetric with -k (disable GSSAPI) + and is useful for hosts with /home on Kerberised NFS; bz #1312 + patch from Markus.Kuhn AT cl.cam.ac.uk; ok dtucker@ markus@ + - djm@cvs.openbsd.org 2007/06/12 11:45:27 + [ssh.c] + improved exit message from multiplex slave sessions; bz #1262 + reported by alexandre.nunes AT gmail.com; ok dtucker@ + - dtucker@cvs.openbsd.org 2007/06/12 11:56:15 + [gss-genr.c] + Pass GSS OID to gss_display_status to provide better information in + error messages. Patch from Simon Wilkinson via bz 1220. ok djm@ + - jmc@cvs.openbsd.org 2007/06/12 13:41:03 + [ssh-add.1] + identies -> identities; + - jmc@cvs.openbsd.org 2007/06/12 13:43:55 + [ssh.1] + add -K to SYNOPSIS; + - dtucker@cvs.openbsd.org 2007/06/12 13:54:28 + [scp.c] + Encode filename with strnvis if the name contains a newline (which can't + be represented in the scp protocol), from bz #891. ok markus@ + +20070611 + - (djm) Bugzilla #1306: silence spurious error messages from hang-on-exit + fix; tested by dtucker@ and jochen.kirn AT gmail.com + - pvalchev@cvs.openbsd.org 2007/06/07 19:37:34 + [kex.h mac.c mac.h monitor_wrap.c myproposal.h packet.c ssh.1] + [ssh_config.5 sshd.8 sshd_config.5] + Add a new MAC algorithm for data integrity, UMAC-64 (not default yet, + must specify umac-64@openssh.com). Provides about 20% end-to-end speedup + compared to hmac-md5. Represents a different approach to message + authentication to that of HMAC that may be beneficial if HMAC based on + one of its underlying hash algorithms is found to be vulnerable to a + new attack. http://www.ietf.org/rfc/rfc4418.txt + in conjunction with and OK djm@ + - pvalchev@cvs.openbsd.org 2007/06/08 04:40:40 + [ssh_config] + Add a "MACs" line after "Ciphers" with the default MAC algorithms, + to ease people who want to tweak both (eg. for performance reasons). + ok deraadt@ djm@ dtucker@ + - jmc@cvs.openbsd.org 2007/06/08 07:43:46 + [ssh_config.5] + put the MAC list into a display, like we do for ciphers, + since groff has trouble handling wide lines; + - jmc@cvs.openbsd.org 2007/06/08 07:48:09 + [sshd_config.5] + oops, here too: put the MAC list into a display, like we do for + ciphers, since groff has trouble with wide lines; + - markus@cvs.openbsd.org 2007/06/11 08:04:44 + [channels.c] + send 'window adjust' messages every tree packets and do not wait + until 50% of the window is consumed. ok djm dtucker + - (djm) [configure.ac umac.c] If platform doesn't provide swap32(3), then + fallback to provided bit-swizzing functions + - (dtucker) [openbsd-compat/bsd-misc.c] According to the spec the "remainder" + argument to nanosleep may be NULL. Currently this never happens in OpenSSH, + but check anyway in case this changes or the code gets used elsewhere. + - (dtucker) [includes.h] Bug #1243: HAVE_PATHS -> HAVE_PATHS_H. Should + prevent warnings about redefinitions of various things in paths.h. + Spotted by cartmanltd at hotmail.com. + +20070605 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2007/05/22 10:18:52 + [sshd.c] + zap double include; from p_nowaczyk AT o2.pl + (not required in -portable, Id sync only) + - djm@cvs.openbsd.org 2007/05/30 05:58:13 + [kex.c] + tidy: KNF, ARGSUSED and u_int + - jmc@cvs.openbsd.org 2007/05/31 19:20:16 + [scp.1 ssh_config.5 sftp-server.8 ssh-agent.1 sshd_config.5 sftp.1 + ssh-keygen.1 ssh-keyscan.1 ssh-add.1 sshd.8 ssh.1 ssh-keysign.8] + convert to new .Dd format; + (We will need to teach mdoc2man.awk to understand this too.) + - djm@cvs.openbsd.org 2007/05/31 23:34:29 + [packet.c] + gc unreachable code; spotted by Tavis Ormandy + - djm@cvs.openbsd.org 2007/06/02 09:04:58 + [bufbn.c] + memory leak on error path; from arnaud.lacombe.1 AT ulaval.ca + - djm@cvs.openbsd.org 2007/06/05 06:52:37 + [kex.c monitor_wrap.c packet.c mac.h kex.h mac.c] + Preserve MAC ctx between packets, saving 2xhash calls per-packet. + Yields around a 12-16% end-to-end speedup for arcfour256/hmac-md5 + patch from markus@ tested dtucker@ and myself, ok markus@ and me (I'm + committing at his request) + - (dtucker) [mdoc2man.awk] Teach it to deal with $Mdocdate tags that + OpenBSD's cvs now adds. + - (dtucker) [mdoc2man.awk] Remove trailing "$" from Mdocdate regex so + mindrot's cvs doesn't expand it on us. + - (dtucker) [mdoc2man.awk] Add support for %R references, used for RFCs. + +20070520 + - (dtucker) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2007/04/14 22:01:58 + [auth2.c] + remove unused macro; from Dmitry V. Levin <ldv@altlinux.org> + - stevesk@cvs.openbsd.org 2007/04/18 01:12:43 + [sftp-server.c] + cast "%llu" format spec to (unsigned long long); do not assume a + u_int64_t arg is the same as 'unsigned long long'. + from Dmitry V. Levin <ldv@altlinux.org> + ok markus@ 'Yes, that looks correct' millert@ + - dtucker@cvs.openbsd.org 2007/04/23 10:15:39 + [servconf.c] + Remove debug() left over from development. ok deraadt@ + - djm@cvs.openbsd.org 2007/05/17 07:50:31 + [log.c] + save and restore errno when logging; ok deraadt@ + - djm@cvs.openbsd.org 2007/05/17 07:55:29 + [sftp-server.c] + bz#1286 stop reading and processing commands when input or output buffer + is nearly full, otherwise sftp-server would happily try to grow the + input/output buffers past the maximum supported by the buffer API and + promptly fatal() + based on patch from Thue Janus Kristensen; feedback & ok dtucker@ + - djm@cvs.openbsd.org 2007/05/17 20:48:13 + [sshconnect2.c] + fall back to gethostname() when the outgoing connection is not + on a socket, such as is the case when ProxyCommand is used. + Gives hostbased auth an opportunity to work; bz#616, report + and feedback stuart AT kaloram.com; ok markus@ + - djm@cvs.openbsd.org 2007/05/17 20:52:13 + [monitor.c] + pass received SIGINT from monitor to postauth child so it can clean + up properly. bz#1196, patch from senthilkumar_sen AT hotpop.com; + ok markus@ + - jolan@cvs.openbsd.org 2007/05/17 23:53:41 + [sshconnect2.c] + djm owes me a vb and a tism cd for breaking ssh compilation + - (dtucker) [auth-pam.c] malloc+memset -> calloc. Patch from + ldv at altlinux.org. + - (dtucker) [auth-pam.c] Return empty string if fgets fails in + sshpam_tty_conv. Patch from ldv at altlinux.org. + +20070509 + - (tim) [configure.ac] Bug #1287: Add missing test for ucred.h. + +20070429 + - (dtucker) [openbsd-compat/bsd-misc.c] Include unistd.h and sys/types.h + for select(2) prototype. + - (dtucker) [auth-shadow.c loginrec.c] Include time.h for time(2) prototype. + - (dtucker) [configure.ac openbsd-compat/getrrsetbyname.c] Bug #1299: Use the + platform's _res if it has one. Should fix problem of DNSSEC record lookups + on NetBSD as reported by Curt Sampson. + - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype. + - (dtucker) [configure.ac defines.h] Have configure check for MAXSYMLINKS + so we don't get redefinition warnings. + - (dtucker) [openbsd-compat/xmmap.c] Include stdlib.h for mkstemp prototype. + - (dtucker) [configure.ac defines.h] Prevent warnings about __attribute__ + __nonnull__ for versions of GCC that don't support it. + - (dtucker) [configure.ac defines.h] Have configure check for offsetof + to prevent redefinition warnings. + +20070406 + - (dtucker) [INSTALL] Update the systems that have PAM as standard. Link + to OpenPAM too. + - (dtucker) [INSTALL] prngd lives at sourceforge these days. + +20070326 + - (tim) [auth.c configure.ac defines.h session.c openbsd-compat/port-uw.c + openbsd-compat/port-uw.h openbsd-compat/xcrypt.c] Rework libiaf test/defines + to account for IRIX having libiaf but not set_id(). Patch with & ok dtucker@ + +20070325 + - (dtucker) [Makefile.in configure.ac] Replace single-purpose LIBSELINUX, + LIBWRAP and LIBPAM variables in Makefile with the general-purpose + SSHDLIBS. "I like" djm@ + +20070321 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2007/03/09 05:20:06 + [servconf.c sshd.c] + Move C/R -> kbdint special case to after the defaults have been + loaded, which makes ChallengeResponse default to yes again. This + was broken by the Match changes and not fixed properly subsequently. + Found by okan at demirmen.com, ok djm@ "please do it" deraadt@ + - djm@cvs.openbsd.org 2007/03/19 01:01:29 + [sshd_config] + Disable the legacy SSH protocol 1 for new installations via + a configuration override. In the future, we will change the + server's default itself so users who need the legacy protocol + will need to turn it on explicitly + - dtucker@cvs.openbsd.org 2007/03/19 12:16:42 + [ssh-agent.c] + Remove the signal handler that checks if the agent's parent process + has gone away, instead check when the select loop returns. Record when + the next key will expire when scanning for expired keys. Set the select + timeout to whichever of these two things happens next. With djm@, with & + ok deraadt@ markus@ + - tedu@cvs.openbsd.org 2007/03/20 03:56:12 + [readconf.c clientloop.c] + remove some bogus *p tests from charles longeau + ok deraadt millert + - jmc@cvs.openbsd.org 2007/03/20 15:57:15 + [sshd.8] + - let synopsis and description agree for -f + - sort FILES + - +.Xr ssh-keyscan 1 , + from Igor Sobrado + - (dtucker) [configure.ac openbsd-compat/bsd-getpeereid.c] Bug #1287: Use + getpeerucred to implement getpeereid (currently only Solaris 10 and up). + Patch by Jan.Pechanec at Sun. + - (dtucker) [regress/agent-getpeereid.sh] Do peereid test if we have + HAVE_GETPEERUCRED too. Also from Jan Pechanec. + +20070313 + - (dtucker) [entropy.c scard-opensc.c ssh-rand-helper.c] Bug #1294: include + string.h to prevent warnings, from vapier at gentoo.org. + - (dtucker) [LICENCE] Add Daniel Walsh as a copyright holder for the + selinux bits in -portable. + - (dtucker) [cipher-3des1.c cipher-bf1.c] The OpenSSL 0.9.8e problem in + bug #1291 also affects Protocol 1 3des. While at it, use compat-openssl.h + in cipher-bf1.c. Patch from Juan Gallego. + - (dtucker) [README.platform] Info about blibpath on AIX. + +20070306 + - (djm) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2007/03/01 16:19:33 + [sshd_config.5] + sort the `match' keywords; + - djm@cvs.openbsd.org 2007/03/06 10:13:14 + [version.h] + openssh-4.6; "please" deraadt@ + - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] + [contrib/suse/openssh.spec] crank spec files for release + - (djm) [README] correct link to release notes + - (djm) Release 4.6p1 + +20070304 + - (djm) [configure.ac] add a --without-openssl-header-check option to + configure, as some platforms (OS X) ship OpenSSL headers whose version + does not match that of the shipping library. ok dtucker@ + - (dtucker) [openbsd-compat/openssl-compat.h] Bug #1291: Work around a + bug in OpenSSL 0.9.8e that prevents aes256-ctr, aes192-ctr and arcfour256 + ciphers from working correctly (disconnects with "Bad packet length" + errors) as found by Ben Harris. ok djm@ + +20070303 + - (dtucker) [regress/agent-ptrace.sh] Make ttrace gdb error a little more + general to cover newer gdb versions on HP-UX. + +20070302 + - (dtucker) [configure.ac] For Cygwin, read files in textmode (which allows + CRLF as well as LF lineendings) and write in binary mode. Patch from + vinschen at redhat.com. + - (dtucker) [INSTALL] Update to autoconf-2.61. + +20070301 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2007/03/01 10:28:02 + [auth2.c sshd_config.5 servconf.c] + Remove ChallengeResponseAuthentication support inside a Match + block as its interaction with KbdInteractive makes it difficult to + support. Also, relocate the CR/kbdint option special-case code into + servconf. "please commit" djm@, ok markus@ for the relocation. + - (tim) [buildpkg.sh.in openssh.xml.in] Clean up Solaris 10 smf(5) bits. + "Looks sane" dtucker@ + +20070228 + - (dtucker) OpenBSD CVS Sync + - dtucker@cvs.openbsd.org 2007/02/28 00:55:30 + [ssh-agent.c] + Remove expired keys periodically so they don't remain in memory when + the agent is entirely idle, as noted by David R. Piegdon. This is the + simple fix, a more efficient one will be done later. With markus, + deraadt, with & ok djm. + +20070225 + - (dtucker) OpenBSD CVS Sync + - djm@cvs.openbsd.org 2007/02/20 10:25:14 + [clientloop.c] + set maximum packet and window sizes the same for multiplexed clients + as normal connections; ok markus@ + - dtucker@cvs.openbsd.org 2007/02/21 11:00:05 + [sshd.c] + Clear alarm() before restarting sshd on SIGHUP. Without this, if there's + a SIGALRM pending (for SSH1 key regeneration) when sshd is SIGHUP'ed, the + newly exec'ed sshd will get the SIGALRM and not have a handler for it, + and the default action will terminate the listening sshd. Analysis and + patch from andrew at gaul.org. + - dtucker@cvs.openbsd.org 2007/02/22 12:58:40 + [servconf.c] + Check activep so Match and GatewayPorts work together; ok markus@ + - ray@cvs.openbsd.org 2007/02/24 03:30:11 + [moduli.c] + - strlen returns size_t, not int. + - Pass full buffer size to fgets. + OK djm@, millert@, and moritz@. + +20070219 + - (dtucker) OpenBSD CVS Sync + - jmc@cvs.openbsd.org 2007/01/10 13:23:22 + [ssh_config.5] + do not use a list for SYNOPSIS; + this is actually part of a larger report sent by eric s. raymond + and forwarded by brad, but i only read half of it. spotted by brad. + - jmc@cvs.openbsd.org 2007/01/12 20:20:41 + [ssh-keygen.1 ssh-keygen.c] + more secsh -> rfc 4716 updates; + spotted by wiz@netbsd + ok markus + - dtucker@cvs.openbsd.org 2007/01/17 23:22:52 + [readconf.c] + Honour activep for times (eg ServerAliveInterval) while parsing + ssh_config and ~/.ssh/config so they work properly with Host directives. + From mario.lorenz@wincor-nixdorf.com via bz #1275. ok markus@ + - stevesk@cvs.openbsd.org 2007/01/21 01:41:54 + [auth-skey.c kex.c ssh-keygen.c session.c clientloop.c] + spaces + - stevesk@cvs.openbsd.org 2007/01/21 01:45:35 + [readconf.c] + spaces + - djm@cvs.openbsd.org 2007/01/22 11:32:50 + [sftp-client.c] + return error from do_upload() when a write fails. fixes bz#1252: zero + exit status from sftp when uploading to a full device. report from + jirkat AT atlas.cz; ok dtucker@ + - djm@cvs.openbsd.org 2007/01/22 13:06:21 + [scp.c] + fix detection of whether we should show progress meter or not: scp + tested isatty(stderr) but wrote the progress meter to stdout. This patch + makes it test stdout. bz#1265 reported by junkmail AT bitsculpture.com; + of dtucker@ + - stevesk@cvs.openbsd.org 2007/02/14 14:32:00 + [bufbn.c] + typos in comments; ok jmc@ + - dtucker@cvs.openbsd.org 2007/02/19 10:45:58 + [monitor_wrap.c servconf.c servconf.h monitor.c sshd_config.5] + Teach Match how handle config directives that are used before + authentication. This allows configurations such as permitting password + authentication from the local net only while requiring pubkey from + offsite. ok djm@, man page bits ok jmc@ + - (dtucker) [contrib/findssl.sh] Add "which" as a shell function since some + platforms don't have it. Patch from dleonard at vintela.com. + - (dtucker) [openbsd-compat/getrrsetbyname.c] Don't attempt to calloc + an array for signatures when there are none since "calloc(0, n) returns + NULL on some platforms (eg Tru64), which is explicitly permitted by + POSIX. Diagnosis and patch by svallet genoscope.cns.fr. + +20070128 + - (djm) [channels.c serverloop.c] Fix so-called "hang on exit" (bz #52) + when closing a tty session when a background process still holds tty + fds open. Great detective work and patch by Marc Aurele La France, + slightly tweaked by me; ok dtucker@ + +20070123 + - (dtucker) [openbsd-compat/bsd-snprintf.c] Static declarations for public + library interfaces aren't very helpful. Fix up the DOPR_OUTCH macro + so it works properly and modify its callers so that they don't pre or + post decrement arguments that are conditionally evaluated. While there, + put SNPRINTF_CONST back as it prevents build failures in some + configurations. ok djm@ (for most of it) + +20070122 + - (djm) [ssh-rand-helper.8] manpage nits; + from dleonard AT vintela.com (bz#1529) + +20070117 + - (dtucker) [packet.c] Re-remove in_systm.h since it's already in includes.h + and multiple including it causes problems on old IRIXes. (It snuck back + in during a sync.) Found (again) by Georg Schwarz. + +20070114 + - (dtucker) [ssh-keygen.c] av -> argv to match earlier sync. + - (djm) [openbsd-compat/bsd-snprintf.c] Fix integer overflow in return + value of snprintf replacement, similar to bugs in various libc + implementations. This overflow is not exploitable in OpenSSH. + While I'm fiddling with it, make it a fair bit faster by inlining the + append-char routine; ok dtucker@ + +20070105 + - (djm) OpenBSD CVS Sync + - deraadt@cvs.openbsd.org 2006/11/14 19:41:04 + [ssh-keygen.c] + use argc and argv not some made up short form + - ray@cvs.openbsd.org 2006/11/23 01:35:11 + [misc.c sftp.c] + Don't access buf[strlen(buf) - 1] for zero-length strings. + ``ok by me'' djm@. + - markus@cvs.openbsd.org 2006/12/11 21:25:46 + [ssh-keygen.1 ssh.1] + add rfc 4716 (public key format); ok jmc + - djm@cvs.openbsd.org 2006/12/12 03:58:42 + [channels.c compat.c compat.h] + bz #1019: some ssh.com versions apparently can't cope with the + remote port forwarding bind_address being a hostname, so send + them an address for cases where they are not explicitly + specified (wildcard or localhost bind). reported by daveroth AT + acm.org; ok dtucker@ deraadt@ + - dtucker@cvs.openbsd.org 2006/12/13 08:34:39 + [servconf.c] + Make PermitOpen work with multiple values like the man pages says. + bz #1267 with details from peter at dmtz.com, with & ok djm@ + - dtucker@cvs.openbsd.org 2006/12/14 10:01:14 + [servconf.c] + Make "PermitOpen all" first-match within a block to match the way other + options work. ok markus@ djm@ + - jmc@cvs.openbsd.org 2007/01/02 09:57:25 + [sshd_config.5] + do not use lists for SYNOPSIS; + from eric s. raymond via brad + - stevesk@cvs.openbsd.org 2007/01/03 00:53:38 + [ssh-keygen.c] + remove small dead code; arnaud.lacombe.1@ulaval.ca via Coverity scan + - stevesk@cvs.openbsd.org 2007/01/03 03:01:40 + [auth2-chall.c channels.c dns.c sftp.c ssh-keygen.c ssh.c] + spaces + - stevesk@cvs.openbsd.org 2007/01/03 04:09:15 + [sftp.c] + ARGSUSED for lint + - stevesk@cvs.openbsd.org 2007/01/03 07:22:36 + [sftp-server.c] + spaces + +20061205 + - (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would + occur if the server did not have the privsep user and an invalid user + tried to login and both privsep and krb5 auth are disabled; ok dtucker@ + - (djm) [bsd-asprintf.c] Better test for bad vsnprintf lengths; ok dtucker@ + +20061108 + - (dtucker) OpenBSD CVS Sync + - markus@cvs.openbsd.org 2006/11/07 13:02:07 + [dh.c] + BN_hex2bn returns int; from dtucker@ + 20061107 - (dtucker) [sshd.c] Use privsep_pw if we have it, but only require it if we absolutely need it. Pointed out by Corinna, ok djm@ @@ -13,7 +2118,6 @@ dtucker@ - (dtucker) [README contrib/{caldera,redhat,contrib}/openssh.spec] Bump versions. - - (dtucker) [dh.c] Type fix for BN_hex2bn; ok markus@ - (dtucker) Release 4.5p1. 20061105 @@ -2606,4 +4710,4 @@ OpenServer 6 and add osr5bigcrypt support so when someone migrates passwords between UnixWare and OpenServer they will still work. OK dtucker@ -$Id: ChangeLog,v 1.4588.2.1 2006/11/07 13:02:59 dtucker Exp $ +$Id: ChangeLog,v 1.5095 2008/07/21 08:22:25 djm Exp $ |